Arch Linux User Repository

I downloaded the most recent version of H2O from Git using the master branch, which according to the website is the official version:

As of April 2023, we have ceased to release versions. Rather, each commit to the master branch is considered stable and ready for general use except for the features marked as experimental.

I used below PKGBUILD, which builds clean. The resulting binary does not crash constantly as before.

pkgname=h2o-master-git
pkgver=1.0
pkgrel=1
arch=('i686' 'x86_64')
pkgdesc="H2O: the optimized HTTP/1.x, HTTP/2, HTTP/3 server"
provides=(h2o)
url="https://h2o.examp1e.net"
source=("git+https://github.com/h2o/h2o.git?commit=master?signed/")
sha256sums=('SKIP')


build() {
        cd "$srcdir"/h2o
        cmake -DCMAKE_INSTALL_PREFIX=/usr .
        make
}

package() {
        cd "$srcdir"/h2o
        install -Dm 644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
        install -Dm 644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
        #install -Dm 644 "$srcdir/h2o.service" "$pkgdir/usr/lib/systemd/system/h2o.service"
        install -Dm 644 examples/h2o/h2o.conf "$pkgdir/etc/h2o.conf"
        make DESTDIR="$pkgdir" install
}

Is it just me or are there others who experience constant breakdowns of h2o? I get below error every 105 minutes of execution:

[17862] h2o(+0x1222ea)[0x649525c992ea]
[17862] /usr/lib/libc.so.6(+0x3c770)[0x712e8ada3770] __sigaction at ??:?
[17862] /usr/lib/libressl/libcrypto.so.53(+0xd0bb3)[0x712e8b162bb3] lh_strhash at ??:?
[17862] /usr/lib/libressl/libssl.so.56(SSL_CTX_flush_sessions+0x5b)[0x712e8b26ad5b] ?? ??:0
[17862] h2o(+0x12a023)[0x649525ca1023]
[17862] /usr/lib/libc.so.6(+0x8b55a)[0x712e8adf255a] pthread_condattr_setpshared at ??:?
[17862] /usr/lib/libc.so.6(+0x108a3c)[0x712e8ae6fa3c] __clone at ??:?
Segmentation fault (core dumped)

Or is this New HTTP/2 DoS attack can crash web servers with a single connection?

Version in question:

$ h2o -v
h2o version 2.3.0-DEV@16ea5ef09
OpenSSL: LibreSSL 3.9.1
mruby: YES
capabilities: YES
fusion: YES
ssl-zerocopy: YES
ktls: YES
libaegis: YES

Info on CFLAGS in /etc/makepkg.conf:

CFLAGS="-march=native -mtune=generic -O2 -pipe -fno-plt -fexceptions \
        -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer \
        -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security \
        -fstack-clash-protection -fcf-protection"

A peek into the core dump gives:

Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `h2o'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000777802fe7bb3 in ?? () from /usr/lib/libressl/libcrypto.so.53
[Current thread is 1 (Thread 0x7778002006c0 (LWP 16363))]

And

(gdb) where
#0  0x0000777802fe7bb3 in ?? () from /usr/lib/libressl/libcrypto.so.53
#1  0x00007778030efd5b in SSL_CTX_flush_sessions () from /usr/lib/libressl/libssl.so.56
#2  0x00005d994cc02023 in cache_cleanup_thread (_contexts=0x5d994e07cd70) at /usr/src/debug/h2o-git/h2o/src/ssl.c:110
#3  0x0000777802c7755a in ?? () from /usr/lib/libc.so.6
#4  0x0000777802cf4a3c in ?? () from /usr/lib/libc.so.6

@The_Decryptor

This was not a decision not to use libressl, but to expand the choice of multiple TLS implementations to choose from.

Is the libressl dependency still needed? Upstream switched away from it a few years ago as it was only used due to OpenSSL lacking features at the time.

https://github.com/h2o/h2o/issues/1461

I'm using an h2o build without mruby for a long time. I've just built with mruby enabled and found it hard to build. After patching parse.y, there's still another build problem.

Might need to run with --update or the like:

[2021-01-29T07:24:50.407Z] CC    ../../mruby/host/mrbgems/gem_init.c -> ../../mruby/host/mrbgems/gem_init.o
[2021-01-29T07:24:50.407Z] YACC  mrbgems/mruby-compiler/core/parse.y -> ../../mruby/host/mrbgems/mruby-compiler/core/y.tab.c
[2021-01-29T07:24:50.407Z] /build/h2o-git/src/h2o/deps/mruby/mrbgems/mruby-compiler/core/parse.y:1133.1-12: warning: deprecated directive: ‘%pure-parser’, use ‘%define api.pure’ [-Wdeprecated]
[2021-01-29T07:24:50.407Z]  1133 | %pure-parser
[2021-01-29T07:24:50.407Z]       | ^~~~~~~~~~~~
[2021-01-29T07:24:50.407Z]       | %define api.pure
[2021-01-29T07:24:50.407Z] /build/h2o-git/src/h2o/deps/mruby/mrbgems/mruby-compiler/core/parse.y: warning: fix-its can be applied.  Rerun with option '--update'. [-Wother]
[2021-01-29T07:24:50.407Z] CC    ../../mruby/host/mrbgems/mruby-compiler/core/y.tab.c -> ../../mruby/host/mrbgems/mruby-compiler/core/y.tab.o
[2021-01-29T07:24:50.407Z] CC    ../mruby-onig-regexp/src/mruby_onig_regexp.c -> ../../mruby/host/mrbgems/mruby-onig-regexp/src/mruby_onig_regexp.o
[2021-01-29T07:24:50.407Z] AR    ../../mruby/host/lib/libmruby_core.a 
[2021-01-29T07:24:50.407Z] ar: creating /build/h2o-git/src/h2o/mruby/host/lib/libmruby_core.a
[2021-01-29T07:24:50.407Z] LD    ../../mruby/host/bin/mrbc 
[2021-01-29T07:24:50.407Z]       MRBC mrbgems/mruby-toplevel-ext/mrblib/toplevel.rb 
[2021-01-29T07:24:50.407Z] rake aborted!
[2021-01-29T07:24:50.407Z] exit
[2021-01-29T07:24:50.407Z] 
[2021-01-29T07:24:50.407Z] make[2]: *** [CMakeFiles/mruby.dir/build.make:76: CMakeFiles/mruby] Error 1
[2021-01-29T07:24:50.407Z] make[1]: *** [CMakeFiles/Makefile2:505: CMakeFiles/mruby.dir/all] Error 2
[2021-01-29T07:24:50.407Z] make: *** [Makefile:149: all] Error 2
[2021-01-29T07:24:50.407Z] ==> ERROR: A failure occurred in build().
[2021-01-29T07:24:50.407Z]     Aborting...
script returned exit code 255