Merge remote-tracking branch 'mercury-internal/trunk'

cisco · Aug 28, 2023 · c9b40f3 · c9b40f3
2 parents 80025a8 + abd40a8
commit c9b40f3
Show file tree

Hide file tree

Showing 24 changed files with 2,040 additions and 152 deletions.
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -0,0 +1,45 @@
+name: Docker Image Build and Publish
+
+on:
+  push:
+    branches:
+      - main
+      - docker-autobuild
+
+jobs:
+  build-and-push-image:
+    permissions:
+      packages: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Compute Docker image tags
+        id: set-tags
+        run: |
+          shortSHA=$(git rev-parse --short ${{ github.sha }})
+          echo "shatag=$shortSHA" >> "$GITHUB_OUTPUT"
+          if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
+            echo "tag=latest" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=test" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Build Docker image and publish to GitHub Container Registry
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}:${{ steps.set-tags.outputs.shatag }}
+            ghcr.io/${{ github.repository }}:${{ steps.set-tags.outputs.tag }}
diff --git a/Dockerfile b/Dockerfile
@@ -19,24 +19,38 @@
 # current working directory (/root).  This provides mercury some read and write
 # access to the host filesystem, such as a pcap file in your current directory.
 
-FROM alpine:latest
-RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
-    apk update && \
-    apk add --no-cache build-base git make gcc g++ linux-headers pkgconfig \
-    wget tar zlib-dev openssl-dev musl-dev libc-dev \
-    && rm -rf /var/cache/apk/*
+FROM debian:12-slim
+RUN apt-get update \
+    && apt-get install -y git build-essential \
+        pkg-config wget jq tcpreplay iproute2 sudo debconf \
+        zlib1g-dev libssl-dev libgmp-dev --no-install-recommends \
+    && rm -rf /var/lib/apt/lists/*
 
 COPY . /src
 WORKDIR /src
-RUN ./configure && make V=s use_fsanitize=no && make install-nonroot
+RUN ./configure \
+    && make V=s \
+    && make batch_gcd --dir=src \
+    && make tls_scanner --dir=src \
+    && make install-nonroot \
+    && make install-certtools
 
-FROM alpine:latest
+FROM debian:12-slim
 WORKDIR /root/
 COPY --from=0 /usr/local /usr/local
-RUN apk update && \
-    apk add --no-cache libstdc++ \
-    && rm -rf /var/cache/apk/*
-RUN addgroup mercury -S && adduser mercury -G mercury -S && \
-    chown -R mercury:mercury /usr/local/share/mercury /usr/local/var/mercury/
+RUN apt-get update \
+    && apt-get install -y libgmp10 libssl3 \
+    && rm -rf /var/lib/apt/lists/*
 
