1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 |
- FROM graphene
- ENV SGX_SDK=/opt/intel/sgxsdk/
- RUN mkdir source
- WORKDIR source
- RUN git clone https://github.com/openssl/openssl.git OpenSSL_1.1.1d && \
- cd OpenSSL_1.1.1d && git checkout tags/OpenSSL_1_1_1d && \
- cd ../ && tar -cf OpenSSL_1.1.1d.tar.gz OpenSSL_1.1.1d/
- RUN git clone https://github.com/intel/intel-sgx-ssl.git && \
- cd intel-sgx-ssl && git checkout tags/lin_2.5_1.1.1d && \
- cp ../OpenSSL_1.1.1d.tar.gz ./openssl_source/ && \
- cd Linux && make && make install
- RUN git clone https://git-crysp.uwaterloo.ca/miti/dhmsgs_proto_defs.git && \
- cd dhmsgs_proto_defs/ && protoc --cpp_out=./ ./*.proto
- RUN git clone https://git-crysp.uwaterloo.ca/miti/Decryptor.git && \
- cd Decryptor/ && make
- RUN git clone https://git-crysp.uwaterloo.ca/miti/commonVerifierPHPfiles.git
- RUN git clone https://git-crysp.uwaterloo.ca/miti/linux-sgx-trts-modified.git && \
- cd linux-sgx-trts-modified && git checkout local_attestation_for_graphene && \
- bash ./download_prebuilt.sh && make USE_OPT_LIBS=0
- RUN git clone https://git-crysp.uwaterloo.ca/miti/verifier.git && \
- cd verifier/ && git checkout recreating_state_for_teeter && \
- export SGX_SDK_TRTS_MODIFIED=/root/source/linux-sgx-trts-modified/build/linux && make && \
- cp verifier /root/graphene/LibOS/shim/test/native && \
- git checkout master && \
- cp verifier.manifest.template /root/graphene/LibOS/shim/test/native
- WORKDIR /root/graphene/LibOS/shim/test/native
- RUN sed -i s/ls.manifest/'ls.manifest verifier.manifest'/g Makefile
- RUN make SGX=1
- RUN apt update && apt install -y php7.0-dev tmux libxml2-dev
- WORKDIR /root/source
- RUN git clone --recursive https://github.com/CopernicaMarketingSoftware/PHP-CPP.git && \
- cd PHP-CPP/ && git checkout tags/v2.1.4 && make all && \
- cp libphpcpp.so.* /usr/lib/ && make install
- RUN apt update && apt install -y build-essential flex libapr1-dev libaprutil1-dev libpcre2-dev apache2-utils libssl-dev
- RUN git clone https://git-crysp.uwaterloo.ca/miti/Apache_PHP_extension.git && \
- cd Apache_PHP_extension && git checkout recreating_state_for_teeter && \
- make
- WORKDIR /root/graphene/LibOS/shim/test/apps/apache
- RUN sed -i s/'LISTEN_HOST ?= 127.0.0.1'/'LISTEN_HOST ?= 0.0.0.0'/g Makefile
- RUN sed -i 's:testdata ssldata:ssldata $(INSTALL_DIR)/modules/libphp7.so:' Makefile
- RUN sed -i s/"'-'"/"'-' | tr '+' 'p'"/g Makefile
- RUN cp /root/source/Apache_PHP_extension/*.tar.gz ./
- RUN cat /root/source/Apache_PHP_extension/apacheMakefile >> Makefile
- RUN apt update && apt install -y build-essential flex libapr1-dev libaprutil1-dev libpcre2-dev apache2-utils libssl-dev
- RUN make SGX=1 build-apache-with-php
- RUN cp /root/source/Apache_PHP_extension/httpd.manifest.template ./
- RUN cp /root/source/Apache_PHP_extension/localattestation_decryption.so install/modules/
- RUN cp ./php-7.0.7/php.ini-development install/lib/php.ini
- RUN echo "extension_dir=/root/graphene/LibOS/shim/test/apps/apache/install/modules" >> install/lib/php.ini && \
- echo "extension=localattestation_decryption.so" >> install/lib/php.ini
- RUN cp /root/source/Apache_PHP_extension/*.php install/htdocs
- RUN printf '\nAcceptFilter http none\n<IfModule mime_module>\n AddType application/x-httpd-php .php\n</IfModule>\n' >> install/conf/httpd.conf
- WORKDIR /root
- COPY deploy_enclaves.sh ./
- RUN chmod 755 ./deploy_enclaves.sh
- COPY find_docker_ip.sh ./
- RUN chmod 755 ./find_docker_ip.sh
|