diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-11-10 22:32:27 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-11-10 22:32:27 +0100 |
commit | ba054cb89336cf4fd2b238860111f3d5104132a5 (patch) | |
tree | 23e029cfee4e8b5b1bcc1a2d6c7490f4f27dfced /lib | |
parent | 0144bc53e999d20bfe8eeb395c1377f1f4eb06b3 (diff) | |
download | gnutls-ba054cb89336cf4fd2b238860111f3d5104132a5.tar.gz |
Revert "periodically print messages that might be used in timing attacks."
This reverts commit a333d71762903ff5b716d1e3967017b1baf61bd2.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gnutls_int.h | 4 | ||||
-rw-r--r-- | lib/gnutls_record.c | 14 |
2 files changed, 4 insertions, 14 deletions
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 3c888faf10..4818eebaeb 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -141,9 +141,6 @@ typedef struct /* expire time for resuming sessions */ #define DEFAULT_EXPIRE_TIME 3600 -/* printing period of messages */ -#define PRINT_MESSAGE_PERIOD 30 - typedef enum transport_t { GNUTLS_STREAM, @@ -628,7 +625,6 @@ typedef struct /* last retransmission triggered by record layer */ time_t last_retransmit; unsigned int packets_dropped; - time_t last_print; } dtls_st; diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 3b89c3584c..4ff295154f 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -1020,7 +1020,8 @@ begin: ret = _dtls_record_check(session, packet_sequence); if (ret < 0) { - gnutls_assert(); + _gnutls_audit_log(session, "Discarded duplicate message[%u]\n", + (unsigned int) _gnutls_uint64touint32 (packet_sequence)); goto sanity_check_error; } } @@ -1087,15 +1088,8 @@ discard: sanity_check_error: if (IS_DTLS(session)) { - time_t now = time(0); - session->internals.dtls.packets_dropped++; - - if (now - session->internals.dtls.last_print < PRINT_MESSAGE_PERIOD) - { - session->internals.dtls.last_print = now; - _gnutls_audit_log(session, "Discarded %u messages (duplicates or invalid decryption)\n", - (unsigned int)session->internals.dtls.packets_dropped); - } + _gnutls_audit_log(session, "Discarded message[%u] due to invalid decryption\n", + (unsigned int)_gnutls_uint64touint32 (packet_sequence)); ret = gnutls_assert_val(GNUTLS_E_AGAIN); goto cleanup; } |