portal-ng pods run under root user

- switch base image from openresty to nginx-unprivileged - remove custom lua plugin code - dynamically determine dns resolver ip during container startup Issue-ID: PORTALNG-67 Change-Id: I23fb5e684dbb98a326afb00911a1f5ae78e2536d Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
author: Fiete Ostkamp <Fiete.Ostkamp@telekom.de> 2024-03-01 13:03:12 +0100
committer: Fiete Ostkamp <Fiete.Ostkamp@telekom.de> 2024-03-01 13:03:12 +0100
commit: 97d7de9af2cb6cc3bbbcae18ada738ace7771903 (patch)
tree: a7c6221348272e82406bba446b6b00b1d1b8e608 /server/resty/openssl/include/x509v3.lua
parent: bf25efd6d3ed28266ed916c0ebe9dd3a45a4affb (diff)
1 files changed, 0 insertions, 108 deletions
diff --git a/server/resty/openssl/include/x509v3.lua b/server/resty/openssl/include/x509v3.lua
deleted file mode 100644
index 6882c6e..0000000
--- a/server/resty/openssl/include/x509v3.lua
+++ /dev/null
@@ -1,108 +0,0 @@
-local ffi = require "ffi"
-
-require "resty.openssl.include.ossl_typ"
-require "resty.openssl.include.stack"
-local asn1_macro = require "resty.openssl.include.asn1"
-
-ffi.cdef [[
-  // STACK_OF(OPENSSL_STRING)
-  OPENSSL_STACK *X509_get1_ocsp(X509 *x);
-  void X509_email_free(OPENSSL_STACK *sk);
-  void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-
-  typedef struct EDIPartyName_st EDIPARTYNAME;
-
-  typedef struct otherName_st OTHERNAME;
-
-  typedef struct GENERAL_NAME_st {
-      int type;
-      union {
-        char *ptr;
-        OTHERNAME *otherName;   /* otherName */
-        ASN1_IA5STRING *rfc822Name;
-        ASN1_IA5STRING *dNSName;
-        ASN1_TYPE *x400Address;
-        X509_NAME *directoryName;
-        EDIPARTYNAME *ediPartyName;
-        ASN1_IA5STRING *uniformResourceIdentifier;
-        ASN1_OCTET_STRING *iPAddress;
-        ASN1_OBJECT *registeredID;
-        /* Old names */
-        ASN1_OCTET_STRING *ip;  /* iPAddress */
-        X509_NAME *dirn;        /* dirn */
-        ASN1_IA5STRING *ia5;    /* rfc822Name, dNSName,
-                                    * uniformResourceIdentifier */
-        ASN1_OBJECT *rid;       /* registeredID */
-        ASN1_TYPE *other;       /* x400Address */
-      } d;
-    } GENERAL_NAME;
-
-  // STACK_OF(GENERAL_NAME)
-  typedef struct stack_st GENERAL_NAMES;
-
-  // STACK_OF(X509_EXTENSION)
-  int X509V3_add1_i2d(OPENSSL_STACK **x, int nid, void *value,
-                    int crit, unsigned long flags);
-  void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-  X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-  int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-                     int indent);
-
-  int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-                    unsigned long flags);
-  // although the struct has plural form, it's not a stack
-  typedef struct BASIC_CONSTRAINTS_st {
-    int ca;
-    ASN1_INTEGER *pathlen;
-  } BASIC_CONSTRAINTS;
-
-  void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-    X509_REQ *req, X509_CRL *crl, int flags);
-
-  X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-                                     const char *value);
-  X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
-                                 const char *value);
-  int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-    int indent);
-
-  void *X509V3_get_d2i(const OPENSSL_STACK *x, int nid, int *crit, int *idx);
-
-  int X509v3_get_ext_by_NID(const OPENSSL_STACK *x,
-                           int nid, int lastpos);
-
-   X509_EXTENSION *X509v3_get_ext(const OPENSSL_STACK *x, int loc);
-
-  // STACK_OF(ACCESS_DESCRIPTION)
-  typedef struct stack_st AUTHORITY_INFO_ACCESS;
-
-  typedef struct ACCESS_DESCRIPTION_st {
-    ASN1_OBJECT *method;
-    GENERAL_NAME *location;
-  } ACCESS_DESCRIPTION;
-
-  typedef struct DIST_POINT_NAME_st {
-    int type;
-    union {
-        GENERAL_NAMES *fullname;
-        // STACK_OF(X509_NAME_ENTRY)
-        OPENSSL_STACK *relativename;
-    } name;
-  /* If relativename then this contains the full distribution point name */
-      X509_NAME *dpname;
-  } DIST_POINT_NAME;
-
-  typedef struct DIST_POINT_st {
-    DIST_POINT_NAME *distpoint;
-    ASN1_BIT_STRING *reasons;
-    GENERAL_NAMES *CRLissuer;
-    int dp_reasons;
-  } DIST_POINT;
-
-]]
-
-asn1_macro.declare_asn1_functions("GENERAL_NAME")
-asn1_macro.declare_asn1_functions("BASIC_CONSTRAINTS")
-asn1_macro.declare_asn1_functions("AUTHORITY_INFO_ACCESS") -- OCSP responder and CA
-asn1_macro.declare_asn1_functions("ACCESS_DESCRIPTION")
-asn1_macro.declare_asn1_functions("DIST_POINT") -- CRL distribution points
author	Fiete Ostkamp <Fiete.Ostkamp@telekom.de>	2024-03-01 13:03:12 +0100
committer	Fiete Ostkamp <Fiete.Ostkamp@telekom.de>	2024-03-01 13:03:12 +0100
commit	97d7de9af2cb6cc3bbbcae18ada738ace7771903 (patch)
tree	a7c6221348272e82406bba446b6b00b1d1b8e608 /server/resty/openssl/include/x509v3.lua
parent	bf25efd6d3ed28266ed916c0ebe9dd3a45a4affb (diff)