PRE-RELEASE: lighttpd-1.4.13-r1370.tar.gz
The crash reported in #876 is critical enough to fire another release shortly after 1.4.12 was released.
It also contains some minor bugfixes and a better check for lua 5.1. If you are running on Debian you can compile mod-magnet with —with-lua=lua5.1
Download: lighttpd-1.4.13-r1370.tar.gz
ChangeLog:
trunk is trunk
darix just moved the svn-trees around. Now trunk/ is containing the code for 1.5.0 (formerly known as branches/lighttpd-merge-1.4.x) and branches/lighttpd-1.4.x is taking care of the 1.4.x series (formerly branches/lighttpd-1.4.11-ssl-fixes).
[1352] got commited to the 1.4.x-branch to fix a crash in 1.4.12.
RELEASE: lighttpd 1.4.12 14
I’m very proud to announce the release of 1.4.12.
After 8 pre-releases and several cross-compiles and test-runs no new bugs were found and you should have a solid and stable release in your hands.
Over the 1.4.11 was available for download (03/2006 – now) the number of lighty installations raised from 27 103 to 120 442 according to netcraft.com. That’s amazing. It was important for us to create a release is good enough to replace 1.4.11.
This release fixes several long-standing bugs like- SSL hangs with Opera (we added work-around for a bug in Opera)
- a long list of fixes for SSL in general
- added ssl.use-sslv2 and ssl.cipher-list for all who have to comply with PCI
- (experimental) LOCK support for webdav
- mod_magnet as long-term replacement for mod_cml
- mod_cml is deprecated from now on
- it will be removed in 1.5.0
- mod_magnet provides the same functionality and more with a cleaner syntax and in a more generic form
Download:
- lighttpd-1.4.12.tar.gz
http://www.lighttpd.net/download/lighttpd-1.4.12.tar.gz
MD5: 8f6756452138f5da384251f849b329f2
ChangeLog:
- added experimental LOCK support for webdav
- added Content-Range support for PUT in webdav
- added support for += on empty arrays in config-files
- added ssl.cipher-list and ssl.use-sslv2
- added $HTTP[“querystring”] conditional
- added mod_magnet as long-term replacement for mod_cml
- added work-around for a Opera Bug with SSL + Chunked-Encoding
- changed—print-config to print to stdout instead of stderr
- changed no longer use 0600 for new files with webdav. umask is honored. Make sure you have set a proper umask.
- fixed upload hangs with SSL
- fixed connection drops with SSL (aka bad retry)
- fixed path traversal with \ on cygwin
- fixed mem-leak in mod_flv_streaming
- fixed required trailing newline in configfiles (#142)
- fixed quoting the autoconf files (#466)
- fixed empty Host: + $HTTP[“host”] handling (#458)
- fixed handling of If-Modified-Since if ETag is not set
- fixed default-shell if SHELL is not set (#441)
- fixed appending and assigning of env.* vars
- fixed empty FCGI_STDERR packets
- fixed conditional server.allow-http-11
- fixed handling of follow-symlink + lstat()
- fixed SIGHUP handling if max-workers is used
- fixed “Software caused connection abort” messages on FreeBSD
PRE-RELEASE: lighttpd-1.4.12-r1320 14
Ok, a last pre-release before the final .12 release:
UPDATE 3 http://www.lighttpd.net/download/lighttpd-1.4.12-r1335.tar.gz
Most important are:
- SSL hang in phpMyAdmin with FireFox is fixed
- SSL delays with Opera are fixed
Please try this release as hard as possible before we have a final release.
ChangeLog:
- added experimental LOCK support for webdav
- added Content-Range support for PUT in webdav
- added support for += on empty arrays in config-files
- added ssl.cipher-list and ssl.use-sslv2
- added $HTTP[“querystring”] conditional
- added mod_magnet as long-term replacement for mod_cml
- added work-around for a Opera Bug with SSL + Chunked-Encoding
- changed—print-config to print to stdout instead of stderr
- fixed upload hangs with SSL
- fixed connection drops with SSL (aka bad retry)
- fixed path traversal with \ on cygwin
- fixed mem-leak in mod_flv_streaming
- fixed required trailing newline in configfiles (#142)
- fixed quoting the autoconf files (#466)
- fixed empty Host: + $HTTP[“host”] handling (#458)
- fixed handling of If-Modified-Since if ETag is not set
- fixed default-shell if SHELL is not set (#441)
- fixed appending and assigning of env.* vars
- fixed empty FCGI_STDERR packets
- fixed conditional server.allow-http-11
- fixed handling of follow-symlink + lstat()
- fixed SIGHUP handling if max-workers is used
- fixed “Software caused connection abort” messages on FreeBSD
Optimizing PHP + FastCGI
Over the last evenings I helped several lighty users to tune their application stack. Instead of telling the same story over and over again I wrote it down into a wiki page:
wiki://Docs:PerformanceFastCGI
Over time this will be the main source for application tuning, hints and secrets.
