diff options
| author | David Benjamin <davidben@google.com> | 2016-09-22 07:11:43 +0300 |
|---|---|---|
| committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2016-09-23 00:14:00 +0300 |
| commit | 01a905717c39d155ccb3f3d568f6817badea30a6 (patch) | |
| tree | 9e3c3495cba6bcd559e2fbcfa648c3554e908323 | |
| parent | ac5e47f300b7c59e6d9073efd287bf85a78288a7 (diff) | |
Fix remaining non-determinism in fuzzer transcripts.
Both the C and Go code were sampling the real clock. With this, two
successive iterations of runner transcripts give the same output.
Change-Id: I4d9e219e863881bf518c5ac199dce938a49cdfaa
Reviewed-on: https://boringssl-review.googlesource.com/11222
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
| -rw-r--r-- | FUZZING.md | 2 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 5 | ||||
| -rw-r--r-- | ssl/ssl_session.c | 5 | ||||
| -rw-r--r-- | ssl/test/runner/runner.go | 3 |
4 files changed, 12 insertions, 3 deletions
@@ -60,4 +60,6 @@ When `-DFUZZ=1` is passed into CMake, BoringSSL builds with `BORINGSSL_UNSAFE_FU * Treat every cipher as the NULL cipher. +* Use a hard-coded time instead of the actual time. + This is to prevent the fuzzer from getting stuck at a cryptographic invariant in the protocol. diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 6ec7d257..a51688de 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3013,7 +3013,10 @@ void ssl_get_current_time(const SSL *ssl, struct timeval *out_clock) { return; } -#if defined(OPENSSL_WINDOWS) +#if defined(BORINGSSL_UNSAFE_FUZZER_MODE) + out_clock->tv_sec = 1234; + out_clock->tv_usec = 1234; +#elif defined(OPENSSL_WINDOWS) struct _timeb time; _ftime(&time); out_clock->tv_sec = time.time; diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c index 78dfeab6..1e7f432f 100644 --- a/ssl/ssl_session.c +++ b/ssl/ssl_session.c @@ -234,6 +234,9 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) { memcpy(new_session->peer_sha256, session->peer_sha256, SHA256_DIGEST_LENGTH); new_session->peer_sha256_valid = session->peer_sha256_valid; + new_session->timeout = session->timeout; + new_session->time = session->time; + /* Copy non-authentication connection properties. */ if (dup_flags & SSL_SESSION_INCLUDE_NONAUTH) { new_session->session_id_length = session->session_id_length; @@ -241,8 +244,6 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) { session->session_id_length); new_session->key_exchange_info = session->key_exchange_info; - new_session->timeout = session->timeout; - new_session->time = session->time; if (session->tlsext_hostname != NULL) { new_session->tlsext_hostname = BUF_strdup(session->tlsext_hostname); diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go index ba337d20..162b15ed 100644 --- a/ssl/test/runner/runner.go +++ b/ssl/test/runner/runner.go @@ -442,6 +442,9 @@ func doExchange(test *testCase, config *Config, conn net.Conn, isResume bool) er if *fuzzer { config.Bugs.NullAllCiphers = true } + if *deterministic { + config.Time = func() time.Time { return time.Unix(1234, 1234) } + } conn = &timeoutConn{conn, *idleTimeout} |