From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 security/nss/fuzz/tls_server_config.cc | 46 ++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 security/nss/fuzz/tls_server_config.cc

(limited to 'security/nss/fuzz/tls_server_config.cc')

diff --git a/security/nss/fuzz/tls_server_config.cc b/security/nss/fuzz/tls_server_config.cc
new file mode 100644
index 0000000000..fffb27b635
--- /dev/null
+++ b/security/nss/fuzz/tls_server_config.cc
@@ -0,0 +1,46 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "tls_server_config.h"
+
+const uint64_t CONFIG_ENABLE_EXTENDED_MS = 0x01;
+const uint64_t CONFIG_REQUEST_CERTIFICATE = 0x02;
+const uint64_t CONFIG_REQUIRE_CERTIFICATE = 0x04;
+const uint64_t CONFIG_ENABLE_DEFLATE = 0x08;
+const uint64_t CONFIG_ENABLE_CBC_RANDOM_IV = 0x10;
+const uint64_t CONFIG_REQUIRE_SAFE_NEGOTIATION = 0x20;
+const uint64_t CONFIG_ENABLE_CACHE = 0x40;
+
+// XOR 64-bit chunks of data to build a bitmap of config options derived from
+// the fuzzing input. This seems the only way to fuzz various options while
+// still maintaining compatibility with BoringSSL or OpenSSL fuzzers.
+ServerConfig::ServerConfig(const uint8_t* data, size_t len) {
+  for (size_t i = 0; i < len; i++) {
+    config_ ^= static_cast<uint64_t>(data[i]) << (8 * (i % 8));
+  }
+}
+
+bool ServerConfig::EnableExtendedMasterSecret() {
+  return config_ & CONFIG_ENABLE_EXTENDED_MS;
+}
+
+bool ServerConfig::RequestCertificate() {
+  return config_ & CONFIG_REQUEST_CERTIFICATE;
+}
+
+bool ServerConfig::RequireCertificate() {
+  return config_ & CONFIG_REQUIRE_CERTIFICATE;
+}
+
+bool ServerConfig::EnableDeflate() { return config_ & CONFIG_ENABLE_DEFLATE; }
+
+bool ServerConfig::EnableCbcRandomIv() {
+  return config_ & CONFIG_ENABLE_CBC_RANDOM_IV;
+}
+
+bool ServerConfig::RequireSafeNegotiation() {
+  return config_ & CONFIG_REQUIRE_SAFE_NEGOTIATION;
+}
+
+bool ServerConfig::EnableCache() { return config_ & CONFIG_ENABLE_CACHE; }
-- 
cgit v1.2.3