aeris
/
cryptcheck-rails
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64 Commits
2 Branches
254KB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
cryptcheck-rails/README.md

README.md 2.4KB
Raw Permalink Normal View History

Readme
3 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. # Preliminary warning

  2. 

  3. Cryptcheck relies on compiling a very unsecure version of OpenSSL.

  4. When manipulating such library, you need to be sure of what you are doing to

  5. never deploy it on a production grade system.

  6. Particularly, be sure to never hit `make install` during a manual build.

  7. 

  8. Build process can be quiet hard, because relying on number of tricks to be able

  9. to use this weakened library not globally install on your system.

  10. `LD_LIBRARY_PATH`, `C_INCLUDE_PATH`, `LIBRARY_PATH` and other environment

  11. variables are used to inject what is needed during build process and at runtime

  12. to override system headers and libraries.

  13. 

  14. Build process is at this time not garanteed to be reproductible.

  15. Because of above tricks, error can happen and you need to understand GNU

  16. internals and debug tools like `strace` to spot the cause of the trouble and to

  17. fix it.

  18. Given Makefiles are more generic guidelines and build recipes than fully

  19. automated build.

  20. 

  21. # How to hack

  22. 

  23. ## Setup rbenv

  24. 

  25. Because of the need of a weakened Ruby build, you need

  26. [`rbenv`](https://github.com/rbenv/rbenv) on your system to isolate this Ruby

  27. version from your eventual system version.

  28. 

  29. See there readme and wiki for setup process.

  30. TL;DR;

  31. 

  32. ```bash

  33. export RBENV_ROOT="${HOME}/.rbenv"

  34. export PATH="${RBENV_ROOT}/bin:${PATH}"

  35. apt install -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev

  36. 

  37. git clone https://github.com/rbenv/rbenv "${RBENV_ROOT}"

  38. 

  39. mkdir -p "${RBENV_ROOT}/plugins"

  40. git clone https://github.com/rbenv/ruby-build "${RBENV_ROOT}/plugins/ruby-build"

  41. 

  42. eval "$(rbenv init -)"

  43. ```

  44. 

  45. ## Build the engine

  46. 

  47. Goal is to build the weakened OpenSSL library, then a custom Ruby version based

  48. on it.

  49. 

  50. ```bash

  51. git clone https://git.imirhil.fr/aeris/cryptcheck

  52. cd cryptcheck

  53. make

  54. make install-rbenv-cryptcheck

  55. ```

  56. 

  57. ## Setup the front-end

  58. 

  59. ```bash

  60. git clone https://git.imirhil.fr/aeris/cryptcheck-rails

  61. cd cryptcheck-rails

  62. rbenv local 2.3.3-cryptcheck

  63. export LD_LIBRARY_PATH=../cryptcheck/lib

  64. bundle install

  65. ```

  66. 

  67. ## Mongo & Redis

  68. 

  69. You need a [MongoDB](https://www.mongodb.com/) and a [Redis](https://redis.io/)

  70. server.

  71. 

  72. ```bash

  73. apt install -y mongodb-server redis-server

  74. ```

  75. 

  76. # Launch CryptCheck

  77. 

  78. ## Launch the front-end

  79. 

  80. ```bash

  81. export LD_LIBRARY_PATH=../cryptcheck/lib

  82. bin/guard -i

  83. ```

  84. 

  85. ## Launch the worker

  86. 

  87. ```bash

  88. export LD_LIBRARY_PATH=../cryptcheck/lib

  89. bin/sidekiq

  90. ```