From cb35beef2a938b80c9e4b5d6a408eca437aa74db Mon Sep 17 00:00:00 2001 From: Arno Töll Date: Sun, 20 Jul 2014 06:23:00 -1100 Subject: Imported Upstream version 2.4.10 --- support/ab.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'support/ab.c') diff --git a/support/ab.c b/support/ab.c index 13041505..2bb7eef3 100644 --- a/support/ab.c +++ b/support/ab.c @@ -266,14 +266,14 @@ struct data { int verbosity = 0; /* no verbosity by default */ int recverrok = 0; /* ok to proceed after socket receive errors */ -enum {NO_METH = 0, GET, HEAD, PUT, POST} method = NO_METH; -const char *method_str[] = {"bug", "GET", "HEAD", "PUT", "POST"}; +enum {NO_METH = 0, GET, HEAD, PUT, POST, CUSTOM_METHOD} method = NO_METH; +const char *method_str[] = {"bug", "GET", "HEAD", "PUT", "POST", ""}; int send_body = 0; /* non-zero if sending body with request */ int requests = 1; /* Number of requests to make */ int heartbeatres = 100; /* How often do we say we're alive */ int concurrency = 1; /* Number of multiple requests to make */ int percentile = 1; /* Show percentile served */ -int nolength = 0; /* Accept variable document length */ +int nolength = 0; /* Accept variable document length */ int confidence = 1; /* Show confidence estimator and warnings */ int tlimit = 0; /* time limit in secs */ int keepalive = 0; /* try and do keepalive connections */ @@ -1888,14 +1888,14 @@ static void test(void) static void copyright(void) { if (!use_html) { - printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1554214 $>"); + printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1604373 $>"); printf("Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); printf("Licensed to The Apache Software Foundation, http://www.apache.org/\n"); printf("\n"); } else { printf("

\n"); - printf(" This is ApacheBench, Version %s <%s>
\n", AP_AB_BASEREVISION, "$Revision: 1554214 $"); + printf(" This is ApacheBench, Version %s <%s>
\n", AP_AB_BASEREVISION, "$Revision: 1604373 $"); printf(" Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
\n"); printf(" Licensed to The Apache Software Foundation, http://www.apache.org/
\n"); printf("

