summaryrefslogtreecommitdiff
path: root/NEWS
blob: 1b9c06ea687ec186d889a177853fce6ae0a8c8d0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929

====
NEWS
====

- 1.4.56 - unreleased
  * [core] perf: request processing
  * [core] http_header_str_contains_token()
  * [mod_flv_streaming] parse query string w/o copying
  * [mod_evhost] use local array to split values
  * [core] remove srv->split_vals
  * [core] add User-Agent to http_header_e enum
  * [core] store struct server * in struct connection
  * [core] use func rc to indicate done reading header
  * [core] replace connection_set_state w/ assignment
  * [core] do not pass srv to http header parsing func
  * [core] cold buffer_string_prepare_append_resize()
  * [core] chunkqueue_compact_mem()
  * [core] connection_chunkqueue_compact()
  * [core] pass con around request, not srv and con
  * [core] reduce use of struct parse_header_state
  * [core] perf: HTTP header parsing using \n offsets
  * [core] no need to pass srv to connection_set_state
  * [core] perf: connection_read_header_more()
  * [core] perf: connection_read_header_hoff() hot
  * [core] inline connection_read_header()
  * [core] pass ptr to http_request_parse()
  * [core] more 'const' in request.c prototypes
  * [core] handle common case of alnum or - field-name
  * [mod_extforward] simplify code: use light_isxdigit
  * [core] perf: array.c performance enhancements
  * [core] mark some data_* funcs cold
  * [core] http_header.c internal inline funcs
  * [core] remove unused array_reset()
  * [core] prefer uint32_t to size_t in base.h
  * [core] uint32_t for struct buffer sizes
  * [core] remove unused members of struct server
  * [core] short-circuit path to clear request.headers
  * [core] array keys are non-empty in key-value list
  * [core] keep a->data[] sorted; remove a->sorted[]
  * [core] __attribute_returns_nonnull__
  * [core] differentiate array_get_* for ro and rw
  * [core] (const buffer *) in (struct burl_parts_t)
  * [core] (const buffer *) for con->server_name
  * [core] perf: initialize con->conf using memcpy()
  * [core] run config_setup_connection() fewer times
  * [core] isolate data_config.c, vector.c
  * [core] treat con->conditional_is_valid as bitfield
  * [core] http_header_hkey_get() over const array
  * [core] inline buffer as part of DATA_UNSET key
  * [core] inline buffer key for *_patch_connection()
  * [core] (data_unset *) from array_get_element_klen
  * [core] inline buffer as part of data_string value
  * [core] add const to callers of http_header_*_get()
  * [core] inline array as part of data_array value
  * [core] const char *op in data_config
  * [core] buffer string in data_config
  * [core] streamline config_check_cond()
  * [core] keep a->data[] sorted (REVERT)
  * [core] array a->sorted[] as ptrs rather than pos
  * [core] inline header and env arrays into con
  * [mod_accesslog] avoid alloc for parsing cookie val
  * [core] simpler config_check_cond()
  * [mod_redirect,mod_rewrite] store context_ndx
  * [core] const char *name in struct plugin
  * [core] srv->plugin_slots as compact list
  * [core] rearrange server_config, server members
  * [core] macros CONST_LEN_STR and CONST_STR_LEN
  * [core] struct plugin_data_base
  * [core] improve condition caching perf
  * [core] config_plugin_values_init() new interface
  * [mod_access] use config_plugin_values_init()
  * [core] (const buffer *) from strftime_cache_get()
  * [core] mv config_setup_connection to connections.c
  * [core] use (const char *) in config file parsing
  * [mod_staticfile] use config_plugin_values_init()
  * [mod_skeleton] use config_plugin_values_init()
  * [mod_setenv] use config_plugin_values_init()
  * [mod_alias] use config_plugin_values_init()
  * [mod_indexfile] use config_plugin_values_init()
  * [mod_expire] use config_plugin_values_init()
  * [mod_flv_streaming] use config_plugin_values_init()
  * [mod_magnet] use config_plugin_values_init()
  * [mod_usertrack] use config_plugin_values_init()
  * [mod_userdir] split policy from userdir path build
  * [mod_userdir] use config_plugin_values_init()
  * [mod_ssi] use config_plugin_values_init()
  * [mod_uploadprogress] use config_plugin_values_init()
  * [mod_status] use config_plugin_values_init()
  * [mod_cml] use config_plugin_values_init()
  * [mod_secdownload] use config_plugin_values_init()
  * [mod_geoip] use config_plugin_values_init()
  * [mod_evasive] use config_plugin_values_init()
  * [mod_trigger_b4_dl] use config_plugin_values_init()
  * [mod_accesslog] use config_plugin_values_init()
  * [mod_simple_vhost] use config_plugin_values_init()
  * [mod_evhost] use config_plugin_values_init()
  * [mod_vhostdb*] use config_plugin_values_init()
  * [mod_mysql_vhost] use config_plugin_values_init()
  * [mod_maxminddb] use config_plugin_values_init()
  * [mod_auth*] use config_plugin_values_init()
  * [mod_deflate] use config_plugin_values_init()
  * [mod_compress] use config_plugin_values_init()
  * [core] add xsendfile* check if xdocroot is NULL
  * [mod_cgi] use config_plugin_values_init()
  * [mod_dirlisting] use config_plugin_values_init()
  * [mod_extforward] use config_plugin_values_init()
  * [mod_webdav] use config_plugin_values_init()
  * [core] store addtl data in pcre_keyvalue_buffer
  * [mod_redirect] use config_plugin_values_init()
  * [mod_rewrite] use config_plugin_values_init()
  * [mod_rrdtool] use config_plugin_values_init()
  * [multiple] gw_backends config_plugin_values_init()
  * [core] config_get_config_cond_info()
  * [mod_openssl] use config_plugin_values_init()
  * [core] use config_plugin_values_init()
  * [core] collect more config logic into configfile.c
  * [core] config_plugin_values_init_block()
  * [core] gw_backend config_plugin_values_init_block
  * [core] remove old config_insert_values_*() funcs
  * [multiple] plugin.c handles common FREE_FUNC code
  * [core] run all trigger and sighup handlers
  * [mod_wstunnel] change DEBUG_LOG to use log_error()
  * [core] stat_cache_path_contains_symlink use errh
  * [core] isolate use of data_config, configfile.h
  * [core] split cond cache from cond matches
  * [mod_auth] inline arrays in http_auth_require_t
  * [core] array_init() arg for initial size
  * [core] gw_exts_clear_check_local()
  * [core] gw_backend less pointer chasing
  * [core] connection_handle_errdoc() separate func
  * [multiple] prefer (connection *) to (srv *)
  * [core] create http chunk header on the stack
  * [multiple] connection hooks no longer get (srv *)
  * [multiple] plugin_stats array
  * [core] read up-to fixed size chunk before fionread
  * [core] default chunk size 8k (was 4k)
  * [core] pass con around gw_backend instead of srv
  * [core] log_error_multiline_buffer()
  * [multiple] reduce direct use of srv->cur_ts
  * [multiple] extern log_epoch_secs
  * [multiple] reduce direct use of srv->errh
  * [multiple] stat_cache singleton
  * [mod_expire] parse config into structured data
  * [multiple] generic config array type checking
  * [multiple] rename r to rc rv rd wr to be different
  * [core] (minor) config_plugin_keys_t data packing
  * [core] inline buffer in log_error_st errh
  * [multiple] store srv->tmp_buf in tb var
  * [multiple] quiet clang compiler warnings
  * [core] http_status_set_error_close()
  * [core] http_request_host_policy w/ http_parseopts
  * [multiple] con->proto_default_port
  * [core] store log filename in (log_error_st *)
  * [core] separate log_error_open* funcs
  * [core] fdevent uses uint32_t instead of size_t
  * [mod_webdav] large buffer reuse
  * [mod_accesslog] flush file log buffer at 8k size
  * [core] include settings.h where used
  * [core] static buffers for mtime_cache
  * [core] convenience macros to check req methods
  * [core] support multiple error logs
  * [multiple] omit passing srv to fdevent_handler
  * [core] remove unused arg to fdevent_fcntl_set_nb*
  * [core] slightly simpify server_(over)load_check()
  * [core] isolate fdevent subsystem
  * [core] isolate stat_cache subsystem
  * [core] remove include base.h where unused
  * [core] restart dead piped loggers every 64 sec
  * [mod_webdav] use copy_file_range() if available
  * [core] perf: buffer copy and append
  * [core] copy some srv->srvconf into con->conf
  * [core] move keep_alive flag into request_st
  * [core] pass scheme port to http_request_parse()
  * [core] pass http_parseopts around request.c
  * [core] rename specific_config to request_config
  * [core] move request_st,request_config to request.h
  * [core] pass (request_st *) to request.c funcs
  * [core] remove unused request_st member 'request'
  * [core] rename content_length to reqbody_length
  * [core] t/test_request.c using (request_st *)
  * [core] (const connection *) in http_header_*_get()
  * [mod_accesslog] log_access_record() fmt log record
  * [core] move request start ts into (request_st *)
  * [core] move addtl request-specific struct members
  * [core] move addtl request-specific struct members
  * [core] move plugin_ctx into (request_st *)
  * [core] move addtl request-specific struct members
  * [core] move request state into (request_st *)
  * [core] store (plugin *) in p->data
  * [core] store subrequest_handler instead of mode
  * [multiple] copy small struct instead of memcpy()
  * [multiple] split con, request (very large change)
  * [core] r->uri.path always set, though might be ""
  * [core] C99 restrict on some base funcs
  * [tests] stub out config funcs in test_mod_*
  * [tests] t/test_mod_userdir
  * [core] dispatch handler in handle_request func
  * [core] http_request_parse_target()
  * [mod_magnet] modify r->target with "uri.path-raw"
  * [core] remove r->uri.path_raw; generate as needed
  * [core] http_response_comeback()
  * [core] http_response_config()
  * [tests] use buffer_eq_slen() for str comparison
  * [core] http_status_append() short-circuit 200 OK
  * [core] mark some chunk.c funcs as pure
  * [core] use uint32_t in http_header.[ch]
  * [core] perf: tighten some code in some hot paths
  * [core] parse header label before end of line
  * [doc] add link to wiki in doc/outdated/ssl.txt
  * [doc] src/t/README
  * [mod_auth] "nonce_secret" option to validate nonce (fixes #2976)
  * [build] fix build on MacOS X Tiger
  * [doc] lighttpd.conf: lighttpd choose event-handler
  * [config] blank server.tag if whitespace-only
  * [mod_proxy] stream request using HTTP/1.1 chunked (fixes #3006)
  * [multiple] correct misspellings in comments
  * [multiple] fix some cc warnings in 32-bit, powerpc
  * [tests] fix skip count in mod-fastcgi w/o php-cgi
  * [multiple] ./configure --with-nettle to use Nettle
  * [core] skip excess close() when FD_CLOEXEC defined
  * [mod_cgi] remove redundant calls to set FD_CLOEXEC
  * [core] return EINVAL if stat_cache_get_entry w/o /
  * [mod_webdav] define PATH_MAX if not defined
  * [mod_accesslog] process backslash-escapes in fmt
  * [mod_openssl] disable cert vrfy if ALPN acme-tls/1
  * [core] add seed before openssl RAND_pseudo_bytes()
  * [mod_mbedtls] mbedTLS option for TLS
  * [core] prefer getxattr() instead of get_attr()
  * [multiple] use *(unsigned char *) with ctypes
  * [mod_openssl] do not log ECONNRESET unless debug
  * [mod_openssl] SSL_R_UNEXPECTED_EOF_WHILE_READING
  * [mod_gnutls] GnuTLS option for TLS (fixes #109)
  * [mod_openssl] rotate session ticket encryption key
  * [mod_openssl] set cert from callback in 1.0.2+ (fixes #2842)
  * [mod_openssl] set chains from callback in 1.0.2+ (#2842)
  * [core] RFC-strict parse of Content-Length
  * [build] point ./configure --help to support forum
  * [core] stricter parse of numerical digits
  * [multiple] add summaries to top of some modules
  * [core] sys-crypto-md.h w/ inline message digest fn
  * [mod_openssl] enable read-ahead, if set, after SNI
  * [mod_openssl] issue warning for deprecated options
  * [mod_openssl] use SSL_OP_NO_RENEGOTIATION if avail
  * [mod_openssl] use openssl feature define for ALPN
  * [mod_openssl] update default DH params
  * [core] SecureZeroMemory() on _WIN32
  * [core] safe memset calls memset() through volatile
  * [doc] update comments in doc/config/modules.conf
  * [core] more precise check for request stream flags
  * [mod_openssl] rotate session ticket encryption key
  * [mod_openssl] ssl.stek-file to specify encrypt key
  * [mod_mbedtls] ssl.stek-file to specify encrypt key
  * [mod_gnutls] ssl.stek-file to specify encrypt key
  * [mod_openssl] disable session cache; prefer ticket
  * [mod_openssl] compat with LibreSSL
  * [mod_openssl] compat with WolfSSL
  * [mod_openssl] set SSL_OP_PRIORITIZE_CHACHA
  * [mod_openssl] move SSL_CTX curve conf to new func
  * [mod_openssl] basic SSL_CONF_cmd for alt TLS libs
  * [mod_openssl] OCSP stapling (fixes #2469)
  * [TLS] cert-staple.sh - refresh OCSP responses (#2469)
  * [mod_openssl] compat with BoringSSL
  * [mod_gnutls] option to override GnuTLS priority
  * [mod_gnutls] OCSP stapling (#2469)
  * [mod_extforward] config warning for module order
  * [mod_webdav] store webdav.opts as bitflags
  * [mod_webdav] limit webdav_propfind_dir() recursion
  * [mod_webdav] unsafe-propfind-follow-symlink option
  * [mod_webdav] webdav.opts "propfind-depth-infinity"
  * [mod_openssl] detect certs marked OCSP Must-Staple
  * [mod_gnutls] detect certs marked OCSP Must-Staple
  * [mod_openssl] default to set MinProtocol TLSv1.2
  * [mod_nss] NSS option for TLS (fixes #1218)
  * [core] fdevent_load_file() shared code
  * [mod_openssl,mbedtls,gnutls,nss] fdevent_load_file
  * [core] error if s->socket_perms chmod() fails
  * [mod_openssl] prefer some WolfSSL native APIs
  * quiet clang analyzer scan-build warnings
  * [core] uint32_t is plenty large for path names
  * [mod_mysql_vhost] deprecated; use mod_vhostdb_mysql
  * [core] splaytree_djbhash() in splaytree.h (reuse)
  * [cmake] update deps for src/t/test_*
  * [cmake] update deps for src/t/test_*
  * [build] remove tests/mod-userdir.t from builds
  * [build] fix typo in src/Makefile.am EXTRA_DIST
  * [core] remove unused mbedtls_enabled flag
  * [core] store fd in srv->stdin_fd during setup
  * [multiple] address coverity warnings
  * [mod_webdav] fix theoretical NULL dereference
  * [mod_webdav] update rc for PROPFIND allprop
  * [mod_webdav] build fix: ifdef live_properties
  * [multiple] address coverity warnings
  * [meson] fix libmariadb dependency
  * [meson] add missing libmaxminddb section
  * [mod_auth,mod_vhostdb] add caching option (fixes #2805)
  * [mod_authn_ldap,mod_vhostdb_ldap] add timeout opt (#2805)
  * [mod_auth] accept "nonce-secret" & "nonce_secret"
  * [mod_openssl] fix build warnings on MacOS X
  * [core] Nettle assert()s if buffer len > digest sz
  * [mod_authn_dbi] authn backend employing DBI
  * [mod_authn_mysql,file] use crypt() to save stack
  * [mod_vhostdb_dbi] allow strings and ints in config
  * add ci-build.sh
  * move ci-build.sh to scripts
  * [build] build fixes for AIX
  * [mod_deflate] Brotli support
  * [build] bzip2 default to not-enabled in build
  * [mod_deflate] fix typo in config option
  * [mod_deflate] propagate errs from internal funcs
  * [mod_deflate] deflate.cache-dir compressed cache
  * [mod_deflate] mod_deflate subsumes mod_compress
  * [doc] mod_compress -> mod_deflate
  * [tests] mod_compress -> mod_deflate
  * [mod_compress] remove mod_compress
  * [build] add --with-brotli to CI build
  * [core] server.feature-flags extensible config
  * [core] con layer plugin_ctx separate from request
  * [multiple] con hooks store ctx in con->plugin_ctx
  * [core] separate funcs to reset (request_st *)
  * [multiple] rename connection_reset hook to request
  * [mod_nss] func renames for consistency
  * [core] detect and reject TLS connect to cleartext
  * [mod_deflate] quicker check for Content-Encoding
  * [mod_openssl] read secret data w/ BIO_new_mem_buf
  * [core] decode Transfer-Encoding: chunked from gw
  * [mod_fastcgi] decode Transfer-Encoding: chunked
  * [core] stricter parsing of POST chunked block hdr
  * [mod_proxy] send HTTP/1.1 requests to backends
  * [tests] test_base64.c clear buf vs reset
  * [core] http_header_remove_token()
  * [mod_webdav] fix inadvertent string truncation
  * [core] add some missing standard includes
  * [mod_extforward] attempt to quiet Coverity warning
  * [mod_authn_dbi,mod_authn_mysql] fix coverity issue
  * [build] fix SCons build for detection of brotli
  * [build] SCons build with brotli needs -lm on *BSD
  * [build] SCons build mod_deflate w/ libm for brotli
  * [build] SCons brotli needs pkg-config --static
  * [build] avoid accept_filter_arg compiler warning
  * [build] SCons fix space/tabs inconsistency
  * scons: fix check environment
  * Add avahi service file under doc/avahi/
  * [mod_webdav] fix fallback if linkat() fails
  * [mod_proxy] do not forward Expect: 100-continue
  * [core] chunkqueue_compact_mem() must upd cq->last
  * [core] dlsym for FAMNoExists() for compat w/ fam
  * [core] disperse settings.h to appropriate headers
  * [core] inline buffer_reset()
  * [mod_extforward] save proto per connection
  * [mod_extforward] skip after HANDLER_COMEBACK
  * [core] server.feature-flags to enable h2
  * [core] HTTP_VERSION_2
  * [multiple] allow TLS ALPN "h2" if "server.h2proto"
  * [mod_extforward] preserve changed addr for h2 con
  * [core] do not send Connection: close if h2
  * [core] lowercase response hdr field names for h2
  * [core] recognize status: 421 Misdirected Request
  * [core] parse h2 pseudo-headers
  * [core] request_headers_process()
  * [core] connection_state_machine_loop()
  * [core] reset connection counters per connection
  * [mod_accesslog,mod_rrdtool] HTTP/2 basic accounting
  * [core] connection_set_fdevent_interest()
  * [core] HTTP2-Settings
  * [core] adjust http_request_headers_process()
  * [core] http_header_parse_hoff()
  * [core] move http_request_headers_process()
  * [core] reqpool.[ch] for (request_st *)
  * [multiple] modules read reqbody via fn ptr
  * [multiple] isolate more con code in connections.c
  * [core] isolate more resp code in response.c
  * [core] h2.[ch] with stub funcs (incomplete)
  * [core] alternate between two joblists
  * [core] connection transition to HTTP/2; incomplete
  * [core] mark some error paths with attribute cold
  * [core] discard 100 102 103 responses from backend
  * [core] skip write throttle for 100 Continue
  * [core] adjust (disabled) debug code
  * [core] update comment
  * [core] link in ls-hpack (EXPERIMENTAL)
  * [core] HTTP/2 HPACK using LiteSpeed ls-hpack
  * [core] h2_send_headers() specialized for resp hdrs
  * [core] http_request_parse_header() specialized
  * [core] comment possible future ls-hpack optimize
  * [mod_status] separate funcs to print request table
  * [mod_status] adjust to print HTTP/2 requests
  * [core] redirect to dir using relative-path
  * [core] ignore empty field-name from backends
  * [build] fix meson build
  * [mod_auth] fix crash if auth.require misconfigured (fixes #3023)
  * [core] fix 1-char trunc of default server.tag
  * [core] request_acquire(), request_release()
  * [core] keep pool of (request_st *) for HTTP/2
  * [mod_status] dedicated funcs for r->state labels
  * [core] move connections_get_state to connections.c
  * [core] fix crash on master after graceful restart
  * [core] defer optimization to read small files
  * [core] do not require '\0' term for k,v hdr parse
  * [scripts] cert-staple.sh enhancements
  * [core] document algorithm used in lighttpd etag
  * [core] ls-hpack optimizations
  * [core] fix crash on master if blank line request
  * [build] fix typo in option description for wolfSSL
  * [core] use djbhash in gw_backend to choose host
  * [core] rename md5.[ch] to algo_md5.[ch]
  * [core] move djbhash(), dekhash() to algo_md.h
  * [core] rename splaytree.[ch] to algo_splaytree.[ch]
  * [core] import xxHash v0.8.0
  * [build] modify build, includes for xxHash v0.8.0
  * [build] remove ls-hpack/deps
  * [core] xxhash no inline hints; let compiler choose
  * [mod_dirlisting] fix config parsing crash
  * [mod_openssl] clarify trace w/ deprecated options
  * [doc] refresh doc/config/*/*
  * [core] code size: disable XXH64(), XXH3()
  * [doc] update README and INSTALL
  * [build] add to autogen.sh hint listing reqd pkgs
  * [core] combine Cookie request headers with ';'
  * [core] log stream id with debug.log-state-handling
  * [core] set r->state in h2.c
  * [mod_ssi] update chunk after shell output redirect
  * [mod_webdav] preserve bytes_out when chunks merged
  * [multiple] inline chunkqueue_length()
  * [core] cold h2_log_response_header*() funcs
  * [core] update HTTP status codes list from IANA
  * [mod_wolfssl] standalone module
  * [core] Content-Length in http_response_send_file()
  * [core] adjust response header prep for common case
  * [core] light_isupper(), light_islower()
  * [core] tst,set,clr macros for r->{rqst,resp}_htags
  * [core] separate http_header_e from _htags bitmask
  * [core] http_header_hkey_get_lc() for HTTP/2
  * [core] array.[ch] using uint32_t instead of size_t
  * [core] extend (data_string *) to store header id
  * [multiple] extend enum http_header_e list
  * [core] http_header_e <=> lshpack_static_hdr_idx
  * [core] skip ls-hpack decode work unused by lighttpd
  * [TLS] error if inherit empty TLS cfg from globals
  * [core] connection_check_expect_100()
  * [core] support multiple 1xx responses from backend
  * [core] reload c after chunkqueue_compact_mem()
  * [core] relay 1xx from backend over HTTP/2
  * [core] relay 1xx from backend over HTTP/1.1
  * [core] chunkqueue_{peek,read}_data(), squash
  * [multiple] TLS modules use chunkqueue_peek_data()
  * [mod_magnet] magnet.attract-response-start-to
  * [multiple] code reuse chunkqueue_peek_data()
  * [core] reuse r->start_hp.tv_sec for r->start_ts
  * [core] config_plugin_value_tobool() accept "0","1"
  * [core] graceful and immediate restart option
  * [mod_ssi] init status var before waitpid()
  * [core] graceful shutdown timeout option
  * [core] lighttpd -1 supports pipes (e.g. netcat)
  * [core] perf adjustments to avoid load miss
  * [multiple] use sock_addr_get_family in more places
  * [multiple] inline chunkqueue where always alloc'd
  * [core] propagate state after writing
  * [core] server_run_con_queue()
  * [core] defer handling FDEVENT_HUP and FDEVENT_ERR
  * [core] handle unexpected EOF reading FILE_CHUNK
  * [core] short-circuit connection_write_throttle()
  * [core] walk queue in connection_write_chunkqueue()
  * [core] connection_joblist global
  * [core] be more precise checking streaming flags
  * [core] fdevent_load_file_bytes()
  * [TLS] use fdevent_load_file_bytes() for STEK file
  * [core] allow symlinks under /dev for rand devices
  * [multiple] use light_btst() for hdr existence chk
  * [mod_deflate] fix potential NULL deref in err case
  * [core] save errno around close() if fstat() fails
  * [mod_ssi] use stat_cache_open_rdonly_fstat()
  * [core] fdevent_dup_cloexec()
  * [core] dup FILE_CHUNK fd when splitting FILE_CHUNK
  * [core] stat_cache_path_isdir()
  * [multiple] use stat_cache_path_isdir()
  * [mod_mbedtls] quiet CLOSE_NOTIFY after conn reset
  * [mod_gnutls] quiet CLOSE_NOTIFY after conn reset
  * [core] limit num ranges in Range requests
  * [core] remove unused r->content_length
  * [core] http_response_parse_range() const file sz
  * [core] pass open fd to http_response_parse_range
  * [core] stat_cache_get_entry_open()
  * [core,mod_deflate] leverage cache of open fd
  * [doc] comment out config disabling Range for .pdf
  * [core] coalesce nearby ranges in Range requests
  * [tests] simulate slow, small packets more quickly
  * [mod_fastcgi] decode chunked is cold code path
  * [core] fix chunkqueue_compact_mem w/ partial chunk
  * [core] alloc optim reading file, sending chunked
  * [core] reuse chunkqueue_compact_mem*()
  * [mod_cgi] use splice() to send input to CGI
  * [multiple] ignore openssl 3.0.0 deprecation warns
  * [mod_openssl] migrate ticket cb to openssl 3.0.0
  * [mod_openssl] construct OSSL_PARAM on stack
  * [mod_openssl] merge ssl_tlsext_ticket_key_cb impls
  * [multiple] openssl 3.0.0 digest interface migrate
  * [tests] detect multiple SSL/TLS/crypto providers
  * [core] sys-crypto-md.h consistent interfaces
  * [wolfssl] wolfSSL_CTX_set_mode differs from others
  * [multiple] use NSS crypto if no other crypto avail
  * [multiple] stat_cache_path_stat() for struct st
  * [TLS] ignore empty "CipherString" in ssl-conf-cmd
  * [multiple] remove chunk file.start member
  * [core] modify use of getrlimit() to not be fatal
  * [mod_webdav] add missing update to cq accounting
  * [mod_webdav] update defaults after worker_init
  * [mod_openssl] use newer openssl 3.0.0 func
  * [core] config_plugin_value_to_int32()
  * [core] minimize pause during graceful restart
  * [mod_deflate] use large mmap chunks to compress
  * [core] stat_cache_entry reference counting
  * [core] FILE_CHUNK can hold stat_cache_entry ref
  * [core] http_chunk_append_file_ref_range()
  * [multiple] use http_chunk_append_file_ref()
  * [core] always lseek() with shared fd
  * [core] silence coverity warnings (false positives)
  * [core] silence coverity warnings in ls-hpack
  * [core] silence coverity warnings (another try)
  * [core] fix fd sharing when splitting file chunk
  * [mod_mbedtls] quiet unused variable warning
  * [core] use inline funcs in sys-crypto-md.h
  * [core] add missing declaration for NSS rand
  * [core] init NSS lib for basic crypto algorithms
  * [doc] change mod_compress refs to mod_deflate
  * [doc] replace bzip2 refs with brotli
  * [build] remove svnversion from versionstamp rule
  * [doc] /var/run -> /run
  * [multiple] test for nss includes
  * [mod_nss] more nss includes fixes
  * [build] more portable autogen.sh shell script
  * [mod_webdav] define _NETBSD_SOURCE on NetBSD
  * [core] silence coverity warnings (another try)
  * [mod_mbedtls] newer mbedTLS vers support TLSv1.3
  * [mod_accesslog] update defaults after cycling log
  * [multiple] add some missing config cleanup
  * [core] fix (startup) mem leaks in configparser.y

