examples/openssl: libressl supports 1.3 with a macro
diff --git a/examples/openssl/client.c b/examples/openssl/client.c
index 914fa45..a3a85b1 100644
--- a/examples/openssl/client.c
+++ b/examples/openssl/client.c
@@ -579,10 +579,8 @@
SSL_set_renegotiate_mode(client, ssl_renegotiate_freely);
#endif /* defined(HF_SSL_IS_BORINGSSL) */
-#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
SSL_set_min_proto_version(client, SSL3_VERSION);
SSL_set_max_proto_version(client, TLS1_3_VERSION);
-#endif // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
#if defined(HF_SSL_FROM_STDIN)
BIO* in = BIO_new(BIO_s_fd());
diff --git a/examples/openssl/make.sh b/examples/openssl/make.sh
index e2d15a3..19d499c 100755
--- a/examples/openssl/make.sh
+++ b/examples/openssl/make.sh
@@ -10,7 +10,7 @@
OS=`uname -s`
CC="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang"
CXX="$HFUZZ_SRC/hfuzz_cc/hfuzz-clang++"
-COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG \
+COMMON_FLAGS="-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE -DBORINGSSL_UNSAFE_FUZZER_MODE -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DBN_DEBUG -DLIBRESSL_HAS_TLS1_3 \
-O3 -g -DFuzzerInitialize=LLVMFuzzerInitialize -DFuzzerTestOneInput=LLVMFuzzerTestOneInput \
-I./$DIR/include -I$HFUZZ_SRC/examples/openssl -I$HFUZZ_SRC"
COMMON_LDFLAGS="-lpthread -lz -Wl,-z,now"
diff --git a/examples/openssl/server.c b/examples/openssl/server.c
index 00b2098..fe117ba 100644
--- a/examples/openssl/server.c
+++ b/examples/openssl/server.c
@@ -8,6 +8,7 @@
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
+#include <openssl/tls1.h>
#include <stdint.h>
#include <string.h>
#include <unistd.h>
@@ -524,6 +525,17 @@
return SSL_TLSEXT_ERR_OK;
}
+static int session_id_callback(
+#if defined(HF_SSL_IS_LIBRESSL)
+ const
+#endif /* defined(HF_SSL_IS_LIBRESSL) */
+ SSL* ssl,
+ unsigned char* id, unsigned int* id_len) {
+ static unsigned char sess_cnt = 'A';
+ memset(id, sess_cnt++, *id_len);
+ return 1;
+}
+
int LLVMFuzzerInitialize(int* argc, char*** argv) {
HFInit();
HFResetRand();
@@ -607,6 +619,10 @@
opts |= SSL_OP_ALL;
SSL_CTX_set_options(ctx, opts);
+#if !defined(HF_SSL_IS_BORINGSSL)
+ SSL_CTX_set_generate_session_id(ctx, session_id_callback);
+#endif /* !defined(HF_SSL_IS_BORINGSSL) */
+
return 1;
}
@@ -617,10 +633,8 @@
SSL* server = SSL_new(ctx);
-#if defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
SSL_set_min_proto_version(server, SSL3_VERSION);
SSL_set_max_proto_version(server, TLS1_3_VERSION);
-#endif // defined(HF_SSL_IS_OPENSSL_GE_1_1) || defined(HF_SSL_IS_BORINGSSL)
#if defined(HF_SSL_FROM_STDIN)
BIO* in = BIO_new(BIO_s_fd());