From 63d188175accea83305e89fafa011136ff3d96ad Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Tue, 27 Oct 2015 01:44:45 +0000
Subject: [PATCH] upstream commit

log certificate serial in verbose() messages to match the
 main auth success/fail message; ok dtucker@

Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
---
 auth2-pubkey.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 5aa319ccc..b1b5b747b 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.54 2015/10/27 01:44:45 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -796,8 +796,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
 				free(fp);
 				continue;
 			}
-			verbose("Accepted certificate ID \"%s\" "
+			verbose("Accepted certificate ID \"%s\" (serial %llu) "
 			    "signed by %s CA %s via %s", key->cert->key_id,
+			    (unsigned long long)key->cert->serial,
 			    key_type(found), fp, file);
 			free(fp);
 			found_key = 1;
@@ -875,8 +876,10 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
 	if (auth_cert_options(key, pw) != 0)
 		goto out;
 
-	verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s",
-	    key->cert->key_id, key_type(key->cert->signature_key), ca_fp,
+	verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "
+	    "%s CA %s via %s", key->cert->key_id,
+	    (unsigned long long)key->cert->serial,
+	    key_type(key->cert->signature_key), ca_fp,
 	    options.trusted_user_ca_keys);
 	ret = 1;