1.4.33
closedRelease Info¶
- Version: 1.4.33
- Previous version: 1.4.32
- Branch: 1.4
- Status: stable
- Release Purpose: bug fixes
- Release manager: stbuehler
- Released date: 2013-09-27
Time to get some fixes out; nothing special, just many small fixes - and some new features.
Downloads¶
- http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.gz
- GPG signature: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.gz.asc
- SHA256:
91f574d8bea8d9f75535e86cb2abc389beb8be24f003b71e6304b8c8ba1d3753
- http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.bz2
- GPG signature: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.bz2.asc
- SHA256:
2ff2324658c0f90e7d39afd40f08f11ca230903b9019c31a2bbecd8f087f235e
- http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.xz
- GPG signature: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.tar.xz.asc
- SHA256:
2886aedc23857ca44df91b8fe6f36059ec82a859ae0eb230220e42abc331610c
- SHA256 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.33.sha256sum
Changes from 1.4.32¶
- mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex)
- fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors);
follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags. - [mod_fastcgi,log] support multi line logging (fixes #2252)
- call ERR_clear_error only for ssl connections in CON_STATE_ERROR
- reject non ASCII characters in HTTP header names
- [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
- [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better.
- [mod_auth] fix base64_decode (#2484)
- fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu)
- fix undefined stuff found with clang
- [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448)
- [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478)
- [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490)
- [mod_userdir] add userdir.active option, "enabled" by default
- [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
- [core] recognize more http methods to forward to backends (fixes #2346)
- [ssl] use DH only if openssl supports it (fixes #2479)
- [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470)
- [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501)
- [ssl] accept ssl renegotiations if they are not disabled (fixes #2491)
- [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492)
- [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495)
- [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436)
- [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
- [core] check whether server.chroot exists
- [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
- [mod_accesslog] add accesslog.syslog-level option (fixes #2480)
- [core] allow files to be used as document-root (fixes #2475)
- [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502)
External references¶
Also available in: TXT