• P. Lefevre (8/8) Jun 25 2012 For those interested in web development, GWAN is a VERY fast web
• Andrea Fontana (4/12) Jun 25 2012 D.annunce newsgroup fits better :)
• Eric R. Schulz (ers35) (7/10) Jun 25 2012 There is an example at "0.0.0.0_8080/#0.0.0.0/csp/hello.d_" in
• Andrea Fontana (13/24) Jun 25 2012 It's just an import of two extern(C) functions.
• Eric R. Schulz (ers35) (4/5) Jun 25 2012 G-WAN exports a C API and D supports calling C functions.
• Andrea Fontana (12/17) Jun 25 2012 Using C plain api it's not a good way to use D power IMHO :)
• Eric R. Schulz (ers35) (1/3) Jun 25 2012
• Timon Gehr (4/12) Jun 25 2012 Actually it gives 16 because sizeof gives the size of
• Dejan Lekic (3/23) Jun 26 2012 xbuf_ncat is a C function, you can't give it a D string just like
• Andrea Fontana (4/33) Jun 27 2012 It's exactly what I was trying to point out. That example (that i
• Timon Gehr (2/4) Jun 27 2012 Yes you can. String literals are zero terminated.
• Caligo (5/11) Jun 25 2012 I don't know much about web servers, but is it really the only web
• Eric R. Schulz (ers35) (5/12) Jun 25 2012 See [1] for details on how to run your own benchmark.
• Bernard Helyer (3/11) Jun 25 2012 Penguins can't fly. Ergo, GWAN makes false claims. QED.
• P. Lefevre (28/30) Jun 26 2012 ???
• Timon Gehr (2/10) Jun 26 2012 No, he remarks that penguins can't fly. Literally.
• Dmitry Olshansky (6/12) Jun 25 2012 Damn, I had to test it. My shitty vbox gives me about 13k RPS on ~ 10Kb
• Dejan Lekic (4/12) Jun 26 2012 I have no intention even to try something that is not open-source
• Anonymous (10/24) Jun 26 2012 I am posting anonymously to protect my identity.
• Dmitry Olshansky (13/37) Jun 26 2012 Have to say, that being anonymous *and* posting vague accusations with
• Dejan Lekic (10/13) Jun 27 2012 I do not know to whom you directed this at - but in my post I did
• Dmitry Olshansky (17/29) Jun 27 2012 Am I the only one to see this post:
• Eric R. Schulz (ers35) (1/2) Jun 27 2012
• SomeDude (6/55) Jul 01 2012 OTOH, it seems to me that a web server that relies on C for
• SomeDude (4/9) Jul 01 2012 And judging by the discussion below the blog post, the author (if
• Dmitry Olshansky (25/34) Jul 01 2012 Yes, it's one things I don't like about it - apparently GWAN would crash...
• SomeDude (12/42) Jul 01 2012 What I meant was, the author of G-WAN boasts high performance
• Dmitry Olshansky (23/49) Jul 01 2012 No big wonder here. But you miss important point - it's fast not because...

"P. Lefevre" <pascal.lefevre yahoo.fr> writes:

For those interested in web development, GWAN is a VERY fast web 
server (Linux only) which allow development of dynamic pages in 
C, C++, Objective-C, Objective-C++, and D (since january this 
year) !

see http://gwan.ch/

NB: the perf benchmark on this site seems incredible, but try 
yourself ...
I did it and I'm convinced.

"Andrea Fontana" <nospam example.com> writes:

D.annunce newsgroup fits better :)

However I can't find any example/sdk for D pages...
Neither in tarball I see in download section.

On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast 
 web server (Linux only) which allow development of dynamic 
 pages in C, C++, Objective-C, Objective-C++, and D (since 
 january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try 
 yourself ...
 I did it and I'm convinced.

"Eric R. Schulz (ers35)" <ersmail gmail.com> writes:

the tarball. To use it, install GDC and rename "hello.d_" to 
"hello.d".

You may have difficulties depending on the version of GDC you 
use. I do not recall which version is supported. I will find out 
and make another reply.

