Damien Miller
698fe6fd61
update fuzzer example makefile to clang16
2024-01-08 14:46:19 +11:00
Damien Miller
fc332cb2d6
unbreak fuzzers - missing pkcs11_make_cert()
...
provide stub for use in fuzzer harness
2024-01-08 14:45:49 +11:00
Darren Tucker
0fa803a1dd
Prefer OpenSSL's SHA256 in sk-dummy.so
...
Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
built without OpenSSL. In many cases, however, including both libc's
and OpenSSL's headers together caused conflicting definitions.
We tried working around this (on OpenSSL <1.1 you could define
OPENSSL_NO_SHA, NetBSD had USE_LIBC_SHA2, various #define hacks) with
varying levels of success. Since OpenSSL >=1.1 removed OPENSSL_NO_SHA
and including most OpenSSL headers would bring sha.h in, even if it
wasn't used directly this was a constant hassle.
Admit defeat and use OpenSSL's SHA256 unless we aren't using OpenSSL at
all. ok djm@
2023-07-27 10:30:12 +10:00
Damien Miller
f3f56df8ec
agent_fuzz doesn't want stdint.h conditionalised
2023-07-19 12:07:18 +10:00
Damien Miller
750911fd31
conditionalise stdint.h inclusion on HAVE_STDINT_H
...
fixes build on AIX5 at least
2023-07-18 15:41:12 +10:00
dtucker@openbsd.org
b500afcf00
upstream: Remove compat code for OpenSSL 1.0.*
...
versions now that -portable has dropped support for those versions.
OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
2023-03-28 19:03:10 +11:00
Darren Tucker
727560e601
Prevent conflicts between Solaris SHA2 and OpenSSL.
...
We used to prevent conflicts between native SHA2 headers and OpenSSL's
by setting OPENSSL_NO_SHA but that was removed prior to OpenSSL 1.1.0
2023-03-28 19:03:03 +11:00
Darren Tucker
46db8e14b7
Remove HEADER_SHA_H from previous...
...
since it causes more problems than it solves.
2023-03-28 12:44:03 +11:00
Darren Tucker
72bd68d373
Replace OPENSSL_NO_SHA with HEADER_SHA_H.
...
Since this test doesn't use OpenSSL's SHA2 and may cause conflicts we
don't want to include it, but OPENSSL_NO_SHA was removed beginning in
OpenSSL's 1.1 series.
2023-03-28 10:35:18 +11:00
djm@openbsd.org
8ec2e31238
upstream: adapt to ed25519 changes in src/usr.bin/ssh
...
OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
2023-01-16 10:57:42 +11:00
Damien Miller
c46f6fed41
crank SSH_SK_VERSION_MAJOR in sk-dummy.so
2022-07-20 13:39:14 +10:00
Damien Miller
dc7bc52372
fix some bugs in the fuzzer
2022-05-30 09:29:20 +10:00
Damien Miller
9b3ad432ad
fuzzer for authorized_keys parsing
...
mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
makes sense to test this layer too
2022-05-27 17:00:43 +10:00
Damien Miller
253de42753
portable-specific string array constification
...
from Mike Frysinger
2022-02-02 16:52:07 +11:00
Damien Miller
715c892f0a
remove sys/param.h in -portable, after upstream
2021-12-22 09:02:50 +11:00
djm@openbsd.org
ed45a01686
upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
...
usr/bin/ssh
OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
2021-11-03 10:10:09 +11:00
djm@openbsd.org
ccd358e1e2
upstream: avoid signedness warning; spotted in -portable
...
OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
2021-10-29 14:25:32 +11:00
Damien Miller
a1217d363b
unbreak fuzz harness for recent changes
2021-10-29 13:48:59 +11:00
djm@openbsd.org
c5de1fffa6
upstream: increment SSH_SK_VERSION_MAJOR to match last change
...
OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
2021-10-28 13:57:52 +11:00
Darren Tucker
7cd062c3a2
Add USE_LIBC_SHA2 for (at least) NetBSD 9.
2021-10-06 17:45:28 +11:00
Darren Tucker
639c440f6c
Define OPENSSL_NO_SHA including OpenSSL from test.
...
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
2021-10-06 17:09:31 +11:00
djm@openbsd.org
e3e62deb54
upstream: use libc SHA256 functions; make this work when compiled
...
!WITH_OPENSSL
OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
2021-10-06 14:40:26 +11:00
Damien Miller
5a37cc118f
fix broken OPENSSL_HAS_ECC test
...
spotted by dtucker
2021-10-06 13:16:21 +11:00
Damien Miller
16a25414f3
make sk-dummy.so work without libcrypto installed
2021-10-01 22:40:06 +10:00
djm@openbsd.org
1fe4d70df9
upstream: remove this KEX fuzzer; it's awkward to use and doesn't play
...
nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
but me.
OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
2021-02-26 15:23:42 +11:00
Damien Miller
a5dfc5bae8
allow a fuzz case to contain more than one request
...
loop until input buffer empty, no message consumed or 256 messages
processed
2021-01-30 16:32:29 +11:00
Damien Miller
0ef24ad602
expect fuzz cases to have length prefix
...
might make life a little easier for the fuzzer, e.g. it can now
produce valid (multi-request) messages by smashing two cases together.
2021-01-30 16:28:23 +11:00
Damien Miller
de613f2713
ssh-agent fuzzer
2021-01-30 13:18:30 +11:00
Damien Miller
7e96c877bc
move keys out of kex_fuzz.cc into separate header
...
add certificates and missing key types
2021-01-30 12:02:46 +11:00
Damien Miller
76f46d7566
some fixed test data (mostly keys) for fuzzing
2021-01-30 12:02:10 +11:00
djm@openbsd.org
7c2e3d6de1
upstream: add a SK_DUMMY_INTEGRATE define that allows the dummy
...
security key middleware to be directly linked; useful for writing fuzzers,
etc.
OpenBSD-Regress-ID: 0ebd00159b58ebd85e61d8270fc02f1e45df1544
2021-01-30 11:58:38 +11:00
Damien Miller
1e660115f0
fuzz diffie-hellman-group-exchange-sha1 kex too
2021-01-29 11:09:14 +11:00
Damien Miller
be5f0048ea
support for running kex fuzzer with null cipher
2021-01-29 11:03:35 +11:00
Damien Miller
1134a48cdc
correct kex name in disabled code
2021-01-28 08:57:31 +11:00
anatasluo
1050109b4b
Remove duplicated declaration in fatal.c .
2021-01-12 07:08:26 +11:00
dtucker@openbsd.org
ba328bd7a6
upstream: Adjust kexfuzz to addr.c/addrmatch.c split.
...
OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
2021-01-11 15:24:31 +11:00
Damien Miller
5c1953bf98
adapt KEX fuzzer to PQ kex change
2020-12-29 12:40:54 +11:00
djm@openbsd.org
659864fe81
upstream: Adapt to replacement of
...
sntrup4591761x25519-sha512@tinyssh.org with
sntrup761x25519-sha512@openssh.com .
Also test sntrup761x25519-sha512@openssh.com in unittests/kex
OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
2020-12-29 12:39:40 +11:00
Damien Miller
a5ab499bd2
basic KEX fuzzer; adapted from Markus' unittest
2020-12-04 14:01:27 +11:00
Damien Miller
021ff33e38
use options that work with recent clang
2020-12-04 13:57:43 +11:00
djm@openbsd.org
816036f142
upstream: use the new variant log macros instead of prepending
...
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
Damien Miller
d55dfed34e
missing header
2020-10-17 22:55:24 +11:00
Damien Miller
999d7cb79a
sync regress/misc/sk-dummy/fatal.c
2020-10-17 22:47:52 +11:00
Damien Miller
0f938f9986
adapt sk-dummy's fatal implementation to changes
2020-10-17 11:42:26 +11:00
djm@openbsd.org
bbf20ac806
upstream: adapt to SSH_SK_VERSION_MAJOR crank
...
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
2020-09-09 13:12:29 +10:00
djm@openbsd.org
9cbbdc12cb
upstream: dummy firmware needs to match API version numner crank (for
...
verify-required resident keys) even though it doesn't implement this feature
OpenBSD-Regress-ID: 86579ea2891e18e822e204413d011b2ae0e59657
2020-08-27 12:16:23 +10:00
djm@openbsd.org
a01817a9f6
upstream: adapt dummy FIDO middleware to API change; ok markus@
...
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
2020-05-01 13:13:36 +10:00
djm@openbsd.org
9f8a42340b
upstream: this needs utf8.c too
...
OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
2020-04-03 15:46:13 +11:00
djm@openbsd.org
f73ab8a811
upstream: unbreak unittests for recent API / source file changes
...
OpenBSD-Regress-ID: 075a899a01bbf7781d38bf0b33d8366faaf6d3c0
2020-01-26 14:19:43 +11:00
Damien Miller
47160e1de8
unbreak fuzzer support for recent ssh-sk.h changes
2020-01-22 10:30:13 +11:00