Commit Graph

87 Commits

Author SHA1 Message Date
Joshua Liebow-Feeser
8c7c6356e6 Support symbol prefixes
- In base.h, if BORINGSSL_PREFIX is defined, include
  boringssl_prefix_symbols.h
- In all .S files, if BORINGSSL_PREFIX is defined, include
  boringssl_prefix_symbols_asm.h
- In base.h, BSSL_NAMESPACE_BEGIN and BSSL_NAMESPACE_END are
  defined with appropriate values depending on whether
  BORINGSSL_PREFIX is defined; these macros are used in place
  of 'namespace bssl {' and '}'
- Add util/make_prefix_headers.go, which takes a list of symbols
  and auto-generates the header files mentioned above
- In CMakeLists.txt, if BORINGSSL_PREFIX and BORINGSSL_PREFIX_SYMBOLS
  are defined, run util/make_prefix_headers.go to generate header
  files
- In various CMakeLists.txt files, add "global_target" that all
  targets depend on to give us a place to hook logic that must run
  before all other targets (in particular, the header file generation
  logic)
- Document this in BUILDING.md, including the fact that it is
  the caller's responsibility to provide the symbol list and keep it
  up to date
- Note that this scheme has not been tested on Windows, and likely
  does not work on it; Windows support will need to be added in a
  future commit

Change-Id: If66a7157f46b5b66230ef91e15826b910cf979a2
Reviewed-on: https://boringssl-review.googlesource.com/31364
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2018-09-06 20:07:52 +00:00
David Benjamin
8cd61f710b Fix corner case in cpuinfo parser.
I realized looking at the sigalgs parser that I messed up the
space-splitting logic slightly. If the CPU features are "foo bar baz",
it would not parse "baz". This doesn't particular matter (the last one
is "crc32"), but better to parse it correctly.

Fix this and add a unit test. While I'm here, may as well add a fuzzer
too.

Change-Id: Ifc1603b8f70d975f391d10e51ede95deec31a83d
Reviewed-on: https://boringssl-review.googlesource.com/31464
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2018-09-05 00:00:14 +00:00
Adam Langley
9c969bf491 Switch to Clang 6.0's fuzzer support.
With Clang 6.0, libFuzzer is now included and there's a new
-fsanitize=fuzzer command to enable the needed compiler actions.

Change-Id: If8c0d649f494655c5bb1e55ebdbf39450940c75b
Reviewed-on: https://boringssl-review.googlesource.com/31324
Reviewed-by: David Benjamin <davidben@google.com>
2018-08-27 17:18:56 +00:00
David Benjamin
367115b056 Fix SSL_CTX_set1_sigalgs fuzzer and make them all more type-safe.
The size of an int is 4, not 2. To avoid worrying about this, add a GetVector
counterpart to GetString that handles all this. Apply this uniformly to avoid
all the pointer casts. This is less important for vector<uint8_t>, but even
then we'll now notice a 1-byte OOB read since std::string is NUL-terminated.
Also it's shorter.

Change-Id: Ie96591cb8d8d52742f5fd30d70b6af0511109585
Reviewed-on: https://boringssl-review.googlesource.com/30864
Reviewed-by: Adam Langley <agl@google.com>
2018-08-10 18:24:36 +00:00
David Benjamin
ddedf6d455 Fix SSL_CTX_set1_sigalgs_list fuzzer.
SSL_CTX_set1_sigalgs_list wants a NUL-terminated string, so we need to use
GetString to give it one.

Bug: oss-fuzz:9808
Change-Id: Id7f676aa514c36de9dea900763db3cbbf5c79a4c
Reviewed-on: https://boringssl-review.googlesource.com/30804
Reviewed-by: Adam Langley <agl@google.com>
2018-08-10 14:44:43 +00:00
Adam Langley
826ce15092 Support OpenSSL APIs SSL[_CTX]_set1_sigalgs[_list].
These functions can be used to configure the signature algorithms. One
of them is a string mini-languaging parsing function, which we generally
dislike because it defeats static analysis. However, some dependent
projects (in this case TensorFlow) need it and we also dislike making
people patch.