\n

\n"); @@ -1949,6 +1949,7 @@ static void usage(const char *progname) fprintf(stderr, " -g filename Output collected data to gnuplot format file.\n"); fprintf(stderr, " -e filename Output CSV file with percentages served\n"); fprintf(stderr, " -r Don't exit on socket receive errors.\n"); + fprintf(stderr, " -m method Method name\n"); fprintf(stderr, " -h Display usage information (this message)\n"); #ifdef USE_SSL @@ -2127,7 +2128,7 @@ int main(int argc, const char * const argv[]) myhost = NULL; /* 0.0.0.0 or :: */ apr_getopt_init(&opt, cntxt, argc, argv); - while ((status = apr_getopt(opt, "n:c:t:s:b:T:p:u:v:lrkVhwix:y:z:C:H:P:A:g:X:de:SqB:" + while ((status = apr_getopt(opt, "n:c:t:s:b:T:p:u:v:lrkVhwix:y:z:C:H:P:A:g:X:de:SqB:m:" #ifdef USE_SSL "Z:f:" #endif @@ -2300,6 +2301,10 @@ int main(int argc, const char * const argv[]) case 'Z': ssl_cipher = strdup(opt_arg); break; + case 'm': + method = CUSTOM_METHOD; + method_str[CUSTOM_METHOD] = strdup(opt_arg); + break; case 'f': if (strncasecmp(opt_arg, "ALL", 3) == 0) { meth = SSLv23_client_method(); -- cgit v1.2.3 From 080d5e16db802902200a9ce5b6c40f8f1fdc1f73 Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Tue, 28 Apr 2015 22:06:31 +0200 Subject: Imported Upstream version 2.4.12 --- CHANGES | 254 +- CMakeLists.txt | 6 +- NOTICE | 2 +- README.platforms | 29 +- build/NWGNUtail.inc | 3 +- build/ltmain.sh | 5484 ++++++++++++-------- configure | 4 +- configure.in | 4 +- docs/conf/extra/httpd-ssl.conf.in | 22 + docs/man/rotatelogs.8 | 22 +- docs/man/tr/rotatelogs.8 | 22 +- docs/manual/bind.html.de | 2 +- docs/manual/bind.html.en | 2 +- docs/manual/bind.html.fr | 2 +- docs/manual/bind.html.ja.utf8 | 2 +- docs/manual/bind.html.ko.euc-kr | 2 +- docs/manual/bind.html.tr.utf8 | 2 +- docs/manual/caching.html.en | 2 +- docs/manual/caching.html.fr | 2 +- docs/manual/caching.html.tr.utf8 | 2 +- docs/manual/configuring.html.de | 2 +- docs/manual/configuring.html.en | 2 +- docs/manual/configuring.html.fr | 2 +- docs/manual/configuring.html.ja.utf8 | 2 +- docs/manual/configuring.html.ko.euc-kr | 2 +- docs/manual/configuring.html.tr.utf8 | 2 +- docs/manual/content-negotiation.html.en | 2 +- docs/manual/content-negotiation.html.fr | 2 +- docs/manual/content-negotiation.html.ja.utf8 | 2 +- docs/manual/content-negotiation.html.ko.euc-kr | 2 +- docs/manual/content-negotiation.html.tr.utf8 | 2 +- docs/manual/convenience.map | 10 +- docs/manual/custom-error.html.en | 2 +- docs/manual/custom-error.html.es | 2 +- docs/manual/custom-error.html.fr | 2 +- docs/manual/custom-error.html.ja.utf8 | 2 +- docs/manual/custom-error.html.ko.euc-kr | 2 +- docs/manual/custom-error.html.tr.utf8 | 2 +- docs/manual/developer/API.html.en | 2 +- docs/manual/developer/debugging.html.en | 2 +- docs/manual/developer/documenting.html.en | 2 +- docs/manual/developer/documenting.html.zh-cn.utf8 | 2 +- docs/manual/developer/filters.html.en | 2 +- docs/manual/developer/hooks.html.en | 2 +- docs/manual/developer/index.html.en | 2 +- docs/manual/developer/index.html.zh-cn.utf8 | 2 +- docs/manual/developer/modguide.html.en | 4 +- docs/manual/developer/modules.html.en | 2 +- docs/manual/developer/modules.html.ja.utf8 | 2 +- docs/manual/developer/new_api_2_4.html.en | 2 +- docs/manual/developer/output-filters.html.en | 2 +- docs/manual/developer/request.html.en | 2 +- docs/manual/developer/thread_safety.html.en | 2 +- docs/manual/dns-caveats.html.en | 2 +- docs/manual/dns-caveats.html.fr | 2 +- docs/manual/dns-caveats.html.ja.utf8 | 2 +- docs/manual/dns-caveats.html.ko.euc-kr | 2 +- docs/manual/dns-caveats.html.tr.utf8 | 2 +- docs/manual/dso.html.en | 2 +- docs/manual/dso.html.fr | 2 +- docs/manual/dso.html.ja.utf8 | 2 +- docs/manual/dso.html.ko.euc-kr | 2 +- docs/manual/dso.html.tr.utf8 | 2 +- docs/manual/env.html.en | 2 +- docs/manual/env.html.fr | 2 +- docs/manual/env.html.ja.utf8 | 2 +- docs/manual/env.html.ko.euc-kr | 2 +- docs/manual/env.html.tr.utf8 | 2 +- docs/manual/expr.html.en | 44 +- docs/manual/expr.html.fr | 52 +- docs/manual/faq/index.html.en | 2 +- docs/manual/faq/index.html.fr | 2 +- docs/manual/faq/index.html.tr.utf8 | 2 +- docs/manual/faq/index.html.zh-cn.utf8 | 2 +- docs/manual/filter.html.en | 2 +- docs/manual/filter.html.es | 2 +- docs/manual/filter.html.fr | 2 +- docs/manual/filter.html.ja.utf8 | 2 +- docs/manual/filter.html.ko.euc-kr | 2 +- docs/manual/filter.html.tr.utf8 | 2 +- docs/manual/getting-started.html.en | 2 +- docs/manual/getting-started.html.fr | 2 +- docs/manual/glossary.html.de | 2 +- docs/manual/glossary.html.en | 2 +- docs/manual/glossary.html.es | 2 +- docs/manual/glossary.html.fr | 2 +- docs/manual/glossary.html.ja.utf8 | 2 +- docs/manual/glossary.html.ko.euc-kr | 2 +- docs/manual/glossary.html.tr.utf8 | 2 +- docs/manual/handler.html.en | 2 +- docs/manual/handler.html.es | 2 +- docs/manual/handler.html.fr | 2 +- docs/manual/handler.html.ja.utf8 | 2 +- docs/manual/handler.html.ko.euc-kr | 2 +- docs/manual/handler.html.tr.utf8 | 2 +- docs/manual/handler.html.zh-cn.utf8 | 2 +- docs/manual/howto/access.html.en | 2 +- docs/manual/howto/access.html.fr | 2 +- docs/manual/howto/auth.html.en | 2 +- docs/manual/howto/auth.html.fr | 2 +- docs/manual/howto/auth.html.ja.utf8 | 2 +- docs/manual/howto/auth.html.ko.euc-kr | 2 +- docs/manual/howto/auth.html.tr.utf8 | 2 +- docs/manual/howto/cgi.html.en | 2 +- docs/manual/howto/cgi.html.fr | 2 +- docs/manual/howto/cgi.html.ja.utf8 | 2 +- docs/manual/howto/cgi.html.ko.euc-kr | 2 +- docs/manual/howto/htaccess.html.en | 31 +- docs/manual/howto/htaccess.html.fr | 35 +- docs/manual/howto/htaccess.html.ja.utf8 | 2 +- docs/manual/howto/htaccess.html.ko.euc-kr | 2 +- docs/manual/howto/htaccess.html.pt-br | 2 +- docs/manual/howto/index.html.en | 2 +- docs/manual/howto/index.html.fr | 2 +- docs/manual/howto/index.html.ja.utf8 | 2 +- docs/manual/howto/index.html.ko.euc-kr | 2 +- docs/manual/howto/index.html.zh-cn.utf8 | 2 +- docs/manual/howto/public_html.html.en | 4 +- docs/manual/howto/public_html.html.fr | 5 +- docs/manual/howto/public_html.html.ja.utf8 | 6 +- docs/manual/howto/public_html.html.ko.euc-kr | 2 +- docs/manual/howto/public_html.html.tr.utf8 | 5 +- docs/manual/howto/ssi.html.en | 4 +- docs/manual/howto/ssi.html.fr | 4 +- docs/manual/howto/ssi.html.ja.utf8 | 2 +- docs/manual/howto/ssi.html.ko.euc-kr | 2 +- docs/manual/index.html.da | 2 +- docs/manual/index.html.de | 2 +- docs/manual/index.html.en | 2 +- docs/manual/index.html.es | 2 +- docs/manual/index.html.fr | 2 +- docs/manual/index.html.ja.utf8 | 2 +- docs/manual/index.html.ko.euc-kr | 2 +- docs/manual/index.html.pt-br | 2 +- docs/manual/index.html.tr.utf8 | 2 +- docs/manual/index.html.zh-cn.utf8 | 2 +- docs/manual/install.html.de | 2 +- docs/manual/install.html.en | 4 +- docs/manual/install.html.es | 2 +- docs/manual/install.html.fr | 4 +- docs/manual/install.html.ja.utf8 | 2 +- docs/manual/install.html.ko.euc-kr | 2 +- docs/manual/install.html.tr.utf8 | 4 +- docs/manual/invoking.html.de | 2 +- docs/manual/invoking.html.en | 2 +- docs/manual/invoking.html.es | 2 +- docs/manual/invoking.html.fr | 2 +- docs/manual/invoking.html.ja.utf8 | 2 +- docs/manual/invoking.html.ko.euc-kr | 2 +- docs/manual/invoking.html.tr.utf8 | 2 +- docs/manual/license.html.en | 2 +- docs/manual/logs.html.en | 4 +- docs/manual/logs.html.fr | 4 +- docs/manual/logs.html.ja.utf8 | 2 +- docs/manual/logs.html.ko.euc-kr | 2 +- docs/manual/logs.html.tr.utf8 | 4 +- docs/manual/misc/index.html.en | 2 +- docs/manual/misc/index.html.fr | 2 +- docs/manual/misc/index.html.ko.euc-kr | 2 +- docs/manual/misc/index.html.tr.utf8 | 2 +- docs/manual/misc/index.html.zh-cn.utf8 | 2 +- docs/manual/misc/password_encryptions.html.en | 2 +- docs/manual/misc/password_encryptions.html.fr | 2 +- docs/manual/misc/perf-tuning.html.en | 2 +- docs/manual/misc/perf-tuning.html.fr | 2 +- docs/manual/misc/perf-tuning.html.ko.euc-kr | 2 +- docs/manual/misc/perf-tuning.html.tr.utf8 | 2 +- docs/manual/misc/relevant_standards.html.en | 2 +- docs/manual/misc/relevant_standards.html.fr | 2 +- docs/manual/misc/relevant_standards.html.ko.euc-kr | 2 +- docs/manual/misc/security_tips.html.en | 2 +- docs/manual/misc/security_tips.html.fr | 2 +- docs/manual/misc/security_tips.html.ko.euc-kr | 2 +- docs/manual/misc/security_tips.html.tr.utf8 | 2 +- docs/manual/mod/core.html.de | 16 +- docs/manual/mod/core.html.en | 31 +- docs/manual/mod/core.html.es | 16 +- docs/manual/mod/core.html.fr | 40 +- docs/manual/mod/core.html.ja.utf8 | 16 +- docs/manual/mod/core.html.tr.utf8 | 34 +- docs/manual/mod/directive-dict.html.en | 2 +- docs/manual/mod/directive-dict.html.fr | 2 +- docs/manual/mod/directive-dict.html.ja.utf8 | 2 +- docs/manual/mod/directive-dict.html.ko.euc-kr | 2 +- docs/manual/mod/directive-dict.html.tr.utf8 | 2 +- docs/manual/mod/directives.html.de | 7 +- docs/manual/mod/directives.html.en | 7 +- docs/manual/mod/directives.html.es | 7 +- docs/manual/mod/directives.html.fr | 7 +- docs/manual/mod/directives.html.ja.utf8 | 7 +- docs/manual/mod/directives.html.ko.euc-kr | 7 +- docs/manual/mod/directives.html.tr.utf8 | 7 +- docs/manual/mod/directives.html.zh-cn.utf8 | 7 +- docs/manual/mod/event.html.en | 2 +- docs/manual/mod/event.html.fr | 2 +- docs/manual/mod/index.html.de | 4 +- docs/manual/mod/index.html.en | 4 +- docs/manual/mod/index.html.es | 4 +- docs/manual/mod/index.html.fr | 4 +- docs/manual/mod/index.html.ja.utf8 | 4 +- docs/manual/mod/index.html.ko.euc-kr | 4 +- docs/manual/mod/index.html.tr.utf8 | 4 +- docs/manual/mod/index.html.zh-cn.utf8 | 4 +- docs/manual/mod/mod_access_compat.html.en | 2 +- docs/manual/mod/mod_access_compat.html.fr | 2 +- docs/manual/mod/mod_access_compat.html.ja.utf8 | 2 +- docs/manual/mod/mod_actions.html.de | 2 +- docs/manual/mod/mod_actions.html.en | 2 +- docs/manual/mod/mod_actions.html.fr | 2 +- docs/manual/mod/mod_actions.html.ja.utf8 | 2 +- docs/manual/mod/mod_actions.html.ko.euc-kr | 2 +- docs/manual/mod/mod_alias.html.en | 2 +- docs/manual/mod/mod_alias.html.fr | 2 +- docs/manual/mod/mod_alias.html.ja.utf8 | 2 +- docs/manual/mod/mod_alias.html.ko.euc-kr | 2 +- docs/manual/mod/mod_alias.html.tr.utf8 | 2 +- docs/manual/mod/mod_allowmethods.html.en | 2 +- docs/manual/mod/mod_allowmethods.html.fr | 2 +- docs/manual/mod/mod_asis.html.en | 2 +- docs/manual/mod/mod_asis.html.fr | 2 +- docs/manual/mod/mod_asis.html.ja.utf8 | 2 +- docs/manual/mod/mod_asis.html.ko.euc-kr | 2 +- docs/manual/mod/mod_auth_basic.html.en | 2 +- docs/manual/mod/mod_auth_basic.html.fr | 2 +- docs/manual/mod/mod_auth_basic.html.ja.utf8 | 2 +- docs/manual/mod/mod_auth_basic.html.ko.euc-kr | 2 +- docs/manual/mod/mod_auth_digest.html.en | 2 +- docs/manual/mod/mod_auth_digest.html.fr | 2 +- docs/manual/mod/mod_auth_digest.html.ko.euc-kr | 2 +- docs/manual/mod/mod_auth_form.html.en | 2 +- docs/manual/mod/mod_auth_form.html.fr | 2 +- docs/manual/mod/mod_authn_anon.html.en | 2 +- docs/manual/mod/mod_authn_anon.html.fr | 2 +- docs/manual/mod/mod_authn_anon.html.ja.utf8 | 2 +- docs/manual/mod/mod_authn_anon.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authn_core.html.en | 4 +- docs/manual/mod/mod_authn_core.html.fr | 6 +- docs/manual/mod/mod_authn_dbd.html.en | 2 +- docs/manual/mod/mod_authn_dbd.html.fr | 2 +- docs/manual/mod/mod_authn_dbm.html.en | 2 +- docs/manual/mod/mod_authn_dbm.html.fr | 2 +- docs/manual/mod/mod_authn_dbm.html.ja.utf8 | 2 +- docs/manual/mod/mod_authn_dbm.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authn_file.html.en | 2 +- docs/manual/mod/mod_authn_file.html.fr | 2 +- docs/manual/mod/mod_authn_file.html.ja.utf8 | 2 +- docs/manual/mod/mod_authn_file.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authn_socache.html.en | 2 +- docs/manual/mod/mod_authn_socache.html.fr | 2 +- docs/manual/mod/mod_authnz_fcgi.html.en | 7 +- docs/manual/mod/mod_authnz_ldap.html.en | 6 +- docs/manual/mod/mod_authnz_ldap.html.fr | 6 +- docs/manual/mod/mod_authz_core.html.en | 11 +- docs/manual/mod/mod_authz_core.html.fr | 13 +- docs/manual/mod/mod_authz_dbd.html.en | 2 +- docs/manual/mod/mod_authz_dbd.html.fr | 2 +- docs/manual/mod/mod_authz_dbm.html.en | 2 +- docs/manual/mod/mod_authz_dbm.html.fr | 2 +- docs/manual/mod/mod_authz_dbm.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authz_groupfile.html.en | 2 +- docs/manual/mod/mod_authz_groupfile.html.fr | 2 +- docs/manual/mod/mod_authz_groupfile.html.ja.utf8 | 2 +- docs/manual/mod/mod_authz_groupfile.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authz_host.html.en | 2 +- docs/manual/mod/mod_authz_host.html.fr | 2 +- docs/manual/mod/mod_authz_owner.html.en | 2 +- docs/manual/mod/mod_authz_owner.html.fr | 2 +- docs/manual/mod/mod_authz_owner.html.ja.utf8 | 2 +- docs/manual/mod/mod_authz_owner.html.ko.euc-kr | 2 +- docs/manual/mod/mod_authz_user.html.en | 2 +- docs/manual/mod/mod_authz_user.html.fr | 2 +- docs/manual/mod/mod_authz_user.html.ja.utf8 | 2 +- docs/manual/mod/mod_authz_user.html.ko.euc-kr | 2 +- docs/manual/mod/mod_autoindex.html.en | 2 +- docs/manual/mod/mod_autoindex.html.fr | 2 +- docs/manual/mod/mod_autoindex.html.ja.utf8 | 2 +- docs/manual/mod/mod_autoindex.html.ko.euc-kr | 2 +- docs/manual/mod/mod_autoindex.html.tr.utf8 | 2 +- docs/manual/mod/mod_buffer.html.en | 2 +- docs/manual/mod/mod_buffer.html.fr | 2 +- docs/manual/mod/mod_cache.html.en | 2 +- docs/manual/mod/mod_cache.html.fr | 2 +- docs/manual/mod/mod_cache.html.ja.utf8 | 2 +- docs/manual/mod/mod_cache.html.ko.euc-kr | 2 +- docs/manual/mod/mod_cache_disk.html.en | 2 +- docs/manual/mod/mod_cache_disk.html.fr | 2 +- docs/manual/mod/mod_cache_disk.html.ja.utf8 | 2 +- docs/manual/mod/mod_cache_disk.html.ko.euc-kr | 2 +- docs/manual/mod/mod_cache_socache.html.en | 4 +- docs/manual/mod/mod_cache_socache.html.fr | 2 +- docs/manual/mod/mod_cern_meta.html.en | 2 +- docs/manual/mod/mod_cern_meta.html.fr | 2 +- docs/manual/mod/mod_cern_meta.html.ko.euc-kr | 2 +- docs/manual/mod/mod_cgi.html.en | 2 +- docs/manual/mod/mod_cgi.html.fr | 2 +- docs/manual/mod/mod_cgi.html.ja.utf8 | 2 +- docs/manual/mod/mod_cgi.html.ko.euc-kr | 2 +- docs/manual/mod/mod_cgid.html.en | 2 +- docs/manual/mod/mod_cgid.html.fr | 27 +- docs/manual/mod/mod_cgid.html.ja.utf8 | 2 +- docs/manual/mod/mod_cgid.html.ko.euc-kr | 2 +- docs/manual/mod/mod_charset_lite.html.en | 2 +- docs/manual/mod/mod_charset_lite.html.fr | 2 +- docs/manual/mod/mod_charset_lite.html.ko.euc-kr | 2 +- docs/manual/mod/mod_data.html.en | 2 +- docs/manual/mod/mod_data.html.fr | 2 +- docs/manual/mod/mod_dav.html.en | 4 +- docs/manual/mod/mod_dav.html.fr | 4 +- docs/manual/mod/mod_dav.html.ja.utf8 | 4 +- docs/manual/mod/mod_dav.html.ko.euc-kr | 2 +- docs/manual/mod/mod_dav_fs.html.en | 2 +- docs/manual/mod/mod_dav_fs.html.fr | 2 +- docs/manual/mod/mod_dav_fs.html.ja.utf8 | 2 +- docs/manual/mod/mod_dav_fs.html.ko.euc-kr | 2 +- docs/manual/mod/mod_dav_lock.html.en | 2 +- docs/manual/mod/mod_dav_lock.html.fr | 2 +- docs/manual/mod/mod_dav_lock.html.ja.utf8 | 2 +- docs/manual/mod/mod_dbd.html.en | 2 +- docs/manual/mod/mod_dbd.html.fr | 2 +- docs/manual/mod/mod_deflate.html.en | 2 +- docs/manual/mod/mod_deflate.html.fr | 58 +- docs/manual/mod/mod_deflate.html.ja.utf8 | 2 +- docs/manual/mod/mod_deflate.html.ko.euc-kr | 2 +- docs/manual/mod/mod_dialup.html.en | 2 +- docs/manual/mod/mod_dialup.html.fr | 2 +- docs/manual/mod/mod_dir.html.en | 2 +- docs/manual/mod/mod_dir.html.fr | 2 +- docs/manual/mod/mod_dir.html.ja.utf8 | 2 +- docs/manual/mod/mod_dir.html.ko.euc-kr | 2 +- docs/manual/mod/mod_dir.html.tr.utf8 | 2 +- docs/manual/mod/mod_dumpio.html.en | 2 +- docs/manual/mod/mod_dumpio.html.fr | 2 +- docs/manual/mod/mod_dumpio.html.ja.utf8 | 2 +- docs/manual/mod/mod_echo.html.en | 2 +- docs/manual/mod/mod_echo.html.fr | 2 +- docs/manual/mod/mod_echo.html.ja.utf8 | 2 +- docs/manual/mod/mod_echo.html.ko.euc-kr | 2 +- docs/manual/mod/mod_env.html.en | 2 +- docs/manual/mod/mod_env.html.fr | 2 +- docs/manual/mod/mod_env.html.ja.utf8 | 2 +- docs/manual/mod/mod_env.html.ko.euc-kr | 2 +- docs/manual/mod/mod_env.html.tr.utf8 | 2 +- docs/manual/mod/mod_example.html | 13 - docs/manual/mod/mod_example.html.en | 180 - docs/manual/mod/mod_example.html.fr | 192 - docs/manual/mod/mod_example.html.ko.euc-kr | 181 - docs/manual/mod/mod_example_hooks.html | 13 + docs/manual/mod/mod_example_hooks.html.en | 180 + docs/manual/mod/mod_example_hooks.html.fr | 192 + docs/manual/mod/mod_example_hooks.html.ko.euc-kr | 181 + docs/manual/mod/mod_expires.html.en | 2 +- docs/manual/mod/mod_expires.html.fr | 2 +- docs/manual/mod/mod_expires.html.ja.utf8 | 2 +- docs/manual/mod/mod_expires.html.ko.euc-kr | 2 +- docs/manual/mod/mod_ext_filter.html.en | 2 +- docs/manual/mod/mod_ext_filter.html.fr | 2 +- docs/manual/mod/mod_ext_filter.html.ja.utf8 | 2 +- docs/manual/mod/mod_ext_filter.html.ko.euc-kr | 2 +- docs/manual/mod/mod_file_cache.html.en | 2 +- docs/manual/mod/mod_file_cache.html.fr | 2 +- docs/manual/mod/mod_file_cache.html.ko.euc-kr | 2 +- docs/manual/mod/mod_filter.html.en | 2 +- docs/manual/mod/mod_filter.html.fr | 2 +- docs/manual/mod/mod_headers.html.en | 20 +- docs/manual/mod/mod_headers.html.fr | 22 +- docs/manual/mod/mod_headers.html.ja.utf8 | 2 +- docs/manual/mod/mod_headers.html.ko.euc-kr | 2 +- docs/manual/mod/mod_heartbeat.html.en | 2 +- docs/manual/mod/mod_heartbeat.html.fr | 2 +- docs/manual/mod/mod_heartmonitor.html.en | 2 +- docs/manual/mod/mod_heartmonitor.html.fr | 2 +- docs/manual/mod/mod_ident.html.en | 2 +- docs/manual/mod/mod_ident.html.fr | 2 +- docs/manual/mod/mod_ident.html.ja.utf8 | 2 +- docs/manual/mod/mod_ident.html.ko.euc-kr | 2 +- docs/manual/mod/mod_imagemap.html.en | 2 +- docs/manual/mod/mod_imagemap.html.fr | 2 +- docs/manual/mod/mod_imagemap.html.ko.euc-kr | 2 +- docs/manual/mod/mod_include.html.en | 2 +- docs/manual/mod/mod_include.html.fr | 2 +- docs/manual/mod/mod_include.html.ja.utf8 | 2 +- docs/manual/mod/mod_info.html.en | 2 +- docs/manual/mod/mod_info.html.fr | 2 +- docs/manual/mod/mod_info.html.ja.utf8 | 2 +- docs/manual/mod/mod_info.html.ko.euc-kr | 2 +- docs/manual/mod/mod_isapi.html.en | 2 +- docs/manual/mod/mod_isapi.html.fr | 2 +- docs/manual/mod/mod_isapi.html.ko.euc-kr | 2 +- docs/manual/mod/mod_lbmethod_bybusyness.html.en | 2 +- docs/manual/mod/mod_lbmethod_bybusyness.html.fr | 2 +- docs/manual/mod/mod_lbmethod_byrequests.html.en | 2 +- docs/manual/mod/mod_lbmethod_byrequests.html.fr | 2 +- docs/manual/mod/mod_lbmethod_bytraffic.html.en | 2 +- docs/manual/mod/mod_lbmethod_bytraffic.html.fr | 2 +- docs/manual/mod/mod_lbmethod_heartbeat.html.en | 2 +- docs/manual/mod/mod_lbmethod_heartbeat.html.fr | 2 +- docs/manual/mod/mod_ldap.html.en | 2 +- docs/manual/mod/mod_ldap.html.fr | 22 +- docs/manual/mod/mod_log_config.html.en | 8 +- docs/manual/mod/mod_log_config.html.fr | 8 +- docs/manual/mod/mod_log_config.html.ja.utf8 | 2 +- docs/manual/mod/mod_log_config.html.ko.euc-kr | 2 +- docs/manual/mod/mod_log_config.html.tr.utf8 | 8 +- docs/manual/mod/mod_log_debug.html.en | 2 +- docs/manual/mod/mod_log_debug.html.fr | 2 +- docs/manual/mod/mod_log_forensic.html.en | 2 +- docs/manual/mod/mod_log_forensic.html.fr | 2 +- docs/manual/mod/mod_log_forensic.html.ja.utf8 | 2 +- docs/manual/mod/mod_log_forensic.html.tr.utf8 | 2 +- docs/manual/mod/mod_logio.html.en | 2 +- docs/manual/mod/mod_logio.html.fr | 2 +- docs/manual/mod/mod_logio.html.ja.utf8 | 2 +- docs/manual/mod/mod_logio.html.ko.euc-kr | 2 +- docs/manual/mod/mod_logio.html.tr.utf8 | 2 +- docs/manual/mod/mod_lua.html.en | 2 +- docs/manual/mod/mod_lua.html.fr | 2 +- docs/manual/mod/mod_macro.html.en | 2 +- docs/manual/mod/mod_macro.html.fr | 2 +- docs/manual/mod/mod_mime.html.en | 2 +- docs/manual/mod/mod_mime.html.fr | 2 +- docs/manual/mod/mod_mime.html.ja.utf8 | 2 +- docs/manual/mod/mod_mime_magic.html.en | 2 +- docs/manual/mod/mod_mime_magic.html.fr | 2 +- docs/manual/mod/mod_negotiation.html.en | 2 +- docs/manual/mod/mod_negotiation.html.fr | 2 +- docs/manual/mod/mod_negotiation.html.ja.utf8 | 2 +- docs/manual/mod/mod_nw_ssl.html.en | 2 +- docs/manual/mod/mod_nw_ssl.html.fr | 2 +- docs/manual/mod/mod_privileges.html.en | 2 +- docs/manual/mod/mod_privileges.html.fr | 2 +- docs/manual/mod/mod_proxy.html.en | 17 +- docs/manual/mod/mod_proxy.html.fr | 20 +- docs/manual/mod/mod_proxy.html.ja.utf8 | 2 +- docs/manual/mod/mod_proxy_ajp.html.en | 14 +- docs/manual/mod/mod_proxy_ajp.html.fr | 19 +- docs/manual/mod/mod_proxy_ajp.html.ja.utf8 | 2 +- docs/manual/mod/mod_proxy_balancer.html.en | 2 +- docs/manual/mod/mod_proxy_balancer.html.fr | 2 +- docs/manual/mod/mod_proxy_balancer.html.ja.utf8 | 2 +- docs/manual/mod/mod_proxy_connect.html.en | 2 +- docs/manual/mod/mod_proxy_connect.html.fr | 2 +- docs/manual/mod/mod_proxy_connect.html.ja.utf8 | 2 +- docs/manual/mod/mod_proxy_express.html.en | 2 +- docs/manual/mod/mod_proxy_express.html.fr | 2 +- docs/manual/mod/mod_proxy_fcgi.html.en | 93 +- docs/manual/mod/mod_proxy_fcgi.html.fr | 101 +- docs/manual/mod/mod_proxy_fdpass.html.en | 2 +- docs/manual/mod/mod_proxy_fdpass.html.fr | 2 +- docs/manual/mod/mod_proxy_ftp.html.en | 2 +- docs/manual/mod/mod_proxy_ftp.html.fr | 2 +- docs/manual/mod/mod_proxy_html.html.en | 2 +- docs/manual/mod/mod_proxy_html.html.fr | 2 +- docs/manual/mod/mod_proxy_http.html.en | 6 +- docs/manual/mod/mod_proxy_http.html.fr | 7 +- docs/manual/mod/mod_proxy_scgi.html.en | 2 +- docs/manual/mod/mod_proxy_scgi.html.fr | 2 +- docs/manual/mod/mod_proxy_wstunnel.html.en | 2 +- docs/manual/mod/mod_ratelimit.html.en | 2 +- docs/manual/mod/mod_ratelimit.html.fr | 2 +- docs/manual/mod/mod_reflector.html.en | 2 +- docs/manual/mod/mod_reflector.html.fr | 2 +- docs/manual/mod/mod_remoteip.html.en | 2 +- docs/manual/mod/mod_remoteip.html.fr | 2 +- docs/manual/mod/mod_reqtimeout.html.en | 2 +- docs/manual/mod/mod_reqtimeout.html.fr | 2 +- docs/manual/mod/mod_request.html.en | 2 +- docs/manual/mod/mod_request.html.fr | 2 +- docs/manual/mod/mod_request.html.tr.utf8 | 2 +- docs/manual/mod/mod_rewrite.html.en | 8 +- docs/manual/mod/mod_rewrite.html.fr | 144 +- docs/manual/mod/mod_sed.html.en | 2 +- docs/manual/mod/mod_sed.html.fr | 2 +- docs/manual/mod/mod_session.html.en | 2 +- docs/manual/mod/mod_session.html.fr | 2 +- docs/manual/mod/mod_session_cookie.html.en | 2 +- docs/manual/mod/mod_session_cookie.html.fr | 2 +- docs/manual/mod/mod_session_crypto.html.en | 2 +- docs/manual/mod/mod_session_crypto.html.fr | 2 +- docs/manual/mod/mod_session_dbd.html.en | 2 +- docs/manual/mod/mod_session_dbd.html.fr | 2 +- docs/manual/mod/mod_setenvif.html.en | 2 +- docs/manual/mod/mod_setenvif.html.fr | 2 +- docs/manual/mod/mod_setenvif.html.ja.utf8 | 2 +- docs/manual/mod/mod_setenvif.html.ko.euc-kr | 2 +- docs/manual/mod/mod_setenvif.html.tr.utf8 | 2 +- docs/manual/mod/mod_slotmem_plain.html.en | 2 +- docs/manual/mod/mod_slotmem_plain.html.fr | 2 +- docs/manual/mod/mod_slotmem_shm.html.en | 2 +- docs/manual/mod/mod_slotmem_shm.html.fr | 2 +- docs/manual/mod/mod_so.html.en | 2 +- docs/manual/mod/mod_so.html.fr | 2 +- docs/manual/mod/mod_so.html.ja.utf8 | 2 +- docs/manual/mod/mod_so.html.ko.euc-kr | 2 +- docs/manual/mod/mod_so.html.tr.utf8 | 2 +- docs/manual/mod/mod_socache_dbm.html.en | 2 +- docs/manual/mod/mod_socache_dbm.html.fr | 2 +- docs/manual/mod/mod_socache_dc.html.en | 2 +- docs/manual/mod/mod_socache_dc.html.fr | 2 +- docs/manual/mod/mod_socache_memcache.html.en | 2 +- docs/manual/mod/mod_socache_memcache.html.fr | 2 +- docs/manual/mod/mod_socache_shmcb.html.en | 2 +- docs/manual/mod/mod_socache_shmcb.html.fr | 2 +- docs/manual/mod/mod_speling.html.en | 2 +- docs/manual/mod/mod_speling.html.fr | 2 +- docs/manual/mod/mod_speling.html.ja.utf8 | 2 +- docs/manual/mod/mod_speling.html.ko.euc-kr | 2 +- docs/manual/mod/mod_ssl.html.en | 35 +- docs/manual/mod/mod_ssl.html.fr | 36 +- docs/manual/mod/mod_status.html.en | 2 +- docs/manual/mod/mod_status.html.fr | 2 +- docs/manual/mod/mod_status.html.ja.utf8 | 2 +- docs/manual/mod/mod_status.html.ko.euc-kr | 2 +- docs/manual/mod/mod_status.html.tr.utf8 | 2 +- docs/manual/mod/mod_substitute.html.en | 33 +- docs/manual/mod/mod_substitute.html.fr | 35 +- docs/manual/mod/mod_suexec.html.en | 2 +- docs/manual/mod/mod_suexec.html.fr | 2 +- docs/manual/mod/mod_suexec.html.ja.utf8 | 2 +- docs/manual/mod/mod_suexec.html.ko.euc-kr | 2 +- docs/manual/mod/mod_suexec.html.tr.utf8 | 2 +- docs/manual/mod/mod_unique_id.html.en | 2 +- docs/manual/mod/mod_unique_id.html.fr | 2 +- docs/manual/mod/mod_unique_id.html.ja.utf8 | 2 +- docs/manual/mod/mod_unique_id.html.ko.euc-kr | 2 +- docs/manual/mod/mod_unixd.html.en | 2 +- docs/manual/mod/mod_unixd.html.fr | 2 +- docs/manual/mod/mod_unixd.html.tr.utf8 | 2 +- docs/manual/mod/mod_userdir.html.en | 2 +- docs/manual/mod/mod_userdir.html.fr | 2 +- docs/manual/mod/mod_userdir.html.ja.utf8 | 2 +- docs/manual/mod/mod_userdir.html.ko.euc-kr | 2 +- docs/manual/mod/mod_userdir.html.tr.utf8 | 2 +- docs/manual/mod/mod_usertrack.html.en | 2 +- docs/manual/mod/mod_usertrack.html.fr | 2 +- docs/manual/mod/mod_version.html.en | 2 +- docs/manual/mod/mod_version.html.ja.utf8 | 2 +- docs/manual/mod/mod_version.html.ko.euc-kr | 2 +- docs/manual/mod/mod_vhost_alias.html.en | 2 +- docs/manual/mod/mod_vhost_alias.html.fr | 2 +- docs/manual/mod/mod_vhost_alias.html.tr.utf8 | 2 +- docs/manual/mod/mod_watchdog.html.en | 2 +- docs/manual/mod/mod_xml2enc.html.en | 2 +- docs/manual/mod/mod_xml2enc.html.fr | 2 +- docs/manual/mod/module-dict.html.en | 2 +- docs/manual/mod/module-dict.html.fr | 2 +- docs/manual/mod/module-dict.html.ja.utf8 | 2 +- docs/manual/mod/module-dict.html.ko.euc-kr | 2 +- docs/manual/mod/module-dict.html.tr.utf8 | 2 +- docs/manual/mod/mpm_common.html.de | 2 +- docs/manual/mod/mpm_common.html.en | 2 +- docs/manual/mod/mpm_common.html.fr | 2 +- docs/manual/mod/mpm_common.html.ja.utf8 | 2 +- docs/manual/mod/mpm_common.html.tr.utf8 | 2 +- docs/manual/mod/mpm_netware.html.en | 2 +- docs/manual/mod/mpm_netware.html.fr | 2 +- docs/manual/mod/mpm_winnt.html.de | 2 +- docs/manual/mod/mpm_winnt.html.en | 2 +- docs/manual/mod/mpm_winnt.html.fr | 2 +- docs/manual/mod/mpm_winnt.html.ja.utf8 | 2 +- docs/manual/mod/mpmt_os2.html.en | 2 +- docs/manual/mod/mpmt_os2.html.fr | 2 +- docs/manual/mod/prefork.html.de | 2 +- docs/manual/mod/prefork.html.en | 2 +- docs/manual/mod/prefork.html.fr | 2 +- docs/manual/mod/prefork.html.ja.utf8 | 2 +- docs/manual/mod/prefork.html.tr.utf8 | 2 +- docs/manual/mod/quickreference.html.de | 573 +- docs/manual/mod/quickreference.html.en | 571 +- docs/manual/mod/quickreference.html.es | 571 +- docs/manual/mod/quickreference.html.fr | 593 +-- docs/manual/mod/quickreference.html.ja.utf8 | 557 +- docs/manual/mod/quickreference.html.ko.euc-kr | 567 +- docs/manual/mod/quickreference.html.tr.utf8 | 575 +- docs/manual/mod/quickreference.html.zh-cn.utf8 | 571 +- docs/manual/mod/worker.html.de | 2 +- docs/manual/mod/worker.html.en | 2 +- docs/manual/mod/worker.html.fr | 2 +- docs/manual/mod/worker.html.ja.utf8 | 2 +- docs/manual/mod/worker.html.tr.utf8 | 2 +- docs/manual/mpm.html.de | 2 +- docs/manual/mpm.html.en | 2 +- docs/manual/mpm.html.es | 2 +- docs/manual/mpm.html.fr | 2 +- docs/manual/mpm.html.ja.utf8 | 2 +- docs/manual/mpm.html.ko.euc-kr | 2 +- docs/manual/mpm.html.tr.utf8 | 2 +- docs/manual/mpm.html.zh-cn.utf8 | 2 +- docs/manual/new_features_2_0.html.de | 2 +- docs/manual/new_features_2_0.html.en | 2 +- docs/manual/new_features_2_0.html.fr | 2 +- docs/manual/new_features_2_0.html.ja.utf8 | 2 +- docs/manual/new_features_2_0.html.ko.euc-kr | 2 +- docs/manual/new_features_2_0.html.pt-br | 2 +- docs/manual/new_features_2_0.html.ru.koi8-r | 2 +- docs/manual/new_features_2_0.html.tr.utf8 | 2 +- docs/manual/new_features_2_2.html.en | 2 +- docs/manual/new_features_2_2.html.fr | 2 +- docs/manual/new_features_2_2.html.ko.euc-kr | 2 +- docs/manual/new_features_2_2.html.pt-br | 2 +- docs/manual/new_features_2_2.html.tr.utf8 | 2 +- docs/manual/new_features_2_4.html.en | 2 +- docs/manual/new_features_2_4.html.fr | 2 +- docs/manual/new_features_2_4.html.tr.utf8 | 2 +- docs/manual/platform/ebcdic.html.en | 2 +- docs/manual/platform/ebcdic.html.ko.euc-kr | 2 +- docs/manual/platform/index.html.en | 2 +- docs/manual/platform/index.html.fr | 2 +- docs/manual/platform/index.html.ko.euc-kr | 2 +- docs/manual/platform/index.html.zh-cn.utf8 | 2 +- docs/manual/platform/netware.html.en | 2 +- docs/manual/platform/netware.html.fr | 2 +- docs/manual/platform/netware.html.ko.euc-kr | 2 +- docs/manual/platform/perf-hp.html.en | 2 +- docs/manual/platform/perf-hp.html.fr | 2 +- docs/manual/platform/perf-hp.html.ko.euc-kr | 2 +- docs/manual/platform/rpm.html.en | 2 +- docs/manual/platform/win_compiling.html.en | 88 +- docs/manual/platform/win_compiling.html.fr | 46 +- docs/manual/platform/win_compiling.html.ko.euc-kr | 2 +- docs/manual/platform/windows.html.en | 2 +- docs/manual/platform/windows.html.fr | 2 +- docs/manual/platform/windows.html.ko.euc-kr | 2 +- docs/manual/programs/ab.html.en | 2 +- docs/manual/programs/ab.html.fr | 2 +- docs/manual/programs/ab.html.ko.euc-kr | 2 +- docs/manual/programs/ab.html.tr.utf8 | 2 +- docs/manual/programs/apachectl.html.en | 2 +- docs/manual/programs/apachectl.html.fr | 2 +- docs/manual/programs/apachectl.html.ko.euc-kr | 2 +- docs/manual/programs/apachectl.html.tr.utf8 | 2 +- docs/manual/programs/apxs.html.en | 2 +- docs/manual/programs/apxs.html.fr | 2 +- docs/manual/programs/apxs.html.ko.euc-kr | 2 +- docs/manual/programs/apxs.html.tr.utf8 | 2 +- docs/manual/programs/configure.html.en | 2 +- docs/manual/programs/configure.html.fr | 2 +- docs/manual/programs/configure.html.ko.euc-kr | 2 +- docs/manual/programs/configure.html.tr.utf8 | 2 +- docs/manual/programs/dbmmanage.html.en | 2 +- docs/manual/programs/dbmmanage.html.fr | 2 +- docs/manual/programs/dbmmanage.html.ko.euc-kr | 2 +- docs/manual/programs/dbmmanage.html.tr.utf8 | 2 +- docs/manual/programs/fcgistarter.html.en | 2 +- docs/manual/programs/fcgistarter.html.fr | 2 +- docs/manual/programs/fcgistarter.html.tr.utf8 | 2 +- docs/manual/programs/htcacheclean.html.en | 2 +- docs/manual/programs/htcacheclean.html.fr | 2 +- docs/manual/programs/htcacheclean.html.ko.euc-kr | 2 +- docs/manual/programs/htcacheclean.html.tr.utf8 | 2 +- docs/manual/programs/htdbm.html.en | 2 +- docs/manual/programs/htdbm.html.fr | 2 +- docs/manual/programs/htdbm.html.tr.utf8 | 2 +- docs/manual/programs/htdigest.html.en | 2 +- docs/manual/programs/htdigest.html.fr | 2 +- docs/manual/programs/htdigest.html.ko.euc-kr | 2 +- docs/manual/programs/htdigest.html.tr.utf8 | 2 +- docs/manual/programs/htpasswd.html.en | 2 +- docs/manual/programs/htpasswd.html.fr | 2 +- docs/manual/programs/htpasswd.html.ko.euc-kr | 2 +- docs/manual/programs/htpasswd.html.tr.utf8 | 2 +- docs/manual/programs/httpd.html.en | 2 +- docs/manual/programs/httpd.html.fr | 2 +- docs/manual/programs/httpd.html.ko.euc-kr | 2 +- docs/manual/programs/httpd.html.tr.utf8 | 2 +- docs/manual/programs/httxt2dbm.html.en | 2 +- docs/manual/programs/httxt2dbm.html.fr | 2 +- docs/manual/programs/httxt2dbm.html.tr.utf8 | 2 +- docs/manual/programs/index.html.en | 2 +- docs/manual/programs/index.html.es | 2 +- docs/manual/programs/index.html.fr | 2 +- docs/manual/programs/index.html.ko.euc-kr | 2 +- docs/manual/programs/index.html.tr.utf8 | 2 +- docs/manual/programs/index.html.zh-cn.utf8 | 2 +- docs/manual/programs/log_server_status.html.en | 2 +- docs/manual/programs/logresolve.html.en | 2 +- docs/manual/programs/logresolve.html.fr | 2 +- docs/manual/programs/logresolve.html.ko.euc-kr | 2 +- docs/manual/programs/logresolve.html.tr.utf8 | 2 +- docs/manual/programs/other.html.en | 2 +- docs/manual/programs/other.html.fr | 2 +- docs/manual/programs/other.html.ko.euc-kr | 2 +- docs/manual/programs/other.html.tr.utf8 | 2 +- docs/manual/programs/rotatelogs.html.en | 21 +- docs/manual/programs/rotatelogs.html.fr | 21 +- docs/manual/programs/rotatelogs.html.ko.euc-kr | 2 +- docs/manual/programs/rotatelogs.html.tr.utf8 | 21 +- docs/manual/programs/split-logfile.html.en | 2 +- docs/manual/programs/suexec.html.en | 2 +- docs/manual/programs/suexec.html.ko.euc-kr | 2 +- docs/manual/programs/suexec.html.tr.utf8 | 2 +- docs/manual/rewrite/access.html.en | 2 +- docs/manual/rewrite/access.html.fr | 2 +- docs/manual/rewrite/advanced.html.en | 159 +- docs/manual/rewrite/advanced.html.fr | 163 +- docs/manual/rewrite/avoid.html.en | 2 +- docs/manual/rewrite/avoid.html.fr | 2 +- docs/manual/rewrite/flags.html.en | 2 +- docs/manual/rewrite/flags.html.fr | 2 +- docs/manual/rewrite/htaccess.html.en | 2 +- docs/manual/rewrite/htaccess.html.fr | 2 +- docs/manual/rewrite/index.html.en | 2 +- docs/manual/rewrite/index.html.fr | 2 +- docs/manual/rewrite/index.html.tr.utf8 | 2 +- docs/manual/rewrite/index.html.zh-cn.utf8 | 2 +- docs/manual/rewrite/intro.html.en | 2 +- docs/manual/rewrite/intro.html.fr | 2 +- docs/manual/rewrite/proxy.html.en | 2 +- docs/manual/rewrite/proxy.html.fr | 2 +- docs/manual/rewrite/remapping.html.en | 60 +- docs/manual/rewrite/remapping.html.fr | 62 +- docs/manual/rewrite/rewritemap.html.en | 2 +- docs/manual/rewrite/rewritemap.html.fr | 4 +- docs/manual/rewrite/tech.html.en | 2 +- docs/manual/rewrite/tech.html.fr | 2 +- docs/manual/rewrite/vhosts.html.en | 2 +- docs/manual/rewrite/vhosts.html.fr | 2 +- docs/manual/sections.html.en | 4 +- docs/manual/sections.html.fr | 4 +- docs/manual/sections.html.ja.utf8 | 2 +- docs/manual/sections.html.ko.euc-kr | 2 +- docs/manual/sections.html.tr.utf8 | 4 +- docs/manual/server-wide.html.en | 2 +- docs/manual/server-wide.html.fr | 2 +- docs/manual/server-wide.html.ja.utf8 | 2 +- docs/manual/server-wide.html.ko.euc-kr | 2 +- docs/manual/server-wide.html.tr.utf8 | 2 +- docs/manual/sitemap.html.de | 4 +- docs/manual/sitemap.html.en | 4 +- docs/manual/sitemap.html.es | 4 +- docs/manual/sitemap.html.fr | 4 +- docs/manual/sitemap.html.ja.utf8 | 4 +- docs/manual/sitemap.html.ko.euc-kr | 4 +- docs/manual/sitemap.html.tr.utf8 | 4 +- docs/manual/sitemap.html.zh-cn.utf8 | 4 +- docs/manual/socache.html.en | 2 +- docs/manual/socache.html.fr | 2 +- docs/manual/ssl/index.html.en | 2 +- docs/manual/ssl/index.html.fr | 2 +- docs/manual/ssl/index.html.ja.utf8 | 2 +- docs/manual/ssl/index.html.tr.utf8 | 2 +- docs/manual/ssl/index.html.zh-cn.utf8 | 2 +- docs/manual/ssl/ssl_compat.html.en | 2 +- docs/manual/ssl/ssl_compat.html.fr | 2 +- docs/manual/ssl/ssl_faq.html.en | 2 +- docs/manual/ssl/ssl_faq.html.fr | 2 +- docs/manual/ssl/ssl_howto.html.en | 145 +- docs/manual/ssl/ssl_howto.html.fr | 152 +- docs/manual/ssl/ssl_intro.html.en | 2 +- docs/manual/ssl/ssl_intro.html.fr | 2 +- docs/manual/ssl/ssl_intro.html.ja.utf8 | 2 +- docs/manual/stopping.html.de | 2 +- docs/manual/stopping.html.en | 2 +- docs/manual/stopping.html.es | 2 +- docs/manual/stopping.html.fr | 2 +- docs/manual/stopping.html.ja.utf8 | 2 +- docs/manual/stopping.html.ko.euc-kr | 2 +- docs/manual/stopping.html.tr.utf8 | 2 +- docs/manual/style/version.ent | 2 +- docs/manual/suexec.html.en | 2 +- docs/manual/suexec.html.fr | 2 +- docs/manual/suexec.html.ja.utf8 | 2 +- docs/manual/suexec.html.ko.euc-kr | 2 +- docs/manual/suexec.html.tr.utf8 | 2 +- docs/manual/upgrading.html.en | 2 +- docs/manual/upgrading.html.fr | 2 +- docs/manual/urlmapping.html.en | 2 +- docs/manual/urlmapping.html.fr | 2 +- docs/manual/urlmapping.html.ja.utf8 | 2 +- docs/manual/urlmapping.html.ko.euc-kr | 2 +- docs/manual/urlmapping.html.tr.utf8 | 2 +- docs/manual/vhosts/details.html.en | 2 +- docs/manual/vhosts/details.html.fr | 2 +- docs/manual/vhosts/details.html.ko.euc-kr | 2 +- docs/manual/vhosts/details.html.tr.utf8 | 2 +- docs/manual/vhosts/examples.html.en | 2 +- docs/manual/vhosts/examples.html.fr | 2 +- docs/manual/vhosts/examples.html.ja.utf8 | 2 +- docs/manual/vhosts/examples.html.ko.euc-kr | 2 +- docs/manual/vhosts/examples.html.tr.utf8 | 2 +- docs/manual/vhosts/fd-limits.html.en | 2 +- docs/manual/vhosts/fd-limits.html.fr | 2 +- docs/manual/vhosts/fd-limits.html.ja.utf8 | 2 +- docs/manual/vhosts/fd-limits.html.ko.euc-kr | 2 +- docs/manual/vhosts/fd-limits.html.tr.utf8 | 2 +- docs/manual/vhosts/index.html.de | 2 +- docs/manual/vhosts/index.html.en | 2 +- docs/manual/vhosts/index.html.fr | 2 +- docs/manual/vhosts/index.html.ja.utf8 | 2 +- docs/manual/vhosts/index.html.ko.euc-kr | 2 +- docs/manual/vhosts/index.html.tr.utf8 | 2 +- docs/manual/vhosts/index.html.zh-cn.utf8 | 2 +- docs/manual/vhosts/ip-based.html.en | 2 +- docs/manual/vhosts/ip-based.html.fr | 2 +- docs/manual/vhosts/ip-based.html.ja.utf8 | 2 +- docs/manual/vhosts/ip-based.html.ko.euc-kr | 2 +- docs/manual/vhosts/ip-based.html.tr.utf8 | 2 +- docs/manual/vhosts/mass.html.en | 2 +- docs/manual/vhosts/mass.html.fr | 2 +- docs/manual/vhosts/mass.html.ko.euc-kr | 2 +- docs/manual/vhosts/mass.html.tr.utf8 | 2 +- docs/manual/vhosts/name-based.html.de | 2 +- docs/manual/vhosts/name-based.html.en | 10 +- docs/manual/vhosts/name-based.html.fr | 10 +- docs/manual/vhosts/name-based.html.ja.utf8 | 2 +- docs/manual/vhosts/name-based.html.ko.euc-kr | 2 +- docs/manual/vhosts/name-based.html.tr.utf8 | 8 +- httpd.spec | 2 +- include/ap_mmn.h | 7 +- include/ap_release.h | 4 +- include/http_connection.h | 15 +- include/http_core.h | 4 + include/http_log.h | 174 + include/httpd.h | 5 + include/util_charset.h | 31 +- include/util_ebcdic.h | 28 +- include/util_md5.h | 30 +- include/util_varbuf.h | 132 +- include/util_xml.h | 7 +- modules/aaa/mod_auth_basic.c | 6 +- modules/aaa/mod_auth_form.c | 8 +- modules/aaa/mod_authnz_fcgi.c | 16 +- modules/aaa/mod_authz_core.c | 9 +- modules/arch/netware/mod_nw_ssl.c | 6 +- modules/arch/win32/mod_isapi.c | 24 +- modules/cache/cache_util.c | 10 +- modules/cache/mod_cache.c | 14 +- modules/cache/mod_cache_socache.c | 58 +- modules/cache/mod_cache_socache.dsp | 4 +- modules/core/mod_macro.c | 44 +- modules/core/mod_so.c | 4 +- modules/core/mod_watchdog.h | 6 +- modules/database/mod_dbd.c | 7 +- modules/dav/fs/repos.c | 13 +- modules/dav/main/mod_dav.c | 5 +- modules/examples/mod_example_hooks.c | 10 +- modules/filters/mod_include.c | 16 +- modules/filters/mod_ratelimit.c | 4 +- modules/filters/mod_substitute.c | 86 +- modules/filters/mod_xml2enc.c | 9 +- modules/generators/mod_autoindex.c | 4 +- modules/generators/mod_cgi.c | 18 +- modules/http/byterange_filter.c | 6 +- modules/http/http_filters.c | 67 +- modules/http/http_protocol.c | 6 +- modules/http/http_request.c | 4 + modules/ldap/util_ldap.c | 2 +- modules/ldap/util_ldap_cache_mgr.c | 8 +- modules/loggers/mod_log_config.c | 29 +- modules/loggers/mod_logio.c | 12 +- modules/lua/lua_apr.c | 4 +- modules/lua/lua_request.c | 10 +- modules/lua/mod_lua.c | 37 +- modules/mappers/mod_dir.c | 2 +- modules/mappers/mod_negotiation.c | 2 +- modules/mappers/mod_rewrite.c | 1 - modules/proxy/mod_proxy.c | 36 +- modules/proxy/mod_proxy.h | 19 + modules/proxy/mod_proxy_ajp.c | 5 +- modules/proxy/mod_proxy_balancer.c | 2 +- modules/proxy/mod_proxy_connect.c | 30 +- modules/proxy/mod_proxy_fcgi.c | 129 +- modules/proxy/mod_proxy_fdpass.c | 55 +- modules/proxy/mod_proxy_ftp.c | 60 +- modules/proxy/mod_proxy_http.c | 42 +- modules/proxy/mod_proxy_wstunnel.c | 32 +- modules/proxy/proxy_util.c | 218 +- modules/slotmem/mod_slotmem_shm.c | 6 +- modules/ssl/mod_ssl.c | 10 +- modules/ssl/ssl_engine_config.c | 13 + modules/ssl/ssl_engine_init.c | 21 +- modules/ssl/ssl_engine_io.c | 33 +- modules/ssl/ssl_engine_kernel.c | 14 +- modules/ssl/ssl_engine_pphrase.c | 4 +- modules/ssl/ssl_engine_vars.c | 6 +- modules/ssl/ssl_private.h | 16 +- modules/ssl/ssl_util_ssl.c | 15 +- modules/ssl/ssl_util_stapling.c | 143 +- os/bs2000/os.c | 4 +- os/unix/unixd.c | 4 +- server/config.c | 4 - server/connection.c | 20 +- server/core.c | 18 +- server/core_filters.c | 18 +- server/log.c | 138 + server/mpm/event/event.c | 55 +- server/mpm/event/fdqueue.c | 1 + server/mpm/netware/mpm_netware.c | 2 +- server/mpm/winnt/service.c | 618 ++- server/mpm_unix.c | 2 +- server/protocol.c | 21 +- server/scoreboard.c | 14 +- server/util.c | 44 +- server/util_charset.c | 14 - server/util_ebcdic.c | 4 +- server/util_expr_eval.c | 6 +- server/util_fcgi.c | 4 +- server/util_script.c | 6 +- support/ab.c | 14 +- support/htdigest.c | 2 +- support/split-logfile.in | 9 +- 900 files changed, 10905 insertions(+), 7251 deletions(-) delete mode 100644 docs/manual/mod/mod_example.html delete mode 100644 docs/manual/mod/mod_example.html.en delete mode 100644 docs/manual/mod/mod_example.html.fr delete mode 100644 docs/manual/mod/mod_example.html.ko.euc-kr create mode 100644 docs/manual/mod/mod_example_hooks.html create mode 100644 docs/manual/mod/mod_example_hooks.html.en create mode 100644 docs/manual/mod/mod_example_hooks.html.fr create mode 100644 docs/manual/mod/mod_example_hooks.html.ko.euc-kr (limited to 'support/ab.c') diff --git a/CHANGES b/CHANGES index 14ede614..dff64409 100644 --- a/CHANGES +++ b/CHANGES @@ -1,15 +1,223 @@ -*- coding: utf-8 -*- +Changes with Apache 2.4.12 + + *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for + internationalization. [William Rowe] + + *) mpm_winnt: Normalize the error and status messages emitted by service.c, + the service control interface for Windows. [William Rowe] + + *) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824. + [ olli hauer , Yann Ylavic ] + +Changes with Apache 2.4.11 + + *) SECURITY: CVE-2014-3583 (cve.mitre.org) + mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with + response headers' size above 8K. [Yann Ylavic, Jeff Trawick] + + *) SECURITY: CVE-2014-3581 (cve.mitre.org) + mod_cache: Avoid a crash when Content-Type has an empty value. + PR 56924. [Mark Montague , Jan Kaluza] + + *) SECURITY: CVE-2014-8109 (cve.mitre.org) + mod_lua: Fix handling of the Require line when a LuaAuthzProvider is + used in multiple Require directives with different arguments. + PR57204 [Edward Lu ] + + *) SECURITY: CVE-2013-5704 (cve.mitre.org) + core: HTTP trailers could be used to replace HTTP headers + late during request processing, potentially undoing or + otherwise confusing modules that examined or modified + request headers earlier. Adds "MergeTrailers" directive to restore + legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener] + + *) mod_ssl: New directive SSLSessionTickets (On|Off). + The directive controls the use of TLS session tickets (RFC 5077), + default value is "On" (unchanged behavior). + Session ticket creation uses a random key created during web + server startup and recreated during restarts. No other key + recreation mechanism is available currently. Therefore using session + tickets without restarting the web server with an appropriate frequency + (e.g. daily) compromises perfect forward secrecy. [Rainer Jung] + + *) mod_proxy_fcgi: Provide some basic alternate options for specifying + how PATH_INFO is passed to FastCGI backends by adding significance to + the value of proxy-fcgi-pathinfo. PR 55329. [Eric Covener] + + *) mod_proxy_fcgi: Enable UDS backends configured with SetHandler/RewriteRule + to opt-in to connection reuse and other Proxy options via explicitly + declared "proxy workers" (] + + *) mod_proxy_fcgi: Remove proxy:balancer:// prefix from SCRIPT_FILENAME + passed to fastcgi backends. [Eric Covener] + + *) core: Configuration files with long lines and continuation characters + are not read properly. PR 55910. [Manuel Mausz ] + + *) mod_include: the 'env' function was incorrectly handled as 'getenv' if the + leading 'e' was written in upper case in + statements. [Christophe Jaillet] + + *) split-logfile: Fix perl error: 'Can't use string ("example.org:80") + as a symbol ref while "strict refs"'. PR 56329. + [Holger Mauermann ] + + *) mod_proxy: Prevent ProxyPassReverse from doing a substitution when + the URL parameter interpolates to an empty string. PR 56603. + [] + + *) core: Fix -D[efined] or [d] variables lifetime accross restarts. + PR 57328. [Armin Abfalterer , Yann Ylavic]. + + *) mod_proxy: Preserve original request headers even if they differ + from the ones to be forwarded to the backend. PR 45387. + [Yann Ylavic] + + *) mod_ssl: dump SSL IO/state for the write side of the connection(s), + like reads (level TRACE4). [Yann Ylavic] + + *) mod_proxy_fcgi: Ignore body data from backend for 304 responses. PR 57198. + [Jan Kaluza] + + *) mod_ssl: Do not crash when looking up SSL related variables during + expression evaluation on non SSL connections. PR 57070 [Ruediger Pluem] + + *) mod_proxy_ajp: Fix handling of the default port (8009) in the + ProxyPass and configurations. PR 57259. [Yann Ylavic] + + *) mpm_event: Avoid a possible use after free when notifying the end of + connection during lingering close. PR 57268. [Eric Covener, Yann Ylavic] + + *) mod_ssl: Fix recognition of OCSP stapling responses that are encoded + improperly or too large. [Jeff Trawick] + + *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers. + [Jeff Trawick] + + *) mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an + error when parsing or forwarding the response fails. [Yann Ylavic] + + *) mod_ssl: Fix a memory leak in case of graceful restarts with OpenSSL >= 0.9.8e + PR 53435 [tadanori , Sebastian Wiedenroth ] + + *) mod_proxy_connect: Don't issue AH02447 on sockets hangups, let the read + determine whether it is a normal close or a real error. PR 57168. [Yann + Ylavic] + + *) mod_proxy_wstunnel: abort backend connection on polling error to avoid + further processing. [Yann Ylavic] + + *) core: Support custom ErrorDocuments for HTTP 501 and 414 status codes. + PR 57167 [Edward Lu ] + + *) mod_proxy_connect: Fix ProxyRemote to https:// backends on EBCDIC + systems. PR 57092 [Edward Lu ] + + *) mod_cache: Avoid a 304 response to an unconditional requst when an AH00752 + CacheLock error occurs during cache revalidation. [Eric Covener] + + *) mod_ssl: Move OCSP stapling information from a per-certificate store to + a per-server hash. PR 54357, PR 56919. [Alex Bligh , + Yann Ylavic, Kaspar Brand] + + *) mod_cache_socache: Change average object size hint from 32 bytes to + 2048 bytes. [Rainer Jung] + + *) mod_cache_socache: Add cache status to server-status. [Rainer Jung] + + *) event: Fix worker-listener deadlock in graceful restart. + PR 56960. + + *) Concat strings at compile time when possible. PR 53741. + + *) mod_substitute: Restrict configuration in .htaccess to + FileInfo as documented. [Rainer Jung] + + *) mod_substitute: Make maximum line length configurable. [Rainer Jung] + + *) mod_substitute: Fix line length limitation in case of regexp plus flatten. + [Rainer Jung] + + *) mod_proxy: Truncated character worker names are no longer fatal + errors. PR53218. [Jim Jagielski] + + *) mod_dav: Set r->status_line in dav_error_response. PR 55426. + + *) mod_proxy_http, mod_cache: Avoid (unlikely) accesses to freed memory. + [Yann Ylavic, Christophe Jaillet] + + *) http_protocol: fix logic in ap_method_list_(add|remove) in order: + - to correctly reset bits + - not to modify the 'method_mask' bitfield unnecessarily + [Christophe Jaillet] + + *) mod_slotmem_shm: Increase log level for some originally debug messages. + [Jim Jagielski] + + *) mod_ldap: In 2.4.10, some LDAP searches or comparisons might be done with + the wrong credentials when a backend connection is reused. + [Eric Covener] + + *) mod_macro: Add missing APLOGNO for some Warning log messages. + [Christophe Jaillet] + + *) mod_cache: Avoid sending 304 responses during failed revalidations + PR56881. [Eric Covener] + + *) mod_status: Honor client IP address using mod_remoteip. PR 55886. + [Jim Jagielski] + + *) cmake-based build for Windows: Fix incompatibility with cmake 2.8.12 + and later. PR 56615. [Chuck Liu , Jeff Trawick] + + *) mod_ratelimit: Drop severity of AH01455 and AH01457 (ap_pass_brigade + failed) messages from ERROR to TRACE1. Other filters do not bother + re-reporting failures from lower level filters. PR56832. [Eric Covener] + + *) core: Avoid useless warning message when parsing a section guarded by + if $(foo) is used within the section. + PR 56503 [Christophe Jaillet] + + *) mod_proxy_fcgi: Fix faulty logging of large amounts of stderr from the + application. PR 56858. [Manuel Mausz ] + + *) mod_proxy_http: Proxy responses with error status and + "ProxyErrorOverride On" hang until proxy timeout. + PR53420 [Rainer Jung] + + *) mod_log_config: Allow three character log formats to be registered. For + backwards compatibility, the first character of a three-character format + must be the '^' (caret) character. [Eric Covener] + + *) mod_lua: Don't quote Expires and Path values. PR 56734. + [Keith Mashinter, ] + + *) mod_authz_core: Allow 'es to be seen from auth + stanzas under virtual hosts. PR 56870. [Eric Covener] + Changes with Apache 2.4.10 *) SECURITY: CVE-2014-0117 (cve.mitre.org) - mod_proxy: Fix crash in Connection header handling which - allowed a denial of service attack against a reverse proxy - with a threaded MPM. [Ben Reser] + mod_proxy: Fix crash in Connection header handling which allowed a denial + of service attack against a reverse proxy with a threaded MPM. + [Ben Reser] *) SECURITY: CVE-2014-3523 (cve.mitre.org) - Fix a memory consumption denial of service in the WinNT MPM (used in all Windows - installations). Workaround: AcceptFilter {none|connect} + Fix a memory consumption denial of service in the WinNT MPM, used in all + Windows installations. Workaround: AcceptFilter {none|connect} [Jeff Trawick] *) SECURITY: CVE-2014-0226 (cve.mitre.org) @@ -18,8 +226,8 @@ Changes with Apache 2.4.10 *) SECURITY: CVE-2014-0118 (cve.mitre.org) mod_deflate: The DEFLATE input filter (inflates request bodies) now - limits the length and compression ratio of inflated request bodies to avoid - denial of sevice via highly compressed bodies. See directives + limits the length and compression ratio of inflated request bodies to + avoid denial of service via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener] @@ -97,8 +305,20 @@ Changes with Apache 2.4.10 *) mod_proxy_balancer: Correctly encode user provided data in management interface. PR 56532 [Maksymilian, ] + *) mod_proxy: Don't limit the size of the connectable Unix Domain Socket + paths. [Graham Dumpleton, Christophe Jaillet, Yann Ylavic] + *) mod_proxy_fcgi: Support iobuffersize parameter. [Jeff Trawick] + *) event: Send the SSL close notify alert when the KeepAliveTimeout + expires. PR54998. [Yann Ylavic] + + *) mod_ssl: Ensure that the SSL close notify alert is flushed to the client. + PR54998. [Tim Kosse , Yann Ylavic] + + *) mod_proxy: Shutdown (eg. SSL close notify) the backend connection before + closing. [Yann Ylavic] + *) mod_auth_form: Add a debug message when the fields on a form are not recognised. [Graham Leggett] @@ -195,7 +415,7 @@ Changes with Apache 2.4.10 under the Event MPM. PR56216. [Frank Meier ] *) mod_proxy_fcgi: Fix sending of response without some HTTP headers - that might be set by filters. [Jim Riggs ] + that might be set by filters. PR 55558. [Jim Riggs ] *) mod_proxy_html: Do not delete the wrong data from HTML code when a "http-equiv" meta tag specifies a Content-Type behind any other @@ -244,7 +464,6 @@ Changes with Apache 2.4.10 *) mod_lua: More verbose error logging when a handler function cannot be found. [Daniel Gruno] - Changes with Apache 2.4.9 *) mod_ssl: Work around a bug in some older versions of OpenSSL that @@ -536,7 +755,8 @@ Changes with Apache 2.4.7 - Avoid some memory allocation and work when TRACE1 is not activated - fix typo in include guard - indent - - No need to lower the string before removing the path, it is just a waste of time... + - No need to lower the string before removing the path, it is just + a waste of time... - Save a few cycles [Christophe Jaillet ] @@ -1202,7 +1422,7 @@ Changes with Apache 2.4.3 *) core: Log value of Status header line in script responses rather than the fixed header name. [Chris Darroch] - *) mpm_ssl: Fix handling of empty response from OCSP server. + *) mod_ssl: Fix handling of empty response from OCSP server. [Jim Meyering , Joe Orton] *) mpm_event: Fix handling of MaxConnectionsPerChild. [Stefan Fritsch] @@ -1623,20 +1843,20 @@ Changes with Apache 2.3.15 ] *) mpm_event: Check the return value from ap_run_create_connection. - PR: 41194. [Davi Arnaut] + PR 41194. [Davi Arnaut] *) mod_mime_magic: Add signatures for PNG and SWF to the example config. - PR: 48352. [Jeremy Wagner-Kaiser ] + PR 48352. [Jeremy Wagner-Kaiser ] *) core, unixd: Add -D DUMP_RUN_CFG option to dump some configuration items from the parsed (or default) config. This is useful for init scripts that need to setup temporary directories and permissions. [Stefan Fritsch] *) core, mod_actions, mod_asis: Downgrade error log messages which accompany - a 404 request status from loglevel error to info. PR: 35768. [Stefan + a 404 request status from loglevel error to info. PR 35768. [Stefan Fritsch] - *) core: Fix hook sorting with Perl modules. PR: 45076. [Torsten Foertsch + *) core: Fix hook sorting with Perl modules. PR 45076. [Torsten Foertsch ] *) core: Enforce LimitRequestFieldSize after multiple headers with the same @@ -2141,7 +2361,7 @@ Changes with Apache 2.3.11 per-balancer 'nonce' parameter. [Jim Jagielski] *) mod_status: Don't show slots which are disabled by MaxClients as open. - PR: 47022 [Jordi Prats , Stefan Fritsch] + PR 47022 [Jordi Prats , Stefan Fritsch] *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and AP_MPMQ_MAX_THREADS. @@ -2532,7 +2752,7 @@ Changes with Apache 2.3.7 *) SECURITY: CVE-2010-1452 (cve.mitre.org) mod_dav, mod_cache, mod_session: Fix Handling of requests without a path - segment. PR: 49246 [Mark Drayton, Jeff Trawick] + segment. PR 49246 [Mark Drayton, Jeff Trawick] *) mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076. [Stefan Fritsch] diff --git a/CMakeLists.txt b/CMakeLists.txt index d3d16e5a..71559a3d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -80,11 +80,11 @@ FOREACH(onelib ${APR_LIBRARIES}) ENDFOREACH() MACRO(DEFINE_WITH_BLANKS output_definition input_symbol input_value) - IF(MSVC_IDE) + IF(MSVC_IDE OR ${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION}.