[
https://issues.apache.org/jira/browse/GUACAMOLE-1945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17838658#comment-17838658
]
wuxiaobai edited comment on GUACAMOLE-1945 at 4/18/24 1:31 PM:
---------------------------------------------------------------
* https://issues.apache.org/jira/browse/GUACAMOLE-1894
* https://issues.apache.org/jira/browse/GUACAMOLE-1891
* https://issues.apache.org/jira/browse/GUACAMOLE-1741
I apologize, as my native language is not English, please forgive any errors in
my use of words.
As you can see, the previous code submission changed alpine:latest to
alpine:3.18 [GUACAMOLE-1891: Pin docker base image to Alpine Linux 3.18, which
still provides required GUACAMOLE-1891
package]([https://github.com/apache/guacamole-server/commit/21c72e3a968824c68cddb086ff07eb25dc670538]).
This is because in alpine:3.19, openssl1.1 has been replaced by openssl3.0
[[GUACAMOLE-1741: Build Docker image against OpenSSL 1.1 for VNC
compatibility|https://github.com/apache/guacamole-server/commit/f906b14f9f7102dfaaf11bbd7c694b1efeacafc2]]([https://github.com/apache/guacamole-server/commit/f906b14f9f7102dfaaf11bbd7c694b1efeacafc2).]
The same is true in debian, starting from debian 12, openssl1.1 can only be
built from source code, so I submitted this PR.
was (Author: qq296015668):
* https://issues.apache.org/jira/browse/GUACAMOLE-1894
* https://issues.apache.org/jira/browse/GUACAMOLE-1891
* https://issues.apache.org/jira/browse/GUACAMOLE-1741
I apologize, as my native language is not English, please forgive any errors in
my use of words.
As you can see, the previous code submission changed alpine:latest to
alpine:3.18 [[GUACAMOLE-1891: Pin docker base image to Alpine Linux 3.18, which
still provides required GUACAMOLE-1891
package.|https://github.com/apache/guacamole-server/commit/21c72e3a968824c68cddb086ff07eb25dc670538]](https://github.com/apache/guacamole-server/commit/21c72e3a968824c68cddb086ff07eb25dc670538).
This is because in alpine:3.19, openssl1.1 has been replaced by openssl3.0
[[GUACAMOLE-1741: Build Docker image against OpenSSL 1.1 for VNC
compatibility|https://github.com/apache/guacamole-server/commit/f906b14f9f7102dfaaf11bbd7c694b1efeacafc2]]([https://github.com/apache/guacamole-server/commit/f906b14f9f7102dfaaf11bbd7c694b1efeacafc2).]
The same is true in debian, starting from debian 12, openssl1.1 can only be
built from source code, so I submitted this PR.
> Changed OpenSSL to build using source code
> ------------------------------------------
>
> Key: GUACAMOLE-1945
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1945
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-server
> Reporter: wuxiaobai
> Priority: Minor
>
> Build OpenSSL from source code to adapt to newer operating systems.
> - https://github.com/apache/guacamole-server/pull/510
>
> {code:java}
> diff --git a/Dockerfile b/Dockerfile
> index 5f1e824c..6cea233e 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -22,9 +22,7 @@
> # # The Alpine Linux image that should be used as the basis for the guacd
> image
> -# NOTE: Using 3.18 because the required openssl1.1-compat-dev package was
> -# removed in more recent versions.
