Merge pull request #65 from pi-hole/mbedtls-zip

DL6ER · web-flow · commit c1e798b75416 · 2023-04-05T04:42:41.000+02:00
Add mbedTLS library and ZIP into FTL builder
diff --git a/ftl-build/aarch64/Dockerfile b/ftl-build/aarch64/Dockerfile
@@ -4,6 +4,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN dpkg --add-architecture arm64 \
     && apt-get update \
@@ -30,6 +31,8 @@ RUN dpkg --add-architecture arm64 \
         jq \
         git \
         dnsutils \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 ENV CC aarch64-linux-gnu-gcc -isystem /usr/local/include
@@ -66,6 +69,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/armv4t/Dockerfile b/ftl-build/armv4t/Dockerfile
@@ -5,6 +5,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN dpkg --add-architecture armel \
     && apt-get update \
@@ -30,6 +31,8 @@ RUN dpkg --add-architecture armel \
         libc6:armel \
         xxd \
         jq \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 # Github actions/Checkout@v2 requires git >=2.18 else it will fall back to github API to download tarball
@@ -76,6 +79,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/armv5te/Dockerfile b/ftl-build/armv5te/Dockerfile
@@ -4,6 +4,7 @@ FROM debian:buster@sha256:0685c900f6e691bdda6980c0ed0779d20183bc58770059b64adb56
 ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
+ARG mbedtlsversion=3.4.0
 
 RUN dpkg --add-architecture armel \
     && apt-get update \
@@ -28,6 +29,8 @@ RUN dpkg --add-architecture armel \
         jq \
         git \
         dnsutils \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 ENV CC "arm-linux-gnueabi-gcc -isystem /usr/local/include"
@@ -58,6 +61,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/readline-${readlineversion}.tar.
     && cd .. \
     && rm -r readline-${readlineversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/armv6hf/Dockerfile b/ftl-build/armv6hf/Dockerfile
@@ -4,6 +4,7 @@ FROM debian:buster@sha256:0685c900f6e691bdda6980c0ed0779d20183bc58770059b64adb56
 ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
+ARG mbedtlsversion=3.4.0
 
 # Packages required to install compiler and libraries
 RUN dpkg --add-architecture armel \
@@ -29,6 +30,8 @@ RUN dpkg --add-architecture armel \
         xxd \
         jq \
         git \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 # Use cross-compiler from https://github.com/abhiTronix/raspberry-pi-cross-compilers
@@ -73,6 +76,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/readline-${readlineversion}.tar.
     && cd .. \
     && rm -r readline-${readlineversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/armv7hf/Dockerfile b/ftl-build/armv7hf/Dockerfile
@@ -4,6 +4,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN dpkg --add-architecture armhf \
     && apt-get update \
@@ -30,6 +31,8 @@ RUN dpkg --add-architecture armhf \
         jq \
         git \
         dnsutils \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 ENV CC "arm-linux-gnueabihf-gcc -isystem /usr/local/include"
@@ -67,6 +70,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/armv8a/Dockerfile b/ftl-build/armv8a/Dockerfile
@@ -4,6 +4,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN dpkg --add-architecture armhf \
     && apt-get update \
@@ -30,6 +31,8 @@ RUN dpkg --add-architecture armhf \
         jq \
         git \
         dnsutils \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 ENV CC "arm-linux-gnueabihf-gcc -march=armv8-a -isystem /usr/local/include"
@@ -68,6 +71,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/riscv64/Dockerfile b/ftl-build/riscv64/Dockerfile
@@ -4,6 +4,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN apt-get update \
     && apt-get install --no-install-recommends -y ca-certificates debian-ports-archive-keyring \
@@ -32,6 +33,8 @@ RUN apt-get update \
         jq \
         git \
         dnsutils \
+        perl \
+        python3 \
     && rm -rf /var/lib/apt/lists/*
 
 ENV CC riscv64-linux-gnu-gcc -isystem /usr/local/include
@@ -68,6 +71,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 FROM builder AS tester
 
 # For FTL test compilation
diff --git a/ftl-build/x86_32/Dockerfile b/ftl-build/x86_32/Dockerfile
@@ -4,6 +4,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 # We need a more recent dnsutils version for native HTTPS and SVCB support in dig
 RUN dpkg --add-architecture i386 \
@@ -35,6 +36,8 @@ RUN dpkg --add-architecture i386 \
         python3 \
         python3-yaml \
         python3-requests \
+        zip \
+        perl \
     && apt-get -t buster-backports install --no-install-recommends -y \
         dnsutils \
     && rm -rf /var/lib/apt/lists/*
@@ -88,6 +91,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 # Install bats-core directly into the build image
 RUN git clone https://github.com/bats-core/bats-core.git \
     && cd bats-core
diff --git a/ftl-build/x86_64-musl/Dockerfile b/ftl-build/x86_64-musl/Dockerfile
@@ -5,6 +5,7 @@ ARG idnversion=1.41
 ARG readlineversion=8.1
 ARG termcapversion=1.3.1
 ARG nettleversion=3.8.1
+ARG mbedtlsversion=3.4.0
 
 RUN apk add --no-cache \
         alpine-sdk \
@@ -24,7 +25,9 @@ RUN apk add --no-cache \
         m4 \
         python3 \
         py3-yaml \
-        py3-requests
+        zip \
+        py3-requests \
+        perl
 
 # Install pdns from community repo
 RUN echo "@community http://dl-cdn.alpinelinux.org/alpine/v${ALPINE_VER}/community" >> /etc/apk/repositories; \
@@ -70,6 +73,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/nettle-${nettleversion}.tar.gz |
     && cd .. \
     && rm -r nettle-${nettleversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 # Install bats-core directly into the build image
 RUN git clone https://github.com/bats-core/bats-core.git \
     && cd bats-core
diff --git a/ftl-build/x86_64/Dockerfile b/ftl-build/x86_64/Dockerfile
@@ -9,6 +9,7 @@ ARG libnftnlversion=1.2.3
 ARG nftablesversion=1.0.5
 ARG libnfnetlinkversion=1.0.2
 ARG libnetfilter_conntrackversion=1.0.9
+ARG mbedtlsversion=3.4.0
 
 # We need a more recent dnsutils version for native HTTPS and SVCB support in dig
 RUN echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" >> /etc/apt/sources.list \
@@ -42,6 +43,8 @@ RUN echo "deb http://deb.debian.org/debian buster-backports main contrib non-fre
         python3 \
         python3-yaml \
         python3-requests \
+        zip \
+        perl \
     && apt-get -t buster-backports install --no-install-recommends -y \
         dnsutils \
     && rm -rf /var/lib/apt/lists/*
@@ -130,6 +133,15 @@ RUN curl -sSL https://ftl.pi-hole.net/libraries/libnetfilter_conntrack-${libnetf
     && cd .. \
     && rm -r libnetfilter_conntrack-${libnetfilter_conntrackversion}
 
+# Build static mbedTLS with pthread support
+RUN curl -sSL https://ftl.pi-hole.net/libraries/mbedtls-${mbedtlsversion}.tar.gz | tar -xz \
+    && cd mbedtls-${mbedtlsversion} \
+    && sed -i '/#define MBEDTLS_THREADING_C/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && sed -i '/#define MBEDTLS_THREADING_PTHREAD/s*^//**g' include/mbedtls/mbedtls_config.h \
+    && make -j $(nproc) install \
+    && cd .. \
+    && rm -r mbedtls-${mbedtlsversion}
+
 # Install bats-core directly into the build image
 RUN git clone https://github.com/bats-core/bats-core.git \
     && cd bats-core
