From d27116bad594e9d937133cda8269fd297eec93d9 Mon Sep 17 00:00:00 2001
From: "ryan.kuba" <ryan.kuba@kasmweb.com>
Date: Thu, 5 Dec 2024 11:03:47 -0500
Subject: [PATCH 1/2] KASM-6341 remove openssl 1.1 requirement on images that
 do not need it

---
 dockerfile-kasm-core-alpine                   | 12 +---
 dockerfile-kasm-core-centos                   | 10 +---
 dockerfile-kasm-core-fedora                   | 13 +----
 dockerfile-kasm-core-oracle                   |  7 ++-
 dockerfile-kasm-core-suse                     | 13 +----
 src/ubuntu/install/printer/install_printer.sh |  1 +
 .../install/squid/install/install_squid.sh    | 58 +++++++------------
 7 files changed, 30 insertions(+), 84 deletions(-)

diff --git a/dockerfile-kasm-core-alpine b/dockerfile-kasm-core-alpine
index 01514eb..3dddbc5 100644
--- a/dockerfile-kasm-core-alpine
+++ b/dockerfile-kasm-core-alpine
@@ -9,15 +9,8 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
-FROM install_tools AS squid_builder
-ARG DISTRO=alpine
-
-RUN ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g') && \
-    wget --progress=dot:giga "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/f2b6ac26e7f91240e57d6d6e1dad4cc2704445ee/output/kasm-squid-builder_alpine_${ARCH}.tar.gz"
-RUN tar -xzf kasm-squid-builder_*.tar.gz -C /
-
 ### Layer from squid changes
-FROM install_tools as base_layer
+FROM install_tools AS base_layer
 
 ### Environment config
 ARG BG_IMG=bg_alpine.png
@@ -100,9 +93,6 @@ COPY ./src/ubuntu/install/recorder $INST_SCRIPTS/recorder/
 RUN bash $INST_SCRIPTS/recorder/install_recorder.sh && rm -rf $INST_SCRIPTS/recorder
 RUN apk add --no-cache coreutils  # the timeout function used by the backend needs to be the one from core utils.
 
-### Copy built Squid
-COPY --from=squid_builder /usr/local/squid /usr/local/squid
-
 ### Install Squid
 COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/
 RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/
diff --git a/dockerfile-kasm-core-centos b/dockerfile-kasm-core-centos
index 64d5544..d14e3b2 100644
--- a/dockerfile-kasm-core-centos
+++ b/dockerfile-kasm-core-centos
@@ -13,12 +13,7 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
-FROM install_tools AS squid_builder
-
-RUN wget --progress=dot:giga 'https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/de1dffbc94d4132d6c696de8c6dfcd6f08900f61/output/kasm-squid-builder_centos_amd64.tar.gz'
-RUN tar -xzf kasm-squid-builder_centos_amd64.tar.gz -C /
-
-FROM install_tools as base_layer
+FROM install_tools AS base_layer
 
 ### Environment config
 ARG BG_IMG=bg_centos.png
@@ -101,9 +96,6 @@ COPY ./src/ubuntu/install/printer/resources/*.ppd /etc/cups/ppd/
 COPY ./src/ubuntu/install/recorder $INST_SCRIPTS/recorder/
 RUN bash $INST_SCRIPTS/recorder/install_recorder.sh && rm -rf $INST_SCRIPTS/recorder
 
-### Copy built Squid
-COPY --from=squid_builder /usr/local/squid /usr/local/squid
-
 ### Install Squid
 COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/
 RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/
diff --git a/dockerfile-kasm-core-fedora b/dockerfile-kasm-core-fedora
index e11d733..b12ad68 100644
--- a/dockerfile-kasm-core-fedora
+++ b/dockerfile-kasm-core-fedora
@@ -12,15 +12,7 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
-FROM install_tools AS squid_builder
-
-ARG DISTRO=fedora37
-
-RUN ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g') && \
-    wget --progress=dot:giga "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/1149fc830c7edcb383eec390cce2beba16befde5/output/kasm-squid-builder_${ARCH}.tar.gz"
-RUN tar -xzf kasm-squid-builder_*.tar.gz -C /
-
-FROM install_tools as base_layer
+FROM install_tools AS base_layer
 
