diff options
Diffstat (limited to 'fuzz/tls_client_target.cc')
| -rw-r--r-- | fuzz/tls_client_target.cc | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/fuzz/tls_client_target.cc b/fuzz/tls_client_target.cc index 4d8ed9ee9..fdc447916 100644 --- a/fuzz/tls_client_target.cc +++ b/fuzz/tls_client_target.cc @@ -11,6 +11,7 @@ #include "ssl.h" #include "shared.h" +#include "tls_client_config.h" #include "tls_client_socket.h" static PRStatus EnableAllProtocolVersions() { @@ -27,24 +28,26 @@ static PRStatus EnableAllProtocolVersions() { static SECStatus AuthCertificateHook(void* arg, PRFileDesc* fd, PRBool checksig, PRBool isServer) { - return SECSuccess; + assert(!isServer); + auto config = reinterpret_cast<ClientConfig*>(arg); + return config->FailCertificateAuthentication() ? SECFailure : SECSuccess; } -static void SetSocketOptions(PRFileDesc* fd) { +static void SetSocketOptions(PRFileDesc* fd, + std::unique_ptr<ClientConfig>& config) { // Disable session cache for now. SECStatus rv = SSL_OptionSet(fd, SSL_NO_CACHE, true); assert(rv == SECSuccess); - rv = SSL_OptionSet(fd, SSL_ENABLE_EXTENDED_MASTER_SECRET, true); - assert(rv == SECSuccess); - - rv = SSL_OptionSet(fd, SSL_ENABLE_SIGNED_CERT_TIMESTAMPS, true); + rv = SSL_OptionSet(fd, SSL_ENABLE_EXTENDED_MASTER_SECRET, + config->EnableExtendedMasterSecret()); assert(rv == SECSuccess); - rv = SSL_OptionSet(fd, SSL_ENABLE_FALLBACK_SCSV, true); + rv = SSL_OptionSet(fd, SSL_REQUIRE_DH_NAMED_GROUPS, + config->RequireDhNamedGroups()); assert(rv == SECSuccess); - rv = SSL_OptionSet(fd, SSL_ENABLE_ALPN, true); + rv = SSL_OptionSet(fd, SSL_ENABLE_FALSE_START, config->EnableFalseStart()); assert(rv == SECSuccess); rv = @@ -59,8 +62,19 @@ static void EnableAllCipherSuites(PRFileDesc* fd) { } } -static void SetupAuthCertificateHook(PRFileDesc* fd) { - SECStatus rv = SSL_AuthCertificateHook(fd, AuthCertificateHook, nullptr); +// This is only called when we set SSL_ENABLE_FALSE_START=1, +// so we can always just set *canFalseStart=true. +static SECStatus CanFalseStartCallback(PRFileDesc* fd, void* arg, + PRBool* canFalseStart) { + *canFalseStart = true; + return SECSuccess; +} + +static void SetupCallbacks(PRFileDesc* fd, ClientConfig* config) { + SECStatus rv = SSL_AuthCertificateHook(fd, AuthCertificateHook, config); + assert(rv == SECSuccess); + + rv = SSL_SetCanFalseStartCallback(fd, CanFalseStartCallback, nullptr); assert(rv == SECSuccess); } @@ -89,6 +103,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { assert(db != nullptr); EnableAllProtocolVersions(); + std::unique_ptr<ClientConfig> config(new ClientConfig(data, len)); // Reset the RNG state. SECStatus rv = RNG_ResetForFuzzing(); @@ -104,9 +119,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { // Probably not too important for clients. SSL_SetURL(ssl_fd, "server"); - SetSocketOptions(ssl_fd); + SetSocketOptions(ssl_fd, config); EnableAllCipherSuites(ssl_fd); - SetupAuthCertificateHook(ssl_fd); + SetupCallbacks(ssl_fd, config.get()); DoHandshake(ssl_fd); return 0; |