h2o Optimized HTTP/2 server including support for TLS 1.3 and HTTP/1.x

2.2.6 www =4 2.2.6Version of this port present on the latest quarterly branch.

Maintainer: dch@FreeBSD.org

Port Added: 2015-02-17 21:03:25

Last Update: 2020-05-09 02:52:03

SVN Revision: 534701

People watching this port, also watch: dovecot, pkg, expiretable, tmux, postfix

License: MIT BSD2CLAUSE

Description:

H2O is a very fast HTTP server written in C. It can also be used as a library. It supports: - HTTP/1.0, HTTP/1.1 - HTTP/2 - persistent connections - chunked encoding - negotiation methods: NPN, ALPN, Upgrade, direct - dependency and weight-based prioritization - server push - TLS up to 1.3 - support OpenSSL and LibreSSL - forward secrecy - AEAD ciphers - OCSP stapling (automatically enabled) - session resumption (internal memory) - conditional GET using last-modified / etag - mime-type configuration - reverse proxy - websocket support - embedded mruby interpreter for high speed custom functions WWW: https://github.com/h2o/h2o

SVNWeb : Homepage

pkg-plist: as obtained via: make generate-plist

Expand this list (117 items)

1. @ldconfig
2. /usr/local/share/licenses/h2o-2.2.6/catalog.mk
3. /usr/local/share/licenses/h2o-2.2.6/LICENSE
4. /usr/local/share/licenses/h2o-2.2.6/MIT
5. /usr/local/share/licenses/h2o-2.2.6/BSD2CLAUSE
6. bin/h2o
7. include/h2o.h
8. include/h2o/cache_digests.h
9. include/h2o/cache.h
10. include/h2o/configurator.h
11. include/h2o/file.h
12. include/h2o/filecache.h
13. include/h2o/hostinfo.h
14. include/h2o/http1.h
15. include/h2o/http1client.h
16. include/h2o/http2_casper.h
17. include/h2o/http2_internal.h
18. include/h2o/http2_scheduler.h
19. include/h2o/http2.h
20. include/h2o/linklist.h
21. include/h2o/memcached.h
22. include/h2o/memory.h
23. include/h2o/mruby_.h
24. include/h2o/multithread.h
25. include/h2o/openssl_backport.h
26. include/h2o/rand.h
27. include/h2o/serverutil.h
28. include/h2o/socket.h
29. include/h2o/socket/evloop.h
30. include/h2o/socket/uv-binding.h
31. include/h2o/socketpool.h
32. include/h2o/string_.h
33. include/h2o/time_.h
34. include/h2o/timeout.h
35. include/h2o/token.h
36. include/h2o/tunnel.h
37. include/h2o/url.h
38. include/h2o/version.h
39. include/h2o/websocket.h
40. lib/libh2o-evloop.so
41. lib/libh2o-evloop.so.0.13
42. lib/libh2o-evloop.so.0.13.6
43. lib/libh2o.so
44. lib/libh2o.so.0.13
45. lib/libh2o.so.0.13.6
46. libdata/pkgconfig/libh2o-evloop.pc
47. libdata/pkgconfig/libh2o.pc
48. share/h2o/annotate-backtrace-symbols
49. share/h2o/ca-bundle.crt
50. share/h2o/fastcgi-cgi
51. share/h2o/fetch-ocsp-response
52. share/h2o/kill-on-close
53. share/h2o/setuidgid
54. share/h2o/start_server
55. share/h2o/status/index.html
56. share/h2o/mruby/acl.rb
57. share/h2o/mruby/bootstrap.rb
58. share/h2o/mruby/dos_detector.rb
59. share/h2o/mruby/htpasswd.rb
60. share/h2o/mruby/lru_cache.rb
61. share/h2o/mruby/preloads.rb
62. share/h2o/mruby/trie_addr.rb
63. share/doc/h2o/assets/8mbps100msec-nginx195-h2o150.png
64. share/doc/h2o/assets/firstpaintbench.png
65. share/doc/h2o/assets/remotebench.png
66. share/doc/h2o/assets/searchstyle.css
67. share/doc/h2o/assets/staticfile612-nginx1910-h2o170.png
68. share/doc/h2o/assets/style.css
69. share/doc/h2o/benchmarks.html
70. share/doc/h2o/configure.html
71. share/doc/h2o/configure/access_control.html
72. share/doc/h2o/configure/access_log_directives.html
73. share/doc/h2o/configure/base_directives.html
74. share/doc/h2o/configure/basic_auth.html
75. share/doc/h2o/configure/cgi.html
76. share/doc/h2o/configure/command_options.html
77. share/doc/h2o/configure/compress_directives.html
78. share/doc/h2o/configure/dos_detection.html
79. share/doc/h2o/configure/errordoc_directives.html
80. share/doc/h2o/configure/expires_directives.html
81. share/doc/h2o/configure/fastcgi_directives.html
82. share/doc/h2o/configure/file_directives.html
83. share/doc/h2o/configure/headers_directives.html
84. share/doc/h2o/configure/http1_directives.html
85. share/doc/h2o/configure/http2_directives.html
86. share/doc/h2o/configure/mruby_directives.html
87. share/doc/h2o/configure/mruby.html
88. share/doc/h2o/configure/proxy_directives.html
89. share/doc/h2o/configure/quick_start.html
90. share/doc/h2o/configure/redirect_directives.html
91. share/doc/h2o/configure/reproxy_directives.html
92. share/doc/h2o/configure/status_directives.html
93. share/doc/h2o/configure/syntax_and_structure.html
94. share/doc/h2o/configure/throttle_response_directives.html
95. share/doc/h2o/examples/doc_root.alternate/index.txt
96. share/doc/h2o/examples/doc_root/index.html
97. share/doc/h2o/examples/h2o_mruby/h2o.conf
98. share/doc/h2o/examples/h2o_mruby/hello.rb
99. share/doc/h2o/examples/h2o/alternate.crt
100. share/doc/h2o/examples/h2o/alternate.key
101. share/doc/h2o/examples/h2o/h2o.conf
102. share/doc/h2o/examples/h2o/server.crt
103. share/doc/h2o/examples/h2o/server.key
104. share/doc/h2o/examples/libh2o/http1client.c
105. share/doc/h2o/examples/libh2o/latency-optimization.c
106. share/doc/h2o/examples/libh2o/simple.c
107. share/doc/h2o/examples/libh2o/socket-client.c
108. share/doc/h2o/examples/libh2o/websocket.c
109. share/doc/h2o/faq.html
110. share/doc/h2o/index.html
111. share/doc/h2o/install.html
112. share/doc/h2o/search/jquery-1.9.1.min.js
113. share/doc/h2o/search/oktavia-english-search.js
114. share/doc/h2o/search/oktavia-jquery-ui.js
115. share/doc/h2o/search/searchindex.js
116. @dir(www,www,0750) /var/log/h2o/
117. @sample etc/h2o/h2o.conf.sample