On Monday, 25 June 2012 at 10:42:36 UTC, Andrea Fontana wrote:
 D.annunce newsgroup fits better :)

 However I can't find any example/sdk for D pages...
 Neither in tarball I see in download section.

"Andrea Fontana" <nospam example.com> writes:

It's just an import of two extern(C) functions.
I read:

extern (C) // could anyone translate the whole gwan.h file?
{
    void *get_reply(char[][]);
    char *xbuf_ncat(void *, char *, uint);
}

And then:

xbuf_ncat(get_reply(argv), "Hello World (D)", "Hello World 
(C)".sizeof - 1);

Maybe they should give a better support for D language...


On Monday, 25 June 2012 at 11:08:06 UTC, Eric R. Schulz (ers35) 
wrote:

 the tarball. To use it, install GDC and rename "hello.d_" to 
 "hello.d".

 You may have difficulties depending on the version of GDC you 
 use. I do not recall which version is supported. I will find 
 out and make another reply.

 On Monday, 25 June 2012 at 10:42:36 UTC, Andrea Fontana wrote:
 D.annunce newsgroup fits better :)

 However I can't find any example/sdk for D pages...
 Neither in tarball I see in download section.

"Eric R. Schulz (ers35)" <ersmail gmail.com> writes:

G-WAN exports a C API and D supports calling C functions.

In what way could G-WAN better support D?

Perhaps reading the G-WAN manual would help to explain: 
http://gwan.ch/archives/gwan_linux.pdf

 Maybe they should give a better support for D language...

"Andrea Fontana" <nospam example.com> writes:

Using C plain api it's not a good way to use D power IMHO :)

xbuf_ncat(get_reply(argv), "Hello World (D)", "Hello World 
(C)".sizeof - 1);

Probably this example doesn't work properly.
On my machine writeln("1234".sizeof);  gives "16" because of 
UTF-8.
So "1234".sizeof - 1 is 15.

AFAIK D strings are not null-terminated (are they?) and i guess 
that line of code won't work.

Encapsulate code with classes/template/etc would be a good idea.

On Monday, 25 June 2012 at 13:29:59 UTC, Eric R. Schulz (ers35) 
wrote:
 G-WAN exports a C API and D supports calling C functions.

 In what way could G-WAN better support D?

 Perhaps reading the G-WAN manual would help to explain: 
 http://gwan.ch/archives/gwan_linux.pdf

 Maybe they should give a better support for D language...

"Eric R. Schulz (ers35)" <ersmail gmail.com> writes:

True. I will investigate writing a D wrapper for the C API.

 Using C plain api it's not a good way to use D power IMHO :)
 Encapsulate code with classes/template/etc would be a good idea.

Timon Gehr <timon.gehr gmx.ch> writes:

On 06/25/2012 03:42 PM, Andrea Fontana wrote:
 Using C plain api it's not a good way to use D power IMHO :)

 xbuf_ncat(get_reply(argv), "Hello World (D)", "Hello World (C)".sizeof -
 1);

 Probably this example doesn't work properly.
 On my machine writeln("1234".sizeof); gives "16" because of UTF-8.

Actually it gives 16 because sizeof gives the size of
immutable(char)[]. length would give the correct length in this case.

 So "1234".sizeof - 1 is 15.

 AFAIK D strings are not null-terminated (are they?)

String literals are, but that does not affect their length.

 and i guess that line of code won't work.

"Dejan Lekic" <dejan.lekic gmail.com> writes:

xbuf_ncat is a C function, you can't give it a D string just like 
that - you must use std.string.toStringz() ...

On Monday, 25 June 2012 at 13:42:39 UTC, Andrea Fontana wrote:
 Using C plain api it's not a good way to use D power IMHO :)

 xbuf_ncat(get_reply(argv), "Hello World (D)", "Hello World 
 (C)".sizeof - 1);

 Probably this example doesn't work properly.
 On my machine writeln("1234".sizeof);  gives "16" because of 
 UTF-8.
 So "1234".sizeof - 1 is 15.

 AFAIK D strings are not null-terminated (are they?) and i guess 
 that line of code won't work.

