Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of

this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@
author: jsing <> 2014-05-25 16:23:10 +0000
committer: jsing <> 2014-05-25 16:23:10 +0000
commit: 7e606502e450b079dd66ce328c60e5b1d2d8fdb4 (patch)
tree: 3f1db49f0679d8ac712ededb86f1b538423eea91 /src/lib/libssl/t1_enc.c
parent: e9672afd83cfd9fe3abfe4dc2335113b2b6f3d24 (diff)
download: openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.tar.gz
openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.tar.bz2
openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.zip
1 files changed, 0 insertions, 46 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 5f17a4a94a..a9be8bdb4c 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -458,10 +458,6 @@ tls1_change_cipher_state(SSL *s, int which)
                EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key);
                EVP_PKEY_free(mac_key);
        }
-#ifdef TLS_DEBUG
-        printf("which = %04X\nmac key=", which);
-        { int z; for (z = 0; z<i; z++) printf("%02X%c", ms[z],((z+1)%16)?' ':'\n'); }
-#endif
        if (is_export) {
                /* In here I set both the read and write key/iv to the
                 * same value since only the correct one will be used :-).
@@ -501,13 +497,6 @@ tls1_change_cipher_state(SSL *s, int which)
                EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
                    *mac_secret_size, mac_secret);
-#ifdef TLS_DEBUG
-        printf("which = %04X\nkey=", which);
-        { int z; for (z = 0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c", key[z],((z+1)%16)?' ':'\n'); }
-        printf("\niv=");
-        { int z; for (z = 0; z<k; z++) printf("%02X%c", iv[z],((z+1)%16)?' ':'\n'); }
-        printf("\n");
-#endif
        OPENSSL_cleanse(tmp1, sizeof(tmp1));
        OPENSSL_cleanse(tmp2, sizeof(tmp2));
@@ -570,20 +559,8 @@ tls1_setup_key_block(SSL *s)
                goto err;
        }
-#ifdef TLS_DEBUG
-        printf("client random\n");
-        { int z; for (z = 0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c", s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
-        printf("server random\n");
-        { int z; for (z = 0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c", s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
-        printf("pre-master\n");
-        { int z; for (z = 0; z<s->session->master_key_length; z++) printf("%02X%c", s->session->master_key[z],((z+1)%16)?' ':'\n'); }
-#endif
        if (!tls1_generate_key_block(s, p1, p2, num))
                goto err;
-#ifdef TLS_DEBUG
-        printf("\nkey block\n");
-        { int z; for (z = 0; z<num; z++) printf("%02X%c", p1[z],((z+1)%16)?' ':'\n'); }
-#endif
        if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&
            s->method->version <= TLS1_VERSION) {
@@ -919,16 +896,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
        if (!stream_mac)
                EVP_MD_CTX_cleanup(&hmac);
-#ifdef TLS_DEBUG
-        printf("sec=");
-        {unsigned int z; for (z = 0; z<md_size; z++) printf("%02X ", mac_sec[z]); printf("\n"); }
-        printf("seq=");
-        {int z; for (z = 0; z<8; z++) printf("%02X ", seq[z]); printf("\n"); }
-        printf("buf=");
-        {int z; for (z = 0; z<5; z++) printf("%02X ", buf[z]); printf("\n"); }
-        printf("rec=");
-        {unsigned int z; for (z = 0; z<rec->length; z++) printf("%02X ", buf[z]); printf("\n"); }
-#endif
        if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
                for (i = 7; i >= 0; i--) {
@@ -938,9 +905,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
                }
        }
-#ifdef TLS_DEBUG
-        {unsigned int z; for (z = 0; z<md_size; z++) printf("%02X ", md[z]); printf("\n"); }
-#endif
        return (md_size);
 }
@@ -973,16 +937,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
            so, sol,
            p, len,
            s->session->master_key, buff, sizeof buff);
-#ifdef SSL_DEBUG
-        fprintf(stderr, "Premaster Secret:\n");
-        BIO_dump_fp(stderr, (char *)p, len);
-        fprintf(stderr, "Client Random:\n");
-        BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
-        fprintf(stderr, "Server Random:\n");
-        BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
-        fprintf(stderr, "Master Secret:\n");
-        BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
-#endif
        return (SSL3_MASTER_SECRET_SIZE);
 }
author	jsing <>	2014-05-25 16:23:10 +0000
committer	jsing <>	2014-05-25 16:23:10 +0000
commit	7e606502e450b079dd66ce328c60e5b1d2d8fdb4 (patch)
tree	3f1db49f0679d8ac712ededb86f1b538423eea91 /src/lib/libssl/t1_enc.c
parent	e9672afd83cfd9fe3abfe4dc2335113b2b6f3d24 (diff)
download	openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.tar.gz openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.tar.bz2 openbsd-7e606502e450b079dd66ce328c60e5b1d2d8fdb4.zip

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 5f17a4a94a..a9be8bdb4c 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -458,10 +458,6 @@ tls1_change_cipher_state(SSL *s, int which)
458	EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key);	458	EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key);
459	EVP_PKEY_free(mac_key);	459	EVP_PKEY_free(mac_key);
460	}	460	}
461	#ifdef TLS_DEBUG
462	printf("which = %04X\nmac key=", which);
463	{ int z; for (z = 0; z<i; z++) printf("%02X%c", ms[z],((z+1)%16)?' ':'\n'); }
464	#endif
465	if (is_export) {	461	if (is_export) {
466	/* In here I set both the read and write key/iv to the	462	/* In here I set both the read and write key/iv to the
467	* same value since only the correct one will be used :-).	463	* same value since only the correct one will be used :-).
