Avoid debug message that might leak length

The length to the debug message could conceivably leak through the time it
takes to print it, and that length would in turn reveal whether padding was
correct or not.
This commit is contained in:
Manuel Pégourié-Gonnard 2018-07-10 11:15:36 +02:00
parent 7b42030b5d
commit 6a25cfae2a

View File

@ -1972,8 +1972,10 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
#if defined(MBEDTLS_SSL_DEBUG_ALL)
MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption",
ssl->in_msg, ssl->in_msglen ); ssl->in_msg, ssl->in_msglen );
#endif
/* /*
* Authenticate if not done yet. * Authenticate if not done yet.