- 1.4.55 - 2020-01-31
  * [core] fix compile error on Solaris (fixes #2959)
  * [core] __attribute_pure__
  * [core] array-specialized buffer_caseless_compare()
  * [core] specialized buffer_eq_*() for short strings
  * [core] mark some more funcs w/ __attribute_pure__
  * [core] use buffer_eq_icase* funcs
  * [multiple] replace strcasecmp() on short strings
  * [core] mark some more funcs w/ __attribute_pure__
  * [mod_webdav] fix startup crash w/ multiple conds (fixes #2958)
  * [core] cold func http_response_omit_header()
  * [core] use buffer_eq_icase_ssn func
  * [core] use buffer_eq_icase_ssn func
  * [core] correct __attribute_pure__ syntax
  * [core] allocate unix socket paths with SUN_LEN()+1 (fixes #2962)
  * Use explicit_memset from NetBSD if available for safe_memclear (fixes #2971)
  * Also use explicit_memset (NetBSD) with cmake, scons and meson
  * [cmake]: enable CMAKE_POSITION_INDEPENDENT_CODE by default
  * [core] improve http_headers[] data struct packing
  * [core] fdevent_poll() is effective periodic timer
  * [core] move con state handling to connections*.c
  * [core] issue config error for invalid ':' (fixes #2980)
  * [mod_deflate] fix choose encoding parse error (fixes #2981)
  * [core] retry on some fdevent set/del temporary err
  * [core] disable stat_cache FAM if FAM conn closed
  * [mod_auth] http_auth_const_time_memeq improvement
  * [build] prefer pkg-config for postgres (fixes #2965)
  * [mod_authn_gssapi] 500 if fail to delegate creds (#2967)
  * [mod_authn_gssapi] option to store delegated creds (fixes #2967)
  * [mod_webdav] fix file uploads > 128M (fixes #2970)
  * [mod_auth] do not use quoted-string for algorithm
  * [mod_auth] require digest uri= match original URI
  * [mod_auth] Authentication-Info: nextnonce=...
  * [mod_auth] http_auth_const_time_memeq_pad()
  * [mod_auth] http_auth_const_time_memeq() (#2975, #2976)
  * [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
  * [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
  * [core] avoid freeaddrinfo() on NULL ptr (fixes #2984)
  * [core] reject WS following header field-name (fixes #2985)
  * [core] reject Transfer-Encoding + Content-Length (#2985)
  * [mod_openssl] reject invalid ALPN
  * [mod_accesslog] parse multiple cookies (fixes #2986)
  * [core] Oracle Solaris does not have POLLRDHUP
  * [multiple] address coverity warnings
  * [core] preserve %2b and %2B in query string (fixes #2999)
  * [core] fall back to accept() if accept4() EPERM (fixes #2998)
  * [mod_auth] close connection after bad password
  * [core] do not accept() > server.max-connections
  * [core] save errno before logging if execve() fails
  * [config] update /var/run -> /run for systemd
  * [core] Solaris has getloadavg in sys/loadavg.h
  * [build] Fix build when using nested CMake
  * [core] fix one-byte OOB read (underflow)

- 1.4.54 - 2019-05-27
  * [mod_evhost] handle IPv6 literal addr; add tests
  * [core] separate server_main_loop() func, mark hot
  * [core] mark startup/shutdown funcs cold
  * [core] some server_main_loop() cleanup
  * [core] fdevent_process()
  * [core] srv->max_fds_lowat and srv->max_fds_hiwat
  * [core] remove server.h
  * [mod_staticfile] search ext array if not empty
  * [core] store joblist pointer on stack
  * [core] quickly clear request buffer for reuse
  * [core] helper funcs for connection_state_machine()
  * [core] perf: optimize connection_read_header()
  * [core] parse request in connection_read_header()
  * [core] log_request_header_on_error in one place
  * [core] copy request only if might need for logging
  * [core] make parse_request,request.request same buf
  * [core] prefer buffer_caseless_compare()
  * [core] pass req hdrs buffer to http_request_parse
  * [core] replace con->response.keep_alive
  * [core] mark log_error_write*() funcs cold
  * [core] http_request_parse() mark error paths cold
  * [core] lift code out of request line parse loop
  * [core] get_http_method_key() match by strlen first
  * [core] RFC7230 HTTP-version parse
  * [mod_accesslog] attempt to reconstruct req line
  * [multiple] minor: remove duplicated conditions
  * [mod_deflate] honor request for x-gzip, x-bzip2
  * [mod_auth] minor: adjust config validation
  * [core] discard oversized trailers
  * [core] no keep-alive if POLLRDHUP,empty read queue
  * [core] fix gw_backend spelling of directive in err
  * [multiple] reduce code dup in list resizing
  * [core] con->is_ssl_sock
  * [core] connection_handle_write() updates con state
  * [core] skip plugins_call_cleanup if not init'ed
  * [core] simpler loops to run plugin hooks
  * [core] fix mixed use of srv->split_vals array (fixes #2932)
  * [core] dispatch events from within event framework
  * [core] don't call fd event handlers more than once, they might already be gone (fixes segfault)
  * [core] poll: fdarray uses fd as index, not fde_ndx
  * [core] map FDEVENT_* to OS system event frameworks
  * [core] prefer memchr() over strchr()
  * [core] use openssl to read,discard request body
  * [mod_openssl] inherit cipherlist from global scope
  * [mod_openssl] default: ssl.cipher-list = "HIGH"
  * [mod_proxy] pass Content-Length to backend if > 0
  * [core] config option to allow GET w/ request body
  * [core] some fdevent code streamlining
  * [core] remove fde_ndx member outside fdevents
  * [core] remove redundant check for allow_http11
  * [mod_openssl] use 16k static buffer instead of 64k
  * [core] pull server load checks out of main loop
  * [core] isolate fdevent processing
  * [core] release empty chunk buf when nothing read
  * [core] perf: pass (fdnode *) to epoll and kqueue
  * [core] modify config parser to handle multiple }
  * [core] pass (fdnode *) for registered fdevent fd
  * [mod_auth] http_auth_digest_hex2bin()
  * [mod_auth] http_auth_info_t digest abstraction
  * [mod_auth] pass http_auth_require_t for 401 Unauth
  * [core] no SOCK_NONBLOCK on QNX 7.0
  * [mod_auth] HTTP Auth Digest algorithm=SHA-256
  * [core] silence coverity warning
  * [mod_magnet] fix invalid script return-type crash (fixes #2938)
  * [build] remove -Wdeclaration-after-statement
  * [core] pass conf.follow_symlink in more places
  * [core] fix assertion with server.error-handler (fixes #2941)
  * [core] extend dir redirection to take HTTP status
  * [doc] minor adjust create-mime.conf.pl regex match (#2942)
  * [core] __attribute__((fallthrough)) for GCC 7.0
  * [core] fdevent_mkstemp_append() (shared)
  * [core] off_t upload_temp_file_size
  * [core] clear FDEVENT_RDHUP if no POLLRDHUP
  * [mod_wstunnel] fix ping-interval for big-endian (fixes #2944)
  * [core] fix abort in http-parseopts (fixes #2945)
  * [core] remove repeated slashes in http-parseopts
  * [core] fix 1.4.52 regression in mem use with POST (fixes #2948)
  * [multiple] cleaner calloc use in SETDEFAULTS_FUNC
  * [core] add const to some etag prototypes
  * [core] __attribute__((format ...))
  * [core] struct log_error_st for error logging
  * [core] log_error, log_perror using printf-like fmt
  * [core] new worker_init hook to follow parent fork
  * [core] replace open() with fdevent_open_cloexec()
  * [mod_webdav] major rewrite (fixes #1818)
  * [core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939)
  * [mod_webdav] surround Lock-Token with "<...>"
  * [mod_webdav] fix uuid detection macro
  * [mod_webdav] fix misbehavior on blank nodes in PROPPATCH
  * [mod_webdav] clean up resources after do{}while(0)
  * [mod_webdav] check If-Match, If-Unmodified-Since (#1818)
  * [mod_webdav] deprecated unsafe partial PUT compat
  * [mod_webdav] provide ETag in more responses
  * [mod_webdav] platform portability fixes
  * [mod_webdav] disable elftc_copyfile() on FreeBSD
  * [mod_webdav] special-case If: (<DAV:no-lock>)
  * [mod_webdav] check If-None-Match (#1818)
  * [stat_cache] separate func for symlink policy chk
  * [stat_cache] separate symlink pol from data struct
  * [stat_cache] store entries without trailing slash
  * [stat_cache] pass age param for stat cache cleanup
  * [stat_cache] remove splaytree ins/del debug code
  * [stat_cache] FAM: reduce string copying
  * [stat_cache] FAM: check FAMNextEvent() return code
  * [stat_cache] FAM: use entry hash index as userdata
  * [stat_cache] FAM: improve handling modified file
  * [stat_cache] FAM: ignore follow-symlink config
  * [stat_cache] FAM: check hash collision before add
  * [stat_cache] FAM: ignore event with no valid match
  * [stat_cache] FAM: funcs to invalidate entries
  * [stat_cache] interfaces to invalidate entries
  * [mod_webdav] update stat_cache after file mod
  * [core] use high precision stat timestamp in etag
  * [scons] adjustment for static build under CentOS
  * [core] emit trace using path before clearing path
  * [core] http_chunk_append_file_fd()
  * [multiple] open target file earlier in some cases
  * [stat_cache] no longer stat() and open() for stat
  * [stat_cache] FAM: improve monitoring, cache 16 sec
  * [stat_cache] FAM: separate routine for FDEVENT_IN
  * [stat_cache] FAM: whitespace-only change
  * [mod_webdav] quiet coverity warnings
  * [doc] highlight relevance of module load order (fixes #2946)
  * [core] behavior change: stricter URL normalization
  * [stat_cache] fix compilation error for cmake
  * [cmake] help cmake on FreeBSD find sys/event.h
  * [scons] help scons on FreeBSD find sys/event.h
  * [build] detect FreeBSD elftc_copyfile()
  * [mod_openssl] use SSL_CTX_set_client_hello_cb()
  * [core] support weak etags with If-None-Match
  * [core] store log_state_handling flag on stack
  * [core] check if splay_tree NULL before invalidate
  * [mod_webdav] workaround Microsoft-WebDAV-MiniRedir
  * [mod_webdav] doc Microsoft-WebDAV-MiniRedir bugs
  * [mod_webdav] invalidate parent dir in stat_cache
  * [doc] systemd socket activation config example
  * [core] chunkqueue perf: code reuse
  * [core] chunkqueue perf: specialized buffer.h funcs
  * [core] chunkqueue perf: skip opening 0-length file
  * [core] chunkqueue perf: read small files into mem
  * [core] buffer_reset() should not be passed NULL
  * [tests] has_feature() helper func
  * [tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
  * [core] use high precision stat timestamp on OS X
  * [mod_magnet] expose server addr (local IP) to lua
  * [core] adjust http_chunk read() retry loop
  * [mod_maxminddb] MaxMind GeoIP2 support
  * [mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes #2940)