Change-Id: I13f990c896a7f7332d78b1c351357d418ade8d11
Reviewed-on: https://boringssl-review.googlesource.com/30304
Reviewed-by: Steven Valdez <svaldez@google.com>
2018-08-09 16:57:09 +00:00
Adam Langley
c7db3232c3 Add “bssl::” prefix to |UpRef| and |PushToStack| in fuzzer code.
Change-Id: Ie3ed310869f3068d5be8292448a27679fa91a7a7
Reviewed-on: https://boringssl-review.googlesource.com/29624
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-07-05 14:36:02 +00:00
David Benjamin
2908dd141f Add bssl::UpRef.
bssl::UniquePtr and FOO_up_ref do not play well together. Add a helper
to simplify this. This allows us to write things like:

   foo->cert = UpRef(bar->cert);

instead of:

   if (bar->cert) {
     X509_up_ref(bar->cert.get());
   }
   foo->cert.reset(bar->cert.get());

This also plays well with PushToStack. To append something to a stack
while taking a reference, it's just:

   PushToStack(certs, UpRef(cert))

Change-Id: I99ae8de22b837588a2d8ffb58f86edc1d03ed46a
Reviewed-on: https://boringssl-review.googlesource.com/29584
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2018-07-03 22:47:36 +00:00
David Benjamin
982279b366 Add a PKCS#12 fuzzer.
Change-Id: Iee3a3d46d283bd6cbb46940e630916aacdd71db6
Reviewed-on: https://boringssl-review.googlesource.com/28552
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-05-15 23:58:32 +00:00
David Benjamin
370bb35627 Refresh TLS fuzzer corpora.
Change-Id: I2a1db17aa667c98a7de66ff5af5c76e13c5b8976
Reviewed-on: https://boringssl-review.googlesource.com/28504
Reviewed-by: David Benjamin <davidben@google.com>
2018-05-14 22:53:55 +00:00
Matthew Braithwaite
d4e091ece9 Refresh TLS fuzzer corpora.
Change-Id: I3c013d10f0dbd2a46c5e7d62ecff40e6b7e2be8a
Reviewed-on: https://boringssl-review.googlesource.com/28144
Reviewed-by: David Benjamin <davidben@google.com>
2018-05-10 19:16:35 +00:00
Matthew Braithwaite
a2dd781884 Defer writing the shim settings.
This is prefactoring for a coming change to the shim that will write
handoff and handback messages (which are serialized SSLConnection
objects) to the transcript.

This breaks the slightly tenuous ordering between the runner and the
shim. Fix the runner to wait until the shim has exited before
appending the transcript.

Change-Id: Iae34d28ec1addfe3ec4f3c77008248fe5530687c
Reviewed-on: https://boringssl-review.googlesource.com/27184
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-05-01 19:49:46 +00:00
David Benjamin
a63d0ad40d Require BN_mod_exp_mont* inputs be reduced.
If the caller asked for the base to be treated as secret, we should
provide that. Allowing unbounded inputs is not compatible with being
constant-time.

Additionally, this aligns with the guidance here:
https://github.com/HACS-workshop/spectre-mitigations/blob/master/crypto_guidelines.md#1-do-not-conditionally-choose-between-constant-and-non-constant-time

Update-Note: BN_mod_exp_mont_consttime and BN_mod_exp_mont now require
inputs be fully reduced. I believe current callers tolerate this.

Additionally, due to a quirk of how certain operations were ordered,
using (publicly) zero exponent tolerated a NULL BN_CTX while other
exponents required non-NULL BN_CTX. Non-NULL BN_CTX is now required
uniformly. This is unlikely to cause problems. Any call site where the
exponent is always zero should just be replaced with BN_value_one().

Change-Id: I7c941953ea05f36dc2754facb9f4cf83a6789c61
Reviewed-on: https://boringssl-review.googlesource.com/27665
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
2018-04-24 18:29:29 +00:00
David Benjamin
f4b708cc1e Add a function which folds BN_MONT_CTX_{new,set} together.
These empty states aren't any use to either caller or implementor.

Change-Id: If0b748afeeb79e4a1386182e61c5b5ecf838de62
Reviewed-on: https://boringssl-review.googlesource.com/25254
Reviewed-by: Adam Langley <agl@google.com>
2018-02-02 20:23:25 +00:00
David Benjamin
287ac180ee Refresh fuzzer corpora.
The TLS 1.3 variants got renumbered (and many dropped).

Change-Id: I75f63e7188bb22eb115e7f4393e67dc696c013c5
Reviewed-on: https://boringssl-review.googlesource.com/24246
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
2017-12-18 21:54:26 +00:00
David Benjamin
fc9c67599d Bound the input to the bn_mod_exp fuzzer.
This is not a speedy operation, so the fuzzers need a bit of help to
avoid timeouts.

