Clear warnings/errors within KSSL_DEBUG code sections

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-12-16 04:13:41 +01:00 · 2014-12-16 04:13:41 +01:00 · 53332a75d1
commit 53332a75d1
parent cd387d21da
7 changed files with 91 additions and 89 deletions
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@ -148,12 +148,11 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 #ifdef KSSL_DEBUG
 	{
        int i;
-        char *cp;
+	fprintf(stderr,"des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx, ctx->buf_len);
-	printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
+	fprintf(stderr,"\t iv= ");
 	printf("\t iv= ");
        for(i=0;i<8;i++)
-                printf("%02X",ctx->iv[i]);
+                fprintf(stderr,"%02X",ctx->iv[i]);
-	printf("\n");
+	fprintf(stderr,"\n");
 	}
 #endif    /* KSSL_DEBUG */
 	if (dat->stream.cbc)
@ -307,11 +306,14 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 #ifdef KSSL_DEBUG
 	{
        int i;
-        printf("des_ede3_init_key(ctx=%lx)\n", ctx);
+        fprintf(stderr,"des_ede3_init_key(ctx=%p)\n", ctx);
-	printf("\tKEY= ");
+	fprintf(stderr,"\tKEY= ");
-        for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
+        for(i=0;i<24;i++) fprintf(stderr,"%02X",key[i]); fprintf(stderr,"\n");
-	printf("\t IV= ");
+	if (iv) 
-        for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
+		{
 		fprintf(stderr,"\t IV= ");
 		for(i=0;i<8;i++) fprintf(stderr,"%02X",iv[i]); fprintf(stderr,"\n");
 		}
 	}
 #endif	/* KSSL_DEBUG */
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@ -954,15 +954,15 @@ print_krb5_data(char *label, krb5_data *kdata)
        {
 	int i;
-	printf("%s[%d] ", label, kdata->length);
+	fprintf(stderr,"%s[%d] ", label, kdata->length);
 	for (i=0; i < (int)kdata->length; i++)
                {
 		if (0 &&  isprint((int) kdata->data[i]))
-                        printf(	"%c ",  kdata->data[i]);
+                        fprintf(stderr,	"%c ",  kdata->data[i]);
 		else
-                        printf(	"%02x ", (unsigned char) kdata->data[i]);
+                        fprintf(stderr,	"%02x ", (unsigned char) kdata->data[i]);
 		}
-	printf("\n");
+	fprintf(stderr,"\n");
        }
@ -973,20 +973,20 @@ print_krb5_authdata(char *label, krb5_authdata **adata)
        {
 	if (adata == NULL)
                {
-		printf("%s, authdata==0\n", label);
+		fprintf(stderr,"%s, authdata==0\n", label);
 		return;
 		}
-	printf("%s [%p]\n", label, (void *)adata);
+	fprintf(stderr,"%s [%p]\n", label, (void *)adata);
 #if 0
 	{
        int 	i;
-	printf("%s[at%d:%d] ", label, adata->ad_type, adata->length);
+	fprintf(stderr,"%s[at%d:%d] ", label, adata->ad_type, adata->length);
 	for (i=0; i < adata->length; i++)
                {
-                printf((isprint(adata->contents[i]))? "%c ": "%02x",
+                fprintf(stderr,(isprint(adata->contents[i]))? "%c ": "%02x",
                        adata->contents[i]);
 		}
-	printf("\n");
+	fprintf(stderr,"\n");
 	}
 #endif
 	}
@ -1001,24 +1001,24 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
 	if (keyblk == NULL)
                {
-		printf("%s, keyblk==0\n", label);
+		fprintf(stderr,"%s, keyblk==0\n", label);
 		return;
 		}
 #ifdef KRB5_HEIMDAL
-	printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
+	fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->keytype,
 					   keyblk->keyvalue->length);
 	for (i=0; i < (int)keyblk->keyvalue->length; i++)
