Instead of setting a "magic" global variable to force RAND to keep
consistent state and always generate the same bytestream, have
the fuzzing code install its own RAND_METHOD that does this.  For
BN_RAND_DEBUG, we just don't do it; that debugging was about mucking
with BN's internal representation, not requiring predictable rand
bytes.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4025)

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #3829

Approach was opportunistic in Windows context from its inception
and on top of that it was proven to be error-prone at link stage.
Correct answer is to introduce library-specific time function that
we can control in platform-neutral manner.  Meanwhile we just let
be attempts to override time on Windows.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3320)

Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3248)

This adds a way to use the last byte of the buffer to change the
behavior of the server. The last byte is used so that the existing
corpus can be reused either without changing it, or just adding a single
byte, and that it can still be used by other projects.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>
GH: #2683

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>
GH: #2683

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>
GH: #2683

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>
GH: #2683

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>
GH: #2683

Don't compile code that still uses LONG when it's deprecated
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)

Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3126)

Document thread-safety issues
Have RSA_null return NULL (always fails)
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2244)

conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)

Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2682

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2318

Reviewed-by: NKurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2192)

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2182

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2182

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2182

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2182

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2182

Reviewed-by: NRichard Levitte <levitte@openssl.org>
GH: #2090

Also send a SNI extension in the client so the fuzzer can react to it.
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2088

We use those parameters for calculating the coverage.
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2088

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2060

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2053

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2041

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2041

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2041

We want to be in the same global state each time we come in
FuzzerTestOneInput(). There are various reasons why we might not be that
include:
- Initialization that happens on first use. This is mostly the
  RUN_ONCE() things, or loading of error strings.
- Results that get cached. For instance a stack that is sorted, RSA
  blinding that has been set up, ...

So I try to trigger as much as possible in FuzzerInitialize(), and for
things I didn't find out how to trigger this it needs to happen in
FuzzerTestOneInput().
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

This is something you might want to change depending on the version to
use, there is no point in us fixing this to something.
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

This allows to free everything we allocated, so we can detect memory
leaks.
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

There was a time it could be NULL, but that was changed to always have it.
Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

Reviewed-by: NRich Salz <rsalz@openssl.org>
GH: #2023

New minimal fuzz corpora set
Reviewed-by: NAndy Polyakov <appro@openssl.org>

GH: #1910