Add DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL Option

This commit is contained in:
Amr Aly 2020-09-04 15:18:48 -05:00
parent 5465f96267
commit 9875842e02
2 changed files with 13 additions and 0 deletions

View File

@ -243,6 +243,7 @@ services:
- INSTALL_WKHTMLTOPDF=${PHP_FPM_INSTALL_WKHTMLTOPDF}
- INSTALL_XHPROF=${PHP_FPM_INSTALL_XHPROF}
- INSTALL_XMLRPC=${PHP_FPM_INSTALL_XMLRPC}
- DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL}
- PUID=${PHP_FPM_PUID}
- PGID=${PHP_FPM_PGID}
- LOCALE=${PHP_FPM_DEFAULT_LOCALE}

View File

@ -916,6 +916,18 @@ RUN if [ ${INSTALL_XMLRPC} = true ]; then \
docker-php-ext-install xmlrpc \
;fi
###########################################################################
# Downgrade Openssl:
###########################################################################
ARG DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false
RUN if [ ${DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} = true ]; then \
sed -i 's,^\(MinProtocol[ ]*=\).*,\1'TLSv1.2',g' /etc/ssl/openssl.cnf \
&& \
sed -i 's,^\(CipherString[ ]*=\).*,\1'DEFAULT@SECLEVEL=1',g' /etc/ssl/openssl.cnf\
;fi
###########################################################################
# Check PHP version:
###########################################################################