diff options
author | Robert Swiecki <robert@swiecki.net> | 2019-05-10 18:12:09 +0200 |
---|---|---|
committer | Robert Swiecki <robert@swiecki.net> | 2019-05-10 18:12:09 +0200 |
commit | dfb83475879120a332450b32cf0fd415060978b0 (patch) | |
tree | fab6e063ff1fb4a8d1040f3c4007e7e75b47a173 | |
parent | f36afafab27565bd4813196947886c84956b2e20 (diff) | |
download | honggfuzz-dfb83475879120a332450b32cf0fd415060978b0.tar.gz |
examples/openssl: libressl supports 1.3 with a macro
-rw-r--r-- | examples/openssl/client.c | 2 | ||||
-rwxr-xr-x | examples/openssl/make.sh | 2 | ||||
-rw-r--r-- | examples/openssl/server.c | 18 |
3 files changed, 17 insertions, 5 deletions
diff --git a/examples/openssl/client.c b/examples/openssl/client.c index 914fa45c..a3a85b18 100644 --- a/examples/openssl/client.c +++ b/examples/openssl/client.c @@ -579,10 +579,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* buf, size_t len) { SSL_set_renegotiate_mode(client, ssl_renegotiate_freely); #endif /* defined(HF_SSL_IS_BORINGSSL) */ -#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL) SSL_set_min_proto_version(client, SSL3_VERSION); SSL_set_max_proto_version(client, TLS1_3_VERSION); -#endif // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL) #if defined(HF_SSL_FROM_STDIN) BIO* in = BIO_new(BIO_s_fd()); diff --git a/examples/openssl/make.sh b/examples/openssl/make.sh index e2d15a3a..19d499c0 100755 --- a/examples/openssl/make.sh +++ b/examples/openssl/make.sh @@ -10,7 +10,7 @@ HFUZZ_SRC=~/src/honggfuzz/ OS=`uname -s` CC="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang" CXX="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang++" -COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG \ +COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG -DLIBRESSL_HAS_TLS1_3 \ -O3 -g -DFuzzerInitialize=LLVMFuzzerInitialize -DFuzzerTestOneInput=LLVMFuzzerTestOneInput \ -I./$DIR/include -I$HFUZZ_SRC/examples/openssl -I$HFUZZ_SRC" COMMON_LDFLAGS="-lpthread -lz -Wl,-z,now" diff --git a/examples/openssl/server.c b/examples/openssl/server.c index 00b2098e..fe117bad 100644 --- a/examples/openssl/server.c +++ b/examples/openssl/server.c @@ -8,6 +8,7 @@ extern "C" { #include <openssl/err.h> #include <openssl/rand.h> #include <openssl/ssl.h> +#include <openssl/tls1.h> #include <stdint.h> #include <string.h> #include <unistd.h> @@ -524,6 +525,17 @@ static int npn_callback(SSL* ssl, const uint8_t** out, unsigned* out_len, void* return SSL_TLSEXT_ERR_OK; } +static int session_id_callback( +#if defined(HF_SSL_IS_LIBRESSL) + const +#endif /* defined(HF_SSL_IS_LIBRESSL) */ + SSL* ssl, + unsigned char* id, unsigned int* id_len) { + static unsigned char sess_cnt = 'A'; + memset(id, sess_cnt++, *id_len); + return 1; +} + int LLVMFuzzerInitialize(int* argc, char*** argv) { HFInit(); HFResetRand(); @@ -607,6 +619,10 @@ int LLVMFuzzerInitialize(int* argc, char*** argv) { opts |= SSL_OP_ALL; SSL_CTX_set_options(ctx, opts); +#if !defined(HF_SSL_IS_BORINGSSL) + SSL_CTX_set_generate_session_id(ctx, session_id_callback); +#endif /* !defined(HF_SSL_IS_BORINGSSL) */ + return 1; } @@ -617,10 +633,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* buf, size_t len) { SSL* server = SSL_new(ctx); -#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL) SSL_set_min_proto_version(server, SSL3_VERSION); SSL_set_max_proto_version(server, TLS1_3_VERSION); -#endif // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL) #if defined(HF_SSL_FROM_STDIN) BIO* in = BIO_new(BIO_s_fd()); |