 MAINTAINER Kasm Tech "info@kasmweb.com"
 LABEL "com.kasmweb.image"="true"
@@ -109,9 +101,6 @@ COPY ./src/ubuntu/install/printer/resources/*.ppd /etc/cups/ppd/
 COPY ./src/ubuntu/install/recorder $INST_SCRIPTS/recorder/
 RUN bash $INST_SCRIPTS/recorder/install_recorder.sh && rm -rf $INST_SCRIPTS/recorder
 
-### Copy built Squid
-COPY --from=squid_builder /usr/local/squid /usr/local/squid
-
 ### Install Squid
 COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/
 RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/
diff --git a/dockerfile-kasm-core-oracle b/dockerfile-kasm-core-oracle
index 3718606..2ab8718 100644
--- a/dockerfile-kasm-core-oracle
+++ b/dockerfile-kasm-core-oracle
@@ -12,6 +12,7 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
+<<<<<<< HEAD
 FROM install_tools AS squid_builder
 
 ARG DISTRO=oracle8
@@ -26,6 +27,9 @@ fi
 RUN tar -xzf kasm-squid-builder_*.tar.gz -C /
 
 FROM install_tools as base_layer
+=======
+FROM install_tools AS base_layer
+>>>>>>> 1e17125 (KASM-6341 remove openssl 1.1 requirement on images that do not need it)
 
 MAINTAINER Kasm Tech "info@kasmweb.com"
 LABEL "com.kasmweb.image"="true"
@@ -124,9 +128,6 @@ COPY ./src/ubuntu/install/printer/resources/*.ppd /etc/cups/ppd/
 COPY ./src/ubuntu/install/recorder $INST_SCRIPTS/recorder/
 RUN bash $INST_SCRIPTS/recorder/install_recorder.sh && rm -rf $INST_SCRIPTS/recorder
 
-### Copy built Squid
-COPY --from=squid_builder /usr/local/squid /usr/local/squid
-
 ### Install Squid
 COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/
 RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/
diff --git a/dockerfile-kasm-core-suse b/dockerfile-kasm-core-suse
index 2d1490f..47ea3c6 100644
--- a/dockerfile-kasm-core-suse
+++ b/dockerfile-kasm-core-suse
@@ -11,15 +11,7 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
-FROM install_tools AS squid_builder
-
-ARG DISTRO=opensuse
-
-RUN ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g') && \
-    wget --progress=dot:giga "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/1149fc830c7edcb383eec390cce2beba16befde5/output/kasm-squid-builder_${ARCH}.tar.gz"
-RUN tar -xzf kasm-squid-builder_*.tar.gz -C /
-
-FROM install_tools as base_layer
+FROM install_tools AS base_layer
 
 ### Environment config
 ARG BG_IMG=bg_opensuse.png
@@ -99,9 +91,6 @@ COPY ./src/ubuntu/install/printer/resources/*.ppd /etc/cups/ppd/
 COPY ./src/ubuntu/install/recorder $INST_SCRIPTS/recorder/
 RUN bash $INST_SCRIPTS/recorder/install_recorder.sh && rm -rf $INST_SCRIPTS/recorder
 