${CMAKE_PATCH_VERSION} VERSION_GREATER 2.8.11) SET(${output_definition} "-D${input_symbol}=\"${input_value}\"") ELSE() - # assume command-line tool, where extra quotes must be added and escaped to - # survive + # command-line tool + older cmake, where extra quotes must be added and + # escaped to survive SET(${output_definition} "-D${input_symbol}=\"\\\"${input_value}\\\"\"") ENDIF() ENDMACRO() diff --git a/NOTICE b/NOTICE index a509b703..d24cb1dd 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ Apache HTTP Server -Copyright 2014 The Apache Software Foundation. +Copyright 2015 The Apache Software Foundation. This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/README.platforms b/README.platforms index 061a4e32..a377079f 100644 --- a/README.platforms +++ b/README.platforms @@ -18,28 +18,9 @@ well as the fact that the bundled versions are up-to-date: autoconf 2.52 and (g)libtool 1.4.2. - Earlier versions of OS X are not so fortunate, and the bundled tools - are not only older versions, but also, for the most part, do not work - well. If you are interested in developing under Darwin, we - recommend that you obtain and install replacement versions of what - are normally installed on Darwin (and OS X, as of v10.1.5). If - you build your own versions of autoconf 2.52 and libtool 1.4.2, be - aware that there are some Darwin specific patches to the official - code that still must be applied for them to fully work. A useful - page to check out is: - - http://fink.sourceforge.net/doc/porting/libtool.php - - Pier Fumagalli also provides pre-built Darwin packages of the - patched autoconf and libtool suites, available at: - - http://www.apache.org/~pier/macosx/ - You will note that GNU libtool should actually be installed as glibtool, to avoid conflict with a Darwin program of the same - name. Pier's packages have this change already. All files are - installed under /usr/local/ so to use these versions, and be sure - that /usr/local/bin is earlier in your PATH. + name. There have been some reports that autoconf 2.52 prevents Apache's build system from correctly handling passing multi-value envvars @@ -56,11 +37,9 @@ This is a known issue and will be fixed in a later version of the autoconf suite. These errors can be safely ignored. - With Darwin 10, the default C compiler (gcc) will try to build - multi-architecture bundles. This causes problems with APR, which - needs to know various data-type sizes which it assumes are universal - for platforms. Until this is fully fixed, we recommend using the - '-arch i386' gcc option when building both Apache and APR. + For later versions of OS X, (10.8 and 10.9), be sure to have Xcode + AND Xcode Command Line Tools installed. httpd will built both with + gcc and clang. ========== FreeBSD: diff --git a/build/NWGNUtail.inc b/build/NWGNUtail.inc index db38ff61..4c19a639 100644 --- a/build/NWGNUtail.inc +++ b/build/NWGNUtail.inc @@ -221,6 +221,7 @@ $(OBJDIR)/$(NLM_NAME)_link.opt : $($(NLM_NAME)_LINKOPT_DEPENDS) $(call DEL,$@) $(call DEL,$(@:.opt=.def)) @echo $(DL)GEN $@$(DL) + @echo $(DL)-nlmversion=$(NLM_VERSION)$(DL)>> $@ @echo $(DL)-warnings off$(DL)>> $@ @echo $(DL)-zerobss$(DL)>> $@ @echo $(DL)-o $(TARGET_nlm)$(DL)>> $@ @@ -284,7 +285,7 @@ endif @echo $(DL)threadname "$(NLM_THREAD_NAME)"$(DL)>> $(@:.opt=.def) @echo $(DL)screenname "$(NLM_SCREEN_NAME)"$(DL)>> $(@:.opt=.def) @echo $(DL)stacksize $(subst K,000,$(subst k,K,$(strip $(NLM_STACK_SIZE))))$(DL)>> $(@:.opt=.def) - @echo $(DL)version $(NLM_VERSION) $(DL)>> $(@:.opt=.def) +# @echo $(DL)version $(NLM_VERSION) $(DL)>> $(@:.opt=.def) @echo $(DL)start $(NLM_ENTRY_SYM)$(DL)>> $(@:.opt=.def) @echo $(DL)exit $(NLM_EXIT_SYM)$(DL)>> $(@:.opt=.def) ifneq "$(NLM_CHECK_SYM)" "" diff --git a/build/ltmain.sh b/build/ltmain.sh index 9ae038c2..5eca4aea 100644 --- a/build/ltmain.sh +++ b/build/ltmain.sh @@ -1,9 +1,12 @@ +#! /bin/sh +## DO NOT EDIT - This file generated from ./build-aux/ltmain.in +## by inline-source v2014-01-03.01 -# libtool (GNU libtool) 2.4.2 +# libtool (GNU libtool) 2.4.4 +# Provide generalized library-building support services. # Written by Gordon Matzigkeit , 1996 -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. +# Copyright (C) 1996-2014 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -23,881 +26,2105 @@ # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, -# or obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# along with this program. If not, see . -# Usage: $progname [OPTION]... [MODE-ARG]... -# -# Provide generalized library-building support services. -# -# --config show all configuration variables -# --debug enable verbose shell tracing -# -n, --dry-run display commands without modifying any files -# --features display basic configuration information and exit -# --mode=MODE use operation mode MODE -# --preserve-dup-deps don't remove duplicate dependency libraries -# --quiet, --silent don't print informational messages -# --no-quiet, --no-silent -# print informational messages (default) -# --no-warn don't display warning messages -# --tag=TAG use configuration variables from tag TAG -# -v, --verbose print more informational messages than default -# --no-verbose don't print the extra informational messages -# --version print version information -# -h, --help, --help-all print short, long, or detailed help message -# -# MODE must be one of the following: -# -# clean remove files from the build directory -# compile compile a source file into a libtool object -# execute automatically set library path, then run a program -# finish complete the installation of libtool libraries -# install install libraries or executables -# link create a library or an executable -# uninstall remove libraries from an installed directory -# -# MODE-ARGS vary depending on the MODE. When passed as first option, -# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that. -# Try `$progname --help --mode=MODE' for a more detailed description of MODE. -# -# When reporting a bug, please describe a test case to reproduce it and -# include the following information: -# -# host-triplet: $host -# shell: $SHELL -# compiler: $LTCC -# compiler flags: $LTCFLAGS -# linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 -# automake: $automake_version -# autoconf: $autoconf_version -# -# Report bugs to . -# GNU libtool home page: . -# General help using GNU software: . PROGRAM=libtool PACKAGE=libtool -VERSION=2.4.2 -TIMESTAMP="" -package_revision=1.3337 +VERSION=2.4.4 +package_revision=2.4.4 -# Be Bourne compatible -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + +## ------ ## +## Usage. ## +## ------ ## + +# Run './libtool --help' for help with using this script from the +# command line. + + +## ------------------------------- ## +## User overridable command paths. ## +## ------------------------------- ## + +# After configure completes, it has a better idea of some of the +# shell tools we need than the defaults used by the functions shared +# with bootstrap, so set those here where they can still be over- +# ridden by the user, but otherwise take precedence. + +: ${AUTOCONF="autoconf"} +: ${AUTOMAKE="automake"} + + +## -------------------------- ## +## Source external libraries. ## +## -------------------------- ## + +# Much of our low-level functionality needs to be sourced from external +# libraries, which are installed to $pkgauxdir. + +# Set a version string for this script. +scriptversion=2014-01-03.01; # UTC + +# General shell script boiler plate, and helper functions. +# Written by Gary V. Vaughan, 2004 + +# Copyright (C) 2004-2014 Free Software Foundation, Inc. +# This is free software; see the source for copying conditions. There is NO +# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. + +# As a special exception to the GNU General Public License, if you distribute +# this file as part of a program or library that is built using GNU Libtool, +# you may include this file under the same distribution terms that you use +# for the rest of that program. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNES FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Please report bugs or propose patches to gary@gnu.org. + + +## ------ ## +## Usage. ## +## ------ ## + +# Evaluate this file near the top of your script to gain access to +# the functions and variables defined here: +# +# . `echo "$0" | ${SED-sed} 's|[^/]*$||'`/build-aux/funclib.sh +# +# If you need to override any of the default environment variable +# settings, do that before evaluating this file. + + +## -------------------- ## +## Shell normalisation. ## +## -------------------- ## + +# Some shells need a little help to be as Bourne compatible as possible. +# Before doing anything else, make sure all that help has been provided! + +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in *posix*) set -o posix ;; esac fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' -} -# NLS nuisances: We save the old values to restore during execute mode. -lt_user_locale= -lt_safe_locale= -for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES +# NLS nuisances: We save the old values in case they are required later. +_G_user_locale= +_G_safe_locale= +for _G_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES do - eval "if test \"\${$lt_var+set}\" = set; then - save_$lt_var=\$$lt_var - $lt_var=C - export $lt_var - lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\" - lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\" + eval "if test set = \"\${$_G_var+set}\"; then + save_$_G_var=\$$_G_var + $_G_var=C + export $_G_var + _G_user_locale=\"$_G_var=\\\$save_\$_G_var; \$_G_user_locale\" + _G_safe_locale=\"$_G_var=C; \$_G_safe_locale\" fi" done -LC_ALL=C -LANGUAGE=C -export LANGUAGE LC_ALL -$lt_unset CDPATH +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Make sure IFS has a sensible default +sp=' ' +nl=' +' +IFS="$sp $nl" + +# There are apparently some retarded systems that use ';' as a PATH separator! +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi -# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh -# is ksh but when the shell is invoked as "sh" and the current value of -# the _XPG environment variable is not equal to 1 (one), the special -# positional parameter $0, within a function call, is the name of the -# function. -progpath="$0" +## ------------------------- ## +## Locate command utilities. ## +## ------------------------- ## + + +# func_executable_p FILE +# ---------------------- +# Check that FILE is an executable regular file. +func_executable_p () +{ + test -f "$1" && test -x "$1" +} + + +# func_path_progs PROGS_LIST CHECK_FUNC [PATH] +# -------------------------------------------- +# Search for either a program that responds to --version with output +# containing "GNU", or else returned by CHECK_FUNC otherwise, by +# trying all the directories in PATH with each of the elements of +# PROGS_LIST. +# +# CHECK_FUNC should accept the path to a candidate program, and +# set $func_check_prog_result if it truncates its output less than +# $_G_path_prog_max characters. +func_path_progs () +{ + _G_progs_list=$1 + _G_check_func=$2 + _G_PATH=${3-"$PATH"} + + _G_path_prog_max=0 + _G_path_prog_found=false + _G_save_IFS=$IFS; IFS=$PATH_SEPARATOR + for _G_dir in $_G_PATH; do + IFS=$_G_save_IFS + test -z "$_G_dir" && _G_dir=. + for _G_prog_name in $_G_progs_list; do + for _exeext in '' .EXE; do + _G_path_prog=$_G_dir/$_G_prog_name$_exeext + func_executable_p "$_G_path_prog" || continue + case `"$_G_path_prog" --version 2>&1` in + *GNU*) func_path_progs_result=$_G_path_prog _G_path_prog_found=: ;; + *) $_G_check_func $_G_path_prog + func_path_progs_result=$func_check_prog_result + ;; + esac + $_G_path_prog_found && break 3 + done + done + done + IFS=$_G_save_IFS + test -z "$func_path_progs_result" && { + echo "no acceptable sed could be found in \$PATH" >&2 + exit 1 + } +} + + +# We want to be able to use the functions in this file before configure +# has figured out where the best binaries are kept, which means we have +# to search for them ourselves - except when the results are already set +# where we skip the searches. + +# Unless the user overrides by setting SED, search the path for either GNU +# sed, or the sed that truncates its output the least. +test -z "$SED" && { + _G_sed_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for _G_i in 1 2 3 4 5 6 7; do + _G_sed_script=$_G_sed_script$nl$_G_sed_script + done + echo "$_G_sed_script" 2>/dev/null | sed 99q >conftest.sed + _G_sed_script= + + func_check_prog_sed () + { + _G_path_prog=$1 + + _G_count=0 + printf 0123456789 >conftest.in + while : + do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo '' >> conftest.nl + "$_G_path_prog" -f conftest.sed conftest.out 2>/dev/null || break + diff conftest.out conftest.nl >/dev/null 2>&1 || break + _G_count=`expr $_G_count + 1` + if test "$_G_count" -gt "$_G_path_prog_max"; then + # Best one so far, save it but keep looking for a better one + func_check_prog_result=$_G_path_prog + _G_path_prog_max=$_G_count + fi + # 10*(2^10) chars as input seems more than enough + test 10 -lt "$_G_count" && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out + } + + func_path_progs "sed gsed" func_check_prog_sed $PATH:/usr/xpg4/bin + rm -f conftest.sed + SED=$func_path_progs_result +} + + +# Unless the user overrides by setting GREP, search the path for either GNU +# grep, or the grep that truncates its output the least. +test -z "$GREP" && { + func_check_prog_grep () + { + _G_path_prog=$1 + + _G_count=0 + _G_path_prog_max=0 + printf 0123456789 >conftest.in + while : + do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo 'GREP' >> conftest.nl + "$_G_path_prog" -e 'GREP$' -e '-(cannot match)-' conftest.out 2>/dev/null || break + diff conftest.out conftest.nl >/dev/null 2>&1 || break + _G_count=`expr $_G_count + 1` + if test "$_G_count" -gt "$_G_path_prog_max"; then + # Best one so far, save it but keep looking for a better one + func_check_prog_result=$_G_path_prog + _G_path_prog_max=$_G_count + fi + # 10*(2^10) chars as input seems more than enough + test 10 -lt "$_G_count" && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out + } + + func_path_progs "grep ggrep" func_check_prog_grep $PATH:/usr/xpg4/bin + GREP=$func_path_progs_result +} + + +## ------------------------------- ## +## User overridable command paths. ## +## ------------------------------- ## + +# All uppercase variable names are used for environment variables. These +# variables can be overridden by the user before calling a script that +# uses them if a suitable command of that name is not already available +# in the command search PATH. : ${CP="cp -f"} -test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} +: ${ECHO="printf %s\n"} +: ${EGREP="$GREP -E"} +: ${FGREP="$GREP -F"} +: ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} -: ${Xsed="$SED -e 1s/^X//"} - -# Global variables: -EXIT_SUCCESS=0 -EXIT_FAILURE=1 -EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. -EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. - -exit_status=$EXIT_SUCCESS - -# Make sure IFS has a sensible default -lt_nl=' -' -IFS=" $lt_nl" -dirname="s,/[^/]*$,," -basename="s,^.*/,," -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi -} # func_dirname may be replaced by extended shell implementation +## -------------------- ## +## Useful sed snippets. ## +## -------------------- ## +sed_dirname='s|/[^/]*$||' +sed_basename='s|^.*/||' -# func_basename file -func_basename () -{ - func_basename_result=`$ECHO "${1}" | $SED "$basename"` -} # func_basename may be replaced by extended shell implementation +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +sed_quote_subst='s|\([`"$\\]\)|\\\1|g' +# Same as above, but do not quote variable references. +sed_double_quote_subst='s/\(["`\\]\)/\\\1/g' -# func_dirname_and_basename file append nondir_replacement -# perform func_basename and func_dirname in a single function -# call: -# dirname: Compute the dirname of FILE. If nonempty, -# add APPEND to the result, otherwise set result -# to NONDIR_REPLACEMENT. -# value returned in "$func_dirname_result" -# basename: Compute filename of FILE. -# value retuned in "$func_basename_result" -# Implementation must be kept synchronized with func_dirname -# and func_basename. For efficiency, we do not delegate to -# those functions but instead duplicate the functionality here. -func_dirname_and_basename () -{ - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi - func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` -} # func_dirname_and_basename may be replaced by extended shell implementation +# Sed substitution that turns a string into a regex matching for the +# string literally. +sed_make_literal_regex='s|[].[^$\\*\/]|\\&|g' +# Sed substitution that converts a w32 file name or path +# that contains forward slashes, into one that contains +# (escaped) backslashes. A very naive implementation. +sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' + +# Re-'\' parameter expansions in output of sed_double_quote_subst that +# were '\'-ed in input to the same. If an odd number of '\' preceded a +# '$' in input to sed_double_quote_subst, that '$' was protected from +# expansion. Since each input '\' is now two '\'s, look for any number +# of runs of four '\'s followed by two '\'s and then a '$'. '\' that '$'. +_G_bs='\\' +_G_bs2='\\\\' +_G_bs4='\\\\\\\\' +_G_dollar='\$' +sed_double_backslash="\ + s/$_G_bs4/&\\ +/g + s/^$_G_bs2$_G_dollar/$_G_bs&/ + s/\\([^$_G_bs]\\)$_G_bs2$_G_dollar/\\1$_G_bs2$_G_bs$_G_dollar/g + s/\n//g" -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# func_strip_suffix prefix name -func_stripname () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} # func_stripname may be replaced by extended shell implementation +## ----------------- ## +## Global variables. ## +## ----------------- ## -# These SED scripts presuppose an absolute path with a trailing slash. -pathcar='s,^/\([^/]*\).*$,\1,' -pathcdr='s,^/[^/]*,,' -removedotparts=':dotsl - s@/\./@/@g - t dotsl - s,/\.$,/,' -collapseslashes='s@/\{1,\}@/@g' -finalslash='s,/*$,/,' +# Except for the global variables explicitly listed below, the following +# functions in the '^func_' namespace, and the '^require_' namespace +# variables initialised in the 'Resource management' section, sourcing +# this file will not pollute your global namespace with anything +# else. There's no portable way to scope variables in Bourne shell +# though, so actually running these functions will sometimes place +# results into a variable named after the function, and often use +# temporary variables in the '^_G_' namespace. If you are careful to +# avoid using those namespaces casually in your sourcing script, things +# should continue to work as you expect. And, of course, you can freely +# overwrite any of the functions or variables defined here before +# calling anything to customize them. -# func_normal_abspath PATH -# Remove doubled-up and trailing slashes, "." path components, -# and cancel out any ".." path components in PATH after making -# it an absolute path. -# value returned in "$func_normal_abspath_result" -func_normal_abspath () -{ - # Start from root dir and reassemble the path. - func_normal_abspath_result= - func_normal_abspath_tpath=$1 - func_normal_abspath_altnamespace= - case $func_normal_abspath_tpath in - "") - # Empty path, that just means $cwd. - func_stripname '' '/' "`pwd`" - func_normal_abspath_result=$func_stripname_result - return - ;; - # The next three entries are used to spot a run of precisely - # two leading slashes without using negated character classes; - # we take advantage of case's first-match behaviour. - ///*) - # Unusual form of absolute path, do nothing. - ;; - //*) - # Not necessarily an ordinary path; POSIX reserves leading '//' - # and for example Cygwin uses it to access remote file shares - # over CIFS/SMB, so we conserve a leading double slash if found. - func_normal_abspath_altnamespace=/ - ;; - /*) - # Absolute path, do nothing. - ;; - *) - # Relative path, prepend $cwd. - func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath - ;; - esac - # Cancel out all the simple stuff to save iterations. We also want - # the path to end with a slash for ease of parsing, so make sure - # there is one (and only one) here. - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"` - while :; do - # Processed it all yet? - if test "$func_normal_abspath_tpath" = / ; then - # If we ascended to the root using ".." the result may be empty now. - if test -z "$func_normal_abspath_result" ; then - func_normal_abspath_result=/ - fi - break - fi - func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcar"` - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcdr"` - # Figure out what to do with it - case $func_normal_abspath_tcomponent in - "") - # Trailing empty path component, ignore it. - ;; - ..) - # Parent dir; strip last assembled component from result. - func_dirname "$func_normal_abspath_result" - func_normal_abspath_result=$func_dirname_result - ;; - *) - # Actual path component, append it. - func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent - ;; - esac - done - # Restore leading double-slash if one was found on entry. - func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result -} +EXIT_SUCCESS=0 +EXIT_FAILURE=1 +EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. +EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. -# func_relative_path SRCDIR DSTDIR -# generates a relative path from SRCDIR to DSTDIR, with a trailing -# slash if non-empty, suitable for immediately appending a filename -# without needing to append a separator. -# value returned in "$func_relative_path_result" -func_relative_path () -{ - func_relative_path_result= - func_normal_abspath "$1" - func_relative_path_tlibdir=$func_normal_abspath_result - func_normal_abspath "$2" - func_relative_path_tbindir=$func_normal_abspath_result - - # Ascend the tree starting from libdir - while :; do - # check if we have found a prefix of bindir - case $func_relative_path_tbindir in - $func_relative_path_tlibdir) - # found an exact match - func_relative_path_tcancelled= - break - ;; - $func_relative_path_tlibdir*) - # found a matching prefix - func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" - func_relative_path_tcancelled=$func_stripname_result - if test -z "$func_relative_path_result"; then - func_relative_path_result=. - fi - break - ;; - *) - func_dirname $func_relative_path_tlibdir - func_relative_path_tlibdir=${func_dirname_result} - if test "x$func_relative_path_tlibdir" = x ; then - # Have to descend all the way to the root! - func_relative_path_result=../$func_relative_path_result - func_relative_path_tcancelled=$func_relative_path_tbindir - break - fi - func_relative_path_result=../$func_relative_path_result - ;; - esac - done +# Allow overriding, eg assuming that you follow the convention of +# putting '$debug_cmd' at the start of all your functions, you can get +# bash to show function call trace with: +# +# debug_cmd='eval echo "${FUNCNAME[0]} $*" >&2' bash your-script-name +debug_cmd=${debug_cmd-":"} +exit_cmd=: - # Now calculate path; take care to avoid doubling-up slashes. - func_stripname '' '/' "$func_relative_path_result" - func_relative_path_result=$func_stripname_result - func_stripname '/' '/' "$func_relative_path_tcancelled" - if test "x$func_stripname_result" != x ; then - func_relative_path_result=${func_relative_path_result}/${func_stripname_result} - fi +# By convention, finish your script with: +# +# exit $exit_status +# +# so that you can set exit_status to non-zero if you want to indicate +# something went wrong during execution without actually bailing out at +# the point of failure. +exit_status=$EXIT_SUCCESS - # Normalisation. If bindir is libdir, return empty string, - # else relative path ending with a slash; either way, target - # file name can be directly appended. - if test ! -z "$func_relative_path_result"; then - func_stripname './' '' "$func_relative_path_result/" - func_relative_path_result=$func_stripname_result - fi -} +# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh +# is ksh but when the shell is invoked as "sh" and the current value of +# the _XPG environment variable is not equal to 1 (one), the special +# positional parameter $0, within a function call, is the name of the +# function. +progpath=$0 -# The name of this program: -func_dirname_and_basename "$progpath" -progname=$func_basename_result +# The name of this program. +progname=`$ECHO "$progpath" |$SED "$sed_basename"` -# Make sure we have an absolute path for reexecution: +# Make sure we have an absolute progpath for reexecution: case $progpath in [\\/]*|[A-Za-z]:\\*) ;; *[\\/]*) - progdir=$func_dirname_result + progdir=`$ECHO "$progpath" |$SED "$sed_dirname"` progdir=`cd "$progdir" && pwd` - progpath="$progdir/$progname" + progpath=$progdir/$progname ;; *) - save_IFS="$IFS" + _G_IFS=$IFS IFS=${PATH_SEPARATOR-:} for progdir in $PATH; do - IFS="$save_IFS" + IFS=$_G_IFS test -x "$progdir/$progname" && break done - IFS="$save_IFS" + IFS=$_G_IFS test -n "$progdir" || progdir=`pwd` - progpath="$progdir/$progname" + progpath=$progdir/$progname ;; esac -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed="${SED}"' -e 1s/^X//' -sed_quote_subst='s/\([`"$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' -# Sed substitution that turns a string into a regex matching for the -# string literally. -sed_make_literal_regex='s,[].[^$\\*\/],\\&,g' +## ----------------- ## +## Standard options. ## +## ----------------- ## -# Sed substitution that converts a w32 file name or path -# which contains forward slashes, into one that contains -# (escaped) backslashes. A very naive implementation. -lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' - -# Re-`\' parameter expansions in output of double_quote_subst that were -# `\'-ed in input to the same. If an odd number of `\' preceded a '$' -# in input to double_quote_subst, that '$' was protected from expansion. -# Since each input `\' is now two `\'s, look for any number of runs of -# four `\'s followed by two `\'s and then a '$'. `\' that '$'. -bs='\\' -bs2='\\\\' -bs4='\\\\\\\\' -dollar='\$' -sed_double_backslash="\ - s/$bs4/&\\ -/g - s/^$bs2$dollar/$bs&/ - s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g - s/\n//g" +# The following options affect the operation of the functions defined +# below, and should be set appropriately depending on run-time para- +# meters passed on the command line. -# Standard options: opt_dry_run=false -opt_help=false opt_quiet=false opt_verbose=false -opt_warning=: -# func_echo arg... -# Echo program name prefixed message, along with the current mode -# name if it has been set yet. -func_echo () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }$*" -} +# Categories 'all' and 'none' are always available. Append any others +# you will pass as the first argument to func_warning from your own +# code. +warning_categories= -# func_verbose arg... -# Echo program name prefixed message in verbose mode only. -func_verbose () -{ - $opt_verbose && func_echo ${1+"$@"} +# By default, display warnings according to 'opt_warning_types'. Set +# 'warning_func' to ':' to elide all warnings, or func_fatal_error to +# treat the next displayed warning as a fatal error. +warning_func=func_warn_and_continue - # A bug in bash halts the script if the last line of a function - # fails when set -e is in force, so we need another command to - # work around that: - : -} +# Set to 'all' to display all warnings, 'none' to suppress all +# warnings, or a space delimited list of some subset of +# 'warning_categories' to display only the listed warnings. +opt_warning_types=all -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "$*" -} -# func_error arg... -# Echo program name prefixed message to standard error. -func_error () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2 -} +## -------------------- ## +## Resource management. ## +## -------------------- ## -# func_warning arg... -# Echo program name prefixed warning message to standard error. -func_warning () -{ - $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2 +# This section contains definitions for functions that each ensure a +# particular resource (a file, or a non-empty configuration variable for +# example) is available, and if appropriate to extract default values +# from pertinent package files. Call them using their associated +# 'require_*' variable to ensure that they are executed, at most, once. +# +# It's entirely deliberate that calling these functions can set +# variables that don't obey the namespace limitations obeyed by the rest +# of this file, in order that that they be as useful as possible to +# callers. - # bash bug again: - : -} -# func_fatal_error arg... -# Echo program name prefixed message to standard error, and exit. -func_fatal_error () +# require_term_colors +# ------------------- +# Allow display of bold text on terminals that support it. +require_term_colors=func_require_term_colors +func_require_term_colors () { - func_error ${1+"$@"} - exit $EXIT_FAILURE -} + $debug_cmd + + test -t 1 && { + # COLORTERM and USE_ANSI_COLORS environment variables take + # precedence, because most terminfo databases neglect to describe + # whether color sequences are supported. + test -n "${COLORTERM+set}" && : ${USE_ANSI_COLORS="1"} + + if test 1 = "$USE_ANSI_COLORS"; then + # Standard ANSI escape sequences + tc_reset='' + tc_bold=''; tc_standout='' + tc_red=''; tc_green='' + tc_blue=''; tc_cyan='' + else + # Otherwise trust the terminfo database after all. + test -n "`tput sgr0 2>/dev/null`" && { + tc_reset=`tput sgr0` + test -n "`tput bold 2>/dev/null`" && tc_bold=`tput bold` + tc_standout=$tc_bold + test -n "`tput smso 2>/dev/null`" && tc_standout=`tput smso` + test -n "`tput setaf 1 2>/dev/null`" && tc_red=`tput setaf 1` + test -n "`tput setaf 2 2>/dev/null`" && tc_green=`tput setaf 2` + test -n "`tput setaf 4 2>/dev/null`" && tc_blue=`tput setaf 4` + test -n "`tput setaf 5 2>/dev/null`" && tc_cyan=`tput setaf 5` + } + fi + } -# func_fatal_help arg... -# Echo program name prefixed message to standard error, followed by -# a help hint, and exit. -func_fatal_help () -{ - func_error ${1+"$@"} - func_fatal_error "$help" + require_term_colors=: } -help="Try \`$progname --help' for more information." ## default -# func_grep expression filename +## ----------------- ## +## Function library. ## +## ----------------- ## + +# This section contains a variety of useful functions to call in your +# scripts. Take note of the portable wrappers for features provided by +# some modern shells, which will fall back to slower equivalents on +# less featureful shells. + + +# func_append VAR VALUE +# --------------------- +# Append VALUE onto the existing contents of VAR. + + # We should try to minimise forks, especially on Windows where they are + # unreasonably slow, so skip the feature probes when bash or zsh are + # being used: + if test set = "${BASH_VERSION+set}${ZSH_VERSION+set}"; then + : ${_G_HAVE_ARITH_OP="yes"} + : ${_G_HAVE_XSI_OPS="yes"} + # The += operator was introduced in bash 3.1 + case $BASH_VERSION in + [12].* | 3.0 | 3.0*) ;; + *) + : ${_G_HAVE_PLUSEQ_OP="yes"} + ;; + esac + fi + + # _G_HAVE_PLUSEQ_OP + # Can be empty, in which case the shell is probed, "yes" if += is + # useable or anything else if it does not work. + test -z "$_G_HAVE_PLUSEQ_OP" \ + && (eval 'x=a; x+=" b"; test "a b" = "$x"') 2>/dev/null \ + && _G_HAVE_PLUSEQ_OP=yes + +if test yes = "$_G_HAVE_PLUSEQ_OP" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_append () + { + $debug_cmd + + eval "$1+=\$2" + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_append () + { + $debug_cmd + + eval "$1=\$$1\$2" + } +fi + + +# func_append_quoted VAR VALUE +# ---------------------------- +# Quote VALUE and append to the end of shell variable VAR, separated +# by a space. +if test yes = "$_G_HAVE_PLUSEQ_OP"; then + eval 'func_append_quoted () + { + $debug_cmd + + func_quote_for_eval "$2" + eval "$1+=\\ \$func_quote_for_eval_result" + }' +else + func_append_quoted () + { + $debug_cmd + + func_quote_for_eval "$2" + eval "$1=\$$1\\ \$func_quote_for_eval_result" + } +fi + + +# func_append_uniq VAR VALUE +# -------------------------- +# Append unique VALUE onto the existing contents of VAR, assuming +# entries are delimited by the first character of VALUE. For example: +# +# func_append_uniq options " --another-option option-argument" +# +# will only append to $options if " --another-option option-argument " +# is not already present somewhere in $options already (note spaces at +# each end implied by leading space in second argument). +func_append_uniq () +{ + $debug_cmd + + eval _G_current_value='`$ECHO $'$1'`' + _G_delim=`expr "$2" : '\(.\)'` + + case $_G_delim$_G_current_value$_G_delim in + *"$2$_G_delim"*) ;; + *) func_append "$@" ;; + esac +} + + +# func_arith TERM... +# ------------------ +# Set func_arith_result to the result of evaluating TERMs. + test -z "$_G_HAVE_ARITH_OP" \ + && (eval 'test 2 = $(( 1 + 1 ))') 2>/dev/null \ + && _G_HAVE_ARITH_OP=yes + +if test yes = "$_G_HAVE_ARITH_OP"; then + eval 'func_arith () + { + $debug_cmd + + func_arith_result=$(( $* )) + }' +else + func_arith () + { + $debug_cmd + + func_arith_result=`expr "$@"` + } +fi + + +# func_basename FILE +# ------------------ +# Set func_basename_result to FILE with everything up to and including +# the last / stripped. +if test yes = "$_G_HAVE_XSI_OPS"; then + # If this shell supports suffix pattern removal, then use it to avoid + # forking. Hide the definitions single quotes in case the shell chokes + # on unsupported syntax... + _b='func_basename_result=${1##*/}' + _d='case $1 in + */*) func_dirname_result=${1%/*}$2 ;; + * ) func_dirname_result=$3 ;; + esac' + +else + # ...otherwise fall back to using sed. + _b='func_basename_result=`$ECHO "$1" |$SED "$sed_basename"`' + _d='func_dirname_result=`$ECHO "$1" |$SED "$sed_dirname"` + if test "X$func_dirname_result" = "X$1"; then + func_dirname_result=$3 + else + func_append func_dirname_result "$2" + fi' +fi + +eval 'func_basename () +{ + $debug_cmd + + '"$_b"' +}' + + +# func_dirname FILE APPEND NONDIR_REPLACEMENT +# ------------------------------------------- +# Compute the dirname of FILE. If nonempty, add APPEND to the result, +# otherwise set result to NONDIR_REPLACEMENT. +eval 'func_dirname () +{ + $debug_cmd + + '"$_d"' +}' + + +# func_dirname_and_basename FILE APPEND NONDIR_REPLACEMENT +# -------------------------------------------------------- +# Perform func_basename and func_dirname in a single function +# call: +# dirname: Compute the dirname of FILE. If nonempty, +# add APPEND to the result, otherwise set result +# to NONDIR_REPLACEMENT. +# value returned in "$func_dirname_result" +# basename: Compute filename of FILE. +# value retuned in "$func_basename_result" +# For efficiency, we do not delegate to the functions above but instead +# duplicate the functionality here. +eval 'func_dirname_and_basename () +{ + $debug_cmd + + '"$_b"' + '"$_d"' +}' + + +# func_echo ARG... +# ---------------- +# Echo program name prefixed message. +func_echo () +{ + $debug_cmd + + _G_message=$* + + func_echo_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_IFS + $ECHO "$progname: $_G_line" + done + IFS=$func_echo_IFS +} + + +# func_echo_all ARG... +# -------------------- +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "$*" +} + + +# func_echo_infix_1 INFIX ARG... +# ------------------------------ +# Echo program name, followed by INFIX on the first line, with any +# additional lines not showing INFIX. +func_echo_infix_1 () +{ + $debug_cmd + + $require_term_colors + + _G_infix=$1; shift + _G_indent=$_G_infix + _G_prefix="$progname: $_G_infix: " + _G_message=$* + + # Strip color escape sequences before counting printable length + for _G_tc in "$tc_reset" "$tc_bold" "$tc_standout" "$tc_red" "$tc_green" "$tc_blue" "$tc_cyan" + do + test -n "$_G_tc" && { + _G_esc_tc=`$ECHO "$_G_tc" | $SED "$sed_make_literal_regex"` + _G_indent=`$ECHO "$_G_indent" | $SED "s|$_G_esc_tc||g"` + } + done + _G_indent="$progname: "`echo "$_G_indent" | $SED 's|.| |g'`" " ## exclude from sc_prohibit_nested_quotes + + func_echo_infix_1_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_infix_1_IFS + $ECHO "$_G_prefix$tc_bold$_G_line$tc_reset" >&2 + _G_prefix=$_G_indent + done + IFS=$func_echo_infix_1_IFS +} + + +# func_error ARG... +# ----------------- +# Echo program name prefixed message to standard error. +func_error () +{ + $debug_cmd + + $require_term_colors + + func_echo_infix_1 " $tc_standout${tc_red}error$tc_reset" "$*" >&2 +} + + +# func_fatal_error ARG... +# ----------------------- +# Echo program name prefixed message to standard error, and exit. +func_fatal_error () +{ + $debug_cmd + + func_error "$*" + exit $EXIT_FAILURE +} + + +# func_grep EXPRESSION FILENAME +# ----------------------------- # Check whether EXPRESSION matches any line of FILENAME, without output. func_grep () { + $debug_cmd + $GREP "$1" "$2" >/dev/null 2>&1 } -# func_mkdir_p directory-path +# func_len STRING +# --------------- +# Set func_len_result to the length of STRING. STRING may not +# start with a hyphen. + test -z "$_G_HAVE_XSI_OPS" \ + && (eval 'x=a/b/c; + test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ + && _G_HAVE_XSI_OPS=yes + +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_len () + { + $debug_cmd + + func_len_result=${#1} + }' +else + func_len () + { + $debug_cmd + + func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len` + } +fi + + +# func_mkdir_p DIRECTORY-PATH +# --------------------------- # Make sure the entire path to DIRECTORY-PATH is available. func_mkdir_p () { - my_directory_path="$1" - my_dir_list= + $debug_cmd - if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then + _G_directory_path=$1 + _G_dir_list= - # Protect directory names starting with `-' - case $my_directory_path in - -*) my_directory_path="./$my_directory_path" ;; + if test -n "$_G_directory_path" && test : != "$opt_dry_run"; then + + # Protect directory names starting with '-' + case $_G_directory_path in + -*) _G_directory_path=./$_G_directory_path ;; esac # While some portion of DIR does not yet exist... - while test ! -d "$my_directory_path"; do + while test ! -d "$_G_directory_path"; do # ...make a list in topmost first order. Use a colon delimited # list incase some portion of path contains whitespace. - my_dir_list="$my_directory_path:$my_dir_list" + _G_dir_list=$_G_directory_path:$_G_dir_list # If the last portion added has no slash in it, the list is done - case $my_directory_path in */*) ;; *) break ;; esac + case $_G_directory_path in */*) ;; *) break ;; esac # ...otherwise throw away the child directory and loop - my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"` + _G_directory_path=`$ECHO "$_G_directory_path" | $SED -e "$sed_dirname"` done - my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'` + _G_dir_list=`$ECHO "$_G_dir_list" | $SED 's|:*$||'` - save_mkdir_p_IFS="$IFS"; IFS=':' - for my_dir in $my_dir_list; do - IFS="$save_mkdir_p_IFS" - # mkdir can fail with a `File exist' error if two processes + func_mkdir_p_IFS=$IFS; IFS=: + for _G_dir in $_G_dir_list; do + IFS=$func_mkdir_p_IFS + # mkdir can fail with a 'File exist' error if two processes # try to create one of the directories concurrently. Don't # stop in that case! - $MKDIR "$my_dir" 2>/dev/null || : + $MKDIR "$_G_dir" 2>/dev/null || : done - IFS="$save_mkdir_p_IFS" + IFS=$func_mkdir_p_IFS # Bail out if we (or some other process) failed to create a directory. - test -d "$my_directory_path" || \ - func_fatal_error "Failed to create \`$1'" + test -d "$_G_directory_path" || \ + func_fatal_error "Failed to create '$1'" fi } -# func_mktempdir [string] +# func_mktempdir [BASENAME] +# ------------------------- # Make a temporary directory that won't clash with other running # libtool processes, and avoids race conditions if possible. If -# given, STRING is the basename for that directory. +# given, BASENAME is the basename for that directory. func_mktempdir () { - my_template="${TMPDIR-/tmp}/${1-$progname}" + $debug_cmd + + _G_template=${TMPDIR-/tmp}/${1-$progname} - if test "$opt_dry_run" = ":"; then + if test : = "$opt_dry_run"; then # Return a directory name, but don't create it in dry-run mode - my_tmpdir="${my_template}-$$" + _G_tmpdir=$_G_template-$$ else # If mktemp works, use that first and foremost - my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` + _G_tmpdir=`mktemp -d "$_G_template-XXXXXXXX" 2>/dev/null` - if test ! -d "$my_tmpdir"; then + if test ! -d "$_G_tmpdir"; then # Failing that, at least try and use $RANDOM to avoid a race - my_tmpdir="${my_template}-${RANDOM-0}$$" + _G_tmpdir=$_G_template-${RANDOM-0}$$ + + func_mktempdir_umask=`umask` + umask 0077 + $MKDIR "$_G_tmpdir" + umask $func_mktempdir_umask + fi + + # If we're not in dry-run mode, bomb out on failure + test -d "$_G_tmpdir" || \ + func_fatal_error "cannot create temporary directory '$_G_tmpdir'" + fi + + $ECHO "$_G_tmpdir" +} + + +# func_normal_abspath PATH +# ------------------------ +# Remove doubled-up and trailing slashes, "." path components, +# and cancel out any ".." path components in PATH after making +# it an absolute path. +func_normal_abspath () +{ + $debug_cmd + + # These SED scripts presuppose an absolute path with a trailing slash. + _G_pathcar='s|^/\([^/]*\).*$|\1|' + _G_pathcdr='s|^/[^/]*||' + _G_removedotparts=':dotsl + s|/\./|/|g + t dotsl + s|/\.$|/|' + _G_collapseslashes='s|/\{1,\}|/|g' + _G_finalslash='s|/*$|/|' + + # Start from root dir and reassemble the path. + func_normal_abspath_result= + func_normal_abspath_tpath=$1 + func_normal_abspath_altnamespace= + case $func_normal_abspath_tpath in + "") + # Empty path, that just means $cwd. + func_stripname '' '/' "`pwd`" + func_normal_abspath_result=$func_stripname_result + return + ;; + # The next three entries are used to spot a run of precisely + # two leading slashes without using negated character classes; + # we take advantage of case's first-match behaviour. + ///*) + # Unusual form of absolute path, do nothing. + ;; + //*) + # Not necessarily an ordinary path; POSIX reserves leading '//' + # and for example Cygwin uses it to access remote file shares + # over CIFS/SMB, so we conserve a leading double slash if found. + func_normal_abspath_altnamespace=/ + ;; + /*) + # Absolute path, do nothing. + ;; + *) + # Relative path, prepend $cwd. + func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath + ;; + esac + + # Cancel out all the simple stuff to save iterations. We also want + # the path to end with a slash for ease of parsing, so make sure + # there is one (and only one) here. + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_removedotparts" -e "$_G_collapseslashes" -e "$_G_finalslash"` + while :; do + # Processed it all yet? + if test / = "$func_normal_abspath_tpath"; then + # If we ascended to the root using ".." the result may be empty now. + if test -z "$func_normal_abspath_result"; then + func_normal_abspath_result=/ + fi + break + fi + func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_pathcar"` + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_pathcdr"` + # Figure out what to do with it + case $func_normal_abspath_tcomponent in + "") + # Trailing empty path component, ignore it. + ;; + ..) + # Parent dir; strip last assembled component from result. + func_dirname "$func_normal_abspath_result" + func_normal_abspath_result=$func_dirname_result + ;; + *) + # Actual path component, append it. + func_append func_normal_abspath_result "/$func_normal_abspath_tcomponent" + ;; + esac + done + # Restore leading double-slash if one was found on entry. + func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result +} + + +# func_notquiet ARG... +# -------------------- +# Echo program name prefixed message only when not in quiet mode. +func_notquiet () +{ + $debug_cmd + + $opt_quiet || func_echo ${1+"$@"} + + # A bug in bash halts the script if the last line of a function + # fails when set -e is in force, so we need another command to + # work around that: + : +} + + +# func_relative_path SRCDIR DSTDIR +# -------------------------------- +# Set func_relative_path_result to the relative path from SRCDIR to DSTDIR. +func_relative_path () +{ + $debug_cmd + + func_relative_path_result= + func_normal_abspath "$1" + func_relative_path_tlibdir=$func_normal_abspath_result + func_normal_abspath "$2" + func_relative_path_tbindir=$func_normal_abspath_result + + # Ascend the tree starting from libdir + while :; do + # check if we have found a prefix of bindir + case $func_relative_path_tbindir in + $func_relative_path_tlibdir) + # found an exact match + func_relative_path_tcancelled= + break + ;; + $func_relative_path_tlibdir*) + # found a matching prefix + func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" + func_relative_path_tcancelled=$func_stripname_result + if test -z "$func_relative_path_result"; then + func_relative_path_result=. + fi + break + ;; + *) + func_dirname $func_relative_path_tlibdir + func_relative_path_tlibdir=$func_dirname_result + if test -z "$func_relative_path_tlibdir"; then + # Have to descend all the way to the root! + func_relative_path_result=../$func_relative_path_result + func_relative_path_tcancelled=$func_relative_path_tbindir + break + fi + func_relative_path_result=../$func_relative_path_result + ;; + esac + done + + # Now calculate path; take care to avoid doubling-up slashes. + func_stripname '' '/' "$func_relative_path_result" + func_relative_path_result=$func_stripname_result + func_stripname '/' '/' "$func_relative_path_tcancelled" + if test -n "$func_stripname_result"; then + func_append func_relative_path_result "/$func_stripname_result" + fi + + # Normalisation. If bindir is libdir, return '.' else relative path. + if test -n "$func_relative_path_result"; then + func_stripname './' '' "$func_relative_path_result" + func_relative_path_result=$func_stripname_result + fi + + test -n "$func_relative_path_result" || func_relative_path_result=. + + : +} + + +# func_quote_for_eval ARG... +# -------------------------- +# Aesthetically quote ARGs to be evaled later. +# This function returns two values: +# i) func_quote_for_eval_result +# double-quoted, suitable for a subsequent eval +# ii) func_quote_for_eval_unquoted_result +# has all characters that are still active within double +# quotes backslashified. +func_quote_for_eval () +{ + $debug_cmd + + func_quote_for_eval_unquoted_result= + func_quote_for_eval_result= + while test 0 -lt $#; do + case $1 in + *[\\\`\"\$]*) + _G_unquoted_arg=`printf '%s\n' "$1" |$SED "$sed_quote_subst"` ;; + *) + _G_unquoted_arg=$1 ;; + esac + if test -n "$func_quote_for_eval_unquoted_result"; then + func_append func_quote_for_eval_unquoted_result " $_G_unquoted_arg" + else + func_append func_quote_for_eval_unquoted_result "$_G_unquoted_arg" + fi + + case $_G_unquoted_arg in + # Double-quote args containing shell metacharacters to delay + # word splitting, command substitution and variable expansion + # for a subsequent eval. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + _G_quoted_arg=\"$_G_unquoted_arg\" + ;; + *) + _G_quoted_arg=$_G_unquoted_arg + ;; + esac + + if test -n "$func_quote_for_eval_result"; then + func_append func_quote_for_eval_result " $_G_quoted_arg" + else + func_append func_quote_for_eval_result "$_G_quoted_arg" + fi + shift + done +} + + +# func_quote_for_expand ARG +# ------------------------- +# Aesthetically quote ARG to be evaled later; same as above, +# but do not quote variable references. +func_quote_for_expand () +{ + $debug_cmd + + case $1 in + *[\\\`\"]*) + _G_arg=`$ECHO "$1" | $SED \ + -e "$sed_double_quote_subst" -e "$sed_double_backslash"` ;; + *) + _G_arg=$1 ;; + esac + + case $_G_arg in + # Double-quote args containing shell metacharacters to delay + # word splitting and command substitution for a subsequent eval. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + _G_arg=\"$_G_arg\" + ;; + esac + + func_quote_for_expand_result=$_G_arg +} + + +# func_stripname PREFIX SUFFIX NAME +# --------------------------------- +# strip PREFIX and SUFFIX from NAME, and store in func_stripname_result. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_stripname () + { + $debug_cmd + + # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are + # positional parameters, so assign one to ordinary variable first. + func_stripname_result=$3 + func_stripname_result=${func_stripname_result#"$1"} + func_stripname_result=${func_stripname_result%"$2"} + }' +else + func_stripname () + { + $debug_cmd + + case $2 in + .*) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%\\\\$2\$%%"`;; + *) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%$2\$%%"`;; + esac + } +fi + + +# func_show_eval CMD [FAIL_EXP] +# ----------------------------- +# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. +func_show_eval () +{ + $debug_cmd + + _G_cmd=$1 + _G_fail_exp=${2-':'} + + func_quote_for_expand "$_G_cmd" + eval "func_notquiet $func_quote_for_expand_result" + + $opt_dry_run || { + eval "$_G_cmd" + _G_status=$? + if test 0 -ne "$_G_status"; then + eval "(exit $_G_status); $_G_fail_exp" + fi + } +} + + +# func_show_eval_locale CMD [FAIL_EXP] +# ------------------------------------ +# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. Use the saved locale for evaluation. +func_show_eval_locale () +{ + $debug_cmd + + _G_cmd=$1 + _G_fail_exp=${2-':'} + + $opt_quiet || { + func_quote_for_expand "$_G_cmd" + eval "func_echo $func_quote_for_expand_result" + } + + $opt_dry_run || { + eval "$_G_user_locale + $_G_cmd" + _G_status=$? + eval "$_G_safe_locale" + if test 0 -ne "$_G_status"; then + eval "(exit $_G_status); $_G_fail_exp" + fi + } +} + + +# func_tr_sh +# ---------- +# Turn $1 into a string suitable for a shell variable name. +# Result is stored in $func_tr_sh_result. All characters +# not in the set a-zA-Z0-9_ are replaced with '_'. Further, +# if $1 begins with a digit, a '_' is prepended as well. +func_tr_sh () +{ + $debug_cmd + + case $1 in + [0-9]* | *[!a-zA-Z0-9_]*) + func_tr_sh_result=`$ECHO "$1" | $SED -e 's/^\([0-9]\)/_\1/' -e 's/[^a-zA-Z0-9_]/_/g'` + ;; + * ) + func_tr_sh_result=$1 + ;; + esac +} + + +# func_verbose ARG... +# ------------------- +# Echo program name prefixed message in verbose mode only. +func_verbose () +{ + $debug_cmd + + $opt_verbose && func_echo "$*" + + : +} + + +# func_warn_and_continue ARG... +# ----------------------------- +# Echo program name prefixed warning message to standard error. +func_warn_and_continue () +{ + $debug_cmd + + $require_term_colors + + func_echo_infix_1 "${tc_red}warning$tc_reset" "$*" >&2 +} + + +# func_warning CATEGORY ARG... +# ---------------------------- +# Echo program name prefixed warning message to standard error. Warning +# messages can be filtered according to CATEGORY, where this function +# elides messages where CATEGORY is not listed in the global variable +# 'opt_warning_types'. +func_warning () +{ + $debug_cmd + + # CATEGORY must be in the warning_categories list! + case " $warning_categories " in + *" $1 "*) ;; + *) func_internal_error "invalid warning category '$1'" ;; + esac + + _G_category=$1 + shift + + case " $opt_warning_types " in + *" $_G_category "*) $warning_func ${1+"$@"} ;; + esac +} + + +# func_sort_ver VER1 VER2 +# ----------------------- +# 'sort -V' is not generally available. +# Note this deviates from the version comparison in automake +# in that it treats 1.5 < 1.5.0, and treats 1.4.4a < 1.4-p3a +# but this should suffice as we won't be specifying old +# version formats or redundant trailing .0 in bootstrap.conf. +# If we did want full compatibility then we should probably +# use m4_version_compare from autoconf. +func_sort_ver () +{ + $debug_cmd + + printf '%s\n%s\n' "$1" "$2" \ + | sort -t. -k 1,1n -k 2,2n -k 3,3n -k 4,4n -k 5,5n -k 6,6n -k 7,7n -k 8,8n -k 9,9n +} + +# func_lt_ver PREV CURR +# --------------------- +# Return true if PREV and CURR are in the correct order according to +# func_sort_ver, otherwise false. Use it like this: +# +# func_lt_ver "$prev_ver" "$proposed_ver" || func_fatal_error "..." +func_lt_ver () +{ + $debug_cmd + + test "x$1" = x`func_sort_ver "$1" "$2" | $SED 1q` +} + + +# Local variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'before-save-hook 'time-stamp) +# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" +# time-stamp-time-zone: "UTC" +# End: +#! /bin/sh + +# Set a version string for this script. +scriptversion=2014-01-07.03; # UTC + +# A portable, pluggable option parser for Bourne shell. +# Written by Gary V. Vaughan, 2010 + +# Copyright (C) 2010-2014 Free Software Foundation, Inc. +# This is free software; see the source for copying conditions. There is NO +# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Please report bugs or propose patches to gary@gnu.org. + + +## ------ ## +## Usage. ## +## ------ ## + +# This file is a library for parsing options in your shell scripts along +# with assorted other useful supporting features that you can make use +# of too. +# +# For the simplest scripts you might need only: +# +# #!