github.com/Psiphon-Labs/tls-tris@v0.0.0-20230824155421-58bf6d336a9a/_dev/tstclnt/Dockerfile (about) 1 FROM buildpack-deps 2 3 RUN hg clone https://hg.mozilla.org/projects/nspr 4 RUN hg clone https://hg.mozilla.org/projects/nss 5 6 ENV USE_64=1 NSS_ENABLE_TLS_1_3=1 7 # Incremental build snapshot disabled as dependencies don't seem to be solid: 8 # the same value changed in a header file would apply to one .c file and not another 9 # RUN cd nss && make nss_build_all 10 11 # Draft 15 12 # ARG REVISION=c483e5f9e0bc 13 14 # Draft 16 15 # ARG REVISION=3e7b53b18112 16 17 # Draft 18 18 # ARG REVISION=b6dfef6d0ff0 19 20 # Draft 18, NSS_3_34_1_RTM (with TLS 1.3 keylogging support) 21 # ARG REVISION=e61c0f657100 22 23 # Draft 22 24 #ARG REVISION=88c3f3fa581b 25 26 # Draft 23 27 # ARG REVISION=16c622c9e1cc 28 29 # Latest 30 ARG REVISION=ee357b00f2e6 31 32 RUN cd nss && hg pull 33 RUN cd nss && hg checkout -C $REVISION 34 35 ADD *.patch ./ 36 RUN for p in *.patch; do patch -p1 -d nss < $p; done 37 38 RUN cd nss && make nss_build_all 39 40 # ENV HOST=localhost 41 # RUN cd nss/tests/ssl_gtests && ./ssl_gtests.sh 42 43 RUN cd nss && make install 44 45 RUN mv /dist/$(uname -s)$(uname -r | cut -f 1-2 -d . -)_$(uname -m)_${CC:-cc}_glibc_PTH_64_$([ -n "$BUILD_OPT" ] && echo OPT || echo DBG).OBJ /dist/OBJ-PATH 46 47 ENV LD_LIBRARY_PATH=/dist/OBJ-PATH/lib 48 49 ENV SSLTRACE=100 SSLDEBUG=100 50 51 # Init test key using an empty noise (seed) file (-z /dev/null). 52 # Use different subjects, otherwise NSS seems to merge keys under the same nickname. 53 RUN mkdir /certdb && \ 54 /dist/OBJ-PATH/bin/certutil -d /certdb -N --empty-password && \ 55 /dist/OBJ-PATH/bin/certutil -d /certdb -S -n rsa-server -t u -x -s CN=localhost -k rsa -z /dev/null && \ 56 /dist/OBJ-PATH/bin/certutil -d /certdb -S -n ecdsa-server -t u -x -s CN=localhost,O=EC -k ec -z /dev/null -q nistp256 57 58 ADD httpreq.txt /httpreq.txt 59 ADD run.sh /run.sh 60 ADD server.sh /server.sh 61 ENTRYPOINT ["/run.sh"]