Fix the relay extension (#448)

Author: mnapoli

layers/relay/Dockerfile

@@ -25,6 +25,38 @@ RUN <<'END' bash -e
     cp lib/libzstd.so* /opt/lib
 END
 
+
+# Install OpenSSL 1.1 because Relay doesn't work with OpenSSL 3
+# https://github.com/openssl/openssl/releases
+ENV VERSION_OPENSSL=1.1.1t
+ENV OPENSSL_BUILD_DIR=${BUILD_DIR}/openssl
+ENV CA_BUNDLE_SOURCE="https://curl.se/ca/cacert.pem"
+ENV CA_BUNDLE="${INSTALL_DIR}/bref/ssl/cert.pem"
+RUN rm -rf ${OPENSSL_BUILD_DIR}
+RUN set -xe; \
+    mkdir -p ${OPENSSL_BUILD_DIR}; \
+    curl -Ls https://github.com/openssl/openssl/archive/OpenSSL_${VERSION_OPENSSL//./_}.tar.gz \
+  | tar xzC ${OPENSSL_BUILD_DIR} --strip-components=1
+WORKDIR  ${OPENSSL_BUILD_DIR}/
+RUN CFLAGS="" \
+    CPPFLAGS="-I${INSTALL_DIR}/include -I/usr/include" \
+    LDFLAGS="-L${INSTALL_DIR}/lib64 -L${INSTALL_DIR}/lib" \
+    ./config \
+        --prefix=${INSTALL_DIR} \
+        --openssldir=${INSTALL_DIR}/bref/ssl \
+        --release \
+        no-tests \
+        shared \
+        zlib
+# Explicitly compile make without parallelism because it fails if we use -jX (no error message)
+# I'm not 100% sure why, and I already lost 4 hours on this, but I found this:
+# https://github.com/openssl/openssl/issues/9931
+# https://stackoverflow.com/questions/28639207/why-cant-i-compile-openssl-with-multiple-threads-make-j3
+# Run `make install_sw install_ssldirs` instead of `make install` to skip installing man pages https://github.com/openssl/openssl/issues/8170
+RUN make -j1 install_sw install_ssldirs
+RUN mkdir -p ${INSTALL_DIR}/bref/ssl && curl -Lk -o ${CA_BUNDLE} ${CA_BUNDLE_SOURCE}
+
+
 RUN <<'END' bash -e
     export php_version=$(php-config --version | cut -c -3)
     mkdir -p /tmp/relay