[openssl-commits] [openssl] master update

Kurt Roeckx kurt at openssl.org
Fri Dec 16 00:09:11 UTC 2016 

The branch master has been updated
       via  4e9954799aaf6a9012603ed35b9168f2001e668d (commit)
       via  e104d01debba258ceed728ddf84d8cb3ef655d85 (commit)
       via  2fd54ebadfe2d1d1a001694552624636871003db (commit)
      from  eeab356c298248108b82157ef51172ba040646f7 (commit)


- Log -----------------------------------------------------------------
commit 4e9954799aaf6a9012603ed35b9168f2001e668d
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Thu Dec 15 20:11:18 2016 +0100

    Make client and server fuzzer support all ciphers
    
    Also send a SNI extension in the client so the fuzzer can react to it.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    GH: #2088

commit e104d01debba258ceed728ddf84d8cb3ef655d85
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Thu Dec 15 20:06:51 2016 +0100

    Document the recommended parameters for fuzzing
    
    We use those parameters for calculating the coverage.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    GH: #2088

commit 2fd54ebadfe2d1d1a001694552624636871003db
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Thu Dec 15 20:03:15 2016 +0100

    Enable TLS1.3 and PEDANTIC in the coverage target
    
    This make sure that the coverage is the same for the fuzzers and this
    coverage target
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    GH: #2088

-----------------------------------------------------------------------

Summary of changes:
 .travis.yml    |  2 +-
 fuzz/README.md | 12 ++++++++++--
 fuzz/client.c  |  2 ++
 fuzz/server.c  |  2 ++
 4 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 85320ec..885c9d8 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -42,7 +42,7 @@ matrix:
           env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"
         - os: linux
           compiler: gcc-5
-          env: CONFIG_OPTS="--debug --coverage no-asm enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-weak-ssl-ciphers enable-external-tests no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" COVERALLS="yes" BORINGSSL_TESTS="yes" CXX="g++-5"
+          env: CONFIG_OPTS="--debug --coverage no-asm enable-tls1_3 enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-weak-ssl-ciphers enable-external-tests no-shared -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" COVERALLS="yes" BORINGSSL_TESTS="yes" CXX="g++-5"
         - os: linux
           compiler: clang-3.6
           env: CONFIG_OPTS="enable-msan"
diff --git a/fuzz/README.md b/fuzz/README.md
index 69c3881..e0d2eb6 100644
--- a/fuzz/README.md
+++ b/fuzz/README.md
@@ -40,7 +40,10 @@ Configure for fuzzing:
             --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \
             -DPEDANTIC enable-asan enable-ubsan no-shared \
             -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION \
-	    -fsanitize-coverage=edge,indirect-calls,8bit-counters
+            -fsanitize-coverage=edge,indirect-calls,8bit-counters \
+            enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 \
+            enable-weak-ssl-ciphers enable-rc5 enable-md2 \
+            enable-ssl3 enable-ssl3-method enable-nextprotoneg
     $ sudo apt-get install make
     $ LDCMD=clang++ make -j
     $ fuzz/helper.py $FUZZER
@@ -58,9 +61,14 @@ AFL
 Configure for fuzzing:
 
     $ sudo apt-get install afl-clang
-    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared
+    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared -DPEDANTIC \
+        enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 \
+        enable-ssl3 enable-ssl3-method enable-nextprotoneg \
+        enable-ec_nistp_64_gcc_128
     $ make
 
+The following options can also be enabled: enable-asan, enable-ubsan, enable-msan
+
 Run one of the fuzzers:
 
     $ afl-fuzz -i fuzz/corpora/$FUZZER -o fuzz/corpora/$FUZZER/out fuzz/$FUZZER
diff --git a/fuzz/client.c b/fuzz/client.c
index 391e0cc..d4dffd7 100644
--- a/fuzz/client.c
+++ b/fuzz/client.c
@@ -63,6 +63,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     ctx = SSL_CTX_new(SSLv23_method());
 
     client = SSL_new(ctx);
+    OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1);
+    SSL_set_tlsext_host_name(client, "localhost");
     in = BIO_new(BIO_s_mem());
     out = BIO_new(BIO_s_mem());
     SSL_set_bio(client, in, out);
diff --git a/fuzz/server.c b/fuzz/server.c
index 3b5df9d..c2c54b9 100644
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -258,6 +258,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     X509_free(cert);
 
     server = SSL_new(ctx);
+    ret = SSL_set_cipher_list(server, "ALL:eNULL:@SECLEVEL=0");
+    OPENSSL_assert(ret == 1);
     in = BIO_new(BIO_s_mem());
     out = BIO_new(BIO_s_mem());
     SSL_set_bio(server, in, out);

More information about the openssl-commits mailing list