Enable all protocols and ciphers in the fuzzer

The config file can override it.
In case of the server, it needs to be set on the ctx or some of the
other functions on the ctx might file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
DH: #6718

diff --git a/fuzz/client.c b/fuzz/client.c
index ce6d8cc85e16fe442824765fa0554a164373e6ff..bc01f622317e638e03166dd5aacf7b2f0e1ab308 100644 (file)
--- a/fuzz/client.c
+++ b/fuzz/client.c
@@ -73,6 +73,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     ctx = SSL_CTX_new(SSLv23_method());
 
     client = SSL_new(ctx);
+    OPENSSL_assert(SSL_set_min_proto_version(client, 0) == 1);
     OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1);
     SSL_set_tlsext_host_name(client, "localhost");
     in = BIO_new(BIO_s_mem());

diff --git a/fuzz/server.c b/fuzz/server.c
index 2f7403e2771a24070150b2db1252f2371465e63c..7f9f9fa02081d4423efaa53d806b03047138b682 100644 (file)
--- a/fuzz/server.c
+++ b/fuzz/server.c
@@ -534,6 +534,11 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     /* This only fuzzes the initial flow from the client so far. */
     ctx = SSL_CTX_new(SSLv23_method());
 
+    ret = SSL_CTX_set_min_proto_version(ctx, 0);
+    OPENSSL_assert(ret == 1);
+    ret = SSL_CTX_set_cipher_list(ctx, "ALL:eNULL:@SECLEVEL=0");
+    OPENSSL_assert(ret == 1);
+
     /* RSA */
     bufp = kRSAPrivateKeyDER;
     privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER));
@@ -602,8 +607,6 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
     /* TODO: Set up support for SRP and PSK */
 
     server = SSL_new(ctx);
-    ret = SSL_set_cipher_list(server, "ALL:eNULL:@SECLEVEL=0");
-    OPENSSL_assert(ret == 1);
     in = BIO_new(BIO_s_mem());
     out = BIO_new(BIO_s_mem());
     SSL_set_bio(server, in, out);