ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-07 13:21:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix some links

Browse Source
This commit is contained in:
Matt Johnston 2018-03-05 14:14:26 +08:00
parent 366fc8f335
commit 6b05aa4275
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
FUZZER-NOTES.md
View File

@ -45,28 +45,30 @@ When running in fuzzing mode Dropbear uses a [fixed seed](dbrandom.c#L185)
every time so that failures can be reproduced. every time so that failures can be reproduced.
Since the fuzzer cannot generate valid encrypted input the packet decryption and Since the fuzzer cannot generate valid encrypted input the packet decryption and
message authentication calls are disabled, see (packet.c)[packet.c]. message authentication calls are disabled, see [packet.c](packet.c).
MAC failures are set to occur with a low probability to test that error path. MAC failures are set to occur with a low probability to test that error path.
## Fuzzers ## Fuzzers
Current fuzzers are Current fuzzers are
- fuzzer-preauth - the fuzzer input is treated as a stream of session input. This will - [fuzzer-preauth](fuzzer-preauth.c) - the fuzzer input is treated as a stream of session input. This will
test key exchange, packet ordering, authentication attempts etc. test key exchange, packet ordering, authentication attempts etc.
- fuzzer-preauth_nomaths - the same as fuzzer-preauth but with asymmetric crypto - [fuzzer-preauth_nomaths](fuzzer-preauth_nomaths.c) - the same as fuzzer-preauth but with asymmetric crypto
routines replaced with dummies for faster runtime. corpora are shared routines replaced with dummies for faster runtime. corpora are shared
between fuzzers by [oss-fuzz](https://github.com/google/oss-fuzz) so this between fuzzers by [oss-fuzz](https://github.com/google/oss-fuzz) so this
will help fuzzer-preauth too. will help fuzzer-preauth too.
- fuzzer-verify - read a key and signature from fuzzer input and verify that signature. - [fuzzer-verify](fuzzer-verify.c) - read a key and signature from fuzzer input and verify that signature.
It would not be expected to pass, though some keys with bad parameters are It would not be expected to pass, though some keys with bad parameters are
able to validate with a trivial signature - extra checks are added for that. able to validate with a trivial signature - extra checks are added for that.
- fuzzer-pubkey - test parsing of an `authorized_keys` line. - [fuzzer-pubkey](fuzzer-pubkey.c) - test parsing of an `authorized_keys` line.
- fuzzer-kexdh - test Diffie-Hellman key exchange where the fuzz input is the - [fuzzer-kexdh](fuzzer-kexdh.c) - test Diffie-Hellman key exchange where the fuzz input is the
public key that would be received over the network. ephemeral public key that would be received over the network. This is testing `mp_expt_mod()`
and and other libtommath routines.
- fuzzer-kexecdh - test Elliptic Curve Diffie-Hellman key exchange like fuzzer-kexdh - [fuzzer-kexecdh](fuzzer-kexecdh.c) - test Elliptic Curve Diffie-Hellman key exchange like fuzzer-kexdh.
This is testing libtommath ECC routines.

2
Makefile.in
View File

@ -270,7 +270,7 @@ fuzzstandalone: fuzz-harness.o fuzz-targets
svrfuzzobjs=$(subst svr-main.o, ,$(dropbearobjs)) svrfuzzobjs=$(subst svr-main.o, ,$(dropbearobjs))
# build all the fuzzers. This will require fail to link unless built with # build all the fuzzers. This will require fail to link unless built with
# make fuzz-targetsk FUZZLIB=-lFuzzer.a # make fuzz-targets FUZZLIB=-lFuzzer.a
# or similar - the library provides main(). # or similar - the library provides main().
fuzz-targets: $(FUZZ_TARGETS) $(FUZZER_OPTIONS) fuzz-targets: $(FUZZ_TARGETS) $(FUZZER_OPTIONS)