 Encapsulate code with classes/template/etc would be a good idea.

 On Monday, 25 June 2012 at 13:29:59 UTC, Eric R. Schulz (ers35) 
 wrote:
 G-WAN exports a C API and D supports calling C functions.

 In what way could G-WAN better support D?

 Perhaps reading the G-WAN manual would help to explain: 
 http://gwan.ch/archives/gwan_linux.pdf

 Maybe they should give a better support for D language...

"Andrea Fontana" <nospam example.com> writes:

It's exactly what I was trying to point out. That example (that i 
found inside tarball!) is wrong... And using D as plain C-Wrapper 
it's not fun...

On Tuesday, 26 June 2012 at 16:49:11 UTC, Dejan Lekic wrote:
 xbuf_ncat is a C function, you can't give it a D string just 
 like that - you must use std.string.toStringz() ...

 On Monday, 25 June 2012 at 13:42:39 UTC, Andrea Fontana wrote:
 Using C plain api it's not a good way to use D power IMHO :)

 xbuf_ncat(get_reply(argv), "Hello World (D)", "Hello World 
 (C)".sizeof - 1);

 Probably this example doesn't work properly.
 On my machine writeln("1234".sizeof);  gives "16" because of 
 UTF-8.
 So "1234".sizeof - 1 is 15.

 AFAIK D strings are not null-terminated (are they?) and i 
 guess that line of code won't work.

 Encapsulate code with classes/template/etc would be a good 
 idea.

 On Monday, 25 June 2012 at 13:29:59 UTC, Eric R. Schulz 
 (ers35) wrote:
 G-WAN exports a C API and D supports calling C functions.

 In what way could G-WAN better support D?

 Perhaps reading the G-WAN manual would help to explain: 
 http://gwan.ch/archives/gwan_linux.pdf

 Maybe they should give a better support for D language...

Timon Gehr <timon.gehr gmx.ch> writes:

On 06/26/2012 06:49 PM, Dejan Lekic wrote:
 xbuf_ncat is a C function, you can't give it a D string just like that -
 you must use std.string.toStringz() ...

Yes you can. String literals are zero terminated.

Caligo <iteronvexor gmail.com> writes:

I don't know much about web servers, but is it really the only web
server "able to scale on multi-core CPUs"??  I've played around with
Yesod/Warp and I was under the impression that it's one of the
fastest.  http://www.yesodweb.com/blog/2011/03/preliminary-warp-cross-language-benchmarks

On Mon, Jun 25, 2012 at 5:17 AM, P. Lefevre <pascal.lefevre yahoo.fr> wrote:
 For those interested in web development, GWAN is a VERY fast web server
 (Linux only) which allow development of dynamic pages in C, C++,
 Objective-C, Objective-C++, and D (since january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try yourself ...
 I did it and I'm convinced.

"Eric R. Schulz (ers35)" <ersmail gmail.com> writes:

See [1] for details on how to run your own benchmark.

It would be interesting to compare Warp and G-WAN using both of 
their provided benchmark tests.

[1]http://forum.gwan.com/index.php?p=/discussion/525/nginx1.0.6-vs-lighttpd1.4.29-vs-g-wan2.9.30-rpscpuram

On Monday, 25 June 2012 at 15:09:58 UTC, Caligo wrote:
 I don't know much about web servers, but is it really the only 
 web
 server "able to scale on multi-core CPUs"??  I've played around 
 with
 Yesod/Warp and I was under the impression that it's one of the
 fastest.  
 http://www.yesodweb.com/blog/2011/03/preliminary-warp-cross-language-benchmarks

"Bernard Helyer" <b.helyer gmail.com> writes:

On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast 
 web server (Linux only) which allow development of dynamic 
 pages in C, C++, Objective-C, Objective-C++, and D (since 
 january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try 
 yourself ...
 I did it and I'm convinced.

Penguins can't fly. Ergo, GWAN makes false claims. QED.