Collapse this list.

Dependency lines:

• h2o>0:www/h2o

Conflicts:

CONFLICTS:

• h2o-devel-*

Conflicts Matches:

There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/www/h2o/ && make install clean

To add the package: pkg install h2o

PKGNAME: h2o

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1565781060 SHA256 (h2o-h2o-v2.2.6_GH0.tar.gz) = f8cbc1b530d85ff098f6efc2c3fdbc5e29baffb30614caac59d5c710f7bda201 SIZE (h2o-h2o-v2.2.6_GH0.tar.gz) = 16257760

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

1. ruby26 : lang/ruby26
2. cmake : devel/cmake
3. pkgconf>=1.3.0_1 : devel/pkgconf
4. bison : devel/bison

Runtime dependencies:

1. perl5>=5.30.r1<5.31 : lang/perl5.30

Library dependencies:

1. libuv.so : devel/libuv

Patch dependencies:

1. ruby26 : lang/ruby26

Extract dependencies:

1. ruby26 : lang/ruby26

This port is required by:

for Libraries

1. dns/dnsdist
2. misc/urbit

Configuration Options

===> The following configuration options are available for h2o-2.2.6: DOCS=on: Build and/or install documentation MRUBY=on: Build with embedded mruby handler support ===> Use 'make config' to modify these settings

USES:

cmake:noninja compiler:c11 cpe perl5 shebangfix ssl pkgconfig bison

Master Sites:

1. https://codeload.github.com/h2o/h2o/tar.gz/v2.2.6?dummy=/

• 2016-06-05

  Affects: users of www/h2o

  Author: junovitch@FreeBSD.org

  Reason: 
    File paths no longer have a trailing / appended to them. This enables
    directing specific paths to a file but may break existing configurations.
    Refer to https://h2o.examp1e.net/configure/file_directives.html and
    revise your yaml config appropriately.
  
