Skip to content

fuzz: flip forwardClientCert option in HCM fuzz target #11496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mattklein123 merged 2 commits into from
Jun 10, 2020
Merged

fuzz: flip forwardClientCert option in HCM fuzz target #11496

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f012023
flip forwardClientCert option in HCM fuzz
Jun 8, 2020
3af2621
style fix
Jun 8, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions test/common/http/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,7 @@ envoy_proto_library(
srcs = ["conn_manager_impl_fuzz.proto"],
deps = [
"//test/fuzz:common_proto",
"@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg",
],
)

Expand Down
4 changes: 4 additions & 0 deletions test/common/http/conn_manager_impl_fuzz.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ import "google/protobuf/empty.proto";

import "test/fuzz/common.proto";

import "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto";

// Structured input for conn_manager_impl_fuzz_test.

message NewStream {
Expand Down Expand Up @@ -99,4 +101,6 @@ message Action {

message ConnManagerImplTestCase {
repeated Action actions = 1;
envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
.ForwardClientCertDetails forward_client_cert = 2;
}
32 changes: 29 additions & 3 deletions test/common/http/conn_manager_impl_fuzz_test.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,8 @@ class FuzzConfig : public ConnectionManagerConfig {
std::shared_ptr<Router::MockConfig> route_config_{new NiceMock<Router::MockConfig>()};
};

FuzzConfig()
FuzzConfig(envoy::extensions::filters::network::http_connection_manager::v3::
HttpConnectionManager::ForwardClientCertDetails forward_client_cert)
: stats_({ALL_HTTP_CONN_MAN_STATS(POOL_COUNTER(fake_stats_), POOL_GAUGE(fake_stats_),
POOL_HISTOGRAM(fake_stats_))},
"", fake_stats_),
Expand All @@ -74,6 +75,7 @@ class FuzzConfig : public ConnectionManagerConfig {
.WillByDefault(Return(time_system_.systemTime()));
access_logs_.emplace_back(std::make_shared<NiceMock<AccessLog::MockInstance>>());
request_id_extension_ = RequestIDExtensionFactory::defaultInstance(random_);
forward_client_cert_ = fromClientCert(forward_client_cert);
}

void newStream() {
Expand All @@ -91,6 +93,30 @@ class FuzzConfig : public ConnectionManagerConfig {
EXPECT_CALL(*encoder_filter_, setEncoderFilterCallbacks(_));
}

Http::ForwardClientCertType
fromClientCert(envoy::extensions::filters::network::http_connection_manager::v3::
HttpConnectionManager::ForwardClientCertDetails forward_client_cert) {
switch (forward_client_cert) {
case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::
SANITIZE:
return Http::ForwardClientCertType::Sanitize;
case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::
FORWARD_ONLY:
return Http::ForwardClientCertType::ForwardOnly;
case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::
APPEND_FORWARD:
return Http::ForwardClientCertType::AppendForward;
case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::
SANITIZE_SET:
return Http::ForwardClientCertType::SanitizeSet;
case envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::
ALWAYS_FORWARD_ONLY:
return Http::ForwardClientCertType::AlwaysForwardOnly;
default:
return Http::ForwardClientCertType::Sanitize;
}
}

// Http::ConnectionManagerConfig

RequestIDExtensionSharedPtr requestIDExtension() override { return request_id_extension_; }
Expand Down Expand Up @@ -194,7 +220,7 @@ class FuzzConfig : public ConnectionManagerConfig {
std::chrono::milliseconds request_timeout_{};
std::chrono::milliseconds delayed_close_timeout_{};
bool use_remote_address_{true};
Http::ForwardClientCertType forward_client_cert_{Http::ForwardClientCertType::Sanitize};
Http::ForwardClientCertType forward_client_cert_;
std::vector<Http::ClientCertDetailsType> set_current_client_cert_details_;
Network::Address::Ipv4Instance local_address_{"127.0.0.1"};
absl::optional<std::string> user_agent_;
Expand Down Expand Up @@ -495,7 +521,7 @@ DEFINE_PROTO_FUZZER(const test::common::http::ConnManagerImplTestCase& input) {
return;
}

FuzzConfig config;
FuzzConfig config(input.forward_client_cert());
NiceMock<Network::MockDrainDecision> drain_close;
NiceMock<Runtime::MockRandomGenerator> random;
Stats::SymbolTablePtr symbol_table(Stats::SymbolTableCreator::makeSymbolTable());
Expand Down