Route the TLS 1.3 experiment into the fuzzer.

Change-Id: Ie8216ab9de2edf37ae3240a5cb97d974e8252d93 Reviewed-on: https://boringssl-review.googlesource.com/17709 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-07-10 17:47:09 -04:00 · 2017-07-10 17:47:09 -04:00 · 1ffb4a4283
commit 1ffb4a4283
parent a502239475
2 changed files with 24 additions and 1 deletions
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@ -1694,6 +1694,12 @@ static bool WriteSettings(int i, const TestConfig *config,
    return false;
  }

+  if (config->tls13_variant != 0 &&
+      (!CBB_add_u16(cbb.get(), kTLS13Variant) ||
+       !CBB_add_u8(cbb.get(), static_cast<uint8_t>(config->tls13_variant)))) {
+    return false;
+  }
+
  uint8_t *settings;
  size_t settings_len;
  if (!CBB_add_u16(cbb.get(), kDataTag) ||
--- a/ssl/test/fuzzer.h
+++ b/ssl/test/fuzzer.h
@ -40,13 +40,18 @@ static const uint16_t kSessionTag = 1;
 // certificates.
 static const uint16_t kRequestClientCert = 2;

+// kTLS13Variant is followed by a u8 denoting the TLS 1.3 variant to configure.
+static const uint16_t kTLS13Variant = 3;
+
 // SetupTest parses parameters from |cbs| and returns a newly-configured |SSL|
 // object or nullptr on error. On success, the caller should feed the remaining
 // input in |cbs| to the SSL stack.
 static inline bssl::UniquePtr<SSL> SetupTest(CBS *cbs, SSL_CTX *ctx,
                                             bool is_server) {
-  // Clear any sessions saved in |ctx| from the previous run.
+  // |ctx| is shared between runs, so we must clear any modifications to it made
+  // later on in this function.
  SSL_CTX_flush_sessions(ctx, 0);
+  SSL_CTX_set_tls13_variant(ctx, tls13_default);

  bssl::UniquePtr<SSL> ssl(SSL_new(ctx));
  if (is_server) {
@ -89,6 +94,18 @@ static inline bssl::UniquePtr<SSL> SetupTest(CBS *cbs, SSL_CTX *ctx,
        }
        SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, nullptr);
        break;
+
+      case kTLS13Variant: {
+        uint8_t variant;
+        if (!CBS_get_u8(cbs, &variant)) {
+          return nullptr;
+        }
+        SSL_CTX_set_tls13_variant(ctx, static_cast<tls13_variant_t>(variant));
+        break;
+      }
+
+      default:
+        return nullptr;
    }
  }
 }