August 2014

Compile Lighttpd with LibreSSL

As LibreSSL is gaining popularity you might want to switch your compiled Lighttpd version with one that uses LibreSSL for your https.

Tested on Debian Squeeze, but should work on Wheezy/Ubuntu in a similar way.

Prerequisites

$ sudo apt-get install make gcc libev-dev libpcre3-dev zlib1g-dev libbz2-dev gamin libgamin-dev liblua5.1-0-dev
$ wget
http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.35.tar.gz
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.0.5.tar.gz
$ tar xvfz libressl-2.0.5.tar.gz && tar xvfz lighttpd-1.4.35.tar.gz

Compile & Install LibreSSL

We are installing it in a non-standard path so it won’t interfer with your existing openssl/libssl(-dev)

$ cd libressl-2.0.5
$ ./configure --prefix=/opt/libressl
$ make
$ sudo make install

Verify the LibreSSL Installation

$ /opt/libressl/bin/openssl version
LibreSSL 2.0

Compile Lighttpd with LibreSSL

$ cd ../lighttpd-1.4.35
$ wget https://gist.github.com/lifeofguenter/7ef3fe9e089fcb24baed/raw/316108a350f69d622c17d0801cc429388cf36cef/lighttpd-libressl.patch
$ patch -p1 < lighttpd-libressl.patch
$ ./configure
--prefix=/usr
--sysconfdir=/etc
--localstatedir=/var
--with-libev
--with-pcre
--with-zlib
--with-bzip2
--with-fam
--with-lua
--with-openssl=/opt/libressl
$ make
$ sudo make install

Verify the Lighttpd Installation

$ lighttpd -v
lighttpd/1.4.35 (ssl) - a light and fast webserver
Build-Date: Aug 11 2014 12:54:04

Please have a look at the following URLs for further Documentation on configuring Lighttpd + SSL:

Parallel/Asynchronous DNS resolving in PHP

In PHP one key for a scalable and performant web application is parallelism, whenever and wherever possible, even if you use queues. The most popular usage of parallelism in PHP is probably curl_multi_*.
In this post I will show you how to do multiple DNS requests lightning fast with two different approaches / PHP extensions.

In both cases the DNS requests are done asynchronously, meaning even with multiple requests the whole process will only take as long as the longest request takes (in theory).

PHP’s internal DNS functions rely on resolv.conf and in most cases it is not heavily optimized, defaulting to a rather long timeout of 5 seconds.
So even if you are only needing single DNS lookups both extensions might still be interesting as you can dynamically change the behavior of that, which what PHP is all about, or?

pecl-ares

pecl-ares offers PHP bindings for the c-ares library (affiliated with cURL).
I was happy that Michael Wallner (you might know him for pecl-http) offered help to revive the code, as it has not had a release since 4 years. So to get it running with the current c-ares version and a modern system, you should have a look at its git.
pecl-ares also allows the usage of callbacks which might be useful for certain scenarios.

Installation (assuming php-fpm)

$ sudo apt-get install libc-ares-dev php5-dev
$ git clone https://git.php.net/repository/pecl/networking/ares.git php-ares
$ cd php-ares
$ phpize
$ ./configure
$ make
$ sudo make install
$ sudo echo "extension=ares.so" > /etc/php5/mods-available/ares.ini
$ sudo php5enmod ares

Usage

It does not offer yet any documentation, but the source code is easy to understand, so anyways here is an example:

<?php

$ares = ares_init([
'timeoutms' => 2000,
'tries' => 1,
//'udp_port' => 53,
//'tcp_port' => 53,
'servers' => ['8.8.8.8'],
'flags' => ARES_FLAG_NOALIASES|ARES_FLAG_NOSEARCH,
]);

$q = [];
$q[] = ares_query($ares, null, 'www.lifeofguenter.de', ARES_T_A);
$q[] = ares_query($ares, null, 'lifeofguenter.de', ARES_T_A);

do {
$n = ares_fds($ares, $r, $w);
ares_select($r, $w, 100);
ares_process($ares, $r, $w);
} while ($n);

foreach ($q as $query) {
var_dump(ares_result($query, $errno, $errstr));
}

ares_destroy($ares);
unset($ares);

php-rdns

php-rdns offers OOP PHP bindings for librdns (same guy behind rspamd) and uses libev for event looping. “We” recently developed it for a client of ours and released it as open source. It is highly simplified and some things might not yet be implemented or working correctly, but if you are interested we are always happy to see a pull request. Initial development was done by Alexander Solovets and later bug-fixing by Eduardo Silva (lead dev/founder of monkey webserver).

