diff --git a/ChangeLog b/ChangeLog index 34943dc39..c6f90a299 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,8 @@ PolarSSL ChangeLog = Development Changes * Allow enabling of dummy error_strerror() to support some use-cases + * Debug messages about padding errors during SSL message decryption are + disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL Security * Removed timing differences during SSL message decryption in diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 2ecb065e5..e7de136f7 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -238,6 +238,22 @@ */ #define POLARSSL_SELF_TEST +/** + * \def POLARSSL_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * +#define POLARSSL_SSL_DEBUG_ALL + */ + /** * \def POLARSSL_SSL_HW_RECORD_ACCEL * diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 244068a33..0fae076ab 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1403,9 +1403,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( ssl->in_msglen < ssl->transform_in->maclen + padlen ) { +#if defined(POLARSSL_SSL_DEBUG_ALL) SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", ssl->in_msglen, ssl->transform_in->maclen, padlen ) ); - +#endif padlen = 0; fake_padlen = 256; correct = 0; @@ -1415,9 +1416,11 @@ static int ssl_decrypt_buf( ssl_context *ssl ) { if( padlen > ssl->transform_in->ivlen ) { +#if defined(POLARSSL_SSL_DEBUG_ALL) SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " "should be no more than %d", padlen, ssl->transform_in->ivlen ) ); +#endif correct = 0; } } @@ -1443,8 +1446,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) else minlen = 1; } +#if defined(POLARSSL_SSL_DEBUG_ALL) if( padlen > 0 && correct == 0) SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); +#endif } }