From 6e7422c79421c62e9d9df0a1f52305f0a5abd44b Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami-bot@vmware.com>
Date: Mon, 8 May 2023 17:55:43 +0100
Subject: [PATCH] [bitnami/apache] Release 2.4.57-debian-11-r14 (#33040)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
---
 bitnami/apache/2.4/debian-11/Dockerfile                    | 6 +++---
 .../rootfs/opt/bitnami/scripts/apache/postunpack.sh        | 6 ++++++
 .../debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh   | 7 ++++++-
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/bitnami/apache/2.4/debian-11/Dockerfile b/bitnami/apache/2.4/debian-11/Dockerfile
index a47e54b68d03..12a190007b8c 100644
--- a/bitnami/apache/2.4/debian-11/Dockerfile
+++ b/bitnami/apache/2.4/debian-11/Dockerfile
@@ -3,10 +3,10 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG TARGETARCH
 
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-05-05T14:44:24Z" \
+      org.opencontainers.image.created="2023-05-08T16:34:27Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="2.4.57-debian-11-r13" \
+      org.opencontainers.image.ref.name="2.4.57-debian-11-r14" \
       org.opencontainers.image.title="apache" \
       org.opencontainers.image.vendor="VMware, Inc." \
       org.opencontainers.image.version="2.4.57"
@@ -19,7 +19,7 @@ ENV HOME="/" \
 COPY prebuildfs /
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Install required system packages and dependencies
-RUN install_packages ca-certificates curl libcrypt1 libexpat1 libffi7 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libicu67 libidn2-0 libldap-2.4-2 liblzma5 libnettle8 libnghttp2-14 libp11-kit0 libpcre3 libsasl2-2 libssl1.1 libstdc++6 libtasn1-6 libunistring2 libxml2 procps zlib1g
+RUN install_packages ca-certificates curl libcrypt1 libexpat1 libffi7 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libicu67 libidn2-0 libldap-2.4-2 liblzma5 libnettle8 libnghttp2-14 libp11-kit0 libpcre3 libsasl2-2 libssl1.1 libstdc++6 libtasn1-6 libunistring2 libxml2 openssl procps zlib1g
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
     COMPONENTS=( \
       "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \
diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh
index a9ed67cd2bc8..6363c82fef92 100755
--- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh
+++ b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh
@@ -115,3 +115,9 @@ ln -sf apache "${BITNAMI_ROOT_DIR}/apache2"
 
 ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log"
 ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log"
+
+# This file is necessary for avoiding the error
+# "unable to write random state"
+# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
+
+touch /.rnd && chmod g+rw /.rnd
diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh
index 131f5acba447..cc2146d0a82b 100755
--- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh
+++ b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh
@@ -31,7 +31,12 @@ if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then
     SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
     rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
     openssl genrsa -out "$SSL_KEY_FILE" 4096
-    openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+    # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x
+    if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then
+        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ"
+    else
+        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+    fi
     openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
     rm -f "$SSL_CSR_FILE"
 fi