  

Fix h2o build when building with libressl

PR:	242863
Reported by:	Ulas SAYGIN
Reviewed by:	dch
Approved by:	dch
Differential Revision:	https://reviews.freebsd.org/D24455

www/h2o: unbreak on powerpc64 elfv2

FreeBSD 13 soon switches to LLVM in base, which builds this port.

Approved by:	mentors (implicit approval)

www/h2o: update to 2.2.6

resolves:

- CVE-2019-9512 (Ping Flood)
- CVE-2019-9514 (Reset Flood)
- CVE-2019-9515 (Settings Flood)

PR:		239843
Submitted by:	Max Kostikov <max@kostikov.co>
Reported by:	Max Kostikov <max@kostikov.co>
Reviewed by:	adamw
Approved by:	jrm (mentor, implicit)
MFH:		2019Q3
Security:	CVE-2019-9512
Security:	CVE-2019-9514
Security:	CVE-2019-9515
Sponsored by:	SkunkWerks, GmbH

Bump PORTREVISION for ports depending on the canonical version of GCC
as defined in Mk/bsd.default-versions.mk which has moved from GCC 8.3
to GCC 9.1 under most circumstances now after revision 507371.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, everything INDEX-11 shows with a dependency on lang/gcc9 now.

PR:		238330

h2o{,-devel}: Improve rc.d/h2o, freshen h2o.conf

rc.d/h2o:
 - Add a configtest target
 - Fix a bug that could prevent the script from locating the PIDfile path

h2o.conf:
 - Remove entries that are defaults

PR:		238888
Approved by:	maintainer (dch)
MFH:		2019Q2

www/h2o*: Remove nop CMAKE_VERBOSE

Bump PORTREVISION for ports depending on the canonical version of GCC
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.

PR:		231590

www/h2o: add CONFLICTS and appease portlint

Approved by:	jrm (mentor)
Differential Revision:	https://reviews.freebsd.org/D17466

Bump PORTREVISION for ports depending on the canonical version of GCC
in the ports tree (via Mk/bsd.default-versions.mk and lang/gcc) which
has now moved from GCC 6 to GCC 7 by default.

This includes ports
 - featuring USE_GCC=yes or USE_GCC=any,
 - featuring USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and those
 - with USES=compiler specifying one of openmp, nestedfct, c11, c++0x,
   c++11-lib, c++11-lang, c++14-lang, c++17-lang, or gcc-c++11-lib.

PR:		222542

www/h2o: update 2.2.4 to 2.2.5

- fix buffer overflow CVE-2018-0608 #1775 (Frederik Deweerdt)
- LibreSSL and PicoTLS changes
- see https://github.com/h2o/h2o/blob/master/Changes

PR:		228762
Submitted by:	Max Kostikov <max@kostikov.co>
Approved by:	jrm
MFH:		2018Q3
Security:	CVE-2018-0608

Mark ports broken on powerpc64, categories o-z.

While here, pet portlint and do some other cleanup.

Approved by:	portmgr (tier-2 blanket)

www/h2o: Unbreak: build and install libraries that this project builds by
default

Port changes:
* Remove -DWITHOUT_LIBS=ON: the project builds libs by default,
  and has "it can also be used as a library" in its description.
  If desired, the option NOLIBS can potentially be created.
* Remove stray -DEXTRA_LIBRARIES=OFF: EXTRA_LIBRARIES doesn't exist in the
CMakeLists.txt

Approved by:	portmgr

www/h2o: Fix build with LibreSSL 2.7

 - LibreSSL 2.7 implements OpenSSL 1.1 API
 - Use patch from upstream issue 1706

PR:		227169
Approved by:	maintainer time-out

www/h2o: update to 2.2.4

Approved by:	jrm (mentor)
Sponsored by:	https://iwantmyname.com/
Differential Revision:	https://reviews.freebsd.org/D13077

Mark several ports newly broken on arm.

While here, pet portlint.

Approved by:	portmgr (tier-2 blanket)

www/h2o: update to 2.2.3

- resolve security vulnerabilities via new release
- ensure custom config files are loaded by re-ordering h2o rc.d script
- clean up options while we are here
- full changelog: https://github.com/h2o/h2o/releases/tag/v2.2.3

PR:		222281
Reported by:	freebsd@get-experience.com
Reviewed by:	jrm (mentor)
Approved by:	jrm (mentor)
MFH:		2017Q4
Security:	CVE-2017-10868
Security:	CVE-2017-10869
Differential Revision:	https://reviews.freebsd.org/D12619

Bump PORTREVISION for ports depending on the canonical version of GCC
(via Mk/bsd.default-versions.mk and lang/gcc) which has moved from
GCC 5.4 to GCC 6.4 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++11-lang,
   c++14-lang, c++0x, c11, or gcc-c++11-lib.

