Improve debugging message.

This actually prints only the payload, not the potential IV and/or MAC, so (to me at least) it's much less confusing
2024-11-22 22:45:48 +01:00 · 2014-11-21 11:38:37 +01:00 · 2014-11-21 11:38:37 +01:00 · 60346be2a3
commit 60346be2a3
parent e423246e7f
1 changed files with 3 additions and 9 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1044,6 +1044,9 @@ static int ssl_encrypt_buf( ssl_context *ssl )

    SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );

+    SSL_DEBUG_BUF( 4, "before encrypt: output payload",
+                      ssl->out_msg, ssl->out_msglen );
+
    /*
     * Add MAC before encrypt, except for AEAD modes
     */
@ -1102,9 +1105,6 @@ static int ssl_encrypt_buf( ssl_context *ssl )
                            "including %d bytes of padding",
                       ssl->out_msglen, 0 ) );

-        SSL_DEBUG_BUF( 4, "before encrypt: output payload",
-                       ssl->out_msg, ssl->out_msglen );
-
        if( ( ret = cipher_crypt( &ssl->transform_out->cipher_ctx_enc,
                                   ssl->transform_out->iv_enc,
                                   ssl->transform_out->ivlen,
@ -1185,9 +1185,6 @@ static int ssl_encrypt_buf( ssl_context *ssl )
                            "including %d bytes of padding",
                       ssl->out_msglen, 0 ) );

-        SSL_DEBUG_BUF( 4, "before encrypt: output payload",
-                       ssl->out_msg, ssl->out_msglen );
-
        /*
         * Encrypt and authenticate
         */
@ -1268,9 +1265,6 @@ static int ssl_encrypt_buf( ssl_context *ssl )
                            ssl->out_msglen, ssl->transform_out->ivlen,
                            padlen + 1 ) );

-        SSL_DEBUG_BUF( 4, "before encrypt: output payload",
-                       ssl->out_iv, ssl->out_msglen );
-
        if( ( ret = cipher_crypt( &ssl->transform_out->cipher_ctx_enc,
                                   ssl->transform_out->iv_enc,
                                   ssl->transform_out->ivlen,