This logic shit is easy. :P

"P. Lefevre" <pascal.lefevre yahoo.fr> writes:

On Monday, 25 June 2012 at 18:31:53 UTC, Bernard Helyer wrote:
 Penguins can't fly. Ergo, GWAN makes false claims. QED.

 This logic shit is easy. :P

???
Do you mean Windows is faster than Linux ?
Or are you speaking about Freebsd/NetBsd/SunOs, ...

The choice made by gwan are the same than those of Vibe
- 1 thread/core
- aync IO + a blocking api (thanks to Fiber for Vibe)
- dynamic page in a low level language ( C vs D )

the MAIN difference:
- Vibe is a library ! If you develop a site with it you must 
reompile in case of change.
- Gwan C applets are automatically recompiled on-the-fly in case 
of change
   NB: this could be done in Vibe ... may-be easier than the 
load-balancer approach.

By the way, I like the approach of Yeoseod benchmark: create a 
script to install, run and analyse tests on an EC2 instance. Thus 
easily reproductible by (almost) everyone !

May be someone should update this test
- add NGinx, Gwan, Vibe, ...
- use also a micro instance
- transfert small file (1K), big file (1MB), dynamic page (hello 
world), real stuff ex: gwan loan page (CPU intensive, thus 
obviously good for C and D)

I think this test could become THE comparison test such as 
http://shootout.alioth.debian.org/ is THE comparison test for 
languages...

Unfortunately, I haven't access to an EC2 instance :-(

Timon Gehr <timon.gehr gmx.ch> writes:

On 06/26/2012 02:55 PM, P. Lefevre wrote:
 On Monday, 25 June 2012 at 18:31:53 UTC, Bernard Helyer wrote:
 Penguins can't fly. Ergo, GWAN makes false claims. QED.

 This logic shit is easy. :P

 ???
 Do you mean Windows is faster than Linux ?
 Or are you speaking about Freebsd/NetBsd/SunOs, ...
 ...

No, he remarks that penguins can't fly. Literally.

Dmitry Olshansky <dmitry.olsh gmail.com> writes:

On 25-Jun-12 14:17, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast web server
 (Linux only) which allow development of dynamic pages in C, C++,
 Objective-C, Objective-C++, and D (since january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try yourself ...
 I did it and I'm convinced.

Damn, I had to test it. My shitty vbox gives me about 13k RPS on ~ 10Kb 
script generated files. I've never had more then ~5k with Lighty on 
static files. Pure awesomeness.

-- 
Dmitry Olshansky

"Dejan Lekic" <dejan.lekic gmail.com> writes:

On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast 
 web server (Linux only) which allow development of dynamic 
 pages in C, C++, Objective-C, Objective-C++, and D (since 
 january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try 
 yourself ...
 I did it and I'm convinced.

I have no intention even to try something that is not open-source 
nowadays. It looks nice though, but I will never trust something 
that is not open-sourced...

"Anonymous" <anonymous example.com> writes:

On Tuesday, 26 June 2012 at 16:58:25 UTC, Dejan Lekic wrote:
 On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast 
 web server (Linux only) which allow development of dynamic 
 pages in C, C++, Objective-C, Objective-C++, and D (since 
 january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try 
 yourself ...
 I did it and I'm convinced.

 I have no intention even to try something that is not 
 open-source nowadays. It looks nice though, but I will never 
 trust something that is not open-sourced...

I am posting anonymously to protect my identity.

You are right to be suspicious of G-Wan. Regardless of the merits 
of the software itself, its author is known for his aggressive 
propaganda of G-Wan, including attempts to cover up serious past 
security vulnerabilities.

Have a look here to get an understanding of how far this goes:

http://www.wikivs.com/index.php?title=G-WAN_vs_Nginx&action=history

More info:

http://weblambdazero.blogspot.com/2011/09/human-factor.html

Dmitry Olshansky <dmitry.olsh gmail.com> writes:

On 27-Jun-12 00:24, Anonymous wrote:
 On Tuesday, 26 June 2012 at 16:58:25 UTC, Dejan Lekic wrote:
 On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast web
 server (Linux only) which allow development of dynamic pages in C,
 C++, Objective-C, Objective-C++, and D (since january this year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try
 yourself ...
 I did it and I'm convinced.

