Go to file
aeris 4e60bd5eb7 Hall of (flame|shame) 2022-06-26 15:34:24 +02:00
app Hall of (flame|shame) 2022-06-26 15:34:24 +02:00
bin Split workers & use workflows 2022-03-23 14:11:45 +01:00
config Hall of (flame|shame) 2022-06-26 15:34:24 +02:00
db Hall of (flame|shame) 2022-06-26 15:34:24 +02:00
lib Move lib class in /app instead of /lib 2016-04-22 21:30:27 +02:00
log Initial commit 2015-08-22 23:55:40 +02:00
public Initial commit 2015-08-22 23:55:40 +02:00
spec Stat model 2022-05-24 14:09:07 +02:00
vendor/assets Initial commit 2015-08-22 23:55:40 +02:00
.dockerignore Dockerization 2017-12-27 18:19:43 +01:00
.gitignore Upgrade to Rails 7.2 2022-03-23 14:11:45 +01:00
.ruby-version Upgrade to Rails 7.2 2022-03-23 14:11:45 +01:00
Dockerfile Dockerization 2017-12-27 18:19:43 +01:00
Gemfile Integrate RSpec 2022-05-24 14:08:42 +02:00
Gemfile-2.3 Split workers & use workflows 2022-03-23 14:11:45 +01:00
Gemfile-2.3.lock Split workers & use workflows 2022-03-23 14:11:45 +01:00
Guardfile Readme 2018-02-18 17:29:32 +01:00
LICENSE Initial commit 2015-08-22 23:55:40 +02:00
Procfile Split workers & use workflows 2022-03-23 14:11:45 +01:00
README.md Readme 2018-02-18 17:29:32 +01:00
Rakefile Initial commit 2015-08-22 23:55:40 +02:00
babel.config.js Upgrade to Rails 7.2 2022-03-23 14:11:45 +01:00
config.ru Clean config & sentry 2019-12-01 23:26:41 +01:00
docker-compose.yml Dockerization 2017-12-27 18:19:43 +01:00
package.json Upgrade to Rails 7.2 2022-03-23 14:11:45 +01:00
postcss.config.js Upgrade to Rails 7.2 2022-03-23 14:11:45 +01:00


Preliminary warning

Cryptcheck relies on compiling a very unsecure version of OpenSSL. When manipulating such library, you need to be sure of what you are doing to never deploy it on a production grade system. Particularly, be sure to never hit make install during a manual build.

Build process can be quiet hard, because relying on number of tricks to be able to use this weakened library not globally install on your system. LD_LIBRARY_PATH, C_INCLUDE_PATH, LIBRARY_PATH and other environment variables are used to inject what is needed during build process and at runtime to override system headers and libraries.

Build process is at this time not garanteed to be reproductible. Because of above tricks, error can happen and you need to understand GNU internals and debug tools like strace to spot the cause of the trouble and to fix it. Given Makefiles are more generic guidelines and build recipes than fully automated build.

How to hack

Setup rbenv

Because of the need of a weakened Ruby build, you need rbenv on your system to isolate this Ruby version from your eventual system version.

See there readme and wiki for setup process. TL;DR;

export RBENV_ROOT="${HOME}/.rbenv"
export PATH="${RBENV_ROOT}/bin:${PATH}"
apt install -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev

git clone https://github.com/rbenv/rbenv "${RBENV_ROOT}"

mkdir -p "${RBENV_ROOT}/plugins"
git clone https://github.com/rbenv/ruby-build "${RBENV_ROOT}/plugins/ruby-build"

eval "$(rbenv init -)"

Build the engine

Goal is to build the weakened OpenSSL library, then a custom Ruby version based on it.

git clone https://git.imirhil.fr/aeris/cryptcheck
cd cryptcheck
make install-rbenv-cryptcheck

Setup the front-end

git clone https://git.imirhil.fr/aeris/cryptcheck-rails
cd cryptcheck-rails
rbenv local 2.3.3-cryptcheck
export LD_LIBRARY_PATH=../cryptcheck/lib
bundle install

Mongo & Redis

You need a MongoDB and a Redis server.

apt install -y mongodb-server redis-server

Launch CryptCheck

Launch the front-end

export LD_LIBRARY_PATH=../cryptcheck/lib
bin/guard -i

Launch the worker

export LD_LIBRARY_PATH=../cryptcheck/lib