Bug: chromium:786049
Change-Id: Ib56281b63eb6c895057f21254f0cc7c5c2d85ee4
Reviewed-on: https://boringssl-review.googlesource.com/23484
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-11-28 21:48:00 +00:00
David Benjamin
ca8c2c7eab Refresh TLS fuzzer corpora.
Change-Id: Ie5055d6d1d33690f27cdd978a0aa696307880579
Reviewed-on: https://boringssl-review.googlesource.com/22964
Reviewed-by: Steven Valdez <svaldez@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
2017-11-11 06:34:10 +00:00
David Benjamin
af92418b8b Generate bn_div and bn_mod_exp corpus from bn_tests.txt.
Also switch them to accepting a u16 length prefix. We appear not to have
any such tests right now, but RSA-2048 would involve modulus well larger
and primes just a hair larger than a u8 length prefix alows.

Change-Id: Icce8f1d976e159b945302fbba732e72913c7b724
Reviewed-on: https://boringssl-review.googlesource.com/22284
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-10-27 18:57:48 +00:00
Steven Valdez
7f8c553d7f Add BN fuzzer.
Change-Id: I09396e34d09a71bed40eefece1eae90ba2b5086f
Reviewed-on: https://boringssl-review.googlesource.com/21024
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-10-23 16:38:28 +00:00
David Benjamin
9c2b36adbd Refresh fuzzer corpus.
Change-Id: I547a46f77f732befe6731e7862e429568c033151
Reviewed-on: https://boringssl-review.googlesource.com/20225
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
2017-09-12 19:32:13 +00:00
David Benjamin
2978d055f6 Refresh TLS fuzzer corpus.
In particular, this starts a new DTLS corpus.

Bug: 124
Change-Id: I0fa0b38ac1cd213cef99badde693e75ed7357ab4
Reviewed-on: https://boringssl-review.googlesource.com/20108
Reviewed-by: David Benjamin <davidben@google.com>
2017-09-07 22:27:24 +00:00
David Benjamin
2ff44b183a Add DTLS fuzzers.
Bug: 124
Change-Id: Iff02be9df2806572e6d3f860b448f598f85778c3
Reviewed-on: https://boringssl-review.googlesource.com/20107
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-07 22:26:50 +00:00
David Benjamin
a196ea15af Share all of fuzz/{client,server}.cc into fuzzer.h.
There's a lot of duplicated code between the two. This is in preparation
for adding two more of these fuzzers, this time for DTLS.

Bug: 124
Change-Id: I8ca2a02d599e2c88e30838d04b7cf07d4221aa76
Reviewed-on: https://boringssl-review.googlesource.com/20106
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-07 22:14:12 +00:00
David Benjamin
e2daba6d20 Run the comment converter on fuzz/ and tool/
Change-Id: I5ff73db09cc2871fca9cc18a74ad52636c6e753d
Reviewed-on: https://boringssl-review.googlesource.com/19485
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-08-18 16:42:13 +00:00
David Benjamin
65b87ce4f6 Remove internal uses of SSLv23_*.
Change-Id: I69157b5e2527a2f92fc7b4b924a36e3399d043db
Reviewed-on: https://boringssl-review.googlesource.com/19444
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-08-18 00:15:10 +00:00
David Benjamin
03fe3697f7 Refresh TLS fuzzer corpora.
Change-Id: I57103cc55011903d512cc97a6d489230d01f2f70
Reviewed-on: https://boringssl-review.googlesource.com/17885
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-07-14 20:21:33 +00:00
David Benjamin
3ba4fb47e6 Build the fuzzers with -Wno-missing-prototypes.
There's not much point in enforcing this on these files, and clang
complains about LLVMFuzzerTestOneInput.

Change-Id: Ieae3287d7f7cd9736efd2b9fc11d0e6d89fcfa43
Reviewed-on: https://boringssl-review.googlesource.com/17806
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
2017-07-14 20:10:47 +00:00
David Benjamin
812b197ae1 Refresh TLS fuzzer corpus.
Change-Id: Ida96d4e5d9de089e61525954f7639c36b9da56b2
Reviewed-on: https://boringssl-review.googlesource.com/17710
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-07-11 14:54:12 +00:00
David Benjamin
7d7ed9f51b Refresh TLS fuzzer corpora.
These are re-recorded with the new fuzzer format.

Bug: 104
Change-Id: I00798f8f2026ae4570ffdcdae4a47999fd277212
Reviewed-on: https://boringssl-review.googlesource.com/17535
Reviewed-by: David Benjamin <davidben@google.com>
2017-07-05 23:49:44 +00:00
David Benjamin
cd4d981bba Update the existing corpora for the format change.
This was done by prepending each file with kDataTag, or 0x0000. This
causes them to behave as they did before the fuzzer updates.

Bug: 104
Change-Id: Ic768606911e1310fb59bed647990c237fe15776b
Reviewed-on: https://boringssl-review.googlesource.com/17534
Reviewed-by: David Benjamin <davidben@google.com>
2017-07-05 23:48:54 +00:00
David Benjamin
09114ae285 Restore SSLv3 fuzzer coverage.
So long as the code is there, it should be fuzzed.