                {
-		printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
+		fprintf(stderr,"%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
 		}
-	printf("\n");
+	fprintf(stderr,"\n");
 #else
-	printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
+	fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
 	for (i=0; i < (int)keyblk->length; i++)
                {
-		printf("%02x",keyblk->contents[i]);
+		fprintf(stderr,"%02x",keyblk->contents[i]);
 		}
-	printf("\n");
+	fprintf(stderr,"\n");
 #endif
        }
@ -1031,17 +1031,17 @@ print_krb5_princ(char *label, krb5_principal_data *princ)
        {
 	int i, ui, uj;
-	printf("%s principal Realm: ", label);
+	fprintf(stderr,"%s principal Realm: ", label);
 	if (princ == NULL)  return;
 	for (ui=0; ui < (int)princ->realm.length; ui++)  putchar(princ->realm.data[ui]);
-	printf(" (nametype %d) has %d strings:\n", princ->type,princ->length);
+	fprintf(stderr," (nametype %d) has %d strings:\n", princ->type,princ->length);
 	for (i=0; i < (int)princ->length; i++)
                {
-		printf("\t%d [%d]: ", i, princ->data[i].length);
+		fprintf(stderr,"\t%d [%d]: ", i, princ->data[i].length);
 		for (uj=0; uj < (int)princ->data[i].length; uj++)  {
 			putchar(princ->data[i].data[uj]);
 			}
-		printf("\n");
+		fprintf(stderr,"\n");
 		}
 	return;
        }
@ -1332,7 +1332,7 @@ kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
 		}
 #ifdef KSSL_DEBUG
-	printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
+	fprintf(stderr,"in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
 #endif	/* KSSL_DEBUG */
 	if (!krb5context  &&  (krb5rc = krb5_init_context(&krb5context)))
@ -1481,18 +1481,18 @@ kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
 #ifdef KSSL_DEBUG
 		{
 		int i; krb5_address **paddr = krb5ticket->enc_part2->caddrs;
-		printf("Decrypted ticket fields:\n");
+		fprintf(stderr,"Decrypted ticket fields:\n");
-		printf("\tflags: %X, transit-type: %X",
+		fprintf(stderr,"\tflags: %X, transit-type: %X",
 			krb5ticket->enc_part2->flags,
 			krb5ticket->enc_part2->transited.tr_type);
 		print_krb5_data("\ttransit-data: ",
 			&(krb5ticket->enc_part2->transited.tr_contents));
-		printf("\tcaddrs: %p, authdata: %p\n",
+		fprintf(stderr,"\tcaddrs: %p, authdata: %p\n",
 			krb5ticket->enc_part2->caddrs,
 			krb5ticket->enc_part2->authorization_data);
 		if (paddr)
 			{
-			printf("\tcaddrs:\n");
+			fprintf(stderr,"\tcaddrs:\n");
 			for (i=0; paddr[i] != NULL; i++)
 				{
 				krb5_data d;
@ -1501,7 +1501,7 @@ kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
 				print_krb5_data("\t\tIP: ", &d);
 				}
 			}
-		printf("\tstart/auth/end times: %d / %d / %d\n",
+		fprintf(stderr,"\tstart/auth/end times: %d / %d / %d\n",
 			krb5ticket->enc_part2->times.starttime,
 			krb5ticket->enc_part2->times.authtime,
 			krb5ticket->enc_part2->times.endtime);
@ -1976,7 +1976,7 @@ krb5_error_code  kssl_validate_times(	krb5_timestamp atime,
 	if ((now - ttimes->endtime) > skew)  return SSL_R_KRB5_S_TKT_EXPIRED;
 #ifdef KSSL_DEBUG
-	printf("kssl_validate_times: %d |<-  | %d - %d | < %d  ->| %d\n",
+	fprintf(stderr,"kssl_validate_times: %d |<-  | %d - %d | < %d  ->| %d\n",
 		start, atime, now, skew, ttimes->endtime);
 #endif	/* KSSL_DEBUG */
@ -2027,10 +2027,10 @@ krb5_error_code  kssl_check_authent(
 #ifdef KSSL_DEBUG
        {
        unsigned int ui;
