lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-07 06:42:56 +03:00
Code Activity

Disable debug messages that can introduce a timing side channel.

Browse Source 
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
This commit is contained in:
Paul Bakker
2013-01-31 16:57:45 +01:00
parent 4582999be6
commit d66f070d49
3 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
include/polarssl/config.h
View File

@@ -238,6 +238,22 @@
*/
#define POLARSSL_SELF_TEST
/**
* \def POLARSSL_SSL_DEBUG_ALL
*
* Enable the debug messages in SSL module for all issues.
* Debug messages have been disabled in some places to prevent timing
* attacks due to (unbalanced) debugging function calls.
*
* If you need all error reporting you should enable this during debugging,
* but remove this for production servers that should log as well.
*
* Uncomment this macro to report all debug messages on errors introducing
* a timing side-channel.
*
#define POLARSSL_SSL_DEBUG_ALL
*/
/**
* \def POLARSSL_SSL_HW_RECORD_ACCEL
*