Bug: 104
Change-Id: Iffaa832cc50c2d3c064eb511ba3a133d7f5758f2
Reviewed-on: https://boringssl-review.googlesource.com/17533
Reviewed-by: David Benjamin <davidben@google.com>
2017-07-05 23:48:48 +00:00
David Benjamin
0fde2eb0e3 Update TLS fuzzer format with prepended settings.
This allows us to fill in holes in our fuzzer coverage, notably client
resumption (and thus early data) and server client certificates. The
corpora are not refreshed yet. This will be done in upcoming changes.

Also add an option for debugging fuzzers. It's very useful to test it on
transcripts and make sure that fuzzer mode successfully makes things
compatible.

Bug: 104
Change-Id: I02f0be4045d1baf68efc9a4157f573df1429575d
Reviewed-on: https://boringssl-review.googlesource.com/17531
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-07-05 23:48:26 +00:00
David Benjamin
b0bb83a583 Bound ssl_ctx_api more aggressively.
OpenSSL's d2i_X509 parser is amazingly slow. Only do about 10,000 of
them, not 1,000,000.

BUG=chromium:729419

Change-Id: I7034c3dde7d5c5681986af2ab5e516e54553d3c6
Reviewed-on: https://boringssl-review.googlesource.com/16905
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-06 20:50:55 +00:00
David Benjamin
6da9eaeef1 Bound expensive opcodes in ssl_ctx_api.
The fuzzers are timing out on inputs that spam SSL_CTX_add1_chain_cert
and SSL_CTX_get0_chain_certs. In our current X509* caching
implementation, this can be quadratic. As this is an API fuzzer, not an
actual attack surface, this is not of much interest in itself, but
bounding this will let the fuzzers fuzz faster.

Change-Id: I3e27e938c413e5a0e8e6c7fad641f17c152dac39
Reviewed-on: https://boringssl-review.googlesource.com/16887
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-05 21:49:27 +00:00
David Benjamin
74cd5d98cc Refresh fuzzer corpus.
Change-Id: I7505fbfbc3e9d0f70b7a0ca1a97e0e9bdcd0f2a4
Reviewed-on: https://boringssl-review.googlesource.com/16129
Reviewed-by: Adam Langley <agl@google.com>
2017-05-10 17:06:02 +00:00
David Benjamin
8b0515b0f1 Fix fuzzer build.
I'm going to work on adding these to CI, since we keep breaking it on
accident.

Change-Id: I9acd4d3fa7b00c4f0cb0f187dae6bb9c51997515
Reviewed-on: https://boringssl-review.googlesource.com/16125
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-05-10 15:18:01 +00:00
David Benjamin
71c21b4300 Add SSL_CTX_set_verify_algorithm_prefs.
When writing tests and BoGo isn't available, it is useful to be able to
configure the set of signature algorithms accepted on the verify side.
Add an API for this.

Change-Id: Ic873189da7f8853e412acd68614df9d9a872a0c8
Reviewed-on: https://boringssl-review.googlesource.com/15125
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-14 21:40:24 +00:00
Matthew Braithwaite
7e06de5d2d Really remove DHE ciphersuites from TLS.
This follows up on cedc6f18 by removing support for the
-DBORINGSSL_ENABLE_DHE_TLS compile flag, and the code needed to
support it.

Change-Id: I53b6aa7a0eddd23ace8b770edb2a31b18ba2ce26
Reviewed-on: https://boringssl-review.googlesource.com/14886
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-11 23:41:31 +00:00
David Benjamin
cbfd3c044c Refresh fuzzer corpora.
Change-Id: I04babe31dcea8198a88c8affd5f9f9e24e449e4a
Reviewed-on: https://boringssl-review.googlesource.com/14526
Reviewed-by: Steven Valdez <svaldez@google.com>
2017-03-30 16:55:36 +00:00
David Benjamin
fef78b0356 Use an actual SCT for fuzzing.
SSL_CTX_set_signed_cert_timestamp_list fails now if its input is not
well-formed.

Change-Id: I84a4034f66868da11f98bf33e5b7f5c9fc958933
Reviewed-on: https://boringssl-review.googlesource.com/14484
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-29 23:00:36 +00:00
Steven Valdez
a507617e4d Adding server fuzzer for early data.
Since any ALPN mismatch and other cause for early data rejection will
cause the server to revert to the non-early data path, this is safe to
flip on for all the fuzzers.

