mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

handshake fuzzer: fix TLS handshake sequence (#4033)

Browse source 
There were two problems with the existing code:
1. The transport parameters were rejected due to an invalid value for
   ActiveConnectionIDLimit, causing the handshake to fail.
2. Handshake messages were passed in at the wrong encryption level,
   leading to consistent handshake failures.
This commit is contained in:
Marten Seemann 2023-08-16 20:55:44 +07:00 committed by GitHub
parent ca3842d6c8
commit 51d257d608
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

23
fuzzing/handshake/fuzz.go
View file

@ -147,6 +147,7 @@ func getTransportParameters(seed uint8) *wire.TransportParameters {
const maxVarInt = math.MaxUint64 / 4 const maxVarInt = math.MaxUint64 / 4
r := mrand.New(mrand.NewSource(int64(seed))) r := mrand.New(mrand.NewSource(int64(seed)))
return &wire.TransportParameters{ return &wire.TransportParameters{
ActiveConnectionIDLimit: 2,
InitialMaxData: protocol.ByteCount(r.Int63n(maxVarInt)), InitialMaxData: protocol.ByteCount(r.Int63n(maxVarInt)),
InitialMaxStreamDataBidiLocal: protocol.ByteCount(r.Int63n(maxVarInt)), InitialMaxStreamDataBidiLocal: protocol.ByteCount(r.Int63n(maxVarInt)),
InitialMaxStreamDataBidiRemote: protocol.ByteCount(r.Int63n(maxVarInt)), InitialMaxStreamDataBidiRemote: protocol.ByteCount(r.Int63n(maxVarInt)),
@ -302,6 +303,7 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
if err := client.StartHandshake(); err != nil { if err := client.StartHandshake(); err != nil {
log.Fatal(err) log.Fatal(err)
} }
defer client.Close()
server := handshake.NewCryptoSetupServer( server := handshake.NewCryptoSetupServer(
protocol.ConnectionID{}, protocol.ConnectionID{},
@ -318,12 +320,13 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
if err := server.StartHandshake(); err != nil { if err := server.StartHandshake(); err != nil {
log.Fatal(err) log.Fatal(err)
} }
defer server.Close()
var clientHandshakeComplete, serverHandshakeComplete bool var clientHandshakeComplete, serverHandshakeComplete bool
for { for {
var processedEvent bool
clientLoop: clientLoop:
for { for {
var processedEvent bool
ev := client.NextEvent() ev := client.NextEvent()
//nolint:exhaustive // only need to process a few events //nolint:exhaustive // only need to process a few events
switch ev.Kind { switch ev.Kind {
@ -334,11 +337,16 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
break clientLoop break clientLoop
case handshake.EventWriteInitialData, handshake.EventWriteHandshakeData: case handshake.EventWriteInitialData, handshake.EventWriteHandshakeData:
msg := ev.Data msg := ev.Data
encLevel := protocol.EncryptionInitial
if ev.Kind == handshake.EventWriteHandshakeData {
encLevel = protocol.EncryptionHandshake
}
if msg[0] == messageToReplace { if msg[0] == messageToReplace {
fmt.Printf("replacing %s message to the server with %s at %s\n", messageType(msg[0]), messageType(data[0]), messageToReplaceEncLevel) fmt.Printf("replacing %s message to the server with %s at %s\n", messageType(msg[0]), messageType(data[0]), messageToReplaceEncLevel)
msg = data msg = data
encLevel = messageToReplaceEncLevel
} }
if err := server.HandleMessage(msg, messageToReplaceEncLevel); err != nil { if err := server.HandleMessage(msg, encLevel); err != nil {
return 1 return 1
} }
case handshake.EventHandshakeComplete: case handshake.EventHandshakeComplete:
@ -347,9 +355,9 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
processedEvent = true processedEvent = true
} }
processedEvent = false
serverLoop: serverLoop:
for { for {
var processedEvent bool
ev := server.NextEvent() ev := server.NextEvent()
//nolint:exhaustive // only need to process a few events //nolint:exhaustive // only need to process a few events
switch ev.Kind { switch ev.Kind {
@ -359,12 +367,17 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
} }
break serverLoop break serverLoop
case handshake.EventWriteInitialData, handshake.EventWriteHandshakeData: case handshake.EventWriteInitialData, handshake.EventWriteHandshakeData:
encLevel := protocol.EncryptionInitial
if ev.Kind == handshake.EventWriteHandshakeData {
encLevel = protocol.EncryptionHandshake
}
msg := ev.Data msg := ev.Data
if msg[0] == messageToReplace { if msg[0] == messageToReplace {
fmt.Printf("replacing %s message to the client with %s at %s\n", messageType(msg[0]), messageType(data[0]), messageToReplaceEncLevel) fmt.Printf("replacing %s message to the client with %s at %s\n", messageType(msg[0]), messageType(data[0]), messageToReplaceEncLevel)
msg = data msg = data
encLevel = messageToReplaceEncLevel
} }
if err := client.HandleMessage(msg, messageToReplaceEncLevel); err != nil { if err := client.HandleMessage(msg, encLevel); err != nil {
return 1 return 1
} }
case handshake.EventHandshakeComplete: case handshake.EventHandshakeComplete:
@ -410,9 +423,11 @@ func runHandshake(runConfig [confLen]byte, messageConfig uint8, clientConf *tls.
client.HandleMessage(ticket, protocol.Encryption1RTT) client.HandleMessage(ticket, protocol.Encryption1RTT)
} }
if sendPostHandshakeMessageToClient { if sendPostHandshakeMessageToClient {
fmt.Println("sending post handshake message to the client at", messageToReplaceEncLevel)
client.HandleMessage(data, messageToReplaceEncLevel) client.HandleMessage(data, messageToReplaceEncLevel)
} }
if sendPostHandshakeMessageToServer { if sendPostHandshakeMessageToServer {
fmt.Println("sending post handshake message to the server at", messageToReplaceEncLevel)
server.HandleMessage(data, messageToReplaceEncLevel) server.HandleMessage(data, messageToReplaceEncLevel)
} }