]>
Commit | Line | Data |
---|---|---|
4410f9d7 | 1 | /* |
fecb3aae | 2 | * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. |
4410f9d7 | 3 | * |
0642931f | 4 | * Licensed under the Apache License 2.0 (the "License"); |
4410f9d7 KR |
5 | * you may not use this file except in compliance with the License. |
6 | * You may obtain a copy of the License at | |
7 | * https://www.openssl.org/source/license.html | |
8 | * or in the file LICENSE in the source distribution. | |
9 | */ | |
10 | ||
14a6570f | 11 | #include <time.h> |
4410f9d7 KR |
12 | #include <openssl/rand.h> |
13 | #include <openssl/ssl.h> | |
14 | #include <openssl/rsa.h> | |
76d1ba3a KR |
15 | #include <openssl/dsa.h> |
16 | #include <openssl/ec.h> | |
17 | #include <openssl/dh.h> | |
4410f9d7 KR |
18 | #include <openssl/err.h> |
19 | #include "fuzzer.h" | |
20 | ||
4410f9d7 KR |
21 | /* unused, to avoid warning. */ |
22 | static int idx; | |
23 | ||
14a6570f KR |
24 | #define FUZZTIME 1485898104 |
25 | ||
26 | #define TIME_IMPL(t) { if (t != NULL) *t = FUZZTIME; return FUZZTIME; } | |
27 | ||
28 | /* | |
b12ae4a9 AP |
29 | * This might not work in all cases (and definitely not on Windows |
30 | * because of the way linkers are) and callees can still get the | |
31 | * current time instead of the fixed time. This will just result | |
32 | * in things not being fully reproducible and have a slightly | |
33 | * different coverage. | |
14a6570f | 34 | */ |
b12ae4a9 | 35 | #if !defined(_WIN32) |
14a6570f KR |
36 | time_t time(time_t *t) TIME_IMPL(t) |
37 | #endif | |
38 | ||
4410f9d7 KR |
39 | int FuzzerInitialize(int *argc, char ***argv) |
40 | { | |
41 | STACK_OF(SSL_COMP) *comp_methods; | |
42 | ||
de2ea978 | 43 | FuzzerSetRand(); |
4410f9d7 KR |
44 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL); |
45 | OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); | |
e5d4233f | 46 | ERR_clear_error(); |
4410f9d7 KR |
47 | CRYPTO_free_ex_index(0, -1); |
48 | idx = SSL_get_ex_data_X509_STORE_CTX_idx(); | |
4410f9d7 | 49 | comp_methods = SSL_COMP_get_compression_methods(); |
345bee91 MC |
50 | if (comp_methods != NULL) |
51 | sk_SSL_COMP_sort(comp_methods); | |
4410f9d7 | 52 | |
4410f9d7 KR |
53 | return 1; |
54 | } | |
55 | ||
56 | int FuzzerTestOneInput(const uint8_t *buf, size_t len) | |
57 | { | |
edba1976 | 58 | SSL *client = NULL; |
4410f9d7 KR |
59 | BIO *in; |
60 | BIO *out; | |
61 | SSL_CTX *ctx; | |
62 | ||
63 | if (len == 0) | |
64 | return 0; | |
65 | ||
4410f9d7 KR |
66 | /* This only fuzzes the initial flow from the client so far. */ |
67 | ctx = SSL_CTX_new(SSLv23_method()); | |
edba1976 | 68 | if (ctx == NULL) |
69 | goto end; | |
4410f9d7 KR |
70 | |
71 | client = SSL_new(ctx); | |
edba1976 | 72 | if (client == NULL) |
73 | goto end; | |
07fc8d52 | 74 | OPENSSL_assert(SSL_set_min_proto_version(client, 0) == 1); |
4e995479 KR |
75 | OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1); |
76 | SSL_set_tlsext_host_name(client, "localhost"); | |
4410f9d7 | 77 | in = BIO_new(BIO_s_mem()); |
edba1976 | 78 | if (in == NULL) |
79 | goto end; | |
4410f9d7 | 80 | out = BIO_new(BIO_s_mem()); |
edba1976 | 81 | if (out == NULL) { |
82 | BIO_free(in); | |
83 | goto end; | |
84 | } | |
4410f9d7 KR |
85 | SSL_set_bio(client, in, out); |
86 | SSL_set_connect_state(client); | |
87 | OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); | |
88 | if (SSL_do_handshake(client) == 1) { | |
89 | /* Keep reading application data until error or EOF. */ | |
90 | uint8_t tmp[1024]; | |
91 | for (;;) { | |
92 | if (SSL_read(client, tmp, sizeof(tmp)) <= 0) { | |
93 | break; | |
94 | } | |
95 | } | |
96 | } | |
edba1976 | 97 | end: |
4410f9d7 KR |
98 | SSL_free(client); |
99 | ERR_clear_error(); | |
100 | SSL_CTX_free(ctx); | |
101 | ||
102 | return 0; | |
103 | } | |
104 | ||
105 | void FuzzerCleanup(void) | |
106 | { | |
de2ea978 | 107 | FuzzerClearRand(); |
4410f9d7 | 108 | } |