-	printf("kssl_check_authent: authenticator[%d]:\n",authentp->length);
+	fprintf(stderr,"kssl_check_authent: authenticator[%d]:\n",authentp->length);
 	p = authentp->data; 
-	for (ui=0; ui < authentp->length; ui++)  printf("%02x ",p[ui]);
+	for (ui=0; ui < authentp->length; ui++)  fprintf(stderr,"%02x ",p[ui]);
-	printf("\n");
+	fprintf(stderr,"\n");
        }
 #endif	/* KSSL_DEBUG */
@ -2095,9 +2095,9 @@ krb5_error_code  kssl_check_authent(
 #ifdef KSSL_DEBUG
 	{
 	int padl;
-	printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
+	fprintf(stderr,"kssl_check_authent: decrypted authenticator[%d] =\n", outl);
-	for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
+	for (padl=0; padl < outl; padl++) fprintf(stderr,"%02x ",unenc_authent[padl]);
-	printf("\n");
+	fprintf(stderr,"\n");
 	}
 #endif	/* KSSL_DEBUG */
@ -2132,10 +2132,10 @@ krb5_error_code  kssl_check_authent(
 		}
 #ifdef KSSL_DEBUG
-	printf("kssl_check_authent: returns %d for client time ", *atimep);
+	fprintf(stderr,"kssl_check_authent: returns %d for client time ", *atimep);
 	if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
-		printf("%.*s\n", auth->ctime->length, auth->ctime->data);
+		fprintf(stderr,"%.*s\n", auth->ctime->length, auth->ctime->data);
-	else	printf("NULL\n");
+	else	fprintf(stderr,"NULL\n");
 #endif	/* KSSL_DEBUG */
 err:
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -1263,9 +1263,9 @@ int ssl3_get_server_certificate(SSL *s)
 	            ? 0 : 1;
 #ifdef KSSL_DEBUG
-	printf("pkey,x = %p, %p\n", pkey,x);
+	fprintf(stderr,"pkey,x = %p, %p\n", pkey,x);
-	printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
+	fprintf(stderr,"ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
-	printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
+	fprintf(stderr,"cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
 		s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert);
 #endif    /* KSSL_DEBUG */
@ -2537,7 +2537,7 @@ int ssl3_send_client_key_exchange(SSL *s)
 			EVP_CIPHER_CTX_init(&ciph_ctx);
 #ifdef KSSL_DEBUG
-			printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
+			fprintf(stderr,"ssl3_send_client_key_exchange(%lx & %lx)\n",
 				alg_k, SSL_kKRB5);
 #endif	/* KSSL_DEBUG */
@ -2553,9 +2553,9 @@ int ssl3_send_client_key_exchange(SSL *s)
 			    goto err;
 #ifdef KSSL_DEBUG
 			{
-			printf("kssl_cget_tkt rtn %d\n", krb5rc);
+			fprintf(stderr,"kssl_cget_tkt rtn %d\n", krb5rc);
 			if (krb5rc && kssl_err.text)
-			  printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+			  fprintf(stderr,"kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
 			}
 #endif	/* KSSL_DEBUG */
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -4166,7 +4166,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 #endif
 #ifdef KSSL_DEBUG
-/*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
+/*		fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
 #endif    /* KSSL_DEBUG */
 		alg_k=c->algorithm_mkey;
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@ -2542,10 +2542,10 @@ int ssl3_get_client_key_exchange(SSL *s)
 					&kssl_err)) != 0)
 			{
 #ifdef KSSL_DEBUG
-			printf("kssl_sget_tkt rtn %d [%d]\n",
+			fprintf(stderr,"kssl_sget_tkt rtn %d [%d]\n",
 				krb5rc, kssl_err.reason);
 			if (kssl_err.text)
-				printf("kssl_err text= %s\n", kssl_err.text);
+				fprintf(stderr,"kssl_err text= %s\n", kssl_err.text);
 #endif	/* KSSL_DEBUG */
