You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.md 2.4KB

3 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
  1. # Preliminary warning
  2. Cryptcheck relies on compiling a very unsecure version of OpenSSL.
  3. When manipulating such library, you need to be sure of what you are doing to
  4. never deploy it on a production grade system.
  5. Particularly, be sure to never hit `make install` during a manual build.
  6. Build process can be quiet hard, because relying on number of tricks to be able
  7. to use this weakened library not globally install on your system.
  8. `LD_LIBRARY_PATH`, `C_INCLUDE_PATH`, `LIBRARY_PATH` and other environment
  9. variables are used to inject what is needed during build process and at runtime
  10. to override system headers and libraries.
  11. Build process is at this time not garanteed to be reproductible.
  12. Because of above tricks, error can happen and you need to understand GNU
  13. internals and debug tools like `strace` to spot the cause of the trouble and to
  14. fix it.
  15. Given Makefiles are more generic guidelines and build recipes than fully
  16. automated build.
  17. # How to hack
  18. ## Setup rbenv
  19. Because of the need of a weakened Ruby build, you need
  20. [`rbenv`](https://github.com/rbenv/rbenv) on your system to isolate this Ruby
  21. version from your eventual system version.
  22. See there readme and wiki for setup process.
  23. TL;DR;
  24. ```bash
  25. export RBENV_ROOT="${HOME}/.rbenv"
  26. export PATH="${RBENV_ROOT}/bin:${PATH}"
  27. apt install -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev
  28. git clone https://github.com/rbenv/rbenv "${RBENV_ROOT}"
  29. mkdir -p "${RBENV_ROOT}/plugins"
  30. git clone https://github.com/rbenv/ruby-build "${RBENV_ROOT}/plugins/ruby-build"
  31. eval "$(rbenv init -)"
  32. ```
  33. ## Build the engine
  34. Goal is to build the weakened OpenSSL library, then a custom Ruby version based
  35. on it.
  36. ```bash
  37. git clone https://git.imirhil.fr/aeris/cryptcheck
  38. cd cryptcheck
  39. make
  40. make install-rbenv-cryptcheck
  41. ```
  42. ## Setup the front-end
  43. ```bash
  44. git clone https://git.imirhil.fr/aeris/cryptcheck-rails
  45. cd cryptcheck-rails
  46. rbenv local 2.3.3-cryptcheck
  47. export LD_LIBRARY_PATH=../cryptcheck/lib
  48. bundle install
  49. ```
  50. ## Mongo & Redis
  51. You need a [MongoDB](https://www.mongodb.com/) and a [Redis](https://redis.io/)
  52. server.
  53. ```bash
  54. apt install -y mongodb-server redis-server
  55. ```
  56. # Launch CryptCheck
  57. ## Launch the front-end
  58. ```bash
  59. export LD_LIBRARY_PATH=../cryptcheck/lib
  60. bin/guard -i
  61. ```
  62. ## Launch the worker
  63. ```bash
  64. export LD_LIBRARY_PATH=../cryptcheck/lib
  65. bin/sidekiq
  66. ```