From 78b79c3578ce3f6cc10177cf9274949c802289f5 Mon Sep 17 00:00:00 2001 From: Matthieu Napoli Date: Tue, 17 Oct 2023 16:09:36 +0200 Subject: [PATCH] Fix SSL certificate location --- php-80/Dockerfile | 4 ++-- php-81/Dockerfile | 4 ++-- php-82/Dockerfile | 4 ++-- php-83/Dockerfile | 4 ++-- tests/test_2_extensions.php | 6 ++++-- 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/php-80/Dockerfile b/php-80/Dockerfile index b0abef31..07943224 100644 --- a/php-80/Dockerfile +++ b/php-80/Dockerfile @@ -182,8 +182,8 @@ RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/opcache RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_mysql.so /bref-layer/lib RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_pgsql.so /bref-layer/lib -# Copy the OpenSSL certificates file -RUN cp /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem +# Create a symbolic link to the OpenSSL certificates file for BC purposes +RUN ln -s /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem # --------------------------------------------------------------- diff --git a/php-81/Dockerfile b/php-81/Dockerfile index 581ae894..35e2f122 100644 --- a/php-81/Dockerfile +++ b/php-81/Dockerfile @@ -182,8 +182,8 @@ RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/opcache RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_mysql.so /bref-layer/lib RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_pgsql.so /bref-layer/lib -# Copy the OpenSSL certificates file -RUN cp /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem +# Create a symbolic link to the OpenSSL certificates file for BC purposes +RUN ln -s /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem # --------------------------------------------------------------- diff --git a/php-82/Dockerfile b/php-82/Dockerfile index b772ad49..f2a8cf0e 100644 --- a/php-82/Dockerfile +++ b/php-82/Dockerfile @@ -182,8 +182,8 @@ RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/opcache RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_mysql.so /bref-layer/lib RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_pgsql.so /bref-layer/lib -# Copy the OpenSSL certificates file -RUN cp /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem +# Create a symbolic link to the OpenSSL certificates file for BC purposes +RUN ln -s /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem # --------------------------------------------------------------- diff --git a/php-83/Dockerfile b/php-83/Dockerfile index 34c01133..fa9b8ae7 100644 --- a/php-83/Dockerfile +++ b/php-83/Dockerfile @@ -184,8 +184,8 @@ RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/opcache RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_mysql.so /bref-layer/lib RUN php /bref/lib-copy/copy-dependencies.php /bref-layer/bref/extensions/pdo_pgsql.so /bref-layer/lib -# Copy the OpenSSL certificates file -RUN cp /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem +# Create a symbolic link to the OpenSSL certificates file for BC purposes +RUN ln -s /etc/ssl/cert.pem /bref-layer/bref/ssl/cert.pem # --------------------------------------------------------------- diff --git a/tests/test_2_extensions.php b/tests/test_2_extensions.php index d04c6b04..09662c0f 100644 --- a/tests/test_2_extensions.php +++ b/tests/test_2_extensions.php @@ -85,8 +85,10 @@ // Check that the default certificate file exists // https://github.com/brefphp/aws-lambda-layers/issues/53 'curl-openssl-certificates' => file_exists(openssl_get_cert_locations()['default_cert_file']), - // Check its location has not changed (would be a breaking change) - 'curl-openssl-certificates-location' => openssl_get_cert_locations()['default_cert_file'] === '/opt/bref/ssl/cert.pem', + // Check its location + 'curl-openssl-certificates-location' => openssl_get_cert_locations()['default_cert_file'] === '/etc/pki/tls/cert.pem', + // Check the file in previous Bref versions is still here (would be a breaking change) + 'curl-openssl-certificates-backwards-compatibility' => file_exists('/opt/bref/ssl/cert.pem'), 'json' => function_exists('json_encode'), 'bcmath' => function_exists('bcadd'), 'ctype' => function_exists('ctype_digit'),