Move peer certificate wpa_msg() calls to notify.c

This type of wpa_supplicant specific message construction does not need
to be at the EAP implementation, so better move it up to notify.c.

src/eap_peer/eap.c

@@ -1168,7 +1168,6 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 {
 	struct eap_sm *sm = ctx;
 	char *hash_hex = NULL;
-	char *cert_hex = NULL;
 
 	switch (ev) {
 	case TLS_CERT_CHAIN_FAILURE:
@@ -1180,6 +1179,9 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 			data->cert_fail.reason_txt);
 		break;
 	case TLS_PEER_CERTIFICATE:
+		if (!sm->eapol_cb->notify_cert)
+			break;
+
 		if (data->peer_cert.hash) {
 			size_t len = data->peer_cert.hash_len * 2 + 1;
 			hash_hex = os_malloc(len);
@@ -1189,38 +1191,15 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 						 data->peer_cert.hash_len);
 			}
 		}
-		wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
-			"depth=%d subject='%s'%s%s",
-			data->peer_cert.depth, data->peer_cert.subject,
-			hash_hex ? " hash=" : "", hash_hex ? hash_hex : "");
 
-		if (data->peer_cert.cert) {
-			size_t len = wpabuf_len(data->peer_cert.cert) * 2 + 1;
-			cert_hex = os_malloc(len);
-			if (cert_hex == NULL)
-				break;
-			wpa_snprintf_hex(cert_hex, len,
-					 wpabuf_head(data->peer_cert.cert),
-					 wpabuf_len(data->peer_cert.cert));
-			wpa_msg_ctrl(sm->msg_ctx, MSG_INFO,
-				     WPA_EVENT_EAP_PEER_CERT
-				     "depth=%d subject='%s' cert=%s",
-				     data->peer_cert.depth,
-				     data->peer_cert.subject,
-				     cert_hex);
-		}
-		if (sm->eapol_cb->notify_cert) {
-			sm->eapol_cb->notify_cert(sm->eapol_ctx,
-						  data->peer_cert.depth,
-						  data->peer_cert.subject,
-						  hash_hex,
-						  data->peer_cert.cert);
-		}
+		sm->eapol_cb->notify_cert(sm->eapol_ctx,
+					  data->peer_cert.depth,
+					  data->peer_cert.subject,
+					  hash_hex, data->peer_cert.cert);
 		break;
 	}
 
 	os_free(hash_hex);
-	os_free(cert_hex);
 }