[gentoo-commits] repo/gentoo:master commit in: www-servers/h2o/files/, www-servers/h2o/
commit: 24f20ce718815bfd0a2db32f9fb116ec81a9e58c
Author: Akinori Hattori gentoo org>
AuthorDate: Sun Oct 22 13:38:38 2023 +
Commit: Akinori Hattori gentoo org>
CommitDate: Sun Oct 22 13:38:38 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24f20ce7
www-servers/h2o: fix CVE-2023-44487
Bug: https://bugs.gentoo.org/915567
Signed-off-by: Akinori Hattori gentoo.org>
www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch | 225 +
www-servers/h2o/h2o-2.2.6-r2.ebuild| 107 ++
2 files changed, 332 insertions(+)
diff --git a/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch
b/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch
new file mode 100644
index ..71a511ac9ed2
--- /dev/null
+++ b/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch
@@ -0,0 +1,225 @@
+https://github.com/h2o/h2o/pull/3293
+
+From 770208bbe3955c47e005a1e8cb08266e4a8dfc9a Mon Sep 17 00:00:00 2001
+From: Remi Gacogne
+Date: Tue, 10 Oct 2023 15:47:57 +0200
+Subject: [PATCH] [http2] delay processing requests upon observing suspicious
+ behavior
+
+Backport of 94fbc54b6c9309912fe3d53e7b63408bbe9a1b0d to v2.2.x
+---
+ include/h2o.h| 8 +++
+ include/h2o/http2_internal.h | 8 +++
+ lib/core/config.c| 1 +
+ lib/core/configurator.c | 9
+ lib/core/context.c | 2 ++
+ lib/http2/connection.c | 41
+ 6 files changed, 65 insertions(+), 4 deletions(-)
+
+diff --git a/include/h2o.h b/include/h2o.h
+index 57877bd12c..409cd5c21c 100644
+--- a/include/h2o.h
b/include/h2o.h
+@@ -378,6 +378,10 @@ struct st_h2o_globalconf_t {
+ * list of callbacks
+ */
+ h2o_protocol_callbacks_t callbacks;
++/**
++ * milliseconds to delay processing requests when suspicious behavior
is detected
++ */
++uint64_t dos_delay;
+ } http2;
+
+ struct {
+@@ -590,6 +594,10 @@ struct st_h2o_context_t {
+ * timeout entry used for graceful shutdown
+ */
+ h2o_timeout_entry_t _graceful_shutdown_timeout;
++/*
++ * dos timeout
++ */
++h2o_timeout_t dos_delay_timeout;
+ struct {
+ /**
+ * counter for http2 errors internally emitted by h2o
+diff --git a/include/h2o/http2_internal.h b/include/h2o/http2_internal.h
+index 5cfc4d8204..b9cf400929 100644
+--- a/include/h2o/http2_internal.h
b/include/h2o/http2_internal.h
+@@ -179,6 +179,7 @@ struct st_h2o_http2_stream_t {
+ h2o_linklist_t link;
+ h2o_http2_scheduler_openref_t scheduler;
+ } _refs;
++unsigned reset_by_peer : 1;
+ h2o_send_state_t send_state; /* state of the ostream, only used in push
mode */
+ /* placed at last since it is large and has it's own ctor */
+ h2o_req_t req;
+@@ -232,6 +233,13 @@ struct st_h2o_http2_conn_t {
+ } _write;
+ h2o_cache_t *push_memo;
+ h2o_http2_casper_t *casper;
++/**
++ * DoS mitigation; the idea here is to delay processing requests when
observing suspicious behavior
++ */
++struct {
++h2o_timeout_entry_t process_delay;
++size_t reset_budget; /* RST_STREAM frames are considered suspicious
when this value goes down to zero */
++} dos_mitigation;
+ };
+
+ int h2o_http2_update_peer_settings(h2o_http2_settings_t *settings, const
uint8_t *src, size_t len, const char **err_desc);
+diff --git a/lib/core/config.c b/lib/core/config.c
+index ce1d320183..08e43a6d30 100644
+--- a/lib/core/config.c
b/lib/core/config.c
+@@ -189,6 +189,7 @@ void h2o_config_init(h2o_globalconf_t *config)
+ config->http2.latency_optimization.min_rtt = 50; // milliseconds
+ config->http2.latency_optimization.max_additional_delay = 10;
+ config->http2.latency_optimization.max_cwnd = 65535;
++config->http2.dos_delay = 100; /* 100ms processing delay when observing
suspicious behavior */
+ config->http2.callbacks = H2O_HTTP2_CALLBACKS;
+ config->mimemap = h2o_mimemap_create();
+
+diff --git a/lib/core/configurator.c b/lib/core/configurator.c
+index 891770cc2d..4731ba2707 100644
+--- a/lib/core/configurator.c
b/lib/core/configurator.c
+@@ -531,6 +531,12 @@ static int
on_config_http2_casper(h2o_configurator_command_t *cmd, h2o_configura
+ return 0;
+ }
+
++
++static int on_config_http2_dos_delay(h2o_configurator_command_t *cmd,
h2o_configurator_context_t *ctx, yoml_t *node)
++{
++return config_timeout(cmd, node, >globalconf->http2.dos_delay);
++}
++
+ static int assert_is_mimetype(h2o_configurator_command_t *cmd, yoml_t *node)
+ {
+ if (node->type != YOML_TYPE_SCALAR) {
+@@ -910,6 +916,9 @@ void h2o_configurator__init_core(h2o_globalconf_t *conf)
+ on_config_http2_push_preload);
+ h2o_configurator_define_command(>super, "http2-casper",
H2O_CONFIGURATOR_FLAG_GLOBAL | H2O_CONFIGURATOR_FLAG_HOST,
+
[gentoo-commits] repo/gentoo:master commit in: www-servers/h2o/files/, www-servers/h2o/
commit: cb0e78c9a028d19e02eb696e3a85090a73887f83
Author: Akinori Hattori gentoo org>
AuthorDate: Sat Aug 6 00:43:01 2022 +
Commit: Akinori Hattori gentoo org>
CommitDate: Sat Aug 6 00:43:01 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb0e78c9
www-servers/h2o: update
Package-Manager: Portage-3.0.30, Repoman-3.0.3
Signed-off-by: Akinori Hattori gentoo.org>
www-servers/h2o/files/h2o-2.3-mruby.patch | 28 ++--
www-servers/h2o/h2o-.ebuild | 12
2 files changed, 22 insertions(+), 18 deletions(-)
diff --git a/www-servers/h2o/files/h2o-2.3-mruby.patch
b/www-servers/h2o/files/h2o-2.3-mruby.patch
index 3db3ebae8806..4f64565a675a 100644
--- a/www-servers/h2o/files/h2o-2.3-mruby.patch
+++ b/www-servers/h2o/files/h2o-2.3-mruby.patch
@@ -1,6 +1,6 @@
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -174,6 +174,19 @@
+@@ -237,6 +237,19 @@
SET(WSLAY_LIBRARIES -lwslay)
ENDIF (NOT WSLAY_FOUND)
@@ -20,31 +20,31 @@
IF (ZLIB_FOUND)
INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS})
LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS})
-@@ -533,7 +546,7 @@
- ELSE ()
- SET(MRUBY_TOOLCHAIN "gcc")
- ENDIF ()
--ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake
-+ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake -v
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby)
- LIST(APPEND STANDALONE_SOURCE_FILES
- lib/handler/mruby.c
-@@ -560,7 +573,7 @@
+@@ -743,7 +756,7 @@
+ ADD_CUSTOM_TARGET(mruby
+ # deps/mruby/tasks/toolchains/clang.rake looks for CC, CXX and LD.
+ # There are no C++ files in deps/mruby, use the C compiler for
linking.
+-MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN} CC=${CMAKE_C_COMPILER}
CXX=${CMAKE_CXX_COMPILER} LD=${CMAKE_C_COMPILER}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake
++MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN} CC=${CMAKE_C_COMPILER}
CXX=${CMAKE_CXX_COMPILER} LD=${CMAKE_C_COMPILER}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake -v
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby
+ BYPRODUCTS "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a"
+
"${CMAKE_CURRENT_BINARY_DIR}/mruby/host/mrbgems/mruby-onig-regexp/onigmo-6.2.0/.libs/libonigmo.a"
+@@ -777,7 +790,7 @@
# note: the paths need to be determined before libmruby.flags.mak is
generated
TARGET_LINK_LIBRARIES(h2o
"${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a"
--
"${CMAKE_CURRENT_BINARY_DIR}/mruby/host/mrbgems/mruby-onig-regexp/onigmo-6.1.2/.libs/libonigmo.a"
+-
"${CMAKE_CURRENT_BINARY_DIR}/mruby/host/mrbgems/mruby-onig-regexp/onigmo-6.2.0/.libs/libonigmo.a"
+${ONIG_LIBRARIES}
"m")
ADD_DEPENDENCIES(h2o mruby)
ENDIF (WITH_MRUBY)
--- a/deps/mruby-onig-regexp/mrbgem.rake
+++ b/deps/mruby-onig-regexp/mrbgem.rake
-@@ -103,10 +103,8 @@
+@@ -108,10 +108,8 @@
if spec.respond_to? :search_package and spec.search_package 'onigmo'
spec.cc.defines += ['HAVE_ONIGMO_H']
--spec.linker.libraries << 'onig'
+-spec.linker.libraries << 'onigmo'
elsif spec.respond_to? :search_package and spec.search_package 'oniguruma'
spec.cc.defines += ['HAVE_ONIGURUMA_H']
-spec.linker.libraries << 'onig'
diff --git a/www-servers/h2o/h2o-.ebuild b/www-servers/h2o/h2o-.ebuild
index cd6fd817fc38..fc47d03e7abb 100644
--- a/www-servers/h2o/h2o-.ebuild
+++ b/www-servers/h2o/h2o-.ebuild
@@ -1,8 +1,7 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
-CMAKE_MAKEFILE_GENERATOR="emake"
SSL_DEPS_SKIP=1
USE_RUBY="ruby26 ruby27"
@@ -20,10 +19,14 @@ IUSE="libh2o +mruby"
RDEPEND="acct-group/h2o
acct-user/h2o
dev-lang/perl
+ dev-libs/openssl:0=
!sci-libs/libh2o
+ sys-libs/libcap
sys-libs/zlib
- libh2o? ( dev-libs/libuv )
- dev-libs/openssl:0="
+ libh2o? (
+ app-arch/brotli
+ dev-libs/libuv
+ )"
DEPEND="${RDEPEND}
mruby? (
${RUBY_DEPS}
@@ -66,6 +69,7 @@ src_prepare() {
src_configure() {
local mycmakeargs=(
-DCMAKE_INSTALL_SYSCONFDIR="${EPREFIX}"/etc/${PN}
+
[gentoo-commits] repo/gentoo:master commit in: www-servers/h2o/files/, www-servers/h2o/
commit: 56d9c51fe6a474950f04fe2597fc7d768c4c9d04
Author: Akinori Hattori gentoo org>
AuthorDate: Wed Jul 4 13:56:33 2018 +
Commit: Akinori Hattori gentoo org>
CommitDate: Wed Jul 4 13:56:33 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56d9c51f
www-servers/h2o: use system oniguruma
Closes: https://bugs.gentoo.org/655462
Package-Manager: Portage-2.3.40, Repoman-2.3.9
www-servers/h2o/files/h2o-2.2-mruby.patch | 67
www-servers/h2o/files/h2o-2.3-mruby.patch | 73 +++
www-servers/h2o/h2o-2.2.4.ebuild | 15 +--
www-servers/h2o/h2o-.ebuild | 12 -
4 files changed, 162 insertions(+), 5 deletions(-)
diff --git a/www-servers/h2o/files/h2o-2.2-mruby.patch
b/www-servers/h2o/files/h2o-2.2-mruby.patch
new file mode 100644
index 000..e542ba8b64d
--- /dev/null
+++ b/www-servers/h2o/files/h2o-2.2-mruby.patch
@@ -0,0 +1,67 @@
+--- a/CMakeLists.txt
b/CMakeLists.txt
+@@ -157,6 +157,16 @@
+ SET(WSLAY_LIBRARIES -lwslay)
+ ENDIF (NOT WSLAY_FOUND)
+
++IF (PKG_CONFIG_FOUND)
++PKG_CHECK_MODULES(ONIG oniguruma)
++IF (ONIG_FOUND)
++LINK_DIRECTORIES(${ONIG_LIBRARY_DIRS})
++ENDIF (ONIG_FOUND)
++ENDIF (PKG_CONFIG_FOUND)
++IF (NOT ONIG_FOUND AND WITH_RUBY)
++MESSAGE(FATAL_ERROR "Oniguruma not found")
++ENDIF (NOT ONIG_FOUND AND WITH_RUBY)
++
+ IF (ZLIB_FOUND)
+ INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS})
+ LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS})
+@@ -460,7 +470,7 @@
+ ELSE ()
+ SET(MRUBY_TOOLCHAIN "gcc")
+ ENDIF ()
+-ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby ruby minirake
++ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby ruby minirake -v
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby)
+ LIST(APPEND STANDALONE_SOURCE_FILES
+ lib/handler/mruby.c
+@@ -491,7 +501,7 @@
+ # note: the paths need to be determined before libmruby.flags.mak is
generated
+ TARGET_LINK_LIBRARIES(h2o
+ "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a"
+-
"${CMAKE_CURRENT_BINARY_DIR}/mruby/host/mrbgems/mruby-onig-regexp/onigmo-6.1.1/.libs/libonigmo.a"
++${ONIG_LIBRARIES}
+ "m")
+ ADD_DEPENDENCIES(h2o mruby)
+ ENDIF (WITH_MRUBY)
+--- a/deps/mruby-onig-regexp/mrbgem.rake
b/deps/mruby-onig-regexp/mrbgem.rake
+@@ -101,9 +101,7 @@
+ cc.defines += ['HAVE_ONIGMO_H']
+ end
+
+- if spec.respond_to? :search_package and spec.search_package 'onigmo'
+-spec.cc.defines += ['HAVE_ONIGMO_H']
+- elsif spec.respond_to? :search_package and spec.search_package 'oniguruma'
++ if spec.respond_to? :search_package and spec.search_package 'oniguruma'
+ spec.cc.defines += ['HAVE_ONIGURUMA_H']
+ elsif build.cc.respond_to? :search_header_path and
build.cc.search_header_path 'oniguruma.h'
+ spec.linker.libraries << 'onig'
+--- a/misc/mruby_config.rb
b/misc/mruby_config.rb
+@@ -15,13 +15,7 @@
+ # use mrbgems
+ Dir.glob("../mruby-*/mrbgem.rake") do |x|
+ g = File.basename File.dirname x
+-if g == 'mruby-onig-regexp'
+- conf.gem "../deps/#{g}" do |c|
+-c.bundle_onigmo
+- end
+-else
+- conf.gem "../deps/#{g}"
+-end
++conf.gem "../deps/#{g}"
+ end
+
+ # include all the core GEMs
diff --git a/www-servers/h2o/files/h2o-2.3-mruby.patch
b/www-servers/h2o/files/h2o-2.3-mruby.patch
new file mode 100644
index 000..a0ad25eba27
--- /dev/null
+++ b/www-servers/h2o/files/h2o-2.3-mruby.patch
@@ -0,0 +1,73 @@
+--- a/CMakeLists.txt
b/CMakeLists.txt
+@@ -174,6 +174,16 @@
+ SET(WSLAY_LIBRARIES -lwslay)
+ ENDIF (NOT WSLAY_FOUND)
+
++IF (PKG_CONFIG_FOUND)
++PKG_CHECK_MODULES(ONIG oniguruma)
++IF (ONIG_FOUND)
++LINK_DIRECTORIES(${ONIG_LIBRARY_DIRS})
++ENDIF (ONIG_FOUND)
++ENDIF (PKG_CONFIG_FOUND)
++IF (NOT ONIG_FOUND AND WITH_RUBY)
++MESSAGE(FATAL_ERROR "Oniguruma not found")
++ENDIF (NOT ONIG_FOUND AND WITH_RUBY)
++
+ IF (ZLIB_FOUND)
+ INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS})
+ LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS})
+@@ -533,7 +543,7 @@
+ ELSE ()
+ SET(MRUBY_TOOLCHAIN "gcc")
+ ENDIF ()
+-ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake
++ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN}
MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb
MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby
MRUBY_ADDITIONAL_CONFIG=${MRUBY_ADDITIONAL_CONFIG} ruby minirake -v
+ WORKING_DIRECTORY
[gentoo-commits] repo/gentoo:master commit in: www-servers/h2o/files/, www-servers/h2o/
commit: c68e501b8b299cdd5dbd42f6f26dcd32fbb911a3
Author: Akinori Hattori gentoo org>
AuthorDate: Wed Jul 4 12:59:44 2018 +
Commit: Akinori Hattori gentoo org>
CommitDate: Wed Jul 4 13:23:46 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c68e501b
www-servers/h2o: tidy
Package-Manager: Portage-2.3.40, Repoman-2.3.9
www-servers/h2o/files/h2o.logrotate | 7 --
www-servers/h2o/h2o-2.2.4.ebuild| 44 -
www-servers/h2o/h2o-.ebuild | 36 --
www-servers/h2o/metadata.xml| 1 +
4 files changed, 44 insertions(+), 44 deletions(-)
diff --git a/www-servers/h2o/files/h2o.logrotate
b/www-servers/h2o/files/h2o.logrotate
index b901bcfacb1..166b6e7f17b 100644
--- a/www-servers/h2o/files/h2o.logrotate
+++ b/www-servers/h2o/files/h2o.logrotate
@@ -1,8 +1,11 @@
+# h2o logrotate script for Gentoo
+
/var/log/h2o/*.log {
missingok
- delaycompress
+ notifempty
sharedscripts
+ delaycompress
postrotate
- test -r $(grep pid-file "/etc/h2o/h2o.conf" | cut -d' ' -f2) &&
kill -HUP $(pidof h2o)
+ /bin/kill -HUP $(grep pid-file "/etc/h2o/h2o.conf" | cut -d' '
-f2 | cat) 2>/dev/null || true
endscript
}
diff --git a/www-servers/h2o/h2o-2.2.4.ebuild b/www-servers/h2o/h2o-2.2.4.ebuild
index 10c508037d7..579c8e92940 100644
--- a/www-servers/h2o/h2o-2.2.4.ebuild
+++ b/www-servers/h2o/h2o-2.2.4.ebuild
@@ -1,14 +1,14 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-EAPI=6
+EAPI="6"
CMAKE_MAKEFILE_GENERATOR="emake"
USE_RUBY="ruby23 ruby24"
inherit cmake-utils ruby-single systemd user
-DESCRIPTION="An optimized HTTP server with support for HTTP/1.x and HTTP/2"
-HOMEPAGE="https://h2o.examp1e.net;
+DESCRIPTION="H2O - the optimized HTTP/1, HTTP/2 server"
+HOMEPAGE="https://h2o.examp1e.net/;
SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="MIT"
@@ -16,7 +16,8 @@ SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="libressl +mruby"
-RDEPEND="
+RDEPEND="dev-lang/perl
+ sys-libs/zlib
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )"
DEPEND="${RDEPEND}
@@ -28,22 +29,14 @@ DEPEND="${RDEPEND}
PATCHES=( "${FILESDIR}"/${P}-libressl.patch )
pkg_setup() {
- enewgroup h2o
- enewuser h2o -1 -1 -1 h2o
-}
-
-src_prepare() {
- # Leave optimization level to user CFLAGS
- sed -i 's/-O2 -g ${CC_WARNING_FLAGS} //g' ./CMakeLists.txt \
- || die "sed fix failed!"
-
- cmake-utils_src_prepare
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 -1 ${PN}
}
src_configure() {
local mycmakeargs=(
- -DCMAKE_INSTALL_SYSCONFDIR="${EPREFIX}"/etc/h2o
- -DWITH_MRUBY="$(usex mruby)"
+ -DCMAKE_INSTALL_SYSCONFDIR="${EPREFIX}"/etc/${PN}
+ -DWITH_MRUBY=$(usex mruby)
-DWITHOUT_LIBS=ON
)
cmake-utils_src_configure
@@ -52,17 +45,18 @@ src_configure() {
src_install() {
cmake-utils_src_install
- newinitd "${FILESDIR}"/h2o.initd h2o
- systemd_dounit "${FILESDIR}"/h2o.service
-
- insinto /etc/h2o
- doins "${FILESDIR}"/h2o.conf
+ keepdir /var/www/localhost/htdocs
- keepdir /var/log/h2o
- fperms 0700 /var/log/h2o
+ insinto /etc/${PN}
+ doins "${FILESDIR}"/${PN}.conf
- keepdir /var/www/localhost/htdocs
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
insinto /etc/logrotate.d
- newins "${FILESDIR}"/h2o.logrotate h2o
+ newins "${FILESDIR}"/${PN}.logrotate ${PN}
+
+ keepdir /var/log/${PN}
+ fowners ${PN}:${PN} /var/log/${PN}
+ fperms 0750 /var/log/${PN}
}
diff --git a/www-servers/h2o/h2o-.ebuild b/www-servers/h2o/h2o-.ebuild
index b0583fd8855..d6c5d65d823 100644
--- a/www-servers/h2o/h2o-.ebuild
+++ b/www-servers/h2o/h2o-.ebuild
@@ -1,14 +1,14 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-EAPI=6
+EAPI="6"
CMAKE_MAKEFILE_GENERATOR="emake"
USE_RUBY="ruby23 ruby24"
inherit cmake-utils git-r3 ruby-single systemd user
-DESCRIPTION="An optimized HTTP server with support for HTTP/1.x and HTTP/2"
-HOMEPAGE="https://h2o.examp1e.net;
+DESCRIPTION="H2O - the optimized HTTP/1, HTTP/2 server"
+HOMEPAGE="https://h2o.examp1e.net/;
EGIT_REPO_URI="https://github.com/${PN}/${PN}.git;
LICENSE="MIT"
@@ -16,7 +16,8 @@ SLOT="0"
KEYWORDS=""
IUSE="libressl +mruby"
-RDEPEND="
+RDEPEND="dev-lang/perl
+ sys-libs/zlib
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )"
DEPEND="${RDEPEND}
@@ -26,14 +27,14 @@ DEPEND="${RDEPEND}
)"
pkg_setup() {
- enewgroup h2o
- enewuser h2o -1 -1 -1 h2o
+
[gentoo-commits] repo/gentoo:master commit in: www-servers/h2o/files/, www-servers/h2o/
commit: 7de7699a136a5f2092f9050ba3f53ff2965e7cfb
Author: csmk chaoslab org>
AuthorDate: Fri Jun 30 12:45:51 2017 +
Commit: Michał Górny gentoo org>
CommitDate: Wed Jul 5 19:49:53 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7de7699a
www-servers/h2o: New package
H2O is a new generation HTTP server that provides quicker
response to users with less CPU utilization when compared to
older generation of web servers. Designed from ground-up,
the server takes full advantage of HTTP/2 features including
prioritized content serving and server push, promising
outstanding experience to the visitors of your web site.
Base for ebuild from https://github.com/csmk/frabjous.
Bug: https://bugs.gentoo.org/623160
Closes: https://github.com/gentoo/gentoo/pull/5015
www-servers/h2o/Manifest| 1 +
www-servers/h2o/files/h2o.conf | 30
www-servers/h2o/files/h2o.initd | 51 +++
www-servers/h2o/files/h2o.logrotate | 8 +
www-servers/h2o/files/h2o.service | 13 +++
www-servers/h2o/h2o-2.2.2.ebuild| 69 +
www-servers/h2o/h2o-.ebuild | 69 +
www-servers/h2o/metadata.xml| 23 +
8 files changed, 264 insertions(+)
diff --git a/www-servers/h2o/Manifest b/www-servers/h2o/Manifest
new file mode 100644
index 000..21a5c58c1c4
--- /dev/null
+++ b/www-servers/h2o/Manifest
@@ -0,0 +1 @@
+DIST h2o-2.2.2.tar.gz 16192602 SHA256
cf45780058566bd63d90ad0b52b1d15f8515519090753398b9bcf770162a0433 SHA512
b5cc08f2be7056bbac4370f9b6ccb1ba0ad4ea61ce67e946a4f26b8f9c0a575f603c899b1a88f17d1065e0e72e1d1094199200ed24b4f3644a3c7df34aa04b51
WHIRLPOOL
d9aff2d3e7caa0334efbac86a807fe8ecd5f146ae56315a5194b8de653ae4f91d33cad754714cd38fadd1c59d87cafe30c1f5f6cb2102362a7647ebd3f18dc84
diff --git a/www-servers/h2o/files/h2o.conf b/www-servers/h2o/files/h2o.conf
new file mode 100644
index 000..ccca5dd2de5
--- /dev/null
+++ b/www-servers/h2o/files/h2o.conf
@@ -0,0 +1,30 @@
+# see /usr/share/doc/h2o/index.html for detailed documentation
+# see h2o --help for command-line options and settings
+
+user: h2o
+pid-file: /run/h2o.pid
+access-log: /var/log/h2o/access.log
+error-log: /var/log/h2o/error.log
+
+# httpoxy mitigation (https://httpoxy.org)
+# see https://github.com/h2o/h2o/pull/996
+setenv:
+ HTTP_PROXY: ""
+
+listen: 80
+
+#listen:
+# port: 443
+#ssl:
+# minimum-version: TLSv1.2
+# certificate-file: /etc/h2o/server.crt
+# key-file: /etc/h2o/server.key
+
+hosts:
+ "localhost:80":
+paths:
+ "/":
+file.dir: /var/www/localhost/htdocs
+ "/doc":
+file.dir: /usr/share/doc/h2o/
+file.index: [ 'index.html' ]
diff --git a/www-servers/h2o/files/h2o.initd b/www-servers/h2o/files/h2o.initd
new file mode 100644
index 000..ad598a5f619
--- /dev/null
+++ b/www-servers/h2o/files/h2o.initd
@@ -0,0 +1,51 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+extra_commands="configtest"
+extra_started_commands="reload"
+description="An optimized HTTP/1.x, HTTP/2 server"
+description_configtest="Run H2O' internal config check"
+description_reload="Reload the H2O configuration or upgrade the binary without
losing connections"
+
+: ${config:="/etc/h2o/h2o.conf"}
+pidfile=$(grep pid-file "${config}" | cut -d' ' -f2)
+
+name="H2O"
+command="/usr/bin/h2o"
+command_args="-m daemon -c ${config}"
+required_files="$config"
+
+depend() {
+ use net
+ after logger
+}
+
+start_pre() {
+ if [ "${RC_CMD}" != "restart" ]; then
+ configtest || return 1
+ fi
+}
+
+stop_pre() {
+ if [ "${RC_CMD}" = "restart" ]; then
+ configtest || return 1
+ fi
+}
+
+reload() {
+ configtest || return 1
+ ebegin "Refreshing ${name} configuration"
+ kill -HUP $(cat ${pidfile}) &>/dev/null
+ eend $? "Failed to reload ${name}"
+}
+
+configtest() {
+ ebegin "Checking ${name} configuration"
+
+ if ! ${command} -c ${config} -t &>/dev/null; then
+ ${command} -c ${config} -t
+ fi
+
+ eend $? "Failed, please correct the errors above"
+}
diff --git a/www-servers/h2o/files/h2o.logrotate
b/www-servers/h2o/files/h2o.logrotate
new file mode 100644
index 000..b901bcfacb1
--- /dev/null
+++ b/www-servers/h2o/files/h2o.logrotate
@@ -0,0 +1,8 @@
+/var/log/h2o/*.log {
+ missingok
+ delaycompress
+ sharedscripts
+ postrotate
+ test -r $(grep pid-file "/etc/h2o/h2o.conf" | cut -d' ' -f2) &&
kill -HUP $(pidof h2o)
+ endscript
+}
diff --git a/www-servers/h2o/files/h2o.service
b/www-servers/h2o/files/h2o.service
new file mode 100644
index 000..fe32c45cd90
--- /dev/null
+++ b/www-servers/h2o/files/h2o.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=An optimized
