2021-04-15 16:34:32 +00:00
|
|
|
# Copyright 2021 Google LLC
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
#
|
|
|
|
################################################################################
|
|
|
|
|
2022-08-24 14:31:28 +00:00
|
|
|
# Held back because of github.com/google/oss-fuzz/pull/8313
|
|
|
|
# Please fix failure and upgrade.
|
|
|
|
FROM gcr.io/oss-fuzz-base/base-builder@sha256:111d6b9d3a52bd3392602c71dc8936c628607a7a9bc86d381db7586f9b1e840f
|
2022-02-07 20:53:09 +00:00
|
|
|
RUN apt-get update && apt-get install -y make autoconf automake libtool wget python bison flex texinfo lzip
|
2023-01-31 23:33:06 +00:00
|
|
|
RUN git clone --depth 1 --branch cryptofuzz https://github.com/libecc/libecc.git
|
2021-04-15 16:34:32 +00:00
|
|
|
RUN git clone --depth 1 https://github.com/randombit/botan.git
|
2022-02-18 16:06:11 +00:00
|
|
|
RUN git clone https://github.com/wolfssl/wolfssl
|
2021-04-15 16:34:32 +00:00
|
|
|
RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz
|
Fix libgmp download in multiple projects (#9314)
The certificate of https://gmplib.org/ has expired. The website displays
the following message:
```
YES, THE CERTIFICATE IS EXPIRED. Sorry about that. We're working on the renewal process. Unfortunately, our SSL provider changes the renewal interface each year, and it is always a challenge to figure out what to do. Now the only actions are REGENERATE (actiually not, as the cert is expired), REVOKE (well, not desirable) and INTERMEDIATE CERTIFICATE (which is not an action but a thing, oh well.
```
But this is breaking a lot of builds and this still hasn't been fixed
after a few days, so with this PR I'm instead downloading the libgmp
source archive and bypass the certificate check and manually verify the
sha256 hash of the downloaded file.
Only the `cryptofuzz` and `bignum-fuzzer` projects ideally need to use
the latest repository checkout, instead of a versioned source archive,
because with these projects the aim is to find bugs in libgmp. In all
other projects, libgmp only serves as an oracle, and using the latest
stable version is fine.
Once gmp fixes their certificate, I will revert `cryptofuzz` and
`bignum-fuzzer` to use the repository again. For now it's ok to use the
latest stable version.
2022-12-30 13:32:40 +00:00
|
|
|
RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz
|
|
|
|
RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz"
|
2021-05-04 02:26:18 +00:00
|
|
|
RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2
|
2021-04-15 16:34:32 +00:00
|
|
|
COPY build.sh $SRC/
|
2022-06-09 09:39:25 +00:00
|
|
|
# This is to fix Fuzz Introspector build by using LLVM old pass manager
|
|
|
|
# re https://github.com/ossf/fuzz-introspector/issues/305
|
|
|
|
ENV OLD_LLVMPASS 1
|