lighttpd 1.4.53 发布 高性能 Web 服务器

来自:互联网
时间:2019-01-29
阅读:

Lighttpd 1.4.53 已发布。Lighttpd 是一个开源 Web 服务器软件,旨在提供一个专门针对高性能网站,安全、快速、兼容性好并且灵活的 Web Server 环境。具有非常低的内存开销,CPU 占用率低,效能好,以及丰富的模块等特点。

重要更新

支持 TLS-ALPN-01,systemd socket activation,bug 修复

未来预期变化 (Q1 2019)

2019 年第一季度开始,lighttpd 默认对 HTTP 请求进行有限的 URL 规范化。

从 lighttpd 1.4.50 开始,这个 URL 规范就可用于 server.http-parseopts <https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetAIls>。除非已经对 lighttpd 配置做了明确设置,lighttpd 默认配置是 server.http-parseopts = (“url-normalize-unreserved” => “enable”, “url-path-2f-decode” => “enable”) 。默认开启 URL 规范会为 mod_redirect 和 mod_rewrite 带来更一致的行为,而这些行为会与(url 编码的) URL 请求更加匹配。然而,出于对一致性需要的默认情况下解码 %2F,对那些在 url-path 中解码 URLs、并且依赖 “/” 作为分隔符的用户,可能是个重大变化。对于这部分用户,可以在 lighttpd 配置中明确设置 “url-path-2f-decode” => “disable”。

https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails

server.http-parseopts 推荐设置如下:

server.http-parseopts = ( "header-strict"  => "enable",
 "host-strict" => "enable",
 "host-normalize" => "enable",
 "url-normalize" => "enable",
 "url-normalize-unreserved" => "enable",
 "url-normalize-required"  => "enable",
 "url-ctrls-reject" => "enable",
 "url-path-2f-decode" => "enable",
 "url-path-dotseg-remove"  => "enable", 
 "url-query-20-plus"  => "enable"      )

下载地址

lighttpd-1.4.53.tar.gz (GPG signature)

SHA256: 423b3951f212e3a30511eb86f4662a1848c6e857074289ff23fc310eef520266

lighttpd-1.4.53.tar.xz (GPG signature)

SHA256: 3bdfce1cf3e9650a556a8c26fb15342c5717c63f530c54693db632b0371dcb78

SHA256 checksums

自 1.4.52 以来的更改

[mod_cml,mod_flv_streaming] fix NULL ptr deref

[mod_simple_vhost] t/test_mod_simple_vhost

[mod_evhost] split uri handler func for testing

[mod_evhost] restructure for unit tests

[mod_evhost] t/test_mod_evhost

[mod_access] restructure for unit tests

[mod_access] t/test_mod_access

[tests] include first.h and NDEBUG early

[core] use kill_signal for gw_proc_kill()

[tests] t/test_keyvalue

[tests] some test config cleanup

[tests] update skip count in mod-fastcgi.t

[multiple] reduce initial buffer sz if large POST (fixes #2922)

[mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923)

[tests] more test config cleanup

[core] perf: incremental hash of pathname w/o copy

[core] perf: reuse buffer to redirect to directory

[core] do not free() reused buffer

[core] use connected sock port in dir redirect

[core] http_response_buffer_append_authority()

[core] use con→server_name for dir redir

[core] memeq compare rounded to 64, not next 1M

[core] define MD5_DIGEST_LENGTH 16

[mod_auth] permit additional auth backends to load

[core] send Connection: close if reqbody not read (fixes #2924)

[core] cache rev DNS for localhost for dir redir

[doc/conf] resolve some mime type conflicts from debian buster, regenerate mime.conf

[core] move winsock init to network_init()

[core] move /dev/stdin graceful restart handling

[core] network_srv_sockets_append() shared code

[core] systemd socket activation support

[build] autotools: try MySQLclient.pc and mariadb.pc (fixes #2925)

[mod_expire] look up expire fallback "" explicitly

[multiple] calloc match ptr type (clang —analyze)

[multiple] quiet clang —analyze where trivial

[mod_webdav] compare COPY, MOVE Destination scheme

[core] con→uri.scheme is maintained lowercase

[mod_openssl] ALPN and acme-tls/1 (fixes #2931)

[core] Fix recursive include_shell invocations

[mod_openssl] ssl.privkey directive (optional)

返回顶部
顶部