Disable debug messages that can introduce a timing side channel.
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug messages in case somebody does want to see the reason checks fail.
This commit is contained in:
Paul Bakker
parent
4582999be6
commit
d66f070d49
3 changed files with 24 additions and 1 deletions
|
|
@ -238,6 +238,22 @@
|
|||
*/
|
||||
#define POLARSSL_SELF_TEST
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_DEBUG_ALL
|
||||
*
|
||||
* Enable the debug messages in SSL module for all issues.
|
||||
* Debug messages have been disabled in some places to prevent timing
|
||||
* attacks due to (unbalanced) debugging function calls.
|
||||
*
|
||||
* If you need all error reporting you should enable this during debugging,
|
||||
* but remove this for production servers that should log as well.
|
||||
*
|
||||
* Uncomment this macro to report all debug messages on errors introducing
|
||||
* a timing side-channel.
|
||||
*
|
||||
#define POLARSSL_SSL_DEBUG_ALL
|
||||
*/
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_HW_RECORD_ACCEL
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue