dropbear: fuzz.h annotate

annotate fuzz.h @ 1857:6022df862942

Use DSCP for IP QoS traffic classes The previous TOS values are deprecated and not used by modern traffic classifiers. This sets AF21 for "interactive" traffic (with a tty). Non-tty traffic sets AF11 - that indicates high throughput but is not lowest priority (which would be CS1 or LE). This differs from the CS1 used by OpenSSH, it lets interactive git over SSH have higher priority than background least effort traffic. Dropbear's settings here should be suitable with the diffservs used by CAKE qdisc.

author	Matt Johnston <matt@ucc.asn.au>
date	Tue, 25 Jan 2022 17:32:20 +0800
parents	4983a6bc1f51
children

rev	line source
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #ifndef DROPBEAR_FUZZ_H
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 #define DROPBEAR_FUZZ_H
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	4 #include "config.h"
1559 92c93b4a3646 Fix to be able to compile normal(ish) binaries with --enable-fuzz Matt Johnston <matt@ucc.asn.au> parents: 1558 diff changeset	5
1558 2f64cb3d3007 - #if not #ifdef for DROPBEAR_FUZZ Matt Johnston <matt@ucc.asn.au> parents: 1456 diff changeset	6 #if DROPBEAR_FUZZ
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	7
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 #include "includes.h"
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 #include "buffer.h"
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	10 #include "algo.h"
1778 19cdeb3d2aac Fix fuzzing build Matt Johnston <matt@ucc.asn.au> parents: 1777 diff changeset	11 #include "netio.h"
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	12 #include "fuzz-wrapfd.h"
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13
1356 3677a510f545 add wrapfd. improve fuzzer in makefile Matt Johnston <matt@ucc.asn.au> parents: 1348 diff changeset	14 // once per process
1456 a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	15 void fuzz_common_setup(void);
a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	16 void fuzz_svr_setup(void);
1741 d1b279aa5ed1 Get client fuzzer building and starting (fails straight away) Matt Johnston <matt@ucc.asn.au> parents: 1740 diff changeset	17 void fuzz_cli_setup(void);
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18
1758 1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	19 // constructor attribute so it runs before main(), including
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	20 // in non-fuzzing mode.
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	21 void fuzz_early_setup(void) __attribute__((constructor));
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	22
1377 d4cc85e6c569 rearrange, all fuzzers now call fuzzer_set_input() Matt Johnston <matt@ucc.asn.au> parents: 1369 diff changeset	23 // must be called once per fuzz iteration.
d4cc85e6c569 rearrange, all fuzzers now call fuzzer_set_input() Matt Johnston <matt@ucc.asn.au> parents: 1369 diff changeset	24 // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE
1456 a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	25 int fuzz_set_input(const uint8_t *Data, size_t Size);
a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	26
1782 a6da10ac64b5 fuzz: make postauth set authdone properly Matt Johnston <matt@ucc.asn.au> parents: 1779 diff changeset	27 int fuzz_run_server(const uint8_t *Data, size_t Size, int skip_kexmaths, int postauth);
1746 28ab2cdb84bf Fix fuzzer build Matt Johnston <matt@ucc.asn.au> parents: 1741 diff changeset	28 int fuzz_run_client(const uint8_t *Data, size_t Size, int skip_kexmaths);
1589 35af85194268 Add kexdh and kexecdh fuzzers Matt Johnston <matt@ucc.asn.au> parents: 1561 diff changeset	29 const void* fuzz_get_algo(const algo_type algos, const char name);
1356 3677a510f545 add wrapfd. improve fuzzer in makefile Matt Johnston <matt@ucc.asn.au> parents: 1348 diff changeset	30
1369 ddfcadca3c4c fuzzer-pubkey Matt Johnston <matt@ucc.asn.au> parents: 1358 diff changeset	31 // fuzzer functions that intrude into general code
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	32 void fuzz_kex_fakealgos(void);
1369 ddfcadca3c4c fuzzer-pubkey Matt Johnston <matt@ucc.asn.au> parents: 1358 diff changeset	33 int fuzz_checkpubkey_line(buffer* line, int line_num, char* filename,
ddfcadca3c4c fuzzer-pubkey Matt Johnston <matt@ucc.asn.au> parents: 1358 diff changeset	34 const char* algo, unsigned int algolen,