- 1.4.53 - 2019-01-27
  * [mod_cml,mod_flv_streaming] fix NULL ptr deref
  * [mod_simple_vhost] t/test_mod_simple_vhost
  * [mod_evhost] split uri handler func for testing
  * [mod_evhost] restructure for unit tests
  * [mod_evhost] t/test_mod_evhost
  * [mod_access] restructure for unit tests
  * [mod_access] t/test_mod_access
  * [tests] include first.h and NDEBUG early
  * [core] use kill_signal for gw_proc_kill()
  * [tests] t/test_keyvalue
  * [tests] some test config cleanup
  * [tests] update skip count in mod-fastcgi.t
  * [multiple] reduce initial buffer sz if large POST (fixes #2922)
  * [mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923)
  * [tests] more test config cleanup
  * [core] perf: incremental hash of pathname w/o copy
  * [core] perf: reuse buffer to redirect to directory
  * [core] do not free() reused buffer
  * [core] use connected sock port in dir redirect
  * [core] http_response_buffer_append_authority()
  * [core] use con->server_name for dir redir
  * [core] memeq compare rounded to 64, not next 1M
  * [core] define MD5_DIGEST_LENGTH 16
  * [mod_auth] permit additional auth backends to load
  * [core] send Connection: close if reqbody not read (fixes #2924)
  * [core] cache rev DNS for localhost for dir redir
  * [doc/conf] resolve some mime type conflicts from debian buster, regenerate mime.conf
  * [core] move winsock init to network_init()
  * [core] move /dev/stdin graceful restart handling
  * [core] network_srv_sockets_append() shared code
  * [core] systemd socket activation support
  * [build] autotools: try mysqlclient.pc and mariadb.pc (fixes #2925)
  * [mod_expire] look up expire fallback "" explicitly
  * [multiple] calloc match ptr type (clang --analyze)
  * [multiple] quiet clang --analyze where trivial
  * [mod_webdav] compare COPY, MOVE Destination scheme
  * [core] con->uri.scheme is maintained lowercase
  * [mod_openssl] ALPN and acme-tls/1 (fixes #2931)
  * [core] Fix recursive include_shell invocations
  * [mod_openssl] ssl.privkey directive (optional)

- 1.4.52 - 2018-11-28
  * [mysql] MySQL 8 deprecates my_bool
  * [core] typo in trace
  * [build] Fix unportable test(1) operator
  * [core] perf: call connection_reset() fewer times
  * [core] perf: array_reset_data_strings()
  * [core] perf: buffer_free_ptr() __attribute__ cold
  * [core] perf: one-element cache for host normalize
  * [core] perf: buffer_copy_string_len()
  * [core] perf: skip redundant prepare copy calls
  * [core] perf: buffer_align_size() identity if align
  * [core] perf: size write buffers for reuse
  * [core] perf: prepend headers directly into write q
  * [core] perf: copy small strings; better buf reuse
  * [core] perf: copy small strings; extend last chunk
  * [core] perf: specialized func for array sorting
  * [core] perf: append response directly into write q
  * [core] perf: better buf reuse reading from backend
  * [core] chunk.c code reuse
  * [multiple] perf: write headers to backend write cq
  * [multiple] perf: power-2 alloc large headers
  * [multiple] perf: use larger initial backend buffer
  * [core] permit env vars to be set with blank value
  * [mod_fastcgi] perf: reduce data copies
  * [mod_fastcgi] perf: reduce data copies
  * [core] perf: chunk.c chunk pool
  * [multiple] perf: reuse large buffers w/ backend
  * [multiple] better packing of struct chunk
  * [core] perf: inline buffer_append_string_buffer()
  * [core] slightly simpler flag append to string
  * [mod_cgi] perf: reuse buffers for creating CGI env
  * [mod_fastcgi,mod_scgi] perf: env accumulation
  * [core] Don't call RAND_cleanup with OpenSSL 1.1.x
  * [mod_openssl] move SSL_shutdown() to separate func
  * [mod_openssl] SSL_read before second SSL_shutdown
  * [mod_cgi] perf: use stat_cache for cgi handler
  * [mod_openssl] prefer using TLS_server_method()
  * [mod_webdav] return 403 if file should exist
  * [core] perf: chunkqueue buffers already sized up
  * [core] perf: simpler buffer_string_space()
  * [multiple] dynamic handlers hint backend header sz
  * [core] use chunk_buf_sz instead of hard-coded num
  * [multiple] perf: simplify chunkqueue_get_memory()
  * [mod_wstunnel] perf: reuse large buffers
  * [mod_cgi] perf: cache getenv() results at start up
  * [core] fix 301 -> 302 overwrite with Location (fixes #2918)
  * [core] fix setting of headers previously reset (fixes #2919)
  * [mod_webdav] quiet coverity false positive
  * [core] server.compat-module-load = "disable"
  * [core] server.chunkqueue-chunk-sz = 4096
  * [core] perf: simpler buffer_string_space() (fixed)
  * [core] perf: faster HTTP pipelined requests
  * [core] perf: simpler buffer_string_space() (tests)
  * [mod_cgi] reset reused buffer on internal redir
  * [core] clear chunk buffer upon release
  * [mod_fastcgi] minor: copy packet without padding
  * [mod_redirect,mod_rewrite] use server_name
  * [mod_fastcgi] transfer chunks minus packet padding
  * [core] separate func to reset FILE_CHUNK
  * [core] perf: simple, quick buffer_clear()
  * [core] perf: small improvement to encoding CGI var
  * [core] perf: small improvement buffer_string_space
  * [core] simpler physical path concatenation
  * [mod_webdav] fix LOCK on incorrect URI path
  * [mod_webdav] one fewer buffer copy for COPY,MOVE
  * [core] perf: simplify buffer_move()
  * [mod_cml] parse query string without modifying it
  * [core] perf: buffer optimizations
  * [mod_wstunnel] use buffer_string_length()
  * [core] perf: inline buffer_copy_buffer()
  * [core] cygwin helper func for getcwd
  * [core] cygwin sample to run lighttpd under NSSM
  * [core] limit con->uri.authority < 1024 octets
  * [mod_webdav] separate func for each request method
  * [core] reject decoded url-path without leading '/'
  * [multiple] validate UTF-8 in url-decoded paths
  * [mod_proxy] silence coverity false positive
  * [core] fix typo
  * [core] buffer_append_path_len()
  * [core] quiet indexfile warning if mod not loaded

- 1.4.51 - 2018-10-14
  * [core] split parsing header line into separate function
  * [core] explicitly return 0 instead of constant result
  * [core] header parsing: use goto for error handling
  * [core,security] process headers after combining folded headers
  * [core] replace folding whitespace with a single space
  * [buffer] fix duplicate assert and comment
  * [core] redo HTTP header line folding
  * [core] parse header line strings before copying
  * [core] abstraction to insert/modify response hdrs
  * [core] code reuse with array_insert_key_value()
  * [core] simplify parsing hdr key whitespace then :
  * [core] http_request_parse_reqline() separate func
  * [core] abstraction layer for HTTP header manip
  * [core] code reuse with http_response_body_clear()
  * [mod_proxy] fix proxy.forwarded and proxy.replace-http-host (fixes #2902)
  * [mod_rewrite] fix url.rewrite-repeat and url.rewrite-if-not-file (fixes #2908)
  * [core] fastcgi.h link to Open Market License (OML) (fixes #2901)
  * [mod_proxy,mod_wstunnel] copy full plugin_config (fixes #2903)
  * [mod_fastcgi,mod_scgi] error on oversized request (fixes #2905)
  * [mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)
  * [core] code reuse array_match_*() routines
  * [mod_skeleton] review and simplify
  * [multiple] code reuse: employ array_match_*()
  * [doc] lighttpd.service uses network-online.target
  * [mod_flv_streaming] code simplifications
  * [mod_authn_pam] mod_auth PAM support (fixes #688)
  * [mod_sockproxy] add to build
  * [core] fix include_shell on inline shell commands (fixes #2910)
  * [multiple] code reuse: using array_*() funcs
  * [tests] t/test_array.c
  * [core] array_get_int_ptr()
  * [core] more memory-efficient fn table for data_*
  * [tests] #undef NDEBUG before assert.h in t/test_*
  * [core] inline status_counter routines
  * [core] log_failed_assert() __attribute__((cold))
  * [core] http_status_append()
  * [core] http_method_append()
  * [core] prefer buffer_append_string_len()
  * [build] fix SCons build for mod_authn_pam
  * [mod_userdir] security: skip username "." and ".."
  * [mod_deflate] null-check to quiet coverity warning
  * [core] quiet coverity false positive
  * [multiple] quiet compiler warnings --without-pcre
  * [mod_secdownload] support if HMAC() is a macro
  * [TLS] sys-crypto.h abstraction
  * [TLS] sys-crypto.h abstraction
  * [build] put request.c in common src
  * [meson] build fixes for libmariadb and libsasl2
  * [core] PATH_INFO calculation when basedir is "/" (fixes #2911)
  * [core] better consistency in buffer_is_equal*()
  * [core] fix missing param from prev commit
  * [mod_openssl] no renegotiation in TLS 1.3 (fixes #2912)
  * [core] reject Transfer-Encoding from proxy (#2913)
  * [mod_auth] use SHA1_Init,Update,Final
  * [mod_openssl] add support for wolfSSL
  * [build] automake support for wolfSSL
  * [build] SCons support for wolfSSL
  * [build] meson support for wolfSSL
  * [build] CMake support for wolfSSL
  * [core] perf: buffer.c internal inlines
  * [mod_openssl] wolfSSL does not support SSLv2
  * [core] perf: buffer_string_append_len()
  * [core] permit server.error_handler to static file

- 1.4.50 - 2018-08-13
  * [mod_extforward] allow explicit IPs to be untrusted (#2860)
  * [core] fix crash if 'host' empty in config (fixes #2876)
  * [mod_magnet] fix regression in lighty.stat (fixes #2877)
  * [core] minor code cleanup in gw_recv_response()
  * [core] fix rare race condition from backends (fixes #2878)
  * [mod_proxy] fix segfault in Set-Cookie reverse map (fixes #2879)
  * [core] fdevent_accept_listenfd() nonblock cloexec
  * [build] remove m4 AC_PATH_PROG for PKG_CONFIG
  * [core] some header cleanup
  * [mod_wstunnel] better Sec-WebSocket-Protocol parse
  * [mod_magnet] code reuse
  * [mod_magnet] reduce buffer copies
  * [mod_fastcgi,mod_scgi] fastcgi.balance,scgi.balance (fixes #2882)
  * [core] check if SOCK_NONBLOCK is ignored (fixes #2883)
  * [core] buffer_append_string_encoded_hex_lc()
  * [core] more efficient hex2int()
  * [mod_secdownload] compare bin MAC instead of hex
  * [core] li_tohex_lc() explicitly uses lc hex chars
  * [core] buffer_append_uint_hex_lc() uses lc hex
  * [core] buffer_append_string_encoded() uc hex
  * [tests] reduce test_base64 brute force tests
  * [tests] remove test_buffer output, except on error
  * [core] check for continuation in server.tag
  * [core] CONNECT must be handled before fs hooks
  * [mod_redirect, mod_rewrite] code reuse (sharing)
  * [core] data_config_pcre_compile,exec()
  * [tests] test_request unit tests
  * [core] http_kv.[ch] method, status, version str
  * [core] remove unused get_http_status_body_name()
  * [core] remove proc_open.[ch], reduce stdio.h use
  * [tests] move src/test_*.c to src/t/
  * [core] server.http-parseopts URL normalization opt (fixes #1720)
  * [core] inline some buffer.[ch] routines
  * [core] remove some duplicative code in log.c
  * [core] debug server.log-request-header-on-error
  * [mod_redirect,mod_rewrite] short-circuit earlier
  * [core] fix buffer_to_upper()
  * [mod_cgi] handle CGI partial response header write
  * [mod_redirect,mod_rewrite] pass request URI info
  * [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
  * [mod_redirect,mod_rewrite] fix segfault w/ invalid syntax (fixes #2892)
  * [mod_fastcgi] fix memleak with FastCGI auth,resp (fixes #2894)
  * [mod_alias] security: potential path traversal with specific configs
  * [mod_wstunnel] quiet 32-bit compiler warnings
  * [core] POLLRDHUP handling for transparent proxying
  * [mod_redirect,mod_rewrite] support up to 19 match
  * [core] add missing includes to quiet compiler warn
  * [mod_redirect,mod_rewrite] base64url encoding opt
  * [mod_rewrite] require rewrite result to begin '/'
  * [core] security: use-after-free invalid Range req
  * [core] reset var if FAMMonitorDirectory() fails
  * [core] option to propagate TCP FIN to backend host
  * mod_sockproxy - socket forwarding
  * [core] workaround Coverity cov-build bug with gcc7
  * [build] add missing file for test_burl
  * [core] quell insignificant coverity warning
  * [core] extend server.http-parseopts
  * [mod_alias] security: path traversal in mod_alias (in some use cases) (fixes #2898)
  * [core] security: use-after-free after invalid Range request (fixes #2899)

- 1.4.49 - 2018-03-11
  * [core] adjust offset if response header blank line
  * [mod_accesslog] %{canonical,local,remote}p (fixes #2840)
  * [core] support POLLRDHUP, where available (#2743)
  * [mod_proxy] basic support for HTTP CONNECT method (#2060)
  * [mod_deflate] fix deflate of file > 2MB w/o mmap
  * [core] fix segfault if tempdirs fill up (fixes #2843)
  * [mod_compress,mod_deflate] try mmap MAP_PRIVATE
  * [core] discard from socket using recv MSG_TRUNC
  * [core] report to stderr if errorlog path ENOENT (fixes #2847)
  * [core] fix base64 decode when char is unsigned (fixes #2848)
  * [mod_authn_ldap] fix mem leak when ldap auth fails (fixes #2849)
  * [core] warn if mod_indexfile after dynamic handler
  * [core] do not reparse request if async cb
  * [core] non-blocking write() to piped loggers
  * [mod_openssl] minor code cleanup; reduce var scope
  * [mod_openssl] elliptic curve auto selection (fixes #2833)
  * [core] check for path-info forward down path
  * [mod_authn_ldap] auth with ldap referrals (fixes #2846)
  * [core] code cleanup: separate physical path sub
  * [core] merge redirect/rewrite pattern substitution
  * [core] fix POST with chunked request body (fixes #2854)
  * [core] remove unused func
  * [doc] minor update to *outdated* doc
  * [mod_wstunnel] fix for frames larger than 64k (fixes #2858)
  * [core] fix 32-bit compile POST w/ chunked request body (#2854)
  * [core] add include sys/poll.h on Solaris (fixes #2859)
  * [core] fix path-info calculation in git master (fixes #2861)
  * [core] pass array_get_element_klen() const array *
  * [core] increase stat_cache abstraction
  * [core] open additional fds O_CLOEXEC
  * [core] fix CONNECT w strict header parsing enabled
  * [mod_extforward] CIDR support for trusted proxies (fixes #2860)
  * [core] re-enable overloaded backends w/ multi wkrs
  * [autoconf] reduce minimum automake version to 1.13
  * [mod_auth] constant time compare plain passwords
  * [mod_auth] check that digest realm matches config
  * [core] fix incorrect hash algorithm impl

- 1.4.48 - 2017-11-11
  * [mod_webdav] fix crash if stat fails, not ENOENT
  * [core] fix build --disable-ipv6 (fixes #2832)
  * [scons] Merge branch 'personal/stbuehler/scons-cleanup'
  * [autobuild] Merge branch 'personal/stbuehler/autobuild-cleanup'
  * [meson] new build system
  * [core] fix var.CWD (regression in 1.4.46) (fixes #2835)
  * [core] fix implicit wildcard IPv4 and IPv6 listen
  * [autobuild] remove obsolete warning about mmap use
  * [core] isolate sock_addr manipulation
  * [stat_cache] remove debug code littered in file
  * [core] cleanup unused ifndef
  * [core] cleanup: consolidate FAM code in stat_cache
  * [core] consolidate backend network write handlers
  * [autobuild] allow sendfile() in cross-compile (fixes #2836)
  * [core] quiet pedantic cc warning for excess comma
  * [core] isolate backend fdevent handler defs
  * [mod_openssl] error if ssl.engine in wrong section (fixes #2837)
  * [core] fix lighttpd -1 one-shot graceful shutdown
  * [mod_cgi] quiet trace if mod_cgi sends SIGTERM (fixes #2838)
  * [build] fix link of test_configfile.c
  * [core] quiet coverity false positive
  * [mod_openssl] more pedantic check of return values
  * [mod_openssl] allow specifying server cert chain (fixes #2692)
  * [mod_openssl] ssl.openssl.ssl-conf-cmd (fixes #2758)
  * [doc] NEWS - fix improper format line breaks
  * [mod_authn_ldap] replace use of deprecated funcs
  * [mod_authn_sasl] SASL auth (new) (fixes #2275)
  * [mod_openssl] quiet trace from TCP probes (#2784)
  * [core] fix dup typedef compiler warning
  * [scons] fix various python2/3 incompatibilities
  * [doc] fix doc/config/conf.d/fastcgi.conf example

- 1.4.47 - 2017-10-22
  * [mod_authn_gssapi] needs -lcom_err under Darwin
  * [core] stricter validation of request-URI begin
  * [core] fix 1.4.46 regression in config match (fixes #2830)
  * [core] normalize config addrs for != match (#2830)
  * [core] normalize config addrs for eq and ne (#2830)
  * [doc] use https:// URLs to .lighttpd.net resources
  * [core] fix 1.4.46 regression in Last-Modified

