Arch Linux User Repository

It can be built with lto enabled. Also fixed a mistake in the mruby Rakefile. Postscript, just in case.
My patch is in the public domain.

mruby-Rakefile.patch

diff --git a/deps/mruby/Rakefile b/deps/mruby/Rakefile
index 2f6fa05..6fc1192 100644
--- a/deps/mruby/Rakefile
+++ b/deps/mruby/Rakefile
@@ -37,15 +37,15 @@ load "#{MRUBY_ROOT}/tasks/gitlab.rake"
 task :default => :all

 bin_path = ENV['INSTALL_DIR'] || "#{MRUBY_ROOT}/bin"
-FileUtils.mkdir_p bin_path, { :verbose => $verbose }
+FileUtils.mkdir_p(bin_path, :verbose => $verbose)

 depfiles = MRuby.targets['host'].bins.map do |bin|
   install_path = MRuby.targets['host'].exefile("#{bin_path}/#{bin}")
   source_path = MRuby.targets['host'].exefile("#{MRuby.targets['host'].build_dir}/bin/#{bin}")

   file install_path => source_path do |t|
-    FileUtils.rm_f t.name, { :verbose => $verbose }
-    FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose }
+    FileUtils.rm_f(t.name, :verbose => $verbose)
+    FileUtils.cp(t.prerequisites.first, t.name, :verbose => $verbose)
   end

   install_path
@@ -78,8 +78,8 @@ MRuby.each_target do |target|
         install_path = MRuby.targets['host'].exefile("#{bin_path}/#{bin}")

         file install_path => exec do |t|
-          FileUtils.rm_f t.name, { :verbose => $verbose }
-          FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose }
+          FileUtils.rm_f(t.name, :verbose => $verbose)
+          FileUtils.cp(t.prerequisites.first, t.name, :verbose => $verbose)
         end
         depfiles += [ install_path ]
       elsif target == MRuby.targets['host-debug']
@@ -87,8 +87,8 @@ MRuby.each_target do |target|
           install_path = MRuby.targets['host-debug'].exefile("#{bin_path}/#{bin}")

           file install_path => exec do |t|
-            FileUtils.rm_f t.name, { :verbose => $verbose }
-            FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose }
+            FileUtils.rm_f(t.name, :verbose => $verbose)
+            FileUtils.cp(t.prerequisites.first, t.name, :verbose => $verbose)
           end
           depfiles += [ install_path ]
         end
@@ -127,16 +127,16 @@ end
 desc "clean all built and in-repo installed artifacts"
 task :clean do
   MRuby.each_target do |t|
-    FileUtils.rm_rf t.build_dir, { :verbose => $verbose }
+    FileUtils.rm_rf(t.build_dir, :verbose => $verbose)
   end
-  FileUtils.rm_f depfiles, { :verbose => $verbose }
+  FileUtils.rm_f(depfiles, :verbose => $verbose)
   puts "Cleaned up target build folder"
 end

 desc "clean everything!"
 task :deep_clean => ["clean"] do
   MRuby.each_target do |t|
-    FileUtils.rm_rf t.gem_clone_dir, { :verbose => $verbose }
+    FileUtils.rm_rf(t.gem_clone_dir, :verbose => $verbose)
   end
   puts "Cleaned up mrbgems build folder"
 end

deps.patch

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 436d90c..7073b27 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -81,6 +81,28 @@ OPTION(WITH_MRUBY "whether or not to build with mruby support" ${WITH_MRUBY_DEFA

 OPTION(WITH_PICOTLS "whether or not to build with picotls" "ON")

+IF (PKG_CONFIG_FOUND)
+    PKG_CHECK_MODULES(YAML yaml-0.1)
+    IF (YAML_FOUND)
+        SET(YAML_FOUND TRUE)
+        INCLUDE_DIRECTORIES(${YAML_INCLUDE_DIRS})
+        LINK_DIRECTORIES(${YAML_LIBRARY_DIRS})
+        LIST(APPEND EXTRA_LIBS ${YAML_LIBRARIES})
+        ADD_DEFINITIONS("-DYAML_FOUND")
+    ENDIF (YAML_FOUND)
+ENDIF (PKG_CONFIG_FOUND)
+
+IF (PKG_CONFIG_FOUND)
+    PKG_CHECK_MODULES(HIREDIS hiredis)
+    IF (HIREDIS_FOUND)
+        SET(HIREDIS_FOUND TRUE)
+        INCLUDE_DIRECTORIES(${HIREDIS_INCLUDE_DIRS})
+        LINK_DIRECTORIES(${HIREDIS_LIBRARY_DIRS})
+        LIST(APPEND EXTRA_LIBS ${HIREDIS_LIBRARIES})
+        ADD_DEFINITIONS("-DHIREDIS_FOUND")
+    ENDIF (HIREDIS_FOUND)
+ENDIF (PKG_CONFIG_FOUND)
+
 IF (WITH_BUNDLED_SSL)
     SET(BUNDLED_SSL_INCLUDE_DIR "${CMAKE_CURRENT_BINARY_DIR}/libressl-build/include")
     SET(BUNDLED_SSL_LIBRARIES "${CMAKE_CURRENT_BINARY_DIR}/libressl-build/lib/libssl.a" "${CMAKE_CURRENT_BINARY_DIR}/libressl-build/lib/libcrypto.a")
@@ -174,16 +196,6 @@ ENDIF ()

