mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-26 18:18:25 +00:00
[sans-io] TLS: add handshake fuzzing
This commit is contained in:
parent
3a85c7d15d
commit
21293edce0
@ -85,7 +85,10 @@ def parse_client_hello(data: bytes) -> Optional[net_tls.ClientHello]:
|
|||||||
# Check if ClientHello is complete
|
# Check if ClientHello is complete
|
||||||
client_hello = get_client_hello(data)
|
client_hello = get_client_hello(data)
|
||||||
if client_hello:
|
if client_hello:
|
||||||
|
try:
|
||||||
return net_tls.ClientHello(client_hello[4:])
|
return net_tls.ClientHello(client_hello[4:])
|
||||||
|
except EOFError as e:
|
||||||
|
raise ValueError("Invalid ClientHello") from e
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
|
import os
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
|
from hypothesis import settings
|
||||||
|
|
||||||
from mitmproxy import options
|
from mitmproxy import options
|
||||||
from mitmproxy.addons.core import Core
|
from mitmproxy.addons.core import Core
|
||||||
@ -21,3 +24,8 @@ def tctx() -> context.Context:
|
|||||||
),
|
),
|
||||||
opts
|
opts
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
settings.register_profile("fast", max_examples=10)
|
||||||
|
settings.register_profile("deep", max_examples=100_000, deadline=None)
|
||||||
|
settings.load_profile(os.getenv("HYPOTHESIS_PROFILE", "fast"))
|
@ -1,9 +1,8 @@
|
|||||||
import os
|
|
||||||
from typing import Tuple, Dict, Any
|
from typing import Tuple, Dict, Any
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
from h2.settings import SettingCodes
|
from h2.settings import SettingCodes
|
||||||
from hypothesis import example, given, settings
|
from hypothesis import example, given
|
||||||
from hypothesis.strategies import binary, booleans, composite, dictionaries, integers, lists, sampled_from, sets, text, \
|
from hypothesis.strategies import binary, booleans, composite, dictionaries, integers, lists, sampled_from, sets, text, \
|
||||||
data
|
data
|
||||||
|
|
||||||
@ -21,10 +20,6 @@ from test.mitmproxy.proxy2.layers.http.test_http2 import make_h2, example_respon
|
|||||||
start_h2_client
|
start_h2_client
|
||||||
from test.mitmproxy.proxy2.tutils import Placeholder, Playbook, reply, _TracebackInPlaybook, _eq
|
from test.mitmproxy.proxy2.tutils import Placeholder, Playbook, reply, _TracebackInPlaybook, _eq
|
||||||
|
|
||||||
settings.register_profile("fast", max_examples=10)
|
|
||||||
settings.register_profile("deep", max_examples=100_000, deadline=None)
|
|
||||||
settings.load_profile(os.getenv("HYPOTHESIS_PROFILE", "fast"))
|
|
||||||
|
|
||||||
opts = options.Options()
|
opts = options.Options()
|
||||||
Proxyserver().load(opts)
|
Proxyserver().load(opts)
|
||||||
|
|
||||||
|
26
test/mitmproxy/proxy2/layers/test_tls_fuzz.py
Normal file
26
test/mitmproxy/proxy2/layers/test_tls_fuzz.py
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
from hypothesis import given, example
|
||||||
|
from hypothesis.strategies import binary, integers
|
||||||
|
|
||||||
|
from mitmproxy.net.tls import ClientHello
|
||||||
|
from mitmproxy.proxy2.layers.tls import parse_client_hello
|
||||||
|
|
||||||
|
client_hello_with_extensions = bytes.fromhex(
|
||||||
|
"16030300bb" # record layer
|
||||||
|
"010000b7" # handshake layer
|
||||||
|
"03033b70638d2523e1cba15f8364868295305e9c52aceabda4b5147210abc783e6e1000022c02bc02fc02cc030"
|
||||||
|
"cca9cca8cc14cc13c009c013c00ac014009c009d002f0035000a0100006cff0100010000000010000e00000b65"
|
||||||
|
"78616d706c652e636f6d0017000000230000000d00120010060106030501050304010403020102030005000501"
|
||||||
|
"00000000001200000010000e000c02683208687474702f312e3175500000000b00020100000a00080006001d00"
|
||||||
|
"170018"
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@given(i=integers(0, len(client_hello_with_extensions)), data=binary())
|
||||||
|
@example(i=183, data=b'\x00\x00\x00\x00\x00\x00\x00\x00\x00')
|
||||||
|
def test_fuzz_h2_request_chunks(i, data):
|
||||||
|
try:
|
||||||
|
ch = parse_client_hello(client_hello_with_extensions[:i] + data)
|
||||||
|
except ValueError:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
assert ch is None or isinstance(ch, ClientHello)
|
Loading…
Reference in New Issue
Block a user