OpenBSD's Custom HTTP Web Server Is Set To Replace Nginx
With the upcoming release of OpenBSD 5.7 in May, nginx is being removed from the OpenBSD base package set in favor of using OpenBSD's own, home-grown web-server by default.
OpenBSD developers since last year have taken to developing their own web server simply dubbed "httpd." While Apache and nginx have been within OpenBSD 5.7 base over the years, the developers took to writing their own web server. With last year's release of OpenBSD 5.6 the httpd server was initially added, but nginx remained present, though that's changing for the May release of OpenBSD 5.7.
With OpenBSD being a BSD distribution focused hugely on delivering the best security possible, one of the reasons for writing their httpd server is for improving the code security and quality. Prior to writing their own web-server, they tried patching nginx to make use of OpenBSD's newer/safer APIs, but that code was rejected by upstream nginx.
OpenBSD httpd is designed to be a simple and secure web server with just supporting "important" features like serving static files, FastCGI support, proper TLS, and providing core functionality. The current httpd code-base amounts to around 10,000 lines of code.
Other basic features of this new HTTP server include logging, blocking, reloading configurations without service interruption, vitual server support, and TLS via LibreSSL. The OpenBSD developers working on the project feel that this httpd server is almost finished but over the years ahead will require work to make it perfect -- by adding greater security and more features.
Reyk Flöter presented on OpenBSD httpd at AsiaBSDCon 2015 in Tokyo last week. Those wanting to learn more can see his PDF slides. OpenBSD 5.7 is planned for its official release on 1 May.
OpenBSD developers since last year have taken to developing their own web server simply dubbed "httpd." While Apache and nginx have been within OpenBSD 5.7 base over the years, the developers took to writing their own web server. With last year's release of OpenBSD 5.6 the httpd server was initially added, but nginx remained present, though that's changing for the May release of OpenBSD 5.7.
With OpenBSD being a BSD distribution focused hugely on delivering the best security possible, one of the reasons for writing their httpd server is for improving the code security and quality. Prior to writing their own web-server, they tried patching nginx to make use of OpenBSD's newer/safer APIs, but that code was rejected by upstream nginx.
OpenBSD httpd is designed to be a simple and secure web server with just supporting "important" features like serving static files, FastCGI support, proper TLS, and providing core functionality. The current httpd code-base amounts to around 10,000 lines of code.
Other basic features of this new HTTP server include logging, blocking, reloading configurations without service interruption, vitual server support, and TLS via LibreSSL. The OpenBSD developers working on the project feel that this httpd server is almost finished but over the years ahead will require work to make it perfect -- by adding greater security and more features.
Reyk Flöter presented on OpenBSD httpd at AsiaBSDCon 2015 in Tokyo last week. Those wanting to learn more can see his PDF slides. OpenBSD 5.7 is planned for its official release on 1 May.
11 Comments