1.7.9
=====
- the rewritten http_header_comp() function implemented in version 1.7.7
  could lead to a buffer overflow in some circumstances because the arrived
  header sequence was not checked for its minimum size.  on my machines
  this effect ended up in a immediately process termination.  nasty bug
  fixed now.  while we are at this function we also get rid of strlen()
  because we already have the current header size saved in our connection
  structure; safer and faster
- fixed man page typos

1.7.8
=====
- CGIs are no longer determined by a CGI alias.  nhttpd checks now if a
  file has the world executable flag set, and if yes the file is handled
  as a CGI.  this allows you to place CGIs anywhere in your document root,
  and also to use CGIs as index.  the cgiroot and cgiindex config options
  are obsolete therefore and where removed from the configfile.  cgi-bin
  has moved to htdocs/cgi-bin
- use stat(2) S_IROTH instead of access(2) to check for file permissions,
  as we have that information already
- added HTTP_ACCEPT_ENCODING CGI env
- simplified debug logging
- fixed broken permissions checking on directories
- fixed another binary data handling issue in CGI main loop
- improved error handling for select(2) in CGI main loop
- on a fatal error at CGI execution send a 500 before exit(3)
- extended man page

1.7.7
=====
- http_header_comp() which checks if a complete header sequence arrived got
  unreliable because of our new asynchronous connection handling since version
  1.7.6.  the function is fixed now and as a side effect much more
  simplified using less resources

1.7.6
=====
- rewrote nostromo to handle connections fully asynchronous over one single
  select(2) now.  this change also fixes the problem that slow connections
  walked into a connection timeout
- the socket send buffer size is now kept to the operating system value by
  default.  it can be changed optional in config.h by the SBS define
- added debug mode option
- added IF_MODIFIED_SINCE CGI env, diff received from dhartmei
- fixed unterminated childs leftover when parent is killed
- fixed broken pipeline connection handling
- fixed http_chunk() to handle also binary data now
- fixed double printing of server port in the signature
- fixed double creation of Location header field for CGIs
- fixed wrong Location string for 301 responses over SSL non-default port
- fixed access log variable which could be used uninitialized
- fixed broken custom responses.  on large custom response files, the transfer
  was aborted
- disabled chunking for HTTP/1.0 clients
- disabled case sensitivy for HTTP protocol
- reorderd configuration file
- removed a unnecessary getpid(2) when daemonizing
- replaced signal handlers SIGTERM code with a volatile sig_atomic_t flag
- extended man page
- improved style / KNF

1.7.5
=====
- set SO_SNDBUF size on accepted client socket, not on the listener socket,
  because not every tcp/ip implementation supports inheritance
- set sockets to O_NONBLOCK to prevent any possible blocks

1.7.4
=====
- fixed POST content size limitation of 8KB. POST content can now be
  unlimited and is handled in the forked CGI process itself
- removed all setenv(3) and unsetenv(3) functions and set CGI environment vars
  with execve(2) instead. this has increased the CGI serving performance about
  the factor 8
- the DOCUMENT_ROOT CGI environment variable was set wrong in some cases.
  bug fixed now
- in some cases the GMT offset was wrong calculated in the access log.
  bug fixed now

1.7.3
=====
- optimized performance and memory usage by source code optimization
- if a CGI post body included binary data the processing was aborted because
  we could not handle the binary part. bug fixed now
- if a CGI post body was terminated with '\r\n' and some browsers count that to
  its content length (and some do not, what a mess!) the post was ignored. bug
  fixed now
- if the defined setuid user was not found, output a custom error instead the
  getpwnam(3) errno which almost says nothing
- removed -ansi compile option to follow OpenBSD
- fixed -pedantic compile option source code quirks
- replaced libmy with latest version libmy-1.4
- changed logo url
- applied typo diff for man page received from mbalmer

1.7.2
=====
- added custom 401, 403, and 404 responses, requested by marwin
- added nph CGI support
- close all file descriptors which do not belong to the child after fork(2)
- replaced recv(2) with read(2) as we do not use flags
- replaced send(2) with write(2) as we do not use flags
- check more system calls for EINTR
- if a CGI post body was terminated with '\r\n', we did not parsed that and
  the post was ignored. bug fixed now
- in some cases we had wrong data transmission because write(2) was not checked
  for short writes. bug fixed now
- fixed SSL memory leak

