Thanks a lot for this new release! 🍻 On Sun, Dec 19, 2021 at 1:13 PM Evgeny Grin <k...@yandex.ru> wrote:
> Dear all, > > I'm very glad to finally announce the new release of GNU libmicrohttpd > library version 0.9.74. > This release brings a lot of fixes and improvements, and > important new features. > The most significant addition is the new experimental > implementation of WebSockets contributed by David Gausmann. This > implementation is not fully tested yet so currently it is disabled > by default. > Other changes include a lot of improvements and clarifications > in doxy comments in microhttpd.h header file, improved compliance > with the RFC HTTP specifications, the new implementation of reply > header forming, the new implementation of request chunked encoding > parsing, new automatic error replies, internal optimisations, and > many important fixes, including fixes for long-standing bugs. > > More detailed list of notable changes: > > API changes: > + Added new function MHD_get_reason_phrase_len_for(). > + Added MHD_CONNECTION_INFO_HTTP_STATUS type of information > queried by MHD_get_connection_info(). > + Added new response flag MHD_RF_SEND_KEEP_ALIVE_HEADER to force > sending of "keep-alive" header even if not required by RFC. > + Added new response creation function > MHD_create_response_from_buffer_with_free_callback_cls() with > custom cleanup callback. > + Added new response flag MHD_RF_HTTP_1_0_COMPATIBLE_STRICT with > the same functionality as existing MHD_RF_HTTP_VERSION_1_0_ONLY > flag. The old flag will be deprecated. > + Added new response flag MHD_RF_HTTP_1_0_SERVER with the same > functionality as existing MHD_RF_HTTP_VERSION_1_0_RESPONSE flag. > The old flag will be deprecated. > > New features: > + Added experimental WebSockets extension with separate header. > Disabled by default as it is not fully tested yet. > + Added '--enable-sanitizers[=address,undefined,leak,user-poison]' > configure parameter (instead of '--enable-sanitizer'), > implemented custom memory poisoning for memory pools. > > Improvements and enhancements: > * Doxy function descriptions was corrected, clarified, extended, > and improved. Now it should be much easier to learn MHD just by > reading the headers. > * Completely rewritten reply header forming. New implementation is > more robust, simpler maintainable and expandable, and better > follows RFC HTTP specifications. > * Performance improvements: now HTTP version and request method are > decoded one time only (previously MHD used string comparison many > times during processing the data). > * Rewritten request chunked payload decoding. The new > implementation better conforms to the HTTP RFC, detects format > problems earlier, replies to the clients with description of > detected problems, handles untypical (but syntactically correct) > values properly. > * Added special replies for wrong/unsupported HTTP versions in > requests, broken HTTP chunked encoding in requests, > * As required by HTTP RFC, added automatic error replies if client > used broken chunked encoding, too large chunk size, too large > payload size, or broken Content-Length header. > * Optimized connection's memory pool handling. > * Changed timeout precision from one second to one millisecond. > * Added some checks for incorrect user data, reporting problems in > MHD log. > * Improved performance of hash calculations functions by using > compiler built-ins (if available). > * Implemented SHA-1 calculations (required for WebSockets). > * Added universal MSVC project that works with any (sufficiently > new) version of MSVC. > * Developed simple HTTP client to test MHD under very special > conditions. > * Implemented 45 new tests. > * Improved existing tests to test more aspects of MHD. > * Added check for correct results of system and libcurl functions. > * Response headers are checked during forming of responses. > * HTTPS tests were improved. > * Added rebuild on W32 of all required files if files are missing. > * Many internal optimisations and improvements. > > Functional changes: > * Keep-alive header is omitted by default for HTTP/1.1 connections. > Use of header can be enforced by response flag. > * Chunked encoding is used for HTTP/1.1 non-keep-alive connections > for responses with unknown size. Previously MHD used "indication > of the end of the response by closing connection" in such cases, > however it is not correct for HTTP/1.1 connections as per HTTP > RFC. > * As required by HTTP RFC, use HTTP/1.1 version instead of HTTP/1.0 > in reply headers when client is HTTP/1.0 . HTTP/1.0 version can > be enforced by response flag. > * User response headers are used in replies in the same order as > was added by application. > * Allowed tab characters in response header values. > * All custom "Connection:" response headers are automatically > combined into single "Connection:" header. > * "keep-alive" token silently dropped from custom "Connection:" > response header. "Keep-alive" cannot be enforced and used > automatically if possible. > * Allow tab character in custom response header value. > * Disallow space character in custom response header value. > * Do not allow responses with 1xx codes for HTTP/1.0 requests. > * Detected and reported incorrect "Upgrade" responses. > * W32 targets are changed to Vista+ by default. XP is supported > still. > > Fixes: > # Fixed short busy-waiting (up to one second) when connection is > going to be expired and closed. > # Fixed handling of errors during start of new connection, fixed > inability to accept new connections in thread-per-connection mode > due to the missing decrement of number of daemon's connections if > start of new thread is failed. > # Fixed incorrect parsing of LFLF, LFCR, CRCR, and bare CR as > single linefeed in request header and request chunked payload. > Now only CRLF or bare LF are recognized as linefeed. > # Fixed response chunked encoding handling. Now it works properly > with non-keep-alive connection, with fixed size replies (if > chunked was enforced by header), and in other situations. > # Other fixes for chunked replies. > # Fixed handling of custom connection timeout in thread-per- > connection mode. > # Fixed wrongly used MHD_REQUEST_TERMINATED_COMPLETED_OK code for > application notification when MHD_REQUEST_TERMINATED_WITH_ERROR > code must be used. > # Fixed code MHD_REQUEST_TERMINATED_READ_ERROR not reported (code > MHD_REQUEST_TERMINATED_WITH_ERROR was incorrectly used instead). > # Fixed handling of request chunked encoding with untypical > formatting. > # Fixed processing of last part of hex-encoded values under > certain conditions. > # Fixed value returned for MHD_CONNECTION_INFO_REQUEST_HEADER_SIZE. > # Fixed returned value for MHD_FEATURE_AUTOSUPPRESS_SIGPIPE on W32, > now it is MHD_YES as W32 does not need SIGPIPE suppression. > # Fixed portability of bitwise NOT for enums values. > # Fixed SHA-256 and MD5 calculations with unaligned data. > # Fixed incorrect caseless matching for HTTP version. > # Fixed incorrect caseless matching for request method. > # Fixed compatibility with old GnuTLS versions. > # Fixed compiler warnings on 32-bits platforms. > # Fixed blocking sockets setting in tests and examples for W32. > # Fixed examples to really use libmagic if present. > # HTTPS tests were fixed. > # Fixed libcurl test with case-insensitive match for HTTP methods, > method names must use case-sensitive match. > # Fixed tests compatibility with old libcurl versions. > # Fixed build on W32 with llvm-dlltool (this tool is too > oversimplified) > > > You can download GNU libmicrohttpd from > > * https://ftp.gnu.org/gnu/libmicrohttpd/ and all GNU FTP mirrors. > * Our git repository at https://gnunet.org/git/libmicrohttpd.git > > Please report bugs to our bugtracker at > https://bugs.gnunet.org/set_project.php?project_id=10. > > The documentation (including a reference manual and tutorial) can be > found at https://gnu.org/s/libmicrohttpd. > > -- > Best Wishes, > Evgeny > > -- Silvio Clécio