Installation (assuming php-fpm)

$ sudo apt-get install libev-dev php5-dev
$ wget https://github.com/weheartwebsites/php-rdns/releases/download/v0.1.1/rdns-0.1.1.tgz
$ tar xvfz rdns-0.1.1.tgz
$ cd rdns-0.1.1/
$ phpize
$ ./configure
$ make
$ sudo make install
$ sudo echo "extension=rdns.so" >> /etc/php5/mods-available/rdns.ini
$ sudo php5enmod rdns
$ /etc/init.d/php-fpm restart

Usage

(full  documentation on GitHub)

<?php

$rdns = new RDNS;
$rdns->addServer('8.8.8.8');

$rdns->addRequest('www.lifeofguenter.de', RDNS_A, 2);
$rdns->addRequest('lifeofguenter.de', RDNS_A, 2);
$replies = $rdns->getReplies();
ksort($replies);

var_dump($replies);
unset($rdns);

You might also be interested in ReactPHP or swoole, which are event-driven solutions to this problem.

The Rise and Fall of PHPclasses

I started playing around with PHP somewhere between 1999 and 2000 which does not necessarily make me a good PHP developer, but I have seen a lot of PHP History. One of them is PHPclasses, which existed way before GitHub, Packagist and all the Fanboying in the PHP community.

It was my go to destination for PHP libraries as I had a early dislike for PEAR (for no real reason) and there was no real alternative (except maybe SF). I even “contributed” a shitty class (SOCKS5 Client) in 2008 (did a modernization on GitHub), but even though PHPclasses was in my bookmarks (and I occasionally stumbled on it via Google) it was always very annoying to use:

  • forced registration to view source code
  • some great talented developers, but also a lot of low quality “libraries” (usually mixed up with hardcoded HTML)
  • nothing against advertisement, but the placement combined with the “layout” did not make it fun to browse
  • shitty layout was shitty back then (even then it felt like from the 80s), the recent relaunch still feels like from the 80s, but with more graphics
  • no repository
  • mainly something like “one author = one library” as opposed to “collaboration” which you will often find on GitHub

Today Phil Sturgeon, whom I had the pleasure to meet at the PHP mini conference in Cape Town this year (no idea who he was before that, but funny outgoing guy, and seems to know more about PHP programming than I do) started a wave that many of us developers were not saying out loud:

PHPclasses.org sucks!

Do me a favour. Tweet this way with your opinion; A) You use and love @PHPclasses. B) You wish it would fuck the fuck off. C) Other.
— Phil Sturgeon (@philsturgeon) August 4, 2014

The response on Twitter is huge, and you can most probably guess which answer was voted most.

Funny enough Manuel Lemos decided to chip in, turns out he sucks* as well. Very stubborn and failing to acknowledge feedback, he still insists that forcing user registration for viewing source code is the right thing to do.
Sites like GitHub actually give a perfect example that you can perfectly have guests view source code and only force registration for “ratings” or “subscribtions”. And there is not less “fame” for the developers.

@philsturgeon That is your opinion and it is OK for you to disagree with the other near 1.3 million registered users of @phpclasses .
— Manuel Lemos (@manuellemos) August 4, 2014

Anyhow, the same reason why PHP: The Right Way should be preferred over old sites like tizag or tutorialspoint, if you are new to PHP, please do not go to PHPclasses.org but use Packagist (you do not even need to use composer) or GitHub to find useful PHP libraries that will help you accelerate development on your next project.

I do hope PHPclasses.org will get a grip and do a massive relaunch, but I doubt someone as stubborn as Manuel can pull it off. The decline of his Alexa Ranking should indicate that “the-PHPclasses-Way” will not last forever.

*Update: Matthias Noback noted in the comments that it sounded mean. I just wanted to clarify: this should not be a personal attack on ML, as I do not know him personally. So “he sucks” is my professionally (and simplified) opinion about him. “Annoying” is what I would consider him personally (after some twitter chats).