|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 |
- # Preliminary warning
-
- Cryptcheck relies on compiling a very unsecure version of OpenSSL.
- When manipulating such library, you need to be sure of what you are doing to
- never deploy it on a production grade system.
- Particularly, be sure to never hit `make install` during a manual build.
-
- Build process can be quiet hard, because relying on number of tricks to be able
- to use this weakened library not globally install on your system.
- `LD_LIBRARY_PATH`, `C_INCLUDE_PATH`, `LIBRARY_PATH` and other environment
- variables are used to inject what is needed during build process and at runtime
- to override system headers and libraries.
-
- Build process is at this time not garanteed to be reproductible.
- Because of above tricks, error can happen and you need to understand GNU
- internals and debug tools like `strace` to spot the cause of the trouble and to
- fix it.
- Given Makefiles are more generic guidelines and build recipes than fully
- automated build.
-
- # How to hack
-
- ## Setup rbenv
-
- Because of the need of a weakened Ruby build, you need
- [`rbenv`](https://github.com/rbenv/rbenv) on your system to isolate this Ruby
- version from your eventual system version.
-
- See there readme and wiki for setup process.
- TL;DR;
-
- ```bash
- export RBENV_ROOT="${HOME}/.rbenv"
- export PATH="${RBENV_ROOT}/bin:${PATH}"
- apt install -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev
-
- git clone https://github.com/rbenv/rbenv "${RBENV_ROOT}"
-
- mkdir -p "${RBENV_ROOT}/plugins"
- git clone https://github.com/rbenv/ruby-build "${RBENV_ROOT}/plugins/ruby-build"
-
- eval "$(rbenv init -)"
- ```
-
- ## Build the engine
-
- Goal is to build the weakened OpenSSL library, then a custom Ruby version based
- on it.
-
- ```bash
- git clone https://git.imirhil.fr/aeris/cryptcheck
- cd cryptcheck
- make
- make install-rbenv-cryptcheck
- ```
-
- ## Setup the front-end
-
- ```bash
- git clone https://git.imirhil.fr/aeris/cryptcheck-rails
- cd cryptcheck-rails
- rbenv local 2.3.3-cryptcheck
- export LD_LIBRARY_PATH=../cryptcheck/lib
- bundle install
- ```
-
- ## Mongo & Redis
-
- You need a [MongoDB](https://www.mongodb.com/) and a [Redis](https://redis.io/)
- server.
-
- ```bash
- apt install -y mongodb-server redis-server
- ```
-
- # Launch CryptCheck
-
- ## Launch the front-end
-
- ```bash
- export LD_LIBRARY_PATH=../cryptcheck/lib
- bin/guard -i
- ```
-
- ## Launch the worker
-
- ```bash
- export LD_LIBRARY_PATH=../cryptcheck/lib
- bin/sidekiq
- ```
|