diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index 2f0faa42..54afef8b 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -11,13 +11,13 @@ ansible apk apps appveyor -archs asan ASLR ath avx awor aws +basekit bestpractices bugtracker BUILDID @@ -55,16 +55,19 @@ cyggmp cyggomp cygz davidanson +debhelper devcontainer distro dmg dnf dns +Dockerfiles drwx drwxr drwxrwxr dynamicbase editorconfig +elfutils endfor esbenp exe @@ -108,16 +111,20 @@ LASTEXITCODE Lauchpad LDFLAGS len +libasan libbz libcrypt libexec libfuzzer libgmp libgomp +libnet libomp libopencl libpcap libpocl +libtsan +libubsan libusb lsb LWS @@ -135,6 +142,7 @@ OBJS ocl oidc omp +oneapi openmp oss osv @@ -154,6 +162,7 @@ Randomisation rar RCracker realpath +redhat redistributors rekor rsa diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 12fc716d..c7ffd350 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -30,3 +30,8 @@ updates: directory: /.clusterfuzzlite schedule: interval: daily + + - package-ecosystem: docker + directory: /CI/Dockerfiles + schedule: + interval: daily diff --git a/.github/workflows/build_CI.yml b/.github/workflows/build_CI.yml new file mode 100644 index 00000000..cce2c894 --- /dev/null +++ b/.github/workflows/build_CI.yml @@ -0,0 +1,108 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### + +--- +name: CI Docker image + +"on": + push: + branches: [images] + workflow_dispatch: + +env: + REPO: ghcr.io/${{ github.repository_owner }}/john-ci + +permissions: read-all +jobs: + build: + name: Build image + runs-on: ubuntu-latest + continue-on-error: true + + strategy: + matrix: + include: + - image-tag: fedora.latest + dockerfile: Dockerfile.FedoraLatest + - image-tag: fedora.flatpak + dockerfile: Dockerfile.flatpak.package + - image-tag: ubuntu.opencl + dockerfile: Dockerfile.OpenCL + - image-tag: ubuntu.devel + dockerfile: Dockerfile.UbuntuDevel + - image-tag: ubuntu.rolling + dockerfile: Dockerfile.UbuntuRolling + - image-tag: redhat.ubi8 + dockerfile: Dockerfile.RHUbi8 + + permissions: + packages: write + contents: read + + outputs: + image: ${{ steps.image.outputs.image }} + digest: ${{ steps.build-and-push.outputs.digest }} + + steps: + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Log in to GitHub Docker Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build container image + id: build-and-push + uses: docker/build-push-action@v5 + with: + push: true + file: "${{ github.workspace }}/CI/Dockerfiles/${{ matrix.dockerfile }}" + tags: | + ${{ env.REPO }}:${{ matrix.image-tag }} + ${{ env.REPO }}:${{ matrix.image-tag }}J${{ github.run_number }} + outputs: "type=image,name=target,\ + annotation-index.org.opencontainers.image.authors=Claudio André ,\ + annotation-index.org.opencontainers.image.description=John the Ripper CI" + + - name: Output image + id: image + run: | + image_name="${{ env.REPO }}:${{ matrix.image-tag }}" + echo "The image is $image_name" + echo "image=$image_name" >> "$GITHUB_OUTPUT" + + # It's unclear whether provenance can work with a matrix of Docker images + provenance: + if: ${{ false }} + needs: [build] + permissions: + actions: read # for detecting the GitHub Actions environment. + id-token: write # for creating OIDC tokens for signing. + packages: write # for uploading attestations. + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.0.0 + with: + image: ${{ needs.build.outputs.image }} + digest: ${{ needs.build.outputs.digest }} + registry-username: ${{ github.actor }} + secrets: + registry-password: ${{ secrets.GITHUB_TOKEN }} diff --git a/CI/Dockerfiles/Dockerfile.FedoraLatest b/CI/Dockerfiles/Dockerfile.FedoraLatest new file mode 100644 index 00000000..85674254 --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.FedoraLatest @@ -0,0 +1,36 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2017-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM fedora:latest +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Fedora Latest)" + +RUN dnf -y -q update && \ + dnf -y install \ + @development-tools openssl-devel gmp-devel libpcap-devel bzip2-devel wget \ + clang libasan libubsan libtsan american-fuzzy-lop zzuf pocl-devel \ + american-fuzzy-lop-clang && \ + useradd -U -m JtR + +USER JtR +ENV BASE fedora +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.OpenCL b/CI/Dockerfiles/Dockerfile.OpenCL new file mode 100644 index 00000000..ba703915 --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.OpenCL @@ -0,0 +1,36 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2017-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM ubuntu:23.04 +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Ubuntu 23 OpenCL)" + +RUN apt-get update -qq && \ + apt-get install -y \ + build-essential libssl-dev yasm libgmp-dev libpcap-dev pkg-config debhelper libnet1-dev \ + libbz2-dev wget llvm libomp-dev zlib1g-dev git clang afl zzuf \ + libpocl-dev ocl-icd-opencl-dev ocl-icd-libopencl1 pocl-opencl-icd opencl-headers && \ + useradd -U -m JtR + +# USER JtR => it is much better to use root on Travis +ENV BASE ubuntu +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.OpenCL-IntelCPU b/CI/Dockerfiles/Dockerfile.OpenCL-IntelCPU new file mode 100644 index 00000000..6ab7c19f --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.OpenCL-IntelCPU @@ -0,0 +1,46 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2023-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM ubuntu:22.04 +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Ubuntu 22 Intel OpenCL)" + +RUN apt-get update -qq \ + && apt-get install -y \ + build-essential libssl-dev zlib1g-dev yasm libgmp-dev libpcap-dev \ + pkg-config libbz2-dev wget \ + ocl-icd-opencl-dev clinfo git \ + && wget -O- https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB \ + | gpg --dearmor | tee /usr/share/keyrings/oneapi-archive-keyring.gpg > /dev/null \ + && echo "deb [signed-by=/usr/share/keyrings/oneapi-archive-keyring.gpg] https://apt.repos.intel.com/oneapi all main" \ + | tee /etc/apt/sources.list.d/oneAPI.list \ + && apt-get update -qq \ + && apt-get install -y \ + intel-oneapi-runtime-opencl intel-basekit \ + && useradd -U -m JtR \ + && apt-get -y clean \ + && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/* + +# Workaround for an issue in Intel libraries installation script +ENV LD_LIBRARY_PATH=/opt/intel/oneapi/2024.0/lib/:"$LD_LIBRARY_PATH" +ENV BASE ubuntu +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.RHUbi8 b/CI/Dockerfiles/Dockerfile.RHUbi8 new file mode 100644 index 00000000..ec539612 --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.RHUbi8 @@ -0,0 +1,33 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM registry.access.redhat.com/ubi8/ubi +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Red Hat 8)" + +RUN yum -y -q update && \ + yum -y install \ + openssl-devel gmp-devel libpcap-devel bzip2-devel wget gcc git perl && \ + useradd -U -m JtR + +ENV BASE RedHat-UBI +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.UbuntuDevel b/CI/Dockerfiles/Dockerfile.UbuntuDevel new file mode 100644 index 00000000..1d281dbf --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.UbuntuDevel @@ -0,0 +1,36 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2017-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM ubuntu:devel +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Ubuntu Devel)" + +RUN apt-get update -qq && \ + export DEBIAN_FRONTEND="noninteractive" && \ + apt-get install -y \ + build-essential libssl-dev yasm libgmp-dev libpcap-dev pkg-config debhelper libnet1-dev \ + libbz2-dev wget llvm libomp-dev zlib1g-dev git clang && \ + useradd -U -m JtR + +# USER JtR => it is much better to use root on Travis +ENV BASE ubuntu +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.UbuntuRolling b/CI/Dockerfiles/Dockerfile.UbuntuRolling new file mode 100644 index 00000000..eb0b3087 --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.UbuntuRolling @@ -0,0 +1,37 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2017-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM ubuntu:rolling +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Ubuntu Rolling)" + +RUN apt-get update -qq && \ + export DEBIAN_FRONTEND="noninteractive" && \ + apt-get install -y \ + build-essential libssl-dev yasm libgmp-dev libpcap-dev pkg-config debhelper libnet1-dev \ + libbz2-dev wget llvm libomp-dev zlib1g-dev git clang \ + libusb-1.0-0-dev && \ + useradd -U -m JtR + +# USER JtR => it is much better to use root on Travis +ENV BASE ubuntu +CMD /bin/bash diff --git a/CI/Dockerfiles/Dockerfile.flatpak.package b/CI/Dockerfiles/Dockerfile.flatpak.package new file mode 100644 index 00000000..c309dfea --- /dev/null +++ b/CI/Dockerfiles/Dockerfile.flatpak.package @@ -0,0 +1,36 @@ +############################################################################### +# _ _ _ _ _____ _ +# | | | | | | | | | __ \(_) +# | | ___ | |__ _ __ | |_| |__ ___ | |__) |_ _ __ _ __ ___ _ __ +# _ | |/ _ \| '_ \| '_ \ | __| '_ \ / _ \ | _ /| | '_ \| '_ \ / _ \ '__| +# | |__| | (_) | | | | | | | | |_| | | | __/ | | \ \| | |_) | |_) | __/ | +# \____/ \___/|_| |_|_| |_| \__|_| |_|\___| |_| \_\_| .__/| .__/ \___|_| +# | | | | +# |_| |_| +# +# Copyright (c) 2017-2024 Claudio André +# +# This program comes with ABSOLUTELY NO WARRANTY; express or implied. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, as expressed in version 2, seen at +# http://www.gnu.org/licenses/gpl-2.0.html +############################################################################### +# Dockerfile for Continuous Integration +# More info at https://github.com/openwall/john-packages + +FROM fedora:latest +LABEL org.opencontainers.image.authors="Claudio André " +LABEL description="Docker images for John the Ripper CI (1.0.Fedora Latest Flatpak)" + +RUN dnf -y -q update && \ + dnf -y install \ + flatpak flatpak-builder elfutils wget git && \ + flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo && \ + flatpak install -y flathub org.freedesktop.Platform//23.08 org.freedesktop.Sdk//23.08 && \ + useradd -U -m JtR + +USER JtR +ENV BASE fedora +CMD /bin/bash