[gnutls-devel] GnuTLS | AFL instrumented gnutls always uses same session id and random (#1221)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sat May 1 17:01:59 CEST 2021

Weiqi Wang created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1221

## Description of problem:
I followed https://gitlab.com/gnutls/gnutls/-/blob/master/fuzz/README.md to compile gnutls with `afl-clang-fast`. Then when I use `gnutls-serv` and `gnutls-cli`, the `session-id` and `random` are fixed to `00:2D:4E:C4:AC:68:92:9A:38:B5:F2:E2:53:D3:BB:01:FD:BE:3C:63:38:55:99:C2:FE:3D:DE:A7:75:05:56:31`

## Version of gnutls used:
commit f17e1be2


## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)

## How reproducible:

Steps to Reproduce:

* Use AFL to compile gnutls
* Run gnutls-serv
* Run gnutls-cli two times and capture traffic

## Actual results:
The `session-id` and `random` are the same across sessions. In this capture file, `session-id` and `random` of client hello, `session-id` and `random` of server hello are all fixed to `00:2D:4E:C4:AC:68:92:9A:38:B5:F2:E2:53:D3:BB:01:FD:BE:3C:63:38:55:99:C2:FE:3D:DE:A7:75:05:56:31`


Here is a capture using openssl client so that the client hello doesn't contain `session-id` and uses unique `random`. However, `gnutls-serv` still responds with server hello containing the same `session-id` and `random`.


## Expected results:
The `random` and `session-id` are generated correctly.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1221
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210501/cd1beea5/attachment.html>

More information about the Gnutls-devel mailing list