shrink
December 11, 2022, 1:21pm
7
According to this comment on GitHub the openssl extension is not automatically available through the composer require behaviour due to an issue that is yet to be fixed. However, according to this issue there is a workaround whereby you create your own .ini file and enable the extension there:
opened 12:42AM - 25 Apr 21 UTC
## What happened?
<!-- Please provide some details about the task you are tryin… g to accomplish
and what went wrong. -->
Create and run the sample app as described in this issue. When deployed, it will not have the openssl extension enabled.
https://github.com/paketo-buildpacks/php/issues/366#issue-866600764
Based on this, it seems like the auto detection is run but it's missing OpenSSL. It should have been though as when I run `composer check-platform-reqs` locally, it shows openssl as required.
The php.ini snippet generated by the buildpack only has:
```
extension = fileinfo.so
extension = mbstring.so
```
My theory is that because openssl is a required extension to run Composer, we enable it in the php.ini that's used to execute composer. Thus when `composer check-platform-reqs` executes, it sees openssl as already available. This isn't correct though because it's only available in the limited environment where we execute Composer.
I think there's a couple ways that we could fix this:
1. Always enable the openssl extension. It is quite widely used at this point. I think the risk here is that if we enable it, and there's a security vulnerability then an app that doesn't use it could potentially be vulnerable when it otherwise wouldn't be.
2. When we check for extensions with `composer check-platform-reqs`, we normally filter by extensions listed missing. We need to look for both missing or the name openssl. If openssl is listed, it'll never be missing, so we just need to add it to the list of extensions to enable.
* What were you attempting to do?
Run an app where openssl is a extension required through Composer.
* What did you expect to happen?
The composer extension to be available.
* What was the actual behavior? Please provide log output, if possible.
Other extensions were detected correctly, but not openssl.
## Build Configuration
* What platform (`pack`, `kpack`, `tekton` buildpacks plugin, etc.) are you
using? Please include a version.
Pack.
* What buildpacks are you using? Please include versions.
* What builder are you using? If custom, can you provide the output from `pack
inspect-builder <builder>`?
full
* Can you provide a sample app or relevant configuration (`buildpack.yml`,
`nginx.conf`, etc.)?
https://github.com/paketo-buildpacks/php/issues/366#issue-866600764
## Checklist
* [x] I have included log output.
* [x] The log output includes an error message.
* [x] I have included steps for reproduction.
diff --git a/.php.ini.d/extension.ini b/.php.ini.d/extension.ini
new file mode 100644
index 0000000..cb58b9c
--- /dev/null
+++ b/.php.ini.d/extension.ini
@@ -0,0 +1 @@
+extension=openssl.so
I ran a quick test and it seems to work – /calendar/proxy/vih loads, no error!
1 Like