Merge pull request #3285 from glrvrl/glrvrl

added: PHP_DOWNGRADE_OPENSSL_TLS_VERSION
This commit is contained in:
Shao Yu-Lung (Allen) 2022-12-11 01:24:52 +08:00 committed by GitHub
commit 24aedbc852
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 11 additions and 6 deletions

View File

@ -65,6 +65,9 @@ PHP_IDE_CONFIG=serverName=laradock
PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false
# Accepted values: 1.2 - 1.1 - 1.0
PHP_DOWNGRADE_OPENSSL_TLS_VERSION=1.2
### Windows Path ########################################## ### Windows Path ##########################################
# A fix for Windows users, to ensure the application path works # A fix for Windows users, to ensure the application path works
@ -903,7 +906,6 @@ MAILU_WEBMAIL=rainloop
# Dav server implementation (value: radicale, none) # Dav server implementation (value: radicale, none)
MAILU_WEBDAV=radicale MAILU_WEBDAV=radicale
### TRAEFIK ################################################# ### TRAEFIK #################################################
TRAEFIK_HOST_HTTP_PORT=80 TRAEFIK_HOST_HTTP_PORT=80
@ -914,7 +916,6 @@ TRAEFIK_DASHBOARD_USER='admin:$2y$10$lXaL3lj6raFic6rFqr2.lOBoCudAIhB6zyoqObNg290
ACME_DOMAIN=example.org ACME_DOMAIN=example.org
ACME_EMAIL=email@example.org ACME_EMAIL=email@example.org
### MOSQUITTO ################################################# ### MOSQUITTO #################################################
MOSQUITTO_PORT=9001 MOSQUITTO_PORT=9001

View File

@ -283,6 +283,7 @@ services:
- INSTALL_TRADER=${PHP_FPM_INSTALL_TRADER} - INSTALL_TRADER=${PHP_FPM_INSTALL_TRADER}
- INSTALL_EVENT=${PHP_FPM_INSTALL_EVENT} - INSTALL_EVENT=${PHP_FPM_INSTALL_EVENT}
- DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} - DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL}
- DOWNGRADE_OPENSSL_TLS_VERSION=${PHP_DOWNGRADE_OPENSSL_TLS_VERSION}
- PUID=${PHP_FPM_PUID} - PUID=${PHP_FPM_PUID}
- PGID=${PHP_FPM_PGID} - PGID=${PHP_FPM_PGID}
- IMAGEMAGICK_VERSION=${PHP_FPM_IMAGEMAGICK_VERSION} - IMAGEMAGICK_VERSION=${PHP_FPM_IMAGEMAGICK_VERSION}

View File

@ -741,8 +741,9 @@ RUN set -eux; \
########################################################################### ###########################################################################
# Ref from https://github.com/Microsoft/msphpsql/wiki/Dockerfile-for-adding-pdo_sqlsrv-and-sqlsrv-to-official-php-image # Ref from https://github.com/Microsoft/msphpsql/wiki/Dockerfile-for-adding-pdo_sqlsrv-and-sqlsrv-to-official-php-image
########################################################################### ###########################################################################
# Add Microsoft repo for Microsoft ODBC Driver 13 for Linux # Add Microsoft repo for Microsoft ODBC Driver 13 for Linux \
apt-get install -yqq apt-transport-https gnupg lsb-release \ apt-get update \
&& apt-get install -yqq apt-transport-https gnupg lsb-release \
&& curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \ && curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \
&& curl https://packages.microsoft.com/config/debian/$(lsb_release -rs)/prod.list > /etc/apt/sources.list.d/mssql-release.list \ && curl https://packages.microsoft.com/config/debian/$(lsb_release -rs)/prod.list > /etc/apt/sources.list.d/mssql-release.list \
&& apt-get update -yqq \ && apt-get update -yqq \
@ -1202,9 +1203,10 @@ RUN set -xe; \
########################################################################### ###########################################################################
ARG DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false ARG DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false
ARG DOWNGRADE_OPENSSL_TLS_VERSION=1.2
RUN if [ ${DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} = true ]; then \ RUN if [ ${DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} = true ]; then \
sed -i 's,^\(MinProtocol[ ]*=\).*,\1'TLSv1.2',g' /etc/ssl/openssl.cnf \ sed -i 's,^\(MinProtocol[ ]*=\).*,\1'TLSv${DOWNGRADE_OPENSSL_TLS_VERSION}',g' /etc/ssl/openssl.cnf \
&& \ && \
sed -i 's,^\(CipherString[ ]*=\).*,\1'DEFAULT@SECLEVEL=1',g' /etc/ssl/openssl.cnf\ sed -i 's,^\(CipherString[ ]*=\).*,\1'DEFAULT@SECLEVEL=1',g' /etc/ssl/openssl.cnf\
;fi ;fi

View File

@ -532,7 +532,8 @@ RUN if [ ${INSTALL_GEARMAN} = true ]; then \
ARG INSTALL_PHPREDIS=false ARG INSTALL_PHPREDIS=false
RUN if [ ${INSTALL_PHPREDIS} = true ]; then \ RUN if [ ${INSTALL_PHPREDIS} = true ]; then \
apt-get install -yqq php${LARADOCK_PHP_VERSION}-redis \ apt-get update \
&& apt-get install -yqq php${LARADOCK_PHP_VERSION}-redis \
;fi ;fi
########################################################################### ###########################################################################