- 1.4.46 - 2017-10-21
  * [TLS] mark code that uses -lcrypto but not -lssl
  * remove redundant calls to end-of-request hooks
  * [mod_mysql_vhost] remove dev debug code
  * [core] con interface for read/write; isolate SSL
  * [core] new plugin hooks to help isolate SSL
  * [mod_openssl] new module (preliminary layout)
  * [core] move network_open_file_chunk() to chunk.c
  * [mod_openssl] move openssl code into mod_openssl
  * [mod_openssl] move openssl config into mod_openssl
  * [core] move connection_read_cq() to connections.c
  * [mod_geoip] call from handle_request_env hook
  * [build] only mod_openssl depends on -lssl
  * [mod_auth] enable optional authz if extern authn (fixes #2481)
  * [mod_openssl] allow ssl.verifyclient on url paths (fixes #2245)
  * [core] do not emit req/response hdrs w/ blank val
  * [mod_setenv] directives to overwrite/remove hdrs (fixes #650, fixes #2295)
  * [mod_secdownload] new directives modify hash path (fixes #646, fixes #1904)
  * [core] move con throttling to connections-glue.c
  * [core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438)
  * [mod_openssl] use TLS SNI to set host-based certs
  * [mod_ssi] send #exec cmd="..." output to temp file
  * [mod_scgi] tests/mod-scgi.t unit tests
  * [mod_auth] support LDAP groups for HTTP auth (fixes #1817)
  * [core] use getaddrinfo,inet_pton vs gethostbyname (fixes #2783)
  * [mod_auth] LDAP escape username in DN and filters
  * mod_vhostdb* (dbi,mysql,pgsql,ldap) (fixes #485, fixes #1936, fixes #2297)
  * [mod_auth] have LDAP template replace '?'
  * apply debian/patches/spelling.patch
  * [core] permit connection-level state in modules
  * [TLS] include <openssl/opensslv.h> in rand.c
  * [core] config match w/ arbitrary HTTP request hdrs (fixes #1556)
  * [mod_flv_streaming] add end pos param (fixes #1887)
  * [core] X-LIGHTTPD-KBytes-per-second from backends (fixes #954)
  * [core] improve accuracy of bandwidth write limits
  * [core] quicker graceful shutdown
  * [tests] remove unused file depending on CGI.pm
  * [doc] doc/initscripts.txt (fixes #2782)
  * [core] check issetugid() early in main()
  * [core] combine duplicated getrlimit, network_init
  * [core] move interval timer near worker event loop
  * [core] initialize globals at top of main()
  * [core] graceful restart with SIGUSR1 (fixes #2785)
  * [mod_authn_mysql] fix minor memleak at shutdown
  * [mod_rrdtool] no error if loaded but no config
  * [doc] SIGUSR1 doc and lighttpd-angel SIGUSR1
  * [mime.conf] add text/markdown to utf-8 list, regenerate mime.conf
  * [mod_cgi] RFC3875 CGI local-redir strict adherence (#2108)
  * [mod_cgi] do not send "Status" back to client
  * [core] add label for 308 Permanent Redirect
  * [mod_openssl] inherit ssl.* from global scope
  * [core] handle if backend sends Transfer-Encoding (#2786)
  * [core] use kqueue in level-triggered mode (fixes #2788)
  * [mod_fastcgi,mod_scgi] backend spawn EINTR retry (#2788)
  * [core] config opt to intercept dynamic handler err (fixes #974)
  * [core] set default server_tag in server.c
  * [core] include lighttpd vers in server started msg
  * [core] move version.h logic into server.c
  * [core] issue trace if max-fds too large (fixes #2789)
  * [mod_fastcgi,mod_scgi] consistent waitpid handling (fixes #2791)
  * [mod_cgi] fix CGI local-redir w/ url.rewrite-once (fixes #2793)
  * [mod_scgi] fix unused_procs bidirectional-links
  * [mod_scgi] fix potential repeated use of proc->id
  * [mod_fastcgi,mod_scgi] consolidate backend process accounting (#2788)
  * [mod_cgi] status 200 OK if no hdrs (deprecated) (#2786)
  * [core] fix regex condition subst w/ mod_extforward (fixes #2794)
  * [tests] correct skip count for mod-scgi.t
  * [mod_vhostdb_ldap] fix inverted logic (coverity)
  * [mod_cgi] cgi.local-redir = [enable|disable] (#2108, #2793)
  * [core] $REQUEST_HEADER[...] subsumes other config (#1556)
  * [mod_usertrack] usertrack.cookie-attrs config opt (fixes #2795)
  * [core] default server.max-fds=4096 if unspecified (#2789)
  * update .gitignore, add .gitattributes
  * [core] reduce con allocation for small max_conns
  * [config] more specific checks for array lists
  * [mod_authn_gssapi] needs -lcom_err under cygwin
  * [mod_cgi,fastcgi,scgi,proxy] fix streaming response (fixes #2796)
  * [mod_auth] Digest nonce on system with time <=1978
  * [doc] simple-vhost.debug takes an integer value (fixes #2797)
  * [core] fix crash if invalid config file (fixes #2798)
  * [core] remove unused member con->in_joblist
  * [mod_proxy] remove use of con->got_response
  * [core] consolidate dynamic handler response parse
  * [core] remove now-unused buffer_search_string_len
  * [mod_cgi] eliminate warning when compiled -Os
  * [mod_scgi] do not reconnect after connect succeeds
  * [tests] reduce time waiting for backends to start
  * [core] server.syslog-facility (fixes #2800)
  * [core] server.syslog-facility (use -1 for unset) (#2800)
  * [core] allow overriding prior config values (fixes #2799)
  * [mod_proxy] set Content-Length, if available
  * [mod_proxy] set X-Forwarded-Host (fixes #418)
  * [core] remove redundant Content-Length digit check
  * [core] remove some unused header includes
  * [core] use con->dst_addr_buf instead of ip recalc
  * [core] include "fdevent.h" where needed
  * [core] make stat_cache private to stat_cache.c
  * [core] collect ioctl FIONREAD code
  * [core] include <netdb.h> where needed
  * [core] report file path when mkstemp() fails (fixes #2802)
  * [core] export http_request_host_policy() for reuse
  * [mod_extforward] simplify header search
  * [mod_extforward] consolidate ipstr_to_sockaddr()
  * [mod_extforward] upd scheme after ipstr validated
  * [mod_extforward] rearrange code; prep Forwarded
  * [mod_extforward] support Forwarded HTTP Extension (#2703)
  * [mod_proxy] support Forwarded HTTP Extension (fixes #2703)
  * [core] inet_pton(), inet_ntop() on (sock_addr *)
  * [core] save connection-level proto in con->proto
  * [mod_extforward] support HAProxy "PROXY" protocol (fixes #2804)
  * [mod_extforward] fix typos in Forwarded handling
  * [core] fix stat_cache initialization error
  * [core] perf: stat_cache_mimetype_by_ext()
  * [core] inet_ntop_cache now 4-element cache
  * [mod_openssl] free local_send_buffer at exit
  * [core] extend mimetype search w/o leading '.'
  * [core] no SOCK_CLOEXEC on Linux kernel < 2.6.27
  * [core] inline simple buffer is empty checks
  * [core] buffer_substr_replace()
  * [core] sys-strings.h abstraction for strings.h
  * [mod_proxy] fix backslash escaping
  * [core] omit default port from normalized host str
  * [core] fix build issue without ipv6 support
  * [core] permit strings and integers in config array
  * [mod_accesslog] flag high precision ts for %T (fixes #2807)
  * [core] permit strings,ints,arrays in config array
  * [core] calloc plugin_config for consistent init
  * [mod_proxy] simple host/url mapping in headers (fixes #152)
  * [mod_uploadprogress] handle query str progress ID (fixes #2808)
  * [mod_fastcgi] consolidate backend read code
  * [mod_proxy,mod_scgi] fix truncated error trace
  * [core] skip socket shutdown() if con->fd negative
  * [core] act as transparent proxy after con Upgrade
  * [core] remove redundant resets of fde_ndx
  * [core] configparser: fix resource handling in error cases (fixes #2809)
  * [core] fix crash for invalid syntax in config file (fixes #2810)
  * [core] prep mod transitions to transparent proxy
  * [mod_proxy] basic support for Upgrade: websocket (fixes #2811)
  * [mod_extforward] compile on OSX
  * [core] set server.max-keep-alive-requests = 100 (fixes #2205)
  * [core] perf: skip redundant strlen() if len known
  * [core] optional condition in config "else" clause (fixes #1268)
  * [mod_cgi] basic support for Upgrade: websocket
  * [core] buffer to disk streaming to slow backends
  * [core] silence compiler warnings if !HAVE_FORK
  * [build] -Werror if --enable-extra-warnings=error
  * [build] autotools use AC_PROG_CC_STDC macro
  * [mod_openssl] ssl.ca-crl-file for CRL (fixes #2319)
  * [mod_openssl] ssl.ca-dn-file (fixes #2694)
  * [mod_proxy] fix typo identified by coverity
  * [mod_openssl] ignore client verification error if not enforced
  * [mod_openssl] fix compile with openssl 1.1.0
  * [mod_extforward] quiet clang compiler warning
  * [mod_dirlisting] sort "../" to top of names
  * [mod_openssl] safer_X509_NAME_oneline() (fixes #2693)
  * [core] allow earlier plugin init for SSL/TLS
  * [mod_openssl] adjust use of ssl.ca-dn-file
  * [core] fix compiler warnings on Mac OS X
  * [core] server.socket-perms to set perms on unix (fixes #656)
  * [core] get port from sock_addr if AF_INET,AF_INET6
  * [core] server.error_handler_404 X-Sendfile ENOENT (#2474)
  * [core] consolidate fork()/execve() code (#1393)
  * [core] mv log_error_{open,cycle.close} to server.c
  * [core] rename fd_close_on_exec()
  * [core] remove unused includes of stat_cache.h
  * [core] add missing include of stdlib.h
  * [core] reduce exposure of unistd.h, other includes
  * [core] sock_addr_from_str_hints reusable name res
  * [core] continue collecting use of netdb.h
  * [core] continue collecting use of netdb.h
  * [core] continue collecting use of netdb.h
  * [core] fdevent_connect_status() shared code
  * [core] add const to reduce .data segment size
  * [mod_proxy] move data_fastcgi into mod_proxy.c
  * [mod_proxy] store address family at config time
  * [mod_fastcgi] slightly simplify counters
  * [mod_fastcgi] consolidate connect() error handling
  * [mod_fastcgi] set request_id in fcgi_create_env()
  * [mod_fastcgi] move delayed connect() into switch()
  * [mod_fastcgi,mod_scgi] consistent connect() error
  * [mod_scgi] remove unused parse_response member
  * [mod_fastcgi,mod_scgi] struct member consistency
  * [mod_fastcgi,mod_scgi] parse bin_path at startup
  * [mod_fastcgi,mod_scgi] use temp buffer for cgi_env
  * [core] shared code for socket backends
  * [core] spread load on socket backend procs
  * [core] store sockaddr for socket backend procs
  * [core] resolve DNS at startup for socket backends
  * [core] adaptive spawning for socket backend procs (fixes #1162)
  * quell compiler warnings for -Wimplicit-fallthrough
  * [doc] update README
  * [core] fdevent_cycle_logger()
  * [core] reap lighttpd worker pids precisely
  * [core] restart piped loggers if they exit (fixes #1393)
  * [mod_webdav] PROPFIND getetag attr must match GET
  * [core] consistent behavior w/ and w/o SA_SIGINFO
  * [core] do not remove pid-file in test mode
  * [core] add public domain SHA1() if no crypto
  * [mod_wstunnel] websocket tunnel to other protocol
  * [core] forward SIGHUP only to lighttpd workers
  * [mod_dirlisting] treat README and HEADER as paths (fixes #2818)
  * [core] set one-shot mode fd O_NONBLOCK, FD_CLOEXEC
  * [core] remove fdevent fcntl_set hook
  * [mod_extforward] typo in comment
  * [mod_cgi] add missing #include
  * [core] fix invalid sizeof() identified by coverity
  * [core] add missing #include
  * [core] base_decls.h to quiet compiler warnings
  * [core] set socket perms after bind, before listen
  * [core] warn if backend server config contains '_'
  * [mod_extforward] PROXY proto and SSL_CLIENT_VERIFY
  * [core] workaround for AIX mmap define
  * [mod_accesslog] flush access logs every 4 seconds
  * [mod_cgi] fix bug to properly exec interpreter
  * [mod_fastcgi] fix return when streaming min buffer
  * [core] attempt to quiet coverity false positives
  * [core] attempt to quiet coverity false positives
  * [core] attempt to quiet compiler warning in LEDE
  * [core] SIGCHLD handle_waitpid hook for modules
  * [mod_rrdtool] handle_trigger returns HANDLER_GO_ON
  * [mod_openssl] ssl.read-ahead="disable" for stream
  * [mod_cgi] add FDEVENT_IN upon CGI exit
  * [mod_cgi] omit cgi_handle_fdevent after proc exit
  * [mod_webdav] check HAVE_UUID for -luuid
  * [core] adjust li_rand_pseudo* interfaces
  * [mod_wstunnel] fix config parsing bug
  * [core] fdevent setsockopt() helper functions
  * [core] make strftime_cache_get() 16-element cache
  * [core] disable Nagle if streaming to backend
  * [core] fix triggered assert on HTTP chunked input (fixes #2822)
  * [mod_wstunnel] fix NULL ptr deref
  * [algo_sha1] fix compile break and warnings
  * [lemon] fix gcc implicit-fallthrough warning
  * [core] URI scheme is case-insensitive
  * [network] do not append port to unix socket paths
  * [unittests] consolidate base64 test code
  * [core] use sun_path for addr string for AF_UNIX (fixes #2826)
  * [core] cleaner code; remove goto from network.c
  * [core] /dev/stdin listener for inetd wait yes
  * [core] compare listen addrs after DNS resolution
  * [core] inline chunkqueue_is_empty()
  * [core] limit use of TCP_CORK
  * [core] return from http_response_read if small rd
  * [core] gateways might Upgrade con before body read
  * [mod_wstunnel] set Sec-WebSocket-Protocol if bin
  * [mod_wstunnel] remove invalid appended '\0'
  * [core] quiet coverity warning
  * [core] handle fds pending close after poll timeout (fixes #2827)
  * [core] fix $REQUEST_HEADER[...] parsing in config (#1556)
  * [mod_dirlisting] custom js date parse func (fixes #2823)
  * [core] remove fd interest if create_env returns
  * [mod_openssl] copy data for larger SSL packets
  * [mod_openssl] remove erroneous SSL_set_shutdown()
  * [core] permit LF to end lines if !header-strict
  * [core] add back REQUEST_SCHEME for backends
  * [core] remove fdevent_sched_run from fdevent_libev (#2827)
  * [mod_openssl] ssl.read-ahead="disable" by default
  * [core] adjust parser for valid variable expansion
  * [cmake] handle WITH_WEBDAV_LOCKS option
  * [cmake] fix attr header detection and linking
  * [cmake] link mod_cml with memcached
  * [core] reproducible build: hide __DATE__ __TIME__ (fixes #2828)
  * [core] perf: more efficient fdevent_sched_run()
  * [core] translate DNS to IP str for cond socket cmp

- 1.4.45 - 2017-01-14
  * [mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
  * [mod_webdav] fix crash when plugin_ctx cleaned up (fixes #2780)
  * [mod_fastcgi] detect child exit, restart proactively
  * [mod_scgi] detect child exit, restart proactively
  * [TLS] ssl.read-ahead = "disable" for low mem (fixes #2778)

- 1.4.44 - 2016-12-24
  * [mod_scgi] fix segfault (fixes #2762)
  * [mod_authn_gssapi] fix memory leak
  * [config] warn if mod_authn_ldap,mysql not listed
  * [mod_magnet] fix magnet_cgi_set() set of env vars (fixes #2763)
  * [mod_cgi] FreeBSD 9.3/MacOSX does not have pipe2() (fixes #2765)
  * [mod_extforward] fix crash on invalid IP (fixes #2766)
  * [mod_fastcgi] fix segfault if all backends down (fixes #2768)
  * [mod_cgi] fix out of sockets error for POST to CGI (fixes #2771)
  * [mod_auth] compile fix for Mac OS X XCode (fixes #2772)
  * [mod_authn_gssapi] better resource cleanup
  * [core] compile fix for Mac OS X 10.6 (old) (fixes #2773)
  * fix race in dynamic handler configs (reentrancy) (fixes #2774)
  * [mod_authn_mysql] close mysql_conn in cleanup
  * [mod_webdav] compile fix when locking not enabled
  * load mod_auth & mod_authn_file in sample/test.conf
  * comment out auth.backend.ldap.* in tests/*.conf
  * [mod_fastcgi,mod_scgi] warn if invalid "bin-path"
  * RAND_pseudo_bytes() is deprecated in openssl 1.1.0
  * openssl 1.1.0 init and cleanup
  * [mod_cgi] remove direct calls to network_backend*
  * [build] build network_*.c into lighttpd executable
  * suggest inclusion of mod_geoip... before mod_ssi.
  * set systemd settings similar to lighttpd2
  * [doc] remove reference to Linux rt-signals
  * [mod_authn_gssapi] fix missing error ret, coverity
  * [core] rename li_rand() to li_rand_pseudo_bytes()
  * remove #include "stream.h" where not used
  * [mod_cml] include lua headers before base.h
  * [core] combine duplicated connection reset code
  * [mod_ssi] produce content in subrequest hook
  * [core] remove srv->entropy[]
  * [core] defer li_rand_init() until first use
  * [core] permit connection-level state in modules
  * [mod_dirlisting] render dirlisting as HTML (fixes #2767)
  * [mod_proxy] replace HTTP Host sent to backend (fixes #2770)
  * [mod_ssi] basic recursive SSI include virtual (fixes #536)
  * [mod_ssi] implement, ignore <!--#comment ... -->
  * [core] consolidate duplicated read-to-close code
  * [core] fix segfault when parsing a bad config file
  * [core] support Transfer-Encoding: chunked req body (fixes #2156)
  * [autobuild] set NO_RDYNAMIC=yes for midipix
  * [mod_proxy] proxy.balance = "sticky" option (fixes #2117)
  * [mod_secdownload] warn if SHA used w/o SSL crypto
  * [build] compile fixes for AIX
  * [build] check for pipe2() at configure time
  * [mod_evhost] fix an incorrect error trace
  * [tests] mark tests/docroot/www/*.pl scripts a+x
  * [mod_cgi] fall back to pipe() if pipe2() fails
  * fix SCons fullstatic build with glibc pthreads
  * [TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op