> -ARG ALPINE_BASE_IMAGE=3.18
> +ARG ALPINE_BASE_IMAGE=latest
> FROM alpine:${ALPINE_BASE_IMAGE} AS builder # Install build dependencies
> @@ -42,7 +40,6 @@ RUN apk add --no-cache \
> libtool \
> libwebp-dev \
> make \
> - openssl1.1-compat-dev \
> pango-dev \
> pulseaudio-dev \
> util-linux-dev
> @@ -64,6 +61,7 @@ ARG PREFIX_DIR=/opt/guacamole
> # library (these can be overridden at build time if a specific version is
> # needed)
> #
> +ARG WITH_OPENSSL='OpenSSL_1(\_\d+\w*)+'
> ARG WITH_FREERDP='2(\.\d+)+'
> ARG WITH_LIBSSH2='libssh2-\d+(\.\d+)+'
> ARG WITH_LIBTELNET='\d+(\.\d+)+'
> @@ -76,6 +74,8 @@ ARG WITH_LIBWEBSOCKETS='v\d+(\.\d+)+'
> # options are needed)
> #+ARG OPENSSL_OPTS=""
> +
> ARG FREERDP_OPTS="\
> -DBUILTIN_CHANNELS=OFF \
> -DCHANNEL_URBDRC=OFF \
> @@ -101,7 +101,6 @@ ARG FREERDP_OPTS="\
> -DWITH_SERVER_INTERFACE=OFF \
> -DWITH_SHADOW_MAC=OFF \
> -DWITH_SHADOW_X11=OFF \
> - -DWITH_SSE2=ON \
> -DWITH_WAYLAND=OFF \
> -DWITH_X11=OFF \
> -DWITH_X264=OFF \
> diff --git a/src/guacd-docker/bin/build-all.sh
> b/src/guacd-docker/bin/build-all.sh
> index b8c33b8f..a559babb 100755
> --- a/src/guacd-docker/bin/build-all.sh
> +++ b/src/guacd-docker/bin/build-all.sh
> @@ -28,7 +28,7 @@
> # Pre-populate build control variables such that the custom build prefix is
> # used for C headers, locating libraries, etc.
> export CFLAGS="-I${PREFIX_DIR}/include"
> -export LDFLAGS="-L${PREFIX_DIR}/lib"
> +export LDFLAGS="-Wl,-rpath,${PREFIX_DIR}/lib -L${PREFIX_DIR}/lib"
> export PKG_CONFIG_PATH="${PREFIX_DIR}/lib/pkgconfig" # Ensure thread stack
> size will be 8 MB (glibc's default on Linux) rather than
> @@ -85,6 +85,8 @@ install_from_git() {
> # used by the library being built
> if [ -e CMakeLists.txt ]; then
> cmake -DCMAKE_INSTALL_PREFIX:PATH="$PREFIX_DIR" "$@" .
> + elif [ -e config ]; then
> + ./config --prefix="$PREFIX_DIR" "$@"
> else
> [ -e configure ] || autoreconf -fi
> ./configure --prefix="$PREFIX_DIR" "$@"
> @@ -103,11 +105,11 @@ export BUILD_ARCHITECTURE="$(arch)" # Determine
> architecture building on
> echo "Build architecture: $BUILD_ARCHITECTURE" case $BUILD_ARCHITECTURE in
> - armv6l|armv7l|aarch64)
> - export FREERDP_OPTS_OVERRIDES="-DWITH_SSE2=OFF" # Disable SSE2 on ARM
> + x86_64)
> + export FREERDP_OPTS_OVERRIDES="-DWITH_SSE2=ON" # Enable SSE2 on
> x86_64
> ;;
> *)
> - export FREERDP_OPTS_OVERRIDES=""
> + export FREERDP_OPTS_OVERRIDES="-DWITH_SSE2=OFF"
> ;;
> esac@@ -115,6 +117,7 @@ esac
> # Build and install core protocol library dependencies
> #+install_from_git "https://github.com/openssl/openssl"; "$WITH_OPENSSL"
> $OPENSSL_OPTS
> install_from_git "https://github.com/FreeRDP/FreeRDP"; "$WITH_FREERDP"
> $FREERDP_OPTS $FREERDP_OPTS_OVERRIDES
> install_from_git "https://github.com/libssh2/libssh2"; "$WITH_LIBSSH2"
> $LIBSSH2_OPTS
> install_from_git "https://github.com/seanmiddleditch/libtelnet";
> "$WITH_LIBTELNET" $LIBTELNET_OPTS{code}
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