 I have no intention even to try something that is not open-source
 nowadays. It looks nice though, but I will never trust something that
 is not open-sourced...

 I am posting anonymously to protect my identity.

Have to say, that being anonymous *and* posting vague accusations with 
kind of strange proof links BTW all it talks about is "GWAN is not 
open-source and thus it's bullshit ...".
Then it lists some security bugs in old version of GWAN that was then 
hidden from downloads (and for obvious reasons if you ask me).

 You are right to be suspicious of G-Wan. Regardless of the merits of the
 software itself, its author is known for his aggressive propaganda of
 G-Wan, including attempts to cover up serious past security
 vulnerabilities.

Hm, yet I never heard about G-WAN at all until somebody brought it up in 
the NG.

 Have a look here to get an understanding of how far this goes:

 http://www.wikivs.com/index.php?title=G-WAN_vs_Nginx&action=history

 More info:

 http://weblambdazero.blogspot.com/2011/09/human-factor.html

This in fact it contains a bunch of accusations of it's own.
It's not like I should have posted all this (everybody knows better then 
to trust anonymous blindly etc.) but just could not resist.

-- 
Dmitry Olshansky

"Dejan Lekic" <dejan.lekic gmail.com> writes:

 accusations with kind of strange proof links BTW all it talks 
 about is "GWAN is not open-source and thus it's bullshit ...".
 Then it lists some security bugs in old version of GWAN that

I do not know to whom you directed this at - but in my post I did 
not say anything like that. It is simply a personal policy - I do 
not trust closed-source programs, and tend to use a minimal set 
of them at work (typically in Windows environment). On Linux I 
exclusively use open-source applications. I do not want to 
participate in discussions about G-Wan's developers, and their 
way of dealing with the community and problems. G-Wan seems a 
nice product but I will never recommend it to anyone. Company I 
work for will certainly not use it, I can tell you that straight 
away. :)

Dmitry Olshansky <dmitry.olsh gmail.com> writes:

On 27-Jun-12 13:03, Dejan Lekic wrote:
 accusations with kind of strange proof links BTW all it talks about is
 "GWAN is not open-source and thus it's bullshit ...".
 Then it lists some security bugs in old version of GWAN that

 I do not know to whom you directed this at - but in my post I did not
 say anything like that.

Am I the only one to see this post:
quote:

I am posting anonymously to protect my identity.

You are right to be suspicious of G-Wan. Regardless of the merits of the 
software itself, its author is known for his aggressive propaganda of 
G-Wan, including attempts to cover up serious past security vulnerabilities.

Have a look here to get an understanding of how far this goes:

http://www.wikivs.com/index.php?title=G-WAN_vs_Nginx&action=history

More info:

http://weblambdazero.blogspot.com/2011/09/human-factor.html

/quote

It is simply a personal policy - I do not trust
 closed-source programs, and tend to use a minimal set of them at work
 (typically in Windows environment). On Linux I exclusively use
 open-source applications.

I understand the position but totally disagree on this matter ;)

I do not want to participate in discussions
 about G-Wan's developers, and their way of dealing with the community
 and problems. G-Wan seems a nice product but I will never recommend it
 to anyone. Company I work for will certainly not use it, I can tell you
 that straight away. :)


-- 
Dmitry Olshansky

"Eric R. Schulz (ers35)" <ersmail gmail.com> writes:

I am able to see that post.

 Am I the only one to see this post:

"SomeDude" <lovelydear mailmetrash.com> writes:

On Tuesday, 26 June 2012 at 20:39:06 UTC, Dmitry Olshansky wrote:
 On 27-Jun-12 00:24, Anonymous wrote:
 On Tuesday, 26 June 2012 at 16:58:25 UTC, Dejan Lekic wrote:
 On Monday, 25 June 2012 at 10:17:27 UTC, P. Lefevre wrote:
 For those interested in web development, GWAN is a VERY fast 
 web
 server (Linux only) which allow development of dynamic pages 
 in C,
 C++, Objective-C, Objective-C++, and D (since january this 
 year) !

 see http://gwan.ch/

 NB: the perf benchmark on this site seems incredible, but try
 yourself ...
 I did it and I'm convinced.

