Zack, On Fri, Apr 26, 2013 at 02:12:46PM +0000, Connelly, Zachary (CGI Federal) wrote: > Emeric, > > I'm not sure about that either actually. We definitely only have 0.9.8~ > versions on the box and I explicitly reference the 0.9.8y library when I > compile the executable: > > TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 > ADDLIB=-L/usr/local/openssl-0.9.8y/lib LDFLAGS+=-ldl
You're missing a ADDINC somewhere, so I guess you're building with another version's headers and with this version's lib, which explains why haproxy -vv reports 1.0.0a (it reports the version used for building). We've checked with Emeric and I can confirm that the SSL struct changed between the two versions, which exactly explains the 8 bytes offset we found for ssl->sid_ctx_length which pointed to some wrong location. I have added a second control in the sources to report both the build version and the runtime version. Cheers, Willy