1.7.1
=====
- implemented HEAD method
- if on basic authentication the realm option in a htaccess file could not
  be parsed, we just kept the last value in the realm variable instead of
  overwriting it with "unknown realm". bug fixed now

1.7
===
- added 206 Partial Content. forced by Delta :)
- added example lines to configuration file how to change default port 80
- excluded sin6_len for Linux
- imported new nostromo logo
- it is possible now to run IPv6 only
- deny to run nhttpd as root
- improved SSL handshake
- main select(2) checks now writefds to cleanly serve partial file sends
- fixed typos and reviewed source code for BSD style
- if 301 Moved Permanently was called with https, we switched back to http
  because we did not check for the https flag. bug fixed now

1.6
===
- added IPv6 support
- added pid file creation
- set listener sockets to SO_REUSEADDR
- moved a bunch of static environment variables to dynamic ones, because of
  SSL and IPv6 introduction
- CGI https environment variable was set wrong because asking the wrong ssl
  flag variable. bug fixed now
- if running in chroot mode, virtual hosts and aliases where not found because
  we accessed the full path to the config file. bug fixed now
- if returning 500 on file send errors, open files where not closed. bug fixed
  now

1.5.1
=====
- chroot mode caused process hang if /dev/null where not found in the chroot
  environment. bug fixed now

1.5
===
- added ssl support
- added 403 Forbidden, what means that files are checked for read permissions
  now instead returning 500 Internal Server Error if no access
- added todo file
- corrected and extended man page
- if the content type was unknown the previous content type was sent, which is
  wrong. now the html content type will be send per default on unknown
  content types
- select(2) for header and body read where using the same readset as the master
  select(2) which is wrong. using now own readset

1.4
===
- corrected the man page
- one of three access_log functions was still logging with two lines per hit.
  bug fixed now

1.3
===
- makefiles have been ported to compile also on NetBSD, FreeBSD, Linux and
  MacOSX
- reduced access_log to one line per hit instead of two
- filenames including spaces in directory listing wasn't found, because the
  href entry had no quotes. bug fixed now

1.2
===
- if a CGI was called which didn't exist, the last called CGI was executed
  because the responsible variable, which holds the full executable path,
  wasn't overwritten. bug fixed now
- replaced libmy with latest version libmy-1.3 (fixes important security issues)
- replaced last strcpy(3) with strlcpy(3)

1.1
===
- increased socket send buffer to avoid send(2) blocking when buffer is full
- in server log removed unnecessary log messages, made the existing ones more
  specific and added new log messages
- removed pre-compiler debug informations because they made the source code
  hard to read and where not really usable in action

1.0
===
- fixed memory leak

0.9
===
- a wrong if-condition caused the nhttpd parent process to exit(0) if a
  CGI was called which didn't exist. bug fixed now

0.8
===
- nostromo has been rewritten from a fork(2) server to a select(2) server.
  with this new method no more child forking for file requests is necessary
  and the server performance increases therefore
- increased performance by optimizing source code
- replaced libmy with latest version libmy-1.2 (faster)
- added pre-compiler debug option to config.h

0.7
===
- sometimes a child process still hung because not all recv(2) was checked for
  connection timeout. placed select(2) in front of all recv(2) to check timeout.
- fixed wrong version numbering at several places
- added install script (Install)

0.6
===
- sometimes a child process hung because of blocking recv(2). bug fixed now
- replaced libmy with latest version libmy-1.1
- added timestamps to server log file
- added version option

0.5
===
- nhttpd didn't chroot(2) because chroot(2) where placed before all
  configuration files could be read. bug fixed now

0.4
===
- libmy had missing #include <string.h> in flog.c, nsend.c, strlower.c
  some architectures (e.g. sparc64) complained and stopped at compiling.
  bug fixed now

0.3
===
- nhttpd didn't handle http control characters (\r\n\r\n) in POSTs body entity,
  and blocked at recv(2). bug fixed now

0.2
===
- changed default configfile path to /var/nostromo/conf/nhttpd.conf
- chdir/chroot will directly done after reading the configfile successfully
- SIGPIPE, SIGHUP, SIGQUIT, SIGALRM will be silently ignored now and don't
  generate a server log anymore

0.1
===
- initial version