- 1.4.43 - 2016-10-31
  * [autobuild] remove mod_authn_gssapi dep on resolv
  * [mod_deflate] ignore '*' in deflate.mimetypes
  * [autobuild] omit module stubs when missing deps
  * [TLS] openssl 1.1.0 hides struct bignum_st
  * [autobuild] move http_cgi_ssl_env() for Mac OS X (fixes #2757)
  * [core] use paccept() on NetBSD (replace accept4())
  * [TLS] remote IP conditions are valid for TLS SNI (fixes #2272)
  * [doc] lighttpd-angel.8 (fixes #2254)
  * [cmake] build fcgi-auth, fcgi-responder for tests
  * [mod_accesslog] %{ratio}n logs compression ratio (fixes #2133)
  * [mod_deflate] skip deflate if loadavg too high (fixes #1505)
  * [mod_expire] expire by mimetype (fixes #423)
  * [mod_evhost] partial matching patterns (fixes #1194)
  * build: use CC_FOR_BUILD for lemon when cross-compiling
  * [mod_dirlisting] config header and readme files
  * [config] warn if mod_authn_ldap,mysql not listed
  * fix FastCGI, SCGI, proxy reconnect on failure
  * [core] network_open_file_chunk() temp file opt
  * [mod_rewrite] add more info in error log msg
  * [core] fix fd leak when using libev (fixes #2761)
  * [core] fix potential streaming tempfile corruption (fixes #2760)
  * [mod_scgi] fix prefix matching to always match url
  * [autobuild] adjust Makefile.am for FreeBSD
  * [build] move some build scripts to scripts/
  * [autotools] fix configure.ac for opensuse 13.2

- 1.4.42 - 2016-10-16
  * [TLS] SSL_shutdown() only if handshake finished
  * [mod_proxy,mod_scgi] shutdown remote only if local (#2743)
  * [core] check if client half-closed TCP if POLLHUP (#2743)
  * [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
  * [core] do not enter handler twice after read body
  * [core] proxy,scgi omit shutdown() to backend (fixes #2743)
  * [mod_dirlisting] dirlist does not handle POST
  * [mod_dirlisting] js column sort for dirlist table (fixes #613, fixes #2315)
  * [mod_auth] Digest auth fails after rewrite (fixes #2745)
  * [mod_auth] refactor out auth backend code
  * [mod_auth] extensible interface for auth backends
  * [core] better DragonFlyBSD support (fixes #2746)
  * [mod_auth] include base.h for USE_OPENSSL def
  * [mod_auth] support CRYPT-MD5-NTLM algorithm (fixes #1743)
  * [mod_auth] terminate salt for CRYPT-MD5-NTLM
  * [core] fix crash if ready events on abandoned fd (fixes #2748)
  * [mod_auth] http_auth_md5_hex2bin()
  * [mod_auth] remove empty mod_auth.h
  * [mod_auth] mod_authn_mysql.c MySQL auth backend (fixes #752, fixes #1845)
  * [mod_cgi] permit CGI exec of unreadable files (fixes #2374)
  * [mod_uploadprogress] add to default build
  * [mod_geoip] add to default build (fixes #2705, fixes #2101, fixes #2092, fixes #2025, fixes #1962, fixes #1938)
  * [mod_fastcgi] Authorizer support with Responder (fixes #321, fixes #322)
  * [tests] test coverage for issues (#321, #322)
  * dynamic handlers store debug flag in handler_ctx
  * [mod_fastcgi] allow authorizer, responder for same path/ext (#321)
  * backport mod_deflate to lighttpd 1.4 (fixes #1824, fixes #2753)
  * [autobuild] test_configfile might need vector.c (fixes #2752)
  * [mod_deflate] fix longjmp clobber compiler warning
  * remove unused array type TYPE_COUNT data_count
  * [mod_auth] structured data, register auth schemes
  * [mod_auth] mod_authn_gssapi Kerberos auth backend (fixes #1899)
  * [autobuild] skip two new tests if no fcgi-auth
  * [SCons] define with_krb5 for SCons build
  * [SCons] fix syntax error in SConstruct
  * [SCons] define with_geoip for SCons build
  * [CMake] fix clang -Wcast-align warnings in lemon.c
  * remove excess initializers (fix compiler warnings)
  * fix errors detected by Coverity Scan
  * performance: use Linux extended syscalls and flags
  * [mod_scgi] add uwsgi protocol support
  * [mod_auth] refactor LDAP code into smaller funcs
  * [mod_auth] HTTP Basic auth backends also do authz (#1817)
  * [mod_auth] ldap filter subst user for multiple '$' (fixes #1508)
  * [mod_auth] permit specifying ldap DN; skip search (fixes #1248)
  * [autobuild] update module/feature report
  * [cmake] build mod_authn_gssapi if WITH_KRB5
  * [mod_auth] fix printing of IP in error trace
  * [mod_mysql_vhost] support multiple '?' replacement (fixes #2163)
  * [core] make server.max-request-size scopeable (#1901)
  * [core] server.max-request-field-size (fixes #2130)
  * [core] optional condition in config "else" clause (fixes #1268)
  * [core] restrict where config "else" clauses occur (#1268)
  * silence warnings from clang ccc-analyzer
  * consistent, shared code to create CGI env
  * [TLS] replace env entries in https_add_ssl_entries
  * [TLS] set SSL_CLIENT_M_SERIAL w/ client cert SN (fixes #2268)
  * [TLS] set SSL_CLIENT_VERIFY w/ client cert (#1288, #2693)
  * [TLS] set SSL_PROTOCOL, SSL_CIPHER* (fixes #2511)
  * [core] rand.[ch] to use better RNGs when available
  * [mod_cgi] fix pipe_cloexec() when no O_CLOEXEC
  * ignore return value from fcntl() FD_CLOEXEC
  * build w/o compiler warnings if no zlib or bz2lib

- 1.4.41 - 2016-07-31
  * remove long-deprecated, non-functional config opts
  * [config] inherit server.use-ipv6 and server.set-v6only (fixes #678)
  * [mod_auth] fix Digest auth to be better than Basic (fixes #1844)
  * [mod_ssi] fix #config sizefmt="bytes"
  * [autobuild] move inet_pton detection later
  * [core] #include <sys/filio.h> for FIONREAD (fixes #2726)
  * [autobuild] clock_gettime() -lrt with glibc < 2.17
  * [security] do not emit HTTP_PROXY to CGI env
  * [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes #2737)
  * [core] avoid spurious trace and error abort
  * [core] stay in CON_STATE_CLOSE until done with req
  * [core] $HTTP["remoteip"] must handle IPv6 w/o []
  * [mod_status] show keep-alive status w/ text output (fixes #2740)
  * do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)
  * revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)
  * [core] permit IPv6 address scope identifier
  * [TLS] better handling of SSL_ERROR_WANT_READ/WRITE
  * [TLS] read all available records from SSL_read()
  * [core] try AF_INET after AF_INET6 if use-ipv6
  * [core] set chunkqueue tempdirs at startup
  * [security] ensure gid != 0 if server.username set (fixes #2725)
  * [security] disable stat_cache if !follow-symlink (fixes #2724)
  * [core] fix buffer_copy_string_hex() assert (fixes #2742)
  * [security] encode quoting chars in HTML and XML
  * [cmake] always define _GNU_SOURCE
  * [cmake] enable warnings for GCC and Clang
  * [cmake] set cmake_minimum_required to 2.8.2

- 1.4.40 - 2016-07-16
  * [mod_ssi] enhance support for ssi vars (thx fbrosson)
  * add handling for lua 5.2 and 5.3 (fixes #2674)
  * use libmemcached instead of deprecated libmemcache
  * add force_assert for more allocation results
  * [mod_cgi] use MAP_PRIVATE to mmap temporary file (fixes #2715)
  * [core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711)
  * [mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460)
  * [mod_cgi] issue trace and exit if execve() fails (closes #2302)
  * [configparser] don't continue after parse error (fixes #2717)
  * [core] never evaluate else branches until the previous branches are ready (fixes #2598)
  * [core] fix conditional cache handling
  * [core] improve conditional enabling (thx Gwenlliana, #2598)
  * [mod_compress] case-insensitive content-codings (fixes #2645)
  * [plugins] don't include dlfcn.h if not needed (fixes #2548)
  * [mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474)
  * [mod_cgi] send 500 if CGI ends and there is no response (fixes #2542)
  * [mod_cgi] consolidate CGI cleanup code
  * [mod_cgi] simplify mod_cgi_handle_subrequest()
  * [mod_cgi] kill CGI if fail to write request body
  * [mod_proxy] use case-insensitive comparison to filter headers, send Connection: Close to backend (fixes #421)
  * [mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081)
  * [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
  * [mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
  * [core] improve array API to prevent memory leaks
  * [core] refactor array search; raise array size limit to SSIZE_MAX
  * [core] fix memory leak in configparser_merge_data
  * [core] provide array_extract_element and use it
  * [core] configparser: error on duplicate keys in array merge (fixes #2685)
  * [core] more careful parse of $SERVER["socket"] config str (prepare #2204)
  * [core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204)
  * [mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719)
  * [ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531)
  * restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464)
  * [core] log remote address on request timeouts (fixes #652)
  * [autobuild] use AC_CANONICAL_HOST instead of AC_CANONICAL_TARGET (fixes #1866)
  * [core] fix request_start in keep-alive requests to mark time when received first byte (fixes #2412)
  * [core] truncate pidfile on exit (fixes #2695)
  * consistent inclusion of config.h at top of files (fixes #2073)
  * [core] add generic vector implementation
  * [core] replace array weakref with vector
  * [base64] fix crash due to broken force_assert
  * [unittests] add test_buffer and test_base64 unit tests
  * [buffer] refactor buffer_path_simplify (fixes #2560)
  * validate return values from strtol, strtoul (fixes #2564)
  * [mod_ssi] Add SSI vars SCRIPT_{URI,URL} and REQUEST_SCHEME (fixes #2721)
  * [config] warn if server.upload-dirs has non-existent dirs (fixes #2508)
  * [mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594)
  * [core] wait for grandchild to be ready when daemonizing (fixes #2712, thx pasdVn)
  * [core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631)
  * [core] fixed the loading for default modules if they are specified explicitly
  * [core] lighttpd -tt performs preflight startup checks (fixes #411)
  * [stat] mimetype.xattr-name global config option (fixes #2631)
  * [mod_webdav] allow Depth: Infinity lock on file (fixes #2296)
  * [mod_status] use snprintf() instead of sprintf()
  * pass buf size to li_tohex()
  * use li_[iu]tostrn() instead of li_[iu]tostr()
  * [stream] fstat() after open() to obtain file size
  * [core] clean up srv before exiting for lighttpd -[vVh]
  * [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
  * [mod_cgi] always set QUERY_STRING (fixes #1339)
  * [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)
  * [mod_magnet] rename var for clarity (fixes #1483)
  * [mod_extforward] reset cond_cache for scheme (fixes #1499)
  * [mod_webdav] readdir POSIX compat (fixes #1826)
  * [mod_expire] reset caching response headers for error docs (fixes #1919)
  * [mod_status] page refresh option (fixes #2170)
  * [mod_status] table w/ count of con states (fixes #2427)
  * [mod_dirlisting] class for dir <tr> (fixes #2304)
  * [core] define __STDC_WANT_LIB_EXT1__ (fixes #2722)
  * [core] setrlimit max-fds <= rlim_max for non-root (fixes #2723)
  * [mod_ssi] config ssi.conditional-requests
  * [mod_ssi] config ssi.exec (fixes #2051)
  * [mod_redirect,mod_rewrite] short-circuit if blank replacement (fixes #2085)
  * [mod_indexfile] save physical path to env (fixes #448, #892)
  * [core] open fd when appending file to cq (fixes #2655)
  * [config] server.listen-backlog option (fixes #1825, #2116)
  * [core] retry tempdirs on partial write, ENOSPC (fixes #2588)
  * [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
  * [core] improve dynamic handler control flow logic
  * [core] defer reading request body until handle subrequest (fixes #2541)
  * [core] always poll for client POLLHUP/POLLERR events (fixes #399)
  * [mod_fastcgi,mod_scgi,mod_proxy] handlers can read response before sending req body (fixes #131, #2566)
  * [mod_cgi] asynchronous send of request body to CGI
  * [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
  * [core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
  * [core] server.error-handler new directive for error pages (fixes #2702)
  * [core] support IPv6 in $HTTP["remote-ip"] CIDR cond match (fixes #2706)
  * [core] http_response_send_file() shared code (#2017)
  * [mod_fastcgi] use http_response_xsendfile() (fixes #799, fixes #851, fixes #2017, fixes #2076)
  * [mod_scgi] X-Sendfile feature (fixes #2253)
  * [mod_cgi] X-Sendfile feature (fixes #2313)
  * [mod_webdav] lseek,read if fs can not mmap (#2666, fixes #962)
  * [mod_compress] use mmap and trap SIGBUS (#2666, fixes #1879)
  * fallback to lseek()/read() if mmap() fails (#fixes 2666)
  * [mod_auth] skip blank lines and comment lines (fixes #2327)
  * [core] fallback to write if sendfile not supported (fixes #471, #987)
  * [core] preserve PATH_INFO case on case-insensitive fs (fixes #406)
  * [mod_ssi, mod_cml] set DOCUMENT_ROOT to basedir (fixes #2383)
  * [core] cmd line opt to shutdown after idle time limit (fixes #2696)
  * [core] lighttpd -1 handles single request on stdin socket (fixes #1584)
  * [mod_fastcgi,mod_scgi] IPv6 support (fixes #2372)
  * [mod_status] add JSON output option (fixed #2432)
  * [mod_webdav] map COPY/MOVE Destination to aliases (fixes #1787)
  * [mod_webdav] improve PROPFIND,PROPPATCH (#1818, #1953)
  * [core] reset response headers, write_queue for error docs
  * build with libressl
  * static build instructions using SCons or make
  * [mod_auth] preserve WWW-Authenticate for error docs (fixes #2730)
  * check close() return code after writing to file
  * adjustments for openssl 1.1.0 pre-release
  * [config] support include file glob (fixes #1221)
  * [mod_evasive] 302 redirect option if limit reached (fixes #2199)
  * [build] enhancements for cross-compiling (fixes #2276)
  * [mod_accesslog] report aborted con state with %X (fixes #1890)
  * [mod_ssi] fix SSI statement parser
  * [mod_ssi] include relative to alias,userdir (fixes #222)
  * [mod_ssi] add PCRE_* options to constrain regex
  * [mod_ssi] more flexible quoting (fixes #1768)
  * [core] wrap IPv6 literal in "[]" in redirect URL
  * [mod_ssi] fix parse of tag across buf boundary (fixes #2732)
  * [mod_cgi,mod_scgi] X-Sendfile sets file_started (fixes #2733)
  * [mod_fastcgi] no chunked response w/ X-Sendfile (fixes #2733)
  * [config] opts for http header parsing strictness (fixes #551, fixes #1086, fixes #1184, fixes #2143, #2258, #2281, fixes #946, fixes #1330, fixes #602, #1016)
  * [config] normalize IP strings in lighttpd.conf
  * [build_cmake] use MODULE on Mac OS X (fixes #1761)
  * [config] server.bsd-accept-filter option
  * [mod_webdav] create file w/ LOCK request if ENOENT
  * [core] buffer large responses to tempfiles (fixes #758, fixes #760, fixes #933, fixes #1387, #1283, fixes #2083)
  * [core] stream response to client (#949)
  * [TLS] release openssl buffers as used (fixes #1265, fixes #1283, #881)
  * [config] config options to stream request/response (#949, #376)
  * [core] option to stream request body to backend (fixes #376)
  * [core] option to stream response body to client (fixes #949, #760, #1283, #1387)
  * drain backend socket/pipe bufs upon FDEVENT_HUP
  * remove excess calls to joblist_append()
  * defer choosing "Transfer-Encoding: chunked"
  * asynchronous, bidirectional streaming options
  * fix errors detected by Coverity Scan
  * [cygwin] fix mod_proxy and mod_fastcgi ioctl use
  * [mod_webdav] remove excess SQL param to UNLOCK
  * graceful shutdown without unnecessary 1 sec delay
  * [core] disable Nagle algorithm (TCP_NODELAY)
  * [core] add declarations to fdevent.h (#2373)
  * [tests] remove dependency on CGI.pm
  * [TLS] fix return value checks during cert init
  * [core] fix server.max-request-size to be precise (fixes #2131)
  * [mod_webdav] fix proppatch mem leak, other fixes (#fixes 1334, #fixes 2000)
  * [autobuild] CMake check for struct tm tm_gmtoff (fixes #2014)
  * [mod_uploadprogress] fix mem leak (#1858)
  * [core] make server.max-request-size scopeable (fixes #1901)
  * [mod_fastcgi,mod_scgi] check for spawning on same unix socket (#319)
  * [mod_accesslog] %a %A %C %D %k %{}t %{}T (fixes #1145, fixes #1415, fixes #2081)
  * [mod_access] new directive url.access-allow (fixes #1421)
  * [core] fdevent_libev: update use of ev_timer
  * [mod_cgi] handle local redirect response (fixes #2108)

- 1.4.39 - 2016-01-02
  * [core] fix memset_s call (fixes #2698)
  * [chunk] fix use after free / double free (fixes #2700)

- 1.4.38 - 2015-12-05
  * [stat-cache] fix handling of collisions, might have returned wrong data (fixes #2669)
  * [core] allocate at least 4k buffer for incoming data
  * [core] fix search for header end if split across chunks (fixes #2670)
  * [core] check configparserAlloc() result with force_assert
  * [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available (thx loganaden)
  * [core] don't buffer request bodies smaller than 64k on disk
  * add force_assert for many allocations and function results
  * [mod_secdownload] use a hopefully constant time comparison to check hash (fixes #2679)
  * [config] check config option scope; warn if server option is given in conditional
  * [core] revert increase of temp file size back to 1MB, provide a configure option "server.upload-temp-file-size" instead (fixes #2680)
  * [core] add '~' to safe characters in ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
  * [core] encode path with ENCODING_REL_URI in redirect to directory (fixes #2661, thx gstrauss)
  * [mod_secdownload] add required algorithm option; old behaviour available as "md5", new options "hmac-sha1" and "hmac-sha256"
  * [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes #2691, thx Kyle J. McKay)
  * [network] add darwin-sendfile backend (fixes #2687, thx Kyle J. McKay)
  * [core] show correct crypt support result (fixes #2690, thx Kyle J. McKay)

- 1.4.37 - 2015-08-30
  * [mod_proxy] remove debug log line from error log (fixes #2659)
  * [mod_dirlisting] fix dir-listing.set-footer not showing
  * fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
  * increase upload temporary chunk file size from 1MB to 16MB
  * fix undefined integer shift
  * rewrite network sendfile/mmap/writev/write backends
  * fix some unchecked return value warnings
  * [kqueue] fix kevent call
  * [autoconf] define HAVE_CRYPT when crypt() is present
  * [bsd xattr] fix compile break with BSD extended attributes in stat_cache
  * [mod_cgi] rewrite mmap and generic (post body) send error handling
  * [mmap] fix mmap alignment
  * [plugins] when modules are linked statically still only load the modules given in the config
  * [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
  * fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)

- 1.4.36 - 2015-07-26
  * use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
  * fix bad shift in conditional netmask ".../0" handling
  * add more mime types and a script to generate mime.conf (fixes #2579)
  * add support for (Free)BSD extended attributes
  * [build] use fortify flags with "extra-warnings"
  * [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
  * [ssl] disable SSL3.0 by default
  * fixed typo in example config found by openSUSE user (boo# 907709)
  * [network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609)
  * [connections] fix bug in connection state handling
  * print backtrace in assert logging with libunwind
  * major refactoring of internal buffer/chunk handling
  * [mod_auth] use crypt_r instead of crypt if available
  * fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
  * fix segfaults in many plugins if they failed configuration
  * escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
  * fix hex escape in accesslog (fixes #2559)
  * show extforward re-run warning only with debug.log-request-handling (fixes #2561)
  * parse If-None-Match for ETag validation (fixes #2578)
  * fix memory leak in mod_status when no counters are set (found by coverity)
  * [mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
  * fix segfault when temp file for upload couldn't be created (found by coverity)
  * mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
  * [mod_proxy] add unix domain socket support (fixes #2653)
  * [configfile] fix reading uninitialized variable (found by Willian B.)

