Lighttpd 1.4.53 已发布。Lighttpd 是一个开源 Web 服务器软件,旨在提供一个专门针对高性能网站,安全、快速、兼容性好并且灵活的 Web Server 环境。具有非常低的内存开销,CPU 占用率低,效能好,以及丰富的模块等特点。
重要更新
支持 TLS-ALPN-01,systemd socket activation,bug 修复
未来预期变化 (Q1 2019)
2019 年第一季度开始,lighttpd 默认对 HTTP 请求进行有限的 URL 规范化。
从 lighttpd 1.4.50 开始,这个 URL 规范就可用于 server.http-parseopts <https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails>。除非已经对 lighttpd 配置做了明确设置,lighttpd 默认配置是 server.http-parseopts = (“url-normalize-unreserved” => “enable”, “url-path-2f-decode” => “enable”) 。默认开启 URL 规范会为 mod_redirect 和 mod_rewrite 带来更一致的行为,而这些行为会与(url 编码的) URL 请求更加匹配。然而,出于对一致性需要的默认情况下解码 %2F,对那些在 url-path 中解码 URLs、并且依赖 “/” 作为分隔符的用户,可能是个重大变化。对于这部分用户,可以在 lighttpd 配置中明确设置 “url-path-2f-decode” => “disable”。
https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
server.http-parseopts 推荐设置如下:
server.http-parseopts = ( "header-strict" => "enable", "host-strict" => "enable", "host-normalize" => "enable", "url-normalize" => "enable", "url-normalize-unreserved" => "enable", "url-normalize-required" => "enable", "url-ctrls-reject" => "enable", "url-path-2f-decode" => "enable", "url-path-dotseg-remove" => "enable", "url-query-20-plus" => "enable" )
下载地址
- lighttpd-1.4.53.tar.gz (GPG signature)
- SHA256:
423b3951f212e3a30511eb86f4662a1848c6e857074289ff23fc310eef520266
- SHA256:
- lighttpd-1.4.53.tar.xz (GPG signature)
- SHA256:
3bdfce1cf3e9650a556a8c26fb15342c5717c63f530c54693db632b0371dcb78
- SHA256:
- SHA256 checksums
自 1.4.52 以来的更改
- [mod_cml,mod_flv_streaming] fix NULL ptr deref
- [mod_simple_vhost] t/test_mod_simple_vhost
- [mod_evhost] split uri handler func for testing
- [mod_evhost] restructure for unit tests
- [mod_evhost] t/test_mod_evhost
- [mod_access] restructure for unit tests
- [mod_access] t/test_mod_access
- [tests] include first.h and NDEBUG early
- [core] use kill_signal for gw_proc_kill()
- [tests] t/test_keyvalue
- [tests] some test config cleanup
- [tests] update skip count in mod-fastcgi.t
- [multiple] reduce initial buffer sz if large POST (fixes #2922)
- [mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923)
- [tests] more test config cleanup
- [core] perf: incremental hash of pathname w/o copy
- [core] perf: reuse buffer to redirect to directory
- [core] do not free() reused buffer
- [core] use connected sock port in dir redirect
- [core] http_response_buffer_append_authority()
- [core] use con→server_name for dir redir
- [core] memeq compare rounded to 64, not next 1M
- [core] define MD5_DIGEST_LENGTH 16
- [mod_auth] permit additional auth backends to load
- [core] send Connection: close if reqbody not read (fixes #2924)
- [core] cache rev DNS for localhost for dir redir
- [doc/conf] resolve some mime type conflicts from debian buster, regenerate mime.conf
- [core] move winsock init to network_init()
- [core] move /dev/stdin graceful restart handling
- [core] network_srv_sockets_append() shared code
- [core] systemd socket activation support
- [build] autotools: try mysqlclient.pc and mariadb.pc (fixes #2925)
- [mod_expire] look up expire fallback “” explicitly
- [multiple] calloc match ptr type (clang —analyze)
- [multiple] quiet clang —analyze where trivial
- [mod_webdav] compare COPY, MOVE Destination scheme
- [core] con→uri.scheme is maintained lowercase
- [mod_openssl] ALPN and acme-tls/1 (fixes #2931)
- [core] Fix recursive include_shell invocations
- [mod_openssl] ssl.privkey directive (optional)
转自 https://www.oschina.net/news/104026/lighttpd-1-4-53-released