Hi Bryan,
> What's required to build haproxy and statically link with openssl libs > like can be done with pcre? The following procedure will install a static build of latest openssl in a directory of your choice without interfering with your OS headers and libraries: > export LIBSSLBUILD=/tmp/libsslbuild > mkdir $LIBSSLBUILD > cd ~ > wget http://www.openssl.org/source/openssl-1.0.1e.tar.gz > tar zxvf openssl-1.0.1e.tar.gz > cd openssl-1.0.1e && > ./config --prefix=$LIBSSLBUILD no-shared > make > make install_sw Then build haproxy by pointing to the proper path: > make TARGET=linux2628 USE_OPENSSL=1 ADDINC=-I$LIBSSLBUILD/include \ > ADDLIB="-L$LIBSSLBUILD/lib -ldl" OpenSSL depends on libdl, so we need pass -ldl along. When everything is compiled, checkout your openssl version (use a snapshot from Apr 27th or younger to see build and runtime openssl version). Both should say 1.0.1e in our case. Also check with ldd; it should not show any openssl libraries loaded dynamically. > lukas@ubuntuvm:~/haproxy$ ./haproxy -vv | grep OpenSSL > Built with OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013 > Running on OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013 > OpenSSL library supports TLS extensions : yes > OpenSSL library supports SNI : yes > OpenSSL library supports prefer-server-ciphers : yes > lukas@ubuntuvm:~/haproxy$ ldd haproxy > linux-gate.so.1 => (0xb76e4000) > libcrypt.so.1 => /lib/i386-linux-gnu/libcrypt.so.1 (0xb76ab000) > libdl.so.2 => /lib/i386-linux-gnu/libdl.so.2 (0xb76a6000) > libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xb74fb000) > /lib/ld-linux.so.2 (0xb76e5000) > lukas@ubuntuvm:~/haproxy$ Regards, Lukas
