From 594705685372bad5753100a5c7a07b5dd879470b Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 19 May 2023 08:02:40 +0100 Subject: [PATCH] [bitnami/nginx] Release 1.23.4-debian-11-r18 (#34540) Signed-off-by: Bitnami Containers --- bitnami/nginx/1.23/debian-11/Dockerfile | 6 +++--- .../1.23/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh | 7 ++++++- .../rootfs/opt/bitnami/scripts/nginx/postunpack.sh | 6 ++++++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/bitnami/nginx/1.23/debian-11/Dockerfile b/bitnami/nginx/1.23/debian-11/Dockerfile index 1b7beb010e9f..62f0ec623655 100644 --- a/bitnami/nginx/1.23/debian-11/Dockerfile +++ b/bitnami/nginx/1.23/debian-11/Dockerfile @@ -3,10 +3,10 @@ FROM docker.io/bitnami/minideb:bullseye ARG TARGETARCH LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-05-16T06:25:42Z" \ + org.opencontainers.image.created="2023-05-19T06:48:34Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.23.4-debian-11-r17" \ + org.opencontainers.image.ref.name="1.23.4-debian-11-r18" \ org.opencontainers.image.title="nginx" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="1.23.4" @@ -19,7 +19,7 @@ ENV HOME="/" \ COPY prebuildfs / SHELL ["/bin/bash", "-o", "pipefail", "-c"] # Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 procps zlib1g +RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 openssl procps zlib1g RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \ diff --git a/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh index 8dffa1576177..ef12f1cf24b7 100644 --- a/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh +++ b/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh @@ -652,7 +652,12 @@ nginx_generate_sample_certs() { SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" openssl genrsa -out "$SSL_KEY_FILE" 4096 - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" + # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x + if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then + openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" + else + openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" + fi openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") rm -f "$SSL_CSR_FILE" else diff --git a/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh index 58259b072314..93964da92f41 100755 --- a/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh +++ b/bitnami/nginx/1.23/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh @@ -64,3 +64,9 @@ ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs" ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log" ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log" + +# This file is necessary for avoiding the error +# "unable to write random state" +# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean + +touch /.rnd && chmod g+rw /.rnd