* Important bugfix

A bug in "SendFile" allowed for reading files outside of the
configured directory.  This is fixed.

* Compilation

The early pthread_cancel probe hack is no longer used.  Consequently, the
"--disable-pthread-cancel-probe" configure option is gone.

* Handling of errors during service selection

In previous versions, if service selection failed due to an error
(e.g. because a non-existing backreference was used, a run-time error
in a Lua function occurred, or the like), that service would be skipped
as if its conditions returned false, and the next one would be tried.
This could lead to selecting an improper service in case of error.

Starting from this version, any error occurring during service
selection causes pound to return internal server error (500).

* File descriptor usage

At startup, pound closes all inherited file descriptors numerically
greater than 2.  If this is undesirable for some reason, use the
-Wno-close-extra-fds command line option.

Capacity of the incoming connection queue (used when all workers
become busy) is computed so as to prevent the program from running out
of file descriptors.  It can also be set explicitly, using the
"ConnectionQueueSize" configuration file statement.

* Configuration constants

The "Constant" statement defines a configuration constant for use in
string expansions and Lua code.  A constant is a string value
identified by a unique name.  The "Constant" statement can appear in
top-level, listener, and service scopes.  The syntax is:

  Constant "NAME" "VALUE"

or

  Constant "NAME" OPTIONS

where OPTIONS are:

  -file FILE
    Read constant value from the file FILE at startup.

  -filewatch FILE
    Read constant value from the file FILE, and monitor it during
    the runtime for changes.

  -trim
    Trim off the trailing whitespace from the obtained value.

Constants can be used in string expansions (using the "%[const NAME]"
accessor), and in Lua code (using the "http:const(NAME)" method).
Refer to the documentation, section "Constants", for a detailed
discussion with examples.

* Tunnels

A tunnel passes an opaque stream of bytes between the client and backend.
It is defined in configuration file using the following construct:

  Tunnel [ "ID" ]
      Address IPADDR
      Port PORT
      Backend
	  Address IPADDR
	  Port PORT
      End
  End

Naturally, only one backend is allowed.  Similarly to other listeners,
the Address/Port pair in the Tunnel section can be replaced with a
single SocketFrom statement.  The following statements are allowed in
Backend subsection: Timeout, ConnTO, Disabled.

* Runtime log level control

The "poundctl" command can be used to inspect log level settings or to
change them without restarting pound.

  - poundctl log [/]
    Show global log level.

  - poundctl log /L
    Show log level for the listener L.

  - poundctl log /[L] F
    Set log level F. If argument is "/", global log level is
    set. Otherwise, log level for the listener L is set.

  - poundctl log -d /L
    Clears log level setting for the listener L.  As a result, the
    listener will use global log level.

  - poundctl log -d [/]
    Set global log level to "null".

* Lua: access to the originator IP

Two new fields are available in the "http" table:

  * http.rmt_ip

    Request originator IP address (as string).

  * http.fwd_ip

    Request originator IP address (as string), determined using the
    X-Forwarded-For (or similar) header. If the request bears no such
    header or if the TrustedIP list is not declared, this is
    equivalent to http.rmt_ip.