diff --git a/etc/systemd/system/php7.4-fpm.service b/etc/systemd/system/php7.4-fpm.service deleted file mode 100644 index 3a5f376..0000000 --- a/etc/systemd/system/php7.4-fpm.service +++ /dev/null @@ -1,16 +0,0 @@ -# This service is actually a systemd target, -# but we are using a service since targets cannot be reloaded. - -[Unit] -Description=The PHP 7.3 FastCGI Process Manager (multi instance master) -Documentation=man:php-fpm7.3(8) -After=network.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/true -ExecReload=/bin/true - -[Install] -WantedBy=multi-user.target diff --git a/etc/systemd/system/php7.4-fpm@.service b/etc/systemd/system/php7.4-fpm@.service deleted file mode 100644 index a689e58..0000000 --- a/etc/systemd/system/php7.4-fpm@.service +++ /dev/null @@ -1,35 +0,0 @@ -[Unit] -Description=The PHP 7.4 FastCGI Process Manager (instance %i) -Documentation=man:php-fpm7.4(8) -After=network.target -PartOf=php7.4-fpm.service -ReloadPropagatedFrom=php7.4-fpm.service - -[Service] -Type=notify -PIDFile=/run/php/php7.4-fpm-%i.pid -ExecStart=/usr/sbin/php-fpm7.4 --nodaemonize --fpm-config /etc/php/7.4/fpm/php-fpm-%i.conf -ExecReload=/bin/kill -USR2 $MAINPID -LimitNOFILE=100000 -TimeoutStartSec=300 -ProtectSystem=strict -PrivateTmp=true -NoNewPrivileges=true -PrivateDevices=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectControlGroups=true -LockPersonality=true -SystemCallArchitectures=native -ReadWritePaths=-/var/log/ -ReadWritePaths=-/var/run/ -ReadWritePaths=-/run/ -InaccessiblePaths=-/root/ -CPUQuota=100% -MemoryHigh=25% -MemoryMax=35% -RuntimeDirectory=php -RuntimeDirectoryPreserve=yes - -[Install] -WantedBy=multi-user.target diff --git a/etc/systemd/system/php7.4-fpm@default.service b/etc/systemd/system/php7.4-fpm@default.service deleted file mode 100644 index 1e4fff7..0000000 --- a/etc/systemd/system/php7.4-fpm@default.service +++ /dev/null @@ -1,39 +0,0 @@ -[Unit] -Description=The PHP 7.4 FastCGI Process Manager -Documentation=man:php-fpm7.4(8) -After=network.target -PartOf=php7.4-fpm.service -ReloadPropagatedFrom=php7.4-fpm.service - -[Service] -Type=notify -PIDFile=/run/php/php7.4-fpm.pid -ExecStart=/usr/sbin/php-fpm7.4 --nodaemonize --fpm-config /etc/php/7.4/fpm/php-fpm.conf -ExecReload=/bin/kill -USR2 $MAINPID -LimitNOFILE=100000 -TimeoutStartSec=300 -ProtectSystem=strict -PrivateTmp=true -# sendmail requires it... -#NoNewPrivileges=true -PrivateDevices=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectControlGroups=true -LockPersonality=true -SystemCallArchitectures=native -ReadWritePaths=-/var/log/ -ReadWritePaths=-/var/run/ -ReadWritePaths=-/run/ -ReadWritePaths=-/var/local/squirrelmail/ -ReadWritePaths=-/var/www/ -ReadWritePaths=-/var/spool/postfix/ -InaccessiblePaths=-/root/ -CPUQuota=100% -MemoryHigh=25% -MemoryMax=35% -RuntimeDirectory=php -RuntimeDirectoryPreserve=yes - -[Install] -WantedBy=multi-user.target diff --git a/install_binaries.sh b/install_binaries.sh index 681d891..0680cda 100755 --- a/install_binaries.sh +++ b/install_binaries.sh @@ -139,7 +139,7 @@ cd nginx git fetch --all git checkout release-1.23.2 cd ngx_brotli && git fetch --all && git checkout 