 I have no intention even to try something that is not 
 open-source
 nowadays. It looks nice though, but I will never trust 
 something that
 is not open-sourced...

 I am posting anonymously to protect my identity.

 Have to say, that being anonymous *and* posting vague 
 accusations with kind of strange proof links BTW all it talks 
 about is "GWAN is not open-source and thus it's bullshit ...".
 Then it lists some security bugs in old version of GWAN that 
 was then hidden from downloads (and for obvious reasons if you 
 ask me).

 You are right to be suspicious of G-Wan. Regardless of the 
 merits of the
 software itself, its author is known for his aggressive 
 propaganda of
 G-Wan, including attempts to cover up serious past security
 vulnerabilities.

 Hm, yet I never heard about G-WAN at all until somebody brought 
 it up in the NG.

 Have a look here to get an understanding of how far this goes:

 http://www.wikivs.com/index.php?title=G-WAN_vs_Nginx&action=history

 More info:

 http://weblambdazero.blogspot.com/2011/09/human-factor.html

 This in fact it contains a bunch of accusations of it's own.
 It's not like I should have posted all this (everybody knows 
 better then to trust anonymous blindly etc.) but just could not 
 resist.

OTOH, it seems to me that a web server that relies on C for 
everything **is** very strongly subject to security issues. The 
code that generates pages must be absolutely bug free before 
being put in production, which is hard with C for anything that 
is not trivial.

"SomeDude" <lovelydear mailmetrash.com> writes:

On Sunday, 1 July 2012 at 08:04:48 UTC, SomeDude wrote:
 OTOH, it seems to me that a web server that relies on C for 
 everything **is** very strongly subject to security issues. The 
 code that generates pages must be absolutely bug free before 
 being put in production, which is hard with C for anything that 
 is not trivial.

And judging by the discussion below the blog post, the author (if 
we assume he is posting under "AnotherHumanBeing") seems to have 
a serious personality issue.

Dmitry Olshansky <dmitry.olsh gmail.com> writes:

On 01-Jul-12 12:29, SomeDude wrote:
 On Sunday, 1 July 2012 at 08:04:48 UTC, SomeDude wrote:
 OTOH, it seems to me that a web server that relies on C for everything
 **is** very strongly subject to security issues.


Yes, it's one things I don't like about it - apparently GWAN would crash 
the moment your C servlet segfaults. Ah, the pleasure of native scripts ;)

The code that
 generates pages must be absolutely bug free before being put in
 production, which is hard with C for anything that is not trivial.


Use D! :) Or any other language, I see a list of supported native 
languages in its docs.

The fact that most production libraries (that are portable) are written 
in C largely defeats the point of
"... must be absolutely bug free before being put in production, which 
is hard with C for anything that is not trivial. "

Also web server need NOT be absolutely bug free. It just shouldn't 
CRASH. So memory corruption is no go, logic errors and such are 
possible. Software always has bugs, there is no such thing as "bug-free" 
for anything not trivial. It's just they are not important or hard to 
trigger + "lack of feature" bugs.

BTW PHP is a hell of a bug (not counting bugs in scripts) yet it's out 
in the open serving most of web sites today.

 And judging by the discussion below the blog post, the author (if we
 assume he is posting under "AnotherHumanBeing") seems to have a serious
 personality issue.

I would refrain from _assuming_ who is who over the internet as I made 
terrible mistakes in the past :)
In any case what's obvious is that GWAN author is on knives with an 
awful lot of people, and of obvious reasons I see it being closed 
source. Kind of reminds me of "OMG! DMD not truly OpenSource!!!" posts 
around here.



-- 
Dmitry Olshansky

"SomeDude" <lovelydear mailmetrash.com> writes:

On Sunday, 1 July 2012 at 11:22:53 UTC, Dmitry Olshansky wrote:
 On 01-Jul-12 12:29, SomeDude wrote:
 On Sunday, 1 July 2012 at 08:04:48 UTC, SomeDude wrote:
 OTOH, it seems to me that a web server that relies on C for 
 everything
 **is** very strongly subject to security issues.


