Enable renegotiation in the client fuzzer and read app data.
As long as the HTTP/1.1 client auth hack forces use to support renego, having
it on seems much more useful than having it off for fuzzing purposes. Also read
app data to exercise that code and, on the client, trigger renegotiations as
needed.
Change-Id: I1941ded6ec9bd764abd199d1518420a1075ed1b2
Reviewed-on: https://boringssl-review.googlesource.com/7291
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/fuzz/client.cc b/fuzz/client.cc
index 75e518e..c491893 100644
--- a/fuzz/client.cc
+++ b/fuzz/client.cc
@@ -24,9 +24,18 @@
BIO *out = BIO_new(BIO_s_mem());
SSL_set_bio(client, in, out);
SSL_set_connect_state(client);
+ SSL_set_renegotiate_mode(client, ssl_renegotiate_freely);
BIO_write(in, buf, len);
- SSL_do_handshake(client);
+ if (SSL_do_handshake(client) == 1) {
+ // Keep reading application data until error or EOF.
+ uint8_t tmp[1024];
+ for (;;) {
+ if (SSL_read(client, tmp, sizeof(tmp)) <= 0) {
+ break;
+ }
+ }
+ }
SSL_free(client);
return 0;
diff --git a/fuzz/server.cc b/fuzz/server.cc
index c37cae7..1904e4f 100644
--- a/fuzz/server.cc
+++ b/fuzz/server.cc
@@ -215,7 +215,15 @@
SSL_set_accept_state(server);
BIO_write(in, buf, len);
- SSL_do_handshake(server);
+ if (SSL_do_handshake(server) == 1) {
+ // Keep reading application data until error or EOF.
+ uint8_t tmp[1024];
+ for (;;) {
+ if (SSL_read(server, tmp, sizeof(tmp)) <= 0) {
+ break;
+ }
+ }
+ }
SSL_free(server);
return 0;
