From f10f192e6814341a12db16b7f9359719772a55ae Mon Sep 17 00:00:00 2001 From: Dario Cillerai Date: Tue, 1 Apr 2025 14:57:26 +0200 Subject: [PATCH 1/2] Update Ubuntu container Signed-off-by: Dario Cillerai --- openssl/run_envoy_docker.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openssl/run_envoy_docker.sh b/openssl/run_envoy_docker.sh index 841863672f2..e58c805f448 100755 --- a/openssl/run_envoy_docker.sh +++ b/openssl/run_envoy_docker.sh @@ -17,6 +17,7 @@ docker build --pull --iidfile "${SCRATCH_DIR}/iid" -f - "${SCRATCH_DIR}" << EOF # Install the missing Kitware public key RUN wget -qO- https://apt.kitware.com/keys/kitware-archive-latest.asc | gpg --dearmor - > /usr/share/keyrings/kitware-archive-keyring.gpg RUN sed -i "s|^deb.*kitware.*$|deb [signed-by=/usr/share/keyrings/kitware-archive-keyring.gpg] https://apt.kitware.com/ubuntu/ \$(lsb_release -cs) main|g" /etc/apt/sources.list + RUN wget -q -O - https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_20.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_stable.gpg > /dev/null RUN apt update # Install OpenSSL 3.0.x @@ -40,4 +41,4 @@ export IMAGE_NAME=$(cat "${SCRATCH_DIR}/iid" | cut -d ":" -f 1) export IMAGE_ID=$(cat "${SCRATCH_DIR}/iid" | cut -d ":" -f 2) # Hand off to the upstream run_envoy_docker.sh script -exec ./ci/run_envoy_docker.sh "$@" \ No newline at end of file +exec ./ci/run_envoy_docker.sh "$@" From ae08dddb2e377eac4ca8511a71ce5cfe29499178 Mon Sep 17 00:00:00 2001 From: Dario Cillerai Date: Wed, 2 Apr 2025 08:29:42 +0200 Subject: [PATCH 2/2] Bump OpenSSL 3.0.16 Signed-off-by: Dario Cillerai --- bssl-compat/CMakeLists.txt | 6 +++--- openssl/run_envoy_docker.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/bssl-compat/CMakeLists.txt b/bssl-compat/CMakeLists.txt index bdc0bfca6c7..d2a8b880869 100644 --- a/bssl-compat/CMakeLists.txt +++ b/bssl-compat/CMakeLists.txt @@ -7,8 +7,8 @@ if(POLICY CMP0135) cmake_policy(SET CMP0135 NEW) endif() -set(OPENSSL_URL https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.13.tar.gz) -set(OPENSSL_URL_HASH e74504ed7035295ec7062b1da16c15b57ff2a03cd2064a28d8c39458cacc45fc) +set(OPENSSL_URL https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.16.tar.gz) +set(OPENSSL_URL_HASH 9642aa3d97ac37da45dadabb3b576f399016acdb1df5d0e2751733e1cdf9f328) set(CMAKE_C_STANDARD 11) set(CMAKE_CXX_STANDARD 17) @@ -712,4 +712,4 @@ if(BUILD_BORINGSSL) target_link_libraries(utests-boring PRIVATE BoringSSL::SSL BoringSSL::Crypto) target_link_libraries(utests-boring PRIVATE GTest::gtest_main) gtest_discover_tests(utests-boring) -endif(BUILD_BORINGSSL) \ No newline at end of file +endif(BUILD_BORINGSSL) diff --git a/openssl/run_envoy_docker.sh b/openssl/run_envoy_docker.sh index e58c805f448..39a6e1b35ac 100755 --- a/openssl/run_envoy_docker.sh +++ b/openssl/run_envoy_docker.sh @@ -21,7 +21,7 @@ docker build --pull --iidfile "${SCRATCH_DIR}/iid" -f - "${SCRATCH_DIR}" << EOF RUN apt update # Install OpenSSL 3.0.x - ENV OPENSSL_VERSION=3.0.8 + ENV OPENSSL_VERSION=3.0.16 ENV OPENSSL_ROOTDIR=/usr/local/openssl-\$OPENSSL_VERSION RUN apt install -y build-essential checkinstall zlib1g-dev RUN wget -qO- https://github.com/openssl/openssl/releases/download/openssl-\$OPENSSL_VERSION/openssl-\$OPENSSL_VERSION.tar.gz | tar xz -C /