[Pkg-rust-maintainers] Bug#921989: ITP: sozu -- a fast, reliable, hot reconfigurable HTTP reverse proxy

Nicolas Braud-Santoni nicoo at debian.org
Sun Feb 10 23:10:19 GMT 2019


Package: wnpp
Severity: wishlist
Owner: Nicolas Braud-Santoni <nicoo at debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

* Package name    : sozu
  Version         : 0.11.0
  Upstream Author : Geoffroy Couprie <geo.couprie at gmail.com>
* URL             : http://sozu.io
* License         : AGPL-3.0
  Programming Lang: Rust
  Description     : a fast, reliable, hot reconfigurable HTTP reverse proxy


Its authors intend it to be “the most reliable reverse proxy ever”:

- - it should never crash (currently fixing the remaining panics)
- - you should not need to restart it
  - it can receive configuration changes from a unix socket at runtime
  - it should be able to upgrade without any downtime
- - it should not have exploitable memory errors
  - even if it has one, workers will be sandboxed
- - you set up a limit on the number of concurrent connections to a worker
  - the reverse proxy will refuse new connections over that limit,
    instead of requesting unavailable resources like memory


Moreover, HTTP frontends currently-available in Debian are either fairly
low-performance, or written in languages that do not guarantee memory safety,
making them a never-ending source of remotely-exploitable bugs.

As such, I believe sozū fills a gap within Debian's package ecosystem.


I intent to package it, and its various components, as part of the Debian Rust
team, and maybe get involved in upstream development (author in X-Debbugs-CC).


Best,

  nicoo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAlxgr1gRHG5pY29vQGRl
Ymlhbi5vcmcACgkQ5vmO4pLV7MsH4A//SuqK/mo7Y3CliIM80Lyo6m6kmYOCUtpz
eGfVAXFiR+BjvyjitVHk0NZBK7Jx0qzuA4rUc2rwJKXW+QFQCcsdXo2elkJLp1+V
ZMRHZnfuOH76iSZYdS6Kupg6PqRh5YEZzBWmS/UaBcT8HtFaI2HAj0PBbvsvYCZB
G8zQc/bnDHfPhff/1qH13yKiegsDlCFrkyyyAJtmSqMx1jM7JT7zNsOomYBgdzqs
e6m4MOqPqreFa7Cn4tDiGBK4wTQ4I21Yly9mOzvRezR4uIUNJe/jTn5U80tp5KGf
ipLFlNI1AQcVzBn5fh+eaVht1YymwNP0y7afYloEJRDRKAj7V66k8vhbWSOCNI7S
ulthOW7Yez/caTPj+9Y9E1LAh7vouPY54ECkl8MxcGtcVhxj0ztIsjrbNZTJVhn9
Rw0HOnHI9XT6qhPTzJqHVDF2fJ9NLFmy2bH56O34X/ZW2DcMoIJbvJo+vg1khHe/
8t1bzjVEb6OEPFzYNhqL7MbBs6MymSxGUN37jVvYE5LPSOamEo1BB/fTLDBbvi1A
CKkhnfkjnFuAGior7TPhMOLtklDav70e+RGlq1tdkSOWca3ifk/wEsSxfZmKCCgP
QdA6vWDT1MT6NdieXY4mOjNNkeXw3bWvATo8f5OsIUhEF/LdvdEgjFdvFkv2Edv9
JJzCw5X3Is0=
=iP16
-----END PGP SIGNATURE-----


More information about the Pkg-rust-maintainers mailing list