-### Copy built Squid
-COPY --from=squid_builder /usr/local/squid /usr/local/squid
-
 ### Install Squid
 COPY ./src/ubuntu/install/squid/install/ $INST_SCRIPTS/squid_install/
 RUN bash $INST_SCRIPTS/squid_install/install_squid.sh && rm -rf $INST_SCRIPTS/squid_install/
diff --git a/src/ubuntu/install/printer/install_printer.sh b/src/ubuntu/install/printer/install_printer.sh
index e93de9b..c7b1963 100755
--- a/src/ubuntu/install/printer/install_printer.sh
+++ b/src/ubuntu/install/printer/install_printer.sh
@@ -15,6 +15,7 @@ elif [ "${DISTRO}" == "alpine" ]; then
   apk add --no-cache cups cups-client cups-pdf@testing
 else
   apt-get update
+  apt-get install -y cups-filters 
   apt-get install -y cups cups-client cups-pdf
 fi
 
diff --git a/src/ubuntu/install/squid/install/install_squid.sh b/src/ubuntu/install/squid/install/install_squid.sh
index 1579b3b..7ac0e4e 100644
--- a/src/ubuntu/install/squid/install/install_squid.sh
+++ b/src/ubuntu/install/squid/install/install_squid.sh
@@ -1,26 +1,32 @@
 #!/bin/bash
 set -ex
 
+# Install openssl
 ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g')
-if [[ "${ARCH}" == "arm64" ]]; then
-  LIBSSLURL="http://ports.ubuntu.com/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.23_arm64.deb"
+if [[ "${DISTRO}" == @(centos|oracle7|oracle8|oracle9|fedora37|fedora38|fedora39|fedora40|almalinux8|almalinux9|rockylinux8|rockylinux9) ]]; then
+  dnf install -y openssl xkbcomp
+  rm -f /etc/X11/xinit/xinitrc
+elif [[ "${DISTRO}" == "alpine" ]]; then
+  apk add --no-cache openssl
+elif [ "${DISTRO}" == "opensuse" ]; then
+  zypper install -yn openssl
 else
-  LIBSSLURL="http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.23_amd64.deb"
+  apt-get update
+  apt-get install -y openssl
 fi
 
-# intall squid
-SQUID_COMMIT='1149fc830c7edcb383eec390cce2beba16befde5'
-if  $(grep -q Jammy /etc/os-release) || $(grep -q Kali /etc/os-release) || $(grep -q lory /etc/os-release); then
-  wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_${ARCH}.tar.gz | tar -xzf - -C /
-  wget ${LIBSSLURL} -O libssl1.1.${ARCH}.deb
-  dpkg -i libssl1.1.${ARCH}.deb
-  rm -f libssl1.1.${ARCH}.deb
-elif [[ "${DISTRO}" != @(centos|oracle7|oracle8|oracle9|opensuse|fedora37|fedora38|fedora39|rockylinux9|rockylinux8|almalinux9|almalinux8|alpine) ]] ; then
-  wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_${ARCH}.tar.gz | tar -xzf - -C /
+# Intall squid
+SQUID_COMMIT='c45537169794a16029e06d7d456edb21b9ce7d12'
+if $(grep -q Focal /etc/os-release) || $(grep -q bullseye /etc/os-release) || [ -f /usr/bin/zypper ] || [[ "${DISTRO}" == @(oracle8|almalinux8|rockylinux8) ]]; then
+  wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_ubuntu11_${ARCH}.tar.gz | tar -xzf - -C /
+elif [[ "${DISTRO}" == "alpine" ]]; then
+  wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_alpine_${ARCH}.tar.gz | tar -xzf - -C /
+else
+  wget -qO- https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_ubuntu_${ARCH}.tar.gz | tar -xzf - -C /
 fi
 
-# update squid conf with user info
-if [[ "${DISTRO}" == @(centos|oracle7|oracle8|oracle9|fedora37|fedora38|fedora39|almalinux8|almalinux9|rockylinux8|rockylinux9|alpine) ]]; then
+# Update squid conf with user info
+if [[ "${DISTRO}" == @(centos|oracle7|oracle8|oracle9|fedora37|fedora38|fedora39|fedora40|almalinux8|almalinux9|rockylinux8|rockylinux9|alpine) ]]; then
   useradd --system --shell /usr/sbin/nologin --home-dir /bin proxy
 elif [ "${DISTRO}" == "opensuse" ]; then
   useradd --system --shell /usr/sbin/nologin --home-dir /bin proxy
@@ -28,36 +34,14 @@ elif [ "${DISTRO}" == "opensuse" ]; then
   usermod -a -G proxy proxy
 fi
 
