I'm building haproxy 1.8.0 from tarball source.
I'm linking against a specific, local build of openssl v1.1.0
Explicitly specifying SSL_INC & SSL_LIB with rpath,
make \
TARGET=linux2628 \
USE_SYSTEMD=1 \
USE_PCRE2=1 USE_PCRE2_JIT=1 \
USE_OPENSSL=1 \
SSL_INC=" -I/usr/local/openssl11/include" \
SSL_LIB=" -L/usr/local/openssl11/lib64
-Wl,-rpath,/usr/local/openssl11/lib64" \
ADDLIB="-ldl -lssl -lcrypto"
make install
it builds/installs with no error
which haproxy
/usr/local/sbin/haproxy
and the linked libs are as intended,
ldd /usr/local/sbin/haproxy | egrep "ssl|crypto"
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1
(0x00007f071de04000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1
(0x00007f071d969000)
but checking haproxy version,
haproxy -vv
HA-Proxy version 1.8.0 2017/11/26
Copyright 2000-2017 Willy Tarreau <[email protected]>
Build options :
TARGET = linux2628
...
OPTIONS = USE_OPENSSL=1 USE_SYSTEMD=1 USE_PCRE2=1
USE_PCRE2_JIT=1
...
Built with OpenSSL version : OpenSSL 1.1.0h-fips 27 Mar 2018
Running on OpenSSL version : OpenSSL 1.1.0h 27 Mar 2018
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
...
references the wrong "Built with" OpenSSL version, namely the system installed
version,
/usr/bin/openssl version
OpenSSL 1.1.0h-fips 27 Mar 2018
instead of my specified build
/usr/local/openssl11/bin/openssl version
OpenSSL 1.1.0h 27 Mar 2018
As the ldd linked libs look ok, I suspect this is just an artifact of the
version check making (incorrect) assumptions about runtime bin path ...
*IS* it just an artifact? Or is it an indication of improper linking/use?