 Yes, it's one things I don't like about it - apparently GWAN 
 would crash the moment your C servlet segfaults. Ah, the 
 pleasure of native scripts ;)

 The code that
 generates pages must be absolutely bug free before being put 
 in
 production, which is hard with C for anything that is not 
 trivial.


 Use D! :) Or any other language, I see a list of supported 
 native languages in its docs.

What I meant was, the author of G-WAN boasts high performance 
because his servlets are in C. But making a dynamic website in C 
is very both unproductive and very risky, security wise, so very 
few companies would do that unless for delivering static pages. 
And if you use another language, then the performance drops and I 
suppose you get performance closer to nginx and lighthttpd (with 
D and C++, less than with some other languages).

 The fact that most production libraries (that are portable) are 
 written in C largely defeats the point of
 "... must be absolutely bug free before being put in 
 production, which is hard with C for anything that is not 
 trivial. "

 Also web server need NOT be absolutely bug free. It just 
 shouldn't CRASH. So memory corruption is no go, logic errors 
 and such are possible. Software always has bugs, there is no 
 such thing as "bug-free" for anything not trivial. It's just 
 they are not important or hard to trigger + "lack of feature" 
 bugs.

As you say, memory corruption is a no go, so I would probably 
never use C for a serious website.

 BTW PHP is a hell of a bug (not counting bugs in scripts) yet 
 it's out in the open serving most of web sites today.

Yes but PHP doesn't suffer too many memory corruption bugs, so 
there is no risk of shell code injection.

Dmitry Olshansky <dmitry.olsh gmail.com> writes:

On 01-Jul-12 19:54, SomeDude wrote:
 Use D! :) Or any other language, I see a list of supported native
 languages in its docs.

 What I meant was, the author of G-WAN boasts high performance because
 his servlets are in C. But making a dynamic website in C is very both
 unproductive and very risky, security wise, so very few companies would
 do that unless for delivering static pages.

No big wonder here. But you miss important point - it's fast not because 
it's written in C. Indeed Apache, Lightty, Nginix are all written in C.
It's just (at least seems to me) that author hates C++ and uses C as  a 
native language with least amount of baggage.

  And if you use another
 language, then the performance drops and I suppose you get performance
 closer to nginx and lighthttpd (with D and C++, less than with some
 other languages).

Why? The main point is architecture. In the same vain I've seen some 
Java servers that run faster then C ones. Architecture & careful 
low-overhead implementation is what crucial.
For one I totally expect vibe.d to kick some serious ass in the years to 
come.

 The fact that most production libraries (that are portable) are
 written in C largely defeats the point of
 "... must be absolutely bug free before being put in production, which
 is hard with C for anything that is not trivial. "

 Also web server need NOT be absolutely bug free. It just shouldn't
 CRASH. So memory corruption is no go, logic errors and such are
 possible. Software always has bugs, there is no such thing as
 "bug-free" for anything not trivial. It's just they are not important
 or hard to trigger + "lack of feature" bugs.

 As you say, memory corruption is a no go, so I would probably never use
 C for a serious website.

Right that's why static files are served as files not as a servlet per 
page. Modules of say Apache will crash it just as easy (okay one of 
Apache worker processes).
If I were to use GWAN (I'll certainly give it a try some day) then I'd 
use things like template engine and maybe doing some risky stuff in 2nd 
'mule' process. And no that != kill performance.

 BTW PHP is a hell of a bug (not counting bugs in scripts) yet it's out
 in the open serving most of web sites today.

 Yes but PHP doesn't suffer too many memory corruption bugs, so there is
 no risk of shell code injection.

Mm... the interpreter itself is bad enough. Like being not thread safe 
(is it now?). But the main problem though is bad practices that PHP 
spawned an masse. Last time I checked vulnerabilities database SQL 
injections and PHP were commonly found in the same statement/article.

-- 
Dmitry Olshansky