summaryrefslogtreecommitdiffstats
path: root/security/nss/fuzz/tls_common.cc
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 11:44:51 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-21 11:44:51 +0000
commit9e3c08db40b8916968b9f30096c7be3f00ce9647 (patch)
treea68f146d7fa01f0134297619fbe7e33db084e0aa /security/nss/fuzz/tls_common.cc
parentInitial commit. (diff)
downloadthunderbird-upstream.tar.xz
thunderbird-upstream.zip
Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/fuzz/tls_common.cc')
-rw-r--r--security/nss/fuzz/tls_common.cc57
1 files changed, 57 insertions, 0 deletions
diff --git a/security/nss/fuzz/tls_common.cc b/security/nss/fuzz/tls_common.cc
new file mode 100644
index 0000000000..b00ab26bf6
--- /dev/null
+++ b/security/nss/fuzz/tls_common.cc
@@ -0,0 +1,57 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <assert.h>
+
+#include "ssl.h"
+#include "sslexp.h"
+
+#include "tls_common.h"
+
+static PRTime FixedTime(void*) { return 1234; }
+
+// Fix the time input, to avoid any time-based variation.
+void FixTime(PRFileDesc* fd) {
+ SECStatus rv = SSL_SetTimeFunc(fd, FixedTime, nullptr);
+ assert(rv == SECSuccess);
+}
+
+PRStatus EnableAllProtocolVersions() {
+ SSLVersionRange supported;
+
+ SECStatus rv = SSL_VersionRangeGetSupported(ssl_variant_stream, &supported);
+ assert(rv == SECSuccess);
+
+ rv = SSL_VersionRangeSetDefault(ssl_variant_stream, &supported);
+ assert(rv == SECSuccess);
+
+ return PR_SUCCESS;
+}
+
+void EnableAllCipherSuites(PRFileDesc* fd) {
+ for (uint16_t i = 0; i < SSL_NumImplementedCiphers; ++i) {
+ SECStatus rv = SSL_CipherPrefSet(fd, SSL_ImplementedCiphers[i], true);
+ assert(rv == SECSuccess);
+ }
+}
+
+void DoHandshake(PRFileDesc* fd, bool isServer) {
+ SECStatus rv = SSL_ResetHandshake(fd, isServer);
+ assert(rv == SECSuccess);
+
+ do {
+ rv = SSL_ForceHandshake(fd);
+ } while (rv != SECSuccess && PR_GetError() == PR_WOULD_BLOCK_ERROR);
+
+ // If the handshake succeeds, let's read some data from the server, if any.
+ if (rv == SECSuccess) {
+ uint8_t block[1024];
+ int32_t nb;
+
+ // Read application data and echo it back.
+ while ((nb = PR_Read(fd, block, sizeof(block))) > 0) {
+ PR_Write(fd, block, nb);
+ }
+ }
+}