One more opcache for php (Preview) 30
I'm sure you use lighttpd because of performance and scalability, and many of you run php too. I'm please to introduce you another opcode cache for php.
Yes, another.
The preview version is deprecated. please check http://trac.lighttpd.net/xcache/wiki/GettingSource to get newer source.
and report problems at http://trac.lighttpd.net/xcache/newticket
Introducing
I myself, have used apc, mmcache/ea, ZendOptimizer, The only 3 choices before xcache. ab cache is too old and dead, saidly, before i use it. Every one of u write php script know them, and have one if them boost your php performance, because they're good.
But "What? Why you just introduce another opcode cacher?" It take some time to explain ... the short term: it give you one more choice. the long term: mmcache/ea is the most optimized php-opcache. ZendOptimizer isn't pre-built on all platform -- they release binary not source file. apc was stable on php4 but not works with php5, and now, is said works with php5 but php4 is left to desert...
Highlight spot of xcache
- cacher, similar as other opcaches.
- opcode disassembler, to see how your scripts looks after they're compiled into opcode.
- grows as php grows, using automated discover scheme by the devel, and the new changes to xcache to catch up new php version is brought to you easily.
- php4.x lastest is stably supported, php5.x lastest just works, php6-devel is supported for your further vision.
- many more ...
New function for script
$ grep proto *.c
mixed xcache_get(string name)
bool xcache_set(string name, mixed value [, int ttl])
mixed xcache_isset(string name)
bool xcache_unset(string name)
int xcache_inc(string name [, int value [, int ttl]])
int xcache_dec(string name [, int value [, int ttl]])
other proto need documented.
How to install
$ wget http://blog.lighttpd.net/files/xcache-preview.tar.gz
$ tar -zxf xcache-preview.tar.gz
$ cd xcache-preview
$ phpize
$ cat ./conf
$ ./configure --help
$ ./configure --enable-xcache-disassembler
$ make
$ su
# make install
take care about the output of make install append the following to php.ini:
[xcache]
xcache.size = 64M
xcache.mmap_path = "/tmp/xcache"
xcache.cacher = 1
zend_extension="/usr/.../extensions/..../xcache.so"
# or
extension="xcache.so"
Testing
restart your php (fastcgi or mod_php), check output for xcache status. if you see it there, you're done.
and finally test the opcode dumper:
$ ./phpdop.phpr ./phpdop.phpr
$ ./phpdc.phpr ./phpdc.phpr
Patch for hardened source (not tested)
Index: processor.m4
===================================================================
--- processor.m4 (revision 27)
+++ processor.m4 (working copy)
@@ -575,6 +575,9 @@
/* reserved */
DONE(reserved)
+ #if defined(HARDENING_PATCH) && HARDENING_PATCH
+ DISPATCH(zend_bool, created_by_eval)
+ #endif
} while (0);
')
dnl }}}
it is suggested to modify processor/processor.m4 directly as there might be spaces lost in blog.
log-condition-handling, The hidden feature for debuging
Many features was introduced into lighttpd 1.4.x series to improve config file handling. But there's something left undocumented, yet nice feature, for debuging.
It was originally implemented to debug the new condition caching system internally for developers only.
But i found it nice for user to debug how to condition is matching, seeing the 2 values on both side of the operator, and if they matched. A new patch was commited to make it a bit cleaner for your use.
- just add or uncomment: debug.log-condition-handling = "enable" in your configuration.
- restart your lighttpd, or start it with sbin/lighttpd -Df lighttpd.conf
- request the url, and check the error.log, or stderr in case u haven't specified error.log
./sbin/ligittpd -pf test.conf
config {
var.PID = 25629
var.CWD = "/usr/src/lighttpd/branches/lighttpd-merge-1.4.x"
server.modules = ("mod_indexfile", "mod_staticfile")
server.port = 8080
server.document-root = "/tmp"
debug.log-condition-handling = "enable"
$HTTP["useragent"] =~ "MSIE" {
# block 1
} # end of $HTTP["useragent"] =~ "MSIE"
}
./sbin/lighttpd -Df test.conf
2006-04-02 13:40:05: (src/log.c.75) server started
2006-04-02 13:40:07: (src/response.c.150) run condition
2006-04-02 13:40:07: (src/configfile-glue.c.404) === start of 1 condition block ===
2006-04-02 13:40:07: (src/configfile-glue.c.356)
HTTP["useragent"] ( Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) ) compare to MSIE
2006-04-02 13:40:07: (src/configfile-glue.c.419) 1 result: true
See also: advanced configuration in 1.4.x, lighttpd unleashed part one, lighttpd unleashed part two
lighttpd unleashed - part two 2
The big thing of lighttpd 1.4.0 were the nested conditionals, but how can they be used ? And what are includes ?
