summaryrefslogtreecommitdiffstats
path: root/fuzz
diff options
context:
space:
mode:
authorKurt Roeckx <kurt@roeckx.be>2018-07-15 13:49:53 +0200
committerKurt Roeckx <kurt@roeckx.be>2018-07-17 00:01:00 +0200
commit07fc8d5207febe53c8203a8a89fb7ba006871a1b (patch)
tree97218253cef2310d1fd3dda72a25ece19327f722 /fuzz
parentEC2M Lopez-Dahab ladder: use it also for ECDSA verify (diff)
downloadopenssl-07fc8d5207febe53c8203a8a89fb7ba006871a1b.tar.xz
openssl-07fc8d5207febe53c8203a8a89fb7ba006871a1b.zip
Enable all protocols and ciphers in the fuzzer
The config file can override it. In case of the server, it needs to be set on the ctx or some of the other functions on the ctx might file. Reviewed-by: Rich Salz <rsalz@openssl.org> DH: #6718
Diffstat (limited to 'fuzz')
-rw-r--r--fuzz/client.c1
-rw-r--r--fuzz/server.c7
2 files changed, 6 insertions, 2 deletions
diff --git a/fuzz/client.c b/fuzz/client.c
index ce6d8cc85e..bc01f62231 100644
--- a/fuzz/client.c
+++ b/fuzz/client.c
@@ -73,6 +73,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
ctx = SSL_CTX_new(SSLv23_method());
client = SSL_new(ctx);
+ OPENSSL_assert(SSL_set_min_proto_version(client, 0) == 1);
OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1);
SSL_set_tlsext_host_name(client, "localhost");
in = BIO_new(BIO_s_mem());
diff --git a/fuzz/server.c b/fuzz/server.c
index 2f7403e277..7f9f9fa020 100644
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -534,6 +534,11 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
/* This only fuzzes the initial flow from the client so far. */
ctx = SSL_CTX_new(SSLv23_method());
+ ret = SSL_CTX_set_min_proto_version(ctx, 0);
+ OPENSSL_assert(ret == 1);
+ ret = SSL_CTX_set_cipher_list(ctx, "ALL:eNULL:@SECLEVEL=0");
+ OPENSSL_assert(ret == 1);
+
/* RSA */
bufp = kRSAPrivateKeyDER;
privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER));
@@ -602,8 +607,6 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
/* TODO: Set up support for SRP and PSK */
server = SSL_new(ctx);
- ret = SSL_set_cipher_list(server, "ALL:eNULL:@SECLEVEL=0");
- OPENSSL_assert(ret == 1);
in = BIO_new(BIO_s_mem());
out = BIO_new(BIO_s_mem());
SSL_set_bio(server, in, out);