ddfcadca3c4c fuzzer-pubkey Matt Johnston <matt@ucc.asn.au> parents: 1358 diff changeset	35 const unsigned char* keyblob, unsigned int keybloblen);
ddfcadca3c4c fuzzer-pubkey Matt Johnston <matt@ucc.asn.au> parents: 1358 diff changeset	36 extern const char * const * fuzz_signkey_names;
1757 517fb7b62438 Add some more variation to fuzzer random number generation Matt Johnston <matt@ucc.asn.au> parents: 1751 diff changeset	37 void fuzz_seed(const unsigned char* dat, unsigned int len);
1782 a6da10ac64b5 fuzz: make postauth set authdone properly Matt Johnston <matt@ucc.asn.au> parents: 1779 diff changeset	38 void fuzz_svr_hook_preloop(void);
1741 d1b279aa5ed1 Get client fuzzer building and starting (fails straight away) Matt Johnston <matt@ucc.asn.au> parents: 1740 diff changeset	39
1786 a3b39df57c8b fuzz: add an always-failing dropbear_listen() replacement Matt Johnston <matt@ucc.asn.au> parents: 1782 diff changeset	40 int fuzz_dropbear_listen(const char* address, const char* port,
a3b39df57c8b fuzz: add an always-failing dropbear_listen() replacement Matt Johnston <matt@ucc.asn.au> parents: 1782 diff changeset	41 int socks, unsigned int sockcount, char errstring, int maxfd);
a3b39df57c8b fuzz: add an always-failing dropbear_listen() replacement Matt Johnston <matt@ucc.asn.au> parents: 1782 diff changeset	42
1741 d1b279aa5ed1 Get client fuzzer building and starting (fails straight away) Matt Johnston <matt@ucc.asn.au> parents: 1740 diff changeset	43 // helpers
1383 f03cfe9c76ac Disable setnonblocking(), get_socket_address(), set_sock_priority() Matt Johnston <matt@ucc.asn.au> parents: 1377 diff changeset	44 void fuzz_get_socket_address(int fd, char local_host, char local_port,
f03cfe9c76ac Disable setnonblocking(), get_socket_address(), set_sock_priority() Matt Johnston <matt@ucc.asn.au> parents: 1377 diff changeset	45 char remote_host, char remote_port, int host_lookup);
1456 a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	46 void fuzz_fake_send_kexdh_reply(void);
1740 dfbe947bdf0d Make wrapfd share a common buffer for all FDs Matt Johnston <matt@ucc.asn.au> parents: 1589 diff changeset	47 int fuzz_spawn_command(int ret_writefd, int ret_readfd, int ret_errfd, pid_t ret_pid);
1751 3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	48 void fuzz_dump(const unsigned char* data, size_t len);
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	49
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	50 // fake IO wrappers
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	51 #ifndef FUZZ_SKIP_WRAP
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	52 #define select(nfds, readfds, writefds, exceptfds, timeout) \
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	53 wrapfd_select(nfds, readfds, writefds, exceptfds, timeout)
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	54 #define write(fd, buf, count) wrapfd_write(fd, buf, count)
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	55 #define read(fd, buf, count) wrapfd_read(fd, buf, count)
1358 6b89eb92f872 glaring wrapfd problems fixed Matt Johnston <matt@ucc.asn.au> parents: 1357 diff changeset	56 #define close(fd) wrapfd_close(fd)
1791 685b47d8faf7 fuzz: wrap kill() Matt Johnston <matt@ucc.asn.au> parents: 1786 diff changeset	57 #define kill(pid, sig) fuzz_kill(pid, sig)
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	58 #endif // FUZZ_SKIP_WRAP
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	59
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 struct dropbear_fuzz_options {
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61 int fuzzing;
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 // fuzzing input
1356 3677a510f545 add wrapfd. improve fuzzer in makefile Matt Johnston <matt@ucc.asn.au> parents: 1348 diff changeset	64 buffer *input;
1357 08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	65 struct dropbear_cipher recv_cipher;
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	66 struct dropbear_hash recv_mac;
08f4fa4dc6a0 closer to working Matt Johnston <matt@ucc.asn.au> parents: 1356 diff changeset	67 int wrapfds;
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68
1456 a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	69 // whether to skip slow bignum maths
a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	70 int skip_kexmaths;
