[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-48-ga333d71
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-48-ga333d71 |
|
Date: |
Thu, 10 Nov 2011 08:14:17 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=a333d71762903ff5b716d1e3967017b1baf61bd2
The branch, master has been updated
via a333d71762903ff5b716d1e3967017b1baf61bd2 (commit)
from 5d683407978fefa27a36d11c9736fae5a6942668 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a333d71762903ff5b716d1e3967017b1baf61bd2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Nov 10 09:15:49 2011 +0100
periodically print messages that might be used in timing attacks.
-----------------------------------------------------------------------
Summary of changes:
lib/gnutls_int.h | 4 ++++
lib/gnutls_record.c | 14 ++++++++++----
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 4818eeb..3c888fa 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -141,6 +141,9 @@ typedef struct
/* expire time for resuming sessions */
#define DEFAULT_EXPIRE_TIME 3600
+/* printing period of messages */
+#define PRINT_MESSAGE_PERIOD 30
+
typedef enum transport_t
{
GNUTLS_STREAM,
@@ -625,6 +628,7 @@ typedef struct
/* last retransmission triggered by record layer */
time_t last_retransmit;
unsigned int packets_dropped;
+ time_t last_print;
} dtls_st;
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 4ff2951..3b89c35 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -1020,8 +1020,7 @@ begin:
ret = _dtls_record_check(session, packet_sequence);
if (ret < 0)
{
- _gnutls_audit_log(session, "Discarded duplicate message[%u]\n",
- (unsigned int) _gnutls_uint64touint32 (packet_sequence));
+ gnutls_assert();
goto sanity_check_error;
}
}
@@ -1088,8 +1087,15 @@ discard:
sanity_check_error:
if (IS_DTLS(session))
{
- _gnutls_audit_log(session, "Discarded message[%u] due to invalid
decryption\n",
- (unsigned int)_gnutls_uint64touint32 (packet_sequence));
+ time_t now = time(0);
+ session->internals.dtls.packets_dropped++;
+
+ if (now - session->internals.dtls.last_print < PRINT_MESSAGE_PERIOD)
+ {
+ session->internals.dtls.last_print = now;
+ _gnutls_audit_log(session, "Discarded %u messages (duplicates or
invalid decryption)\n",
+ (unsigned int)session->internals.dtls.packets_dropped);
+ }
ret = gnutls_assert_val(GNUTLS_E_AGAIN);
goto cleanup;
}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_7-48-ga333d71,
Nikos Mavrogiannopoulos <=