remove stray debug fprintf

[zpackage] / crypto / tlse.c

diff --git a/crypto/tlse.c b/crypto/tlse.c
index a49b447101f59c9bfbbd42bdc5246bbcf9eac515..5274dbade4aa15ceca9a6a9e3f621f14fbcc802a 100644 (file)
--- a/crypto/tlse.c
+++ b/crypto/tlse.c
@@ -451,8 +451,10 @@ static void tls_init() {
 #endif
 #endif
        /* TODO remove these */
+#if 0
        register_hash(&md5_desc);
        register_hash(&sha1_desc); 
+#endif
 
        register_hash(&sha256_desc);
        register_hash(&sha384_desc);
@@ -1787,17 +1789,21 @@ static int tls_expand_key(struct TLSContext *context) {
                        (int) TLS_MAX_KEY_EXPANSION_SIZE);
        DEBUG_DUMP_HEX_LABEL("CLIENT KEY", clientkey, key_length);
        DEBUG_DUMP_HEX_LABEL("CLIENT IV", clientiv, iv_length);
+#if 0
        DEBUG_DUMP_HEX_LABEL("CLIENT MAC KEY",
                        context->is_server ? context->crypto.
                        ctx_remote_mac.remote_mac : context->
                        crypto.ctx_local_mac.local_mac,
                        mac_length);
+#endif
        DEBUG_DUMP_HEX_LABEL("SERVER KEY", serverkey, key_length);
        DEBUG_DUMP_HEX_LABEL("SERVER IV", serveriv, iv_length);
+#if 0
        DEBUG_DUMP_HEX_LABEL("SERVER MAC KEY",
                        context->is_server ? context->crypto.
                        ctx_local_mac.local_mac : context->crypto.
                        ctx_remote_mac.remote_mac, mac_length);
+#endif
        if (context->is_server) {
                if (is_aead == 2) {
                        memcpy(context->crypto.ctx_remote_mac.remote_nonce,
@@ -4238,6 +4244,7 @@ int tls_parse_payload(struct TLSContext *context, const unsigned char *buf,
                }
 
                if (certificate_verify_alert != no_error) {
+                       MARK;
                        tls_alert(context, 1, certificate_verify_alert);
                        context->critical_error = 1;
                }
@@ -4245,21 +4252,27 @@ int tls_parse_payload(struct TLSContext *context, const unsigned char *buf,
                if (payload_res < 0) {
                        switch (payload_res) {
                                case TLS_UNEXPECTED_MESSAGE:
+                                       MARK;
                                        tls_alert(context, 1, unexpected_message);
                                        break;
                                case TLS_COMPRESSION_NOT_SUPPORTED:
+                                       MARK;
                                        tls_alert(context, 1, decompression_failure_RESERVED);
                                        break;
                                case TLS_BROKEN_PACKET:
+                                       MARK;
                                        tls_alert(context, 1, decode_error);
                                        break;
                                case TLS_NO_MEMORY:
+                                       MARK;
                                        tls_alert(context, 1, internal_error);
                                        break;
                                case TLS_NOT_VERIFIED:
+                                       MARK;
                                        tls_alert(context, 1, bad_record_mac);
                                        break;
                                case TLS_BAD_CERTIFICATE:
+                                       MARK;
                                        if (context->is_server) {
                                                /* bad client certificate, continue */
                                                tls_alert(context, 0, bad_certificate);
@@ -4269,19 +4282,24 @@ int tls_parse_payload(struct TLSContext *context, const unsigned char *buf,
                                        }
                                        break;
                                case TLS_UNSUPPORTED_CERTIFICATE:
+                                       MARK;
                                        tls_alert(context, 1, unsupported_certificate);
                                        break;
                                case TLS_NO_COMMON_CIPHER:
+                                       MARK;
                                        tls_alert(context, 1, insufficient_security);
                                        break;
                                case TLS_NOT_UNDERSTOOD:
+                                       MARK;
                                        tls_alert(context, 1, internal_error);
                                        break;
                                case TLS_NO_RENEGOTIATION:
+                                       MARK;
                                        tls_alert(context, 0, no_renegotiation_RESERVED);
                                        payload_res = 0;
                                        break;
                                case TLS_DECRYPTION_FAILED:
+                                       MARK;
                                        tls_alert(context, 1, decryption_failed_RESERVED);
                                        break;
                        }
@@ -4292,6 +4310,7 @@ int tls_parse_payload(struct TLSContext *context, const unsigned char *buf,
 
                if (certificate_verify_alert != no_error) {
                        payload_res = TLS_BAD_CERTIFICATE;
+                       /* TODO this is set but not used */
                }
 
                /* except renegotiation */
@@ -4337,9 +4356,7 @@ int tls_parse_payload(struct TLSContext *context, const unsigned char *buf,
                                        }
 
                                        tls_send_certificate(context);
-
                                        tls_send_certificate_verify(context);
-
                                        tls_send_finished(context);
 
                                        /* new key */