@@ -501,13 +497,6 @@ tls1_change_cipher_state(SSL *s, int which)
501	EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,	497	EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
502	*mac_secret_size, mac_secret);	498	*mac_secret_size, mac_secret);
503		499
504	#ifdef TLS_DEBUG
505	printf("which = %04X\nkey=", which);
506	{ int z; for (z = 0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c", key[z],((z+1)%16)?' ':'\n'); }
507	printf("\niv=");
508	{ int z; for (z = 0; z<k; z++) printf("%02X%c", iv[z],((z+1)%16)?' ':'\n'); }
509	printf("\n");
510	#endif
511		500
512	OPENSSL_cleanse(tmp1, sizeof(tmp1));	501	OPENSSL_cleanse(tmp1, sizeof(tmp1));
513	OPENSSL_cleanse(tmp2, sizeof(tmp2));	502	OPENSSL_cleanse(tmp2, sizeof(tmp2));
@@ -570,20 +559,8 @@ tls1_setup_key_block(SSL *s)
570	goto err;	559	goto err;
571	}	560	}
572		561
573	#ifdef TLS_DEBUG
574	printf("client random\n");
575	{ int z; for (z = 0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c", s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
576	printf("server random\n");
577	{ int z; for (z = 0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c", s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
578	printf("pre-master\n");
579	{ int z; for (z = 0; z<s->session->master_key_length; z++) printf("%02X%c", s->session->master_key[z],((z+1)%16)?' ':'\n'); }
580	#endif
581	if (!tls1_generate_key_block(s, p1, p2, num))	562	if (!tls1_generate_key_block(s, p1, p2, num))
582	goto err;	563	goto err;
583	#ifdef TLS_DEBUG
584	printf("\nkey block\n");
585	{ int z; for (z = 0; z<num; z++) printf("%02X%c", p1[z],((z+1)%16)?' ':'\n'); }
586	#endif
587		564
588	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&	565	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&
589	s->method->version <= TLS1_VERSION) {	566	s->method->version <= TLS1_VERSION) {
@@ -919,16 +896,6 @@ tls1_mac(SSL ssl, unsigned char md, int send)
919		896
920	if (!stream_mac)	897	if (!stream_mac)
921	EVP_MD_CTX_cleanup(&hmac);	898	EVP_MD_CTX_cleanup(&hmac);
922	#ifdef TLS_DEBUG
923	printf("sec=");
924	{unsigned int z; for (z = 0; z<md_size; z++) printf("%02X ", mac_sec[z]); printf("\n"); }
925	printf("seq=");
926	{int z; for (z = 0; z<8; z++) printf("%02X ", seq[z]); printf("\n"); }
927	printf("buf=");
928	{int z; for (z = 0; z<5; z++) printf("%02X ", buf[z]); printf("\n"); }
929	printf("rec=");
930	{unsigned int z; for (z = 0; z<rec->length; z++) printf("%02X ", buf[z]); printf("\n"); }
931	#endif
932		899
933	if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {	900	if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
934	for (i = 7; i >= 0; i--) {	901	for (i = 7; i >= 0; i--) {
@@ -938,9 +905,6 @@ tls1_mac(SSL ssl, unsigned char md, int send)
938	}	905	}
939	}	906	}
940		907
941	#ifdef TLS_DEBUG
942	{unsigned int z; for (z = 0; z<md_size; z++) printf("%02X ", md[z]); printf("\n"); }
943	#endif
944	return (md_size);	908	return (md_size);
945	}	909	}
946		910
@@ -973,16 +937,6 @@ tls1_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
973	so, sol,	937	so, sol,
974	p, len,	938	p, len,
975	s->session->master_key, buff, sizeof buff);	939	s->session->master_key, buff, sizeof buff);
976	#ifdef SSL_DEBUG
977	fprintf(stderr, "Premaster Secret:\n");
978	BIO_dump_fp(stderr, (char *)p, len);
979	fprintf(stderr, "Client Random:\n");
980	BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
981	fprintf(stderr, "Server Random:\n");
982	BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
983	fprintf(stderr, "Master Secret:\n");
984	BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
985	#endif
986		940
987	return (SSL3_MASTER_SECRET_SIZE);	941	return (SSL3_MASTER_SECRET_SIZE);
988	}	942	}