PR:		219275

Make ninja opt-out in cmake.mk

Using ninja instead of make (1) can lead to significant speed ups while
building.
Therefore switch from having the ninja generator opt-in to having it opt-out.

Previously cmake-ports that wanted to use ninja could set
    CMAKE_NINJA=yes
now, ports that do not work with ninja can set
    cmake:<existing args>,noninja
Note, that needing this should be an exception and most often points to a broken
cmake of the port.

The ports using cmake were modified
* removed USES=gmake, if ninja is used
* removed MAKE_ARGS, if ninja is used
* added the cmake-argument noninja if necessary

PR:		219629
PR:		213331
Exp-run by:	antoine
Reviewed by:	rakuco
Differential Revision:	https://reviews.freebsd.org/D10748

- Update to 2.2.2

PR:		218764
Submitted by:	maintainer

Bump PORTREVISIONs for ports depending on the canonical version of GCC and
lang/gcc which have moved from GCC 4.9.4 to GCC 5.4 (at least under some
circumstances such as versions of FreeBSD or platforms).

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using using Mk/bsd.octave.mk which in turn has USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++14-lang,
   c++11-lang, c++0x, c11, or gcc-c++11-lib.

PR:		216707

- Upgrade to 2.1.0
- Drop bundled libressl switch

PR:		217088
Submitted by:	dch@skunkwerks.at (maintainer)

www/h2o: Fix Use-after-free vulnerability

  - Fix duplicate PORTREVISION assignment
  - Register OpenSSL dependency when LIBRESSL is OFF

PR:		215587
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)
MFH:		2016Q4
Security:	d0b12952-cb86-11e6-906f-0cc47a065786
Security:	CVE-2016-7835

- add option knob mruby handler as default
- simplify ssl option
- bump portversion

PR:		213733
Submitted by:	dch@skunkwerks.at (maintainer)

http://github.com redirects to https://github.com, spare everyone a redirect.

Sponsored by:	Absolight

Bump PORTREVISIONS for ports depending on the canonical version of GCC and
lang/gcc which have moved from GCC 4.8.5 to GCC 4.9.4 (at least under some
circumstances such as versions of FreeBSD or platforms).

In particular that is ports with USE_GCC=yes, USE_GCC=any, or one of
gcc-c++11-lib, openmp, nestedfct, c++11-lib as well as c++14-lang,
c++11-lang, c++0x, c11 requested via USES=compiler.

www/h2o: Update to 2.0.4 (Fixes vulnerability)

  - Update to version 2.0.4

PR:		211892
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)
Reviewed by:	brnrd
MFH:		2016Q3
Security:	08664d42-7989-11e6-b7a8-74d02b9a84d5

www/h2o: update 2.0.0 -> 2.0.1

This is a bug-fix release of 2.0 series, fixing following issues found in 2.0.0.
* [fastcgi] fix internal server error when PHP returns a huge header #958
* [http2] recognize link header containing multiple links #950
* [libh2o] fix resource leaks upon startup failure #936
* [libh2o] do not require linking to libbrotli externally #941

Changes:	https://github.com/h2o/h2o/releases/tag/v2.0.1

PR:		210769
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: update 1.7.3 -> 2.0.0

- explicitly set H2O_PERL via rc.d script

Summary of major changes:
- support for Brotli compression
- directives for file-level resource mapping
- addition of the status handler
- reverse proxying using HTTPS

Changes:	https://github.com/h2o/h2o/releases/tag/v2.0.0

PR:		209927
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

- Update to 1.7.3

PR:		209926
Submitted by:	Dave Cottlehuber
Security:	65bb1858-27de-11e6-b714-74d02b9a84d5

Update to 1.7.2

- various SSL & signal handling fixes
- minor http2 tweaks

PR:		209517
Submitted by:	dch@skunkwerks.at (maintainer)

www/h2o: Update to 1.7.1

- build system fixes
- improved documentation
- fix file transfer > 2GB on FreeBSD

PR:		208002

Add SIGHUP support.

Support soft reloading of config via `sudo service h2o reload`.