BUG=76

Change-Id: I573740ef8f455915820943d82247fb6bfc37ae41
Reviewed-on: https://boringssl-review.googlesource.com/14465
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-29 22:51:46 +00:00
Steven Valdez
924a352d1b Remove experimental TLS 1.3 short record header extension.
Due to middlebox and ecosystem intolerance, short record headers are going to
be unsustainable to deploy.

BUG=119

Change-Id: I20fee79dd85bff229eafc6aeb72e4f33cac96d82
Reviewed-on: https://boringssl-review.googlesource.com/14044
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-02 22:39:17 +00:00
Steven Valdez
9ea9f9ce51 Updating fuzzer corpus
Change-Id: Iaf31cc5978322fb45aca43b39178ac998dabb11a
Reviewed-on: https://boringssl-review.googlesource.com/14064
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-02 22:26:38 +00:00
Matthew Braithwaite
a57dcfb69c Add new cipherlist-setting APIs that reject nonsense.
The new APIs are SSL_CTX_set_strict_cipher_list() and
SSL_set_strict_cipher_list().  They have two motivations:

First, typos in cipher lists can go undetected for a long time, and
can have surprising consequences when silently ignored.

Second, there is a tendency to use superstition in the construction of
cipher lists, for example by "turning off" things that do not actually
exist.  This leads to the corrosive belief that DEFAULT and ALL ought
not to be trusted.  This belief is false.

Change-Id: I42909b69186e0b4cf45457e5c0bc968f6bbf231a
Reviewed-on: https://boringssl-review.googlesource.com/13925
Commit-Queue: Matt Braithwaite <mab@google.com>
Reviewed-by: Matt Braithwaite <mab@google.com>
2017-02-22 00:09:27 +00:00
Adam Langley
46db7af2c9 Remove |X509| things from SSL_SESSION.
|SSL_SESSION_from_bytes| now takes an |SSL_CTX*|, from which it uses the
|X509_METHOD| and buffer pool. This is our API so we can do this.

This also requires adding an |SSL_CTX*| argument to |SSL_SESSION_new|
for the same reason. However, |SSL_SESSION_new| already has very few
callers (and none in third-party code that I can see) so I think we can
get away with this.

Change-Id: I1337cd2bd8cff03d4b9405ea3146b3b59584aa72
Reviewed-on: https://boringssl-review.googlesource.com/13584
Reviewed-by: Adam Langley <alangley@gmail.com>
Commit-Queue: Adam Langley <alangley@gmail.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-02-10 19:12:04 +00:00
Adam Langley
b7d53ba268 Add “const” to |SSL_SESSION| fuzzer.
(Found by UBSAN.)

Change-Id: Ia11d5edc3c6dd7ac9a05a181ed649a4da2f278b8
2017-02-06 09:37:05 -08:00
David Benjamin
235944126f Refresh fuzzer corpus.
This picks up the short header stuff and any changes made in the
meantime.

Change-Id: Ia2ea680632f3f6c6c759a8f0606a9394ae85c92d
Reviewed-on: https://boringssl-review.googlesource.com/12972
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <alangley@gmail.com>
2016-12-22 03:19:35 +00:00
David Benjamin
4c592d8f33 Enable short header negotiation in fuzzers.
Change-Id: Ib777dcc80c7acd6dc1eda1c211b91e5428b83df1
Reviewed-on: https://boringssl-review.googlesource.com/12971
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <alangley@gmail.com>
2016-12-22 03:19:23 +00:00
David Benjamin
65fb425811 Remove version-specific cipher lists.
There are no longer any consumers of these APIs.

These were useful back when the CBC vs. RC4 tradeoff varied by version
and it was worth carefully tuning this cutoff. Nowadays RC4 is
completely gone and there's no use in configuring these anymore.

To avoid invalidating the existing ssl_ctx_api corpus and requiring it
regenerated, I've left the entries in there. It's probably reasonable
for new API fuzzers to reuse those slots.

Change-Id: I02bf950e3828062341e4e45c8871a44597ae93d5
Reviewed-on: https://boringssl-review.googlesource.com/12880
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2016-12-16 19:11:02 +00:00
David Benjamin
2ad3c989e8 Merge in upstream's certificate corpus.
This was done by running:

  ./fuzz/cert -merge=1 ../fuzz/cert_corpus ~/openssl/fuzz/corpora/x509

I bumped the max_len while doing so because some of those are rather
large.

Change-Id: Ic2caa09d5ff9ab05b46363940a91a03f270cbad8
Reviewed-on: https://boringssl-review.googlesource.com/12682
Reviewed-by: Adam Langley <agl@google.com>
2016-12-12 21:41:00 +00:00