1782 a6da10ac64b5 fuzz: make postauth set authdone properly Matt Johnston <matt@ucc.asn.au> parents: 1779 diff changeset	71 // whether is svr_postauth mode
a6da10ac64b5 fuzz: make postauth set authdone properly Matt Johnston <matt@ucc.asn.au> parents: 1779 diff changeset	72 int svr_postauth;
1456 a90fdd2d2ed8 add fuzzer-preauth_nomaths Matt Johnston <matt@ucc.asn.au> parents: 1385 diff changeset	73
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 // dropbear_exit() jumps back
1385 6c92e97553f1 Add a flag whether to longjmp, missed that last commit Matt Johnston <matt@ucc.asn.au> parents: 1383 diff changeset	75 int do_jmp;
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76 sigjmp_buf jmp;
1751 3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	77
1798 8dc43b30c6bf Define _GNU_SOURCE properly, other header fixes Matt Johnston <matt@ucc.asn.au> parents: 1791 diff changeset	78 // write out decrypted session data to this FD if it is set
1751 3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	79 // flag - this needs to be set manually in cli-main.c etc
3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	80 int dumping;
3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	81 // the file descriptor
3b9b427925a0 Load password and key for client fuzzer. Matt Johnston <matt@ucc.asn.au> parents: 1746 diff changeset	82 int recv_dumpfd;
1758 1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	83
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	84 // avoid filling fuzzing logs, this points to /dev/null
1768 096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	85 FILE *fake_stderr;
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	86 };
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	87
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	88 extern struct dropbear_fuzz_options fuzz;
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89
1768 096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	90 /* guard for when fuzz.h is included by fuzz-common.c */
096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	91 #ifndef FUZZ_NO_REPLACE_STDERR
096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	92
1758 1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	93 /* This is a bodge but seems to work.
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	94 glibc stdio.h has the comment
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	95 "C89/C99 say they're macros. Make them happy." */
1768 096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	96 /* OS X has it as a macro */
1758 1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	97 #ifdef stderr
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	98 #undef stderr
1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	99 #endif
1768 096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	100 #define stderr (fuzz.fake_stderr)
096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	101
096a66e45212 Fix fuzzing stderr override on os x Matt Johnston <matt@ucc.asn.au> parents: 1758 diff changeset	102 #endif /* FUZZ_NO_REPLACE_STDERR */
1758 1365661f6be6 Disable stderr output for fuzzer by default Matt Johnston <matt@ucc.asn.au> parents: 1757 diff changeset	103
1779 36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	104 struct passwd* fuzz_getpwuid(uid_t uid);
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	105 struct passwd* fuzz_getpwnam(const char *login);
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	106 /* guard for when fuzz.h is included by fuzz-common.c */
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	107 #ifndef FUZZ_NO_REPLACE_GETPW
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	108 #define getpwnam(x) fuzz_getpwnam(x)
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	109 #define getpwuid(x) fuzz_getpwuid(x)
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	110 #endif // FUZZ_NO_REPLACE_GETPW
36d4c027cba7 fuzzing: add workaround getpwuid/getpwnam Matt Johnston <matt@ucc.asn.au> parents: 1778 diff changeset	111
1798 8dc43b30c6bf Define _GNU_SOURCE properly, other header fixes Matt Johnston <matt@ucc.asn.au> parents: 1791 diff changeset	112 #endif /* DROPBEAR_FUZZ */
1348 5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	113
5c2899e35b63 fuzz harness Matt Johnston <matt@ucc.asn.au> parents: diff changeset	114 #endif /* DROPBEAR_FUZZ_H */

Mercurial > dropbear

annotate fuzz.h @ 1857:6022df862942