 SET(CMAKE_C_FLAGS "-O2 -g ${CC_WARNING_FLAGS} ${CMAKE_C_FLAGS} -DH2O_ROOT=\"${CMAKE_INSTALL_PREFIX}\" -DH2O_CONFIG_PATH=\"${CMAKE_INSTALL_SYSCONFDIR}/h2o.conf\"")

-SET(LIBYAML_SOURCE_FILES
-    deps/yaml/src/api.c
-    deps/yaml/src/dumper.c
-    deps/yaml/src/emitter.c
-    deps/yaml/src/loader.c
-    deps/yaml/src/parser.c
-    deps/yaml/src/reader.c
-    deps/yaml/src/scanner.c
-    deps/yaml/src/writer.c)
-
 SET(BROTLI_SOURCE_FILES
     deps/brotli/enc/backward_references.cc
     deps/brotli/enc/block_splitter.cc
@@ -316,7 +328,6 @@ SET(LIB_SOURCE_FILES

 SET(UNIT_TEST_SOURCE_FILES
     ${LIB_SOURCE_FILES}
-    ${LIBYAML_SOURCE_FILES}
     ${BROTLI_SOURCE_FILES}
     deps/picotest/picotest.c
     t/00unit/test.c
@@ -448,7 +459,6 @@ TARGET_LINK_LIBRARIES(examples-latency-optimization libh2o-evloop ${EXTRA_LIBS})
 # standalone server directly links to libh2o using evloop
 SET(STANDALONE_SOURCE_FILES
     ${LIB_SOURCE_FILES}
-    ${LIBYAML_SOURCE_FILES}
     ${BROTLI_SOURCE_FILES}
     deps/neverbleed/neverbleed.c
     src/main.c

h2o-libressl-3.6.2.patch

diff --git a/deps/neverbleed/neverbleed.c b/deps/neverbleed/neverbleed.c
index b6972bb..e0686b0 100644
--- a/deps/neverbleed/neverbleed.c
+++ b/deps/neverbleed/neverbleed.c
@@ -45,7 +45,7 @@
 #endif
 #include "neverbleed.h"

-#if (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010000fL)
+#if (LIBRESSL_VERSION_NUMBER >= 0x3060200fL || OPENSSL_VERSION_NUMBER >= 0x1010000fL)
 #define OPENSSL_1_1_API 1
 #else
 #define OPENSSL_1_1_API 0

PKGBUILD

diff --git a/PKGBUILD b/PKGBUILD
index 24c7d3d..deaa389 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -6,28 +6,61 @@ pkgver=2.2.6
 pkgrel=4
 pkgdesc="Optimized HTTP server with support for HTTP/1.x and HTTP/2"
 arch=('i686' 'x86_64')
-depends=('libuv' 'libyaml' 'openssl' 'wslay' 'zlib')
+depends=('libressl' 'sh' 'libyaml' 'openssl' 'wslay' 'zlib' 'hiredis')
 makedepends=('gcc' 'bison' 'cmake' 'libtool' 'make' 'pkg-config' 'ruby')
 url="https://github.com/h2o/h2o"
 license=('MIT')
 source=($_pkgname-$pkgver.tar.gz::https://codeload.github.com/h2o/$_pkgname/tar.gz/v${pkgver/_/-}
+        deps.patch
+        mruby-Rakefile.patch
+        h2o-libressl-3.6.2.patch
         h2o.service)
 b2sums=('8474751ca9832ddae2022710654ca58a93ebf9ca01afe934950209b04357b7548b05c598c49fe92684b2910fd6309d6fc3923a0b01cdeeb4b0dc65b08842255f'
+        '9ac641e10d627d79437f0bffc5fc9232723de283a2b8f68577265db365a6ded271b1fb35cb09115cbc9edc91dc6c55f3ea4031f98e71bb28d89acea9328b997c'
+        'd492cc8cd8a7a1d5e46414b9a03174a4f7a862fbce0ddeff0843038030afb131074632a0b602cf2866d37a19aba6fdb358430c295a46975c525bdf438b0fcec4'
+        '5d870ba422798053fc751ff6d7d941df352dec6ddaa33c2a9b2c3f83b16571368eda6f8eae464b64582ccbb350a1f931ad372a134576399d1c85ee17d5d08188'
         '59b86cec57d06c3754b0634adef46da6b86ce4b251c5f864ab866e94a169ca2ed9357521a9b645ff38ea463ab168b4f07c0104a34945c4f2fb73df837312d5a7')
 backup=('etc/h2o.conf')
-options=(!lto)
+options=()
 provides=('h2o' 'libh2o')
 conflicts=('libh2o' 'h2o' 'h2o-git')