A example for nested confitionals went already into the announcement:
$HTTP["host"] == "www.example.org" {
$HTTP["url"] =~ "^/dav($|/)" {
webdav.activate = "enable"
}
$HTTP["remoteip"] != "10.0.0.0/16" {
auth.require = ( "" => ( "method" => "basic",
"realm" => "webdav",
"require" => "valid-user" ) )
}
}
But what are includes for ? For a start we want to go the mass-hosting way and want to create a generic pattern for virtual hosts without using mod_simple_vhost or similar modules.
We have a simple webserver structure:
- all servers are under /var/www/servers/
- the part is the hostname of the server
- and logs and public files are at logs/ and pages/
resulting in /var/www/servers/www.example.org/pages/.
In lighttpd 1.3.x you had to copy the conditionals for all host including all the options. There was no way to do some interpretation of the config file.
In lighttpd 1.4.0 this has changed and we can use expressions and includes:
server.document-root = "/tmp"
server.port = 1025
server.modules = ( "mod_access" )
access.deny = ( "~", ".inc" )
$HTTP["host"] == "www.example.org" {
var.hostname = "www.example.org"
include "baseconfig.conf"
}
$HTTP["host"] == "www2.example.org" {
var.hostname = "www2.example.org"
include "baseconfig.conf"
}
and a baseconfig.conf
server.document-root = "/var/www/servers/" + hostname + "/pages/" access.logfile = "/var/www/servers/" + hostname + "/logs/accesslog"
With var.hostname you can set a user-variable in the configuration which can be used everywhere in the config to pass data around. We use it here to substiture the parts of the baseconfig for each host and set the document-root and the location of the accesslog for each host.
But how does the config look like that is used by lighttpd ? The option -p will tell us:
$ /lighttpd -p -f ./lighttpd-includes.conf
config {
server.document-root = "/tmp"
server.port = 1025
server.modules = ("mod_indexfile", "mod_access", "mod_dirlisting", "mod_staticfile")
access.deny = ("~", ".inc")
$HTTP["host"] == "www.example.org" {
# block 1
var.hostname = "www.example.org"
server.document-root = "/var/www/servers/www.example.org/pages/"
access.logfile = "/var/www/servers/www.example.org/logs/accesslog"
} # end of $HTTP["host"] == "www.example.org"
$HTTP["host"] == "www2.example.org" {
# block 2
var.hostname = "www2.example.org"
server.document-root = "/var/www/servers/www2.example.org/pages/"
access.logfile = "/var/www/servers/www2.example.org/logs/accesslog"
} # end of $HTTP["host"] == "www2.example.org"
}
Nice, isn’t it ? :)
lighttpd unleashed - part one 2
From time to time we write code faster than documention. This basicly means that sometimes small gems are hidden and unknown to most users.
This time we want to put some focus on the new commandline options in lighttpd 1.4.0 and higher.
$ lighttpd -h lighttpd-1.4.1 (ssl) (Aug 23 2005 16:37:21) - a light and fast webserver usage: -f <name> filename of the config-file -p print the parsed config-file in internal form, and exit -t test the config-file, and exit -D don't go to background (default: go to background) -6 use IPv6 -v show version -h show this help
The new options are -p and -t. They will help you to check that is everything is ok, before you start lighttpd with the new configuration.
$ lighttpd -t -f ./lighttpd.conf Syntax OK
Especially if you start to use the the new features of lighttpd 1.4.0 like includes and expressions the print out of the parsed configuration will help you to see if everything really worked out as planed.
lighttpd 1.4.1 3
Just a few minutes ago lighttpd 1.4.1 has been released, shortly after lighttpd 1.4.0 which had some user-visible problems.
1.4.1 fixes those bugs, stabilizes the SSL support on OpenBSD and finishes the WebDAV support in mod_webdav to Class 1 (all options except LOCK/UNLOCK).
The WebDAV support is interesting for everyone using modern webdevelopment tools or something like webdav-fs.
You can savely (via SSL and secured by Authentication) edit, move and copy files in there source form while they user is able to see the generate content in the browser.
The other big feature (I think far more important) is the support for nested conditionals in the configuration. Now you can write configurations like:
$HTTP["host"] == "www.example.org" {
$HTTP["url"] =~ "^/dav($|/)" {
webdav.activate = "enable"
}
$HTTP["remoteip"] != "10.0.0.0/16" {
auth.require = ( "" => ( "method" => "basic",
"realm" => "webdav",
"require" => "valid-user" ) )
}
}
... to enable webdav support in the /dav/ directory of www.example.org and allows all users from the local network to access the host without authentication.
Over the next days we will write some tutorials which will illustrate the new features in the configuration more briefly (like the different include optoins, variable substitution and the like).
If you want to cheat, take a look into the manual.