PR:		207093
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: Update to 1.7.0

- Update PORTVERSION and dinsto checksum (1.7.0)
- Update pkg-plist

Changes:

  https://github.com/h2o/h2o/blob/v1.7.0/Changes

PR:		206949
Submitted by:	Dave Cottlehuber <dch skunkwerks at> (maintainer)

Update to 1.6.3.

PR:		206708
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

- Update to 1.6.2

PR:		206193
Submitted by:	maintainer
MFH:		2016Q1
Security:	6c808811-bb9a-11e5-a65c-485d605f4717

- Remove unused USE_* knobs:
   databases/mysql57-server
   games/kajongg
   textproc/ruby-htree

- Fix typos in USE_* knobs:
   graphics/fortytwo
   math/hexcalc
   misc/gnustep-examples
   www/h2o

- Remove unused BROKEN_alpha knob:
   devel/directfb

- Remove user-settable knob:
   multimedia/tovid

Approved by:	portmgr blanket

www/h2o: update 1.6.0 -> 1.6.1 and add LibreSSL option

- OPTIONS: Add bundled LIBRESSL option and set as default
  - HTTP/2 support requires TLS ALPN extension missing in base OpenSSL
  - Upstream expectation is the bundled LibreSSL is used to support HTTP/2
  - Enables ChaCha20-Poly1305 ciphers as a bonus
- Update sample configuration file

Changes:	https://github.com/h2o/h2o/releases/tag/v1.6.1

PR:		205946
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: update 1.5.3 -> 1.6.0

Changes:	https://github.com/h2o/h2o/releases/tag/v1.6.0

PR:		205337
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: update 1.5.2 -> 1.5.3

Changes:	https://github.com/h2o/h2o/releases/tag/v1.5.3

PR:		204321
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: update 1.5.0 -> 1.5.2

- Update cmake args and regen cmake patch for the new release
- Add documentation files to pkg-plist

Changes:	https://github.com/h2o/h2o/releases/tag/v1.5.1
Changes:	https://github.com/h2o/h2o/releases/tag/v1.5.2

PR:		203956
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

www/h2o: update 1.4.5 -> 1.5.0

Changes:	https://github.com/h2o/h2o/releases/tag/v1.5.0

PR:		203575
Submitted by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

- Fix rc.d issues introduced with recent perl changes [1]
- Update to 1.4.5 [2]

PR:		203147 [1], 203096 [2]
Submitted by:	Dave Cottlehuber (maintainer)

- Fix rc.d script
- Bump PORTVERSION

PR:		202937
Submitted by:	gblach
Approved by:	Dave Cottlehuber (dch <at> skunkwerks <dot> at)

- Update to 1.4.4 [1]
- Drop 8.x support [2]

PR:		202818 [1]
Submitted by:	Dave Cottlehuber (dch <at> skunkwerks <dot> at) [1]
Approved by:	portmgr blanket [2]

- Update to 1.4.3

PR:		202379
Submitted by:	dch@skunkwerks.at(maintainer)

www/h2o: 1.2.0 -> 1.4.2

ChangeLog:
https://github.com/h2o/h2o/releases

PR:		200998
Submitted by:	sean@x-n.su
Approved by:	Dave Cottlehuber <dch@skunkwerks.at> (maintainer)

- Fix shebangs

Approved by:	portmgr blanket
MFH:		2015Q2

- Update to 1.2.0

PR:		198573
Submitted by:	anonymous.bug.report@gmail.com
Approved by:	dch@skunkwerks.at(maintainer)

Update ports in the remaining categories to not use GH_COMMIT.

With minor cleanups to make things simpler.

With hat:	portmgr
Sponsored by:	Absolight

OSVERSION is not defined before bsd.pre.

Pointy Hat to:	az
Sponsored by:	Absolight

- update to 1.0.1
- ignore build on OSVERSION < 9.0 as it doesn't compile even with clang
- some port cleanups

PR:		197846
Submitted by:	dch@skunkwerks.at (maintainer)

- remove -r flag from daemon runtime.
- bump PORTREVISION

PR:		197519
Submitted by:	maintainer

- add new port: www/h2o

H2O is a very fast HTTP server written in C. It can also be used as a library.
It supports:

- HTTP/1.0, HTTP/1.1
- [HTTP/2](http://http2.github.io/)
- draft 16 (and draft 14 to support older clients)
- persistent connections
- chunked encoding
- negotiation methods: NPN, ALPN, Upgrade, direct
- dependency and weight-based prioritization
- server push
- TLS
- uses [OpenSSL](https://www.openssl.org/)

16 vulnerabilities affecting 89 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2020-05-31 11:54:41