Lighttpd 1.4.51 已发布，Lighttpd 是一个开源 Web 服务器软件，旨在提供一个专门针对高性能网站，安全、快速、兼容性好并且灵活的 Web Server 环境。具有非常低的内存开销，CPU 占用率低，效能好，以及丰富的模块等特点。

重要更改

• security fixes

• bug fixes

• new module: mod_authn_pam

• support for wolfSSL

Changes from 1.4.50

• [core] split parsing header line into separate function

• [core] explicitly return 0 instead of constant result

• [core] header parsing: use goto for error handling

• [core,security] process headers after combining folded headers

• [core] replace folding whitespace with a single space

• [buffer] fix duplicate assert and comment

• [core] redo HTTP header line folding

• [core] parse header line strings before copying

• [core] abstraction to insert/modify response hdrs

• [core] code reuse with array_insert_key_value()

• [core] simplify parsing hdr key whitespace then :

• [core] http_request_parse_reqline() separate func

• [core] abstraction layer for HTTP header manip

• [core] code reuse with http_response_body_clear()

• [mod_proxy] fix proxy.forwarded and proxy.replace-http-host (fixes #2902)

• [mod_rewrite] fix url.rewrite-repeat and url.rewrite-if-not-file (fixes #2908)

• [core] fastcgi.h link to Open Market License (OML) (fixes #2901)

• [mod_proxy,mod_wstunnel] copy full plugin_config (fixes #2903)

• [mod_fastcgi,mod_scgi] error on oversized request (fixes #2905)

• [mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)

• [core] code reuse array_match_*() routines

• [mod_skeleton] review and simplify

• [multiple] code reuse: employ array_match_*()

• [doc] lighttpd.service uses network-online.target

• [mod_flv_streaming] code simplifications

• [mod_authn_pam] mod_auth PAM support (fixes #688)

• [mod_sockproxy] add to build

• [core] fix include_shell on inline shell commands (fixes #2910)

• [multiple] code reuse: using array_*() funcs

• [tests] t/test_array.c

• [core] array_get_int_ptr()

• [core] more memory-efficient fn table for data_*

• [tests] #undef NDEBUG before assert.h in t/test_*

• [core] inline status_counter routines

• [core] log_failed_assert() attribute((cold))

• [core] http_status_append()

• [core] http_method_append()

• [core] prefer buffer_append_string_len()

• [build] fix SCons build for mod_authn_pam

• [mod_userdir] security: skip username “.” and “..”

• [mod_deflate] null-check to quiet coverity warning

• [core] quiet coverity false positive

• [multiple] quiet compiler warnings —without-pcre

• [mod_secdownload] support if HMAC() is a macro

• [TLS] sys-crypto.h abstraction

• [TLS] sys-crypto.h abstraction

• [build] put request.c in common src

• [meson] build fixes for libmariadb and libsasl2

• [core] PATH_INFO calculation when basedir is “/” (fixes #2911)

• [core] better consistency in buffer_is_equal*()

• [core] fix missing param from prev commit

• [mod_openssl] no renegotiation in TLS 1.3 (fixes #2912)

• [core] reject Transfer-Encoding from proxy (#2913)

• [mod_auth] use SHA1_Init,Update,Final

• [mod_openssl] add support for wolfSSL

• [build] automake support for wolfSSL

• [build] SCons support for wolfSSL

• [build] meson support for wolfSSL

• [build] CMake support for wolfSSL

• [core] perf: buffer.c internal inlines

• [mod_openssl] wolfSSL does not support SSLv2

• [core] perf: buffer_string_append_len()

• [core] permit server.error_handler to static file

下载地址

• lighttpd-1.4.51.tar.gz (GPG signature)

• lighttpd-1.4.51.tar.xz (GPG signature)