/bin/sh +# . relative/path/to/funclib.sh +# . relative/path/to/options-parser +# scriptversion=1.0 +# func_options ${1+"$@"} +# eval set dummy "$func_options_result"; shift +# ...rest of your script... +# +# In order for the '--version' option to work, you will need to have a +# suitably formatted comment like the one at the top of this file +# starting with '# Written by ' and ending with '# warranty; '. +# +# For '-h' and '--help' to work, you will also need a one line +# description of your script's purpose in a comment directly above the +# '# Written by ' line, like the one at the top of this file. +# +# The default options also support '--debug', which will turn on shell +# execution tracing (see the comment above debug_cmd below for another +# use), and '--verbose' and the func_verbose function to allow your script +# to display verbose messages only when your user has specified +# '--verbose'. +# +# After sourcing this file, you can plug processing for additional +# options by amending the variables from the 'Configuration' section +# below, and following the instructions in the 'Option parsing' +# section further down. + +## -------------- ## +## Configuration. ## +## -------------- ## + +# You should override these variables in your script after sourcing this +# file so that they reflect the customisations you have added to the +# option parser. + +# The usage line for option parsing errors and the start of '-h' and +# '--help' output messages. You can embed shell variables for delayed +# expansion at the time the message is displayed, but you will need to +# quote other shell meta-characters carefully to prevent them being +# expanded when the contents are evaled. +usage='$progpath [OPTION]...' + +# Short help message in response to '-h' and '--help'. Add to this or +# override it after sourcing this library to reflect the full set of +# options your script accepts. +usage_message="\ + --debug enable verbose shell tracing + -W, --warnings=CATEGORY + report the warnings falling in CATEGORY [all] + -v, --verbose verbosely report processing + --version print version information and exit + -h, --help print short or long help message and exit +" + +# Additional text appended to 'usage_message' in response to '--help'. +long_help_message=" +Warning categories include: + 'all' show all warnings + 'none' turn off all the warnings + 'error' warnings are treated as fatal errors" + +# Help message printed before fatal option parsing errors. +fatal_help="Try '\$progname --help' for more information." + + + +## ------------------------- ## +## Hook function management. ## +## ------------------------- ## + +# This section contains functions for adding, removing, and running hooks +# to the main code. A hook is just a named list of of function, that can +# be run in order later on. + +# func_hookable FUNC_NAME +# ----------------------- +# Declare that FUNC_NAME will run hooks added with +# 'func_add_hook FUNC_NAME ...'. +func_hookable () +{ + $debug_cmd + + func_append hookable_fns " $1" +} + + +# func_add_hook FUNC_NAME HOOK_FUNC +# --------------------------------- +# Request that FUNC_NAME call HOOK_FUNC before it returns. FUNC_NAME must +# first have been declared "hookable" by a call to 'func_hookable'. +func_add_hook () +{ + $debug_cmd + + case " $hookable_fns " in + *" $1 "*) ;; + *) func_fatal_error "'$1' does not accept hook functions." ;; + esac + + eval func_append ${1}_hooks '" $2"' +} + + +# func_remove_hook FUNC_NAME HOOK_FUNC +# ------------------------------------ +# Remove HOOK_FUNC from the list of functions called by FUNC_NAME. +func_remove_hook () +{ + $debug_cmd + + eval ${1}_hooks='`$ECHO "\$'$1'_hooks" |$SED "s| '$2'||"`' +} + + +# func_run_hooks FUNC_NAME [ARG]... +# --------------------------------- +# Run all hook functions registered to FUNC_NAME. +# It is assumed that the list of hook functions contains nothing more +# than a whitespace-delimited list of legal shell function names, and +# no effort is wasted trying to catch shell meta-characters or preserve +# whitespace. +func_run_hooks () +{ + $debug_cmd + + case " $hookable_fns " in + *" $1 "*) ;; + *) func_fatal_error "'$1' does not support hook funcions.n" ;; + esac + + eval _G_hook_fns=\$$1_hooks; shift + + for _G_hook in $_G_hook_fns; do + eval $_G_hook '"$@"' + + # store returned options list back into positional + # parameters for next 'cmd' execution. + eval _G_hook_result=\$${_G_hook}_result + eval set dummy "$_G_hook_result"; shift + done + + func_quote_for_eval ${1+"$@"} + func_run_hooks_result=$func_quote_for_eval_result +} + + + +## --------------- ## +## Option parsing. ## +## --------------- ## + +# In order to add your own option parsing hooks, you must accept the +# full positional parameter list in your hook function, remove any +# options that you action, and then pass back the remaining unprocessed +# options in '_result', escaped suitably for +# 'eval'. Like this: +# +# my_options_prep () +# { +# $debug_cmd +# +# # Extend the existing usage message. +# usage_message=$usage_message' +# -s, --silent don'\''t print informational messages +# ' +# +# func_quote_for_eval ${1+"$@"} +# my_options_prep_result=$func_quote_for_eval_result +# } +# func_add_hook func_options_prep my_options_prep +# +# +# my_silent_option () +# { +# $debug_cmd +# +# # Note that for efficiency, we parse as many options as we can +# # recognise in a loop before passing the remainder back to the +# # caller on the first unrecognised argument we encounter. +# while test $# -gt 0; do +# opt=$1; shift +# case $opt in +# --silent|-s) opt_silent=: ;; +# # Separate non-argument short options: +# -s*) func_split_short_opt "$_G_opt" +# set dummy "$func_split_short_opt_name" \ +# "-$func_split_short_opt_arg" ${1+"$@"} +# shift +# ;; +# *) set dummy "$_G_opt" "$*"; shift; break ;; +# esac +# done +# +# func_quote_for_eval ${1+"$@"} +# my_silent_option_result=$func_quote_for_eval_result +# } +# func_add_hook func_parse_options my_silent_option +# +# +# my_option_validation () +# { +# $debug_cmd +# +# $opt_silent && $opt_verbose && func_fatal_help "\ +# '--silent' and '--verbose' options are mutually exclusive." +# +# func_quote_for_eval ${1+"$@"} +# my_option_validation_result=$func_quote_for_eval_result +# } +# func_add_hook func_validate_options my_option_validation +# +# You'll alse need to manually amend $usage_message to reflect the extra +# options you parse. It's preferable to append if you can, so that +# multiple option parsing hooks can be added safely. + + +# func_options [ARG]... +# --------------------- +# All the functions called inside func_options are hookable. See the +# individual implementations for details. +func_hookable func_options +func_options () +{ + $debug_cmd - save_mktempdir_umask=`umask` - umask 0077 - $MKDIR "$my_tmpdir" - umask $save_mktempdir_umask - fi + func_options_prep ${1+"$@"} + eval func_parse_options \ + ${func_options_prep_result+"$func_options_prep_result"} + eval func_validate_options \ + ${func_parse_options_result+"$func_parse_options_result"} - # If we're not in dry-run mode, bomb out on failure - test -d "$my_tmpdir" || \ - func_fatal_error "cannot create temporary directory \`$my_tmpdir'" - fi + eval func_run_hooks func_options \ + ${func_validate_options_result+"$func_validate_options_result"} - $ECHO "$my_tmpdir" + # save modified positional parameters for caller + func_options_result=$func_run_hooks_result } -# func_quote_for_eval arg -# Aesthetically quote ARG to be evaled later. -# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT -# is double-quoted, suitable for a subsequent eval, whereas -# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters -# which are still active within double quotes backslashified. -func_quote_for_eval () +# func_options_prep [ARG]... +# -------------------------- +# All initialisations required before starting the option parse loop. +# Note that when calling hook functions, we pass through the list of +# positional parameters. If a hook function modifies that list, and +# needs to propogate that back to rest of this script, then the complete +# modified list must be put in 'func_run_hooks_result' before +# returning. +func_hookable func_options_prep +func_options_prep () { - case $1 in - *[\\\`\"\$]*) - func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;; - *) - func_quote_for_eval_unquoted_result="$1" ;; - esac + $debug_cmd - case $func_quote_for_eval_unquoted_result in - # Double-quote args containing shell metacharacters to delay - # word splitting, command substitution and and variable - # expansion for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\"" - ;; - *) - func_quote_for_eval_result="$func_quote_for_eval_unquoted_result" - esac + # Option defaults: + opt_verbose=false + opt_warning_types= + + func_run_hooks func_options_prep ${1+"$@"} + + # save modified positional parameters for caller + func_options_prep_result=$func_run_hooks_result } -# func_quote_for_expand arg -# Aesthetically quote ARG to be evaled later; same as above, -# but do not quote variable references. -func_quote_for_expand () +# func_parse_options [ARG]... +# --------------------------- +# The main option parsing loop. +func_hookable func_parse_options +func_parse_options () { - case $1 in - *[\\\`\"]*) - my_arg=`$ECHO "$1" | $SED \ - -e "$double_quote_subst" -e "$sed_double_backslash"` ;; - *) - my_arg="$1" ;; - esac + $debug_cmd - case $my_arg in - # Double-quote args containing shell metacharacters to delay - # word splitting and command substitution for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - my_arg="\"$my_arg\"" - ;; - esac + func_parse_options_result= - func_quote_for_expand_result="$my_arg" -} + # this just eases exit handling + while test $# -gt 0; do + # Defer to hook functions for initial option parsing, so they + # get priority in the event of reusing an option name. + func_run_hooks func_parse_options ${1+"$@"} + # Adjust func_parse_options positional parameters to match + eval set dummy "$func_run_hooks_result"; shift -# func_show_eval cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. -func_show_eval () -{ - my_cmd="$1" - my_fail_exp="${2-:}" + # Break out of the loop if we already parsed every option. + test $# -gt 0 || break - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } + _G_opt=$1 + shift + case $_G_opt in + --debug|-x) debug_cmd='set -x' + func_echo "enabling shell trace mode" + $debug_cmd + ;; + + --no-warnings|--no-warning|--no-warn) + set dummy --warnings none ${1+"$@"} + shift + ;; - if ${opt_dry_run-false}; then :; else - eval "$my_cmd" - my_status=$? - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi + --warnings|--warning|-W) + test $# = 0 && func_missing_arg $_G_opt && break + case " $warning_categories $1" in + *" $1 "*) + # trailing space prevents matching last $1 above + func_append_uniq opt_warning_types " $1" + ;; + *all) + opt_warning_types=$warning_categories + ;; + *none) + opt_warning_types=none + warning_func=: + ;; + *error) + opt_warning_types=$warning_categories + warning_func=func_fatal_error + ;; + *) + func_fatal_error \ + "unsupported warning category: '$1'" + ;; + esac + shift + ;; + + --verbose|-v) opt_verbose=: ;; + --version) func_version ;; + -\?|-h) func_usage ;; + --help) func_help ;; + + # Separate optargs to long options (plugins may need this): + --*=*) func_split_equals "$_G_opt" + set dummy "$func_split_equals_lhs" \ + "$func_split_equals_rhs" ${1+"$@"} + shift + ;; + + # Separate optargs to short options: + -W*) + func_split_short_opt "$_G_opt" + set dummy "$func_split_short_opt_name" \ + "$func_split_short_opt_arg" ${1+"$@"} + shift + ;; + + # Separate non-argument short options: + -\?*|-h*|-v*|-x*) + func_split_short_opt "$_G_opt" + set dummy "$func_split_short_opt_name" \ + "-$func_split_short_opt_arg" ${1+"$@"} + shift + ;; + + --) break ;; + -*) func_fatal_help "unrecognised option: '$_G_opt'" ;; + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; + esac + done + + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + func_parse_options_result=$func_quote_for_eval_result } -# func_show_eval_locale cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. Use the saved locale for evaluation. -func_show_eval_locale () +# func_validate_options [ARG]... +# ------------------------------ +# Perform any sanity checks on option settings and/or unconsumed +# arguments. +func_hookable func_validate_options +func_validate_options () { - my_cmd="$1" - my_fail_exp="${2-:}" + $debug_cmd - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } + # Display all warnings if -W was not given. + test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" - if ${opt_dry_run-false}; then :; else - eval "$lt_user_locale - $my_cmd" - my_status=$? - eval "$lt_safe_locale" - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi -} + func_run_hooks func_validate_options ${1+"$@"} -# func_tr_sh -# Turn $1 into a string suitable for a shell variable name. -# Result is stored in $func_tr_sh_result. All characters -# not in the set a-zA-Z0-9_ are replaced with '_'. Further, -# if $1 begins with a digit, a '_' is prepended as well. -func_tr_sh () -{ - case $1 in - [0-9]* | *[!a-zA-Z0-9_]*) - func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'` - ;; - * ) - func_tr_sh_result=$1 - ;; - esac + # Bail if the options were screwed! + $exit_cmd $EXIT_FAILURE + + # save modified positional parameters for caller + func_validate_options_result=$func_run_hooks_result } -# func_version -# Echo version message to standard output and exit. -func_version () -{ - $opt_debug - $SED -n '/(C)/!b go - :more - /\./!{ - N - s/\n# / / - b more - } - :go - /^# '$PROGRAM' (GNU /,/# warranty; / { - s/^# // - s/^# *$// - s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/ - p - }' < "$progpath" - exit $? -} +## ----------------- ## +## Helper functions. ## +## ----------------- ## -# func_usage -# Echo short help message to standard output and exit. -func_usage () +# This section contains the helper functions used by the rest of the +# hookable option parser framework in ascii-betical order. + + +# func_fatal_help ARG... +# ---------------------- +# Echo program name prefixed message to standard error, followed by +# a help hint, and exit. +func_fatal_help () { - $opt_debug + $debug_cmd - $SED -n '/^# Usage:/,/^# *.*--help/ { - s/^# // - s/^# *$// - s/\$progname/'$progname'/ - p - }' < "$progpath" - echo - $ECHO "run \`$progname --help | more' for full usage" - exit $? + eval \$ECHO \""Usage: $usage"\" + eval \$ECHO \""$fatal_help"\" + func_error ${1+"$@"} + exit $EXIT_FAILURE } -# func_help [NOEXIT] -# Echo long help message to standard output and exit, -# unless 'noexit' is passed as argument. + +# func_help +# --------- +# Echo long help message to standard output and exit. func_help () { - $opt_debug - - $SED -n '/^# Usage:/,/# Report bugs to/ { - :print - s/^# // - s/^# *$// - s*\$progname*'$progname'* - s*\$host*'"$host"'* - s*\$SHELL*'"$SHELL"'* - s*\$LTCC*'"$LTCC"'* - s*\$LTCFLAGS*'"$LTCFLAGS"'* - s*\$LD*'"$LD"'* - s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ - p - d - } - /^# .* home page:/b print - /^# General help using/b print - ' < "$progpath" - ret=$? - if test -z "$1"; then - exit $ret - fi + $debug_cmd + + func_usage_message + $ECHO "$long_help_message" + exit 0 } -# func_missing_arg argname + +# func_missing_arg ARGNAME +# ------------------------ # Echo program name prefixed message to standard error and set global # exit_cmd. func_missing_arg () { - $opt_debug + $debug_cmd - func_error "missing argument for $1." + func_error "Missing argument for '$1'." exit_cmd=exit } -# func_split_short_opt shortopt +# func_split_equals STRING +# ------------------------ +# Set func_split_equals_lhs and func_split_equals_rhs shell variables after +# splitting STRING at the '=' sign. +test -z "$_G_HAVE_XSI_OPS" \ + && (eval 'x=a/b/c; + test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ + && _G_HAVE_XSI_OPS=yes + +if test yes = "$_G_HAVE_XSI_OPS" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_split_equals () + { + $debug_cmd + + func_split_equals_lhs=${1%%=*} + func_split_equals_rhs=${1#*=} + test "x$func_split_equals_lhs" = "x$1" \ + && func_split_equals_rhs= + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_split_equals () + { + $debug_cmd + + func_split_equals_lhs=`expr "x$1" : 'x\([^=]*\)'` + func_split_equals_rhs= + test "x$func_split_equals_lhs" = "x$1" \ + || func_split_equals_rhs=`expr "x$1" : 'x[^=]*=\(.*\)$'` + } +fi #func_split_equals + + +# func_split_short_opt SHORTOPT +# ----------------------------- # Set func_split_short_opt_name and func_split_short_opt_arg shell # variables after splitting SHORTOPT after the 2nd character. -func_split_short_opt () +if test yes = "$_G_HAVE_XSI_OPS" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_split_short_opt () + { + $debug_cmd + + func_split_short_opt_arg=${1#??} + func_split_short_opt_name=${1%"$func_split_short_opt_arg"} + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_split_short_opt () + { + $debug_cmd + + func_split_short_opt_name=`expr "x$1" : 'x-\(.\)'` + func_split_short_opt_arg=`expr "x$1" : 'x-.\(.*\)$'` + } +fi #func_split_short_opt + + +# func_usage +# ---------- +# Echo short help message to standard output and exit. +func_usage () { - my_sed_short_opt='1s/^\(..\).*$/\1/;q' - my_sed_short_rest='1s/^..\(.*\)$/\1/;q' + $debug_cmd - func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"` - func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"` -} # func_split_short_opt may be replaced by extended shell implementation + func_usage_message + $ECHO "Run '$progname --help |${PAGER-more}' for full usage" + exit 0 +} -# func_split_long_opt longopt -# Set func_split_long_opt_name and func_split_long_opt_arg shell -# variables after splitting LONGOPT at the `=' sign. -func_split_long_opt () +# func_usage_message +# ------------------ +# Echo short help message to standard output. +func_usage_message () { - my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q' - my_sed_long_arg='1s/^--[^=]*=//' + $debug_cmd - func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"` - func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"` -} # func_split_long_opt may be replaced by extended shell implementation + eval \$ECHO \""Usage: $usage"\" + echo + $SED -n 's|^# || + /^Written by/{ + x;p;x + } + h + /^Written by/q' < "$progpath" + echo + eval \$ECHO \""$usage_message"\" +} -exit_cmd=: +# func_version +# ------------ +# Echo version message to standard output and exit. +func_version () +{ + $debug_cmd + printf '%s\n' "$progname $scriptversion" + $SED -n ' + /(C)/!b go + :more + /\./!{ + N + s|\n# | | + b more + } + :go + /^# Written by /,/# warranty; / { + s|^# || + s|^# *$|| + s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2| + p + } + /^# Written by / { + s|^# || + p + } + /^warranty; /q' < "$progpath" + exit $? +} -magic="%%%MAGIC variable%%%" -magic_exe="%%%MAGIC EXE variable%%%" +# Local variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'before-save-hook 'time-stamp) +# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" +# time-stamp-time-zone: "UTC" +# End: -# Global variables. -nonopt= -preserve_args= -lo2o="s/\\.lo\$/.${objext}/" -o2lo="s/\\.${objext}\$/.lo/" -extracted_archives= -extracted_serial=0 +# Set a version string. +scriptversion='(GNU libtool) 2.4.4' -# If this variable is set in any of the actions, the command in it -# will be execed at the end. This prevents here-documents from being -# left over by shells. -exec_cmd= -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () +# func_echo ARG... +# ---------------- +# Libtool also displays the current mode in messages, so override +# funclib.sh func_echo with this custom definition. +func_echo () { - eval "${1}=\$${1}\${2}" -} # func_append may be replaced by extended shell implementation + $debug_cmd -# func_append_quoted var value -# Quote VALUE and append to the end of shell variable VAR, separated -# by a space. -func_append_quoted () -{ - func_quote_for_eval "${2}" - eval "${1}=\$${1}\\ \$func_quote_for_eval_result" -} # func_append_quoted may be replaced by extended shell implementation + _G_message=$* + func_echo_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_IFS + $ECHO "$progname${opt_mode+: $opt_mode}: $_G_line" + done + IFS=$func_echo_IFS +} -# func_arith arithmetic-term... -func_arith () + +# func_warning ARG... +# ------------------- +# Libtool warnings are not categorized, so override funclib.sh +# func_warning with this simpler definition. +func_warning () { - func_arith_result=`expr "${@}"` -} # func_arith may be replaced by extended shell implementation + $debug_cmd + $warning_func ${1+"$@"} +} -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len` -} # func_len may be replaced by extended shell implementation +## ---------------- ## +## Options parsing. ## +## ---------------- ## + +# Hook in the functions to make sure our own options are parsed during +# the option parsing loop. + +usage='$progpath [OPTION]... [MODE-ARG]...' + +# Short help message in response to '-h'. +usage_message="Options: + --config show all configuration variables + --debug enable verbose shell tracing + -n, --dry-run display commands without modifying any files + --features display basic configuration information and exit + --mode=MODE use operation mode MODE + --no-warnings equivalent to '-Wnone' + --preserve-dup-deps don't remove duplicate dependency libraries + --quiet, --silent don't print informational messages + --tag=TAG use configuration variables from tag TAG + -v, --verbose print more informational messages than default + --version print version information + -W, --warnings=CATEGORY report the warnings falling in CATEGORY [all] + -h, --help, --help-all print short, long, or detailed help message +" -# func_lo2o object -func_lo2o () -{ - func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` -} # func_lo2o may be replaced by extended shell implementation +# Additional text appended to 'usage_message' in response to '--help'. +long_help_message=$long_help_message" +MODE must be one of the following: -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` -} # func_xform may be replaced by extended shell implementation + clean remove files from the build directory + compile compile a source file into a libtool object + execute automatically set library path, then run a program + finish complete the installation of libtool libraries + install install libraries or executables + link create a library or an executable + uninstall remove libraries from an installed directory + +MODE-ARGS vary depending on the MODE. When passed as first option, +'--mode=MODE' may be abbreviated as 'MODE' or a unique abbreviation of that. +Try '$progname --help --mode=MODE' for a more detailed description of MODE. + +When reporting a bug, please describe a test case to reproduce it and +include the following information: + + host-triplet: $host + shell: $SHELL + compiler: $LTCC + compiler flags: $LTCFLAGS + linker: $LD (gnu? $with_gnu_ld) + version: $progname (GNU libtool) 2.4.4 + automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` + autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` + +Report bugs to . +GNU libtool home page: . +General help using GNU software: ." + + +# func_lo2o OBJECT-NAME +# --------------------- +# Transform OBJECT-NAME from a '.lo' suffix to the platform specific +# object suffix. + +lo2o=s/\\.lo\$/.$objext/ +o2lo=s/\\.$objext\$/.lo/ + +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_lo2o () + { + case $1 in + *.lo) func_lo2o_result=${1%.lo}.$objext ;; + * ) func_lo2o_result=$1 ;; + esac + }' + + # func_xform LIBOBJ-OR-SOURCE + # --------------------------- + # Transform LIBOBJ-OR-SOURCE from a '.o' or '.c' (or otherwise) + # suffix to a '.lo' libtool-object suffix. + eval 'func_xform () + { + func_xform_result=${1%.*}.lo + }' +else + # ...otherwise fall back to using sed. + func_lo2o () + { + func_lo2o_result=`$ECHO "$1" | $SED "$lo2o"` + } + + func_xform () + { + func_xform_result=`$ECHO "$1" | $SED 's|\.[^.]*$|.lo|'` + } +fi -# func_fatal_configuration arg... +# func_fatal_configuration ARG... +# ------------------------------- # Echo program name prefixed message to standard error, followed by # a configuration failure hint, and exit. func_fatal_configuration () { - func_error ${1+"$@"} - func_error "See the $PACKAGE documentation for more information." - func_fatal_error "Fatal configuration error." + func__fatal_error ${1+"$@"} \ + "See the $PACKAGE documentation for more information." \ + "Fatal configuration error." } # func_config +# ----------- # Display the configuration for all the tags in this script. func_config () { @@ -915,17 +2142,19 @@ func_config () exit $? } + # func_features +# ------------- # Display the features supported by this script. func_features () { echo "host: $host" - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then echo "enable shared libraries" else echo "disable shared libraries" fi - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then echo "enable static libraries" else echo "disable static libraries" @@ -934,314 +2163,350 @@ func_features () exit $? } -# func_enable_tag tagname + +# func_enable_tag TAGNAME +# ----------------------- # Verify that TAGNAME is valid, and either flag an error and exit, or # enable the TAGNAME tag. We also add TAGNAME to the global $taglist # variable here. func_enable_tag () { - # Global variable: - tagname="$1" + # Global variable: + tagname=$1 - re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" - re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" - sed_extractcf="/$re_begincf/,/$re_endcf/p" + re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" + re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" + sed_extractcf=/$re_begincf/,/$re_endcf/p - # Validate tagname. - case $tagname in - *[!-_A-Za-z0-9,/]*) - func_fatal_error "invalid tag name: $tagname" - ;; - esac + # Validate tagname. + case $tagname in + *[!-_A-Za-z0-9,/]*) + func_fatal_error "invalid tag name: $tagname" + ;; + esac - # Don't test for the "default" C tag, as we know it's - # there but not specially marked. - case $tagname in - CC) ;; + # Don't test for the "default" C tag, as we know it's + # there but not specially marked. + case $tagname in + CC) ;; *) - if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then - taglist="$taglist $tagname" - - # Evaluate the configuration. Be careful to quote the path - # and the sed script, to avoid splitting on whitespace, but - # also don't use non-portable quotes within backquotes within - # quotes we have to do it in 2 steps: - extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` - eval "$extractedcf" - else - func_error "ignoring unknown tag $tagname" - fi - ;; - esac + if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then + taglist="$taglist $tagname" + + # Evaluate the configuration. Be careful to quote the path + # and the sed script, to avoid splitting on whitespace, but + # also don't use non-portable quotes within backquotes within + # quotes we have to do it in 2 steps: + extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` + eval "$extractedcf" + else + func_error "ignoring unknown tag $tagname" + fi + ;; + esac } + # func_check_version_match +# ------------------------ # Ensure that we are using m4 macros, and libtool script from the same # release of libtool. func_check_version_match () { - if test "$package_revision" != "$macro_revision"; then - if test "$VERSION" != "$macro_version"; then - if test -z "$macro_version"; then - cat >&2 <<_LT_EOF + if test "$package_revision" != "$macro_revision"; then + if test "$VERSION" != "$macro_version"; then + if test -z "$macro_version"; then + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from an older release. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF - else - cat >&2 <<_LT_EOF + else + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from $PACKAGE $macro_version. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF - fi - else - cat >&2 <<_LT_EOF + fi + else + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, $progname: but the definition of this LT_INIT comes from revision $macro_revision. $progname: You should recreate aclocal.m4 with macros from revision $package_revision $progname: of $PACKAGE $VERSION and run autoconf again. _LT_EOF - fi + fi - exit $EXIT_MISMATCH - fi + exit $EXIT_MISMATCH + fi } -# Shorthand for --mode=foo, only valid as the first argument -case $1 in -clean|clea|cle|cl) - shift; set dummy --mode clean ${1+"$@"}; shift - ;; -compile|compil|compi|comp|com|co|c) - shift; set dummy --mode compile ${1+"$@"}; shift - ;; -execute|execut|execu|exec|exe|ex|e) - shift; set dummy --mode execute ${1+"$@"}; shift - ;; -finish|finis|fini|fin|fi|f) - shift; set dummy --mode finish ${1+"$@"}; shift - ;; -install|instal|insta|inst|ins|in|i) - shift; set dummy --mode install ${1+"$@"}; shift - ;; -link|lin|li|l) - shift; set dummy --mode link ${1+"$@"}; shift - ;; -uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) - shift; set dummy --mode uninstall ${1+"$@"}; shift - ;; -esac +# libtool_options_prep [ARG]... +# ----------------------------- +# Preparation for options parsed by libtool. +libtool_options_prep () +{ + $debug_mode + # Option defaults: + opt_config=false + opt_dlopen= + opt_dry_run=false + opt_help=false + opt_mode= + opt_preserve_dup_deps=false + opt_quiet=false + nonopt= + preserve_args= -# Option defaults: -opt_debug=: -opt_dry_run=false -opt_config=false -opt_preserve_dup_deps=false -opt_features=false -opt_finish=false -opt_help=false -opt_help_all=false -opt_silent=: -opt_warning=: -opt_verbose=: -opt_silent=false -opt_verbose=false + # Shorthand for --mode=foo, only valid as the first argument + case $1 in + clean|clea|cle|cl) + shift; set dummy --mode clean ${1+"$@"}; shift + ;; + compile|compil|compi|comp|com|co|c) + shift; set dummy --mode compile ${1+"$@"}; shift + ;; + execute|execut|execu|exec|exe|ex|e) + shift; set dummy --mode execute ${1+"$@"}; shift + ;; + finish|finis|fini|fin|fi|f) + shift; set dummy --mode finish ${1+"$@"}; shift + ;; + install|instal|insta|inst|ins|in|i) + shift; set dummy --mode install ${1+"$@"}; shift + ;; + link|lin|li|l) + shift; set dummy --mode link ${1+"$@"}; shift + ;; + uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) + shift; set dummy --mode uninstall ${1+"$@"}; shift + ;; + esac + + # Pass back the list of options. + func_quote_for_eval ${1+"$@"} + libtool_options_prep_result=$func_quote_for_eval_result +} +func_add_hook func_options_prep libtool_options_prep -# Parse options once, thoroughly. This comes as soon as possible in the -# script to make things like `--version' happen as quickly as we can. +# libtool_parse_options [ARG]... +# --------------------------------- +# Provide handling for libtool specific options. +libtool_parse_options () { - # this just eases exit handling - while test $# -gt 0; do - opt="$1" - shift - case $opt in - --debug|-x) opt_debug='set -x' - func_echo "enabling shell trace mode" - $opt_debug - ;; - --dry-run|--dryrun|-n) - opt_dry_run=: - ;; - --config) - opt_config=: -func_config - ;; - --dlopen|-dlopen) - optarg="$1" - opt_dlopen="${opt_dlopen+$opt_dlopen -}$optarg" - shift - ;; - --preserve-dup-deps) - opt_preserve_dup_deps=: - ;; - --features) - opt_features=: -func_features - ;; - --finish) - opt_finish=: -set dummy --mode finish ${1+"$@"}; shift - ;; - --help) - opt_help=: - ;; - --help-all) - opt_help_all=: -opt_help=': help-all' - ;; - --mode) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_mode="$optarg" -case $optarg in - # Valid mode arguments: - clean|compile|execute|finish|install|link|relink|uninstall) ;; - - # Catch anything else as an error - *) func_error "invalid argument for $opt" - exit_cmd=exit - break - ;; -esac - shift - ;; - --no-silent|--no-quiet) - opt_silent=false -func_append preserve_args " $opt" - ;; - --no-warning|--no-warn) - opt_warning=false -func_append preserve_args " $opt" - ;; - --no-verbose) - opt_verbose=false -func_append preserve_args " $opt" - ;; - --silent|--quiet) - opt_silent=: -func_append preserve_args " $opt" - opt_verbose=false - ;; - --verbose|-v) - opt_verbose=: -func_append preserve_args " $opt" -opt_silent=false - ;; - --tag) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_tag="$optarg" -func_append preserve_args " $opt $optarg" -func_enable_tag "$optarg" - shift - ;; - - -\?|-h) func_usage ;; - --help) func_help ;; - --version) func_version ;; - - # Separate optargs to long options: - --*=*) - func_split_long_opt "$opt" - set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"} - shift - ;; - - # Separate non-argument short options: - -\?*|-h*|-n*|-v*) - func_split_short_opt "$opt" - set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"} - shift - ;; - - --) break ;; - -*) func_fatal_help "unrecognized option \`$opt'" ;; - *) set dummy "$opt" ${1+"$@"}; shift; break ;; - esac - done + $debug_cmd - # Validate options: + # Perform our own loop to consume as many options as possible in + # each iteration. + while test $# -gt 0; do + _G_opt=$1 + shift + case $_G_opt in + --dry-run|--dryrun|-n) + opt_dry_run=: + ;; + + --config) func_config ;; + + --dlopen|-dlopen) + opt_dlopen="${opt_dlopen+$opt_dlopen +}$1" + shift + ;; + + --preserve-dup-deps) + opt_preserve_dup_deps=: ;; + + --features) func_features ;; + + --finish) set dummy --mode finish ${1+"$@"}; shift ;; + + --help) opt_help=: ;; + + --help-all) opt_help=': help-all' ;; + + --mode) test $# = 0 && func_missing_arg $_G_opt && break + opt_mode=$1 + case $1 in + # Valid mode arguments: + clean|compile|execute|finish|install|link|relink|uninstall) ;; + + # Catch anything else as an error + *) func_error "invalid argument for $_G_opt" + exit_cmd=exit + break + ;; + esac + shift + ;; + + --no-silent|--no-quiet) + opt_quiet=false + func_append preserve_args " $_G_opt" + ;; + + --no-warnings|--no-warning|--no-warn) + opt_warning=false + func_append preserve_args " $_G_opt" + ;; + + --no-verbose) + opt_verbose=false + func_append preserve_args " $_G_opt" + ;; + + --silent|--quiet) + opt_quiet=: + opt_verbose=false + func_append preserve_args " $_G_opt" + ;; + + --tag) test $# = 0 && func_missing_arg $_G_opt && break + opt_tag=$1 + func_append preserve_args " $_G_opt $1" + func_enable_tag "$1" + shift + ;; + + --verbose|-v) opt_quiet=false + opt_verbose=: + func_append preserve_args " $_G_opt" + ;; + + # An option not handled by this hook function: + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; + esac + done - # save first non-option argument - if test "$#" -gt 0; then - nonopt="$opt" - shift - fi - # preserve --debug - test "$opt_debug" = : || func_append preserve_args " --debug" + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + libtool_parse_options_result=$func_quote_for_eval_result +} +func_add_hook func_parse_options libtool_parse_options - case $host in - *cygwin* | *mingw* | *pw32* | *cegcc*) - # don't eliminate duplications in $postdeps and $predeps - opt_duplicate_compiler_generated_deps=: - ;; - *) - opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps - ;; - esac - $opt_help || { - # Sanity checks first: - func_check_version_match - if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then - func_fatal_configuration "not configured to build any kind of library" +# libtool_validate_options [ARG]... +# --------------------------------- +# Perform any sanity checks on option settings and/or unconsumed +# arguments. +libtool_validate_options () +{ + # save first non-option argument + if test 0 -lt $#; then + nonopt=$1 + shift fi - # Darwin sucks - eval std_shrext=\"$shrext_cmds\" + # preserve --debug + test : = "$debug_cmd" || func_append preserve_args " --debug" - # Only execute mode is allowed to have -dlopen flags. - if test -n "$opt_dlopen" && test "$opt_mode" != execute; then - func_error "unrecognized option \`-dlopen'" - $ECHO "$help" 1>&2 - exit $EXIT_FAILURE - fi + case $host in + # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452 + # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788 + *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*) + # don't eliminate duplications in $postdeps and $predeps + opt_duplicate_compiler_generated_deps=: + ;; + *) + opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps + ;; + esac - # Change the help message to a mode-specific one. - generic_help="$help" - help="Try \`$progname --help --mode=$opt_mode' for more information." - } + $opt_help || { + # Sanity checks first: + func_check_version_match + + test yes != "$build_libtool_libs" \ + && test yes != "$build_old_libs" \ + && func_fatal_configuration "not configured to build any kind of library" + + # Darwin sucks + eval std_shrext=\"$shrext_cmds\" + # Only execute mode is allowed to have -dlopen flags. + if test -n "$opt_dlopen" && test execute != "$opt_mode"; then + func_error "unrecognized option '-dlopen'" + $ECHO "$help" 1>&2 + exit $EXIT_FAILURE + fi + + # Change the help message to a mode-specific one. + generic_help=$help + help="Try '$progname --help --mode=$opt_mode' for more information." + } - # Bail if the options were screwed - $exit_cmd $EXIT_FAILURE + # Pass back the unparsed argument list + func_quote_for_eval ${1+"$@"} + libtool_validate_options_result=$func_quote_for_eval_result } +func_add_hook func_validate_options libtool_validate_options + +# Process options as early as possible so that --help and --version +# can return quickly. +func_options ${1+"$@"} +eval set dummy "$func_options_result"; shift + + + +## ----------- ## +## Main. ## +## ----------- ## + +magic='%%%MAGIC variable%%%' +magic_exe='%%%MAGIC EXE variable%%%' + +# Global variables. +extracted_archives= +extracted_serial=0 + +# If this variable is set in any of the actions, the command in it +# will be execed at the end. This prevents here-documents from being +# left over by shells. +exec_cmd= +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' +} -## ----------- ## -## Main. ## -## ----------- ## +# func_generated_by_libtool +# True iff stdin has been generated by Libtool. This function is only +# a basic sanity check; it will hardly flush out determined imposters. +func_generated_by_libtool_p () +{ + $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 +} # func_lalib_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. +# True iff FILE is a libtool '.la' library or '.lo' object file. # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_lalib_p () { test -f "$1" && - $SED -e 4q "$1" 2>/dev/null \ - | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 + $SED -e 4q "$1" 2>/dev/null | func_generated_by_libtool_p } # func_lalib_unsafe_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. +# True iff FILE is a libtool '.la' library or '.lo' object file. # This function implements the same check as func_lalib_p without # resorting to external programs. To this end, it redirects stdin and # closes it afterwards, without saving the original file descriptor. # As a safety measure, use it only where a negative result would be -# fatal anyway. Works if `file' does not exist. +# fatal anyway. Works if 'file' does not exist. func_lalib_unsafe_p () { lalib_p=no @@ -1249,13 +2514,13 @@ func_lalib_unsafe_p () for lalib_p_l in 1 2 3 4 do read lalib_p_line - case "$lalib_p_line" in + case $lalib_p_line in \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;; esac done exec 0<&5 5<&- fi - test "$lalib_p" = yes + test yes = "$lalib_p" } # func_ltwrapper_script_p file @@ -1264,7 +2529,8 @@ func_lalib_unsafe_p () # determined imposters. func_ltwrapper_script_p () { - func_lalib_p "$1" + test -f "$1" && + $lt_truncate_bin < "$1" 2>/dev/null | func_generated_by_libtool_p } # func_ltwrapper_executable_p file @@ -1289,7 +2555,7 @@ func_ltwrapper_scriptname () { func_dirname_and_basename "$1" "" "." func_stripname '' '.exe' "$func_basename_result" - func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" + func_ltwrapper_scriptname_result=$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper } # func_ltwrapper_p file @@ -1308,11 +2574,13 @@ func_ltwrapper_p () # FAIL_CMD may read-access the current command in variable CMD! func_execute_cmds () { - $opt_debug + $debug_cmd + save_ifs=$IFS; IFS='~' for cmd in $1; do - IFS=$save_ifs + IFS=$sp$nl eval cmd=\"$cmd\" + IFS=$save_ifs func_show_eval "$cmd" "${2-:}" done IFS=$save_ifs @@ -1324,10 +2592,11 @@ func_execute_cmds () # Note that it is not necessary on cygwin/mingw to append a dot to # FILE even if both FILE and FILE.exe exist: automatic-append-.exe # behavior happens only for exec(3), not for open(2)! Also, sourcing -# `FILE.' does not work on cygwin managed mounts. +# 'FILE.' does not work on cygwin managed mounts. func_source () { - $opt_debug + $debug_cmd + case $1 in */* | *\\*) . "$1" ;; *) . "./$1" ;; @@ -1354,10 +2623,10 @@ func_resolve_sysroot () # store the result into func_replace_sysroot_result. func_replace_sysroot () { - case "$lt_sysroot:$1" in + case $lt_sysroot:$1 in ?*:"$lt_sysroot"*) func_stripname "$lt_sysroot" '' "$1" - func_replace_sysroot_result="=$func_stripname_result" + func_replace_sysroot_result='='$func_stripname_result ;; *) # Including no sysroot. @@ -1374,7 +2643,8 @@ func_replace_sysroot () # arg is usually of the form 'gcc ...' func_infer_tag () { - $opt_debug + $debug_cmd + if test -n "$available_tags" && test -z "$tagname"; then CC_quoted= for arg in $CC; do @@ -1393,7 +2663,7 @@ func_infer_tag () for z in $available_tags; do if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" + eval "`$SED -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" CC_quoted= for arg in $CC; do # Double-quote args containing other shell metacharacters. @@ -1418,7 +2688,7 @@ func_infer_tag () # line option must be used. if test -z "$tagname"; then func_echo "unable to infer tagged configuration" - func_fatal_error "specify a tag with \`--tag'" + func_fatal_error "specify a tag with '--tag'" # else # func_verbose "using $tagname tagged configuration" fi @@ -1434,15 +2704,15 @@ func_infer_tag () # but don't create it if we're doing a dry run. func_write_libtool_object () { - write_libobj=${1} - if test "$build_libtool_libs" = yes; then - write_lobj=\'${2}\' + write_libobj=$1 + if test yes = "$build_libtool_libs"; then + write_lobj=\'$2\' else write_lobj=none fi - if test "$build_old_libs" = yes; then - write_oldobj=\'${3}\' + if test yes = "$build_old_libs"; then + write_oldobj=\'$3\' else write_oldobj=none fi @@ -1450,7 +2720,7 @@ func_write_libtool_object () $opt_dry_run || { cat >${write_libobj}T </dev/null` - if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then + if test "$?" -eq 0 && test -n "$func_convert_core_file_wine_to_w32_tmp"; then func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | - $SED -e "$lt_sed_naive_backslashify"` + $SED -e "$sed_naive_backslashify"` else func_convert_core_file_wine_to_w32_result= fi @@ -1514,18 +2785,19 @@ func_convert_core_file_wine_to_w32 () # are convertible, then the result may be empty. func_convert_core_path_wine_to_w32 () { - $opt_debug + $debug_cmd + # unfortunately, winepath doesn't convert paths, only file names - func_convert_core_path_wine_to_w32_result="" + func_convert_core_path_wine_to_w32_result= if test -n "$1"; then oldIFS=$IFS IFS=: for func_convert_core_path_wine_to_w32_f in $1; do IFS=$oldIFS func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" - if test -n "$func_convert_core_file_wine_to_w32_result" ; then + if test -n "$func_convert_core_file_wine_to_w32_result"; then if test -z "$func_convert_core_path_wine_to_w32_result"; then - func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result" + func_convert_core_path_wine_to_w32_result=$func_convert_core_file_wine_to_w32_result else func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" fi @@ -1554,7 +2826,8 @@ func_convert_core_path_wine_to_w32 () # environment variable; do not put it in $PATH. func_cygpath () { - $opt_debug + $debug_cmd + if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` if test "$?" -ne 0; then @@ -1563,7 +2836,7 @@ func_cygpath () fi else func_cygpath_result= - func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'" + func_error "LT_CYGPATH is empty or specifies non-existent file: '$LT_CYGPATH'" fi } #end: func_cygpath @@ -1574,10 +2847,11 @@ func_cygpath () # result in func_convert_core_msys_to_w32_result. func_convert_core_msys_to_w32 () { - $opt_debug + $debug_cmd + # awkward: cmd appends spaces to result func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | - $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` + $SED -e 's/[ ]*$//' -e "$sed_naive_backslashify"` } #end: func_convert_core_msys_to_w32 @@ -1588,13 +2862,14 @@ func_convert_core_msys_to_w32 () # func_to_host_file_result to ARG1). func_convert_file_check () { - $opt_debug - if test -z "$2" && test -n "$1" ; then + $debug_cmd + + if test -z "$2" && test -n "$1"; then func_error "Could not determine host file name corresponding to" - func_error " \`$1'" + func_error " '$1'" func_error "Continuing, but uninstalled executables may not work." # Fallback: - func_to_host_file_result="$1" + func_to_host_file_result=$1 fi } # end func_convert_file_check @@ -1606,10 +2881,11 @@ func_convert_file_check () # func_to_host_file_result to a simplistic fallback value (see below). func_convert_path_check () { - $opt_debug + $debug_cmd + if test -z "$4" && test -n "$3"; then func_error "Could not determine the host path corresponding to" - func_error " \`$3'" + func_error " '$3'" func_error "Continuing, but uninstalled executables may not work." # Fallback. This is a deliberately simplistic "conversion" and # should not be "improved". See libtool.info. @@ -1618,7 +2894,7 @@ func_convert_path_check () func_to_host_path_result=`echo "$3" | $SED -e "$lt_replace_pathsep_chars"` else - func_to_host_path_result="$3" + func_to_host_path_result=$3 fi fi } @@ -1630,9 +2906,10 @@ func_convert_path_check () # and appending REPL if ORIG matches BACKPAT. func_convert_path_front_back_pathsep () { - $opt_debug + $debug_cmd + case $4 in - $1 ) func_to_host_path_result="$3$func_to_host_path_result" + $1 ) func_to_host_path_result=$3$func_to_host_path_result ;; esac case $4 in @@ -1646,7 +2923,7 @@ func_convert_path_front_back_pathsep () ################################################## # $build to $host FILE NAME CONVERSION FUNCTIONS # ################################################## -# invoked via `$to_host_file_cmd ARG' +# invoked via '$to_host_file_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # Result will be available in $func_to_host_file_result. @@ -1657,7 +2934,8 @@ func_convert_path_front_back_pathsep () # in func_to_host_file_result. func_to_host_file () { - $opt_debug + $debug_cmd + $to_host_file_cmd "$1" } # end func_to_host_file @@ -1669,7 +2947,8 @@ func_to_host_file () # in (the comma separated) LAZY, no conversion takes place. func_to_tool_file () { - $opt_debug + $debug_cmd + case ,$2, in *,"$to_tool_file_cmd",*) func_to_tool_file_result=$1 @@ -1687,7 +2966,7 @@ func_to_tool_file () # Copy ARG to func_to_host_file_result. func_convert_file_noop () { - func_to_host_file_result="$1" + func_to_host_file_result=$1 } # end func_convert_file_noop @@ -1698,11 +2977,12 @@ func_convert_file_noop () # func_to_host_file_result. func_convert_file_msys_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" - func_to_host_file_result="$func_convert_core_msys_to_w32_result" + func_to_host_file_result=$func_convert_core_msys_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1714,8 +2994,9 @@ func_convert_file_msys_to_w32 () # func_to_host_file_result. func_convert_file_cygwin_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then # because $build is cygwin, we call "the" cygpath in $PATH; no need to use # LT_CYGPATH in this case. @@ -1731,11 +3012,12 @@ func_convert_file_cygwin_to_w32 () # and a working winepath. Returns result in func_to_host_file_result. func_convert_file_nix_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_file_wine_to_w32 "$1" - func_to_host_file_result="$func_convert_core_file_wine_to_w32_result" + func_to_host_file_result=$func_convert_core_file_wine_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1747,12 +3029,13 @@ func_convert_file_nix_to_w32 () # Returns result in func_to_host_file_result. func_convert_file_msys_to_cygwin () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" func_cygpath -u "$func_convert_core_msys_to_w32_result" - func_to_host_file_result="$func_cygpath_result" + func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1765,13 +3048,14 @@ func_convert_file_msys_to_cygwin () # in func_to_host_file_result. func_convert_file_nix_to_cygwin () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. func_convert_core_file_wine_to_w32 "$1" func_cygpath -u "$func_convert_core_file_wine_to_w32_result" - func_to_host_file_result="$func_cygpath_result" + func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1781,7 +3065,7 @@ func_convert_file_nix_to_cygwin () ############################################# # $build to $host PATH CONVERSION FUNCTIONS # ############################################# -# invoked via `$to_host_path_cmd ARG' +# invoked via '$to_host_path_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # The result will be available in $func_to_host_path_result. @@ -1805,10 +3089,11 @@ func_convert_file_nix_to_cygwin () to_host_path_cmd= func_init_to_host_path_cmd () { - $opt_debug + $debug_cmd + if test -z "$to_host_path_cmd"; then func_stripname 'func_convert_file_' '' "$to_host_file_cmd" - to_host_path_cmd="func_convert_path_${func_stripname_result}" + to_host_path_cmd=func_convert_path_$func_stripname_result fi } @@ -1818,7 +3103,8 @@ func_init_to_host_path_cmd () # in func_to_host_path_result. func_to_host_path () { - $opt_debug + $debug_cmd + func_init_to_host_path_cmd $to_host_path_cmd "$1" } @@ -1829,7 +3115,7 @@ func_to_host_path () # Copy ARG to func_to_host_path_result. func_convert_path_noop () { - func_to_host_path_result="$1" + func_to_host_path_result=$1 } # end func_convert_path_noop @@ -1840,8 +3126,9 @@ func_convert_path_noop () # func_to_host_path_result. func_convert_path_msys_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from ARG. MSYS # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; @@ -1849,7 +3136,7 @@ func_convert_path_msys_to_w32 () func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_msys_to_w32_result" + func_to_host_path_result=$func_convert_core_msys_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" @@ -1863,8 +3150,9 @@ func_convert_path_msys_to_w32 () # func_to_host_file_result. func_convert_path_cygwin_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" @@ -1883,14 +3171,15 @@ func_convert_path_cygwin_to_w32 () # a working winepath. Returns result in func_to_host_file_result. func_convert_path_nix_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_path_wine_to_w32_result" + func_to_host_path_result=$func_convert_core_path_wine_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" @@ -1904,15 +3193,16 @@ func_convert_path_nix_to_w32 () # Returns result in func_to_host_file_result. func_convert_path_msys_to_cygwin () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_msys_to_w32_result" - func_to_host_path_result="$func_cygpath_result" + func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" @@ -1927,8 +3217,9 @@ func_convert_path_msys_to_cygwin () # func_to_host_file_result. func_convert_path_nix_to_cygwin () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from # ARG. msys behavior is inconsistent here, cygpath turns them @@ -1937,7 +3228,7 @@ func_convert_path_nix_to_cygwin () func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result" - func_to_host_path_result="$func_cygpath_result" + func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" @@ -1946,13 +3237,31 @@ func_convert_path_nix_to_cygwin () # end func_convert_path_nix_to_cygwin +# func_dll_def_p FILE +# True iff FILE is a Windows DLL '.def' file. +# Keep in sync with _LT_DLL_DEF_P in libtool.m4 +func_dll_def_p () +{ + $debug_cmd + + func_dll_def_p_tmp=`$SED -n \ + -e 's/^[ ]*//' \ + -e '/^\(;.