docker-library
/
rabbitmq
mirror of https://github.com/docker-library/rabbitmq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove unnecessary `DEB_HOST_MULTIARCH`; test that custom openssl is being used

This commit is contained in:
Joseph Ferguson 2023-08-25 14:50:54 -07:00
parent 5080f219c3
commit 8e4a8b15d8
12 changed files with 42 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
3.10/alpine/Dockerfile generated
View File

@ -213,6 +213,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
3.10/ubuntu/Dockerfile generated
View File

@ -67,7 +67,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -94,9 +93,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -128,8 +127,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -204,6 +203,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

1
3.11/alpine/Dockerfile generated
View File

@ -213,6 +213,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
3.11/ubuntu/Dockerfile generated
View File

@ -67,7 +67,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -94,9 +93,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -128,8 +127,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -204,6 +203,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

1
3.12/alpine/Dockerfile generated
View File

@ -213,6 +213,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
3.12/ubuntu/Dockerfile generated
View File

@ -67,7 +67,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -94,9 +93,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -128,8 +127,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -204,6 +203,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

1
3.13-rc/alpine/Dockerfile generated
View File

@ -213,6 +213,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
3.13-rc/ubuntu/Dockerfile generated
View File

@ -67,7 +67,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -94,9 +93,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -128,8 +127,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -204,6 +203,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

1
3.9/alpine/Dockerfile generated
View File

@ -213,6 +213,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
3.9/ubuntu/Dockerfile generated
View File

@ -67,7 +67,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -94,9 +93,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -128,8 +127,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -204,6 +203,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

1
Dockerfile-alpine.template
View File

@ -247,6 +247,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\

12
Dockerfile-ubuntu.template
View File

@ -101,7 +101,6 @@ RUN set -eux; \
# Configure OpenSSL for compilation
cd "$OPENSSL_PATH"; \
# without specifying "--libdir", Erlang will fail during "crypto:supports()" looking for a "pthread_atfork" function that doesn't exist (but only on arm32v7/armhf??)
debMultiarch="$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# OpenSSL's "config" script uses a lot of "uname"-based target detection...
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
# https://deb.debian.org/debian/dists/unstable/main/
@ -128,9 +127,9 @@ RUN set -eux; \
enable-fips \
--prefix="$INSTALL_PATH_PREFIX" \
--openssldir="$OPENSSL_CONFIG_DIR" \
--libdir="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib/$debMultiarch" \
--libdir="$INSTALL_PATH_PREFIX/lib" \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
-Wl,-rpath="$INSTALL_PATH_PREFIX/lib" \
${opensslExtraConfig:-} \
; \
# Compile, install OpenSSL, verify that the command-line works & development headers are present
@ -162,8 +161,8 @@ RUN set -eux; \
cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \
CFLAGS="$(dpkg-buildflags --get CFLAGS)"; export CFLAGS; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib/$debMultiarch" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib/$(dpkg-architecture --query DEB_HOST_MULTIARCH)"; \
# add -rpath to avoid conflicts between our OpenSSL's "libssl.so" and the libssl package by making sure "$INSTALL_PATH_PREFIX/lib" is searched first (but only for Erlang/OpenSSL to avoid issues with other tools using libssl; https://github.com/docker-library/rabbitmq/issues/364)
export CFLAGS="$CFLAGS -Wl,-rpath=$INSTALL_PATH_PREFIX/lib"; \
hostArch="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)"; \
buildArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
dpkgArch="$(dpkg --print-architecture)"; dpkgArch="${dpkgArch##*-}"; \
@ -238,6 +237,7 @@ RUN set -eux; \
sed -i.ORIG -e "/\.include.*fips/ s!.*!.include $INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf!" \
-e '/# fips =/s/.*/fips = fips_sect/' "$INSTALL_PATH_PREFIX/etc/ssl/openssl.cnf"; \
sed -i.ORIG -e '/^activate/s/^/#/' "$INSTALL_PATH_PREFIX/etc/ssl/fipsmodule.cnf"; \
[ "$(command -v openssl)" = "$INSTALL_PATH_PREFIX/bin/openssl" ]; \
openssl version; \
openssl version -d; \
\