|
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- FROM buildpack-deps
-
- RUN hg clone https://hg.mozilla.org/projects/nspr
- RUN hg clone https://hg.mozilla.org/projects/nss
-
- ENV USE_64=1 NSS_ENABLE_TLS_1_3=1
- # Incremental build snapshot disabled as dependencies don't seem to be solid:
- # the same value changed in a header file would apply to one .c file and not another
- # RUN cd nss && make nss_build_all
-
- # Draft 15
- # ARG REVISION=c483e5f9e0bc
-
- # Draft 16
- # ARG REVISION=3e7b53b18112
-
- # Draft 18
- # ARG REVISION=b6dfef6d0ff0
-
- # Draft 18, NSS_3_34_1_RTM (with TLS 1.3 keylogging support)
- # ARG REVISION=e61c0f657100
-
- # Draft 22
- ARG REVISION=88c3f3fa581b
-
- RUN cd nss && hg pull
- RUN cd nss && hg checkout -C $REVISION
-
- ADD *.patch ./
- RUN for p in *.patch; do patch -p1 -d nss < $p; done
-
- RUN cd nss && make nss_build_all
-
- # ENV HOST=localhost
- # RUN cd nss/tests/ssl_gtests && ./ssl_gtests.sh
-
- RUN cd nss && make install
-
- RUN mv /dist/$(uname -s)$(uname -r | cut -f 1-2 -d . -)_$(uname -m)_${CC:-cc}_glibc_PTH_64_$([ -n "$BUILD_OPT" ] && echo OPT || echo DBG).OBJ /dist/OBJ-PATH
-
- ENV LD_LIBRARY_PATH=/dist/OBJ-PATH/lib
-
- ENV SSLTRACE=100 SSLDEBUG=100
-
- # Init test key using an empty noise (seed) file (-z /dev/null).
- # Use different subjects, otherwise NSS seems to merge keys under the same nickname.
- RUN mkdir /certdb && \
- /dist/OBJ-PATH/bin/certutil -d /certdb -N --empty-password && \
- /dist/OBJ-PATH/bin/certutil -d /certdb -S -n rsa-server -t u -x -s CN=localhost -k rsa -z /dev/null && \
- /dist/OBJ-PATH/bin/certutil -d /certdb -S -n ecdsa-server -t u -x -s CN=localhost,O=EC -k ec -z /dev/null -q nistp256
-
- ADD httpreq.txt /httpreq.txt
- ADD run.sh /run.sh
- ADD server.sh /server.sh
- ENTRYPOINT ["/run.sh"]
|