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				kssl_err.reason);
@ -2559,10 +2559,10 @@ int ssl3_get_client_key_exchange(SSL *s)
 					&authtime, &kssl_err)) != 0)
 			{
 #ifdef KSSL_DEBUG
-			printf("kssl_check_authent rtn %d [%d]\n",
+			fprintf(stderr,"kssl_check_authent rtn %d [%d]\n",
 				krb5rc, kssl_err.reason);
 			if (kssl_err.text)
-				printf("kssl_err text= %s\n", kssl_err.text);
+				fprintf(stderr,"kssl_err text= %s\n", kssl_err.text);
 #endif	/* KSSL_DEBUG */
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				kssl_err.reason);
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@ -837,7 +837,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
 			co_list[co_list_num].active = 0;
 			co_list_num++;
 #ifdef KSSL_DEBUG
-			printf("\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth);
+			fprintf(stderr,"\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth);
 #endif	/* KSSL_DEBUG */
 			/*
 			if (!sk_push(ca_list,(char *)c)) goto err;
@ -1482,7 +1482,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 	 */
 	num_of_ciphers = ssl_method->num_ciphers();
 #ifdef KSSL_DEBUG
-	printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
+	fprintf(stderr,"ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
 #endif    /* KSSL_DEBUG */
 	co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
 	if (co_list == NULL)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@ -302,15 +302,15 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km,
 		 s->session->master_key,s->session->master_key_length,
 		 km,tmp,num);
 #ifdef KSSL_DEBUG
-	printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
+	fprintf(stderr,"tls1_generate_key_block() ==> %d byte master_key =\n\t",
                s->session->master_key_length);
 	{
        int i;
        for (i=0; i < s->session->master_key_length; i++)
                {
-                printf("%02X", s->session->master_key[i]);
+                fprintf(stderr,"%02X", s->session->master_key[i]);
                }
-        printf("\n");  }
+        fprintf(stderr,"\n");  }
 #endif    /* KSSL_DEBUG */
 	return ret;
 	}
@ -348,19 +348,19 @@ int tls1_change_cipher_state(SSL *s, int which)
 #endif
 #ifdef KSSL_DEBUG
-	printf("tls1_change_cipher_state(which= %d) w/\n", which);
+	fprintf(stderr,"tls1_change_cipher_state(which= %d) w/\n", which);
-	printf("\talg= %ld/%ld, comp= %p\n",
+	fprintf(stderr,"\talg= %ld/%ld, comp= %p\n",
 	       s->s3->tmp.new_cipher->algorithm_mkey,
 	       s->s3->tmp.new_cipher->algorithm_auth,
 	       comp);
-	printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
+	fprintf(stderr,"\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
-	printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
+	fprintf(stderr,"\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
                c->nid,c->block_size,c->key_len,c->iv_len);
-	printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
+	fprintf(stderr,"\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
 	{
        int i;
        for (i=0; i<s->s3->tmp.key_block_length; i++)
-		printf("%02x", s->s3->tmp.key_block[i]);  printf("\n");
+		fprintf(stderr,"%02x", s->s3->tmp.key_block[i]);  fprintf(stderr,"\n");
        }
 #endif	/* KSSL_DEBUG */
@ -539,11 +539,11 @@ printf("which = %04X\nmac key=",which);
 #ifdef KSSL_DEBUG
 	{
        int i;
-	printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
+	fprintf(stderr,"EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
