From 4eefca5d7a796b8242abe9f00c8951cc15432b2a Mon Sep 17 00:00:00 2001 From: Facebook Community Bot Date: Mon, 6 May 2024 13:03:46 -0700 Subject: [PATCH] Re-sync with internal repository (#117) The internal and external repositories are out of sync. This Pull Request attempts to brings them back in sync by patching the GitHub repository. Please carefully review this patch. You must disable ShipIt for your project in order to merge this pull request. DO NOT IMPORT this pull request. Instead, merge it directly on GitHub using the MERGE BUTTON. Re-enable ShipIt after merging. --- fizz/crypto/aead/test/facebook/BUCK | 63 -------- fizz/facebook/debug/BUCK | 16 -- fizz/facebook/fizzy/test/BUCK | 1 - fizz/facebook/fuzzer/BUCK | 119 -------------- fizz/facebook/python/BUCK | 22 --- fizz/record/test/facebook/BUCK | 82 ---------- fizz/server/test/facebook/BUCK | 241 ---------------------------- 7 files changed, 544 deletions(-) delete mode 100644 fizz/crypto/aead/test/facebook/BUCK delete mode 100644 fizz/facebook/debug/BUCK delete mode 100644 fizz/facebook/fizzy/test/BUCK delete mode 100644 fizz/facebook/fuzzer/BUCK delete mode 100644 fizz/facebook/python/BUCK delete mode 100644 fizz/record/test/facebook/BUCK delete mode 100644 fizz/server/test/facebook/BUCK diff --git a/fizz/crypto/aead/test/facebook/BUCK b/fizz/crypto/aead/test/facebook/BUCK deleted file mode 100644 index ed36b9aadb..0000000000 --- a/fizz/crypto/aead/test/facebook/BUCK +++ /dev/null @@ -1,63 +0,0 @@ -load( - "@fbsource//xplat/security/lionhead:defs.bzl", - "EXTERNAL_USERS", - "Metadata", - "Severity", -) -load("//security/lionhead/harnesses:defs.bzl", "cpp_lionhead_harness") - -oncall("secure_pipes") - -cpp_lionhead_harness( - name = "fizz_aead_encrypt_fuzzer", - srcs = ["AeadFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("AeadFuzzer", "Encrypt"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/test:TestUtil", - ], -) - -cpp_lionhead_harness( - name = "fizz_aead_inplace_encrypt_fuzzer", - srcs = ["AeadFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("AeadFuzzer", "InplaceEncrypt"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/test:TestUtil", - ], -) - -cpp_lionhead_harness( - name = "fizz_aead_decrypt_fuzzer", - srcs = ["AeadFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("AeadFuzzer", "Decrypt"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/test:TestUtil", - ], -) diff --git a/fizz/facebook/debug/BUCK b/fizz/facebook/debug/BUCK deleted file mode 100644 index 5da1cbfab6..0000000000 --- a/fizz/facebook/debug/BUCK +++ /dev/null @@ -1,16 +0,0 @@ -load("@fbcode_macros//build_defs:python_binary.bzl", "python_binary") - -oncall("secure_pipes") - -python_binary( - # @autodeps-skip - name = "fizz_trace", - srcs = [ - "fizztrace.py", - ], - main_function = "fizz.facebook.debug.fizztrace.main", - deps = [ - "fbsource//third-party/bcc:bcc-py", - "fbsource//third-party/bcc:libbcc", - ], -) diff --git a/fizz/facebook/fizzy/test/BUCK b/fizz/facebook/fizzy/test/BUCK deleted file mode 100644 index 5c4f482b5e..0000000000 --- a/fizz/facebook/fizzy/test/BUCK +++ /dev/null @@ -1 +0,0 @@ -# This file needs to exist to avoid build system breakage, see https://fburl.com/workplace/jtdlgdmd diff --git a/fizz/facebook/fuzzer/BUCK b/fizz/facebook/fuzzer/BUCK deleted file mode 100644 index abe71870be..0000000000 --- a/fizz/facebook/fuzzer/BUCK +++ /dev/null @@ -1,119 +0,0 @@ -load("@fbcode_macros//build_defs:cpp_library.bzl", "cpp_library") -load( - "@fbsource//xplat/security/lionhead:defs.bzl", - "EXTERNAL_USERS", - "Metadata", - "Severity", -) -load("//security/lionhead/harnesses:defs.bzl", "cpp_lionhead_harness") - -oncall("secure_pipes") - -cpp_library( - name = "fuzz_aead", - srcs = ["FuzzAead.cpp"], - headers = ["FuzzAead.h"], - deps = [ - "//fizz:config", - "//fizz/backend:openssl", - "//fizz/crypto/aead:aegiscipher", - "//fizz/crypto/aead/test:mocks", - ], - exported_deps = [ - "//fizz/crypto/aead:aead", - "//fizz/record:record", - ], -) - -cpp_library( - name = "fuzz_handshake_context", - srcs = ["FuzzHandshakeContext.cpp"], - headers = ["FuzzHandshakeContext.h"], - deps = [ - "//fizz/backend:openssl", - ], - exported_deps = [ - "//fizz/protocol:handshake_context", - "//fizz/record:record", - ], -) - -cpp_library( - name = "fuzz_token_cipher", - headers = ["FuzzTokenCipher.h"], - exported_deps = [ - "//fizz/server/test:mocks", - ], -) - -cpp_library( - name = "fuzz_factory", - headers = ["FuzzFactory.h"], - exported_deps = [ - "//fizz/protocol/test:mocks", - ], -) - -cpp_library( - name = "fuzz_server_context_builder", - srcs = ["FuzzServerContextBuilder.cpp"], - headers = ["FuzzServerContextBuilder.h"], - deps = [ - ":fuzz_aead", - ":fuzz_factory", - ":fuzz_handshake_context", - ":fuzz_token_cipher", - "//fizz/crypto/hpke/test:mocks", - "//fizz/protocol/test:test_messages", - "//fizz/record:record", - "//fizz/server:aead_cookie_cipher", - "//fizz/server:aead_ticket_cipher", - "//fizz/server:aead_token_cipher", - "//fizz/server:dual_ticket_cipher", - "//fizz/server:ticket_codec", - "//fizz/server/test:mocks", - ], - exported_deps = [ - "//fizz/server:fizz_server_context", - ], -) - -cpp_lionhead_harness( - name = "FizzServerFuzzer", - srcs = ["FizzServerFuzzer.cpp"], - context_task = "T144013895", - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_SEV, - severity_service_takeover = Severity.FILE_SECURITY_SEV, - ), - deps = [ - "fbsource//xplat/security/lionhead:utils", - ":fuzz_server_context_builder", - "//fizz/server:fizz_server", - "//folly/io/async:async_base", - ], -) - -cpp_lionhead_harness( - name = "FizzClientFuzzer", - srcs = ["FizzClientFuzzer.cpp"], - context_task = "T131981406", #TODO: This is a template task. Please create your own copy and insert meaningful context for this fuzzer. Otherwise, security engineers will not know how to handle security issues found by this harness. - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, # missing severity, using default TODO: check and apply appropriate severity - severity_service_takeover = Severity.FILE_SECURITY_TASK, # missing severity, using default TODO: check and apply appropriate severity - ), - deps = [ - ":fuzz_factory", - "//fizz/client:fizz_client", - "//fizz/client/test:mocks", - "//fizz/client/test:utilities", - ], - external_deps = [ - "gflags", - "glog", - ], -) diff --git a/fizz/facebook/python/BUCK b/fizz/facebook/python/BUCK deleted file mode 100644 index b739148971..0000000000 --- a/fizz/facebook/python/BUCK +++ /dev/null @@ -1,22 +0,0 @@ -load("@fbcode_macros//build_defs:cpp_python_extension.bzl", "cpp_python_extension") - -oncall("secure_pipes") - -cpp_python_extension( - name = "pythonFizzUtils", - srcs = [ - "Wrapper.cpp", - ], - module_name = "PyFizzUtil", - deps = [ - "//common/encode:encode", - "//fizz/crypto/hpke:types", - "//fizz/protocol/ech:encrypted_client_hello", - "//fizz/util:fizz_util", - "//folly/io:iobuf", - ], - external_deps = [ - ("boost", None, "boost_python"), - ("libsodium", None, "sodium"), - ], -) diff --git a/fizz/record/test/facebook/BUCK b/fizz/record/test/facebook/BUCK deleted file mode 100644 index 836020c13b..0000000000 --- a/fizz/record/test/facebook/BUCK +++ /dev/null @@ -1,82 +0,0 @@ -load("@fbcode_macros//build_defs:cpp_binary.bzl", "cpp_binary") - -# @autodeps -load( - "@fbsource//xplat/security/lionhead:defs.bzl", - "EXTERNAL_USERS", - "Metadata", - "Severity", -) -load("//security/lionhead/harnesses:defs.bzl", "cpp_lionhead_harness") - -oncall("secure_pipes") - -cpp_binary( - name = "handshake_decode_fuzz_test.so", - srcs = [ - "HandshakeDecodeFuzzTest.cpp", - ], - dlopen_enabled = True, - deps = [ - "//common/testing/fuzztest:fuzz_main", - "//common/testing/fuzztest:headers", - "//fizz/protocol/test:test_messages", - "//fizz/record:record", - "//folly/portability:gtest", - ], -) - -cpp_binary( - name = "extension_decode_fuzz_test.so", - srcs = [ - "ExtensionDecodeFuzzTest.cpp", - ], - dlopen_enabled = True, - deps = [ - "//common/testing/fuzztest:fuzz_main", - "//common/testing/fuzztest:headers", - "//fizz/record:record", - "//folly/portability:gtest", - ], -) - -cpp_lionhead_harness( - name = "fizz_decode_extension", - srcs = ["ExtensionDecodeFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ExtensionDecodeFuzzer", "Decode"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/protocol/ech:encrypted_client_hello", - "//fizz/record:record", - "//folly/io:iobuf", - ], - external_deps = [ - "gflags", - "glog", - ], -) - -cpp_lionhead_harness( - name = "fizz_decode_handshake", - srcs = ["HandshakeDecodeFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("HandshakeDecodeFuzzer", "Decode"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/record:record_layer", - "//folly/io:iobuf", - ], -) diff --git a/fizz/server/test/facebook/BUCK b/fizz/server/test/facebook/BUCK deleted file mode 100644 index 2b56dd3fe4..0000000000 --- a/fizz/server/test/facebook/BUCK +++ /dev/null @@ -1,241 +0,0 @@ -load( - "@fbsource//xplat/security/lionhead:defs.bzl", - "EXTERNAL_USERS", - "Metadata", - "Severity", -) -load("//security/lionhead/harnesses:defs.bzl", "cpp_lionhead_harness") - -oncall("secure_pipes") - -cpp_lionhead_harness( - name = "fizz_expecting_client_hello", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingClientHello"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_expecting_retry_client_hello", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingRetryClientHello"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_expecting_retry_ech_client_hello", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingRetryECHClientHello"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_expecting_certificate", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingCertificate"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_expecting_certificate_verify", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingCertificate"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_accepting_early_data", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "AcceptingEarlyData"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_expecting_finished", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "ExpectingFinished"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_accepting_data", - srcs = ["ServerProtocolFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerProtocolFuzzer", "AcceptingEarlyData"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/crypto/hpke/test:mocks", - "//fizz/facebook/fuzzer:fuzz_handshake_context", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/protocol/test:mocks", - "//fizz/server:fizz_server", - "//fizz/server:protocol", - "//folly/executors:manual_executor", - ], -) - -cpp_lionhead_harness( - name = "fizz_server_w_mocks", - srcs = ["ServerFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerFuzzer", "ServerWithMocksAccepting"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/server:fizz_server", - "//folly/io/async:async_base", - ], -) - -cpp_lionhead_harness( - name = "fizz_server_w_fakes", - srcs = ["ServerFuzzer.cpp"], - context_task = "T144013895", - ftest_name = ("ServerFuzzer", "ServerWithFakesAccepting"), - metadata = Metadata( - exposure = EXTERNAL_USERS, - project = "oncall_secure_pipes", - severity_denial_of_service = Severity.FILE_SECURITY_TASK, - severity_service_takeover = Severity.FILE_SECURITY_TASK, - ), - deps = [ - "fbsource//third-party/googletest:gtest", - "fbsource//xplat/security/lionhead/utils/lib_ftest:lib", - "//fizz/facebook/fuzzer:fuzz_server_context_builder", - "//fizz/server:fizz_server", - "//folly/io/async:async_base", - ], -)