Group: Networking/Daemons/HTTP
Source0: https://github.com/h2o/h2o/archive/v%{version}/%{name}-%{version}.tar.gz
# Source0-md5: efc3a98cd21d3b91d66b2a99b1518255
+Patch0: system-ca.patch
URL: https://h2o.examp1e.net/
BuildRequires: cmake >= 2.8.11
BuildRequires: libstdc++-devel
BuildRequires: bison
BuildRequires: ruby-devel
%endif
+Requires: ca-certificates
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _bindir %{_sbindir}
%prep
%setup -q
+%patch0 -p1
%build
install -d build
%attr(755,root,root) %{_datadir}/%{name}/kill-on-close
%attr(755,root,root) %{_datadir}/%{name}/setuidgid
%attr(755,root,root) %{_datadir}/%{name}/start_server
-# TODO: use ca-certificates package
-%{_datadir}/%{name}/ca-bundle.crt
%if %{with mruby}
%{_datadir}/%{name}/mruby
--- /dev/null
+--- h2o-2.2.2/./CMakeLists.txt~ 2017-04-23 06:26:35.000000000 +0300
++++ h2o-2.2.2/./CMakeLists.txt 2017-09-29 15:26:44.945814814 +0300
+@@ -495,7 +495,6 @@
+ ENDIF ()
+
+ INSTALL(PROGRAMS share/h2o/annotate-backtrace-symbols share/h2o/fastcgi-cgi share/h2o/fetch-ocsp-response share/h2o/kill-on-close share/h2o/setuidgid share/h2o/start_server DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o)
+-INSTALL(FILES share/h2o/ca-bundle.crt DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o)
+ INSTALL(FILES share/h2o/status/index.html DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/h2o/status)
+ INSTALL(DIRECTORY doc/ DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/doc/h2o PATTERN "Makefile" EXCLUDE PATTERN "README.md" EXCLUDE)
+ INSTALL(DIRECTORY examples/ DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/doc/h2o/examples)
+--- h2o-2.2.2/./lib/handler/configurator/proxy.c~ 2017-04-23 06:26:35.000000000 +0300
++++ h2o-2.2.2/./lib/handler/configurator/proxy.c 2017-09-29 15:27:40.468710510 +0300
+@@ -298,7 +298,7 @@
+ if (ctx->pathconf == NULL && ctx->hostconf == NULL) {
+ /* is global conf, setup the default SSL context */
+ self->vars->ssl_ctx = create_ssl_ctx();
+- char *ca_bundle = h2o_configurator_get_cmd_path("share/h2o/ca-bundle.crt");
++ char *ca_bundle = "/etc/certs/ca-certificates.crt";
+ if (SSL_CTX_load_verify_locations(self->vars->ssl_ctx, ca_bundle, NULL) != 1)
+ fprintf(stderr, "Warning: failed to load the default certificates file at %s. Proxying to HTTPS servers may fail.\n",
+ ca_bundle);