revert -j and update docs about OPENSSL_CONF

open-quantum-safe · Oct 19, 2023 · 25ea3f8 · 25ea3f8
1 parent f911a2e
commit 25ea3f8
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/nginx/Dockerfile b/nginx/Dockerfile
@@ -21,7 +21,7 @@ ARG DEFAULT_GROUPS=x25519:x448:kyber512:p256_kyber512:kyber768:p384_kyber768:kyb
 ARG NGINX_VERSION=1.25.2
 
 # Define the degree of parallelism when building the image; leave the number away only if you know what you are doing
-ARG MAKE_DEFINES="-j"
+ARG MAKE_DEFINES="-j 18"
 
 
 FROM alpine:3.13 as intermediate
@@ -126,5 +126,7 @@ STOPSIGNAL SIGTERM
 # Enable a normal user to create new server keys off set CA
 RUN addgroup -g 1000 -S oqs && adduser --uid 1000 -S oqs -G oqs && chown -R oqs.oqs ${INSTALLDIR}
 USER oqs
+# From nginx 1.25.2: "nginx does not try to load OpenSSL configuration if the --with-openssl option was used to built OpenSSL and the OPENSSL_CONF environment variable is not set".
+# We therefore have to set the OPENSSL_CONF environment variable.
 ENV OPENSSL_CONF ${OSSLDIR}/ssl/openssl.cnf
 CMD ["nginx", "-c", "nginx-conf/nginx.conf", "-g", "daemon off;"]
diff --git a/nginx/fulltest-provider/README.md b/nginx/fulltest-provider/README.md
@@ -34,6 +34,8 @@ Note that, the oqs-nginx-{LIBOQS_VERSION}.tgz package contains all required conf
 
 Execute `OPENSSL_CONF=/opt/openssl/.openssl/ssl/openssl.cnf /opt/nginx/sbin/nginx -c /opt/nginx/interop.conf` to start the test server.
 
+*Note*: From nginx version 1.25.2, nginx does not try to load OpenSSL configuration if the --with-openssl option was used to built OpenSSL. We therefore have to set the `OPENSSL_CONF` environment variable when activating nginx.
+
 *Note*: As the server many of ports, the server may need to be configured to permit this, e.g., using `ulimit -S -n 4096`.
 
 #### Test run