- 1.4.35 - 2014-03-12
  * [network/ssl] fix build error if TLSEXT is disabled
  * [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active)
  * [mod_rrdtool] fix invalid read (string not null terminated)
  * [mod_dirlisting] fix memory leak if pcre fails
  * [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends
  * [mod_magnet] fix memory leak
  * add comments for switch fall throughs
  * remove logical dead code
  * [buffer] fix length check in buffer_is_equal_right_len
  * fix resource leaks in error cases on config parsing and other initializations
  * add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546)
  * [mod_cml_lua] fix null pointer dereference
  * force assertion: setting FD_CLOEXEC must work (if available)
  * [network] check return value of lseek()
  * fix unchecked return values from stream_open/stat_cache_get_entry
  * [mod_webdav] fix logic error in handling file creation error
  * check length of unix domain socket filenames
  * fix SQL injection / host name validation (thx Jann Horn)

- 1.4.34 - 2014-01-20
  * [mod_auth] explicitly link ssl for SHA1 (fixes #2517)
  * [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm)
  * [ssl] fix SNI handling; only use key+cert from SNI specific config (fixes #2525, CVE-2013-4508)
  * [doc] update ssl.cipher-list recommendation
  * [stat-cache] FAM: fix use after free (CVE-2013-4560)
  * [stat-cache] fix FAM cleanup/fdevent handling
  * [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
  * [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
  * maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
  * [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526)
  * [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533)
  * [mod_mysql_vhost] fix memory leak on config init (#2530)
  * [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri)

- 1.4.33 - 2013-09-27
  * mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex)
  * fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors);
    follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
  * [mod_fastcgi,log] support multi line logging (fixes #2252)
  * call ERR_clear_error only for ssl connections in CON_STATE_ERROR
  * reject non ASCII characters in HTTP header names
  * [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
  * [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better.
  * [mod_auth] fix base64_decode (#2484)
  * fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu)
  * fix undefined stuff found with clang
  * [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448)
  * [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478)
  * [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490)
  * [mod_userdir] add userdir.active option, "enabled" by default
  * [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
  * [core] recognize more http methods to forward to backends (fixes #2346)
  * [ssl] use DH only if openssl supports it (fixes #2479)
  * [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470)
  * [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501)
  * [ssl] accept ssl renegotiations if they are not disabled (fixes #2491)
  * [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492)
  * [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495)
  * [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436)
  * [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
  * [core] check whether server.chroot exists
  * [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
  * [mod_accesslog] add accesslog.syslog-level option (fixes #2480)
  * [core] allow files to be used as document-root (fixes #2475)
  * [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502)

- 1.4.32 - 2012-11-21
  * Code cleanup with clang/sparse (fixes #2437, thx kibi)
  * Ignore EPIPE/ECONNRESET after SSL_shutdown
  * Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx dererkazo)
  * configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx blino)
  * add PATCH method (fixes #2424)
  * fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming)
  * network_server_init: fix double free and memleak on error (fixes #2440, thx kyprizel)
  * detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching (fixes #2443)
  * tests: make sure mod_proxy doesn't leave running processes (fixes #2435, thx kibi)
  * mod_extforward: log address of untrusted proxy with debug.log-request-handling
  * fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
  * remove whitespace at end of header keys

- 1.4.31 - 2012-05-31
  * [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI (thx carpii for reporting)
  * Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
  * [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
  * disable mmap by default (fixes #2391)
  * buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
  * Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
  * Fix access log escaping of " and \\ (fixes #1551)
  * [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410)
  * [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889)
  * [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu)
  * Detect multiple -f options: show error message instead of assert (fixes #2416)
  * [mod_extforward] Support ipv6 addresses (fixes #1889)
  * [mod_redirect] Support url.redirect-code option (fixes #2247)
  * Fix --enable-mmap handling in configure.ac

- 1.4.30 - 2011-12-18
  * Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
  * Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems.
  * [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
  * Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
  * Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
  * Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
  * [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
  * [ssl] count renegotiations to prevent client renegotiations
  * [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
  * [core] accept dots in ipv6 addresses in host header (fixes #2359)
  * [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
  * [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)

- 1.4.29 - 2011-07-03
  * Fix mod_proxy waiting for response even if content-length is 0 (fixes #2259)
  * Silence annoying "connection closed: poll() -> ERR" error.log message (fixes #2257)
  * mod_cgi: make read buffer as big as incoming data block
  * [build] Fix detection of libev (fixes #2300)
  * ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301)
         add ssl.use-sslv3 (fixes #2246)
         load all algorithms (fixes #2239)
  * [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269)
  * [ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers
  * [proc,include_shell] log error if exec shell fails (fixes #2280)
  * [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT in cgi environments (fixes #2216)
  * [doc] Move docs to outdated/ subdir and refer to wiki instead (fixes #2248)
  * fdevent: add solaris eventports (fixes #2171)

- 1.4.28 - 2010-08-22
  * Rename fdevent_event_add to _set to reflect what the function does. Fix some handlers. (fixes #2249)
  * Fix buffer.h to include stdio.h as it is needer for SEGFAULT() (fixes #2250)

- 1.4.27 - 2010-08-13
  * Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech)
  * Fix mod_proxy HUP handling (send final chunk, fix usage counter)
  * mod_proxy: close connection on write error (fixes #2114)
  * Check uri instead of physical path for directory redirect
  * Fix detecting git repository (fixes #2173, thx ncopa)
  * [mod_compress] Fix segfault when etags are disabled (fixes #2169)
  * Reset uri.authority before TLS servername handling, reset all "keep-alive" data in connection_del (fixes #2125)
  * Print double quotes properly when dumping config file (fixes #1806)
  * Include IP addresses on error log on password failures (fixes #2191)
  * Fix stalls while reading from ssl sockets (fixes #2197)
  * Fix etag formatting on boxes with 32-bit longs
  * Fix two compiler warnings
  * mod_accesslog: fix %p for ipv6 sockets (fixes #2228, thx jo.henke)
  * mod_fastcgi: Send 502 "Bad Gateway" if we couldn't open the file for X-Sendfile (fixes #2226)
  * mod_staticfile: add debug output if we ignore a file with static-file.exclude-extensions (fixes #2215)
  * mod_cgi: fix race condition leaving response not forwarded to client (fixes #2217)
  * mod_accesslog: Fix var declarations mixed in source (fixes #2233)
  * mod_status: Add version to status page (fixes #2219)
  * mod_accesslog: optimize accesslog_append_escaped (fixes #2236, thx crypt)
  * openssl: silence annoying error messages for errno==0 (fixes #2213)
  * array.c: improve array_get_unused_element to check data type; fix mem leak if unused_element didn't find a matching entry (fixes #2145)
  * add check to stop loading plugins twice
  * cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls
  * only require FDEVENT_IN bit to be set for listening connections (fixes #2227)
  * add libev fdevent handler: server.event-handler = "libev"
  * mod_proxy: return response as soon as it is available (fixes #2196)
  * don't overwrite global server.force-lowercase-filenames setting (fixes #2042)
  * bind to IPV6-only if ipv6 address was specified (https://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config)

- 1.4.26 - 2010-02-07
  * Fix request parser to handle packets split on \r\n\r\n (fixes #2105)
  * Remove dependency on automake >= 1.11 with m4_ifdef check
  * mod_accesslog: support %e (fixes #2113, thx presbrey)
  * Fix mod_cgi cgi.execute-x-only option in global block
  * mod_fastcgi: x-sendfile2 parse error debugging
  * Fix mod_proxy dead host detection if connect() fails
  * Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures, found by Rodrigo, fixes #2158, #2159)
  * Fix segfault with broken rewrite/redirect patterns (fixes #2140, found by crypt)
  * Append to previous buffer in con read, fix DoS/OOM vulnerability (fixes #2147, found by liming, CVE-2010-0295)
  * Fix HUP detection in close-state if event-backend doesn't support FDEVENT_HUP (like select or poll on FreeBSD)

- 1.4.25 - 2009-11-21
  * mod_magnet: fix pairs() for normal tables and strings (fixes #1307)
  * mod_magnet: add traceback for printing lua errors
  * mod_rewrite: fix compile error if compiled without pcre
  * disable warning "CLOSE-read" (fixes #2091)
  * mod_rrdtool: fix creating file if it doesn't exist (#1788)
  * reset tlsext_server_name in connection_reset - fixes random hostnames in the $HTTP["host"] conditional
  * export some SSL_CLIENT_* vars for client cert validation (fixes #1288, thx presbrey)
  * mod_fastcgi: fix mod_fastcgi packet parsing
  * mod_fastcgi: Don't reconnect after connect() succeeded (fixes #2096)
  * Fix configure.ac to allow autoreconf, also enables make V=0

- 1.4.24 - 2009-10-25
  * Add T_CONFIG_INT for bigger integers from the config (needed for #1966)
  * Use unsigned int (and T_CONFIG_INT) for max_request_size
  * Use unsigned int for secdownload.timeout (fixes #1966)
  * Keep url/host values from connection to display information while keep-alive in mod_status (fixes #1202)
  * Add server.breakagelog, a "special" stderr (fixes #1863)
  * Fix config evaluation for debug.log-timeouts option (#1529)
  * Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi scripts (fixes #2013)
  * Fix FD_SETSIZE comparison warnings
  * Add "lua-5.1" to searched pkg-config names for lua
  * Fix unused function webdav_lockdiscovery in mod_webdav
  * cmake: Fix crypt lib check
  * cmake: Add -export-dynamic to link flags, fixes build on FreeBSD
  * Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026)
  * Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
  * Show "no uri specified -> 400" error only when "debug.log-request-header-on-error" is enabled (fixes #2030)
  * Fix hanging connection in mod_scgi (fixes #2024)
  * Allow digits in hostnames in more places (fixes #1148)
  * Use connection_reset instead of handle_request_done for cleanup callbacks
  * Change mod_expire to append Cache-Control instead of overwriting it (fixes #1997)
  * Allow all comparisons for $SERVER["socket"] - only bind for "=="
  * Remove strptime failed message (fixes #2031)
  * Fix issues found with clang analyzer
  * Try to fix server.tag issue with localized svnversion
  * Fix handling network-write return values (#2024)
  * Use disable-time in fastcgi for all disables after errors, default is 1sec (fixes #2040)
  * Remove adaptive spawning code from fastcgi (was disabled for a long time)
  * Allow mod_mysql_vhost to use stored procedures (fixes #2011, thx Ben Brown)
  * Fix ipv6 in mod_proxy (fixes #2043)
  * Print errors from include_shell to stderr
  * Set tm.tm_isdst = 0 before mktime() (fixes #2047)
  * Use linux-epoll by default if available (fixes #2021, thx Olaf van der Spek)
  * Print an error if you use too many captures in a regex pattern (fixes #2059)
  * Combine Cache-Control header value in mod_expire to existing HTTP header if header already added by other modules (fixes #2068)
  * Remember keep-alive-idle in separate variable (fixes #1988)
  * Fix header inclusion order, always include "config.h" before any system header
  * mod_webdav: Patch to skip login information for domain part of Destination field (fixes #1793)
  * mod_webdav: Delete old properties before updating new for MOVE (fixes #1317)
  * Read hostname from absolute uris in the request line (fixes #1937)
  * mod_fastcgi: don't disable backend if disable-time is 0 (fixes #1825)
  * mod_compress: match partial+full content-type (fixes #1552)
  * mod_fastcgi: fix is_local detection, respawn backends if bin-path is set (fixes #897)
  * Fix linger-on-close behaviour to avoid rare failure conditions (was r2636, fixes #657)
  * mod_fastcgi: restart local procs immediately after they terminated, fix local procs handling
  * Fix segfault on invalid config "duplicate else conditions" (fixes #2065)
  * mod_usertrack: Use T_CONFIG_INT for max-age, solves range problem (#1455)
  * mod_accesslog: configurable timestamp logging (fixes #1479)
  * always define _GNU_SOURCE
  * Add some iterators for mod_magnet (fixes #1307)
  * Fix close_timeout_ts trigger (should finally fix lingering close)
  * mod_rewrite: add url.rewrite-[repeat-]if-not-file to rewrite if file doesn't exist or is not a regular file (fixes #985, thx lucas aerbeydt)
  * Add TLS servername indication (SNI) support (fixes #386, thx Peter Colberg <peter@colberg.org>)
  * Add SSL Client Certificate verification (#1288)
  * mod_fastcgi: Fix host->active_procs counter, return 503 if connect wasn't successful after 5 tries (fixes #1825)
  * mod_accesslog: escape special characters (fixes #1551, thx icy)
  * fix mod_webdav crash from #1793 (fixes #2084, thx hiroya)
  * Don't print ssl error if client didn't support TLS SNI
  * Fix linger close timeout handling, drop timeout to 5 seconds (fixes #2086)
  * Fix broken return values from int to enum in mod_fastcgi

- 1.4.23 - 2009-06-19
  * Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
  * New lighttpd man page (moved it to section 8) (fixes #1875)
  * Create rrd file for empty rrdfile in mod_rrdtool (#1788)
  * Fix workaround for incorrect path info/scriptname if fastcgi prefix is "/" (fixes #729)
  * Finally removed spawn-fcgi
  * Allow xattr to overwrite mime type (fixes #1929)
  * Remove link from errormsg about fastcgi apps (fixes #1942)
  * Strip trailing dot from "Host:" header
  * Remove the optional port info from SERVER_NAME (thx Mr_Bond)
  * Fix mod_proxy RoundRobin (off by one problem if only one backend is up)
  * Rename configure.in to configure.ac, with small cleanups (fixes #1932)
  * Add proper SUID bit detection (fixes #416)
  * Check for regular file in mod_cgi, so we don't try to start directories
  * Include mmap.h from chunk.h to fix some problems with #define mmap mmap64 (fixes #1923)
  * Add support for pipe logging for server.errorlog (fixes #296)
  * Add revision number to package version for svn/git checkouts
  * Use server.tag for SERVER_SOFTWARE if configured (fixes #357)
  * Fix trailing zero char in REQUEST_URI after "strip-request-uri" in mod_fastcgi
  * mod_magnet: Add env["request.remote-ip"] (fixes #1740)
  * mod_magnet: Add env["request.path-info"]
  * Change name/version separator back to "/" (affects every place where the version is printed)
  * Fix bug with FastCGI request id overflow under high load; just use always id 1 as we don't use multiplexing. (thx jgray)
  * Add some dirlisting enhancements (fixes #1458)
  * Add option to enable TCP_DEFER_ACCEPT (fixes #1447)
  * Limit amount of bytes read for one read-event (fixes #1070)
  * Add evasive.silent option (fixes #1438)
  * Make mod_extforward headers configurable (fixes #1545)
  * Add '%_' pattern for complete hostname in mod_evhost (fixes #1737)
  * Add IPv6 support to mod_proxy (fixes #1537)
  * mod_ssi printenv: print cgi env, add environment vars to cgi env (fixes #1713)
  * Fix error message if no auth backend was set
  * Fix SERVER_NAME port stripping (fixes #1968)
  * Fix x-sendfile 2gb limiting (fixes #1970)
  * Fix mod_cgi environment keys mangling (fixes #1969)
  * Fix workaround for incorrect path info/scriptname if scgi prefix is "/" (fixes #729)
  * Fix max-age value in mod_expire for 'modification' (fixes #1978)
  * Fix evasive.silent option (#1438)
  * Fix mod-fastcgi counters
  * Modify fastcgi error message
  * Backup errno for later usage (reported by Guido Reina via mailinglist)
  * Improve FastCGI performance (fixes #1999)
  * Workaround broken operating systems: check for trailing '/' in filenames (fixes #1989)
  * Allow using pcre with cross-compiling (pcre-config got fixed; fixes #1986)
  * Add "lighty.req_env" table to mod_magnet for setting/getting environment values for cgi (fixes #1967, thx presbrey)
  * Fix segfault in mod_expire after failed config parsing (fixes #1992)
  * Add ssi.content-type option (default text/html, fixes #615)
  * Add support for "real" entropy from /dev/[u]random (fixes #1977)
  * Adding support for additional chars in LDAP usernames (fixes #1941)
  * Ignore multiple "If-None-Match" headers (only use first one, fixes #753)
  * Fix 100% cpu usage if time() < 0 (thx to gaspa and cate, fixes #1964)
  * Allow max-keep-alive-requests to depend on conditional (fixes #1881)
  * Make dependency on svnversion/git optional (for devel versionstamp, fixes #2009)

- 1.4.22 - 2009-03-07
  * Fix wrong lua type for CACHE_MISS/CACHE_HIT in mod_cml (fixes #533)
  * Fix default vhost in mod_simple_vhost (fixes #1905)
  * Handle EINTR in mod_rrdtool (fixes #604)
  * Fix rrd error after graceful restart (fixes #419)
  * Fix EAGAIN handling for freebsd sendfile (fixes #1913, thx AnMaster for spotting the problem)
  * Fix segfault in mod_scgi (fixes #1911)
  * Treat EPIPE as connection-closed error in network_freebsd_sendfile.c (another fix from #1913)
  * Fix useless redirection of stderr in mod_rrdtool, as it gets redirected to /dev/null later. (fixes #1922)
  * Fix some problems with more strict compilers (#1923)
  * Fix segfault if siginfo_t* is NULL in sigaction handler (fixes #1926)

