boringssl/fuzz
Matthew Braithwaite a57dcfb69c Add new cipherlist-setting APIs that reject nonsense.
The new APIs are SSL_CTX_set_strict_cipher_list() and
SSL_set_strict_cipher_list().  They have two motivations:

First, typos in cipher lists can go undetected for a long time, and
can have surprising consequences when silently ignored.

Second, there is a tendency to use superstition in the construction of
cipher lists, for example by "turning off" things that do not actually
exist.  This leads to the corrosive belief that DEFAULT and ALL ought
not to be trusted.  This belief is false.

Change-Id: I42909b69186e0b4cf45457e5c0bc968f6bbf231a
Reviewed-on: https://boringssl-review.googlesource.com/13925
Commit-Queue: Matt Braithwaite <mab@google.com>
Reviewed-by: Matt Braithwaite <mab@google.com>
2017-02-22 00:09:27 +00:00
..
cert_corpus Merge in upstream's certificate corpus. 2016-12-12 21:41:00 +00:00
client_corpus Refresh fuzzer corpus. 2016-12-22 03:19:35 +00:00
client_corpus_no_fuzzer_mode Refresh fuzzer corpus. 2016-12-22 03:19:35 +00:00
pkcs8_corpus
privkey_corpus
read_pem_corpus
server_corpus Refresh fuzzer corpus. 2016-12-22 03:19:35 +00:00
server_corpus_no_fuzzer_mode Refresh fuzzer corpus. 2016-12-22 03:19:35 +00:00
session_corpus Adding a fuzzer for Sessions 2016-12-01 20:22:56 +00:00
spki_corpus
ssl_ctx_api_corpus Add a fuzzer for the SSL_CTX API. 2016-10-04 23:07:09 +00:00
cert.cc ERR_clear_error at the end of each fuzzer. 2016-10-13 23:20:40 +00:00
client.cc Add new cipherlist-setting APIs that reject nonsense. 2017-02-22 00:09:27 +00:00
CMakeLists.txt Adding a fuzzer for Sessions 2016-12-01 20:22:56 +00:00
minimise_corpuses.sh
pkcs8.cc ERR_clear_error at the end of each fuzzer. 2016-10-13 23:20:40 +00:00
privkey.cc ERR_clear_error at the end of each fuzzer. 2016-10-13 23:20:40 +00:00
read_pem.cc ERR_clear_error at the end of each fuzzer. 2016-10-13 23:20:40 +00:00
refresh_ssl_corpora.sh Add a script to refresh fuzzer corpora. 2016-11-15 07:01:34 +00:00
server.cc Add new cipherlist-setting APIs that reject nonsense. 2017-02-22 00:09:27 +00:00
session.cc Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
spki.cc ERR_clear_error at the end of each fuzzer. 2016-10-13 23:20:40 +00:00
ssl_ctx_api.cc Add new cipherlist-setting APIs that reject nonsense. 2017-02-22 00:09:27 +00:00