6e975bcb015f62e1f303054897783355e2a877dc && cd .. -cd ngx_devel_kit && git fetch --all && git checkout v0.3.1 && cd .. +cd ngx_devel_kit && git fetch --all && git checkout v0.3.2 && cd .. cd rds-json-nginx-module && git fetch --all && git checkout v0.15 && cd .. cd set-misc-nginx-module && git fetch --all && git checkout v0.33 && cd .. cd lua-resty-core @@ -1440,350 +1440,7 @@ LIBS='-lgpg-error' CXXFLAGS='-O3 -mtune=native -march=native' CFLAGS='-O3 -mtune make -j $PROC_LIMIT install make distclean git reset --hard -git checkout php-7.4.33 -cat <= 1.4.2]) -+ -+ PHP_EVAL_INCLINE(\$ENCHANT_CFLAGS) -+ PHP_EVAL_LIBLINE(\$ENCHANT_LIBS, ENCHANT_SHARED_LIBADD) - -- PHP_CHECK_LIBRARY(enchant, enchant_get_version, -- [ -- AC_DEFINE(HAVE_ENCHANT_GET_VERSION, 1, [ ]) -- ], [ ], [ -- \$ENCHANT_LIBS -- ]) -- -- PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, -- [ -- AC_DEFINE(HAVE_ENCHANT_BROKER_SET_PARAM, 1, [ ]) -- ], [ ], [ -- \$ENCHANT_LIBS -- ]) -+ PHP_CHECK_LIBRARY(enchant, enchant_get_version, -+ [ -+ AC_DEFINE(HAVE_ENCHANT_GET_VERSION, 1, [ enchant_get_version since 1.6.0 ]) -+ ], [ ], [ -+ \$ENCHANT_LIBS -+ ]) -+ -+ PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, -+ [ -+ AC_DEFINE(HAVE_ENCHANT_BROKER_SET_PARAM, 1, [ enchant_broker_set_param since 1.5.0 and removed in 2.x ]) -+ ], [ ], [ -+ \$ENCHANT_LIBS -+ ]) -+ fi -+ -+ AC_DEFINE(HAVE_ENCHANT, 1, [ ]) - - PHP_NEW_EXTENSION(enchant, enchant.c, \$ext_shared) - PHP_SUBST(ENCHANT_SHARED_LIBADD) -diff --git a/ext/enchant/enchant.c b/ext/enchant/enchant.c -index 6ce9d4b..900d605 100644 ---- a/ext/enchant/enchant.c -+++ b/ext/enchant/enchant.c -@@ -135,9 +135,10 @@ static const zend_function_entry enchant_functions[] = { - PHP_FE(enchant_broker_describe, arginfo_enchant_broker_free) - PHP_FE(enchant_dict_check, arginfo_enchant_dict_check) - PHP_FE(enchant_dict_suggest, arginfo_enchant_dict_check) -- PHP_FE(enchant_dict_add_to_personal, arginfo_enchant_dict_check) -+ PHP_FE(enchant_dict_add, arginfo_enchant_dict_check) -+ PHP_FALIAS(enchant_dict_add_to_personal, enchant_dict_add, arginfo_enchant_dict_check) - PHP_FE(enchant_dict_add_to_session, arginfo_enchant_dict_check) -- PHP_FE(enchant_dict_is_in_session, arginfo_enchant_dict_check) -+ PHP_FE(enchant_dict_is_added, arginfo_enchant_dict_check) - PHP_FE(enchant_dict_store_replacement, arginfo_enchant_dict_store_replacement) - PHP_FE(enchant_dict_get_error, arginfo_enchant_broker_free_dict) - PHP_FE(enchant_dict_describe, arginfo_enchant_broker_free_dict) -@@ -285,6 +286,9 @@ PHP_MINIT_FUNCTION(enchant) - le_enchant_dict = zend_register_list_destructors_ex(php_enchant_dict_free, NULL, "enchant_dict", module_number); - REGISTER_LONG_CONSTANT("ENCHANT_MYSPELL", PHP_ENCHANT_MYSPELL, CONST_CS | CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("ENCHANT_ISPELL", PHP_ENCHANT_ISPELL, CONST_CS | CONST_PERSISTENT); -+#ifdef HAVE_ENCHANT_GET_VERSION -+ REGISTER_STRING_CONSTANT("LIBENCHANT_VERSION", enchant_get_version(), CONST_CS | CONST_PERSISTENT); -+#endif - return SUCCESS; - } - /* }}} */ -@@ -392,7 +396,7 @@ PHP_FUNCTION(enchant_broker_get_error) - { - zval *broker; - enchant_broker *pbroker; -- char *msg; -+ const char *msg; - - if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &broker) == FAILURE) { - RETURN_FALSE; -@@ -738,7 +742,7 @@ PHP_FUNCTION(enchant_dict_quick_check) - for (i = 0; i < n_sugg; i++) { - add_next_index_string(sugg, suggs[i]); - } -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - - -@@ -793,14 +797,14 @@ PHP_FUNCTION(enchant_dict_suggest) - add_next_index_string(return_value, suggs[i]); - } - -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - } - /* }}} */ - --/* {{{ proto void enchant_dict_add_to_personal(resource dict, string word) -+/* {{{ proto void enchant_dict_add(resource dict, string word) - add 'word' to personal word list */ --PHP_FUNCTION(enchant_dict_add_to_personal) -+PHP_FUNCTION(enchant_dict_add) - { - zval *dict; - char *word; -@@ -813,7 +817,7 @@ PHP_FUNCTION(enchant_dict_add_to_personal) - - PHP_ENCHANT_GET_DICT; - -- enchant_dict_add_to_personal(pdict->pdict, word, wordlen); -+ enchant_dict_add(pdict->pdict, word, wordlen); - } - /* }}} */ - -@@ -836,9 +840,9 @@ PHP_FUNCTION(enchant_dict_add_to_session) - } - /* }}} */ - --/* {{{ proto bool enchant_dict_is_in_session(resource dict, string word) -+/* {{{ proto bool enchant_dict_is_added(resource dict, string word) - whether or not 'word' exists in this spelling-session */ --PHP_FUNCTION(enchant_dict_is_in_session) -+PHP_FUNCTION(enchant_dict_is_added) - { - zval *dict; - char *word; -@@ -851,7 +855,7 @@ PHP_FUNCTION(enchant_dict_is_in_session) - - PHP_ENCHANT_GET_DICT; - -- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen)); -+ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen)); - } - /* }}} */ - -@@ -884,7 +888,7 @@ PHP_FUNCTION(enchant_dict_get_error) - { - zval *dict; - enchant_dict *pdict; -- char *msg; -+ const char *msg; - - if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &dict) == FAILURE) { - RETURN_FALSE; -diff --git a/ext/enchant/php_enchant.h b/ext/enchant/php_enchant.h -index 9ba2109..b810170 100644 ---- a/ext/enchant/php_enchant.h -+++ b/ext/enchant/php_enchant.h -@@ -53,9 +53,9 @@ PHP_FUNCTION(enchant_broker_describe); - - PHP_FUNCTION(enchant_dict_check); - PHP_FUNCTION(enchant_dict_suggest); --PHP_FUNCTION(enchant_dict_add_to_personal); -+PHP_FUNCTION(enchant_dict_add); - PHP_FUNCTION(enchant_dict_add_to_session); --PHP_FUNCTION(enchant_dict_is_in_session); -+PHP_FUNCTION(enchant_dict_is_added); - PHP_FUNCTION(enchant_dict_store_replacement); - PHP_FUNCTION(enchant_dict_get_error); - PHP_FUNCTION(enchant_dict_describe); -diff --git a/ext/enchant/tests/broker_free_02.phpt b/ext/enchant/tests/broker_free_02.phpt -index 75ce5cb..30abd45 100644 ---- a/ext/enchant/tests/broker_free_02.phpt -+++ b/ext/enchant/tests/broker_free_02.phpt -@@ -21,7 +21,7 @@ if (is_resource(\$broker)) { - if (\$requestDict) { - echo("OK\n"); - for(\$x=0;\$x")) die('skip libenchant v1 only'); - ?