-	printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
+	fprintf(stderr,"\tkey= "); for (i=0; i<c->key_len; i++) fprintf(stderr,"%02x", key[i]);
-	printf("\n");
+	fprintf(stderr,"\n");
-	printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
+	fprintf(stderr,"\t iv= "); for (i=0; i<c->iv_len; i++) fprintf(stderr,"%02x", iv[i]);
-	printf("\n");
+	fprintf(stderr,"\n");
 	}
 #endif	/* KSSL_DEBUG */
@ -614,7 +614,7 @@ int tls1_setup_key_block(SSL *s)
 	int ret=0;
 #ifdef KSSL_DEBUG
-	printf ("tls1_setup_key_block()\n");
+	fprintf(stderr,"tls1_setup_key_block()\n");
 #endif	/* KSSL_DEBUG */
 	if (s->s3->tmp.key_block_length != 0)
@ -763,7 +763,7 @@ int tls1_enc(SSL *s, int send)
 		}
 #ifdef KSSL_DEBUG
-	printf("tls1_enc(%d)\n", send);
+	fprintf(stderr,"tls1_enc(%d)\n", send);
 #endif    /* KSSL_DEBUG */
 	if ((s->session == NULL) || (ds == NULL) || (enc == NULL))
@ -835,18 +835,18 @@ int tls1_enc(SSL *s, int send)
 #ifdef KSSL_DEBUG
 		{
 		unsigned long ui;
-		printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+		fprintf(stderr,"EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
 			ds,rec->data,rec->input,l);
-		printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
+		fprintf(stderr,"\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
 			ds->buf_len, ds->cipher->key_len,
 			DES_KEY_SZ, DES_SCHEDULE_SZ,
 			ds->cipher->iv_len);
-		printf("\t\tIV: ");
+		fprintf(stderr,"\t\tIV: ");
-		for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
+		for (i=0; i<ds->cipher->iv_len; i++) fprintf(stderr,"%02X", ds->iv[i]);
-		printf("\n");
+		fprintf(stderr,"\n");
-		printf("\trec->input=");
+		fprintf(stderr,"\trec->input=");
-		for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
+		for (ui=0; ui<l; ui++) fprintf(stderr," %02x", rec->input[ui]);
-		printf("\n");
+		fprintf(stderr,"\n");
 		}
 #endif	/* KSSL_DEBUG */
@ -871,9 +871,9 @@ int tls1_enc(SSL *s, int send)
 #ifdef KSSL_DEBUG
 		{
 		unsigned long i;
-		printf("\trec->data=");
+		fprintf(stderr,"\trec->data=");
 		for (i=0; i<l; i++)
-			printf(" %02x", rec->data[i]);  printf("\n");
+			fprintf(stderr," %02x", rec->data[i]);  fprintf(stderr,"\n");
 		}
 #endif	/* KSSL_DEBUG */
@ -1105,7 +1105,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
 #ifdef KSSL_DEBUG
-	printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
+	fprintf(stderr,"tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
 #endif	/* KSSL_DEBUG */
 #ifdef TLSEXT_TYPE_opaque_prf_input
@ -1158,7 +1158,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
 #endif
 #ifdef KSSL_DEBUG
-	printf ("tls1_generate_master_secret() complete\n");
+	fprintf(stderr,"tls1_generate_master_secret() complete\n");
 #endif	/* KSSL_DEBUG */
 	return(SSL3_MASTER_SECRET_SIZE);
 	}
@ -1173,7 +1173,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
 	int rv;
 #ifdef KSSL_DEBUG
-	printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, context, contextlen);
+	fprintf(stderr,"tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n", s, out, olen, label, llen, context, contextlen);
 #endif	/* KSSL_DEBUG */
 	buff = OPENSSL_malloc(olen);
@ -1236,7 +1236,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
 		      out,buff,olen);
 #ifdef KSSL_DEBUG
-	printf ("tls1_export_keying_material() complete\n");
+	fprintf(stderr,"tls1_export_keying_material() complete\n");
 #endif	/* KSSL_DEBUG */
 	goto ret;
 err1: