Created attachment 179967 [details] v1 patch # QA portlint & poudriere OK (11.0R amd64). $ portlint -C WARN: /usr/ports/www/h2o/pkg-plist: [2]: If and only if your port is DATADIR-safe (that is, a user can override DATADIR when building this port and the port will still work correctly) consider using DATADIR macro; if you are unsure if this port is DATADIR-safe, then ignore this warning WARN: /usr/ports/www/h2o/pkg-plist: [3]: If and only if your port is DATADIR-safe (that is, a user can override DATADIR when building this port and the port will still work correctly) consider using DATADIR macro; if you are unsure if this port is DATADIR-safe, then ignore this warning WARN: /usr/ports/www/h2o/pkg-plist: [4]: If and only if your port is DATADIR-safe (that is, a user can override DATADIR when building this port and the port will still work correctly) consider using DATADIR macro; if you are unsure if this port is DATADIR-safe, then ignore this warning WARN: /usr/ports/www/h2o/pkg-plist: [5]: If and only if your port is DATADIR-safe (that is, a user can override DATADIR when building this port and the port will still work correctly) consider using DATADIR macro; if you are unsure if this port is DATADIR-safe, then ignore this warning WARN: Makefile: possible use of absolute pathname "/var/log/${PORTNAME}...". FATAL: work: be sure to cleanup the working directory before committing the port. 1 fatal error and 5 warnings found. # changes www/h2o: upgrade 2.0.4 to 2.1.0 and drop bundled libressl switch - Many HTTP/2 and performance improvements - Support latest LibreSSL and OpenSSL libraries - Numerous bug fixes - include CPE security info contributed via shun.fbsd.pr@dropcut.net - drop redundant bundled libressl option as now FreeBSD 10.x supports ChaCha and Poly algorithms across all project-supported SSL variants. Full details at https://github.com/h2o/h2o/releases/tag/v2.1.0
Created attachment 179986 [details] v2 patch with corrected tabstops corrected tab stops to match ports standard
Created attachment 180044 [details] v3 patch with a newly discovered RUBY_NO_RUN_DEPENDS As we only need ruby to build mruby into h2o itself, there's no need for a runtime dependency. Browsing through /usr/ports/*.mk I found a knob to exclude it.
Fails to install on 10.x: --- install-exec-am --- make install-exec-hook --- install-exec-hook --- mkdir: //etc/ssl/certs: Permission denied *** [install-exec-hook] Error code 1
thanks amdmi3. Can you attach poudriere or similar logs? Is this definitely from h2o build, and not from some other package? I see no mention of /certs/ in my successful poudriere run on 10.3R amd64; the only (major) difference perhaps is that my build system uses libressl. https://pkg.skunkwerks.at/poudriere/data/10_amd64-default/2017-02-23_17h15m12s/logs/h2o-2.1.0.log
ok found it, yes it relates to using openssl instead of libressl.
*** Bug 215890 has been marked as a duplicate of this bug. ***
I'm clear what the specific 10.3R issue is now: - 10.3 comes with a version of OpenSSL in base that is too low for h2o as it has no ALPN support - h2o tries to use its embedded LibreSSL which is not what we want Fix is to ensure that on all supported FreeBSD versions, we depend on the user's preferred TLS library, whether Libre/Open/...
Created attachment 180578 [details] v4 patch fixes 10.3R filesystem contamination due to libressl leakage # QA - 10.3 amd64 libressl: https://pkg.skunkwerks.at/poudriere/data/10_amd64-default/2017-03-06_22h28m26s/logs/h2o-2.1.0.log -- Found OpenSSL: /usr/local/lib/libssl.so;/usr/local/lib/libcrypto.so (found version "2.0.0") - 10.3 amd64 openssl: https://pkg.skunkwerks.at/poudriere/data/10_amd64-default/2017-03-06_22h24m37s/logs/h2o-2.1.0.log -- Found OpenSSL: /usr/lib/libssl.so;/usr/lib/libcrypto.so (found version "1.0.1s") the other combos won't finish until tomorrow. # patch If you use git then https://github.com/skunkwerks/ports/commit/b662cf9.patch is probably easier to apply.
A commit references this bug: Author: amdmi3 Date: Fri Mar 17 18:38:07 UTC 2017 New revision: 436349 URL: https://svnweb.freebsd.org/changeset/ports/436349 Log: - Upgrade to 2.1.0 - Drop bundled libressl switch PR: 217088 Submitted by: dch@skunkwerks.at (maintainer) Changes: head/www/h2o/Makefile head/www/h2o/distinfo head/www/h2o/files/patch-CMakeLists.txt head/www/h2o/files/patch-lib_core_request.c head/www/h2o/files/patch-lib_http2_connection.c head/www/h2o/pkg-plist