Dear all,

We are glad to announce the release of GNU libmicrohttpd v1.0, and
future plans for the library.

About GNU libmicrohttpd
=======================

GNU libmicrohttpd is a small C library that makes it easy to run an
HTTP server as part of another application. GNU Libmicrohttpd is free
software and an official GNU package.  Key features that distinguish
GNU libmicrohttpd from other projects are:

* C library: fast and small
* API is expressive and fully reentrant
* Implementation is HTTP 1.1 compliant
* HTTP server can listen on multiple ports
* Various threading modes
* Three different sockets polling modes
* Broad platform support
* Support for IPv4 and IPv6
* Support for incremental processing of POST data
* Support for basic and digest authentication
* Support for TLS (requires libgnutls)

Do not use GNU libmicrohttpd if you are looking for a standalone HTTP
server, there are many other projects out there that provide that kind
of functionality already. However, if you want to be able to serve
HTTP requests from within your C or C++ application, check it out!

GNU libmicrohttpd has been primarily developed by the GNU maintainers
Evgeny Grin and Christian Grothoff over the last 16 years with the
help of a large community contributing features, bug reports and bug
fixes. We are especially grateful for code security audits performed
or paid for by Mozilla and Red Hat.

Changes
=======

This is the first non-bugfix release since version 0.9.75 and the first
ever stable release of GNU libmicrohttpd. It is a huge one with new
features and fixes.

The major changes:

* Rewritten parsing of clients' requests, fully aligned with current
  RFCs (9110 and 9112) requirements. Added detailed control of strict
  or lenient specification enforcement. Application may choose between
  more compatible mode or more strict and secure mode.
* Reworked Digest Auth, greater enhanced support for current RFC 7617
  features. MHD currently is the only known server-side implementation
  with support for SHA-512/256, userhash and username in extended
  notation. At the same time the very old RFC2069 is supported, as
  well as MD5 and SHA-256.
* Improved functionality in multi-threading environment, especially with
  external sockets polling modes.
* Reworked Basic Auth, adding new convenient API functions.
* Re-implemented GnuTLS initialisation. Now supported
  libmicrohttpd-specific system-wide configuration, as well as generic
  GnuTLS system-wide configuration. Application may adjust settings
  based on system configuration instead of specifying its own full
  configuration.
* Tons of other new functionality and various fixes. For detailed
  changes see the ChangeLog or Git commit logs.


Download
========

You can download GNU libmicrohttpd from:

* https://ftp.gnu.org/gnu/libmicrohttpd/ and all GNU FTP mirrors.
* Our Git repository at https://git.gnunet.org/libmicrohttpd.git

Please report bugs to our bugtracker at
https://bugs.gnunet.org/set_project.php?project_id=10.

The documentation (including a reference manual and tutorial) can be
found at https://gnu.org/s/libmicrohttpd.

Future Development
==================

Work will now begin work on a 2nd major version of GNU libmicrohttpd.
This version will have an easier to use API, add support for HTTP2 and
HTTP3, as well as multiple TLS backends.  Initial work on this will be
done by Taler Operations AG (https://taler-ops.ch/) under a commission
from the German Sovereign Technology Fund
(https://mastodon.social/@sovtechfund). The Sovereign Tech Fund
supports the development, improvement, and maintenance of open digital
infrastructure. Its goal is to sustainably strengthen the Free Software
ecosystem, focusing on security, resilience, technological diversity,
and the people behind the code.  The result will of course be Free
Software and continue to be released under the Lesser GNU General
Public License.

If you are interested in commercial support or would like to
financially support our development, please contact us at
<m...@taler-ops.ch>. We would like to see if we can transition from
purely volunteer work to paid work to accelerate development.  We
would especially like to hear from you if your business might be
interested in purchasing (CE) certifications for GNU libmicrohttpd
(say, under the EU Cyber Resilience Act). That would help us assess
this potential business case.

Of course, we will continue our best to provide gratis support -- but
no warranties -- to developers via the GNU libmicrohttpd mailinglist.


Happy hacking!

Evgeny & Christian

Reply via email to