commit dfb83475879120a332450b32cf0fd415060978b0
author Robert Swiecki <robert@swiecki.net> Fri May 10 18:12:09 2019 +0200
committer Robert Swiecki <robert@swiecki.net> Fri May 10 18:12:09 2019 +0200
tree fab6e063ff1fb4a8d1040f3c4007e7e75b47a173
parent f36afafab27565bd4813196947886c84956b2e20

examples/openssl: libressl supports 1.3 with a macro

examples/openssl/client.c

diff --git a/examples/openssl/client.c b/examples/openssl/client.c
index 914fa45..a3a85b1 100644
--- a/examples/openssl/client.c
+++ b/examples/openssl/client.c
@@ -579,10 +579,8 @@
     SSL_set_renegotiate_mode(client, ssl_renegotiate_freely);
 #endif /* defined(HF_SSL_IS_BORINGSSL) */
 
-#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
     SSL_set_min_proto_version(client, SSL3_VERSION);
     SSL_set_max_proto_version(client, TLS1_3_VERSION);
-#endif  // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
 
 #if defined(HF_SSL_FROM_STDIN)
     BIO* in = BIO_new(BIO_s_fd());

examples/openssl/make.sh

diff --git a/examples/openssl/make.sh b/examples/openssl/make.sh
index e2d15a3..19d499c 100755
--- a/examples/openssl/make.sh
+++ b/examples/openssl/make.sh
@@ -10,7 +10,7 @@
 OS=`uname -s`
 CC="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang"
 CXX="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang++"
-COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG \
+COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG -DLIBRESSL_HAS_TLS1_3 \
 	-O3 -g -DFuzzerInitialize=LLVMFuzzerInitialize -DFuzzerTestOneInput=LLVMFuzzerTestOneInput \
 	-I./$DIR/include -I$HFUZZ_SRC/examples/openssl -I$HFUZZ_SRC"
 COMMON_LDFLAGS="-lpthread -lz -Wl,-z,now"

examples/openssl/server.c

diff --git a/examples/openssl/server.c b/examples/openssl/server.c
index 00b2098..fe117ba 100644
--- a/examples/openssl/server.c
+++ b/examples/openssl/server.c
@@ -8,6 +8,7 @@
 #include <openssl/err.h>
 #include <openssl/rand.h>
 #include <openssl/ssl.h>
+#include <openssl/tls1.h>
 #include <stdint.h>
 #include <string.h>
 #include <unistd.h>
@@ -524,6 +525,17 @@
     return SSL_TLSEXT_ERR_OK;
 }
 
+static int session_id_callback(
+#if defined(HF_SSL_IS_LIBRESSL)
+    const
+#endif /* defined(HF_SSL_IS_LIBRESSL) */
+    SSL* ssl,
+    unsigned char* id, unsigned int* id_len) {
+    static unsigned char sess_cnt = 'A';
+    memset(id, sess_cnt++, *id_len);
+    return 1;
+}
+
 int LLVMFuzzerInitialize(int* argc, char*** argv) {
     HFInit();
     HFResetRand();
@@ -607,6 +619,10 @@
     opts |= SSL_OP_ALL;
     SSL_CTX_set_options(ctx, opts);
 
+#if !defined(HF_SSL_IS_BORINGSSL)
+    SSL_CTX_set_generate_session_id(ctx, session_id_callback);
+#endif /* !defined(HF_SSL_IS_BORINGSSL) */
+
     return 1;
 }
 
@@ -617,10 +633,8 @@
 
     SSL* server = SSL_new(ctx);
 
-#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
     SSL_set_min_proto_version(server, SSL3_VERSION);
     SSL_set_max_proto_version(server, TLS1_3_VERSION);
-#endif  // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
 
 #if defined(HF_SSL_FROM_STDIN)
     BIO* in = BIO_new(BIO_s_fd());