- 1.4.21 - 2009-02-16

  * Fix base64 decoding in mod_auth (#1757, thx guido)
  * Fix mod_cgi segfault when bound to unix domain socket (#653)
  * Do not rely on ioctl FIONREAD (#673)
  * Now really fix mod auth ldap (#1066)
  * Fix leaving zombie process with include_shell (#1777)
  * Removed debian/, openwrt/ and cygwin/; they weren't kept up-to-date, and we decided to remove dist. specific stuff
  * Try to convert string options to shorts for numeric options in config file; allows to use env-vars for numeric options. (#1159, thx andrewb)
  * Do not cache default vhost in mod_simple_vhost (#709)
  * Trust pcre-config, do not check for pcre manually (#1769)
  * Fix fastcgi authorization in subdirectories with check-local=disabled; don't split pathinfo for authorizer. (#963)
  * Add possibility to disable methods in mod_compress (#1773)
  * Fix duplicate connection keep-alive/transfer-encoding headers (#960)
  * Fixed fix for round-robin in mod_proxy (forgot to increment the index) (#1715)
  * Fix fastcgi-authorizer handling; Status: 200 is now accepted as the doc requests
  * Compare address family in inet_ntop_cache
  * Revert CVE-2008-4359 (#1720) fix "encoding+simplifying urls for rewrite/redirect": too many regressions.
  * Use FD_CLOEXEC if possible (fixes #1821)
  * Optimized buffer usage in mod_proxy (fixes #1850)
  * Fix uninitialized value in time struct after strptime
  * Do not pass Proxy-Connection: header from client to backend http server in mod_proxy (#1877)
  * Fix wrong malloc sizes in mod_accesslog (probably nothing bad happened...) (fixes #1855, thx ycheng)
  * Some small buffer.c fixes (closes #1837)
  * Remove floating point math from server.c (fixes #1402)
  * Disable SSLv2 by default
  * Use/enforce sane max-connection values (fixes #1803)
  * Allow mod_compress to return 304 (Not Modified); compress ignores the static-file.etags option.(fixes #1884)
  * Add option to ignore the "Expect: 100-continue" header instead of returning 417 Expectation failed (closes #1017)
  * Use modified etags in mod_compress (fixes #1800)
  * Fix max-connection limit handling/100% cpu usage (fixes #1436)
  * Fix error handling in freebsd-sendfile (fixes #1813)
  * Silenced the annoying "request timed out" warning, enable with the "debug.log-timeouts" option (fixes #1529)
  * Allow tabs in header values (fixes #1822)
  * Added Language conditional (fixes #1119); patch by petar
  * Fix wrong format strings (#1900, thx stepancheg)

- 1.4.20 - 2008-09-30

  * Fix mod_compress to compile with old gcc version (#1592)
  * Fix mod_extforward to compile with old gcc version (#1591)
  * Update documentation for #1587
  * Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls (CVE-2008-1531)
  * Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
  * Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)
  * Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "memleak" (#1628)
  * Don't send empty Server headers (#1620)
  * Fix conditional interpretation of core options
  * Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => "%", "$$" => "$"
  * Fix accesslog port (should be port from the connection, not the "server.port") (#1618)
  * Fix mod_fastcgi prefix matching: match the prefix always against url, not the absolute filepath (regardless of check-local)
  * Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Holst
  * Handle EINTR in mod_cgi during write() (#1640)
  * Allow all http status codes by default; disable body only for 204,205 and 304; generate error pages for 4xx and 5xx (#1639)
  * Fix mod_magnet to set con->mode = p->id if it generates content, so returning 4xx/5xx doesn't append an error page
  * Remove lighttpd.spec* from source, fixing all problems with it ;-)
  * Do not rely on PATH_MAX (POSIX does not require it) (#580)
  * Disable logging to access.log if filename is an empty string
  * Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (#624)
  * merge spawn-fcgi changes from trunk (from @2191)
  * let spawn-fcgi propagate exit code from spawned fcgi application
  * close connection after redirect in trigger_b4_dl (thx icy)
  * close connection in mod_magnet if returned status code
  * fix bug with IPv6 in mod_evasive (#1579)
  * fix scgi HTTP/1.* status parsing (#1638), found by met@uberstats.com
  * [tests] fixed system, use foreground daemons and waitpid
  * [tests] removed pidfile from test system
  * [tests] fixed tests needing php running (if not running on port 1026, search php in env[PHP] or /usr/bin/php-cgi)
  * fixed typo in mod_accesslog (#1699)
  * replaced buffer_{append,copy}_string with the _len variant where possible (#1732) (thx crypt)
  * case insensitive match for secdownload md5 token (#1710)
  * Handle only HEAD, GET and POST in mod_dirlisting (same as in staticfile) (#1687)
  * fixed mod_secdownload problem with unsigned time_t (#1688)
  * handle EAGAIN and EINTR for freebsd sendfile (#1675)
  * Use filedescriptor 0 for mod_scgi spawn socket, redirect STDERR to /dev/null (#1716)
  * fixed round-robin balancing in mod_proxy (#1715)
  * fixed EINTR handling for waitpid in mod_fastcgi
  * mod_{fast,s}cgi: overwrite environment variables (#1722)
  * inserted many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)
  * fixed url encoding to encode more characters (#266)
  * allow digits in [s]cgi env vars (#1712)
  * fixed dropping last character of evhost pattern (#161)
  * print helpful error message on conditionals in global block (#1550)
  * decode url before matching in mod_rewrite (#1720) -- (reverted for 1.4.21)
  * fixed conditional patching of ldap filter (#1564)
  * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server) [2281]
  * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" (CVE-2008-4360)
  * fixed format string bugs in mod_accesslog for SYSLOG
  * replaced fprintf with log_error_write in fastcgi debug
  * fixed mem leak in ssi expression parser (#1753), thx Take5k
  * hide some ssl errors per default, enable them with debug.log-ssl-noise (#397)
  * do not send content-encoding for 304 (#1754), thx yzlai
  * fix segfault for stat_cache(fam) calls with relative path (without '/', can be triggered by x-sendfile) (#1750)
  * fix splitting of auth-ldap filter
  * workaround ldap connection leak if a ldap connection failed (restarting ldap)
  * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie)
  * fix memleak in request header parsing (#1774, thx qhy) (CVE-2008-4298)
  * fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!)
  * use decoded url for matching in mod_redirect (#1720) (CVE-2008-4359) -- (reverted for 1.4.21)

- 1.4.19 - 2008-03-10

  * added support for If-Range: <date> (#1346)
  * added support for matching $HTTP["scheme"] in configs
  * fixed initgroups() called after chroot (#1384)
  * fixed case-sensitive check for Auth-Method (#1456)
  * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
  * fixed a bug that made /-prefixed extensions being handled also when
    matching the end of the uri in fcgi,scgi and proxy modules (#1489)
  * print error if X-LIGHTTPD-send-file cannot be done; reset header
    Content-Length for send-file. Patches by Stefan Buehler
  * prevent crash in certain php-fcgi configurations (#841)
  * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507)
  * open log immediately after daemonizing, fixes SIGPIPEs on startup  (#165)
  * HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499)
  * generate ETag and Last-Modified headers for mod_ssi based on newest modified include (#1491)
  * support letterhomes in mod_userdir (#1473)
  * support chained proxies in mod_extforward (#1528)
  * fixed bogus "cgi died ?" if we kill the CGI process on shutdown
  * fixed ECONNRESET handling in network-openssl
  * fixed handling of EAGAIN in network-linux-sendfile (#657)
  * reset conditional cache (#1164)
  * create directories in mod_compress (was broken with alias/userdir) (#1027)
  * fixed out of range access in fd array (#1562, #372) (CVE-2008-0983)
  * mod_compress should check if the request is already handled, e.g. by fastcgi (#1565)
  * remove broken workaround for buggy Opera version with ssl/chunked encoding (#285)
  * generate etag/last-modified header for on-the-fly-compressed files (#1171)
  * req-method OPTIONS: do not insert default response if request was denied, do not deny OPTIONS by default (#1324)
  * fixed memory leak on windows (#1347)
  * fixed building outside of the src dir (#1349)
  * fixed including of stdint.h/inttypes.h in etag.c (#1413)
  * do not add Accept-Ranges header if range-request is disabled (#1449)
  * log the ip of failed auth tries in error.log (enhancement #1544)
  * fixed RoundRobin in mod_proxy (#516)
  * check for symlinks after successful pathinfo matching (#1574)
  * fixed mod-proxy.t to run with a builddir outside of the src dir
  * do not suppress content on "307 Temporary Redirect" (#1412)
  * fixed Content-Length header if response body gets removed in connections.c (#1412, part 2)
  * do not generate a "Content-Length: 0" header for HEAD requests, added test too
  * remove compress cache file if compression or write failed (#1150)
  * fixed body handling of status 300 requests 
  * spawn-fcgi: only try to connect to unix socket (not tcp) before spawning (#1575)
  * fix sending source of cgi script instead of 500 error if fork fails (CVE-2008-1111)
  * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623)
  * fix sending "408 - Timeout" instead of "410 - Gone" for timedout urls in mod_secdownload (#1440)
  * workaround #1587: require userdir.path to be set to enable mod_userdir (empty string allowed) (CVE-2008-1270)
  * make configure checks for --with-pcre, --with-zlib and --with-bzip2 failing if the headers aren't found
  * fixed handling of waitpid() == EINTR mod_ssi on solaris 

- 1.4.18 - 2007-09-09

  * fixed compile error on IRIX 6.5.x on prctl() (#1333)
  * fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
  * fixed FastCGI header overrun in mod_fastcgi (reported by mattias@secweb.se)
  * fixed hanging redirects with keep-alive due to missing
    "Content-Length: 0" headers
  * fixed crashing when using undefined environment variables in the config
  * fixed compilation of mod_mysql_vhost on irix (#1341)

- 1.4.17 - 2007-08-29

  * added dir-listing.set-footer in mod_dirlisting (#1277)
  * added sending UID and PID for SIGTERM and SIGINT to the logs
  * fixed hardcoded font-sizes in mod_dirlisting (#1267)
  * fixed different ETag length on 32/64 platforms (#1279)
  * fixed compression of files < 128 bytes by disabling compression (#1241)
  * fixed mysql server reconnects (#518)
  * fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
  * fixed crash on mixed EOL sequences in mod_cgi
  * fixed key compare (#1287)
  * fixed invalid char in header values (#1286)
  * fixed invalid "304 Not Modified" on broken timestamps
  * fixed endless loop on shrunk files with sendfile() on BSD (#1289)
  * fixed counter overrun in ?auto in mod_status (#909)
  * fixed too aggressive caching of nested conditionals (#41)
  * fixed possible overflow in unix-socket path checks on BSD (#713)
  * fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
  * fixed handling of duplicate If-Modified-Since to return 304 
  * fixed extracting status code from NPH scripts (#1125)
  * fixed prctl() usage (#1310)
  * removed config-check if passwd files exist (#1188)
  * fixed crash when etags are disabled but the client sends one (#1322)
  * fixed crash when freeing the config in mod_alias
  * fixed server.error-handler-404 breakage from 1.4.16 (#1270)
  * fixed entering 404-handler from dynamic content (#948)
  * added more debug infos for FAM based stat-cache
  * use more LSB like paths in the sample config (#1242)

- 1.4.16 - 2007-07-25

  * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size
    to customize the generation of ETags for static files. (#1209) 
    (patch by <Yusufg@gmail.com>)
  * fixed typecast of NULL on execl() (#1235)
    (patch by F. Denis)
  * fixed circumventing url.access-deny by trailing slash (#1230)
  * fixed crash on duplicate headers with trailing WS (#1232)
  * fixed accepting more connections then requested (#1216)
  * fixed mem-leak in mod_auth (reported by Stefan Esser)
  * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser)
  * fixed missing check for base64 encoded string in mod_auth and Basic auth
    (reported by Stefan Esser)
  * fixed possible crash in Auth-Digest header parser on trailing WS in 
    mod_auth (reported by Stefan Esser) 
  * fixed check on stale errno values, which broke handling of broken fastcgi
    applications. (#1245)
  * fixed crash on 32bit archs when debug-msgs are printed in mod_scgi, mod_fastcgi 
    and mod_webdav (#1263)

- 1.4.15 - 2007-04-13

  * fixed broken Set-Cookie headers

- 1.4.14 - 2007-04-13

  * fix crash if gethostbyaddr() failed on redirect [1718]
  * properly handle 206 responses generated by *cgi scripts. (#755) [1716]
  * added HTTPS=on to the environment of cgi scripts (#861) [1684]
  * fix handling of 303 (#1045) [1678]
  * made the configure check for lua more portable [1677]
  * added mod_extforward module [1665]
  * references to the fam stat cache engine should be conditional (#1039) [1664]
  * fix http 500 errors (colin.stephen/at/o2.com) #1041 [1663]
  * prevent wrong pidfile unlinking on graceful restart (Chris Webb) [1656]
  * ignore empty packets from STDERR stream. #998
  * fix a crash for files with an mtime of 0 reported by cubiq on irc [1519]
    CVE-2007-1870
  * allow empty passwords with ldap (Jörg Sonnenberger) [1516]
  * mod_scgi.c segfault fix #964 [1501]
  * Added round-robin support to mod_fastcgi [1500]
  * Handle DragonFlyBSD the same way as Freebsd (Jörg Sonnenberger) [1492,1676]
  * added now and weeks support to mod_expire. #943
  * fix cpu hog in certain requests [1473] CVE-2007-1869
  * fix for handling hostnames with trailing dot [1406]
  * fixed header-injection via server.tag (#1106)
  * disabled caching of files without a content-type to solve the
    aggressive caching of FF
  * remove trailing white-spaces from HTTP-requests before parsing (#1098)
  * fixed accesslog.use-syslog in a conditional and the caching of the
    accesslog for files (fixes #1064)
  * fixed various crashes at startup on broken accesslog.format strings (#1000)
  * fixed handling of %% in accesslog.format
  * fixed conditional dir-listing.exclude (#930)
  * reduced default PATH_MAX to 255 (#826)
  * ECONNABORTED is not known on cygwin (#863)
  * fixed crash on url.redirect and url.rewrite if %0 is used in a global context
    (#800)
  * fixed possible crash in debug-message in mod_extforward
  * fixed compilation of mod_extforward on glibc < 2.3.4
  * fixed include of empty in the configfiles (#1076)
  * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737)
  * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889)
  * fixed compilation in network_writev.c on MacOS X 10.3.9 (#903)
  * added kill-signal as another setting for fastcgi backends. See the wiki for more.

- 1.4.13 - 2006-10-09

  * added initgroups in spawn-fcgi (#871)
  * added apr1 support htpasswd in mod-auth (#870)
  * added lighty.stat() to mod_magnet
  * fixed segfault in split CRLF CRLF sequences
    (introduced in 1.4.12) (#876)
  * fixed compilation of LOCK support in mod-webdav
  * fixed fragments in request-URLs (#869)
  * fixed pkg-config check for lua5.1 on debian
  * fixed Content-Length = 0 on HEAD requests without
    a known Content-Length (#119)
  * fixed mkdir() forcing 0700 (#884)
  * fixed writev() on FreeBSD 4.x and older (#875)
  * removed warning about a 404-error-handler
    returned 404
  * backported and fixed the buildsystem changes for
    webdav locks
  * fixed plugin loading so we can finally load lua
    extensions in mod_magnet scripts
  * fixed large uploads if xattr is enabled

- 1.4.12 - 2006-09-23

  * added experimental LOCK support for webdav
  * added Content-Range support for PUT in webdav
  * added support for += on empty arrays in config-files
  * added ssl.cipher-list and ssl.use-sslv2
  * added $HTTP["querystring"] conditional
  * added mod_magnet as long-term replacement for mod_cml
  * added work-around for a Opera Bug with SSL + Chunked-Encoding
  * changed --print-config to print to stdout instead of stderr
  * changed no longer use 0600 for new files with webdav. umask is
    honored. Make sure you have set a proper umask.
  * fixed upload hangs with SSL
  * fixed connection drops with SSL (aka bad retry)
  * fixed path traversal with \ on cygwin
  * fixed mem-leak in mod_flv_streaming
  * fixed required trailing newline in configfiles (#142)
  * fixed quoting the autoconf files (#466)
  * fixed empty Host: + $HTTP["host"] handling (#458)
  * fixed handling of If-Modified-Since if ETag is not set
  * fixed default-shell if SHELL is not set (#441)
  * fixed appending and assigning of env.* vars
  * fixed empty FCGI_STDERR packets
  * fixed conditional server.allow-http-11
  * fixed handling of follow-symlink + lstat()
  * fixed SIGHUP handling if max-workers is used
  * fixed "Software caused connection abort" messages on FreeBSD

- 1.4.11 - 2006-03-09

  * added ability to specify which ip address spawn-fci listens on
    (agkr/at/pobox.com)
  * added mod_flv_streaming to streaming Flash Movies efficiently
  * fixed handling of error codes returned by mod_dav_svn behind a
    mod_proxy
  * fixed error-messages in mod_auth and mod_fastcgi
  * fixed re-enabling overloaded local fastcgi backends
  * fixed handling of deleted files in linux-sendfile
  * fixed compilation on BSD and MacOSX
  * fixed $SERVER["socket"] on a already bound socket
  * fixed local source retrieval on windows
    (secunia)
  * fixed hanging cgi if remote side is dying while reading
    from the pipe (sandy/at/meebo.com)

- 1.4.10 - 2006-02-08

  * added docs for mod_dirlisting
  * added fastcgi.map-extensions to mod_fastcgi
  * fixed load balancing for mod_fastcgi
  * fixed extra newline for syslog() in mod_accesslog
  * fixed user-track cookie for IE in mod_usertrack
  * fixed crash in digest handling in mod_auth
  * fixed handling of 301 response-bodies from a mod_proxy backend
  * fixed loading of base modules if server.modules is not set
  * fixed broken cgi if mod_scgi is loaded

- 1.4.9 - 2006-01-14

  * added server.core-files option (sandy <sandy/at/meebo.com>)
  * added docs for mod_status
  * added mod_evasive to limit the number of connections by IP (<w1zzard/at/techpowerup.com>)
  * added the power-magnet to mod_cml
  * added internal statistics to mod_fastcgi
  * added server.statistics-url to get internal statistics from mod_status
  * added support for conditional range-requests through If-Range
  * added static building via scons
  * fixed 100% cpu loops in mod_cgi ("sandy" <sjen/at/cs.stanford.edu>)
  * fixed handling for secure-download.timeout (jamis/at/37signals.com)
  * fixed IE bug in content-charset in the output of mod_dirlisting (sniper/at/php.net)
  * fixed typos and language in the docs (ryan-2005/at/ryandesign.com)
  * fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy/at/meebo.com>)
  * fixed handling if equal but duplicate If-Modified-Since request headers
  * fixed endless loops in mod_fastcgi if backend is dead
  * fixed Depth: 1 handling in PROPFIND requests on empty dirs
  * fixed encoding of UTF8 encoded dirlistings (Jani Taskinen <sniper/at/iki.fi>)
  * fixed initial bind to a unix-domain socket through server.bind
  * fixed handling of lowercase filesystems
  * fixed duplicate request headers cause by mod_setenv

