[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Richard Levitte levitte at openssl.org
Thu Mar 23 13:47:51 UTC 2017 

The branch OpenSSL_1_0_2-stable has been updated
       via  4e5d2aaa41d7e298f93641bad5296a6b4ec2cad4 (commit)
      from  4150efdb76ac2548a1583e18ee0fafa2ac31b73c (commit)


- Log -----------------------------------------------------------------
commit 4e5d2aaa41d7e298f93641bad5296a6b4ec2cad4
Author: Richard Levitte <levitte at openssl.org>
Date:   Thu Mar 23 14:26:43 2017 +0100

    Guard last few debugging printfs in libssl
    
    Fixes #2542
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3018)

-----------------------------------------------------------------------

Summary of changes:
 ssl/d1_both.c | 6 ++++++
 ssl/s3_srvr.c | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 232a6d4..e6bc761 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1075,7 +1075,9 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
 int dtls1_read_failed(SSL *s, int code)
 {
     if (code > 0) {
+#ifdef TLS_DEBUG
         fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
+#endif
         return 1;
     }
 
@@ -1147,7 +1149,9 @@ int dtls1_retransmit_buffered_messages(SSL *s)
                                      (frag->msg_header.seq,
                                       frag->msg_header.is_ccs), 0,
                                      &found) <= 0 && found) {
+#ifdef TLS_DEBUG
             fprintf(stderr, "dtls1_retransmit_message() failed\n");
+#endif
             return -1;
         }
     }
@@ -1247,7 +1251,9 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
 
     item = pqueue_find(s->d1->sent_messages, seq64be);
     if (item == NULL) {
+#ifdef TLS_DEBUG
         fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
+#endif
         *found = 0;
         return 0;
     }
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 773358e..ba17f1b 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3164,7 +3164,9 @@ int ssl3_get_cert_verify(SSL *s)
             goto f_err;
         }
         if (i != 64) {
+#ifdef SSL_DEBUG
             fprintf(stderr, "GOST signature length is %d", i);
+#endif
         }
         for (idx = 0; idx < 64; idx++) {
             signature[63 - idx] = p[idx];

More information about the openssl-commits mailing list