*\)*$/d' \ + -e 's/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p' \ + -e q \ + "$1"` + test DEF = "$func_dll_def_p_tmp" +} + + # func_mode_compile arg... func_mode_compile () { - $opt_debug + $debug_cmd + # Get the compilation command and the source file. base_compile= - srcfile="$nonopt" # always keep a non-empty value in "srcfile" + srcfile=$nonopt # always keep a non-empty value in "srcfile" suppress_opt=yes suppress_output= arg_mode=normal @@ -1965,12 +3274,12 @@ func_mode_compile () case $arg_mode in arg ) # do not "continue". Instead, add this to base_compile - lastarg="$arg" + lastarg=$arg arg_mode=normal ;; target ) - libobj="$arg" + libobj=$arg arg_mode=normal continue ;; @@ -1980,7 +3289,7 @@ func_mode_compile () case $arg in -o) test -n "$libobj" && \ - func_fatal_error "you cannot specify \`-o' more than once" + func_fatal_error "you cannot specify '-o' more than once" arg_mode=target continue ;; @@ -2009,12 +3318,12 @@ func_mode_compile () func_stripname '-Wc,' '' "$arg" args=$func_stripname_result lastarg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for arg in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_append_quoted lastarg "$arg" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$lastarg" lastarg=$func_stripname_result @@ -2027,8 +3336,8 @@ func_mode_compile () # Accept the current argument as the source file. # The previous "srcfile" becomes the current argument. # - lastarg="$srcfile" - srcfile="$arg" + lastarg=$srcfile + srcfile=$arg ;; esac # case $arg ;; @@ -2043,13 +3352,13 @@ func_mode_compile () func_fatal_error "you must specify an argument for -Xcompile" ;; target) - func_fatal_error "you must specify a target with \`-o'" + func_fatal_error "you must specify a target with '-o'" ;; *) # Get the name of the library object. test -z "$libobj" && { func_basename "$srcfile" - libobj="$func_basename_result" + libobj=$func_basename_result } ;; esac @@ -2069,7 +3378,7 @@ func_mode_compile () case $libobj in *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;; *) - func_fatal_error "cannot determine name of library object from \`$libobj'" + func_fatal_error "cannot determine name of library object from '$libobj'" ;; esac @@ -2078,8 +3387,8 @@ func_mode_compile () for arg in $later; do case $arg in -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" + test yes = "$build_libtool_libs" \ + || func_fatal_configuration "cannot build a shared library" build_old_libs=no continue ;; @@ -2105,17 +3414,17 @@ func_mode_compile () func_quote_for_eval "$libobj" test "X$libobj" != "X$func_quote_for_eval_result" \ && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ - && func_warning "libobj name \`$libobj' may not contain shell special characters." + && func_warning "libobj name '$libobj' may not contain shell special characters." func_dirname_and_basename "$obj" "/" "" - objname="$func_basename_result" - xdir="$func_dirname_result" - lobj=${xdir}$objdir/$objname + objname=$func_basename_result + xdir=$func_dirname_result + lobj=$xdir$objdir/$objname test -z "$base_compile" && \ func_fatal_help "you must specify a compilation command" # Delete any leftover library objects. - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then removelist="$obj $lobj $libobj ${libobj}T" else removelist="$lobj $libobj ${libobj}T" @@ -2127,16 +3436,16 @@ func_mode_compile () pic_mode=default ;; esac - if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then + if test no = "$pic_mode" && test pass_all != "$deplibs_check_method"; then # non-PIC code in shared libraries is not supported pic_mode=default fi # Calculate the filename of the output object if compiler does # not support -o with -c - if test "$compiler_c_o" = no; then - output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext} - lockfile="$output_obj.lock" + if test no = "$compiler_c_o"; then + output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.$objext + lockfile=$output_obj.lock else output_obj= need_locks=no @@ -2145,12 +3454,12 @@ func_mode_compile () # Lock this critical section if it is needed # We use this script file to make the link, it avoids creating a new file - if test "$need_locks" = yes; then + if test yes = "$need_locks"; then until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" sleep 2 done - elif test "$need_locks" = warn; then + elif test warn = "$need_locks"; then if test -f "$lockfile"; then $ECHO "\ *** ERROR, $lockfile exists and contains: @@ -2158,7 +3467,7 @@ func_mode_compile () This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2180,11 +3489,11 @@ compiler." qsrcfile=$func_quote_for_eval_result # Only build a PIC object if we are building libtool libraries. - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then # Without this assignment, base_compile gets emptied. fbsd_hideous_sh_bug=$base_compile - if test "$pic_mode" != no; then + if test no != "$pic_mode"; then command="$base_compile $qsrcfile $pic_flag" else # Don't build PIC code @@ -2201,7 +3510,7 @@ compiler." func_show_eval_locale "$command" \ 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE' - if test "$need_locks" = warn && + if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: @@ -2212,7 +3521,7 @@ $srcfile This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2228,20 +3537,20 @@ compiler." fi # Allow error messages only from the first compilation. - if test "$suppress_opt" = yes; then + if test yes = "$suppress_opt"; then suppress_output=' >/dev/null 2>&1' fi fi # Only build a position-dependent object if we build old libraries. - if test "$build_old_libs" = yes; then - if test "$pic_mode" != yes; then + if test yes = "$build_old_libs"; then + if test yes != "$pic_mode"; then # Don't build PIC code command="$base_compile $qsrcfile$pie_flag" else command="$base_compile $qsrcfile $pic_flag" fi - if test "$compiler_c_o" = yes; then + if test yes = "$compiler_c_o"; then func_append command " -o $obj" fi @@ -2250,7 +3559,7 @@ compiler." func_show_eval_locale "$command" \ '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' - if test "$need_locks" = warn && + if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: @@ -2261,7 +3570,7 @@ $srcfile This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2281,7 +3590,7 @@ compiler." func_write_libtool_object "$libobj" "$objdir/$objname" "$objname" # Unlock the critical section if it was locked - if test "$need_locks" != no; then + if test no != "$need_locks"; then removelist=$lockfile $RM "$lockfile" fi @@ -2291,7 +3600,7 @@ compiler." } $opt_help || { - test "$opt_mode" = compile && func_mode_compile ${1+"$@"} + test compile = "$opt_mode" && func_mode_compile ${1+"$@"} } func_mode_help () @@ -2311,7 +3620,7 @@ func_mode_help () Remove files from the build directory. RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, object or program, all the files associated @@ -2330,16 +3639,16 @@ This mode accepts the following additional options: -no-suppress do not suppress compiler output for multiple passes -prefer-pic try to build PIC objects only -prefer-non-pic try to build non-PIC objects only - -shared do not build a \`.o' file suitable for static linking - -static only build a \`.o' file suitable for static linking + -shared do not build a '.o' file suitable for static linking + -static only build a '.o' file suitable for static linking -Wc,FLAG pass FLAG directly to the compiler -COMPILE-COMMAND is a command to be used in creating a \`standard' object file +COMPILE-COMMAND is a command to be used in creating a 'standard' object file from the given SOURCEFILE. The output file name is determined by removing the directory component from -SOURCEFILE, then substituting the C source code suffix \`.c' with the -library object suffix, \`.lo'." +SOURCEFILE, then substituting the C source code suffix '.c' with the +library object suffix, '.lo'." ;; execute) @@ -2352,7 +3661,7 @@ This mode accepts the following additional options: -dlopen FILE add the directory containing FILE to the library path -This mode sets the library path environment variable according to \`-dlopen' +This mode sets the library path environment variable according to '-dlopen' flags. If any of the ARGS are libtool executable wrappers, then they are translated @@ -2371,7 +3680,7 @@ Complete the installation of libtool libraries. Each LIBDIR is a directory that contains libtool libraries. The commands that this mode executes may require superuser privileges. Use -the \`--dry-run' option if you just want to see what would be executed." +the '--dry-run' option if you just want to see what would be executed." ;; install) @@ -2381,7 +3690,7 @@ the \`--dry-run' option if you just want to see what would be executed." Install executables or libraries. INSTALL-COMMAND is the installation command. The first component should be -either the \`install' or \`cp' program. +either the 'install' or 'cp' program. The following components of INSTALL-COMMAND are treated specially: @@ -2407,7 +3716,7 @@ The following components of LINK-COMMAND are treated specially: -avoid-version do not add a version suffix if possible -bindir BINDIR specify path to binaries directory (for systems where libraries must be found in the PATH setting at runtime) - -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime + -dlopen FILE '-dlpreopen' FILE if it cannot be dlopened at runtime -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) -export-symbols SYMFILE @@ -2421,7 +3730,8 @@ The following components of LINK-COMMAND are treated specially: -no-install link a not-installable executable -no-undefined declare that a library does not refer to external symbols -o OUTPUT-FILE create OUTPUT-FILE from the specified objects - -objectlist FILE Use a list of object files found in FILE to specify objects + -objectlist FILE use a list of object files found in FILE to specify objects + -os2dllname NAME force a short DLL name on OS/2 (no effect on other OSes) -precious-files-regex REGEX don't remove output files matching REGEX -release RELEASE specify package release information @@ -2441,20 +3751,20 @@ The following components of LINK-COMMAND are treated specially: -Xlinker FLAG pass linker-specific FLAG directly to the linker -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) -All other options (arguments beginning with \`-') are ignored. +All other options (arguments beginning with '-') are ignored. -Every other argument is treated as a filename. Files ending in \`.la' are +Every other argument is treated as a filename. Files ending in '.la' are treated as uninstalled libtool libraries, other files are standard or library object files. -If the OUTPUT-FILE ends in \`.la', then a libtool library is created, -only library objects (\`.lo' files) may be specified, and \`-rpath' is +If the OUTPUT-FILE ends in '.la', then a libtool library is created, +only library objects ('.lo' files) may be specified, and '-rpath' is required, except when creating a convenience library. -If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created -using \`ar' and \`ranlib', or on Windows using \`lib'. +If OUTPUT-FILE ends in '.a' or '.lib', then a standard library is created +using 'ar' and 'ranlib', or on Windows using 'lib'. -If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file +If OUTPUT-FILE ends in '.lo' or '.$objext', then a reloadable object file is created, otherwise an executable program is created." ;; @@ -2465,7 +3775,7 @@ is created, otherwise an executable program is created." Remove libraries from an installation directory. RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, all the files associated with it are deleted. @@ -2473,17 +3783,17 @@ Otherwise, only FILE itself is deleted using RM." ;; *) - func_fatal_help "invalid operation mode \`$opt_mode'" + func_fatal_help "invalid operation mode '$opt_mode'" ;; esac echo - $ECHO "Try \`$progname --help' for more information about other modes." + $ECHO "Try '$progname --help' for more information about other modes." } # Now that we've collected a possible --mode arg, show help if necessary if $opt_help; then - if test "$opt_help" = :; then + if test : = "$opt_help"; then func_mode_help else { @@ -2491,7 +3801,7 @@ if $opt_help; then for opt_mode in compile link execute install finish uninstall clean; do func_mode_help done - } | sed -n '1p; 2,$s/^Usage:/ or: /p' + } | $SED -n '1p; 2,$s/^Usage:/ or: /p' { func_help noexit for opt_mode in compile link execute install finish uninstall clean; do @@ -2499,7 +3809,7 @@ if $opt_help; then func_mode_help done } | - sed '1d + $SED '1d /^When reporting/,/^Report/{ H d @@ -2516,16 +3826,17 @@ fi # func_mode_execute arg... func_mode_execute () { - $opt_debug + $debug_cmd + # The first argument is the command name. - cmd="$nonopt" + cmd=$nonopt test -z "$cmd" && \ func_fatal_help "you must specify a COMMAND" # Handle -dlopen flags immediately. for file in $opt_dlopen; do test -f "$file" \ - || func_fatal_help "\`$file' is not a file" + || func_fatal_help "'$file' is not a file" dir= case $file in @@ -2535,7 +3846,7 @@ func_mode_execute () # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$lib' is not a valid libtool archive" + || func_fatal_help "'$lib' is not a valid libtool archive" # Read the libtool library. dlname= @@ -2546,18 +3857,18 @@ func_mode_execute () if test -z "$dlname"; then # Warn if it was a shared library. test -n "$library_names" && \ - func_warning "\`$file' was not linked with \`-export-dynamic'" + func_warning "'$file' was not linked with '-export-dynamic'" continue fi func_dirname "$file" "" "." - dir="$func_dirname_result" + dir=$func_dirname_result if test -f "$dir/$objdir/$dlname"; then func_append dir "/$objdir" else if test ! -f "$dir/$dlname"; then - func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" + func_fatal_error "cannot find '$dlname' in '$dir' or '$dir/$objdir'" fi fi ;; @@ -2565,18 +3876,18 @@ func_mode_execute () *.lo) # Just add the directory containing the .lo file. func_dirname "$file" "" "." - dir="$func_dirname_result" + dir=$func_dirname_result ;; *) - func_warning "\`-dlopen' is ignored for non-libtool libraries and objects" + func_warning "'-dlopen' is ignored for non-libtool libraries and objects" continue ;; esac # Get the absolute pathname. absdir=`cd "$dir" && pwd` - test -n "$absdir" && dir="$absdir" + test -n "$absdir" && dir=$absdir # Now add the directory to shlibpath_var. if eval "test -z \"\$$shlibpath_var\""; then @@ -2588,7 +3899,7 @@ func_mode_execute () # This variable tells wrapper scripts just to set shlibpath_var # rather than running their programs. - libtool_execute_magic="$magic" + libtool_execute_magic=$magic # Check if any of the arguments is a wrapper script. args= @@ -2601,12 +3912,12 @@ func_mode_execute () if func_ltwrapper_script_p "$file"; then func_source "$file" # Transform arg to wrapped name. - file="$progdir/$program" + file=$progdir/$program elif func_ltwrapper_executable_p "$file"; then func_ltwrapper_scriptname "$file" func_source "$func_ltwrapper_scriptname_result" # Transform arg to wrapped name. - file="$progdir/$program" + file=$progdir/$program fi ;; esac @@ -2614,7 +3925,15 @@ func_mode_execute () func_append_quoted args "$file" done - if test "X$opt_dry_run" = Xfalse; then + if $opt_dry_run; then + # Display what would be done. + if test -n "$shlibpath_var"; then + eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" + echo "export $shlibpath_var" + fi + $ECHO "$cmd$args" + exit $EXIT_SUCCESS + else if test -n "$shlibpath_var"; then # Export the shlibpath_var. eval "export $shlibpath_var" @@ -2631,25 +3950,18 @@ func_mode_execute () done # Now prepare to actually exec the command. - exec_cmd="\$cmd$args" - else - # Display what would be done. - if test -n "$shlibpath_var"; then - eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" - echo "export $shlibpath_var" - fi - $ECHO "$cmd$args" - exit $EXIT_SUCCESS + exec_cmd=\$cmd$args fi } -test "$opt_mode" = execute && func_mode_execute ${1+"$@"} +test execute = "$opt_mode" && func_mode_execute ${1+"$@"} # func_mode_finish arg... func_mode_finish () { - $opt_debug + $debug_cmd + libs= libdirs= admincmds= @@ -2663,11 +3975,11 @@ func_mode_finish () if func_lalib_unsafe_p "$opt"; then func_append libs " $opt" else - func_warning "\`$opt' is not a valid libtool archive" + func_warning "'$opt' is not a valid libtool archive" fi else - func_fatal_error "invalid argument \`$opt'" + func_fatal_error "invalid argument '$opt'" fi done @@ -2682,12 +3994,12 @@ func_mode_finish () # Remove sysroot references if $opt_dry_run; then for lib in $libs; do - echo "removing references to $lt_sysroot and \`=' prefixes from $lib" + echo "removing references to $lt_sysroot and '=' prefixes from $lib" done else tmpdir=`func_mktempdir` for lib in $libs; do - sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ + $SED -e "$sysroot_cmd s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ > $tmpdir/tmp-la mv -f $tmpdir/tmp-la $lib done @@ -2712,7 +4024,7 @@ func_mode_finish () fi # Exit here if they wanted silent mode. - $opt_silent && exit $EXIT_SUCCESS + $opt_quiet && exit $EXIT_SUCCESS if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then echo "----------------------------------------------------------------------" @@ -2723,27 +4035,27 @@ func_mode_finish () echo echo "If you ever happen to want to link against installed libraries" echo "in a given directory, LIBDIR, you must either use libtool, and" - echo "specify the full pathname of the library, or use the \`-LLIBDIR'" + echo "specify the full pathname of the library, or use the '-LLIBDIR'" echo "flag during linking and do at least one of the following:" if test -n "$shlibpath_var"; then - echo " - add LIBDIR to the \`$shlibpath_var' environment variable" + echo " - add LIBDIR to the '$shlibpath_var' environment variable" echo " during execution" fi if test -n "$runpath_var"; then - echo " - add LIBDIR to the \`$runpath_var' environment variable" + echo " - add LIBDIR to the '$runpath_var' environment variable" echo " during linking" fi if test -n "$hardcode_libdir_flag_spec"; then libdir=LIBDIR eval flag=\"$hardcode_libdir_flag_spec\" - $ECHO " - use the \`$flag' linker flag" + $ECHO " - use the '$flag' linker flag" fi if test -n "$admincmds"; then $ECHO " - have your system administrator run these commands:$admincmds" fi if test -f /etc/ld.so.conf; then - echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" + echo " - have your system administrator add LIBDIR to '/etc/ld.so.conf'" fi echo @@ -2762,18 +4074,20 @@ func_mode_finish () exit $EXIT_SUCCESS } -test "$opt_mode" = finish && func_mode_finish ${1+"$@"} +test finish = "$opt_mode" && func_mode_finish ${1+"$@"} # func_mode_install arg... func_mode_install () { - $opt_debug + $debug_cmd + # There may be an optional sh(1) argument at the beginning of # install_prog (especially on Windows NT). - if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || + if test "$SHELL" = "$nonopt" || test /bin/sh = "$nonopt" || # Allow the use of GNU shtool's install command. - case $nonopt in *shtool*) :;; *) false;; esac; then + case $nonopt in *shtool*) :;; *) false;; esac + then # Aesthetically quote it. func_quote_for_eval "$nonopt" install_prog="$func_quote_for_eval_result " @@ -2800,7 +4114,7 @@ func_mode_install () opts= prev= install_type= - isdir=no + isdir=false stripme= no_mode=: for arg @@ -2813,7 +4127,7 @@ func_mode_install () fi case $arg in - -d) isdir=yes ;; + -d) isdir=: ;; -f) if $install_cp; then :; else prev=$arg @@ -2831,7 +4145,7 @@ func_mode_install () *) # If the previous option needed an argument, then skip it. if test -n "$prev"; then - if test "x$prev" = x-m && test -n "$install_override_mode"; then + if test X-m = "X$prev" && test -n "$install_override_mode"; then arg2=$install_override_mode no_mode=false fi @@ -2856,7 +4170,7 @@ func_mode_install () func_fatal_help "you must specify an install program" test -n "$prev" && \ - func_fatal_help "the \`$prev' option requires an argument" + func_fatal_help "the '$prev' option requires an argument" if test -n "$install_override_mode" && $no_mode; then if $install_cp; then :; else @@ -2878,19 +4192,19 @@ func_mode_install () dest=$func_stripname_result # Check to see that the destination is a directory. - test -d "$dest" && isdir=yes - if test "$isdir" = yes; then - destdir="$dest" + test -d "$dest" && isdir=: + if $isdir; then + destdir=$dest destname= else func_dirname_and_basename "$dest" "" "." - destdir="$func_dirname_result" - destname="$func_basename_result" + destdir=$func_dirname_result + destname=$func_basename_result # Not a directory, so check to see that there is only one file specified. set dummy $files; shift test "$#" -gt 1 && \ - func_fatal_help "\`$dest' is not a directory" + func_fatal_help "'$dest' is not a directory" fi case $destdir in [\\/]* | [A-Za-z]:[\\/]*) ;; @@ -2899,7 +4213,7 @@ func_mode_install () case $file in *.lo) ;; *) - func_fatal_help "\`$destdir' must be an absolute directory name" + func_fatal_help "'$destdir' must be an absolute directory name" ;; esac done @@ -2908,7 +4222,7 @@ func_mode_install () # This variable tells wrapper scripts just to set variables rather # than running their programs. - libtool_install_magic="$magic" + libtool_install_magic=$magic staticlibs= future_libdirs= @@ -2928,7 +4242,7 @@ func_mode_install () # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$file' is not a valid libtool archive" + || func_fatal_help "'$file' is not a valid libtool archive" library_names= old_library= @@ -2950,7 +4264,7 @@ func_mode_install () fi func_dirname "$file" "/" "" - dir="$func_dirname_result" + dir=$func_dirname_result func_append dir "$objdir" if test -n "$relink_command"; then @@ -2964,7 +4278,7 @@ func_mode_install () # are installed into $libdir/../bin (currently, that works fine) # but it's something to keep an eye on. test "$inst_prefix_dir" = "$destdir" && \ - func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir" + func_fatal_error "error: cannot install '$file' to a directory not ending in $libdir" if test -n "$inst_prefix_dir"; then # Stick the inst_prefix_dir data into the link command. @@ -2973,29 +4287,36 @@ func_mode_install () relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"` fi - func_warning "relinking \`$file'" + func_warning "relinking '$file'" func_show_eval "$relink_command" \ - 'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"' + 'func_fatal_error "error: relink '\''$file'\'' with the above command before installing it"' fi # See the names of the shared library. set dummy $library_names; shift if test -n "$1"; then - realname="$1" + realname=$1 shift - srcname="$realname" - test -n "$relink_command" && srcname="$realname"T + srcname=$realname + test -n "$relink_command" && srcname=${realname}T # Install the shared library and build the symlinks. func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \ 'exit $?' - tstripme="$stripme" + tstripme=$stripme case $host_os in cygwin* | mingw* | pw32* | cegcc*) case $realname in *.dll.a) - tstripme="" + tstripme= + ;; + esac + ;; + os2*) + case $realname in + *_dll.a) + tstripme= ;; esac ;; @@ -3006,7 +4327,7 @@ func_mode_install () if test "$#" -gt 0; then # Delete the old symlinks, and create new ones. - # Try `ln -sf' first, because the `ln' binary might depend on + # Try 'ln -sf' first, because the 'ln' binary might depend on # the symlink we replace! Solaris /bin/ln does not understand -f, # so we also need to try rm && ln -s. for linkname @@ -3017,14 +4338,14 @@ func_mode_install () fi # Do each command in the postinstall commands. - lib="$destdir/$realname" + lib=$destdir/$realname func_execute_cmds "$postinstall_cmds" 'exit $?' fi # Install the pseudo-library for information purposes. func_basename "$file" - name="$func_basename_result" - instname="$dir/$name"i + name=$func_basename_result + instname=$dir/${name}i func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' # Maybe install the static library, too. @@ -3036,11 +4357,11 @@ func_mode_install () # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then - destfile="$destdir/$destname" + destfile=$destdir/$destname else func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" + destfile=$func_basename_result + destfile=$destdir/$destfile fi # Deduce the name of the destination old-style object file. @@ -3050,11 +4371,11 @@ func_mode_install () staticdest=$func_lo2o_result ;; *.$objext) - staticdest="$destfile" + staticdest=$destfile destfile= ;; *) - func_fatal_help "cannot copy a libtool object to \`$destfile'" + func_fatal_help "cannot copy a libtool object to '$destfile'" ;; esac @@ -3063,7 +4384,7 @@ func_mode_install () func_show_eval "$install_prog $file $destfile" 'exit $?' # Install the old object if enabled. - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then # Deduce the name of the old-style object file. func_lo2o "$file" staticobj=$func_lo2o_result @@ -3075,23 +4396,23 @@ func_mode_install () *) # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then - destfile="$destdir/$destname" + destfile=$destdir/$destname else func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" + destfile=$func_basename_result + destfile=$destdir/$destfile fi # If the file is missing, and there is a .exe on the end, strip it # because it is most likely a libtool script we actually want to # install - stripped_ext="" + stripped_ext= case $file in *.exe) if test ! -f "$file"; then func_stripname '' '.exe' "$file" file=$func_stripname_result - stripped_ext=".exe" + stripped_ext=.exe fi ;; esac @@ -3119,19 +4440,19 @@ func_mode_install () # Check the variables that should have been set. test -z "$generated_by_libtool_version" && \ - func_fatal_error "invalid libtool wrapper script \`$wrapper'" + func_fatal_error "invalid libtool wrapper script '$wrapper'" - finalize=yes + finalize=: for lib in $notinst_deplibs; do # Check to see that each library is installed. libdir= if test -f "$lib"; then func_source "$lib" fi - libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test + libfile=$libdir/`$ECHO "$lib" | $SED 's%^.*/%%g'` if test -n "$libdir" && test ! -f "$libfile"; then - func_warning "\`$lib' has not been installed in \`$libdir'" - finalize=no + func_warning "'$lib' has not been installed in '$libdir'" + finalize=false fi done @@ -3139,29 +4460,29 @@ func_mode_install () func_source "$wrapper" outputname= - if test "$fast_install" = no && test -n "$relink_command"; then + if test no = "$fast_install" && test -n "$relink_command"; then $opt_dry_run || { - if test "$finalize" = yes; then + if $finalize; then tmpdir=`func_mktempdir` func_basename "$file$stripped_ext" - file="$func_basename_result" - outputname="$tmpdir/$file" + file=$func_basename_result + outputname=$tmpdir/$file # Replace the output file specification. relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` - $opt_silent || { + $opt_quiet || { func_quote_for_expand "$relink_command" eval "func_echo $func_quote_for_expand_result" } if eval "$relink_command"; then : else - func_error "error: relink \`$file' with the above command before installing it" + func_error "error: relink '$file' with the above command before installing it" $opt_dry_run || ${RM}r "$tmpdir" continue fi - file="$outputname" + file=$outputname else - func_warning "cannot relink \`$file'" + func_warning "cannot relink '$file'" fi } else @@ -3198,10 +4519,10 @@ func_mode_install () for file in $staticlibs; do func_basename "$file" - name="$func_basename_result" + name=$func_basename_result # Set up the ranlib parameters. - oldlib="$destdir/$name" + oldlib=$destdir/$name func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 tool_oldlib=$func_to_tool_file_result @@ -3216,18 +4537,18 @@ func_mode_install () done test -n "$future_libdirs" && \ - func_warning "remember to run \`$progname --finish$future_libdirs'" + func_warning "remember to run '$progname --finish$future_libdirs'" if test -n "$current_libdirs"; then # Maybe just do a dry run. $opt_dry_run && current_libdirs=" -n$current_libdirs" - exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' + exec_cmd='$SHELL "$progpath" $preserve_args --finish$current_libdirs' else exit $EXIT_SUCCESS fi } -test "$opt_mode" = install && func_mode_install ${1+"$@"} +test install = "$opt_mode" && func_mode_install ${1+"$@"} # func_generate_dlsyms outputname originator pic_p @@ -3235,16 +4556,17 @@ test "$opt_mode" = install && func_mode_install ${1+"$@"} # a dlpreopen symbol table. func_generate_dlsyms () { - $opt_debug - my_outputname="$1" - my_originator="$2" - my_pic_p="${3-no}" - my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'` + $debug_cmd + + my_outputname=$1 + my_originator=$2 + my_pic_p=${3-false} + my_prefix=`$ECHO "$my_originator" | $SED 's%[^a-zA-Z0-9]%_%g'` my_dlsyms= - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then if test -n "$NM" && test -n "$global_symbol_pipe"; then - my_dlsyms="${my_outputname}S.c" + my_dlsyms=${my_outputname}S.c else func_error "not configured to extract global symbols from dlpreopened files" fi @@ -3255,7 +4577,7 @@ func_generate_dlsyms () "") ;; *.c) # Discover the nlist of each of the dlfiles. - nlist="$output_objdir/${my_outputname}.nm" + nlist=$output_objdir/$my_outputname.nm func_show_eval "$RM $nlist ${nlist}S ${nlist}T" @@ -3263,34 +4585,36 @@ func_generate_dlsyms () func_verbose "creating $output_objdir/$my_dlsyms" $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\ -/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */ -/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */ +/* $my_dlsyms - symbol resolution table for '$my_outputname' dlsym emulation. */ +/* Generated by $PROGRAM (GNU $PACKAGE) $VERSION */ #ifdef __cplusplus extern \"C\" { #endif -#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) +#if defined __GNUC__ && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) #pragma GCC diagnostic ignored \"-Wstrict-prototypes\" #endif /* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ -#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) -/* DATA imports from DLLs on WIN32 con't be const, because runtime +#if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE +/* DATA imports from DLLs on WIN32 can't be const, because runtime relocations are performed -- see ld's documentation on pseudo-relocs. */ # define LT_DLSYM_CONST -#elif defined(__osf__) +#elif defined __osf__ /* This system does not cope well with relocations in const data. */ # define LT_DLSYM_CONST #else # define LT_DLSYM_CONST const #endif +#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) + /* External symbol declarations for the compiler. */\ " - if test "$dlself" = yes; then - func_verbose "generating symbol list for \`$output'" + if test yes = "$dlself"; then + func_verbose "generating symbol list for '$output'" $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist" @@ -3298,7 +4622,7 @@ extern \"C\" { progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` for progfile in $progfiles; do func_to_tool_file "$progfile" func_convert_file_msys_to_w32 - func_verbose "extracting global C symbols from \`$func_to_tool_file_result'" + func_verbose "extracting global C symbols from '$func_to_tool_file_result'" $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" done @@ -3318,10 +4642,10 @@ extern \"C\" { # Prepare the list of exported symbols if test -z "$export_symbols"; then - export_symbols="$output_objdir/$outputname.exp" + export_symbols=$output_objdir/$outputname.exp $opt_dry_run || { $RM $export_symbols - eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' + eval "$SED -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' case $host in *cygwin* | *mingw* | *cegcc* ) eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' @@ -3331,7 +4655,7 @@ extern \"C\" { } else $opt_dry_run || { - eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' + eval "$SED -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' eval '$MV "$nlist"T "$nlist"' case $host in @@ -3345,22 +4669,22 @@ extern \"C\" { fi for dlprefile in $dlprefiles; do - func_verbose "extracting global C symbols from \`$dlprefile'" + func_verbose "extracting global C symbols from '$dlprefile'" func_basename "$dlprefile" - name="$func_basename_result" + name=$func_basename_result case $host in *cygwin* | *mingw* | *cegcc* ) # if an import library, we need to obtain dlname if func_win32_import_lib_p "$dlprefile"; then func_tr_sh "$dlprefile" eval "curr_lafile=\$libfile_$func_tr_sh_result" - dlprefile_dlbasename="" + dlprefile_dlbasename= if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then # Use subshell, to avoid clobbering current variable values dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` - if test -n "$dlprefile_dlname" ; then + if test -n "$dlprefile_dlname"; then func_basename "$dlprefile_dlname" - dlprefile_dlbasename="$func_basename_result" + dlprefile_dlbasename=$func_basename_result else # no lafile. user explicitly requested -dlpreopen . $sharedlib_from_linklib_cmd "$dlprefile" @@ -3368,7 +4692,7 @@ extern \"C\" { fi fi $opt_dry_run || { - if test -n "$dlprefile_dlbasename" ; then + if test -n "$dlprefile_dlbasename"; then eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' else func_warning "Could not compute DLL name from $name" @@ -3424,6 +4748,11 @@ extern \"C\" { echo '/* NONE */' >> "$output_objdir/$my_dlsyms" fi + func_show_eval '$RM "${nlist}I"' + if test -n "$global_symbol_to_import"; then + eval "$global_symbol_to_import"' < "$nlist"S > "$nlist"I' + fi + echo >> "$output_objdir/$my_dlsyms" "\ /* The mapping between symbol names and symbols. */ @@ -3432,11 +4761,30 @@ typedef struct { void *address; } lt_dlsymlist; extern LT_DLSYM_CONST lt_dlsymlist -lt_${my_prefix}_LTX_preloaded_symbols[]; +lt_${my_prefix}_LTX_preloaded_symbols[];\ +" + + if test -s "$nlist"I; then + echo >> "$output_objdir/$my_dlsyms" "\ +static void lt_syminit(void) +{ + LT_DLSYM_CONST lt_dlsymlist *symbol = lt_${my_prefix}_LTX_preloaded_symbols; + for (; symbol->name; ++symbol) + {" + $SED 's/.*/ if (STREQ (symbol->name, \"&\")) symbol->address = (void *) \&&;/' < "$nlist"I >> "$output_objdir/$my_dlsyms" + echo >> "$output_objdir/$my_dlsyms" "\ + } +}" + fi + echo >> "$output_objdir/$my_dlsyms" "\ LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[] = -{\ - { \"$my_originator\", (void *) 0 }," +{ {\"$my_originator\", (void *) 0}," + + if test -s "$nlist"I; then + echo >> "$output_objdir/$my_dlsyms" "\ + {\"@INIT@\", (void *) <_syminit}," + fi case $need_lib_prefix in no) @@ -3478,9 +4826,7 @@ static const void *lt_preloaded_setup() { *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; *) - if test "X$my_pic_p" != Xno; then - pic_flag_for_symtable=" $pic_flag" - fi + $my_pic_p && pic_flag_for_symtable=" $pic_flag" ;; esac ;; @@ -3497,10 +4843,10 @@ static const void *lt_preloaded_setup() { func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?' # Clean up the generated files. - func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"' + func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T" "${nlist}I"' # Transform the symbol file into the correct name. - symfileobj="$output_objdir/${my_outputname}S.$objext" + symfileobj=$output_objdir/${my_outputname}S.$objext case $host in *cygwin* | *mingw* | *cegcc* ) if test -f "$output_objdir/$my_outputname.def"; then @@ -3518,7 +4864,7 @@ static const void *lt_preloaded_setup() { esac ;; *) - func_fatal_error "unknown suffix for \`$my_dlsyms'" + func_fatal_error "unknown suffix for '$my_dlsyms'" ;; esac else @@ -3532,6 +4878,32 @@ static const void *lt_preloaded_setup() { fi } +# func_cygming_gnu_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is a GNU/binutils-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_gnu_implib_p () +{ + $debug_cmd + + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` + test -n "$func_cygming_gnu_implib_tmp" +} + +# func_cygming_ms_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is an MS-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_ms_implib_p () +{ + $debug_cmd + + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` + test -n "$func_cygming_ms_implib_tmp" +} + # func_win32_libid arg # return the library type of file 'arg' # @@ -3541,8 +4913,9 @@ static const void *lt_preloaded_setup() { # Despite the name, also deal with 64 bit binaries. func_win32_libid () { - $opt_debug - win32_libid_type="unknown" + $debug_cmd + + win32_libid_type=unknown win32_fileres=`file -L $1 2>/dev/null` case $win32_fileres in *ar\ archive\ import\ library*) # definitely import @@ -3552,16 +4925,29 @@ func_win32_libid () # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then - func_to_tool_file "$1" func_convert_file_msys_to_w32 - win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | - $SED -n -e ' + case $nm_interface in + "MS dumpbin") + if func_cygming_ms_implib_p "$1" || + func_cygming_gnu_implib_p "$1" + then + win32_nmres=import + else + win32_nmres= + fi + ;; + *) + func_to_tool_file "$1" func_convert_file_msys_to_w32 + win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | + $SED -n -e ' 1,100{ / I /{ - s,.*,import, + s|.*|import| p q } }'` + ;; + esac case $win32_nmres in import*) win32_libid_type="x86 archive import";; *) win32_libid_type="x86 archive static";; @@ -3593,7 +4979,8 @@ func_win32_libid () # $sharedlib_from_linklib_result func_cygming_dll_for_implib () { - $opt_debug + $debug_cmd + sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` } @@ -3610,7 +4997,8 @@ func_cygming_dll_for_implib () # specified import library. func_cygming_dll_for_implib_fallback_core () { - $opt_debug + $debug_cmd + match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` $OBJDUMP -s --section "$1" "$2" 2>/dev/null | $SED '/^Contents of section '"$match_literal"':/{ @@ -3646,8 +5034,8 @@ func_cygming_dll_for_implib_fallback_core () /./p' | # we now have a list, one entry per line, of the stringified # contents of the appropriate section of all members of the - # archive which possess that section. Heuristic: eliminate - # all those which have a first or second character that is + # archive that possess that section. Heuristic: eliminate + # all those that have a first or second character that is # a '.' (that is, objdump's representation of an unprintable # character.) This should work for all archives with less than # 0x302f exports -- but will fail for DLLs whose name actually @@ -3658,30 +5046,6 @@ func_cygming_dll_for_implib_fallback_core () $SED -e '/^\./d;/^.\./d;q' } -# func_cygming_gnu_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is a GNU/binutils-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_gnu_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` - test -n "$func_cygming_gnu_implib_tmp" -} - -# func_cygming_ms_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is an MS-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_ms_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` - test -n "$func_cygming_ms_implib_tmp" -} - # func_cygming_dll_for_implib_fallback ARG # Platform-specific function to extract the # name of the DLL associated with the specified @@ -3695,16 +5059,17 @@ func_cygming_ms_implib_p () # $sharedlib_from_linklib_result func_cygming_dll_for_implib_fallback () { - $opt_debug - if func_cygming_gnu_implib_p "$1" ; then + $debug_cmd + + if func_cygming_gnu_implib_p "$1"; then # binutils import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` - elif func_cygming_ms_implib_p "$1" ; then + elif func_cygming_ms_implib_p "$1"; then # ms-generated import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` else # unknown - sharedlib_from_linklib_result="" + sharedlib_from_linklib_result= fi } @@ -3712,10 +5077,11 @@ func_cygming_dll_for_implib_fallback () # func_extract_an_archive dir oldlib func_extract_an_archive () { - $opt_debug - f_ex_an_ar_dir="$1"; shift - f_ex_an_ar_oldlib="$1" - if test "$lock_old_archive_extraction" = yes; then + $debug_cmd + + f_ex_an_ar_dir=$1; shift + f_ex_an_ar_oldlib=$1 + if test yes = "$lock_old_archive_extraction"; then lockfile=$f_ex_an_ar_oldlib.lock until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" @@ -3724,7 +5090,7 @@ func_extract_an_archive () fi func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \ 'stat=$?; rm -f "$lockfile"; exit $stat' - if test "$lock_old_archive_extraction" = yes; then + if test yes = "$lock_old_archive_extraction"; then $opt_dry_run || rm -f "$lockfile" fi if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then @@ -3738,22 +5104,23 @@ func_extract_an_archive () # func_extract_archives gentop oldlib ... func_extract_archives () { - $opt_debug - my_gentop="$1"; shift + $debug_cmd + + my_gentop=$1; shift my_oldlibs=${1+"$@"} - my_oldobjs="" - my_xlib="" - my_xabs="" - my_xdir="" + my_oldobjs= + my_xlib= + my_xabs= + my_xdir= for my_xlib in $my_oldlibs; do # Extract the objects. case $my_xlib in - [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; + [\\/]* | [A-Za-z]:[\\/]*) my_xabs=$my_xlib ;; *) my_xabs=`pwd`"/$my_xlib" ;; esac func_basename "$my_xlib" - my_xlib="$func_basename_result" + my_xlib=$func_basename_result my_xlib_u=$my_xlib while :; do case " $extracted_archives " in @@ -3765,7 +5132,7 @@ func_extract_archives () esac done extracted_archives="$extracted_archives $my_xlib_u" - my_xdir="$my_gentop/$my_xlib_u" + my_xdir=$my_gentop/$my_xlib_u func_mkdir_p "$my_xdir" @@ -3778,22 +5145,23 @@ func_extract_archives () cd $my_xdir || exit $? darwin_archive=$my_xabs darwin_curdir=`pwd` - darwin_base_archive=`basename "$darwin_archive"` + func_basename "$darwin_archive" + darwin_base_archive=$func_basename_result darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true` if test -n "$darwin_arches"; then darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'` darwin_arch= func_verbose "$darwin_base_archive has multiple architectures $darwin_arches" - for darwin_arch in $darwin_arches ; do - func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}" - $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" - cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" - func_extract_an_archive "`pwd`" "${darwin_base_archive}" + for darwin_arch in $darwin_arches; do + func_mkdir_p "unfat-$$/$darwin_base_archive-$darwin_arch" + $LIPO -thin $darwin_arch -output "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" "$darwin_archive" + cd "unfat-$$/$darwin_base_archive-$darwin_arch" + func_extract_an_archive "`pwd`" "$darwin_base_archive" cd "$darwin_curdir" - $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" + $RM "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" done # $darwin_arches ## Okay now we've a bunch of thin objects, gotta fatten them up :) - darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u` + darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$sed_basename" | sort -u` darwin_file= darwin_files= for darwin_file in $darwin_filelist; do @@ -3815,7 +5183,7 @@ func_extract_archives () my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP` done - func_extract_archives_result="$my_oldobjs" + func_extract_archives_result=$my_oldobjs } @@ -3830,7 +5198,7 @@ func_extract_archives () # # ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR # variable will take. If 'yes', then the emitted script -# will assume that the directory in which it is stored is +# will assume that the directory where it is stored is # the $objdir directory. This is a cygwin/mingw-specific # behavior. func_emit_wrapper () @@ -3841,7 +5209,7 @@ func_emit_wrapper () #! $SHELL # $output - temporary wrapper script for $objdir/$outputname -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # The $output program cannot be directly executed until all the libtool # libraries that it depends on are installed. @@ -3898,9 +5266,9 @@ _LTECHO_EOF' # Very basic option parsing. These options are (a) specific to # the libtool wrapper, (b) are identical between the wrapper -# /script/ and the wrapper /executable/ which is used only on +# /script/ and the wrapper /executable/ that is used only on # windows platforms, and (c) all begin with the string "--lt-" -# (application programs are unlikely to have options which match +# (application programs are unlikely to have options that match # this pattern). # # There are only two supported options: --lt-debug and @@ -3933,7 +5301,7 @@ func_parse_lt_options () # Print the debug banner immediately: if test -n \"\$lt_option_debug\"; then - echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2 + echo \"$outputname:$output:\$LINENO: libtool wrapper (GNU $PACKAGE) $VERSION\" 1>&2 fi } @@ -3944,7 +5312,7 @@ func_lt_dump_args () lt_dump_args_N=1; for lt_arg do - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\" + \$ECHO \"$outputname:$output:\$LINENO: newargv[\$lt_dump_args_N]: \$lt_arg\" lt_dump_args_N=\`expr \$lt_dump_args_N + 1\` done } @@ -3958,7 +5326,7 @@ func_exec_program_core () *-*-mingw | *-*-os2* | *-cegcc*) $ECHO "\ if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2 + \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir\\\\\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} @@ -3968,7 +5336,7 @@ func_exec_program_core () *) $ECHO "\ if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2 + \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir/\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir/\$program\" \${1+\"\$@\"} @@ -4043,13 +5411,13 @@ func_exec_program () test -n \"\$absdir\" && thisdir=\"\$absdir\" " - if test "$fast_install" = yes; then + if test yes = "$fast_install"; then $ECHO "\ program=lt-'$outputname'$exeext progdir=\"\$thisdir/$objdir\" if test ! -f \"\$progdir/\$program\" || - { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\ + { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | $SED 1q\`; \\ test \"X\$file\" != \"X\$progdir/\$program\"; }; then file=\"\$\$-\$program\" @@ -4066,7 +5434,7 @@ func_exec_program () if test -n \"\$relink_command\"; then if relink_command_output=\`eval \$relink_command 2>&1\`; then : else - $ECHO \"\$relink_command_output\" >&2 + \$ECHO \"\$relink_command_output\" >&2 $RM \"\$progdir/\$file\" exit 1 fi @@ -4101,7 +5469,7 @@ func_exec_program () fi # Export our shlibpath_var if we have one. - if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then + if test yes = "$shlibpath_overrides_runpath" && test -n "$shlibpath_var" && test -n "$temp_rpath"; then $ECHO "\ # Add our own library path to $shlibpath_var $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" @@ -4121,7 +5489,7 @@ func_exec_program () fi else # The program doesn't exist. - \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2 + \$ECHO \"\$0: error: '\$progdir/\$program' does not exist\" 1>&2 \$ECHO \"This script is just a wrapper for \$program.\" 1>&2 \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2 exit 1 @@ -4140,7 +5508,7 @@ func_emit_cwrapperexe_src () cat < #include +#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) + /* declarations of non-ANSI functions */ -#if defined(__MINGW32__) +#if defined __MINGW32__ # ifdef __STRICT_ANSI__ int _putenv (const char *); # endif -#elif defined(__CYGWIN__) +#elif defined __CYGWIN__ # ifdef __STRICT_ANSI__ char *realpath (const char *, char *); int putenv (char *); int setenv (const char *, const char *, int); # endif -/* #elif defined (other platforms) ... */ +/* #elif defined other_platform || defined ... */ #endif /* portability defines, excluding path handling macros */ -#if defined(_MSC_VER) +#if defined _MSC_VER # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv # define S_IXUSR _S_IEXEC -# ifndef _INTPTR_T_DEFINED -# define _INTPTR_T_DEFINED -# define intptr_t int -# endif -#elif defined(__MINGW32__) +#elif defined __MINGW32__ # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv -#elif defined(__CYGWIN__) +#elif defined __CYGWIN__ # define HAVE_SETENV # define FOPEN_WB "wb" -/* #elif defined (other platforms) ... */ +/* #elif defined other platforms ... */ #endif -#if defined(PATH_MAX) +#if defined PATH_MAX # define LT_PATHMAX PATH_MAX -#elif defined(MAXPATHLEN) +#elif defined MAXPATHLEN # define LT_PATHMAX MAXPATHLEN #else # define LT_PATHMAX 1024 @@ -4234,8 +5600,8 @@ int setenv (const char *, const char *, int); # define PATH_SEPARATOR ':' #endif -#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ - defined (__OS2__) +#if defined _WIN32 || defined __MSDOS__ || defined __DJGPP__ || \ + defined __OS2__ # define HAVE_DOS_BASED_FILE_SYSTEM # define FOPEN_WB "wb" # ifndef DIR_SEPARATOR_2 @@ -4268,10 +5634,10 @@ int setenv (const char *, const char *, int); #define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) #define XFREE(stale) do { \ - if (stale) { free ((void *) stale); stale = 0; } \ + if (stale) { free (stale); stale = 0; } \ } while (0) -#if defined(LT_DEBUGWRAPPER) +#if defined LT_DEBUGWRAPPER static int lt_debug = 1; #else static int lt_debug = 0; @@ -4300,11 +5666,16 @@ void lt_dump_script (FILE *f); EOF cat < 0) && IS_PATH_SEPARATOR (new_value[len-1])) + size_t len = strlen (new_value); + while ((len > 0) && IS_PATH_SEPARATOR (new_value[len-1])) { - new_value[len-1] = '\0'; + new_value[--len] = '\0'; } lt_setenv (name, new_value); XFREE (new_value); @@ -5082,7 +6453,8 @@ EOF # True if ARG is an import lib, as indicated by $file_magic_cmd func_win32_import_lib_p () { - $opt_debug + $debug_cmd + case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in *import*) : ;; *) false ;; @@ -5092,17 +6464,18 @@ func_win32_import_lib_p () # func_mode_link arg... func_mode_link () { - $opt_debug + $debug_cmd + case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) # It is impossible to link a dll without this setting, and # we shouldn't force the makefile maintainer to figure out - # which system we are compiling for in order to pass an extra + # what system we are compiling for in order to pass an extra # flag for every libtool invocation. # allow_undefined=no # FIXME: Unfortunately, there are problems with the above when trying - # to make a dll which has undefined symbols, in which case not + # to make a dll that has undefined symbols, in which case not # even a static library is built. For now, we need to specify # -no-undefined on the libtool link line when we can be certain # that all symbols are satisfied, otherwise we get a static library. @@ -5146,10 +6519,11 @@ func_mode_link () module=no no_install=no objs= + os2dllname= non_pic_objects= precious_files_regex= prefer_static_libs=no - preload=no + preload=false prev= prevarg= release= @@ -5161,7 +6535,7 @@ func_mode_link () vinfo= vinfo_number=no weak_libs= - single_module="${wl}-single_module" + single_module=$wl-single_module func_infer_tag $base_compile # We need to know -static, to get the right output filenames. @@ -5169,15 +6543,15 @@ func_mode_link () do case $arg in -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" + test yes != "$build_libtool_libs" \ + && func_fatal_configuration "cannot build a shared library" build_old_libs=no break ;; -all-static | -static | -static-libtool-libs) case $arg in -all-static) - if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then + if test yes = "$build_libtool_libs" && test -z "$link_static_flag"; then func_warning "complete static linking is impossible in this configuration" fi if test -n "$link_static_flag"; then @@ -5210,7 +6584,7 @@ func_mode_link () # Go through the arguments, transforming them on the way. while test "$#" -gt 0; do - arg="$1" + arg=$1 shift func_quote_for_eval "$arg" qarg=$func_quote_for_eval_unquoted_result @@ -5227,21 +6601,21 @@ func_mode_link () case $prev in bindir) - bindir="$arg" + bindir=$arg prev= continue ;; dlfiles|dlprefiles) - if test "$preload" = no; then + $preload || { # Add the symbol object into the linking commands. func_append compile_command " @SYMFILE@" func_append finalize_command " @SYMFILE@" - preload=yes - fi + preload=: + } case $arg in *.la | *.lo) ;; # We handle these cases below. force) - if test "$dlself" = no; then + if test no = "$dlself"; then dlself=needless export_dynamic=yes fi @@ -5249,9 +6623,9 @@ func_mode_link () continue ;; self) - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then dlself=yes - elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then + elif test dlfiles = "$prev" && test yes != "$dlopen_self"; then dlself=yes else dlself=needless @@ -5261,7 +6635,7 @@ func_mode_link () continue ;; *) - if test "$prev" = dlfiles; then + if test dlfiles = "$prev"; then func_append dlfiles " $arg" else func_append dlprefiles " $arg" @@ -5272,14 +6646,14 @@ func_mode_link () esac ;; expsyms) - export_symbols="$arg" + export_symbols=$arg test -f "$arg" \ - || func_fatal_error "symbol file \`$arg' does not exist" + || func_fatal_error "symbol file '$arg' does not exist" prev= continue ;; expsyms_regex) - export_symbols_regex="$arg" + export_symbols_regex=$arg prev= continue ;; @@ -5297,7 +6671,13 @@ func_mode_link () continue ;; inst_prefix) - inst_prefix_dir="$arg" + inst_prefix_dir=$arg + prev= + continue + ;; + mllvm) + # Clang does not use LLVM to link, so we can simply discard any + # '-mllvm $arg' options when doing the link step. prev= continue ;; @@ -5321,21 +6701,21 @@ func_mode_link () if test -z "$pic_object" || test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" + test none = "$pic_object" && + test none = "$non_pic_object"; then + func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result - if test "$pic_object" != none; then + if test none != "$pic_object"; then # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" + pic_object=$xdir$pic_object - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + if test dlfiles = "$prev"; then + if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue @@ -5346,7 +6726,7 @@ func_mode_link () fi # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= @@ -5354,23 +6734,23 @@ func_mode_link () # A PIC object. func_append libobjs " $pic_object" - arg="$pic_object" + arg=$pic_object fi # Non-PIC object. - if test "$non_pic_object" != none; then + if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" + non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" + if test -z "$pic_object" || test none = "$pic_object"; then + arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" + non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else @@ -5378,7 +6758,7 @@ func_mode_link () if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result @@ -5386,24 +6766,29 @@ func_mode_link () func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else - func_fatal_error "\`$arg' is not a valid libtool object" + func_fatal_error "'$arg' is not a valid libtool object" fi fi done else - func_fatal_error "link input file \`$arg' does not exist" + func_fatal_error "link input file '$arg' does not exist" fi arg=$save_arg prev= continue ;; + os2dllname) + os2dllname=$arg + prev= + continue + ;; precious_regex) - precious_files_regex="$arg" + precious_files_regex=$arg prev= continue ;; release) - release="-$arg" + release=-$arg prev= continue ;; @@ -5415,7 +6800,7 @@ func_mode_link () func_fatal_error "only absolute run-paths are allowed" ;; esac - if test "$prev" = rpath; then + if test rpath = "$prev"; then case "$rpath " in *" $arg "*) ;; *) func_append rpath " $arg" ;; @@ -5430,7 +6815,7 @@ func_mode_link () continue ;; shrext) - shrext_cmds="$arg" + shrext_cmds=$arg prev= continue ;; @@ -5470,7 +6855,7 @@ func_mode_link () esac fi # test -n "$prev" - prevarg="$arg" + prevarg=$arg case $arg in -all-static) @@ -5484,7 +6869,7 @@ func_mode_link () -allow-undefined) # FIXME: remove this flag sometime in the future. - func_fatal_error "\`-allow-undefined' must not be used because it is the default" + func_fatal_error "'-allow-undefined' must not be used because it is the default" ;; -avoid-version) @@ -5516,7 +6901,7 @@ func_mode_link () if test -n "$export_symbols" || test -n "$export_symbols_regex"; then func_fatal_error "more than one -exported-symbols argument is not allowed" fi - if test "X$arg" = "X-export-symbols"; then + if test X-export-symbols = "X$arg"; then prev=expsyms else prev=expsyms_regex @@ -5550,9 +6935,9 @@ func_mode_link () func_stripname "-L" '' "$arg" if test -z "$func_stripname_result"; then if test "$#" -gt 0; then - func_fatal_error "require no space between \`-L' and \`$1'" + func_fatal_error "require no space between '-L' and '$1'" else - func_fatal_error "need path for \`-L' option" + func_fatal_error "need path for '-L' option" fi fi func_resolve_sysroot "$func_stripname_result" @@ -5563,8 +6948,8 @@ func_mode_link () *) absdir=`cd "$dir" && pwd` test -z "$absdir" && \ - func_fatal_error "cannot determine absolute directory name of \`$dir'" - dir="$absdir" + func_fatal_error "cannot determine absolute directory name of '$dir'" + dir=$absdir ;; esac case "$deplibs " in @@ -5599,7 +6984,7 @@ func_mode_link () ;; -l*) - if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then + if test X-lc = "X$arg" || test X-lm = "X$arg"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*) # These systems don't actually have a C or math library (as such) @@ -5607,11 +6992,11 @@ func_mode_link () ;; *-*-os2*) # These systems don't actually have a C library (as such) - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc due to us having libc/libc_r. - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; *-*-rhapsody* | *-*-darwin1.