-ENTRYPOINT ["/usr/local/bin/mercury", "-u", "mercury", "-c", "eth0"]
+RUN addgroup --system mercury && adduser --system --group mercury \
+    && chown -R mercury:mercury /usr/local/share/mercury /usr/local/var/mercury/
+
+# Default entrypoint for "docker run" on this image
+ENTRYPOINT ["/usr/local/bin/mercury"]
+
+# Other possibilities (edit this file or specify via --entrypoint at run time)
+# ENTRYPOINT ["/usr/local/bin/mercury", "-u", "mercury", "-c", "eth0"]
+# ENTRYPOINT ["/usr/local/bin/batch_gcd"]
+# ENTRYPOINT ["/usr/local/bin/cert_analyze"]
+# ENTRYPOINT ["/usr/local/bin/tls_scanner"]
+# ENTRYPOINT ["/bin/bash"]
diff --git a/Dockerfile.alpine b/Dockerfile.alpine
@@ -0,0 +1,51 @@
+###
+## This Dockerfile provides an easy way to try mercury.
+#
+# Run this once:
+#   docker build -t mercury:default .
+#
+# Run mercury:
+#   docker run --rm -i --entrypoint /usr/local/bin/mercury \
+#       --volume .:/root mercury:default <args> <for> <mercury>
+#
+# You can then set this as a bash alias in your .bashrc:
+#   alias mercury='docker run --rm -i --entrypoint /usr/local/bin/mercury --volume .:/root mercury:default'
+#
+# In each of the commands above, feel free to replace name of the docker image
+# (mercury:default) with a different name/tag of your choosing, as long as it
+# remains consistent across the commands.
+#
+# The host's current working directory (.) will be mounted as the container's
+# current working directory (/root).  This provides mercury some read and write
+# access to the host filesystem, such as a pcap file in your current directory.
+
+FROM alpine:latest
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories \
+    && apk add --no-cache build-base git make gcc g++ linux-headers pkgconfig \
+        wget tar zlib-dev openssl-dev musl-dev libc-dev gmp-dev
+
+COPY . /src
+WORKDIR /src
+RUN ./configure \
+    && make V=s use_fsanitize=no \
+    && make batch_gcd --dir=src \
+    && make tls_scanner --dir=src \
+    && make install-nonroot \
+    && make install-certtools
+
+FROM alpine:latest
+WORKDIR /root/
+COPY --from=0 /usr/local /usr/local
+RUN apk add --no-cache libstdc++ gmp
+RUN addgroup mercury -S && adduser mercury -G mercury -S && \
+    chown -R mercury:mercury /usr/local/share/mercury /usr/local/var/mercury/
+
+# Default entrypoint for "docker run" on this image
+ENTRYPOINT ["/usr/local/bin/mercury"]
+
+# Other possibilities (edit this file or specify via --entrypoint at run time)
+# ENTRYPOINT ["/usr/local/bin/mercury", "-u", "mercury", "-c", "eth0"]
+# ENTRYPOINT ["/usr/local/bin/batch_gcd"]
+# ENTRYPOINT ["/usr/local/bin/cert_analyze"]
+# ENTRYPOINT ["/usr/local/bin/tls_scanner"]
+# ENTRYPOINT ["/bin/sh"]
diff --git a/Makefile b/Makefile
@@ -80,8 +80,16 @@ else
 	cd resources && $(MAKE) install-nonroot
 endif
 
+.PHONY: install-certtools
+install-certtools:
+ifneq ($(wildcard src/Makefile), src/Makefile)
+	@echo $(COLOR_RED) "error: run ./configure before running make (src/Makefile is missing)" $(COLOR_OFF)
+else
+	cd src && $(MAKE) install-certtools
+endif
+
 .PHONY: uninstall
-uninstall: uninstall-mercury uninstall-systemd
+uninstall: uninstall-mercury uninstall-systemd uninstall-certtools
 
 .PHONY: uninstall-mercury
 uninstall-mercury:
@@ -105,6 +113,14 @@ else
 	userdel mercury
 endif
 
+.PHONY: uninstall-certtools
+uninstall-certtools:
+ifneq ($(wildcard src/Makefile), src/Makefile)
+	@echo $(COLOR_RED) "error: run ./configure before running make (src/Makefile is missing)" $(COLOR_OFF)
+else
+	cd src && $(MAKE) uninstall-certtools
+endif
+
 # the target libs builds three versions of libmerc.so, and copies them
 # to the folder libs/
 .PHONY: libs
@@ -176,7 +192,7 @@ package-deb: mercury
 ifneq ($(wildcard src/Makefile), src/Makefile)
 	@echo $(COLOR_RED) "error: run ./configure before running make (src/Makefile is missing)" $(COLOR_OFF)
 else
-	./build_pkg.sh -t deb 
+	./build_pkg.sh -t deb
 endif
 
 .PHONY: package-rpm

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-2.5.19
+2.5.20
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
@@ -1,5 +1,10 @@
 # CHANGELOG for Mercury
 
+## Version 2.5.20
+
+* Added support to parse IP pkts encapsulated in SGT or Cisco Metadata.
+* Added a depth limit to the parsing of nested bencoding in Bittorrent protocol.
+
 ## Version 2.5.19
 
 * Improvements to `tls_scanner`, `batch_gcd`, and `cert_analyze`.