- 1.4.8 - 2005-11-23

  * added auto-reconnect to ldap-server in mod_auth
    (joerg/at/netbsd.org)
  * changed auth.ldap-cafile to be optional
    (joerg/at/netbsd.org)
  * added strip_request_uri in mod_fastcgi
  * added more X-* headers to mod_proxy
    (Ben Grimm <bengrimm/at/gmail.com>)
  * added 'debug' to simple-vhost to suppress the
    (mod_simple_vhost.c.157) No such file or directory /servers/ww.lighttpd.net/pages/
    messages by default
  * added support to let the server listen on UNIX-socket
  * changed default stat-cache-engine to 'simple'
  * removed debian/ dir from source package on request by packager
  * fixed max-age timestamps in mod_expire
  * fixed encoding the filenames in PROPFIND in mod_webdav
  * fixed range request handling in network_writev
  * fixed retry on connect error in mod_fastcgi
    (Robert G. Jakabosky <bobby/at/alphatrade.com>)
  * fixed possible crash in mod_webdav if sqlite3 support
    is available but not use
  * fixed fdvent-handler init if server.max-worker was used
    (Siddharth Vijayakrishnan <mail/at/bluefireworks.net>)
  * fixed missing cleanup in mysql_vhost
  * fixed assert() in "connections.c:962:
      connection_handle_read_state: Assertion 'c->mem->used' failed."
  * fixed 64bit issue in md5
  * fixed crash in mod_status
  * fixed duplicate headers in mod_proxy
  * fixed Content-Length in HEAD request in mod_proxy
  * fixed unsigned/signed comparisons
  * fixed streaming in mod_cgi
  * fixed possible overflow in password-salt handling
    (reported on slashdot by james-web/at/and.org)
  * fixed server-traffic-limit if connection limit is not set

- 1.4.7 - 2005-11-02

  * added FD_CLOEXEC to fds which are kept open for a longer time
  * added smaller, moving mmaped windows to network_writev
  * added madvise() to instruct the kernel the do proper read-ahead in network_writev
  * added support for %I in mod_accesslog
  * added better compat to Apache for ?auto in mod_status
  * added support for userdirs without a entry in /etc/passwd in mod_userdir
    (rob/at/inversepath.com)
  * added startup-time selectable network-backend
  * added location of upload-files to config as array
  * added webdav.log-xml for logging xml-content in mod_webdav
  * added Cache-Control: max-age to mod_expire
  * workaround missing client-bug by assuming we received a close-notify on
    non-keep-alive requests in SSL request
  * disabled kerberos5 support by default to fix compilation on RHEL
  * fixed order of library checks to fix compilation on Solaris 9
  * fixed open file-descriptors on read-error
  * fixed crash if /var/tmp is not writable

- 1.4.6 - 2005-10-09

  * fixed compilation on MacOS X and cygwin
  * fixed compressed output if caching was disabled (seen in IE and Opera)
  * fixed range-request option
  * fixed mysql-vhost module (was broken in 1.4.5)
  * fixed false positive in the detection of case-insensitive FS

- 1.4.5 - 2005-10-02

  * added all DeltaV methods as known methods
  * added buffer-to-disk of request content
  * added warning for unused variables in conditionals
  * added global index-generators to mod_indexfile
  * fixed caching for remote-ip conditionals with keep-alive
  * fixed redirects with content
  * fixed infinite loop in exec-cmd in mod_ssi
  * fixed segfault in config handling for mod_mysql_vhost
  * fixed segfault on FIFOs/Sockets
  * fixed possible crash on uninit memory if If-Modified-Since was too long
  * fixed accounting of mem-chunks
  * fixed starving of connections on high load
  * fixed crc errors in mod_compress on 64bit platforms
  * fixed handling of overlapping fastcgi packets (bug added in 1.4.4)
  * fixed logic of conditionals if a header was not set
  * fixed a segfault in mod_rewrite if %1 references were used
  * fixed handling of empty request URIs in HTTP requests

- 1.4.4 - 2005-09-16
  * added support for %V in mod_accesslog
  * added a option for a FastCGI responder to send static files
  * added md5 and blowfish hashes to htpasswd
  * fixed METHOD in mod_accesslog of WebDAV methods
  * fixed check for permission before files in sent
  * fixed mod-proxy and content for non-POST requests
  * fixed compilation of mod_cml on MacOS X
  * fixed SSL errmsg after accept()
  * fixed memleak in stat-cache
  * fixed aborted connections if file was moved while in transfer
  * fixed mem-usage for large FastCGI transfers

- 1.4.3 - 2005-09-01

  * added graceful shutdown
  * added server.max-connections
  * fixed compilation on all BSD platforms
  * fixed init of kqueue and /dev/poll after daemonize
  * fixed segfault if select() is event-handler and more than FD_SETSIZE
    fds are opened
  * fixed compilation of mod_cml
  * fixed bin-copy-env in mod_fastcgi

- 1.4.2 - 2005-08-29

  * fixed mimetype detection on uppercase extensions
  * fixed memleak in stat-cache
  * fixed infinite loop in mod_cgi
  * fixed alignment crashes on sparc64 and alpha64
  * fixed test system for gentoo ebuild
  * fixed infinite loop in SSL
  * fixed range request for files > 2Gb

- 1.4.1 - 2005-08-22

  * added a complete Class 1 compliant mod_webdav
  * fixed ssl support (especially on OpenBSD)
  * fixed response header in body problem in mod_cgi
  * fixed numbers before body problem
  * fixed compilation on Solaris and FreeBSD
  * fixed conditional options in mod_dirlisting
  * fixed segfault in mod_dirlisting for NFS directories
  * fixed check for docroot in change-root environments

- 1.4.0 - 2005-08-17

  * added nested conditionals
  * added remote-ip to $HTTP
  * added support for stat-cache via FAM
  * added a read-only WebDAV module
  * fixed cleanup in mod_proxy and mod_fastcgi
  * fixed handling of filenames on case-insensitive filesystems

- 1.3.16 - 2005-07-31

  * added Date: headers to dynamic HTTP/1.0 requests
  * added support for OPTION * HTTP/1.1
  * added support for accesslog to syslog
  * added support for PATH_INFO guessing if check-local is disabled in
      mod_fastcgi
  * added switch to disable range-requests
  * added valid-user option for mod_auth (tigger at gentoo.org)
  * added JavaScript based sorting to mod_status (erik)
  * added selective TCP_CORK (Christian von Roques)
  * break up endless loops with Status: 500
  * fixed endless loops in mod_rewrite
  * mapped url.rewrite and url.rewrite-final to uri.rewrite-once
  * fixed compilation for mod_trigger_b4_dl
  * fixed 'can't reach host' in mod_proxy
  * error-handler-404 defaults to Status: 200 and static files work now

- 1.3.15 - 2005-07-15

  * added mod_cml
  * added mod_trigger_b4_dl
  * added encoding to mod_dirlisting
  * added ?auto to mod_status
  * relaxed handling of characters in URIs even more
  * fixed detection of sendfile() on Linux 2.4.x
  * fixed comparison of buffers for short strings
  * server.errorfile-prefix is now conditional
  * fixed mod_rrdtool to close STDERR

- 1.3.14 - 2005-06-15

  * added SCGI support via mod_scgi
  * added hash-based and round-robin load balancing to mod_proxy
  * fixed range requests larger than 2Gb
  * fixed compilation on Solaris
  * fixed endless loops in mod_fastcgi, mod_cgi and mod_proxy
  * fixed handling of URIs for '+' and characters > 127

- 1.3.13 - 2005-03-06

  * added customizable directory listings
  * fixed compile error on all BSD unixes
  * fixed PATHINFO handling for FastCGI
  * fixed handling of remote-close on FreeBSD and OpenSSL

- 1.3.12 - 2005-03-02

  * added ssl.ca-file
  * added support for \n\n as terminator
  * rewrote test-framework and added more tests
  * fixed cgi.assign with empty handler
  * fixed segfault in debug-code
  * fixed mod_expire if modification-timestamps are used
  * fixed segfault on duplication Host-headers
  * fixed endless loop in mod_fastcgi
  * fixed handling of dead fastcgi-processes

- 1.3.11 - 2005-02-20

  * added REMOTE_PORT and SERVER_ADDR to CGI-env
  * relaxed handling of newlines before keep-alive requests
  * relaxed uri-parser again
  * fixed PHP_SELF for php
  * fixed compilation on MacOS X
  * fixed handling of EPIPE and ECONNRESET
  * fixed crash in mod_auth if config-options are missing
  * fixed handling of missing trailing / in mod_userdir
  * fixed conditional secdownload.secret
  * fixed REPORT ME error due to failed reconnects in mod_fastcgi
  * fixed cmdline handling in mod_fastcgi

- 1.3.10 - 2005-02-06

  * added support for full commandline in spawn-fcgi
  * fixed missing check for IP-address in mod_fastcgi
  * fixed compile error with openssl in mod_fastcgi
  * removed a debug-message from network-functions

- 1.3.9 - 2005-02-06

  * added a stricter URI parser
  * added a check to the CGI spawner if the cgi-handler exists
  * added documentation for SSL and mod_status
  * added handling of startup environment to FastCGI
  * improved performance in FastCGI in buildind the FastCGI header
  * fixed min-procs and max-procs in FastCGI on PowerPC
  * fixed crash in setenv.add-response-header
  * fixed handling of nph-scripts in CGI
  * fixed accidentally sending out physical file in CGI on error
  * fixed cygwin support
  * fixed handling of missing files
  * fixed HEAD requests for dynamic requests

- 1.3.8 - 2005-01-30

  * added traffic shaping by remote host and virtual server
  * added auto-spawning of FastCGI process on demand
  * added virtual host based on MySQL
  * added mod_setenv to add environment and http headers on the fly
  * added support for syslog in mod_accesslog
  * improved output of mod_status
  * improved debug output in request handling
  * fixed build problems on netbsd 1.4.x and 1.5.x
  * fixed status.url configuration
  * fixed handling of != and !~ in configutation
  * fixed special cases in keep-alive handling
  * fixed timeout handling in handling POST requests
  * fixed mode AUTHORIZER in FastCGI
  * fixed handling if internal redirects if no Host: is supplied
  * fixed mod_alias + pathinfo
  * fixed directory indexes and permissions
  * enabled sending errorlog to syslog again

- 1.3.7 - 2004-12-11

  * added retries for a fastcgi connect if a php-childs
    dies at startup
  * update the debian directory
  * added setgroups() to drop all group-privs
  * added native port to windows via mingw32
  * added server.tag = '...'
  * added support for ${...} in mod_ssi
  * ported all plugins to conditional support
  * fixed multipart handling in cgi
  * fixed kqueue event-handler
  * fixed wrap-around in mod_status
  * fixed crash with SSL + FastCGI
  * fixed detection of SSL headers
  * fixed handling of dangling SSL_shutdown
  * fixed detection of keep-alive of Firefox

- 1.3.6 - 2004-11-03

  * added spawn-fcgi to the distribution
  * added support in fastcgi module to spawn fastcgi
    processes itself
  * fixed logfile cycling if external logging is used
  * fixed connection handling in fastcgi if no chunk
    encoding is used
  * fixed internal redirects on directories if a query
    string is supplied
  * fixed cgi-module for POST request above 4k
  * fixed mod_alias and follow-symlink

- 1.3.5 - 2004-10-31

  * added mod_alias
  * added mod_userdir
  * added the exec command to the SSI handler
  * added a switch to disable follow-symlinks
  * added a switch to disable IPv6 at compile-time
  * fixed compilation on FreeBSD and NetBSD 1.3.x
  * fixed segfault in pipelining
  * fixed a segfault in writev() handler if LFS is used

- 1.3.4 - 2004-10-24

  * added limiter for open files
  * added logging of user supplied data to accesslogs
  * added build target for OpenWRT
  * added plain backend support for auth-digest
  * fixed handling the external accesslog processes
  * fixed SERVER_NAME in CGI and FastCGI

- 1.3.3 - 2004-10-16

  * added support for NL terminators in CGI-scripts
  * added support for conditionals in mod_auth,
    mod_simple_vhost and mod_evhost
  * added a error-handler for 404 codes
  * fixed request counter in the rrdtool module
  * fixed log-file cycling
  * fixed seg-fault

- 1.3.2 - 2004-09-30

  * fixed file-cache

- 1.3.1 - 2004-09-30

  * fixed file-cache
  * fixed parsing of IPv6 addresses
  * fixed cgi for cygwin
  * fixed test-suite for FreeBSD and IRIX
  * fixed handling of shrunken files
  * fixed handling of REQUEST_URI after rewrite

- 1.3.0 - 2004-09-17

  * added build for MacOS X and Cygwin
  * added handling of more than one socket
  * added config-conditions for User-Agent and Referer
  * added final rewrite-rules

- 1.2.8 - 2004-09-11

  * added a cache for mimetypes
  * added X-Forwarded-For for mod_proxy
  * fixed handling of comments in If-Modified-Since
  * fixed error handling in FastCGI code
  * fixed expire plugin for second Expire header

- 1.2.7 - 2004-09-04

  * added mod_rrdtool for internal statistics
  * added xattr support
  * added user-controlable timeouts
  * improved documentation for many plugins
  * fixed POST requests for mod_proxy
  * fixed rare hang with CGI
  * fixed seg-fault if no configfile is specified
  * fixed rare problem in FastCGI header generation

- 1.2.6 - 2004-08-26

  * added apache-like accesslog definition
  * enabled timestamp cache again
  * improved performance in the string compare functions
  * fixed double-free in fastcgi handler
  * fixed error-handling in cgi handler

- 1.2.5 - 2004-08-10

  * added skeleton for solaris 10 port-API
  * added compression support even if no cachedir is set
  * added conditional configoptions
  * fixed compilation on OpenBSD
  * fixed kqueue support
  * fixed pipelining bug
  * fixed parallel build (triggered by Gentoo)
  * updated debian postinst

- 1.2.4 - 2004-07-31

  * added kqueue support
  * added server-side includes (mod_ssi)
  * fixed large post uploads in fastcgi
  * fixed rt-signals handling of delayed events

- 1.2.3 - 2004-07-10

  * added a proxy module for Java and friends
  * added support to pass accesslog through an external program
  * added mimetypes for text/css and text/javascript
  * fixed index-files for FastCGI if webserver is in chroot
  * fixed error messages of CGI process fails to exec()
  * fixed detection of pcre on IRIX and FreeBSD
  * fixed timestamps in Last-Modified checks
  * fixed 64bit builds
  * fixed mmap-caching of large files
  * relaxed the HTTP parser on empty headerfields

- 1.2.2 - 2004-06-15

  * added support for unix domain sockets in FastCGI
  * fixed mmap caching
  * fixed compile-time check for linux sendfile()
  * fixed check for pcre.h on Fedora Core 2

- 1.2.1 - 2004-05-30

  * added experimental support for AIX send_file()
  * added an mmap cache to the filehandle cache
  * enabled FreeBSD sendfile support again
  * added support for calling CGI binaries directly
  * fixed pipelining for POST requests
  * fixed some seg-faults if no configfile is used

- 1.2.0 - 2004-05-17

  * added conforming Expect: handling
  * added a module for secure and fast downloading
  * rewrote the event handling interface
  * fixed array handling which might lead to 'missing header'
  * fixed pipelining support
  * fixed build of the localizer extension
  * fixed cgi handling for headers which are flushed to often
  * fixed compilation on Solaris 2.5

- 1.1.9 - 2004-04-29

  * added AUTHORIZER mode to the FastCGI module
  * added 'check-local' option to disable local stat() in the FastCGI module
  * added prefix-notation for FastCGI module
  * added 'mod_usertrack'
  * improved CGI/FastCGI spec conformance
  * more code cleanup
  * fixed HTTP/1.1 chunk headers
  * fixed POST handling
  * fixed SSL network handler
  * fixed writev() network handler

- 1.1.8 - 2004-04-16

  * code cleanup
  * limiting the size of the request-body and the request-header
  * minor speed improvements
  * tightend the HTTP-Parser again

- 1.1.7 - 2004-04-12

  * added REMOTE_USER to the Server->FastCGI parameters
  * added bzip2 compression
  * improved the error-messages from the new configfile parser
  * fixed accesslog writing for erroneous requests
  * fixed LFS (64bit filesizes) handling
  * fixed Content-Length for HEAD requests
  * fixed some memory leaks in the configfile parser

- 1.1.6 - 2004-04-10

  * tightend the HTTP-Parser
  * rewrote the configfile parser (based on lemon)
  * fixed openssl support
  * fixed mmap+write support
  * use localtime in accesslog if possible

- 1.1.5 - 2004-04-07

  * added ldap backend to the auth
  * added a mod_expire
  * added debian packaging structure
  * merged redhat and suse spec-file
  * fixed eventhandler for solaris
  * fixed 64bit fileoffsets
  * fixed permissions of the PID-file

- 1.1.4 - 2004-04-04

  * added server.pid-file
  * added support for solaris /dev/poll and solaris sendfilev()
  * added support for writev()
  * added PATHINFO support (again)
  * fixed CLF logfile writing

- 1.1.3 - 2004-03-25

  * set default event-handler to 'poll'
  * fixed logcycling in chroot()
  * fixed hostname detection
  * added syslog() as fallback for error-logging

- 1.1.2 - 2004-03-22

  * added a "docroot" setting for fastcgi processes
  * performance improvements
  * improved configure script
  * rewrote the fastcgi config parser
  * added a rc-script for RedHat
  * added epoll() support for Linux 2.6.x

- 1.1.1 - 2004-03-15

  * added localizer module
  * performance improvements
  * code cleanup

- 1.1.0 - 2004-03-06

  * changed some configuration keys for better readability
  * moved the virtual-host code to mod_simple_vhost
  * added enhanced virtual host plugin from Christian Kruse
  * added two new auth-backends (htpasswd, htdigest)
  * fixed and improved authentication
  * stricter parsing of the Host: field
  * added a warning for unused configuration keys
  * improved FastCGI documentation

- 1.0.3 - 2004-02-13

  * a startup script has been added (LSB compliant)
  * HEAD requests were submitting the content like a GET request
  * the virtual directory listing got a face-lifting and fixes
  * request-headers are now handled case-in-sensitive as required
    by the standard. this fixes POST requests for w3m and some Proxies.

- 1.0.2 - 2004-02-07

  * rearrangement of the default configfile
  * some updates in the documentation
  * a entry in the error-log for a 404
  * stdout is no longer the default for the accesslog