[012]) # Rhapsody C and math libraries are in the System framework @@ -5620,16 +7005,16 @@ func_mode_link () ;; *-*-sco3.2v5* | *-*-sco5v6*) # Causes problems with __ctype - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) # Compiler inserts libc in the correct place for threads to work - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; esac - elif test "X$arg" = "X-lc_r"; then + elif test X-lc_r = "X$arg"; then case $host in - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc_r directly, use -pthread flag. continue ;; @@ -5639,6 +7024,11 @@ func_mode_link () continue ;; + -mllvm) + prev=mllvm + continue + ;; + -module) module=yes continue @@ -5668,7 +7058,7 @@ func_mode_link () ;; -multi_module) - single_module="${wl}-multi_module" + single_module=$wl-multi_module continue ;; @@ -5682,8 +7072,8 @@ func_mode_link () *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) # The PATH hackery in wrapper scripts is required on Windows # and Darwin in order for the loader to find any dlls it needs. - func_warning "\`-no-install' is ignored for $host" - func_warning "assuming \`-no-fast-install' instead" + func_warning "'-no-install' is ignored for $host" + func_warning "assuming '-no-fast-install' instead" fast_install=no ;; *) no_install=yes ;; @@ -5701,6 +7091,11 @@ func_mode_link () continue ;; + -os2dllname) + prev=os2dllname + continue + ;; + -o) prev=output ;; -precious-files-regex) @@ -5788,14 +7183,14 @@ func_mode_link () func_stripname '-Wc,' '' "$arg" args=$func_stripname_result arg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for flag in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $func_quote_for_eval_result" func_append compiler_flags " $func_quote_for_eval_result" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; @@ -5804,15 +7199,15 @@ func_mode_link () func_stripname '-Wl,' '' "$arg" args=$func_stripname_result arg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for flag in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $wl$func_quote_for_eval_result" func_append compiler_flags " $wl$func_quote_for_eval_result" func_append linker_flags " $func_quote_for_eval_result" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; @@ -5835,7 +7230,7 @@ func_mode_link () # -msg_* for osf cc -msg_*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; # Flags to be passed through unchanged, with rationale: @@ -5847,26 +7242,46 @@ func_mode_link () # -m*, -t[45]*, -txscale* architecture-specific flags for GCC # -F/path path to uninstalled frameworks, gcc on darwin # -p, -pg, --coverage, -fprofile-* profiling flags for GCC + # -fstack-protector* stack protector flags for GCC # @file GCC response files # -tp=* Portland pgcc target processor selection # --sysroot=* for sysroot support - # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization # -stdlib=* select c++ std lib with clang -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ - -O*|-flto*|-fwhopr*|-fuse-linker-plugin|-stdlib=*) + -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result func_append compile_command " $arg" func_append finalize_command " $arg" func_append compiler_flags " $arg" continue ;; + -Z*) + if test os2 = "`expr $host : '.*\(os2\)'`"; then + # OS/2 uses -Zxxx to specify OS/2-specific options + compiler_flags="$compiler_flags $arg" + func_append compile_command " $arg" + func_append finalize_command " $arg" + case $arg in + -Zlinker | -Zstack) + prev=xcompiler + ;; + esac + continue + else + # Otherwise treat like 'Some other compiler flag' below + func_quote_for_eval "$arg" + arg=$func_quote_for_eval_result + fi + ;; + # Some other compiler flag. -* | +*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; *.$objext) @@ -5887,21 +7302,21 @@ func_mode_link () if test -z "$pic_object" || test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" + test none = "$pic_object" && + test none = "$non_pic_object"; then + func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result - if test "$pic_object" != none; then + test none = "$pic_object" || { # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" + pic_object=$xdir$pic_object - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + if test dlfiles = "$prev"; then + if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue @@ -5912,7 +7327,7 @@ func_mode_link () fi # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= @@ -5920,23 +7335,23 @@ func_mode_link () # A PIC object. func_append libobjs " $pic_object" - arg="$pic_object" - fi + arg=$pic_object + } # Non-PIC object. - if test "$non_pic_object" != none; then + if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" + non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" + if test -z "$pic_object" || test none = "$pic_object"; then + arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" + non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else @@ -5944,7 +7359,7 @@ func_mode_link () if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result @@ -5952,7 +7367,7 @@ func_mode_link () func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else - func_fatal_error "\`$arg' is not a valid libtool object" + func_fatal_error "'$arg' is not a valid libtool object" fi fi ;; @@ -5968,11 +7383,11 @@ func_mode_link () # A libtool-controlled library. func_resolve_sysroot "$arg" - if test "$prev" = dlfiles; then + if test dlfiles = "$prev"; then # This library was specified with -dlopen. func_append dlfiles " $func_resolve_sysroot_result" prev= - elif test "$prev" = dlprefiles; then + elif test dlprefiles = "$prev"; then # The library was specified with -dlpreopen. func_append dlprefiles " $func_resolve_sysroot_result" prev= @@ -5987,7 +7402,7 @@ func_mode_link () # Unknown arguments in both finalize_command and compile_command need # to be aesthetically quoted because they are evaled later. func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; esac # arg @@ -5999,9 +7414,9 @@ func_mode_link () done # argument parsing loop test -n "$prev" && \ - func_fatal_help "the \`$prevarg' option requires an argument" + func_fatal_help "the '$prevarg' option requires an argument" - if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then + if test yes = "$export_dynamic" && test -n "$export_dynamic_flag_spec"; then eval arg=\"$export_dynamic_flag_spec\" func_append compile_command " $arg" func_append finalize_command " $arg" @@ -6010,12 +7425,12 @@ func_mode_link () oldlibs= # calculate the name of the file, without its directory func_basename "$output" - outputname="$func_basename_result" - libobjs_save="$libobjs" + outputname=$func_basename_result + libobjs_save=$libobjs if test -n "$shlibpath_var"; then # get the directories listed in $shlibpath_var - eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\` + eval shlib_search_path=\`\$ECHO \"\$$shlibpath_var\" \| \$SED \'s/:/ /g\'\` else shlib_search_path= fi @@ -6023,7 +7438,7 @@ func_mode_link () eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" func_dirname "$output" "/" "" - output_objdir="$func_dirname_result$objdir" + output_objdir=$func_dirname_result$objdir func_to_tool_file "$output_objdir/" tool_output_objdir=$func_to_tool_file_result # Create the object directory. @@ -6046,7 +7461,7 @@ func_mode_link () # Find all interdependent deplibs by searching for libraries # that are linked more than once (e.g. -la -lb -la) for deplib in $deplibs; do - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac @@ -6054,7 +7469,7 @@ func_mode_link () func_append libs " $deplib" done - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then libs="$predeps $libs $compiler_lib_search_path $postdeps" # Compute libraries that are listed more than once in $predeps @@ -6086,7 +7501,7 @@ func_mode_link () case $file in *.la) ;; *) - func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file" + func_fatal_help "libraries can '-dlopen' only libtool libraries: $file" ;; esac done @@ -6094,7 +7509,7 @@ func_mode_link () prog) compile_deplibs= finalize_deplibs= - alldeplibs=no + alldeplibs=false newdlfiles= newdlprefiles= passes="conv scan dlopen dlpreopen link" @@ -6106,29 +7521,29 @@ func_mode_link () for pass in $passes; do # The preopen pass in lib mode reverses $deplibs; put it back here # so that -L comes before libs that need it for instance... - if test "$linkmode,$pass" = "lib,link"; then + if test lib,link = "$linkmode,$pass"; then ## FIXME: Find the place where the list is rebuilt in the wrong ## order, and fix it there properly tmp_deplibs= for deplib in $deplibs; do tmp_deplibs="$deplib $tmp_deplibs" done - deplibs="$tmp_deplibs" + deplibs=$tmp_deplibs fi - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan"; then - libs="$deplibs" + if test lib,link = "$linkmode,$pass" || + test prog,scan = "$linkmode,$pass"; then + libs=$deplibs deplibs= fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then case $pass in - dlopen) libs="$dlfiles" ;; - dlpreopen) libs="$dlprefiles" ;; + dlopen) libs=$dlfiles ;; + dlpreopen) libs=$dlprefiles ;; link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; esac fi - if test "$linkmode,$pass" = "lib,dlpreopen"; then + if test lib,dlpreopen = "$linkmode,$pass"; then # Collect and forward deplibs of preopened libtool libs for lib in $dlprefiles; do # Ignore non-libtool-libs @@ -6149,26 +7564,26 @@ func_mode_link () esac done done - libs="$dlprefiles" + libs=$dlprefiles fi - if test "$pass" = dlopen; then + if test dlopen = "$pass"; then # Collect dlpreopened libraries - save_deplibs="$deplibs" + save_deplibs=$deplibs deplibs= fi for deplib in $libs; do lib= - found=no + found=false case $deplib in -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else func_append compiler_flags " $deplib" - if test "$linkmode" = lib ; then + if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; @@ -6178,13 +7593,13 @@ func_mode_link () continue ;; -l*) - if test "$linkmode" != lib && test "$linkmode" != prog; then - func_warning "\`-l' is ignored for archives/objects" + if test lib != "$linkmode" && test prog != "$linkmode"; then + func_warning "'-l' is ignored for archives/objects" continue fi func_stripname '-l' '' "$deplib" name=$func_stripname_result - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path" else searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path" @@ -6192,31 +7607,22 @@ func_mode_link () for searchdir in $searchdirs; do for search_ext in .la $std_shrext .so .a; do # Search the libtool library - lib="$searchdir/lib${name}${search_ext}" + lib=$searchdir/lib$name$search_ext if test -f "$lib"; then - if test "$search_ext" = ".la"; then - found=yes + if test .la = "$search_ext"; then + found=: else - found=no + found=false fi break 2 fi done done - if test "$found" != yes; then - # deplib doesn't seem to be a libtool library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - else # deplib is a libtool library + if $found; then + # deplib is a libtool library # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, # We need to do some special things here, and not later. - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $deplib "*) if func_lalib_p "$lib"; then @@ -6224,19 +7630,19 @@ func_mode_link () old_library= func_source "$lib" for l in $old_library $library_names; do - ll="$l" + ll=$l done - if test "X$ll" = "X$old_library" ; then # only static version available - found=no + if test "X$ll" = "X$old_library"; then # only static version available + found=false func_dirname "$lib" "" "." - ladir="$func_dirname_result" + ladir=$func_dirname_result lib=$ladir/$old_library - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" + test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" fi continue fi @@ -6245,15 +7651,25 @@ func_mode_link () *) ;; esac fi + else + # deplib doesn't seem to be a libtool library + if test prog,link = "$linkmode,$pass"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" + fi + continue fi ;; # -l *.ltframework) - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" - if test "$linkmode" = lib ; then + if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; @@ -6266,18 +7682,18 @@ func_mode_link () case $linkmode in lib) deplibs="$deplib $deplibs" - test "$pass" = conv && continue + test conv = "$pass" && continue newdependency_libs="$deplib $newdependency_libs" func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result" func_append newlib_search_path " $func_resolve_sysroot_result" ;; prog) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi - if test "$pass" = scan; then + if test scan = "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" @@ -6288,13 +7704,13 @@ func_mode_link () func_append newlib_search_path " $func_resolve_sysroot_result" ;; *) - func_warning "\`-L' is ignored for archives/objects" + func_warning "'-L' is ignored for archives/objects" ;; esac # linkmode continue ;; # -L -R*) - if test "$pass" = link; then + if test link = "$pass"; then func_stripname '-R' '' "$deplib" func_resolve_sysroot "$func_stripname_result" dir=$func_resolve_sysroot_result @@ -6312,7 +7728,7 @@ func_mode_link () lib=$func_resolve_sysroot_result ;; *.$libext) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi @@ -6323,21 +7739,26 @@ func_mode_link () case " $dlpreconveniencelibs " in *" $deplib "*) ;; *) - valid_a_lib=no + valid_a_lib=false case $deplibs_check_method in match_pattern*) set dummy $deplibs_check_method; shift match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \ | $EGREP "$match_pattern_regex" > /dev/null; then - valid_a_lib=yes + valid_a_lib=: fi ;; pass_all) - valid_a_lib=yes + valid_a_lib=: ;; esac - if test "$valid_a_lib" != yes; then + if $valid_a_lib; then + echo + $ECHO "*** Warning: Linking the shared library $output against the" + $ECHO "*** static library $deplib is not portable!" + deplibs="$deplib $deplibs" + else echo $ECHO "*** Warning: Trying to link with static lib archive $deplib." echo "*** I have the capability to make that library automatically link in when" @@ -6345,18 +7766,13 @@ func_mode_link () echo "*** shared version of the library, which you do not appear to have" echo "*** because the file extensions .$libext of this argument makes me believe" echo "*** that it is just a static archive that I should not use here." - else - echo - $ECHO "*** Warning: Linking the shared library $output against the" - $ECHO "*** static library $deplib is not portable!" - deplibs="$deplib $deplibs" fi ;; esac continue ;; prog) - if test "$pass" != link; then + if test link != "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" @@ -6367,10 +7783,10 @@ func_mode_link () esac # linkmode ;; # *.$libext *.lo | *.$objext) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" - elif test "$linkmode" = prog; then - if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + elif test prog = "$linkmode"; then + if test dlpreopen = "$pass" || test yes != "$dlopen_support" || test no = "$build_libtool_libs"; then # If there is no dlopen support or we're linking statically, # we need to preload. func_append newdlprefiles " $deplib" @@ -6383,22 +7799,20 @@ func_mode_link () continue ;; %DEPLIBS%) - alldeplibs=yes + alldeplibs=: continue ;; esac # case $deplib - if test "$found" = yes || test -f "$lib"; then : - else - func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'" - fi + $found || test -f "$lib" \ + || func_fatal_error "cannot find the library '$lib' or unhandled argument '$deplib'" # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$lib" \ - || func_fatal_error "\`$lib' is not a valid libtool archive" + || func_fatal_error "'$lib' is not a valid libtool archive" func_dirname "$lib" "" "." - ladir="$func_dirname_result" + ladir=$func_dirname_result dlname= dlopen= @@ -6428,30 +7842,30 @@ func_mode_link () done fi dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan" || - { test "$linkmode" != prog && test "$linkmode" != lib; }; then + if test lib,link = "$linkmode,$pass" || + test prog,scan = "$linkmode,$pass" || + { test prog != "$linkmode" && test lib != "$linkmode"; }; then test -n "$dlopen" && func_append dlfiles " $dlopen" test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen" fi - if test "$pass" = conv; then + if test conv = "$pass"; then # Only check for convenience libraries deplibs="$lib $deplibs" if test -z "$libdir"; then if test -z "$old_library"; then - func_fatal_error "cannot find name of link library for \`$lib'" + func_fatal_error "cannot find name of link library for '$lib'" fi # It is a libtool convenience library, so add in its objects. func_append convenience " $ladir/$objdir/$old_library" func_append old_convenience " $ladir/$objdir/$old_library" - elif test "$linkmode" != prog && test "$linkmode" != lib; then - func_fatal_error "\`$lib' is not a convenience library" + elif test prog != "$linkmode" && test lib != "$linkmode"; then + func_fatal_error "'$lib' is not a convenience library" fi tmp_libs= for deplib in $dependency_libs; do deplibs="$deplib $deplibs" - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac @@ -6465,26 +7879,26 @@ func_mode_link () # Get the name of the library we link against. linklib= if test -n "$old_library" && - { test "$prefer_static_libs" = yes || - test "$prefer_static_libs,$installed" = "built,no"; }; then + { test yes = "$prefer_static_libs" || + test built,no = "$prefer_static_libs,$installed"; }; then linklib=$old_library else for l in $old_library $library_names; do - linklib="$l" + linklib=$l done fi if test -z "$linklib"; then - func_fatal_error "cannot find name of link library for \`$lib'" + func_fatal_error "cannot find name of link library for '$lib'" fi # This library was specified with -dlopen. - if test "$pass" = dlopen; then - if test -z "$libdir"; then - func_fatal_error "cannot -dlopen a convenience library: \`$lib'" - fi + if test dlopen = "$pass"; then + test -z "$libdir" \ + && func_fatal_error "cannot -dlopen a convenience library: '$lib'" if test -z "$dlname" || - test "$dlopen_support" != yes || - test "$build_libtool_libs" = no; then + test yes != "$dlopen_support" || + test no = "$build_libtool_libs" + then # If there is no dlname, no dlopen support or we're linking # statically, we need to preload. We also need to preload any # dependent libraries so libltdl's deplib preloader doesn't @@ -6498,40 +7912,40 @@ func_mode_link () # We need an absolute path. case $ladir in - [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs_ladir=$ladir ;; *) abs_ladir=`cd "$ladir" && pwd` if test -z "$abs_ladir"; then - func_warning "cannot determine absolute directory name of \`$ladir'" + func_warning "cannot determine absolute directory name of '$ladir'" func_warning "passing it literally to the linker, although it might fail" - abs_ladir="$ladir" + abs_ladir=$ladir fi ;; esac func_basename "$lib" - laname="$func_basename_result" + laname=$func_basename_result # Find the relevant object directory and library name. - if test "X$installed" = Xyes; then + if test yes = "$installed"; then if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then - func_warning "library \`$lib' was moved." - dir="$ladir" - absdir="$abs_ladir" - libdir="$abs_ladir" + func_warning "library '$lib' was moved." + dir=$ladir + absdir=$abs_ladir + libdir=$abs_ladir else - dir="$lt_sysroot$libdir" - absdir="$lt_sysroot$libdir" + dir=$lt_sysroot$libdir + absdir=$lt_sysroot$libdir fi - test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes + test yes = "$hardcode_automatic" && avoidtemprpath=yes else if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then - dir="$ladir" - absdir="$abs_ladir" + dir=$ladir + absdir=$abs_ladir # Remove this search path later func_append notinst_path " $abs_ladir" else - dir="$ladir/$objdir" - absdir="$abs_ladir/$objdir" + dir=$ladir/$objdir + absdir=$abs_ladir/$objdir # Remove this search path later func_append notinst_path " $abs_ladir" fi @@ -6540,11 +7954,11 @@ func_mode_link () name=$func_stripname_result # This library was specified with -dlpreopen. - if test "$pass" = dlpreopen; then - if test -z "$libdir" && test "$linkmode" = prog; then - func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'" + if test dlpreopen = "$pass"; then + if test -z "$libdir" && test prog = "$linkmode"; then + func_fatal_error "only libraries may -dlpreopen a convenience library: '$lib'" fi - case "$host" in + case $host in # special handling for platforms with PE-DLLs. *cygwin* | *mingw* | *cegcc* ) # Linker will automatically link against shared library if both @@ -6588,9 +8002,9 @@ func_mode_link () if test -z "$libdir"; then # Link the convenience library - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then deplibs="$dir/$old_library $deplibs" - elif test "$linkmode,$pass" = "prog,link"; then + elif test prog,link = "$linkmode,$pass"; then compile_deplibs="$dir/$old_library $compile_deplibs" finalize_deplibs="$dir/$old_library $finalize_deplibs" else @@ -6600,14 +8014,14 @@ func_mode_link () fi - if test "$linkmode" = prog && test "$pass" != link; then + if test prog = "$linkmode" && test link != "$pass"; then func_append newlib_search_path " $ladir" deplibs="$lib $deplibs" - linkalldeplibs=no - if test "$link_all_deplibs" != no || test -z "$library_names" || - test "$build_libtool_libs" = no; then - linkalldeplibs=yes + linkalldeplibs=false + if test no != "$link_all_deplibs" || test -z "$library_names" || + test no = "$build_libtool_libs"; then + linkalldeplibs=: fi tmp_libs= @@ -6619,14 +8033,14 @@ func_mode_link () ;; esac # Need to link against all dependency_libs? - if test "$linkalldeplibs" = yes; then + if $linkalldeplibs; then deplibs="$deplib $deplibs" else # Need to hardcode shared library paths # or/and link against static libraries newdependency_libs="$deplib $newdependency_libs" fi - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac @@ -6636,15 +8050,15 @@ func_mode_link () continue fi # $linkmode = prog... - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then if test -n "$library_names" && - { { test "$prefer_static_libs" = no || - test "$prefer_static_libs,$installed" = "built,yes"; } || + { { test no = "$prefer_static_libs" || + test built,yes = "$prefer_static_libs,$installed"; } || test -z "$old_library"; }; then # We need to hardcode the library path - if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then + if test -n "$shlibpath_var" && test -z "$avoidtemprpath"; then # Make sure the rpath contains only unique directories. - case "$temp_rpath:" in + case $temp_rpath: in *"$absdir:"*) ;; *) func_append temp_rpath "$absdir:" ;; esac @@ -6673,9 +8087,9 @@ func_mode_link () esac fi # $linkmode,$pass = prog,link... - if test "$alldeplibs" = yes && - { test "$deplibs_check_method" = pass_all || - { test "$build_libtool_libs" = yes && + if $alldeplibs && + { test pass_all = "$deplibs_check_method" || + { test yes = "$build_libtool_libs" && test -n "$library_names"; }; }; then # We only need to search for static libraries continue @@ -6684,19 +8098,19 @@ func_mode_link () link_static=no # Whether the deplib will be linked statically use_static_libs=$prefer_static_libs - if test "$use_static_libs" = built && test "$installed" = yes; then + if test built = "$use_static_libs" && test yes = "$installed"; then use_static_libs=no fi if test -n "$library_names" && - { test "$use_static_libs" = no || test -z "$old_library"; }; then + { test no = "$use_static_libs" || test -z "$old_library"; }; then case $host in - *cygwin* | *mingw* | *cegcc*) + *cygwin* | *mingw* | *cegcc* | *os2*) # No point in relinking DLLs because paths are not encoded func_append notinst_deplibs " $lib" need_relink=no ;; *) - if test "$installed" = no; then + if test no = "$installed"; then func_append notinst_deplibs " $lib" need_relink=yes fi @@ -6706,24 +8120,24 @@ func_mode_link () # Warn about portability, can't link against -module's on some # systems (darwin). Don't bleat about dlopened modules though! - dlopenmodule="" + dlopenmodule= for dlpremoduletest in $dlprefiles; do if test "X$dlpremoduletest" = "X$lib"; then - dlopenmodule="$dlpremoduletest" + dlopenmodule=$dlpremoduletest break fi done - if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then + if test -z "$dlopenmodule" && test yes = "$shouldnotlink" && test link = "$pass"; then echo - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then $ECHO "*** Warning: Linking the executable $output against the loadable module" else $ECHO "*** Warning: Linking the shared library $output against the loadable module" fi $ECHO "*** $linklib is not portable!" fi - if test "$linkmode" = lib && - test "$hardcode_into_libs" = yes; then + if test lib = "$linkmode" && + test yes = "$hardcode_into_libs"; then # Hardcode the library path. # Skip directories that are in the system default run-time # search path. @@ -6751,43 +8165,43 @@ func_mode_link () # figure out the soname set dummy $library_names shift - realname="$1" + realname=$1 shift libname=`eval "\\$ECHO \"$libname_spec\""` # use dlname if we got it. it's perfectly good, no? if test -n "$dlname"; then - soname="$dlname" + soname=$dlname elif test -n "$soname_spec"; then # bleh windows case $host in - *cygwin* | mingw* | *cegcc*) + *cygwin* | mingw* | *cegcc* | *os2*) func_arith $current - $age major=$func_arith_result - versuffix="-$major" + versuffix=-$major ;; esac eval soname=\"$soname_spec\" else - soname="$realname" + soname=$realname fi # Make a new name for the extract_expsyms_cmds to use - soroot="$soname" + soroot=$soname func_basename "$soroot" - soname="$func_basename_result" + soname=$func_basename_result func_stripname 'lib' '.dll' "$soname" newlib=libimp-$func_stripname_result.a # If the library has no export list, then create one now if test -f "$output_objdir/$soname-def"; then : else - func_verbose "extracting exported symbol list from \`$soname'" + func_verbose "extracting exported symbol list from '$soname'" func_execute_cmds "$extract_expsyms_cmds" 'exit $?' fi # Create $newlib if test -f "$output_objdir/$newlib"; then :; else - func_verbose "generating import library for \`$soname'" + func_verbose "generating import library for '$soname'" func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?' fi # make sure the library variables are pointing to the new library @@ -6795,58 +8209,58 @@ func_mode_link () linklib=$newlib fi # test -n "$old_archive_from_expsyms_cmds" - if test "$linkmode" = prog || test "$opt_mode" != relink; then + if test prog = "$linkmode" || test relink != "$opt_mode"; then add_shlibpath= add_dir= add= lib_linked=yes case $hardcode_action in immediate | unsupported) - if test "$hardcode_direct" = no; then - add="$dir/$linklib" + if test no = "$hardcode_direct"; then + add=$dir/$linklib case $host in - *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; - *-*-sysv4*uw2*) add_dir="-L$dir" ;; + *-*-sco3.2v5.0.[024]*) add_dir=-L$dir ;; + *-*-sysv4*uw2*) add_dir=-L$dir ;; *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ - *-*-unixware7*) add_dir="-L$dir" ;; + *-*-unixware7*) add_dir=-L$dir ;; *-*-darwin* ) - # if the lib is a (non-dlopened) module then we can not + # if the lib is a (non-dlopened) module then we cannot # link against it, someone is ignoring the earlier warnings if /usr/bin/file -L $add 2> /dev/null | - $GREP ": [^:]* bundle" >/dev/null ; then + $GREP ": [^:]* bundle" >/dev/null; then if test "X$dlopenmodule" != "X$lib"; then $ECHO "*** Warning: lib $linklib is a module, not a shared library" - if test -z "$old_library" ; then + if test -z "$old_library"; then echo echo "*** And there doesn't seem to be a static archive available" echo "*** The link will probably fail, sorry" else - add="$dir/$old_library" + add=$dir/$old_library fi elif test -n "$old_library"; then - add="$dir/$old_library" + add=$dir/$old_library fi fi esac - elif test "$hardcode_minus_L" = no; then + elif test no = "$hardcode_minus_L"; then case $host in - *-*-sunos*) add_shlibpath="$dir" ;; + *-*-sunos*) add_shlibpath=$dir ;; esac - add_dir="-L$dir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = no; then - add_shlibpath="$dir" - add="-l$name" + add_dir=-L$dir + add=-l$name + elif test no = "$hardcode_shlibpath_var"; then + add_shlibpath=$dir + add=-l$name else lib_linked=no fi ;; relink) - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$dir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$absdir" + if test yes = "$hardcode_direct" && + test no = "$hardcode_direct_absolute"; then + add=$dir/$linklib + elif test yes = "$hardcode_minus_L"; then + add_dir=-L$absdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -6855,10 +8269,10 @@ func_mode_link () ;; esac fi - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - add_shlibpath="$dir" - add="-l$name" + add=-l$name + elif test yes = "$hardcode_shlibpath_var"; then + add_shlibpath=$dir + add=-l$name else lib_linked=no fi @@ -6866,7 +8280,7 @@ func_mode_link () *) lib_linked=no ;; esac - if test "$lib_linked" != yes; then + if test yes != "$lib_linked"; then func_fatal_configuration "unsupported hardcode properties" fi @@ -6876,15 +8290,15 @@ func_mode_link () *) func_append compile_shlibpath "$add_shlibpath:" ;; esac fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" test -n "$add" && compile_deplibs="$add $compile_deplibs" else test -n "$add_dir" && deplibs="$add_dir $deplibs" test -n "$add" && deplibs="$add $deplibs" - if test "$hardcode_direct" != yes && - test "$hardcode_minus_L" != yes && - test "$hardcode_shlibpath_var" = yes; then + if test yes != "$hardcode_direct" && + test yes != "$hardcode_minus_L" && + test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; @@ -6893,33 +8307,33 @@ func_mode_link () fi fi - if test "$linkmode" = prog || test "$opt_mode" = relink; then + if test prog = "$linkmode" || test relink = "$opt_mode"; then add_shlibpath= add_dir= add= # Finalize command for both is simple: just hardcode it. - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$libdir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$libdir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then + if test yes = "$hardcode_direct" && + test no = "$hardcode_direct_absolute"; then + add=$libdir/$linklib + elif test yes = "$hardcode_minus_L"; then + add_dir=-L$libdir + add=-l$name + elif test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; esac - add="-l$name" - elif test "$hardcode_automatic" = yes; then + add=-l$name + elif test yes = "$hardcode_automatic"; then if test -n "$inst_prefix_dir" && - test -f "$inst_prefix_dir$libdir/$linklib" ; then - add="$inst_prefix_dir$libdir/$linklib" + test -f "$inst_prefix_dir$libdir/$linklib"; then + add=$inst_prefix_dir$libdir/$linklib else - add="$libdir/$linklib" + add=$libdir/$linklib fi else # We cannot seem to hardcode it, guess we'll fake it. - add_dir="-L$libdir" + add_dir=-L$libdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -6928,10 +8342,10 @@ func_mode_link () ;; esac fi - add="-l$name" + add=-l$name fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" test -n "$add" && finalize_deplibs="$add $finalize_deplibs" else @@ -6939,43 +8353,43 @@ func_mode_link () test -n "$add" && deplibs="$add $deplibs" fi fi - elif test "$linkmode" = prog; then + elif test prog = "$linkmode"; then # Here we assume that one of hardcode_direct or hardcode_minus_L # is not unsupported. This is valid on all known static and # shared platforms. - if test "$hardcode_direct" != unsupported; then - test -n "$old_library" && linklib="$old_library" + if test unsupported != "$hardcode_direct"; then + test -n "$old_library" && linklib=$old_library compile_deplibs="$dir/$linklib $compile_deplibs" finalize_deplibs="$dir/$linklib $finalize_deplibs" else compile_deplibs="-l$name -L$dir $compile_deplibs" finalize_deplibs="-l$name -L$dir $finalize_deplibs" fi - elif test "$build_libtool_libs" = yes; then + elif test yes = "$build_libtool_libs"; then # Not a shared library - if test "$deplibs_check_method" != pass_all; then + if test pass_all != "$deplibs_check_method"; then # We're trying link a shared library against a static one # but the system doesn't support it. # Just print a warning and add the library to dependency_libs so # that the program can be linked against the static library. echo - $ECHO "*** Warning: This system can not link to static lib archive $lib." + $ECHO "*** Warning: This system cannot link to static lib archive $lib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have." - if test "$module" = yes; then + if test yes = "$module"; then echo "*** But as you try to build a module library, libtool will still create " echo "*** a static module, that should work as long as the dlopening application" echo "*** is linked with the -dlopen flag to resolve symbols at runtime." if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." + echo "*** 'nm' from GNU binutils and a full rebuild may help." fi - if test "$build_old_libs" = no; then + if test no = "$build_old_libs"; then build_libtool_libs=module build_old_libs=yes else @@ -6988,11 +8402,11 @@ func_mode_link () fi fi # link shared/static library? - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then if test -n "$dependency_libs" && - { test "$hardcode_into_libs" != yes || - test "$build_old_libs" = yes || - test "$link_static" = yes; }; then + { test yes != "$hardcode_into_libs" || + test yes = "$build_old_libs" || + test yes = "$link_static"; }; then # Extract -R from dependency_libs temp_deplibs= for libdir in $dependency_libs; do @@ -7006,12 +8420,12 @@ func_mode_link () *) func_append temp_deplibs " $libdir";; esac done - dependency_libs="$temp_deplibs" + dependency_libs=$temp_deplibs fi func_append newlib_search_path " $absdir" # Link against this library - test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" + test no = "$link_static" && newdependency_libs="$abs_ladir/$laname $newdependency_libs" # ... and its dependency_libs tmp_libs= for deplib in $dependency_libs; do @@ -7021,7 +8435,7 @@ func_mode_link () func_resolve_sysroot "$func_stripname_result";; *) func_resolve_sysroot "$deplib" ;; esac - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $func_resolve_sysroot_result "*) func_append specialdeplibs " $func_resolve_sysroot_result" ;; @@ -7030,12 +8444,12 @@ func_mode_link () func_append tmp_libs " $func_resolve_sysroot_result" done - if test "$link_all_deplibs" != no; then + if test no != "$link_all_deplibs"; then # Add the search paths of all dependency libraries for deplib in $dependency_libs; do path= case $deplib in - -L*) path="$deplib" ;; + -L*) path=$deplib ;; *.la) func_resolve_sysroot "$deplib" deplib=$func_resolve_sysroot_result @@ -7043,12 +8457,12 @@ func_mode_link () dir=$func_dirname_result # We need an absolute path. case $dir in - [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; + [\\/]* | [A-Za-z]:[\\/]*) absdir=$dir ;; *) absdir=`cd "$dir" && pwd` if test -z "$absdir"; then - func_warning "cannot determine absolute directory name of \`$dir'" - absdir="$dir" + func_warning "cannot determine absolute directory name of '$dir'" + absdir=$dir fi ;; esac @@ -7056,35 +8470,35 @@ func_mode_link () case $host in *-*-darwin*) depdepl= - eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` - if test -n "$deplibrary_names" ; then - for tmp in $deplibrary_names ; do + eval deplibrary_names=`$SED -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` + if test -n "$deplibrary_names"; then + for tmp in $deplibrary_names; do depdepl=$tmp done - if test -f "$absdir/$objdir/$depdepl" ; then - depdepl="$absdir/$objdir/$depdepl" - darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + if test -f "$absdir/$objdir/$depdepl"; then + depdepl=$absdir/$objdir/$depdepl + darwin_install_name=`$OTOOL -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` if test -z "$darwin_install_name"; then - darwin_install_name=`${OTOOL64} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + darwin_install_name=`$OTOOL64 -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` fi - func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}" - func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}" + func_append compiler_flags " $wl-dylib_file $wl$darwin_install_name:$depdepl" + func_append linker_flags " -dylib_file $darwin_install_name:$depdepl" path= fi fi ;; *) - path="-L$absdir/$objdir" + path=-L$absdir/$objdir ;; esac else - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" + func_fatal_error "'$deplib' is not a valid libtool archive" test "$absdir" != "$libdir" && \ - func_warning "\`$deplib' seems to be moved" + func_warning "'$deplib' seems to be moved" - path="-L$absdir" + path=-L$absdir fi ;; esac @@ -7096,23 +8510,23 @@ func_mode_link () fi # link_all_deplibs != no fi # linkmode = lib done # for deplib in $libs - if test "$pass" = link; then - if test "$linkmode" = "prog"; then + if test link = "$pass"; then + if test prog = "$linkmode"; then compile_deplibs="$new_inherited_linker_flags $compile_deplibs" finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs" else compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` fi fi - dependency_libs="$newdependency_libs" - if test "$pass" = dlpreopen; then + dependency_libs=$newdependency_libs + if test dlpreopen = "$pass"; then # Link the dlpreopened libraries before other libraries for deplib in $save_deplibs; do deplibs="$deplib $deplibs" done fi - if test "$pass" != dlopen; then - if test "$pass" != conv; then + if test dlopen != "$pass"; then + test conv = "$pass" || { # Make sure lib_search_path contains only unique directories. lib_search_path= for dir in $newlib_search_path; do @@ -7122,12 +8536,12 @@ func_mode_link () esac done newlib_search_path= - fi + } - if test "$linkmode,$pass" != "prog,link"; then - vars="deplibs" - else + if test prog,link = "$linkmode,$pass"; then vars="compile_deplibs finalize_deplibs" + else + vars=deplibs fi for var in $vars dependency_libs; do # Add libraries to $var in reverse order @@ -7188,59 +8602,59 @@ func_mode_link () # Last step: remove runtime libs from dependency_libs # (they stay in deplibs) tmp_libs= - for i in $dependency_libs ; do + for i in $dependency_libs; do case " $predeps $postdeps $compiler_lib_search_path " in *" $i "*) - i="" + i= ;; esac - if test -n "$i" ; then + if test -n "$i"; then func_append tmp_libs " $i" fi done dependency_libs=$tmp_libs done # for pass - if test "$linkmode" = prog; then - dlfiles="$newdlfiles" + if test prog = "$linkmode"; then + dlfiles=$newdlfiles fi - if test "$linkmode" = prog || test "$linkmode" = lib; then - dlprefiles="$newdlprefiles" + if test prog = "$linkmode" || test lib = "$linkmode"; then + dlprefiles=$newdlprefiles fi case $linkmode in oldlib) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for archives" + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then + func_warning "'-dlopen' is ignored for archives" fi case " $deplibs" in *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for archives" ;; + func_warning "'-l' and '-L' are ignored for archives" ;; esac test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for archives" + func_warning "'-rpath' is ignored for archives" test -n "$xrpath" && \ - func_warning "\`-R' is ignored for archives" + func_warning "'-R' is ignored for archives" test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for archives" + func_warning "'-version-info/-version-number' is ignored for archives" test -n "$release" && \ - func_warning "\`-release' is ignored for archives" + func_warning "'-release' is ignored for archives" test -n "$export_symbols$export_symbols_regex" && \ - func_warning "\`-export-symbols' is ignored for archives" + func_warning "'-export-symbols' is ignored for archives" # Now set the variables for building old libraries. build_libtool_libs=no - oldlibs="$output" + oldlibs=$output func_append objs "$old_deplibs" ;; lib) - # Make sure we only generate libraries of the form `libNAME.la'. + # Make sure we only generate libraries of the form 'libNAME.la'. case $outputname in lib*) func_stripname 'lib' '.la' "$outputname" @@ -7249,10 +8663,10 @@ func_mode_link () eval libname=\"$libname_spec\" ;; *) - test "$module" = no && \ - func_fatal_help "libtool library \`$output' must begin with \`lib'" + test no = "$module" \ + && func_fatal_help "libtool library '$output' must begin with 'lib'" - if test "$need_lib_prefix" != no; then + if test no != "$need_lib_prefix"; then # Add the "lib" prefix for modules if required func_stripname '' '.la' "$outputname" name=$func_stripname_result @@ -7266,8 +8680,8 @@ func_mode_link () esac if test -n "$objs"; then - if test "$deplibs_check_method" != pass_all; then - func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs" + if test pass_all != "$deplibs_check_method"; then + func_fatal_error "cannot build libtool library '$output' from non-libtool objects on this host:$objs" else echo $ECHO "*** Warning: Linking the shared library $output against the non-libtool" @@ -7276,21 +8690,21 @@ func_mode_link () fi fi - test "$dlself" != no && \ - func_warning "\`-dlopen self' is ignored for libtool libraries" + test no = "$dlself" \ + || func_warning "'-dlopen self' is ignored for libtool libraries" set dummy $rpath shift - test "$#" -gt 1 && \ - func_warning "ignoring multiple \`-rpath's for a libtool library" + test 1 -lt "$#" \ + && func_warning "ignoring multiple '-rpath's for a libtool library" - install_libdir="$1" + install_libdir=$1 oldlibs= if test -z "$rpath"; then - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then # Building a libtool convenience library. - # Some compilers have problems with a `.al' extension so + # Some compilers have problems with a '.al' extension so # convenience libraries should have the same extension an # archive normally would. oldlibs="$output_objdir/$libname.$libext $oldlibs" @@ -7299,20 +8713,20 @@ func_mode_link () fi test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for convenience libraries" + func_warning "'-version-info/-version-number' is ignored for convenience libraries" test -n "$release" && \ - func_warning "\`-release' is ignored for convenience libraries" + func_warning "'-release' is ignored for convenience libraries" else # Parse the version information argument. - save_ifs="$IFS"; IFS=':' + save_ifs=$IFS; IFS=: set dummy $vinfo 0 0 0 shift - IFS="$save_ifs" + IFS=$save_ifs test -n "$7" && \ - func_fatal_help "too many parameters to \`-version-info'" + func_fatal_help "too many parameters to '-version-info'" # convert absolute version numbers to libtool ages # this retains compatibility with .la files and attempts @@ -7320,42 +8734,42 @@ func_mode_link () case $vinfo_number in yes) - number_major="$1" - number_minor="$2" - number_revision="$3" + number_major=$1 + number_minor=$2 + number_revision=$3 # # There are really only two kinds -- those that # use the current revision as the major version # and those that subtract age and use age as # a minor version. But, then there is irix - # which has an extra 1 added just for fun + # that has an extra 1 added just for fun # case $version_type in # correct linux to gnu/linux during the next big refactor - darwin|linux|osf|windows|none) + darwin|freebsd-elf|linux|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result - age="$number_minor" - revision="$number_revision" + age=$number_minor + revision=$number_revision ;; - freebsd-aout|freebsd-elf|qnx|sunos) - current="$number_major" - revision="$number_minor" - age="0" + freebsd-aout|qnx|sunos) + current=$number_major + revision=$number_minor + age=0 ;; irix|nonstopux) func_arith $number_major + $number_minor current=$func_arith_result - age="$number_minor" - revision="$number_minor" + age=$number_minor + revision=$number_minor lt_irix_increment=no ;; esac ;; no) - current="$1" - revision="$2" - age="$3" + current=$1 + revision=$2 + age=$3 ;; esac @@ -7363,30 +8777,30 @@ func_mode_link () case $current in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "CURRENT \`$current' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "CURRENT '$current' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac case $revision in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "REVISION \`$revision' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "REVISION '$revision' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac case $age in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "AGE \`$age' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "AGE '$age' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac if test "$age" -gt "$current"; then - func_error "AGE \`$age' is greater than the current interface number \`$current'" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "AGE '$age' is greater than the current interface number '$current'" + func_fatal_error "'$vinfo' is not valid version information" fi # Calculate the version variables. @@ -7401,26 +8815,36 @@ func_mode_link () # verstring for coding it into the library header func_arith $current - $age major=.$func_arith_result - versuffix="$major.$age.$revision" + versuffix=$major.$age.$revision # Darwin ld doesn't like 0 for these options... func_arith $current + 1 minor_current=$func_arith_result - xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" + xlcverstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + # On Darwin other compilers + case $CC in + nagfor*) + verstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" + ;; + *) + verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + ;; + esac ;; freebsd-aout) - major=".$current" - versuffix=".$current.$revision"; + major=.$current + versuffix=.$current.$revision ;; freebsd-elf) - major=".$current" - versuffix=".$current" + func_arith $current - $age + major=.$func_arith_result + versuffix=$major.$age.$revision ;; irix | nonstopux) - if test "X$lt_irix_increment" = "Xno"; then + if test no = "$lt_irix_increment"; then func_arith $current - $age else func_arith $current - $age + 1 @@ -7431,69 +8855,74 @@ func_mode_link () nonstopux) verstring_prefix=nonstopux ;; *) verstring_prefix=sgi ;; esac - verstring="$verstring_prefix$major.$revision" + verstring=$verstring_prefix$major.$revision # Add in all the interfaces that we are compatible with. loop=$revision - while test "$loop" -ne 0; do + while test 0 -ne "$loop"; do func_arith $revision - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result - verstring="$verstring_prefix$major.$iface:$verstring" + verstring=$verstring_prefix$major.$iface:$verstring done - # Before this point, $major must not contain `.'. + # Before this point, $major must not contain '.'. major=.$major - versuffix="$major.$revision" + versuffix=$major.$revision ;; linux) # correct to gnu/linux during the next big refactor func_arith $current - $age major=.$func_arith_result - versuffix="$major.$age.$revision" + versuffix=$major.$age.$revision ;; osf) func_arith $current - $age major=.$func_arith_result - versuffix=".$current.$age.$revision" - verstring="$current.$age.$revision" + versuffix=.$current.$age.$revision + verstring=$current.$age.$revision # Add in all the interfaces that we are compatible with. loop=$age - while test "$loop" -ne 0; do + while test 0 -ne "$loop"; do func_arith $current - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result - verstring="$verstring:${iface}.0" + verstring=$verstring:$iface.0 done # Make executables depend on our current version. - func_append verstring ":${current}.0" + func_append verstring ":$current.0" ;; qnx) - major=".$current" - versuffix=".$current" + major=.$current + versuffix=.$current + ;; + + sco) + major=.$current + versuffix=.$current ;; sunos) - major=".$current" - versuffix=".$current.$revision" + major=.$current + versuffix=.$current.$revision ;; windows) # Use '-' rather than '.', since we only want one - # extension on DOS 8.3 filesystems. + # extension on DOS 8.3 file systems. func_arith $current - $age major=$func_arith_result - versuffix="-$major" + versuffix=-$major ;; *) - func_fatal_configuration "unknown library version type \`$version_type'" + func_fatal_configuration "unknown library version type '$version_type'" ;; esac @@ -7507,42 +8936,45 @@ func_mode_link () verstring= ;; *) - verstring="0.0" + verstring=0.0 ;; esac - if test "$need_version" = no; then + if test no = "$need_version"; then versuffix= else - versuffix=".0.0" + versuffix=.0.0 fi fi # Remove version info from name if versioning should be avoided - if test "$avoid_version" = yes && test "$need_version" = no; then + if test yes,no = "$avoid_version,$need_version"; then major= versuffix= - verstring="" + verstring= fi # Check to see if the archive will have undefined symbols. - if test "$allow_undefined" = yes; then - if test "$allow_undefined_flag" = unsupported; then - func_warning "undefined symbols not allowed in $host shared libraries" - build_libtool_libs=no - build_old_libs=yes + if test yes = "$allow_undefined"; then + if test unsupported = "$allow_undefined_flag"; then + if test yes = "$build_old_libs"; then + func_warning "undefined symbols not allowed in $host shared libraries; building static only" + build_libtool_libs=no + else + func_fatal_error "can't build $host shared library unless -no-undefined is specified" + fi fi else # Don't allow undefined symbols. - allow_undefined_flag="$no_undefined_flag" + allow_undefined_flag=$no_undefined_flag fi fi - func_generate_dlsyms "$libname" "$libname" "yes" + func_generate_dlsyms "$libname" "$libname" : func_append libobjs " $symfileobj" - test "X$libobjs" = "X " && libobjs= + test " " = "$libobjs" && libobjs= - if test "$opt_mode" != relink; then + if test relink != "$opt_mode"; then # Remove our outputs, but don't remove object files since they # may have been created when compiling PIC objects. removelist= @@ -7551,8 +8983,8 @@ func_mode_link () case $p in *.$objext | *.gcno) ;; - $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) - if test "X$precious_files_regex" != "X"; then + $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/$libname$release.*) + if test -n "$precious_files_regex"; then if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 then continue @@ -7568,11 +9000,11 @@ func_mode_link () fi # Now set the variables for building old libraries. - if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then + if test yes = "$build_old_libs" && test convenience != "$build_libtool_libs"; then func_append oldlibs " $output_objdir/$libname.