---
New in version 2.20b:
* Corrected version of Marcel Telka's ssi fix. My bad.
New in version 2.20:
* Performance improvements to the timer package via hashing, and
double-linking / sorting the lists. Partially based on a suggestion by
Michal Ostrowski.
* Performance improvement to the mmap cache package, from Evan Jones.
* Minor Linux fix for open files limit, from Jordan Ritter.
* Fix for null ClientData, which picky compilers didn't like.
* Unknown sockaddr type becomes a non-fatal error, preventing a DOS attack.
* Close extraneous file descriptors on CGI calls - from Russell Dill.
* Security fixes for the external ssi program, from ghandi@dopesquad.net and
Wolfgang Rupprecht.
* Fix to make the ssi program elide the HTML comment sequence, from Marcel
Telka.
* Red Hat packaging updates from Bennett Todd.
* Throttling fix from Tom Pavel.
New in version 2.19:
* Added hack to prevent MSIE 5 from censoring error messages.
* Minor fix to handling of shouldn't-happen error in ls().
* IPv6/Linux fix from Tero Pelander.
* Documented the -D flag.
New in version 2.18:
* Fixed URL-encoding of high-bit characters - used in directory
listings.
* Made a few more characters come through verbatim instead of %-encoded.
* Couple of minor code cleanups.
* Added some MIME types to support WAP/WML.
* IPv6 fix.
* Made MIME text character-set an option, with iso-8859-1 the default.
New in version 2.17:
* A change in the way wildcard matching works - now a single * only
matches strings that don't include a slash. To match entire pathnames
including slashes you have to use **.
* On systems with IPv6, automatically bind to both v4 and v6 sockets.
* Slight change to non-local referer checking to handle older browsers.
* Tweaks to some of the error-403 syslog messages.
* Portability tweak for OSF/1.
* Portability tweak for IPv6 systems.
* Fix for ssi.c from Marcel Telka.
* Added charset=iso-8859-1 to text MIME types.
* Added wildcards to redirect.
* Changed symlinks/nosymlinks config options to symlink/nosymlink, to
conform to the man page (old style still accepted).
upgrade 2.15 -> 2.16. changes from webpage:
- More explicit error pages for 403 Forbidden.
- New section in the manual page explaining how thttpd is picky about
file permissions.
- Couple of CGI tweaks from David Chaiken.
Main reason: IPv6. Changes:
New in version 2.15:
* Use standard isxdigit macro instead of is_hexit routine.
* Portability fix for Debian, which lacks gai_strerror().
* Fix for .htpasswd authorization, broken by 2.14's custom error pages
change.
New in version 2.14:
* Fix to non-local referer code - it was trying to dereference a null
pointer under some circumstances.
* Fix to If-Modified-Since - some leap year problems.
* Rewrote match() - it was using a whole lot of CPU time for patterns
with lots of |'s, such as those used by the new non-local-referer
filtering.
* Fix to host lookup code for -h flag.
* Fix custom error pages to work with 401 Unauthorized.
* Removed unused variable.
New in version 2.13:
* Portability fix for fdwatch on systems with poll() but not select().
* Renamed nph-redirect to redirect, now that thttpd does header parsing.
* Always chdir to / after a chroot.
* Some minor de-linting changes.
* Revived code that closes stdin/stdout/stderr, after adding a fix in the
CGI code to prevent descriptors from getting screwed up.
* Bugfix for CGI header parsing - if the CGI was sending binary data
(e.g. images), the result could get truncated or corrupted.
* Disallow ".." listing of virtual host directory.
* Revised snprintf portability fix.
* Rearranged the hc initialization so it's all in one place.
* New IPv6 code from KIKUCHI Takahiro.
* New non-local referer filtering code from Craig Leres.
* New custom error pages code from Catalin Ionescu.
New in version 2.12:
* Better heuristic for deciding between select() and poll().
* Added Red Hat RPM spec file.
New in version 2.11:
* Use poll() instead of select() when favorable.
* Do lazy allocation of part of the connection data structure, to save on
memory now that we can have thousands of simultaneous connections.
* Some speed optimizations.
* Add HTTP_HOST to CGI environment.
* Bugfix for rare uninitialized variable.
New in version 2.10:
* Bugfix for CGI header parsing.
* Call setlogin() if it's available.
Michael Santos in PR pkg/8801. Chances since version 2.04:
- New el-cheapo virtual hosting feature.
- Assorted bug fixes - non-anchored wildcard matching, truncated CGI
output, throttling, authorization cache, daemonization, date-header
parsing.
- Option to write pid to a file, re-open log file on SIGHUP.
- Now looks for index files from a list, instead of only index.html.
- Simple config file.