-build() {
+prepare() {
   cd "$srcdir/$_pkgname-${pkgver/_/-}"

+  patch -p1 -i ${srcdir}/deps.patch
+  patch -p1 -i ${srcdir}/mruby-Rakefile.patch
+  patch -p1 -i ${srcdir}/h2o-libressl-3.6.2.patch
+
+  if [[ "$CC" == "clang" ]] ;then
+    export LD=clang
+  fi
+
+  PKG_CONFIG_PATH=/usr/lib/libressl/pkgconfig \
+  LD_LIBRARY_PATH=/usr/lib/libressl \
   cmake \
+    -DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON \
     -DCMAKE_INSTALL_PREFIX=/usr \
     -DCMAKE_INSTALL_LIBDIR=/usr/lib \
+    -DCMAKE_INSTALL_SYSCONFDIR=/etc \
+    -DCMAKE_LINKER="$LD" \
+    -DCMAKE_C_FLAGS="$CPPFLAGS $CLAGS" \
+    -DCMAKE_CXX_FLAGS="$CPPFLAGS $CXXLAGS" \
+    -DCMAKE_EXE_LINKER_FLAGS="$LDFLAGS" \
+    -DCMAKE_MODULE_LINKER_FLAGS="$LDFLAGS" \
+    -DWITH_MRUBY=on \
+    -DWITHOUT_LIBS=off \
+    -DBUILD_SHARED_LIBS=off \
     -DWITH_BUNDLED_SSL=off \
-    -DWITH_MRUBY=off \
     .
+}
+
+build() {
+  cd "$srcdir/$_pkgname-${pkgver/_/-}"
+  if [[ "$CC" == "clang" ]] ;then
+    export LD=clang
+  fi
+
   make
   make libh2o
 }
@@ -35,8 +68,8 @@ build() {
 package() {
   cd "$srcdir/$_pkgname-${pkgver/_/-}"

-  install -Dm 644 LICENSE "$pkgdir/usr/share/licenses/$_pkgname/LICENSE"
-  install -Dm 644 README.md "$pkgdir/usr/share/doc/$_pkgname/README.md"
+  install -Dm 644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+  install -Dm 644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
   install -Dm 644 "$srcdir/h2o.service" "$pkgdir/usr/lib/systemd/system/h2o.service"
   install -Dm 644 examples/h2o/h2o.conf "$pkgdir/etc/h2o.conf"
   make DESTDIR="$pkgdir" install

Thanks, much appreciated!

Please use h2o-2.2 2.2.6-4.

I have added the options=(!lto). I guess we're good now.

h2o-2.2 package has been updated. It is now using openssl instead of libressl (RIP libressl). I have also added b2sums, removed msg2...

Regarding the "options=(!lto)", I have not added yet. Currently looking at it.

Off-topic: funny that you work at PowerDNS. I used PowerDNS for years. Now testing Trust-DNS as well.

Hello. I'll be looking at it now.

@HLFH: Do you disagree with the proposed changes, or are you lacking the time to apply them? I'm sorry to insist but theses changes are currently blocking for dnsdist, and I'm considering forking this package to something like h2o-nobundledssl-2.2 but I would really like to avoid doing that.

Usage of msg2 is discouraged, therefore, I am also removing that in my diff. Added openssl dependency. https://0x0.st/odmS.diff

This package works absolutely fine without bundled SSL, therefore, it should probably just be disabled.

In order for the libh2o-*.a libraries to be usable, I also needed to set options=(!lto) in the PKGBUILD, otherwise some symbols are not present in the static libraries.