openhttpd?

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

openhttpd?

Jeremy C. Reed
OpenBSD's httpd is becoming more and more OpenBSD specific.

Anyone interested in making OpenBSD's httpd available for other Unix
systems?

I already am using 1.3.x, but would prefer to use OpenBSD's version. I
understand that it has improvements never committed upstream. And I see
that the code has been cleaned up a lot (but also became less portable in
some cases).

Anyone working on the so-called "openhttpd"?

What list should be used to discuss this?

 Jeremy C. Reed

echo 'I7@87944:;6<754372=9=?48812=7043:>' | tr '0-@' 'wutrofn mlkige.ca'

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd?

Theo de Raadt
> OpenBSD's httpd is becoming more and more OpenBSD specific.

I hope that is not the case.  Actually, I think it is not the case.
Yes, it uses some OpenBSD specific things which we have always
believed in, such as arc4random() because we think that cheap crypto
access should be cheaply accessible.  It uses strlcpy() and such, but
those are hardly OpenBSD-only these days.  I suspect in reality it
only relies on a very few OpenBSD-specific things, if any at all.

The problem is that most 'portable' code people wrote a decade or more
ago was totally silly constructions because they were also trying to
support some Unix operating systems which are now dead.  So quite a lot
of cleaning can be done to remove some of these old systems which noone
should run anymore (due to security risks, in particular).

Also, many standards that were weak at those times have solidified a
lot more, for instance, 64-bit off_t is hardly a surprising thing in
systems today.  I could probably rattle off about 10 other such things
which we have better ways to code to.

So the way most people solved this years ago was to abstract, then
abstract some more, then pour on some salt, some pepper, and a handful
more abstraction.

That makes code bigger, but hardly makes it better.  And often it has
made it worse.  There are problems in the languages we code in, and
the interfaces we deal with, and of course the failure-creating
side-effects that we become aware of from time to time, but some of
these things we do have to keep trying to find better -- AND SIMPLER
-- solutions to.  That's where quite a few open source projects fail.
They stop trying to make their code easier.  It gloms abstraction on
and they don't realize it is cancer.

> Anyone interested in making OpenBSD's httpd available for other Unix
> systems?

I bet it should be trivial to make it work.

> I already am using 1.3.x, but would prefer to use OpenBSD's version. I
> understand that it has improvements never committed upstream.

That is correct, they did not take them back.  Even when we were quite
clear that some things were security features.  There is also a
certain brilliance in how the chroot code automatically cuts-and-dices
all the paths, so that you don't need to change your configuration
files between chroot & non-chroot mode, but that was not bought back
either as I understand.

> And I see
> that the code has been cleaned up a lot (but also became less portable in
> some cases).

Would love to know specific examples, and then they need to get fixed.
This is hardly a daemon that deals with ptys, or ipsec, or weird APIs
that vary system to system.  Instead, most of what is going away is the
"#ifdef / configure creates portability which does not exist otherwise".
Which is a total lie.  Lots of things can be very portable, very easily.

> Anyone working on the so-called "openhttpd"?
>
> What list should be used to discuss this?

I don't think making an Open* project out of everything is worthwhile.
I mean, there's gobs of local modifications and improvements in the
various components in OpenBSD, and that would be far from my first
pick :)

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd?

Henning Brauer-5
* Theo de Raadt <[hidden email]> [2006-03-31 10:41]:
> > OpenBSD's httpd is becoming more and more OpenBSD specific.
> I hope that is not the case.  Actually, I think it is not the case.

it isn't, really.

> The problem is that most 'portable' code people wrote a decade or more
> ago was totally silly constructions because they were also trying to
> support some Unix operating systems which are now dead.

in this specific case it is even worse.
Not only they tried to support som obscure unix operating systems.
They also tried to support totally non-Unix OSes, like Netware an
Windows.

> > Anyone interested in making OpenBSD's httpd available for other Unix
> > systems?
> I bet it should be trivial to make it work.

I agree.

> > I already am using 1.3.x, but would prefer to use OpenBSD's version. I
> > understand that it has improvements never committed upstream.
> That is correct, they did not take them back.  Even when we were quite
> clear that some things were security features.  There is also a
> certain brilliance in how the chroot code automatically cuts-and-dices
> all the paths, so that you don't need to change your configuration
> files between chroot & non-chroot mode, but that was not bought back
> either as I understand.

some completely trivial fixes inside #ifdef OpenBSD were bought back.
nothing of the nontrivial stuff was bought back.
not one fix.
nothing.