$libext" # Transform .lo files to .o files. - oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP` + oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; $lo2o" | $NL2SP` fi # Eliminate all temporary directories. @@ -7593,13 +9025,13 @@ func_mode_link () *) func_append finalize_rpath " $libdir" ;; esac done - if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then + if test yes != "$hardcode_into_libs" || test yes = "$build_old_libs"; then dependency_libs="$temp_xrpath $dependency_libs" fi fi # Make sure dlfiles contains only unique files that won't be dlpreopened - old_dlfiles="$dlfiles" + old_dlfiles=$dlfiles dlfiles= for lib in $old_dlfiles; do case " $dlprefiles $dlfiles " in @@ -7609,7 +9041,7 @@ func_mode_link () done # Make sure dlprefiles contains only unique files - old_dlprefiles="$dlprefiles" + old_dlprefiles=$dlprefiles dlprefiles= for lib in $old_dlprefiles; do case "$dlprefiles " in @@ -7618,7 +9050,7 @@ func_mode_link () esac done - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then if test -n "$rpath"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*) @@ -7642,7 +9074,7 @@ func_mode_link () ;; *) # Add libc to deplibs on all other systems if necessary. - if test "$build_libtool_need_lc" = "yes"; then + if test yes = "$build_libtool_need_lc"; then func_append deplibs " -lc" fi ;; @@ -7658,9 +9090,9 @@ func_mode_link () # I'm not sure if I'm treating the release correctly. I think # release should show up in the -l (ie -lgmp5) so we don't want to # add it in twice. Is that correct? - release="" - versuffix="" - major="" + release= + versuffix= + major= newdeplibs= droppeddeps=no case $deplibs_check_method in @@ -7689,20 +9121,20 @@ EOF -l*) func_stripname -l '' "$i" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $i "*) func_append newdeplibs " $i" - i="" + i= ;; esac fi - if test -n "$i" ; then + if test -n "$i"; then libname=`eval "\\$ECHO \"$libname_spec\""` deplib_matches=`eval "\\$ECHO \"$library_names_spec\""` set dummy $deplib_matches; shift deplib_match=$1 - if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then func_append newdeplibs " $i" else droppeddeps=yes @@ -7732,20 +9164,20 @@ EOF $opt_dry_run || $RM conftest if $LTCC $LTCFLAGS -o conftest conftest.c $i; then ldd_output=`ldd conftest` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $i "*) func_append newdeplibs " $i" - i="" + i= ;; esac fi - if test -n "$i" ; then + if test -n "$i"; then libname=`eval "\\$ECHO \"$libname_spec\""` deplib_matches=`eval "\\$ECHO \"$library_names_spec\""` set dummy $deplib_matches; shift deplib_match=$1 - if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then func_append newdeplibs " $i" else droppeddeps=yes @@ -7782,24 +9214,24 @@ EOF -l*) func_stripname -l '' "$a_deplib" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $a_deplib "*) func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= ;; esac fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then libname=`eval "\\$ECHO \"$libname_spec\""` if test -n "$file_magic_glob"; then libnameglob=`func_echo_all "$libname" | $SED -e $file_magic_glob` else libnameglob=$libname fi - test "$want_nocaseglob" = yes && nocaseglob=`shopt -p nocaseglob` + test yes = "$want_nocaseglob" && nocaseglob=`shopt -p nocaseglob` for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do - if test "$want_nocaseglob" = yes; then + if test yes = "$want_nocaseglob"; then shopt -s nocaseglob potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` $nocaseglob @@ -7817,25 +9249,25 @@ EOF # We might still enter an endless loop, since a link # loop can be closed while we follow links, # but so what? - potlib="$potent_lib" + potlib=$potent_lib while test -h "$potlib" 2>/dev/null; do - potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'` + potliblink=`ls -ld $potlib | $SED 's/.* -> //'` case $potliblink in - [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; - *) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";; + [\\/]* | [A-Za-z]:[\\/]*) potlib=$potliblink;; + *) potlib=`$ECHO "$potlib" | $SED 's|[^/]*$||'`"$potliblink";; esac done if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | $SED -e 10q | $EGREP "$file_magic_regex" > /dev/null; then func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= break 2 fi done done fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." @@ -7843,7 +9275,7 @@ EOF echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then + if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for file magic test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" @@ -7866,30 +9298,30 @@ EOF -l*) func_stripname -l '' "$a_deplib" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $a_deplib "*) func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= ;; esac fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then libname=`eval "\\$ECHO \"$libname_spec\""` for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do potential_libs=`ls $i/$libname[.-]* 2>/dev/null` for potent_lib in $potential_libs; do - potlib="$potent_lib" # see symlink-check above in file_magic test + potlib=$potent_lib # see symlink-check above in file_magic test if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ $EGREP "$match_pattern_regex" > /dev/null; then func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= break 2 fi done done fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." @@ -7897,7 +9329,7 @@ EOF echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then + if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" @@ -7913,18 +9345,18 @@ EOF done # Gone through all deplibs. ;; none | unknown | *) - newdeplibs="" + newdeplibs= tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - for i in $predeps $postdeps ; do + if test yes = "$allow_libtool_libs_with_static_runtimes"; then + for i in $predeps $postdeps; do # can't use Xsed below, because $i might contain '/' - tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"` + tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s|$i||"` done fi case $tmp_deplibs in *[!\ \ ]*) echo - if test "X$deplibs_check_method" = "Xnone"; then + if test none = "$deplibs_check_method"; then echo "*** Warning: inter-library dependencies are not supported in this platform." else echo "*** Warning: inter-library dependencies are not known to be supported." @@ -7948,8 +9380,8 @@ EOF ;; esac - if test "$droppeddeps" = yes; then - if test "$module" = yes; then + if test yes = "$droppeddeps"; then + if test yes = "$module"; then echo echo "*** Warning: libtool could not satisfy all declared inter-library" $ECHO "*** dependencies of module $libname. Therefore, libtool will create" @@ -7958,12 +9390,12 @@ EOF if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." + echo "*** 'nm' from GNU binutils and a full rebuild may help." fi - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" + if test no = "$build_old_libs"; then + oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else @@ -7974,14 +9406,14 @@ EOF echo "*** automatically added whenever a program is linked with this library" echo "*** or is declared to -dlopen it." - if test "$allow_undefined" = no; then + if test no = "$allow_undefined"; then echo echo "*** Since this library must not contain undefined symbols," echo "*** because either the platform does not support them or" echo "*** it was explicitly requested with -no-undefined," echo "*** libtool will only create a static version of it." - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" + if test no = "$build_old_libs"; then + oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else @@ -8027,7 +9459,7 @@ EOF *) func_append new_libs " $deplib" ;; esac done - deplibs="$new_libs" + deplibs=$new_libs # All the library-specific variables (install_libdir is set above). library_names= @@ -8035,25 +9467,25 @@ EOF dlname= # Test again, we may have decided not to build it any more - if test "$build_libtool_libs" = yes; then - # Remove ${wl} instances when linking with ld. + if test yes = "$build_libtool_libs"; then + # Remove $wl instances when linking with ld. # FIXME: should test the right _cmds variable. case $archive_cmds in *\$LD\ *) wl= ;; esac - if test "$hardcode_into_libs" = yes; then + if test yes = "$hardcode_into_libs"; then # Hardcode the library paths hardcode_libdirs= dep_rpath= - rpath="$finalize_rpath" - test "$opt_mode" != relink && rpath="$compile_rpath$rpath" + rpath=$finalize_rpath + test relink = "$opt_mode" || rpath=$compile_rpath$rpath for libdir in $rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then func_replace_sysroot "$libdir" libdir=$func_replace_sysroot_result if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8078,7 +9510,7 @@ EOF # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" fi if test -n "$runpath_var" && test -n "$perm_rpath"; then @@ -8092,8 +9524,8 @@ EOF test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" fi - shlibpath="$finalize_shlibpath" - test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath" + shlibpath=$finalize_shlibpath + test relink = "$opt_mode" || shlibpath=$compile_shlibpath$shlibpath if test -n "$shlibpath"; then eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" fi @@ -8103,19 +9535,19 @@ EOF eval library_names=\"$library_names_spec\" set dummy $library_names shift - realname="$1" + realname=$1 shift if test -n "$soname_spec"; then eval soname=\"$soname_spec\" else - soname="$realname" + soname=$realname fi if test -z "$dlname"; then dlname=$soname fi - lib="$output_objdir/$realname" + lib=$output_objdir/$realname linknames= for link do @@ -8129,7 +9561,7 @@ EOF delfiles= if test -n "$export_symbols" && test -n "$include_expsyms"; then $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" - export_symbols="$output_objdir/$libname.uexp" + export_symbols=$output_objdir/$libname.uexp func_append delfiles " $export_symbols" fi @@ -8138,31 +9570,31 @@ EOF cygwin* | mingw* | cegcc*) if test -n "$export_symbols" && test -z "$export_symbols_regex"; then # exporting using user supplied symfile - if test "x`$SED 1q $export_symbols`" != xEXPORTS; then + func_dll_def_p "$export_symbols" || { # and it's NOT already a .def file. Must figure out # which of the given symbols are data symbols and tag # them as such. So, trigger use of export_symbols_cmds. # export_symbols gets reassigned inside the "prepare # the list of exported symbols" if statement, so the # include_expsyms logic still works. - orig_export_symbols="$export_symbols" + orig_export_symbols=$export_symbols export_symbols= always_export_symbols=yes - fi + } fi ;; esac # Prepare the list of exported symbols if test -z "$export_symbols"; then - if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" + if test yes = "$always_export_symbols" || test -n "$export_symbols_regex"; then + func_verbose "generating symbol list for '$libname.la'" + export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols cmds=$export_symbols_cmds - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd1 in $cmds; do - IFS="$save_ifs" + IFS=$save_ifs # Take the normal branch if the nm_file_list_spec branch # doesn't work or if tool conversion is not needed. case $nm_file_list_spec~$to_tool_file_cmd in @@ -8176,7 +9608,7 @@ EOF try_normal_branch=no ;; esac - if test "$try_normal_branch" = yes \ + if test yes = "$try_normal_branch" \ && { test "$len" -lt "$max_cmd_len" \ || test "$max_cmd_len" -le -1; } then @@ -8187,7 +9619,7 @@ EOF output_la=$func_basename_result save_libobjs=$libobjs save_output=$output - output=${output_objdir}/${output_la}.nm + output=$output_objdir/$output_la.nm func_to_tool_file "$output" libobjs=$nm_file_list_spec$func_to_tool_file_result func_append delfiles " $output" @@ -8210,8 +9642,8 @@ EOF break fi done - IFS="$save_ifs" - if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then + IFS=$save_ifs + if test -n "$export_symbols_regex" && test : != "$skipped_export"; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' func_show_eval '$MV "${export_symbols}T" "$export_symbols"' fi @@ -8219,16 +9651,16 @@ EOF fi if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + tmp_export_symbols=$export_symbols + test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi - if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then + if test : != "$skipped_export" && test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine + # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. @@ -8247,11 +9679,11 @@ EOF ;; esac done - deplibs="$tmp_deplibs" + deplibs=$tmp_deplibs if test -n "$convenience"; then if test -n "$whole_archive_flag_spec" && - test "$compiler_needs_object" = yes && + test yes = "$compiler_needs_object" && test -z "$libobjs"; then # extract the archives, so we have objects to list. # TODO: could optimize this to just extract one archive. @@ -8262,7 +9694,7 @@ EOF eval libobjs=\"\$libobjs $whole_archive_flag_spec\" test "X$libobjs" = "X " && libobjs= else - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $convenience @@ -8271,18 +9703,18 @@ EOF fi fi - if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then + if test yes = "$thread_safe" && test -n "$thread_safe_flag_spec"; then eval flag=\"$thread_safe_flag_spec\" func_append linker_flags " $flag" fi # Make a backup of the uninstalled library when relinking - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? fi # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then + if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then eval test_cmds=\"$module_expsym_cmds\" cmds=$module_expsym_cmds @@ -8300,7 +9732,7 @@ EOF fi fi - if test "X$skipped_export" != "X:" && + if test : != "$skipped_export" && func_len " $test_cmds" && len=$func_len_result && test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then @@ -8333,8 +9765,8 @@ EOF last_robj= k=1 - if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then - output=${output_objdir}/${output_la}.lnkscript + if test -n "$save_libobjs" && test : != "$skipped_export" && test yes = "$with_gnu_ld"; then + output=$output_objdir/$output_la.lnkscript func_verbose "creating GNU ld script: $output" echo 'INPUT (' > $output for obj in $save_libobjs @@ -8346,14 +9778,14 @@ EOF func_append delfiles " $output" func_to_tool_file "$output" output=$func_to_tool_file_result - elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then - output=${output_objdir}/${output_la}.lnk + elif test -n "$save_libobjs" && test : != "$skipped_export" && test -n "$file_list_spec"; then + output=$output_objdir/$output_la.lnk func_verbose "creating linker input file list: $output" : > $output set x $save_libobjs shift firstobj= - if test "$compiler_needs_object" = yes; then + if test yes = "$compiler_needs_object"; then firstobj="$1 " shift fi @@ -8368,7 +9800,7 @@ EOF else if test -n "$save_libobjs"; then func_verbose "creating reloadable object files..." - output=$output_objdir/$output_la-${k}.$objext + output=$output_objdir/$output_la-$k.$objext eval test_cmds=\"$reload_cmds\" func_len " $test_cmds" len0=$func_len_result @@ -8380,13 +9812,13 @@ EOF func_len " $obj" func_arith $len + $func_len_result len=$func_arith_result - if test "X$objlist" = X || + if test -z "$objlist" || test "$len" -lt "$max_cmd_len"; then func_append objlist " $obj" else # The command $test_cmds is almost too long, add a # command to the queue. - if test "$k" -eq 1 ; then + if test 1 -eq "$k"; then # The first file doesn't have a previous command to add. reload_objs=$objlist eval concat_cmds=\"$reload_cmds\" @@ -8396,10 +9828,10 @@ EOF reload_objs="$objlist $last_robj" eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\" fi - last_robj=$output_objdir/$output_la-${k}.$objext + last_robj=$output_objdir/$output_la-$k.$objext func_arith $k + 1 k=$func_arith_result - output=$output_objdir/$output_la-${k}.$objext + output=$output_objdir/$output_la-$k.$objext objlist=" $obj" func_len " $last_robj" func_arith $len0 + $func_len_result @@ -8411,9 +9843,9 @@ EOF # files will link in the last one created. test -z "$concat_cmds" || concat_cmds=$concat_cmds~ reload_objs="$objlist $last_robj" - eval concat_cmds=\"\${concat_cmds}$reload_cmds\" + eval concat_cmds=\"\$concat_cmds$reload_cmds\" if test -n "$last_robj"; then - eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\" + eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi func_append delfiles " $output" @@ -8421,9 +9853,9 @@ EOF output= fi - if ${skipped_export-false}; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" + ${skipped_export-false} && { + func_verbose "generating symbol list for '$libname.la'" + export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols libobjs=$output # Append the command to create the export file. @@ -8432,16 +9864,16 @@ EOF if test -n "$last_robj"; then eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi - fi + } test -n "$save_libobjs" && func_verbose "creating a temporary reloadable object file: $output" # Loop through the commands generated above and execute them. - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd in $concat_cmds; do - IFS="$save_ifs" - $opt_silent || { + IFS=$save_ifs + $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } @@ -8449,7 +9881,7 @@ EOF lt_exit=$? # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -8458,7 +9890,7 @@ EOF exit $lt_exit } done - IFS="$save_ifs" + IFS=$save_ifs if test -n "$export_symbols_regex" && ${skipped_export-false}; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' @@ -8466,18 +9898,18 @@ EOF fi fi - if ${skipped_export-false}; then + ${skipped_export-false} && { if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + tmp_export_symbols=$export_symbols + test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi if test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine + # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. @@ -8486,7 +9918,7 @@ EOF export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi - fi + } libobjs=$output # Restore the value of output. @@ -8500,7 +9932,7 @@ EOF # value of $libobjs for piecewise linking. # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then + if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then cmds=$module_expsym_cmds else @@ -8522,7 +9954,7 @@ EOF # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles @@ -8530,11 +9962,12 @@ EOF test "X$libobjs" = "X " && libobjs= fi - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd in $cmds; do - IFS="$save_ifs" + IFS=$sp$nl eval cmd=\"$cmd\" - $opt_silent || { + IFS=$save_ifs + $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } @@ -8542,7 +9975,7 @@ EOF lt_exit=$? # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -8551,10 +9984,10 @@ EOF exit $lt_exit } done - IFS="$save_ifs" + IFS=$save_ifs # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? if test -n "$convenience"; then @@ -8574,39 +10007,39 @@ EOF done # If -module or -export-dynamic was specified, set the dlname. - if test "$module" = yes || test "$export_dynamic" = yes; then + if test yes = "$module" || test yes = "$export_dynamic"; then # On all known operating systems, these are identical. - dlname="$soname" + dlname=$soname fi fi ;; obj) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for objects" + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then + func_warning "'-dlopen' is ignored for objects" fi case " $deplibs" in *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for objects" ;; + func_warning "'-l' and '-L' are ignored for objects" ;; esac test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for objects" + func_warning "'-rpath' is ignored for objects" test -n "$xrpath" && \ - func_warning "\`-R' is ignored for objects" + func_warning "'-R' is ignored for objects" test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for objects" + func_warning "'-version-info' is ignored for objects" test -n "$release" && \ - func_warning "\`-release' is ignored for objects" + func_warning "'-release' is ignored for objects" case $output in *.lo) test -n "$objs$old_deplibs" && \ - func_fatal_error "cannot build library object \`$output' from non-libtool objects" + func_fatal_error "cannot build library object '$output' from non-libtool objects" libobj=$output func_lo2o "$libobj" @@ -8614,7 +10047,7 @@ EOF ;; *) libobj= - obj="$output" + obj=$output ;; esac @@ -8627,17 +10060,19 @@ EOF # the extraction. reload_conv_objs= gentop= - # reload_cmds runs $LD directly, so let us get rid of - # -Wl from whole_archive_flag_spec and hope we can get by with - # turning comma into space.. - wl= - + # if reload_cmds runs $LD directly, get rid of -Wl from + # whole_archive_flag_spec and hope we can get by with turning comma + # into space. + case $reload_cmds in + *\$LD[\ \$]*) wl= ;; + esac if test -n "$convenience"; then if test -n "$whole_archive_flag_spec"; then eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" - reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` + test -n "$wl" || tmp_whole_archive_flags=`$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` + reload_conv_objs=$reload_objs\ $tmp_whole_archive_flags else - gentop="$output_objdir/${obj}x" + gentop=$output_objdir/${obj}x func_append generated " $gentop" func_extract_archives $gentop $convenience @@ -8646,12 +10081,12 @@ EOF fi # If we're not building shared, we need to use non_pic_objs - test "$build_libtool_libs" != yes && libobjs="$non_pic_objects" + test yes = "$build_libtool_libs" || libobjs=$non_pic_objects # Create the old-style object. - reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test + reload_objs=$objs$old_deplibs' '`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; /\.lib$/d; $lo2o" | $NL2SP`' '$reload_conv_objs - output="$obj" + output=$obj func_execute_cmds "$reload_cmds" 'exit $?' # Exit if we aren't doing a library object file. @@ -8663,7 +10098,7 @@ EOF exit $EXIT_SUCCESS fi - if test "$build_libtool_libs" != yes; then + test yes = "$build_libtool_libs" || { if test -n "$gentop"; then func_show_eval '${RM}r "$gentop"' fi @@ -8673,12 +10108,12 @@ EOF # $show "echo timestamp > $libobj" # $opt_dry_run || eval "echo timestamp > $libobj" || exit $? exit $EXIT_SUCCESS - fi + } - if test -n "$pic_flag" || test "$pic_mode" != default; then + if test -n "$pic_flag" || test default != "$pic_mode"; then # Only do commands if we really have different PIC objects. reload_objs="$libobjs $reload_conv_objs" - output="$libobj" + output=$libobj func_execute_cmds "$reload_cmds" 'exit $?' fi @@ -8695,16 +10130,14 @@ EOF output=$func_stripname_result.exe;; esac test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for programs" + func_warning "'-version-info' is ignored for programs" test -n "$release" && \ - func_warning "\`-release' is ignored for programs" + func_warning "'-release' is ignored for programs" - test "$preload" = yes \ - && test "$dlopen_support" = unknown \ - && test "$dlopen_self" = unknown \ - && test "$dlopen_self_static" = unknown && \ - func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support." + $preload \ + && test unknown,unknown,unknown = "$dlopen_support,$dlopen_self,$dlopen_self_static" \ + && func_warning "'LT_INIT([dlopen])' not used. Assuming no dlopen support." case $host in *-*-rhapsody* | *-*-darwin1.[012]) @@ -8718,11 +10151,11 @@ EOF *-*-darwin*) # Don't allow lazy linking, it breaks C++ global constructors # But is supposedly fixed on 10.4 or later (yay!). - if test "$tagname" = CXX ; then + if test CXX = "$tagname"; then case ${MACOSX_DEPLOYMENT_TARGET-10.0} in 10.[0123]) - func_append compile_command " ${wl}-bind_at_load" - func_append finalize_command " ${wl}-bind_at_load" + func_append compile_command " $wl-bind_at_load" + func_append finalize_command " $wl-bind_at_load" ;; esac fi @@ -8758,7 +10191,7 @@ EOF *) func_append new_libs " $deplib" ;; esac done - compile_deplibs="$new_libs" + compile_deplibs=$new_libs func_append compile_command " $compile_deplibs" @@ -8782,7 +10215,7 @@ EOF if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8805,7 +10238,7 @@ EOF fi case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) - testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'` + testbindir=`$ECHO "$libdir" | $SED -e 's*/lib$*/bin*'` case :$dllsearchpath: in *":$libdir:"*) ;; ::) dllsearchpath=$libdir;; @@ -8822,10 +10255,10 @@ EOF # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi - compile_rpath="$rpath" + compile_rpath=$rpath rpath= hardcode_libdirs= @@ -8833,7 +10266,7 @@ EOF if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8858,45 +10291,43 @@ EOF # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi - finalize_rpath="$rpath" + finalize_rpath=$rpath - if test -n "$libobjs" && test "$build_old_libs" = yes; then + if test -n "$libobjs" && test yes = "$build_old_libs"; then # Transform all the library objects into standard objects. compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP` finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP` fi - func_generate_dlsyms "$outputname" "@PROGRAM@" "no" + func_generate_dlsyms "$outputname" "@PROGRAM@" false # template prelinking step if test -n "$prelink_cmds"; then func_execute_cmds "$prelink_cmds" 'exit $?' fi - wrappers_required=yes + wrappers_required=: case $host in *cegcc* | *mingw32ce*) # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway. - wrappers_required=no + wrappers_required=false ;; *cygwin* | *mingw* ) - if test "$build_libtool_libs" != yes; then - wrappers_required=no - fi + test yes = "$build_libtool_libs" || wrappers_required=false ;; *) - if test "$need_relink" = no || test "$build_libtool_libs" != yes; then - wrappers_required=no + if test no = "$need_relink" || test yes != "$build_libtool_libs"; then + wrappers_required=false fi ;; esac - if test "$wrappers_required" = no; then + $wrappers_required || { # Replace the output file specification. compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'` - link_command="$compile_command$compile_rpath" + link_command=$compile_command$compile_rpath # We have no uninstalled library dependencies, so finalize right now. exit_status=0 @@ -8909,12 +10340,12 @@ EOF fi # Delete the generated files. - if test -f "$output_objdir/${outputname}S.${objext}"; then - func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"' + if test -f "$output_objdir/${outputname}S.$objext"; then + func_show_eval '$RM "$output_objdir/${outputname}S.$objext"' fi exit $exit_status - fi + } if test -n "$compile_shlibpath$finalize_shlibpath"; then compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" @@ -8944,9 +10375,9 @@ EOF fi fi - if test "$no_install" = yes; then + if test yes = "$no_install"; then # We don't need to create a wrapper script. - link_command="$compile_var$compile_command$compile_rpath" + link_command=$compile_var$compile_command$compile_rpath # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'` # Delete the old output file. @@ -8963,27 +10394,28 @@ EOF exit $EXIT_SUCCESS fi - if test "$hardcode_action" = relink; then - # Fast installation is not supported - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" + case $hardcode_action,$fast_install in + relink,*) + # Fast installation is not supported + link_command=$compile_var$compile_command$compile_rpath + relink_command=$finalize_var$finalize_command$finalize_rpath - func_warning "this platform does not like uninstalled shared libraries" - func_warning "\`$output' will be relinked during installation" - else - if test "$fast_install" != no; then - link_command="$finalize_var$compile_command$finalize_rpath" - if test "$fast_install" = yes; then - relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` - else - # fast_install is set to needless - relink_command= - fi - else - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - fi - fi + func_warning "this platform does not like uninstalled shared libraries" + func_warning "'$output' will be relinked during installation" + ;; + *,yes) + link_command=$finalize_var$compile_command$finalize_rpath + relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` + ;; + *,no) + link_command=$compile_var$compile_command$compile_rpath + relink_command=$finalize_var$finalize_command$finalize_rpath + ;; + *,needless) + link_command=$finalize_var$compile_command$finalize_rpath + relink_command= + ;; + esac # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` @@ -9040,8 +10472,8 @@ EOF func_dirname_and_basename "$output" "" "." output_name=$func_basename_result output_path=$func_dirname_result - cwrappersource="$output_path/$objdir/lt-$output_name.c" - cwrapper="$output_path/$output_name.exe" + cwrappersource=$output_path/$objdir/lt-$output_name.c + cwrapper=$output_path/$output_name.exe $RM $cwrappersource $cwrapper trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 @@ -9062,7 +10494,7 @@ EOF trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15 $opt_dry_run || { # note: this script will not be executed, so do not chmod. - if test "x$build" = "x$host" ; then + if test "x$build" = "x$host"; then $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result else func_emit_wrapper no > $func_ltwrapper_scriptname_result @@ -9085,25 +10517,27 @@ EOF # See if we need to build an old-fashioned archive. for oldlib in $oldlibs; do - if test "$build_libtool_libs" = convenience; then - oldobjs="$libobjs_save $symfileobj" - addlibs="$convenience" - build_libtool_libs=no - else - if test "$build_libtool_libs" = module; then - oldobjs="$libobjs_save" + case $build_libtool_libs in + convenience) + oldobjs="$libobjs_save $symfileobj" + addlibs=$convenience build_libtool_libs=no - else + ;; + module) + oldobjs=$libobjs_save + addlibs=$old_convenience + build_libtool_libs=no + ;; + *) oldobjs="$old_deplibs $non_pic_objects" - if test "$preload" = yes && test -f "$symfileobj"; then - func_append oldobjs " $symfileobj" - fi - fi - addlibs="$old_convenience" - fi + $preload && test -f "$symfileobj" \ + && func_append oldobjs " $symfileobj" + addlibs=$old_convenience + ;; + esac if test -n "$addlibs"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $addlibs @@ -9111,13 +10545,13 @@ EOF fi # Do each command in the archive commands. - if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then + if test -n "$old_archive_from_new_cmds" && test yes = "$build_libtool_libs"; then cmds=$old_archive_from_new_cmds else # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles @@ -9138,7 +10572,7 @@ EOF : else echo "copying selected object files to avoid basename conflicts..." - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_mkdir_p "$gentop" save_oldobjs=$oldobjs @@ -9147,7 +10581,7 @@ EOF for obj in $save_oldobjs do func_basename "$obj" - objbase="$func_basename_result" + objbase=$func_basename_result case " $oldobjs " in " ") oldobjs=$obj ;; *[\ /]"$objbase "*) @@ -9216,18 +10650,18 @@ EOF else # the above command should be used before it gets too long oldobjs=$objlist - if test "$obj" = "$last_oldobj" ; then + if test "$obj" = "$last_oldobj"; then RANLIB=$save_RANLIB fi test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" + eval concat_cmds=\"\$concat_cmds$old_archive_cmds\" objlist= len=$len0 fi done RANLIB=$save_RANLIB oldobjs=$objlist - if test "X$oldobjs" = "X" ; then + if test -z "$oldobjs"; then eval cmds=\"\$concat_cmds\" else eval cmds=\"\$concat_cmds~\$old_archive_cmds\" @@ -9244,7 +10678,7 @@ EOF case $output in *.la) old_library= - test "$build_old_libs" = yes && old_library="$libname.$libext" + test yes = "$build_old_libs" && old_library=$libname.$libext func_verbose "creating $output" # Preserve any variables that may affect compiler behavior @@ -9259,31 +10693,31 @@ EOF fi done # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" + relink_command="(cd `pwd`; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` - if test "$hardcode_automatic" = yes ; then + if test yes = "$hardcode_automatic"; then relink_command= fi # Only create the output if not a dry run. $opt_dry_run || { for installed in no yes; do - if test "$installed" = yes; then + if test yes = "$installed"; then if test -z "$install_libdir"; then break fi - output="$output_objdir/$outputname"i + output=$output_objdir/${outputname}i # Replace all uninstalled libtool libraries with the installed ones newdependency_libs= for deplib in $dependency_libs; do case $deplib in *.la) func_basename "$deplib" - name="$func_basename_result" + name=$func_basename_result func_resolve_sysroot "$deplib" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" + func_fatal_error "'$deplib' is not a valid libtool archive" func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" ;; -L*) @@ -9299,23 +10733,23 @@ EOF *) func_append newdependency_libs " $deplib" ;; esac done - dependency_libs="$newdependency_libs" + dependency_libs=$newdependency_libs newdlfiles= for lib in $dlfiles; do case $lib in *.la) func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + name=$func_basename_result + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" + func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" ;; *) func_append newdlfiles " $lib" ;; esac done - dlfiles="$newdlfiles" + dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in @@ -9325,34 +10759,34 @@ EOF # didn't already link the preopened objects directly into # the library: func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + name=$func_basename_result + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" + func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" ;; esac done - dlprefiles="$newdlprefiles" + dlprefiles=$newdlprefiles else newdlfiles= for lib in $dlfiles; do case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlfiles " $abs" done - dlfiles="$newdlfiles" + dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlprefiles " $abs" done - dlprefiles="$newdlprefiles" + dlprefiles=$newdlprefiles fi $RM $output # place dlname in correct position for cygwin @@ -9368,10 +10802,9 @@ EOF case $host,$output,$installed,$module,$dlname in *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) # If a -bindir argument was supplied, place the dll there. - if test "x$bindir" != x ; - then + if test -n "$bindir"; then func_relative_path "$install_libdir" "$bindir" - tdlname=$func_relative_path_result$dlname + tdlname=$func_relative_path_result/$dlname else # Otherwise fall back on heuristic. tdlname=../bin/$dlname @@ -9380,7 +10813,7 @@ EOF esac $ECHO > $output "\ # $outputname - a libtool library file -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # Please DO NOT delete this file! # It is necessary for linking the library. @@ -9394,7 +10827,7 @@ library_names='$library_names' # The name of the static archive. old_library='$old_library' -# Linker flags that can not go in dependency_libs. +# Linker flags that cannot go in dependency_libs. inherited_linker_flags='$new_inherited_linker_flags' # Libraries that this one depends upon. @@ -9420,7 +10853,7 @@ dlpreopen='$dlprefiles' # Directory that this library needs to be installed in: libdir='$install_libdir'" - if test "$installed" = no && test "$need_relink" = yes; then + if test no,yes = "$installed,$need_relink"; then $ECHO >> $output "\ relink_command=\"$relink_command\"" fi @@ -9435,27 +10868,29 @@ relink_command=\"$relink_command\"" exit $EXIT_SUCCESS } -{ test "$opt_mode" = link || test "$opt_mode" = relink; } && - func_mode_link ${1+"$@"} +if test link = "$opt_mode" || test relink = "$opt_mode"; then + func_mode_link ${1+"$@"} +fi # func_mode_uninstall arg... func_mode_uninstall () { - $opt_debug - RM="$nonopt" + $debug_cmd + + RM=$nonopt files= - rmforce= + rmforce=false exit_status=0 # This variable tells wrapper scripts just to set variables rather # than running their programs. - libtool_install_magic="$magic" + libtool_install_magic=$magic for arg do case $arg in - -f) func_append RM " $arg"; rmforce=yes ;; + -f) func_append RM " $arg"; rmforce=: ;; -*) func_append RM " $arg" ;; *) func_append files " $arg" ;; esac @@ -9468,18 +10903,18 @@ func_mode_uninstall () for file in $files; do func_dirname "$file" "" "." - dir="$func_dirname_result" - if test "X$dir" = X.; then - odir="$objdir" + dir=$func_dirname_result + if test . = "$dir"; then + odir=$objdir else - odir="$dir/$objdir" + odir=$dir/$objdir fi func_basename "$file" - name="$func_basename_result" - test "$opt_mode" = uninstall && odir="$dir" + name=$func_basename_result + test uninstall = "$opt_mode" && odir=$dir # Remember odir for removal later, being careful to avoid duplicates - if test "$opt_mode" = clean; then + if test clean = "$opt_mode"; then case " $rmdirs " in *" $odir "*) ;; *) func_append rmdirs " $odir" ;; @@ -9494,11 +10929,11 @@ func_mode_uninstall () elif test -d "$file"; then exit_status=1 continue - elif test "$rmforce" = yes; then + elif $rmforce; then continue fi - rmfiles="$file" + rmfiles=$file case $name in *.la) @@ -9512,7 +10947,7 @@ func_mode_uninstall () done test -n "$old_library" && func_append rmfiles " $odir/$old_library" - case "$opt_mode" in + case $opt_mode in clean) case " $library_names " in *" $dlname "*) ;; @@ -9523,12 +10958,12 @@ func_mode_uninstall () uninstall) if test -n "$library_names"; then # Do each command in the postuninstall commands. - func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + func_execute_cmds "$postuninstall_cmds" '$rmforce || exit_status=1' fi if test -n "$old_library"; then # Do each command in the old_postuninstall commands. - func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + func_execute_cmds "$old_postuninstall_cmds" '$rmforce || exit_status=1' fi # FIXME: should reinstall the best remaining shared library. ;; @@ -9544,21 +10979,19 @@ func_mode_uninstall () func_source $dir/$name # Add PIC object to the list of files to remove. - if test -n "$pic_object" && - test "$pic_object" != none; then + if test -n "$pic_object" && test none != "$pic_object"; then func_append rmfiles " $dir/$pic_object" fi # Add non-PIC object to the list of files to remove. - if test -n "$non_pic_object" && - test "$non_pic_object" != none; then + if test -n "$non_pic_object" && test none != "$non_pic_object"; then func_append rmfiles " $dir/$non_pic_object" fi fi ;; *) - if test "$opt_mode" = clean ; then + if test clean = "$opt_mode"; then noexename=$name case $file in *.exe) @@ -9585,12 +11018,12 @@ func_mode_uninstall () # note $name still contains .exe if it was in $file originally # as does the version of $file that was added into $rmfiles - func_append rmfiles " $odir/$name $odir/${name}S.${objext}" - if test "$fast_install" = yes && test -n "$relink_command"; then + func_append rmfiles " $odir/$name $odir/${name}S.$objext" + if test yes = "$fast_install" && test -n "$relink_command"; then func_append rmfiles " $odir/lt-$name" fi - if test "X$noexename" != "X$name" ; then - func_append rmfiles " $odir/lt-${noexename}.c" + if test "X$noexename" != "X$name"; then + func_append rmfiles " $odir/lt-$noexename.c" fi fi fi @@ -9599,7 +11032,7 @@ func_mode_uninstall () func_show_eval "$RM $rmfiles" 'exit_status=1' done - # Try to remove the ${objdir}s in the directories where we deleted files + # Try to remove the $objdir's in the directories where we deleted files for dir in $rmdirs; do if test -d "$dir"; then func_show_eval "rmdir $dir >/dev/null 2>&1" @@ -9609,16 +11042,17 @@ func_mode_uninstall () exit $exit_status } -{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } && - func_mode_uninstall ${1+"$@"} +if test uninstall = "$opt_mode" || test clean = "$opt_mode"; then + func_mode_uninstall ${1+"$@"} +fi test -z "$opt_mode" && { - help="$generic_help" + help=$generic_help func_fatal_help "you must specify a MODE" } test -z "$exec_cmd" && \ - func_fatal_help "invalid operation mode \`$opt_mode'" + func_fatal_help "invalid operation mode '$opt_mode'" if test -n "$exec_cmd"; then eval exec "$exec_cmd" @@ -9629,7 +11063,7 @@ exit $exit_status # The TAGs below are defined such that we never get into a situation -# in which we disable both kinds of libraries. Given conflicting +# where we disable both kinds of libraries. Given conflicting # choices, we go for a static library, that is the most portable, # since we can't tell whether shared libraries were disabled because # the user asked for that or because the platform doesn't support @@ -9652,5 +11086,3 @@ build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` # mode:shell-script # sh-indentation:2 # End: -# vi:sw=2 - diff --git a/configure b/configure index 90ae8be2..296148e9 100755 --- a/configure +++ b/configure @@ -6395,7 +6395,7 @@ case $host in *-solaris2*) ap_platform_runtime_link_flag="-R" case `uname -r` in - 5.567*) + 5.[567]*) ;; * ) @@ -32531,7 +32531,7 @@ if test "${enable_v4_mapped+set}" = set; then : else case $host in - *freebsd1234.*) + *freebsd[1234].*) v4mapped=yes ;; *freebsd*|*netbsd*|*openbsd*) diff --git a/configure.in b/configure.in index 864d7c7c..4380bae1 100644 --- a/configure.in +++ b/configure.in @@ -332,7 +332,7 @@ case $host in dnl solaris 8 and above don't have a thundering herd dnl not sure about rev's before this one. case `uname -r` in - 5.[567]*) + 5.[[567]]*) ;; * ) APR_SETVAR(SINGLE_LISTEN_UNSERIALIZED_ACCEPT, [1]) @@ -774,7 +774,7 @@ AC_ARG_ENABLE(v4-mapped,APACHE_HELP_STRING(--enable-v4-mapped,Allow IPv6 sockets ], [ case $host in - *freebsd[1234].*) + *freebsd[[1234]].*) v4mapped=yes ;; *freebsd*|*netbsd*|*openbsd*) diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in index 21ef9bb8..246b3dd7 100644 --- a/docs/conf/extra/httpd-ssl.conf.in +++ b/docs/conf/extra/httpd-ssl.conf.in @@ -73,6 +73,28 @@ SSLPassPhraseDialog builtin SSLSessionCache "shmcb:@exp_runtimedir@/ssl_scache(512000)" SSLSessionCacheTimeout 300 +# OCSP Stapling (requires OpenSSL 0.9.8h or later) +# +# This feature is disabled by default and requires at least +# the two directives SSLUseStapling and SSLStaplingCache. +# Refer to the documentation on OCSP Stapling in the SSL/TLS +# How-To for more information. +# +# Enable stapling for all SSL-enabled servers: +#SSLUseStapling On + +# Define a relatively small cache for OCSP Stapling using +# the same mechanism that is used for the SSL session cache +# above. If stapling is used with more than a few certificates, +# the size may need to be increased. (AH01929 will be logged.) +#SSLStaplingCache "shmcb:@exp_runtimedir@/ssl_stapling(32768)" + +# Seconds before valid OCSP responses are expired from the cache +#SSLStaplingStandardCacheTimeout 3600 + +# Seconds before invalid OCSP responses are expired from the cache +#SSLStaplingErrorCacheTimeout 600 + ## ## SSL Virtual Host Context ## diff --git a/docs/man/rotatelogs.8 b/docs/man/rotatelogs.8 index 53388a9c..9b66c616 100644 --- a/docs/man/rotatelogs.8 +++ b/docs/man/rotatelogs.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "ROTATELOGS" 8 "2014-06-24" "Apache HTTP Server" "rotatelogs" +.TH "ROTATELOGS" 8 "2015-01-01" "Apache HTTP Server" "rotatelogs" .SH NAME rotatelogs \- Piped logging program to rotate Apache logs @@ -27,7 +27,7 @@ rotatelogs \- Piped logging program to rotate Apache logs .SH "SYNOPSIS" .PP -\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIlinkname\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fInumber-of-files\fR ] \fIlogfile\fR \fIrotationtime\fR|\fIfilesize\fR(B|K|M|G) [ \fIoffset\fR ] +\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIlinkname\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fInumber-of-files\fR ] \fIlogfile\fR \fIrotationtime\fR|\fIfilesize\fR(B|K|M|G) [ \fIoffset\fR ] .SH "SUMMARY" @@ -68,7 +68,7 @@ Create log file for each interval, even if empty\&. Use a circular list of filenames without timestamps\&. With -n 3, the series of log files opened would be "logfile", "logfile\&.1", "logfile\&.2", then overwriting "logfile"\&. Available in 2\&.4\&.5 and later\&. .TP \fIlogfile\fR -.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for strftime(3)\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the strftime(3) format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using strftime(3) filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was /var/logs/errorlog\&.%Y-%m-%d with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. +.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for strftime(3)\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the strftime(3) format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using strftime(3) filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was /var/log/errorlog\&.%Y-%m-%d with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. .TP \fIrotationtime\fR The time between log file rotations in seconds\&. The rotation occurs at the beginning of this interval\&. For example, if the rotation time is 3600, the log file will be rotated at the beginning of every hour; if the rotation time is 86400, the log file will be rotated every night at midnight\&. (If no data is logged during an interval, no file will be created\&.) @@ -83,25 +83,25 @@ The number of minutes offset from UTC\&. If omitted, zero is assumed and UTC is .nf - CustomLog "|bin/rotatelogs /var/logs/logfile 86400" common + CustomLog "|bin/rotatelogs /var/log/logfile 86400" common .fi .PP -This creates the files /var/logs/logfile\&.nnnn where nnnn is the system time at which the log nominally starts (this time will always be a multiple of the rotation time, so you can synchronize cron scripts with it)\&. At the end of each rotation time (here after 24 hours) a new log is started\&. +This creates the files /var/log/logfile\&.nnnn where nnnn is the system time at which the log nominally starts (this time will always be a multiple of the rotation time, so you can synchronize cron scripts with it)\&. At the end of each rotation time (here after 24 hours) a new log is started\&. .nf - CustomLog "|bin/rotatelogs -l /var/logs/logfile\&.%Y\&.%m\&.%d 86400" common + CustomLog "|bin/rotatelogs -l /var/log/logfile\&.%Y\&.%m\&.%d 86400" common .fi .PP -This creates the files /var/logs/logfile\&.yyyy\&.mm\&.dd where yyyy is the year, mm is the month, and dd is the day of the month\&. Logging will switch to a new file every day at midnight, local time\&. +This creates the files /var/log/logfile\&.yyyy\&.mm\&.dd where yyyy is the year, mm is the month, and dd is the day of the month\&. Logging will switch to a new file every day at midnight, local time\&. .nf - CustomLog "|bin/rotatelogs /var/logs/logfile 5M" common + CustomLog "|bin/rotatelogs /var/log/logfile 5M" common .fi @@ -110,7 +110,7 @@ This configuration will rotate the logfile whenever it reaches a size of 5 megab .nf - ErrorLog "|bin/rotatelogs /var/logs/errorlog\&.%Y-%m-%d-%H_%M_%S 5M" + ErrorLog "|bin/rotatelogs /var/log/errorlog\&.%Y-%m-%d-%H_%M_%S 5M" .fi @@ -119,12 +119,12 @@ This configuration will rotate the error logfile whenever it reaches a size of 5 .nf - CustomLog "|bin/rotatelogs -t /var/logs/logfile 86400" common + CustomLog "|bin/rotatelogs -t /var/log/logfile 86400" common .fi .PP -This creates the file /var/logs/logfile, truncating the file at startup and then truncating the file once per day\&. It is expected in this scenario that a separate process (such as tail) would process the file in real time\&. +This creates the file /var/log/logfile, truncating the file at startup and then truncating the file once per day\&. It is expected in this scenario that a separate process (such as tail) would process the file in real time\&. .SH "PORTABILITY" diff --git a/docs/man/tr/rotatelogs.8 b/docs/man/tr/rotatelogs.8 index a8a16783..5a515aa1 100644 --- a/docs/man/tr/rotatelogs.8 +++ b/docs/man/tr/rotatelogs.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "ROTATELOGS" 8 "2014-06-24" "Apache HTTP Sunucusu" "rotatelogs" +.TH "ROTATELOGS" 8 "2015-01-18" "Apache HTTP Sunucusu" "rotatelogs" .nh .SH İSİM rotatelogs \- Apache günlüklerini döndürmek için borulu günlük kayıt programı @@ -27,7 +27,7 @@ rotatelogs \- Apache günlüklerini döndürmek için borulu günlük kayıt pro .SH "KULLANIM" .PP -\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIisim\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fIdosya_sayısı\fR ] \fIdosyaismi\fR \fIsüre\fR|\fIboyut\fR(B|K|M|G) [ \fIsaat_farkı\fR ] +\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIisim\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fIdosya_sayısı\fR ] \fIdosyaismi\fR \fIsüre\fR|\fIboyut\fR(B|K|M|G) [ \fIsaat_farkı\fR ] .SH "ÖZET" @@ -68,7 +68,7 @@ Create log file for each interval, even if empty\&. Zaman damgalarına bakılmaksızın bir dosya serisi açılır\&. Örneğin -n3 belirtilirse "logfile", "logfile\&.1", "logfile\&.2" serisi açılır ve "logfile" üzerine yazılır\&. 2\&.4\&.5 ve sonraki sürümler içindir\&. .TP \fIdosyaismi\fR -.PP Günlük dosyasının ismi yoluyla birlikte belirtilir\&. \fIdosyaismi\fR '%' karakterleri içeriyorsa bunlar strftime(3) biçem belirteçleri olarak ele alınır\&. Aksi takdirde, özdevinimli olarak \fI\&.nnnnnnnnnn\fR uzantısı üretilir\&. (\fB-t\fR seçeneği kullanılmadıkça) Uzantı saniye cinsindendir ve her iki durumda da bu değer, mevcut döngü diliminin başlangıcına göre hesaplanır\&. Örneğin, döndürmenin 86400 saniyede bir yapılacağı belirtilmişse, strftime(3) biçeminde oluşturulan saat, dakika ve saniye alanları, 24 saatlik sürenin başlangıcını (geceyarısı) göstermek üzere sıfırlarla doldurulur\&. .PP strftime(3) dosyaismi biçemlemesi kullanılırken, günlük dosyası biçeminin günlük dosyası döndürülürken her zaman farklı bir dosya ismi üretecek yeterlilikte parçacıklı yapıya sahip olduğundan emin olmalısınız\&. Aks takdirde döndürme işlemi yeni bir dosya başlatmak yerine hep aynı dosyanın üzerine yazar\&. Örneğin, \fIlogfile\fR için /var/logs/errorlog\&.%Y-%m-%d belirtilmişse 5 mega baytta bir yeni bir günlük dosyasına başlanacaktır\&. Fakat 5 megabayta gün içinde iki kez ulaşılırsa aynı günlük dosyası üretilir ve günlük hep aynı dosyanın üzerine yazılır\&. +.PP Günlük dosyasının ismi yoluyla birlikte belirtilir\&. \fIdosyaismi\fR '%' karakterleri içeriyorsa bunlar strftime(3) biçem belirteçleri olarak ele alınır\&. Aksi takdirde, özdevinimli olarak \fI\&.nnnnnnnnnn\fR uzantısı üretilir\&. (\fB-t\fR seçeneği kullanılmadıkça) Uzantı saniye cinsindendir ve her iki durumda da bu değer, mevcut döngü diliminin başlangıcına göre hesaplanır\&. Örneğin, döndürmenin 86400 saniyede bir yapılacağı belirtilmişse, strftime(3) biçeminde oluşturulan saat, dakika ve saniye alanları, 24 saatlik sürenin başlangıcını (geceyarısı) göstermek üzere sıfırlarla doldurulur\&. .PP strftime(3) dosyaismi biçemlemesi kullanılırken, günlük dosyası biçeminin günlük dosyası döndürülürken her zaman farklı bir dosya ismi üretecek yeterlilikte parçacıklı yapıya sahip olduğundan emin olmalısınız\&. Aks takdirde döndürme işlemi yeni bir dosya başlatmak yerine hep aynı dosyanın üzerine yazar\&. Örneğin, \fIlogfile\fR için /var/log/errorlog\&.%Y-%m-%d belirtilmişse 5 mega baytta bir yeni bir günlük dosyasına başlanacaktır\&. Fakat 5 megabayta gün içinde iki kez ulaşılırsa aynı günlük dosyası üretilir ve günlük hep aynı dosyanın üzerine yazılır\&. .TP \fIsüre\fR Günlük dosyasının yenisinin kaç saniyede bir açılacağı belirtilir\&. Örneğin, bu süre 3600 saniye ise günlük dosyası her saat başında yenilenir; 86400 saniye ise her geceyarısı yenilenir\&. (Bu süre zarfında günlüğe kaydedilecek bir olay gerçekleşmemişse dosya oluşturulmaz\&.) @@ -83,25 +83,25 @@ Koordinatlı evrensel zamana göre "dakika" farkı\&. Belirtilmezse, sıfır ön .nf - CustomLog "|bin/rotatelogs /var/logs/logfile 86400" common + CustomLog "|bin/rotatelogs /var/log/logfile 86400" common .fi .PP -nnnn, günlük kaydının başladığı sistem zamanı olmak üzere /var/logs/logfile\&.nnnn dosyası oluşturulur\&. Bu zaman, daima döngü süresinin katları olacağından bunu cron betiklerinizi eşzamanlamakta kullanabilirsiniz\&. Her döngü süresinin sonunda (burada 24 saat sonra) yeni bir günlük dosyası açılır\&. +nnnn, günlük kaydının başladığı sistem zamanı olmak üzere /var/log/logfile\&.nnnn dosyası oluşturulur\&. Bu zaman, daima döngü süresinin katları olacağından bunu cron betiklerinizi eşzamanlamakta kullanabilirsiniz\&. Her döngü süresinin sonunda (burada 24 saat sonra) yeni bir günlük dosyası açılır\&. .nf - CustomLog "|bin/rotatelogs -l /var/logs/logfile\&.%Y\&.%m\&.%d 86400" common + CustomLog "|bin/rotatelogs -l /var/log/logfile\&.%Y\&.%m\&.%d 86400" common .fi .PP -yyyy, yıl; mm, ay; dd, ayın gününü belirtmek üzere /var/logs/logfile\&.yyyy\&.mm\&.dd dosyası oluşturulur\&. Her gün yerel zamanla geceyarısı yeni bir günlük dosyasına geçilecektir\&. +yyyy, yıl; mm, ay; dd, ayın gününü belirtmek üzere /var/log/logfile\&.yyyy\&.mm\&.dd dosyası oluşturulur\&. Her gün yerel zamanla geceyarısı yeni bir günlük dosyasına geçilecektir\&. .nf - CustomLog "|bin/rotatelogs /var/logs/logfile 5M" common + CustomLog "|bin/rotatelogs /var/log/logfile 5M" common .fi @@ -110,7 +110,7 @@ Günlük dosyası 5 megabaytlık olunca yenisinin oluşturulmasını sağlar\&. .nf - ErrorLog "|bin/rotatelogs /var/logs/errorlog\&.%Y-%m-%d-%H_%M_%S 5M" + ErrorLog "|bin/rotatelogs /var/log/errorlog\&.%Y-%m-%d-%H_%M_%S 5M" .fi @@ -119,12 +119,12 @@ Hata günlüğünün 5 megabaytta bir errorlog\&.YYYY-mm-dd-HH_MM_SS biçemli bi .nf - CustomLog "|bin/rotatelogs -t /var/logs/logfile 86400" common + CustomLog "|bin/rotatelogs -t /var/log/logfile 86400" common .fi .PP -/var/logs/logfile dosyasını oluşturur, sunucu başlatılırken ve günde bir kere dosyanın tepesi kırpılır\&. Bu senaryoda ayrı bir sürecin (tail gibi) dosyayı gerçek zamanlı işleyeceği umulur\&. +/var/log/logfile dosyasını oluşturur, sunucu başlatılırken ve günde bir kere dosyanın tepesi kırpılır\&. Bu senaryoda ayrı bir sürecin (tail gibi) dosyayı gerçek zamanlı işleyeceği umulur\&. .SH "TAŞINABİLİRLİK" diff --git a/docs/manual/bind.html.de b/docs/manual/bind.html.de index 180d6ba6..cdaba989 100644 --- a/docs/manual/bind.html.de +++ b/docs/manual/bind.html.de @@ -215,7 +215,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/bind.html'; } })(window, document); //-->

