From e684082014ea2dcd9693bca1af50c8660b5c058a Mon Sep 17 00:00:00 2001
From: Steve Axthelm <steve@puppet.com>
Date: Thu, 31 Aug 2023 15:45:05 -0700
Subject: [PATCH] (PE-36769) remove header warning from request->cert

This commit removes a warning log entry for the presense of a cert
in the request header when allow-header-cert-info is false.

This particular logging was deemed not terribly useful in general,
and the fix for agent auto-renew when CA proxy is present will
generate lots of log noise if it is present.
---
 .../trapperkeeper/authorization/ring_middleware.clj           | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/puppetlabs/trapperkeeper/authorization/ring_middleware.clj b/src/puppetlabs/trapperkeeper/authorization/ring_middleware.clj
index 86c262d..e35165b 100644
--- a/src/puppetlabs/trapperkeeper/authorization/ring_middleware.clj
+++ b/src/puppetlabs/trapperkeeper/authorization/ring_middleware.clj
@@ -183,9 +183,7 @@
   (let [header-cert-val (get-in request [:headers header-cert-name])]
     (if allow-header-cert-info
       (header->cert header-cert-val)
-      (do
-        (warn-if-header-value-non-nil header-cert-name header-cert-val)
-        (:ssl-client-cert request)))))
+      (:ssl-client-cert request))))
 
 (schema/defn request->extensions :- acl/Extensions
   "Given a request, return a map of shortname -> value for all of the extensions