> > And I see
> > that the code has been cleaned up a lot (but also became less portable in
> > some cases).
> Would love to know specific examples, and then they need to get fixed.

it should not have gotten less portable at all lately as long as we
talk about unix systems..

> > Anyone working on the so-called "openhttpd"?
> >
> > What list should be used to discuss this?
>
> I don't think making an Open* project out of everything is worthwhile.
> I mean, there's gobs of local modifications and improvements in the
> various components in OpenBSD, and that would be far from my first
> pick :)

I have no interest whatsover in forming an OpenHTTPD project from the
httpd code we have now.

--
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

Steffen Wendzel
In reply to this post by Theo de Raadt
hmm... 3rd try. i am too stupid to send mails to the right destination
today :-( sorry for posting this at misc@.

how about an openNNTPd? INNd is a monster and hard to configure.

steffen

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

Darrin Chandler
Steffen Wendzel wrote:

>hmm... 3rd try. i am too stupid to send mails to the right destination
>today :-( sorry for posting this at misc@.
>
>how about an openNNTPd? INNd is a monster and hard to configure.
>  
>

Somehow I think that might be even lower on the list than openhttpd. I
quit running nntp servers about 10 years ago, and I'm pretty happy about
that. ;)

--
Darrin Chandler            |  Phoenix BSD Users Group
[hidden email]   |  http://bsd.phoenix.az.us/
http://www.stilyagin.com/  |

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd?

K Kadow
In reply to this post by Henning Brauer-5
On 3/31/06, Henning Brauer <[hidden email]> wrote:
> I have no interest whatsover in forming an OpenHTTPD project from the
> httpd code we have now.

Would it be acceptable to submit diffs wrapping OpenBSD-specific code with
#ifdef __OpenBSD__

Kevin

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

Philip Guenther-2
In reply to this post by Steffen Wendzel
On 4/1/06, Steffen Wendzel <[hidden email]> wrote:
> how about an openNNTPd? INNd is a monster and hard to configure.

Have the INN maintainers refused your patch to fix that?

Is the INN license unacceptable in some fashion and have the
maintainers refused to address that?

Have your attempts to secure, fix, or enhance the INN code base been
hindered by poor design  and direction and the maintainers have been
unwilling to accept patches to fix those defects?


If the answer to all three of those is "no" or "I haven't tried that",
then what's to be gained *by the OpenBSD team* in forking the code
base (ala OpenSSH and the httpd in OpenBSD) or creating a new one (ala
OpenBGPd)?

(Why do many people act like creating a new OpenFOO is a weekend hack
with no _continuing_ costs?  I'm not involved in any of them but it's
obvious to me from the open source maintainence I did in the past that
these things require a *lot* of _sustaining_ effort by developers and
that it's only their continual interest the code that matters.)


Philip Guenther

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

K Kadow
In reply to this post by Darrin Chandler
On 4/1/06, Darrin Chandler <[hidden email]> wrote:
> Steffen Wendzel wrote:
> >how about an openNNTPd? INNd is a monster and hard to configure.

I'm not sure how to take this suggesting, being that it's April 1st and all...


> Somehow I think that might be even lower on the list than openhttpd.

DJB has already done httpd, maybe you can convince him to take on NNTP next :)

Speaking of Prof. Bernstein, how about an Open equivalent of mini-qmail,
or a minimalist reimplementation of sendmail+localhost.cf?

Kevin

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

Henning Brauer-5
In reply to this post by Steffen Wendzel
* Steffen Wendzel <[hidden email]> [2006-04-01 10:57]:
> how about an openNNTPd? INNd is a monster and hard to configure.

sure, let us know when you have the code done

--
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Reply | Threaded
Open this post in threaded view
|

Re: openhttpd? -> opennntpd

Steffen Wendzel
I will start working on such a code if this isn't a joke. I already wrote an
nntpd to learn how NNTP works last year but I would write a better one because
the old cdpNNTPd does not support the full protocol, its database is bad.

steffen

On Sat, 1 Apr 2006 15:43:01 +0200 Henning Brauer <[hidden email]> wrote:

: * Steffen Wendzel <[hidden email]> [2006-04-01 10:57]:
: > how about an openNNTPd? INNd is a monster and hard to configure.
:
: sure, let us know when you have the code done
:
: --
: BS Web Services, http://www.bsws.de/
: OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
: Unix is very simple, but it takes a genius to understand the simplicity.
: (Dennis Ritchie)