+# File and perms
 mkdir /usr/local/squid/etc/ssl_cert -p
 chown proxy:proxy /usr/local/squid/etc/ssl_cert -R
 chmod 700 /usr/local/squid/etc/ssl_cert -R
 cd /usr/local/squid/etc/ssl_cert
-
-if [[ "${DISTRO}" == @(fedora37|fedora38|fedora39) ]]; then
-  dnf install -y openssl1.1 xkbcomp
-  rm -f /etc/X11/xinit/xinitrc
-elif [[ "${DISTRO}" == @(rockylinux9|oracle9|almalinux9) ]]; then
-  dnf install -y compat-openssl11 xkbcomp
-  rm -f /etc/X11/xinit/xinitrc
-elif [[ "${DISTRO}" == @(centos|oracle7) ]]; then
-  yum install -y openssl11-libs
-elif [[ "${DISTRO}" == "alpine" ]]; then
-  if grep -q v3.19 /etc/os-release; then
-    apk add --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing openssl1.1-compat
-  else
-    apk add --no-cache openssl1.1-compat
-  fi
-elif grep -q bookworm /etc/os-release; then
-  wget ${LIBSSLURL} -O libssl1.1.${ARCH}.deb
-  dpkg -i libssl1.1.${ARCH}.deb
-  rm -f libssl1.1.${ARCH}.deb
-fi
-
 /usr/local/squid/libexec/security_file_certgen -c -s /usr/local/squid/var/logs/ssl_db -M 4MB
 chown proxy:proxy /usr/local/squid/var/logs/ssl_db -R
-
 chown -R proxy:proxy /usr/local/squid -R
-
 mkdir -p /etc/squid/
 
 # Trick so we can auto re-direct blocked urls to a special page

From 1253c7df44d28197308b45511b4447ffb2b0a57b Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Mon, 13 Jan 2025 09:46:00 +0530
Subject: [PATCH 2/2] apply openssl fixes to 1.15.0

---
 dockerfile-kasm-core-oracle | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/dockerfile-kasm-core-oracle b/dockerfile-kasm-core-oracle
index 2ab8718..e1d50e8 100644
--- a/dockerfile-kasm-core-oracle
+++ b/dockerfile-kasm-core-oracle
@@ -12,24 +12,7 @@ COPY ./src/ubuntu/install/tools $INST_SCRIPTS/tools/
 RUN bash "$INST_SCRIPTS/tools/install_tools.sh" && rm -rf "$INST_SCRIPTS/tools/"
 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
 
-<<<<<<< HEAD
-FROM install_tools AS squid_builder
-
-ARG DISTRO=oracle8
-
-RUN if [ "${DISTRO}" == "oracle8" ] || [ "${DISTRO}" == "oracle9" ] || [ "${DISTRO}" == "rockylinux9" ] || [ "${DISTRO}" == "rockylinux8" ] || [ "${DISTRO}" == "almalinux8" ] || [ "${DISTRO}" == "almalinux9" ]; then \
-  ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g') && \
-  wget --progress=dot:giga "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/1149fc830c7edcb383eec390cce2beba16befde5/output/kasm-squid-builder_${ARCH}.tar.gz"; \
-else \
-  ARCH=$(arch | sed 's/aarch64/arm64/g' | sed 's/x86_64/amd64/g') && \
-  wget --progress=dot:giga "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/de1dffbc94d4132d6c696de8c6dfcd6f08900f61/output/kasm-squid-builder_centos_${ARCH}.tar.gz"; \
-fi
-RUN tar -xzf kasm-squid-builder_*.tar.gz -C /
-
-FROM install_tools as base_layer
-=======
 FROM install_tools AS base_layer
->>>>>>> 1e17125 (KASM-6341 remove openssl 1.1 requirement on images that do not need it)
 
 MAINTAINER Kasm Tech "info@kasmweb.com"
 LABEL "com.kasmweb.image"="true"