Package Details: h2o-git 2.2.0.8110-2

Git Clone URL: https://aur.archlinux.org/h2o-git.git (read-only, click to copy)
Package Base: h2o-git
Description: Optimized HTTP server with support for HTTP/1.x and HTTP/2
Upstream URL: https://github.com/h2o/h2o
Licenses: MIT
Conflicts: h2o, libh2o
Provides: h2o, libh2o
Submitter: mytbk
Maintainer: mytbk (phoepsilonix)
Last Packager: phoepsilonix
Votes: 2
Popularity: 0.000004
First Submitted: 2019-02-06 07:05 (UTC)
Last Updated: 2024-11-14 13:14 (UTC)

Latest Comments

1 2 Next › Last »

phoepsilonix commented on 2024-06-25 07:57 (UTC)

I have not reproduced the error here, but I will change it to openssl by default. If you want to use libressl, please refer to the comment out in the PKGBUILD and make the necessary changes. With the conditions you have presented, I don't think the built-in mruby is enabled, so the conditions will not be the same, but please give it a try.

eklausmeier commented on 2024-04-12 17:29 (UTC) (edited on 2024-04-12 17:41 (UTC) by eklausmeier)

I downloaded the most recent version of H2O from Git using the master branch, which according to the website is the official version:

As of April 2023, we have ceased to release versions. Rather, each commit to the master branch is considered stable and ready for general use except for the features marked as experimental.

I used below PKGBUILD, which builds clean. The resulting binary does not crash constantly as before.

pkgname=h2o-master-git
pkgver=1.0
pkgrel=1
arch=('i686' 'x86_64')
pkgdesc="H2O: the optimized HTTP/1.x, HTTP/2, HTTP/3 server"
provides=(h2o)
url="https://h2o.examp1e.net"
source=("git+https://github.com/h2o/h2o.git?commit=master?signed/")
sha256sums=('SKIP')


build() {
        cd "$srcdir"/h2o
        cmake -DCMAKE_INSTALL_PREFIX=/usr .
        make
}

package() {
        cd "$srcdir"/h2o
        install -Dm 644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
        install -Dm 644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
        #install -Dm 644 "$srcdir/h2o.service" "$pkgdir/usr/lib/systemd/system/h2o.service"
        install -Dm 644 examples/h2o/h2o.conf "$pkgdir/etc/h2o.conf"
        make DESTDIR="$pkgdir" install
}

eklausmeier commented on 2024-04-09 16:52 (UTC) (edited on 2024-04-10 19:44 (UTC) by eklausmeier)

Is it just me or are there others who experience constant breakdowns of h2o? I get below error every 105 minutes of execution:

[17862] h2o(+0x1222ea)[0x649525c992ea]
[17862] /usr/lib/libc.so.6(+0x3c770)[0x712e8ada3770] __sigaction at ??:?
[17862] /usr/lib/libressl/libcrypto.so.53(+0xd0bb3)[0x712e8b162bb3] lh_strhash at ??:?
[17862] /usr/lib/libressl/libssl.so.56(SSL_CTX_flush_sessions+0x5b)[0x712e8b26ad5b] ?? ??:0
[17862] h2o(+0x12a023)[0x649525ca1023]
[17862] /usr/lib/libc.so.6(+0x8b55a)[0x712e8adf255a] pthread_condattr_setpshared at ??:?
[17862] /usr/lib/libc.so.6(+0x108a3c)[0x712e8ae6fa3c] __clone at ??:?
Segmentation fault (core dumped)

Or is this New HTTP/2 DoS attack can crash web servers with a single connection?

Version in question:

$ h2o -v
h2o version 2.3.0-DEV@16ea5ef09
OpenSSL: LibreSSL 3.9.1
mruby: YES
capabilities: YES
fusion: YES
ssl-zerocopy: YES
ktls: YES
libaegis: YES

Info on CFLAGS in /etc/makepkg.conf:

CFLAGS="-march=native -mtune=generic -O2 -pipe -fno-plt -fexceptions \
        -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer \
        -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security \
        -fstack-clash-protection -fcf-protection"

A peek into the core dump gives:

Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `h2o'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000777802fe7bb3 in ?? () from /usr/lib/libressl/libcrypto.so.53
[Current thread is 1 (Thread 0x7778002006c0 (LWP 16363))]

And

(gdb) where
#0  0x0000777802fe7bb3 in ?? () from /usr/lib/libressl/libcrypto.so.53
#1  0x00007778030efd5b in SSL_CTX_flush_sessions () from /usr/lib/libressl/libssl.so.56
#2  0x00005d994cc02023 in cache_cleanup_thread (_contexts=0x5d994e07cd70) at /usr/src/debug/h2o-git/h2o/src/ssl.c:110
#3  0x0000777802c7755a in ?? () from /usr/lib/libc.so.6
#4  0x0000777802cf4a3c in ?? () from /usr/lib/libc.so.6

phoepsilonix commented on 2024-02-29 08:41 (UTC)

@The_Decryptor

This was not a decision not to use libressl, but to expand the choice of multiple TLS implementations to choose from.

The_Decryptor commented on 2023-10-29 08:51 (UTC)

Is the libressl dependency still needed? Upstream switched away from it a few years ago as it was only used due to OpenSSL lacking features at the time.

https://github.com/h2o/h2o/issues/1461

mytbk commented on 2021-06-13 13:06 (UTC)

I'm using an h2o build without mruby for a long time. I've just built with mruby enabled and found it hard to build. After patching parse.y, there's still another build problem.

1 2 Next › Last »