Update: There is a small regression in mod_magnet, see #1307

We finally added TLS SNI, and many other small improvements. We also fixed pipelining (that should fix problem with lighty as debian mirror) and some mod_fastcgi bugs - this should result in improved handling of overloaded and crashed backends (you know which one :D).

Important changes

• Connection state handling (pipelining should work now)
• FastCGI fixes: improved disabled-time handling, fixed bug in active-backends counter.
• TLS SNI support

Downloads

• https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.tar.gz
  • SHA256: d7cb514e0953a8d8a9b88b0029e5a0380ca740ae385b465bd0592023ad75a0c7
  • SHA1: f925f07b40a50ac97a595542fa8bee80c37e4ed0
  • MD5: cb2155230f5738bf56d14131874c36fe
• https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.tar.bz2
  • SHA256: 6e643dc4627d742510afee67654291a5190a316f5737dfb463b158a70f24750e
  • SHA1: 7a2f53d4af25d4b0b94cb7b3900c5600dcda1b00
  • MD5: e2324a24e4a5bce74663c21c58ddd200
• SHA256 checksums: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.sha256sum
• SHA1 checksums: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.sha1sum
• MD5 checksums: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.md5sum

Changes from 1.4.23

• Add T_CONFIG_INT for bigger integers from the config (needed for #1966)
• Use unsigned int (and T_CONFIG_INT) for max_request_size
• Use unsigned int for secdownload.timeout (fixes #1966)
• Keep url/host values from connection to display information while keep-alive in mod_status (fixes #1202)
• Add server.breakagelog, a “special” stderr (fixes #1863)
• Fix config evaluation for debug.log-timeouts option (#1529)
• Add “cgi.execute-x-only” to mod_cgi, requires +x for cgi scripts (fixes #2013)
• Fix FD_SETSIZE comparision warnings
• Add “lua-5.1” to searched pkg-config names for lua
• Fix unused function webdav_lockdiscovery in mod_webdav
• cmake: Fix crypt lib check
• cmake: Add -export-dynamic to link flags, fixes build on FreeBSD
• Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026)
• Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
• Show “no uri specified -> 400” error only when “debug.log-request-header-on-error” is enabled (fixes #2030)
• Fix hanging connection in mod_scgi (fixes #2024)
• Allow digits in hostnames in more places (fixes #1148)
• Use connection_reset instead of handle_request_done for cleanup callbacks
• Change mod_expire to append Cache-Control instead of overwriting it (fixes #1997)
• Allow all comparisons for $SERVER[“socket”] - only bind for “==”
• Remove strptime failed message (fixes #2031)
• Fix issues found with clang analyzer
• Try to fix server.tag issue with localized svnversion
• Fix handling network-write return values (#2024)
• Use disable-time in fastcgi for all disables after errors, default is 1sec (fixes #2040)
• Remove adaptive spawning code from fastcgi (was disabled for a long time)
• Allow mod_mysql_vhost to use stored procedures (fixes #2011, thx Ben Brown)
• Fix ipv6 in mod_proxy (fixes #2043)
• Print errors from include_shell to stderr
• Set tm.tm_isdst = 0 before mktime() (fixes #2047)
• Use linux-epoll by default if available (fixes #2021, thx Olaf van der Spek)
• Print an error if you use too many captures in a regex pattern (fixes #2059)
• Combine Cache-Control header value in mod_expire to existing HTTP header if header already added by other modules (fixes #2068)
• Remember keep-alive-idle in separate variable (fixes #1988)
• Fix header inclusion order, always include “config.h” before any system header
• mod_webdav: Patch to skip login information for domain part of Destination field (fixes #1793)
• mod_webdav: Delete old properties before updating new for MOVE (fixes #1317)
• Read hostname from absolute uris in the request line (fixes #1937)
• mod_fastcgi: don’t disable backend if disable-time is 0 (fixes #1825)
• mod_compress: match partial+full content-type (fixes #1552)
• mod_fastcgi: fix is_local detection, respawn backends if bin-path is set (fixes #897)
• Fix linger-on-close behaviour to avoid rare failure conditions (was r2636, fixes #657)
• mod_fastcgi: restart local procs immediately after they terminated, fix local procs handling
• Fix segfault on invalid config “duplicate else conditions” (fixes #2065)
• mod_usertrack: Use T_CONFIG_INT for max-age, solves range problem (#1455)
• mod_accesslog: configurable timestamp logging (fixes #1479)
• always define _GNU_SOURCE
• Add some iterators for mod_magnet (fixes #1307)
• Fix close_timeout_ts trigger (should finally fix lingering close)
• mod_rewrite: add url.rewrite[repeat]if-not-file to rewrite if file doesn’t exist or is not a regular file (fixes #985, thx lucas aerbeydt)
• Add TLS servername indication (SNI) support (fixes #386, thx Peter Colberg <peter@colberg.org>)
• Add SSL Client Certificate verification (#1288)
• mod_fastcgi: Fix host->active_procs counter, return 503 if connect wasn’t successful after 5 tries (fixes #1825)
• mod_accesslog: escape special characters (fixes #1551, thx icy)
• fix mod_webdav crash from #1793 (fixes #2084, thx hiroya)
• Don’t print ssl error if client didn’t support TLS SNI
• Fix linger close timeout handling, drop timeout to 5 seconds (fixes #2086)
• Fix broken return values from int to enum in mod_fastcgi