https://github.com/velocidex/c-aff4

An AFF4 C++ implementation.
https://github.com/velocidex/c-aff4

compression-formats compression-library digital-forensics forensics

Last synced: 10 months ago
JSON representation

An AFF4 C++ implementation.

• Host: GitHub
• URL: https://github.com/velocidex/c-aff4
• Owner: Velocidex
• License: apache-2.0
• Created: 2018-01-10T07:46:48.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2023-03-24T00:21:24.000Z (about 3 years ago)
• Last Synced: 2024-12-11T17:22:28.037Z (over 1 year ago)
• Topics: compression-formats, compression-library, digital-forensics, forensics
• Language: C++
• Homepage: http://docs.aff4.org
• Size: 3.85 MB
• Stars: 189
• Watchers: 18
• Forks: 33
• Open Issues: 31
• Metadata Files:
  • Readme: README.docker
  • Changelog: CHANGES
  • Contributing: CONTRIBUTING
  • License: LICENSE

Awesome Lists containing this project

README

          
Tested on:

- Windows 10

- Docker version 18.03.0-ce, build 0520e24302

- docker-compose version 1.20.1, build 5d8c71b2

Notes:

- Currently only supports building win32 targets.

Building:

- Install Docker Toolbox for Windows (https://docs.docker.com/toolbox/toolbox_install_windows/)

  - Though deprecated in favor of "Docker CE Desktop for Windows, Docker Toolbox for Windows will run

    on a Windows VM. Docker CE Desktop for Windows requires Hyper-V, which does not work well nested.

    It's likely that Docker CE Desktop for Windows will work just fine, if you can actually run it.

- Launch "Docker Quickstart Terminal". A Mingw32 bash terminal will open up.

- Within the terminal, change to the root directory of the c-aff4 source tree.

- Run "docker-compose build"

  - This builds the docker image, which contains all of the dependencies.

- To run configure step: "docker-compose run --rm builder-win32 configure"

  - Configure script is defined in docker/entrypoint.sh

  - Alternatively, if you'd like to create a debug build: "docker-compose.exe run --rm builder-win32 configure-debug"

- To build: "docker-compose run --rm builder-win32 build"

  - stripped binaries can be found in build/win32

  - Un-stripped binaries (with debugging symbols intact) can be found in the source tree (ex: tools/pmem/winpmem.exe)

- To enter the container: "docker-compose.exe run --rm builder-win32 bash"

Details:

- The docker file definition, docker/Dockerfile, defines two images:

  - aff4-builder-base (based off of ubuntu:18.04)

    - Installs all of the basic build tools and dependency sources.

    - Dependency sources are placed into /aff4-deps-src

    - Defines an entrypoint script (docker/entrypoint.sh) that allows c-aff4 to be built easily.

  - aff4-builder-win32 (based off of aff4-builder-base)

    - Installs mingw32 build toolchain

    - Defines many windows-specific environment variables

    - Builds all of the dependencies contained in /aff4-deps-src, installing them to /aff4-deps. All of the dependencies are statically-linked.

  - we should be able to easily create an "aff4-builder-linux" image, as well.

- docker-compose is used to make the orchestrating of the images a bit easier.

- When you execute "docker-compose run builder-win32 ...", the root of the c-aff4 source tree is mounted in the image as "/src".

- When building, the compiled binaries sit within your source tree just as though you had built them locally.

- This means that the cycle of editing code, building, and testing becomes much shorter.