> - --FILE-- - - --EXPECTF-- -+Deprecated: Function enchant_broker_get_dict_path() is deprecated in %s -+ - Warning: enchant_broker_get_dict_path(): dict_path not set in %s on line %d - bool(false) - -+Deprecated: Function enchant_broker_get_dict_path() is deprecated in %s -+ - Warning: enchant_broker_get_dict_path(): dict_path not set in %s on line %d - bool(false) -diff --git a/ext/enchant/tests/dict_add_to_personal.phpt b/ext/enchant/tests/dict_add_to_personal.phpt -index e711a25..94b7fbd 100644 ---- a/ext/enchant/tests/dict_add_to_personal.phpt -+++ b/ext/enchant/tests/dict_add_to_personal.phpt -@@ -1,5 +1,5 @@ - --TEST-- --enchant_dict_add_to_personal() function -+enchant_dict_add() function - --CREDITS-- - marcosptf - - --SKIPIF-- -@@ -20,7 +20,7 @@ if (is_resource(\$broker)) { - - if (\$requestDict) { - echo("OK\n"); -- \$AddtoPersonalDict = enchant_dict_add_to_personal(\$requestDict,\$newWord); -+ \$AddtoPersonalDict = enchant_dict_add(\$requestDict,\$newWord); - - if (NULL === \$AddtoPersonalDict) { - var_dump(\$AddtoPersonalDict); -diff --git a/ext/enchant/tests/dict_check.phpt b/ext/enchant/tests/dict_check.phpt -index eb4198c..8810db6 100644 ---- a/ext/enchant/tests/dict_check.phpt -+++ b/ext/enchant/tests/dict_check.phpt -@@ -20,7 +20,7 @@ if (is_resource(\$broker)) { - - if (\$requestDict) { - echo("OK\n"); -- enchant_dict_add_to_personal(\$requestDict, \$newWord); -+ enchant_dict_add(\$requestDict, \$newWord); - - if (enchant_dict_check(\$requestDict, \$newWord)) { - echo("OK\n"); -diff --git a/ext/enchant/tests/dict_is_in_session.phpt b/ext/enchant/tests/dict_is_in_session.phpt -index 4e670d5..b074105 100644 ---- a/ext/enchant/tests/dict_is_in_session.phpt -+++ b/ext/enchant/tests/dict_is_in_session.phpt -@@ -20,10 +20,10 @@ if (is_resource(\$broker)) { - - if (\$requestDict) { - echo("OK\n"); -- \$AddtoPersonalDict = enchant_dict_add_to_personal(\$requestDict,\$newWord); -+ \$AddtoPersonalDict = enchant_dict_add(\$requestDict,\$newWord); - - if (NULL === \$AddtoPersonalDict) { -- var_dump(enchant_dict_is_in_session(\$requestDict,\$newWord)); -+ var_dump(enchant_dict_is_added(\$requestDict,\$newWord)); - } else { - echo("dict add to personal failed\n"); - } -diff --git a/ext/enchant/tests/enchant_broker_set_dict_path.phpt b/ext/enchant/tests/enchant_broker_set_dict_path.phpt -index db35288..a072c25 100644 ---- a/ext/enchant/tests/enchant_broker_set_dict_path.phpt -+++ b/ext/enchant/tests/enchant_broker_set_dict_path.phpt -@@ -7,7 +7,8 @@ marcosptf - - ")) die('skip libenchant v1 only'); - ?> - --FILE-- - ----EXPECT-- -+--EXPECTF-- - OK -+ -+Deprecated: Function enchant_broker_set_dict_path() is deprecated in %s - OK -+ -+Deprecated: Function enchant_broker_set_dict_path() is deprecated in %s - OK -+ -+Deprecated: Function enchant_broker_get_dict_path() is deprecated in %s -+ -+Deprecated: Function enchant_broker_get_dict_path() is deprecated in %s - OK - diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c -index aa819be..2fa74f2 100644 ---- a/ext/openssl/openssl.c -+++ b/ext/openssl/openssl.c -@@ -55,6 +55,10 @@ - #include - #include - #include -+#if PHP_OPENSSL_API_VERSION >= 0x30000 -+#include -+#include -+#endif - - /* Common */ - #include -@@ -1517,7 +1521,9 @@ PHP_MINIT_FUNCTION(openssl) - REGISTER_LONG_CONSTANT("PKCS7_NOSIGS", PKCS7_NOSIGS, CONST_CS|CONST_PERSISTENT); - - REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT); -+#ifdef RSA_SSLV23_PADDING - REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT); -+#endif - REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT); - -EOF - -./buildconf -f -LIBS='-lgpg-error' CXXFLAGS='-O3 -mtune=native -march=native' CFLAGS='-O3 -mtune=native -march=native' ./configure -C --enable-re2c-cgoto --prefix=/usr --with-config-file-scan-dir=/etc/php/7.4/fpm/conf.d --libdir=/usr/lib/php --libexecdir=/usr/lib/php --datadir=/usr/share/php/7.4 --program-suffix=7.4 --sysconfdir=/etc --localstatedir=/var --mandir=/usr/share/man --enable-fpm --enable-cli --disable-cgi --disable-phpdbg --with-fpm-systemd --with-fpm-user=www-data --with-fpm-group=www-data --with-layout=GNU --disable-dtrace --disable-short-tags --without-valgrind --disable-shared --disable-debug --disable-rpath --without-pear --with-openssl --enable-bcmath --with-bz2 --enable-calendar --with-curl --enable-dba --with-qdbm --with-lmdb --enable-exif --enable-ftp --enable-gd --with-external-gd --with-jpeg --with-webp --with-xpm --with-freetype --enable-gd-jis-conv --with-gettext --with-gmp --with-mhash --with-imap --with-imap-ssl --with-kerberos --enable-intl --with-ldap --with-ldap-sasl --enable-mbstring --with-mysqli --with-pdo-mysql --enable-mysqlnd --with-mysql-sock=/var/run/mysqld/mysqld.sock --with-zlib --with-libedit --with-readline --enable-shmop --enable-soap --enable-sockets --with-sodium --with-password-argon2 --with-tidy --with-xsl --with-enchant --with-pspell --with-zip --with-ffi --enable-apcu --enable-brotli --with-libbrotli --with-imagick --with-ssh2 --with-gnupg --enable-rar --with-secp256k1 --enable-igbinary --with-msgpack -make -j $PROC_LIMIT install -make distclean -git reset --hard -ln -fs /usr/bin/php8.0 /usr/bin/php +ln -fs /usr/bin/php8.1 /usr/bin/php cd .. ldconfig diff --git a/var/www/common.php b/var/www/common.php index 8edd582..5d4f0e8 100644 --- a/var/www/common.php +++ b/var/www/common.php @@ -26,8 +26,8 @@ const ENABLE_SHELL_ACCESS=true; //allows users to login via ssh, when disabled o const ADMIN_PASSWORD='MY_PASSWORD'; //password for admin interface const SERVICE_INSTANCES=['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's']; //one character per instance - run multiple tor+php-fpm instances for load balancing, remove all but one instance if you expect less than 200 accounts. If tor starts using 100% cpu and failing circuits every few hours after a restart, add more instances. In my experience this happens around 250 hidden services per instance - run setup.php after change const DISABLED_PHP_VERSIONS=[]; //php versions still installed on the system but no longer offered for new accounts -const PHP_VERSIONS=[5 => '7.4', 6 => '8.0']; //currently active php versions -const DEFAULT_PHP_VERSION='8.0'; //default php version +const PHP_VERSIONS=[6 => '8.0', 7 => '8.1']; //currently active php versions +const DEFAULT_PHP_VERSION='8.1'; //default php version const PHP_CONFIG='zend_extension=opcache.so memory_limit = 256M error_reporting = E_ALL diff --git a/var/www/setup_chroot.sh b/var/www/setup_chroot.sh index 97e72b1..4d067f9 100755 --- a/var/www/setup_chroot.sh +++ b/var/www/setup_chroot.sh @@ -147,8 +147,8 @@ BINARIES_GENERAL=( 'od' 'openssl' 'paste' - 'php7.4' 'php8.0' + 'php8.1' 'pr' 'printenv' 'printf'