Avoid debug message that might leak length The length to the debug message could conceivably leak through the time it takes to print it, and that length would in turn reveal whether padding was correct or not.

commit: 6a25cfae2a7bf34f206232168942bd2db0886742 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jul 10 11:15:36 2018 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jul 10 11:15:36 2018 +0200
tree: fb1b420a285d599276d8fa7cafee99296c1081cd
parent: 7b42030b5d4b85a662c10024043eeec5349b6adb [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e362abb..d66c9cf 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -1972,8 +1972,10 @@
         return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
     }
 
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
     MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption",
                    ssl->in_msg, ssl->in_msglen );
+#endif
 
     /*
      * Authenticate if not done yet.
commit	6a25cfae2a7bf34f206232168942bd2db0886742	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jul 10 11:15:36 2018 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jul 10 11:15:36 2018 +0200
tree	fb1b420a285d599276d8fa7cafee99296c1081cd
parent	7b42030b5d4b85a662c10024043eeec5349b6adb [diff] [blame]