- - - -
-

Modules | Directives | FAQ | Glossary | Sitemap

-

Apache HTTP Server Version 2.4

-
-
<-
-
-Apache > HTTP Server > Documentation > Version 2.4 > Modules
-
-

Apache Module mod_example

-
-

Available Languages:  en  | - fr  | - ko 

-
- - - -
Description:Illustrates the Apache module API
Status:Experimental
ModuleIdentifier:example_module
SourceFile:mod_example.c
-

Summary

- -

Some files in the modules/experimental directory - under the Apache distribution directory tree are provided as an - example to those that wish to write modules that use the Apache - API.

- -

The main file is mod_example.c, which - illustrates all the different callback mechanisms and call - syntaxes. By no means does an add-on module need to include - routines for all of the callbacks - quite the contrary!

- -

The example module is an actual working module. If you link - it into your server, enable the "example-handler" handler for a - location, and then browse to that location, you will see a - display of some of the tracing the example module did as the - various callbacks were made.

-
- -
top
-
-

Compiling the example module

- -

To include the example module in your server, follow the - steps below:

- -
    -
  1. - Run configure with --enable-example - option.
    2. - -
  2. Make the server (run "make").
    3. -
- -

To add another module of your own:

- -
    -
  1. cp modules/experimental/mod_example.c - modules/new_module/mod_myexample.c
    2. - -
  2. Modify the file.
    3. - -
  3. Create modules/new_module/config.m4. -
      -
    1. Add APACHE_MODPATH_INIT(new_module).
      2. -
    2. Copy APACHE_MODULE line with "example" from - modules/experimental/config.m4.
      3. -
    3. Replace the first argument "example" with myexample.
      4. -
    4. Replace the second argument with brief description of your module. - It will be used in configure --help.
      5. -
    5. If your module needs additional C compiler flags, linker flags or - libraries, add them to CFLAGS, LDFLAGS and LIBS accordingly. - See other config.m4 files in modules directory for - examples.
      6. -
    6. Add APACHE_MODPATH_FINISH.
      7. -
    -
    4. - -
  4. Create module/new_module/Makefile.in. - If your module doesn't need special build instructions, - all you need to have in that file is - include $(top_srcdir)/build/special.mk.
    5. - -
  5. Run ./buildconf from the top-level directory.
    6. - -
  6. Build the server with --enable-myexample
    7. - -
-
top
-
-

Using the mod_example Module

- -

To activate the example module, include a block similar to - the following in your httpd.conf file:

-
<Location /example-info>
-   SetHandler example-handler
-</Location>
- - -

As an alternative, you can put the following into a .htaccess file - and then request the file "test.example" from that location:

-
AddHandler example-handler .example
- - -

After reloading/restarting your server, you should be able - to browse to this location and see the brief display mentioned - earlier.

-
-
top
-

Example Directive

- - - - - - -
Description:Demonstration directive to illustrate the Apache module -API
Syntax:Example
Context:server config, virtual host, directory, .htaccess
Status:Experimental
Module:mod_example
-

The Example directive just sets a demonstration - flag which the example module's content handler displays. It - takes no arguments. If you browse to an URL to which the - example content-handler applies, you will get a display of the - routines within the module and how and in what order they were - called to service the document request. The effect of this - directive one can observe under the point "Example - directive declared here: YES/NO".

- -
-
-
-

Available Languages:  en  | - fr  | - ko 

-
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
-
- \ No newline at end of file diff --git a/docs/manual/mod/mod_example.html.fr b/docs/manual/mod/mod_example.html.fr deleted file mode 100644 index a67028a4..00000000 --- a/docs/manual/mod/mod_example.html.fr +++ /dev/null @@ -1,192 +0,0 @@ - - - -mod_example - Serveur Apache HTTP Version 2.4 - - - - - - - -
-

Modules | Directives | FAQ | Glossaire | Plan du site

-

Serveur Apache HTTP Version 2.4

-
-
<-
-
-Apache > Serveur HTTP > Documentation > Version 2.4 > Modules
-
-

Module Apache mod_example

-
-

Langues Disponibles:  en  | - fr  | - ko 

-
- - - -
Description:Illustration de l'API des modules Apache
Statut:Exprimental
IdentificateurdeModule:example_module
FichierSource:mod_example.c
-

Sommaire

- -

Certains fichiers situs dans le rpertoire - modules/experimental de l'arborescence de la - distribution d'Apache sont fournis titre d'exemples pour ceux qui - souhaitent crire des modules qui utilisent l'API d'Apache.

- -

Le fichier principal est mod_example.c, qui - constitue une illustration exhaustive des diffrents mcanismes et - syntaxes d'appels. En aucun cas un module additionnel n'aura - inclure des routines pour tous les appels - il n'en ncessitera au - contraire qu'un petit nombre !

- -

Le module example fonctionne rellement. Si vous le chargez dans - votre serveur, activez le gestionnaire "example-handler" dans une - section location, et essayez d'accder la zone du site web - correspondante, vous verrez s'afficher certaines sorties que le - module example produit au cours des diffrents appels.

-
- -
top
-
-

Compilation du module example

- -

Pour inclure le module example dans votre serveur, effectuez les - tapes suivantes :

- -
    -
  1. Excutez configure avec l'option - --enable-example.
    2. - -
  2. Compilez le serveur (excutez la commande - "make").
    3. -
- -

Pour ajouter votre propre module :

- -
    -
  1. cp modules/experimental/mod_example.c - modules/nouveau_module/mod_monexemple.c
    2. - -
  2. Modifiez le fichier.
    3. - -
  3. Crez modules/nouveau_module/config.m4. -
      -
    1. Ajoutez APACHE_MODPATH_INIT(nouveau_module).
      2. -
    2. Copiez la ligne APACHE_MODULE contenant "example" depuis - modules/experimental/config.m4.
      3. -
    3. Remplacez le premier argument "example" par - monexemple.
      4. -
    4. Remplacez le second argument par une brve description de - votre module. Cette description sera utilise par la commande - configure --help.
      5. -
    5. Si la compilation de votre module ncessite des drapeaux - de compilation C, des drapeaux d'dition de liens, ou de - bibliothques supplmentaires, ajoutez les respectivement - CFLAGS, LDFLAGS et LIBS. Reportez-vous aux fichiers - config.m4 des rpertoires des autres modules pour - plus d'exemples.
      6. -
    6. Ajoutez APACHE_MODPATH_FINISH.
      7. -
    -
    4. - -
  4. Crez le fichier - module/nouveau_module/Makefile.in. - Si la compilation de votre module ne ncessite pas d'instructions - particulires, ce fichier ne doit contenir que la ligne - include $(top_srcdir)/build/special.mk.
    5. - -
  5. Excutez ./buildconf la racine du rpertoire.
    6. - -
  6. Compilez le serveur aprs avoir excut la commande configure - avec l'option --enable-monexemple.
    7. - -
-
top
-
-

Utilisation du module -mod_example

- -

Pour activer le module example, ajoutez votre fichier - httpd.conf un bloc du style :

-
<Location /example-info>
-   SetHandler example-handler
-</Location>
- - -

Vous pouvez aussi ajouter ce qui suit dans un fichier .htaccess, puis - accder au fichier "test.example" partir du rpertoire - correspondant :

- -
AddHandler example-handler .example
- - -

Aprs avoir recharg la configuration ou redmarr votre serveur, - vous devriez pouvoir accder ce fichier et voir s'afficher ce qui - a t dcrit plus haut.

-
-
top
-

Example Directive

- - - - - - -
Description:Directive de dmonstration pour illustrer l'API des modules -Apache
Syntaxe:Example
Contexte:configuration du serveur, serveur virtuel, rpertoire, .htaccess
Statut:Exprimental
Module:mod_example
-

La directive Example n'a pour fonction que - de dfinir un drapeau de dmonstration que le gestionnaire de - contenu du module example va afficher. Elle ne possde aucun - argument. Si vous naviguez vers une URL laquelle le gestionnaire - de contenu example s'applique, vous verrez s'afficher les routines - du module, ainsi que l'ordre dans lequel elles ont t appeles pour - servir le document demand. On peut observer l'effet de cette - directive dans la phrase "Example - directive declared here: YES/NO".

- -
-
-
-

Langues Disponibles:  en  | - fr  | - ko 

-
top

Commentaires

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
-
- \ No newline at end of file diff --git a/docs/manual/mod/mod_example.html.ko.euc-kr b/docs/manual/mod/mod_example.html.ko.euc-kr deleted file mode 100644 index 1024dd2f..00000000 --- a/docs/manual/mod/mod_example.html.ko.euc-kr +++ /dev/null @@ -1,181 +0,0 @@ - - - -mod_example - Apache HTTP Server Version 2.4 - - - - - - - -
-

| þ | FAQ | | Ʈ

-

Apache HTTP Server Version 2.4

-
-
<-
-
-Apache > HTTP Server > Documentation > Version 2.4 >
-
-

ġ mod_example

-
-

:  en  | - fr  | - ko 

-
-
ֽ ƴմϴ. - ֱٿ ϼ.
- - - -
:ġ API Ѵ
:Experimental
:example_module
ҽ:mod_example.c
-

- -

ġ modules/experimental 丮 - ִ ϵ ġ API Ͽ ۼϷ - .

- -

mod_example.c ݹ(callback) - ȣ ϴ ̴. ⿡ ݹ - ʿ䰡 . ݴ!

- -

example ϴ ̴. - ϰ Ư ġ "example-handler" ڵ鷯 ҴϿ - װ ¡ϸ example ݹ Ȯ - ִ.

-
- -
top
-
-

example ϱ

- -

example Ϸ ģ:

- -
    -
  1. - --enable-example ɼǰ Բ - configure Ѵ.
    2. - -
  2. Ѵ ("make" Ѵ).
    3. -
- -

ڽ ߰Ϸ:

- -
    -
  1. cp modules/experimental/mod_example.c - modules/new_module/mod_myexample.c
    2. - -
  2. Ѵ.
    3. - -
  3. modules/new_module/config.m4 . -
      -
    1. APACHE_MODPATH_INIT(new_module) - ߰Ѵ.
      2. -
    2. modules/experimental/config.m4 Ͽ - "example" ִ APACHE_MODULE ؿ´.
      3. -
    3. ù° ƱԸƮ "example" myexample - Ѵ.
      4. -
    4. ι° ƱԸƮ ڸ ڽ ⿡ - ´. configure --help - ϸ ⿡ ش.
      5. -
    5. Ҷ Ư C Ϸ ɼ, Ŀ - ɼ, ̺귯 ʿϸ CFLAGS, LDFLAGS, - LIBS ߰Ѵ. modules 丮 ִ ٸ - config.m4 ϵ ϶.
      6. -
    6. APACHE_MODPATH_FINISH ߰Ѵ.
      7. -
    -
    4. - -
  4. module/new_module/Makefile.in - . ϴµ Ư ɾ ʿٸ, - Ͽ include $(top_srcdir)/build/special.mk - ־ ȴ.
    5. - -
  5. ֻ 丮 ./buildconf Ѵ.
    6. - -
  6. --enable-myexample ɼ Ͽ Ѵ
    7. - -
-
top
-
-

mod_example ϱ

- -

example Ϸ httpd.conf Ͽ - ߰϶:

-

- <Location /example-info>
- SetHandler example-handler
- </Location> -

- -

ƴϸ .htaccess - Ͽ ߰ϰ, ġ "test.example" - û϶:

-

- AddHandler example-handler .example -

- -

ġ ¡ϸ տ - Ե ̴.

-
-
top
-

Example þ

- - - - - - -
:ġ API ϱ þ
:Example
:ּ, ȣƮ, directory, .htaccess
:Experimental
:mod_example
-

Example þ example - ڵ鷯 θ Ѵ. þ - ƱԸƮ ʴ´. example ڵ鷯 URL - ϸ û ϱ ȿ Լ  - ׸  Ҹ ִ. þ ȿ - "Example directive declared here: YES/NO" - Ȯ ִ.

- -
-
-
-

:  en  | - fr  | - ko 

-
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
-
- \ No newline at end of file diff --git a/docs/manual/mod/mod_example_hooks.html b/docs/manual/mod/mod_example_hooks.html new file mode 100644 index 00000000..c823e0d6 --- /dev/null +++ b/docs/manual/mod/mod_example_hooks.html @@ -0,0 +1,13 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: mod_example_hooks.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: mod_example_hooks.html.fr +Content-Language: fr +Content-type: text/html; charset=ISO-8859-1 + +URI: mod_example_hooks.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR diff --git a/docs/manual/mod/mod_example_hooks.html.en b/docs/manual/mod/mod_example_hooks.html.en new file mode 100644 index 00000000..ef215e97 --- /dev/null +++ b/docs/manual/mod/mod_example_hooks.html.en @@ -0,0 +1,180 @@ + + + +mod_example_hooks - Apache HTTP Server Version 2.4 + + + + + + + +
+

Modules | Directives | FAQ | Glossary | Sitemap

+

Apache HTTP Server Version 2.4

+
+
<-
+
+Apache > HTTP Server > Documentation > Version 2.4 > Modules
+
+

Apache Module mod_example_hooks

+
+

Available Languages:  en  | + fr  | + ko 

+
+ + + +
Description:Illustrates the Apache module API
Status:Experimental
ModuleIdentifier:example_hooks_module
SourceFile:mod_example_hooks.c
+

Summary

+ +

The files in the modules/examples directory + under the Apache distribution directory tree are provided as an + example to those that wish to write modules that use the Apache + API.

+ +

The main file is mod_example_hooks.c, which + illustrates all the different callback mechanisms and call + syntaxes. By no means does an add-on module need to include + routines for all of the callbacks - quite the contrary!

+ +

The example module is an actual working module. If you link + it into your server, enable the "example-hooks-handler" handler for a + location, and then browse to that location, you will see a + display of some of the tracing the example module did as the + various callbacks were made.

+
+ +
top
+
+

Compiling the example_hooks module

+ +

To include the example_hooks module in your server, follow the + steps below:

+ +
    +
  1. + Run configure with --enable-example-hooks + option.
    2. + +
  2. Make the server (run "make").
    3. +
+ +

To add another module of your own:

+ +
    +
  1. cp modules/examples/mod_example_hooks.c + modules/new_module/mod_myexample.c
    2. + +
  2. Modify the file.
    3. + +
  3. Create modules/new_module/config.m4. +
      +
    1. Add APACHE_MODPATH_INIT(new_module).
      2. +
    2. Copy APACHE_MODULE line with "example_hooks" from + modules/examples/config.m4.
      3. +
    3. Replace the first argument "example_hooks" with myexample.
      4. +
    4. Replace the second argument with brief description of your module. + It will be used in configure --help.
      5. +
    5. If your module needs additional C compiler flags, linker flags or + libraries, add them to CFLAGS, LDFLAGS and LIBS accordingly. + See other config.m4 files in modules directory for + examples.
      6. +
    6. Add APACHE_MODPATH_FINISH.
      7. +
    +
    4. + +
  4. Create module/new_module/Makefile.in. + If your module doesn't need special build instructions, + all you need to have in that file is + include $(top_srcdir)/build/special.mk.
    5. + +
  5. Run ./buildconf from the top-level directory.
    6. + +
  6. Build the server with --enable-myexample
    7. + +
+
top
+
+

Using the mod_example_hooks Module

+ +

To activate the example_hooks module, include a block similar to + the following in your httpd.conf file:

+
<Location /example-hooks-info>
+   SetHandler example-hooks-handler
+</Location>
+ + +

As an alternative, you can put the following into a .htaccess file + and then request the file "test.example" from that location:

+
AddHandler example-hooks-handler .example
+ + +

After reloading/restarting your server, you should be able + to browse to this location and see the brief display mentioned + earlier.

+
+
top
+

Example Directive

+ + + + + + +
Description:Demonstration directive to illustrate the Apache module +API
Syntax:Example
Context:server config, virtual host, directory, .htaccess
Status:Experimental
Module:mod_example_hooks
+

The Example directive just sets a demonstration + flag which the example module's content handler displays. It + takes no arguments. If you browse to an URL to which the + example-hooks content-handler applies, you will get a display of the + routines within the module and how and in what order they were + called to service the document request. The effect of this + directive one can observe under the point "Example + directive declared here: YES/NO".

+ +
+
+
+

Available Languages:  en  | + fr  | + ko 

+
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+
+ \ No newline at end of file diff --git a/docs/manual/mod/mod_example_hooks.html.fr b/docs/manual/mod/mod_example_hooks.html.fr new file mode 100644 index 00000000..f325aa14 --- /dev/null +++ b/docs/manual/mod/mod_example_hooks.html.fr @@ -0,0 +1,192 @@ + + + +mod_example_hooks - Serveur Apache HTTP Version 2.4 + + + + + + + +
+

Modules | Directives | FAQ | Glossaire | Plan du site

+

Serveur Apache HTTP Version 2.4

+
+
<-
+
+Apache > Serveur HTTP > Documentation > Version 2.4 > Modules
+
+

Module Apache mod_example_hooks

+
+

Langues Disponibles:  en  | + fr  | + ko 

+
+ + + +
Description:Illustration de l'API des modules Apache
Statut:Exprimental
IdentificateurdeModule:example_hooks_module
FichierSource:mod_example_hooks.c
+

Sommaire

+ +

Certains fichiers situs dans le rpertoire + modules/examples de l'arborescence de la + distribution d'Apache sont fournis titre d'exemples pour ceux qui + souhaitent crire des modules qui utilisent l'API d'Apache.

+ +

Le fichier principal est mod_example_hooks.c, qui + constitue une illustration exhaustive des diffrents mcanismes et + syntaxes d'appels. En aucun cas un module additionnel n'aura + inclure des routines pour tous les appels - il n'en ncessitera au + contraire qu'un petit nombre !

+ +

Le module example_hooks fonctionne rellement. Si vous le chargez dans + votre serveur, activez le gestionnaire "example-hooks-handler" dans une + section location, et essayez d'accder la zone du site web + correspondante, vous verrez s'afficher certaines sorties que le + module example_hooks produit au cours des diffrents appels.

+
+ +
top
+
+

Compilation du module example_hooks

+ +

Pour inclure le module example_hooks dans votre serveur, effectuez les + tapes suivantes :

+ +
    +
  1. Excutez configure avec l'option + --enable-example-hooks.
    2. + +
  2. Compilez le serveur (excutez la commande + "make").
    3. +
+ +

Pour ajouter votre propre module :

+ +
    +
  1. cp modules/examples/mod_example_hooks.c + modules/nouveau_module/mod_monexemple.c
    2. + +
  2. Modifiez le fichier.
    3. + +
  3. Crez modules/nouveau_module/config.m4. +
      +
    1. Ajoutez APACHE_MODPATH_INIT(nouveau_module).
      2. +
    2. Copiez la ligne APACHE_MODULE contenant "example_hooks" depuis + modules/examples/config.m4.
      3. +
    3. Remplacez le premier argument "example-hooks" par + monexemple.
      4. +
    4. Remplacez le second argument par une brve description de + votre module. Cette description sera utilise par la commande + configure --help.
      5. +
    5. Si la compilation de votre module ncessite des drapeaux + de compilation C, des drapeaux d'dition de liens, ou de + bibliothques supplmentaires, ajoutez les respectivement + CFLAGS, LDFLAGS et LIBS. Reportez-vous aux fichiers + config.m4 des rpertoires des autres modules pour + plus d'exemples.
      6. +
    6. Ajoutez APACHE_MODPATH_FINISH.
      7. +
    +
    4. + +
  4. Crez le fichier + module/nouveau_module/Makefile.in. + Si la compilation de votre module ne ncessite pas d'instructions + particulires, ce fichier ne doit contenir que la ligne + include $(top_srcdir)/build/special.mk.
    5. + +
  5. Excutez ./buildconf la racine du rpertoire.
    6. + +
  6. Compilez le serveur aprs avoir excut la commande configure + avec l'option --enable-monexemple.
    7. + +
+
top
+
+

Utilisation du module +mod_example_hooks

+ +

Pour activer le module example_hooks, ajoutez votre fichier + httpd.conf un bloc du style :

+
<Location /example-hooks-info>
+   SetHandler example-hooks-handler
+</Location>
+ + +

Vous pouvez aussi ajouter ce qui suit dans un fichier .htaccess, puis + accder au fichier "test.example" partir du rpertoire + correspondant :

+ +
AddHandler example-hooks-handler .example
+ + +

Aprs avoir recharg la configuration ou redmarr votre serveur, + vous devriez pouvoir accder ce fichier et voir s'afficher ce qui + a t dcrit plus haut.

+
+
top
+

Example Directive

+ + + + + + +
Description:Directive de dmonstration pour illustrer l'API des modules +Apache
Syntaxe:Example
Contexte:configuration du serveur, serveur virtuel, rpertoire, .htaccess
Statut:Exprimental
Module:mod_example_hooks
+

La directive Example n'a pour fonction que + de dfinir un drapeau de dmonstration que le gestionnaire de + contenu du module example_hooks va afficher. Elle ne possde aucun + argument. Si vous naviguez vers une URL laquelle le gestionnaire + de contenu example_hooks s'applique, vous verrez s'afficher les routines + du module, ainsi que l'ordre dans lequel elles ont t appeles pour + servir le document demand. On peut observer l'effet de cette + directive dans la phrase "Example + directive declared here: YES/NO".

+ +
+
+
+

Langues Disponibles:  en  | + fr  | + ko 

+
top

Commentaires

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+
+ \ No newline at end of file diff --git a/docs/manual/mod/mod_example_hooks.html.ko.euc-kr b/docs/manual/mod/mod_example_hooks.html.ko.euc-kr new file mode 100644 index 00000000..f922009d --- /dev/null +++ b/docs/manual/mod/mod_example_hooks.html.ko.euc-kr @@ -0,0 +1,181 @@ + + + +mod_example_hooks - Apache HTTP Server Version 2.4 + + + + + + + +
+

| þ | FAQ | | Ʈ

+

Apache HTTP Server Version 2.4

+
+
<-
+
+Apache > HTTP Server > Documentation > Version 2.4 >
+
+

ġ mod_example_hooks

+
+

:  en  | + fr  | + ko 

+
+
ֽ ƴմϴ. + ֱٿ ϼ.
+ + + +
:ġ API Ѵ
:Experimental
:example_hooks_module
ҽ:mod_example_hooks.c
+

+ +

ġ modules/examples 丮 + ִ ϵ ġ API Ͽ ۼϷ + .

+ +

mod_example_hooks.c ݹ(callback) + ȣ ϴ ̴. ⿡ ݹ + ʿ䰡 . ݴ!

+ +

example ϴ ̴. + ϰ Ư ġ "example-hooks-handler" ڵ鷯 ҴϿ + װ ¡ϸ example ݹ Ȯ + ִ.

+
+ +
top
+
+

example ϱ

+ +

example Ϸ ģ:

+ +
    +
  1. + --enable-example-hooks ɼǰ Բ + configure Ѵ.
    2. + +
  2. Ѵ ("make" Ѵ).
    3. +
+ +

ڽ ߰Ϸ:

+ +
    +
  1. cp modules/examples/mod_example_hooks.c + modules/new_module/mod_myexample.c
    2. + +
  2. Ѵ.
    3. + +
  3. modules/new_module/config.m4 . +
      +
    1. APACHE_MODPATH_INIT(new_module) + ߰Ѵ.
      2. +
    2. modules/examples/config.m4 Ͽ + "example_hooks" ִ APACHE_MODULE ؿ´.
      3. +
    3. ù° ƱԸƮ "example_hooks" myexample + Ѵ.
      4. +
    4. ι° ƱԸƮ ڸ ڽ ⿡ + ´. configure --help + ϸ ⿡ ش.
      5. +
    5. Ҷ Ư C Ϸ ɼ, Ŀ + ɼ, ̺귯 ʿϸ CFLAGS, LDFLAGS, + LIBS ߰Ѵ. modules 丮 ִ ٸ + config.m4 ϵ ϶.
      6. +
    6. APACHE_MODPATH_FINISH ߰Ѵ.
      7. +
    +
    4. + +
  4. module/new_module/Makefile.in + . ϴµ Ư ɾ ʿٸ, + Ͽ include $(top_srcdir)/build/special.mk + ־ ȴ.
    5. + +
  5. ֻ 丮 ./buildconf Ѵ.
    6. + +
  6. --enable-myexample ɼ Ͽ Ѵ
    7. + +
+
top
+
+

mod_example_hooks ϱ

+ +

example Ϸ httpd.conf Ͽ + ߰϶:

+

+ <Location /example-hooks-info>
+ SetHandler example-hooks-handler
+ </Location> +

+ +

ƴϸ .htaccess + Ͽ ߰ϰ, ġ "test.example" + û϶:

+

+ AddHandler example-hooks-handler .example +

+ +

ġ ¡ϸ տ + Ե ̴.

+
+
top
+

Example þ

+ + + + + + +
:ġ API ϱ þ
:Example
:ּ, ȣƮ, directory, .htaccess
:Experimental
:mod_example_hooks
+

Example þ example + ڵ鷯 θ Ѵ. þ + ƱԸƮ ʴ´. example ڵ鷯 URL + ϸ û ϱ ȿ Լ  + ׸  Ҹ ִ. þ ȿ + "Example directive declared here: YES/NO" + Ȯ ִ.

+ +
+
+
+

:  en  | + fr  | + ko 

+
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+
+ \ No newline at end of file diff --git a/docs/manual/mod/mod_expires.html.en b/docs/manual/mod/mod_expires.html.en index 413aee97..3f67827d 100644 --- a/docs/manual/mod/mod_expires.html.en +++ b/docs/manual/mod/mod_expires.html.en @@ -261,7 +261,7 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_expires.html } })(window, document); //--> + + + +
+

Modules | Directives | FAQ | Glossary | Sitemap

+

Apache HTTP Server Version 2.4

+
+
<-
+
+Apache > HTTP Server > Documentation > Version 2.4 > Modules
+
+

Apache Module mod_http2

+
+

Available Languages:  en 

+
+ + + +
Description:Support for the HTTP/2 transport layer
Status:Extension
ModuleIdentifier:h2_module
SourceFile:mod_http2.c
+

Summary

+ +

This module provides HTTP/2 (RFC 7540) support for the Apache + HTTP Server.

+ +

This module relies on libnghttp2 + to provide the core http/2 engine.

+ +

Warning

+

This module is experimental. Its behaviors, directives, and + defaults are subject to more change from release to + release relative to other standard modules. Users are encouraged to + consult the "CHANGES" file for potential updates.

+
+
+ + +
top
+

H2Direct Directive

+ + + + + + + +
Description:H2 Direct Protocol Switch
Syntax:H2Direct on|off
Default:H2Direct on (for non TLS)
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive toggles the usage of the HTTP/2 Direct Mode. This + should be used inside a + <VirtualHost> + section to enable direct HTTP/2 communication for that virtual host. + Direct communication means that if the first bytes received by the + server on a connection match the HTTP/2 preamble, the HTTP/2 + protocol is switched to immediately without further negotiation. + This mode falls outside the RFC 7540 but has become widely implemented + as it is very convenient for development and testing. + By default the direct HTTP/2 mode is enabled. +

+

Example

H2Direct on
+
+ +
+
top
+

H2MaxSessionStreams Directive

+ + + + + + + +
Description:Maximum number of active streams per HTTP/2 session.
Syntax:H2MaxSessionStreams n
Default:H2MaxSessionStreams 100
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive sets the maximum number of active streams per HTTP/2 session (e.g. connection) + that the server allows. A stream is active if it is not idle or + closed according to RFC 7540. +

+

Example

H2MaxSessionStreams 20
+
+ +
+
top
+

H2MaxWorkerIdleSeconds Directive

+ + + + + + + +
Description:Maximum number of seconds h2 workers remain idle until shut down.
Syntax:H2MaxWorkerIdleSeconds n
Default:H2MaxWorkerIdleSeconds 600
Context:server config
Status:Extension
Module:mod_http2
+

+ This directive sets the maximum number of seconds a h2 worker may + idle until it shuts itself down. This only happens while the number of + h2 workers exceeds H2MinWorkers. +

+

Example

H2MaxWorkerIdleSeconds 20
+
+ +
+
top
+

H2MaxWorkers Directive

+ + + + + + +
Description:Maximum number of worker threads to use per child process.
Syntax:H2MaxWorkers n
Context:server config
Status:Extension
Module:mod_http2
+

+ This directive sets the maximum number of worker threads to spawn + per child process for HTTP/2 processing. If this directive is not used, + mod_http2 will chose a value suitable for the mpm + module loaded. +

+

Example

H2MaxWorkers 20
+
+ +
+
top
+

H2MinWorkers Directive

+ + + + + + +
Description:Minimal number of worker threads to use per child process.
Syntax:H2MinWorkers n
Context:server config
Status:Extension
Module:mod_http2
+

+ This directive sets the minimum number of worker threads to spawn + per child process for HTTP/2 processing. If this directive is not used, + mod_http2 will chose a value suitable for the mpm + module loaded. +

+

Example

H2MinWorkers 10
+
+ +
+
top
+

H2SerializeHeaders Directive

+ + + + + + + +
Description:Serialize Request/Resoonse Processing Switch
Syntax:H2SerializeHeaders on|off
Default:H2SerializeHeaders off
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive toggles if HTTP/2 requests shall be serialized in + HTTP/1.1 format for processing by httpd core or if + received binary data shall be passed into the request_recs + directly. +

+

+ Serialization will lower performance, but gives more backward + compatibility in case custom filters/hooks need it. +

+

Example

H2SerializeHeaders on
+
+ +
+
top
+

H2SessionExtraFiles Directive

+ + + + + + + +
Description:Number of Extra File Handles
Syntax:H2SessionExtraFiles n
Default:H2SessionExtraFiles 5
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive sets maximum number of extra file handles + a HTTP/2 session is allowed to use. A file handle is counted as + extra when it is transfered from a h2 worker thread to + the main HTTP/2 connection handling. This commonly happens when + serving static files. +

+ Depending on the processing model configured on the server, the + number of connections times number of active streams may exceed + the number of file handles for the process. On the other hand, + converting every file into memory bytes early results in too + many buffer writes. This option helps to mitigate that. +

+ The number of file handles used by a server process is then in + the order of: +

+ 
(h2_connections * extra_files) + (h2_max_worker)
+

Example

H2SessionExtraFiles 10
+
+ +
+
top
+

H2StreamMaxMemSize Directive

+ + + + + + + +
Description:Maximum amount of output data buffered per stream.
Syntax:H2StreamMaxMemSize bytes
Default:H2StreamMaxMemSize 65536
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive sets the maximum number of outgoing data bytes buffered in memory + for an active streams. This memory is not allocated per stream as such. Allocations + are counted against this limit when they are about to be done. Stream processing + freezes when the limit has been reached and will only continue when buffered data + has been sent out to the client. +

+

Example

H2StreamMaxMemSize 128000
+
+ +
+
top
+

H2WindowSize Directive

+ + + + + + + +
Description:Size of Stream Window for upstream data.
Syntax:H2WindowSize bytes
Default:H2WindowSize 65536
Context:server config, virtual host
Status:Extension
Module:mod_http2
+

+ This directive sets the size of the window that is used for flow control + from client to server and limits the amount of data the server has to buffer. + The client will stop sending on a stream once the limit has been reached until + the server announces more available space (as it has processed some of the data). +

+ This limit affects only request bodies, not its meta data such as headers. Also, + it has no effect on response bodies as the window size for those are managed + by the clients. +

+

Example

H2WindowSize 128000
+
+ +
+
+
+

Available Languages:  en 

+
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+
+ \ No newline at end of file diff --git a/docs/manual/mod/mod_info.html.en b/docs/manual/mod/mod_info.html.en index 7cef7935..f21851b0 100644 --- a/docs/manual/mod/mod_info.html.en +++ b/docs/manual/mod/mod_info.html.en @@ -91,11 +91,11 @@ configuration

Access control

<Location "/server-info">
     SetHandler server-info
-    Order allow,deny
     # Allow access from server itself
-    Allow from 127.0.0.1
+    Require ip 127.0.0.1
+
     # Additionally, allow access from local workstation
-    Allow from 192.168.1.17
+    Require ip 192.168.1.17
 </Location>
top
diff --git a/docs/manual/mod/mod_info.html.fr b/docs/manual/mod/mod_info.html.fr index 3489ea2d..4ea2c3c7 100644 --- a/docs/manual/mod/mod_info.html.fr +++ b/docs/manual/mod/mod_info.html.fr @@ -94,12 +94,12 @@ serveur

Contrle d'accs

<Location "/server-info">
     SetHandler server-info
-    Order allow,deny
     # Autorisation d'accs depuis le serveur lui-mme
-    Allow from 127.0.0.1
+    Require ip 127.0.0.1
+
     # Autorisation d'accs depuis une station de travail du rseau
 # local
-    Allow from 192.168.1.17
+    Require ip 192.168.1.17
 </Location>
top
diff --git a/docs/manual/mod/mod_log_config.html.tr.utf8 b/docs/manual/mod/mod_log_config.html.tr.utf8 index e9af66ff..bbdbbfdf 100644 --- a/docs/manual/mod/mod_log_config.html.tr.utf8 +++ b/docs/manual/mod/mod_log_config.html.tr.utf8 @@ -32,7 +32,6 @@  ko  |  tr 

-
Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
@@ -202,17 +201,25 @@ - + + + - + - + - + - + - + - - - + + + - + - +
Açıklama:Sunucuya yapılan isteklerin günlük kayıtlarının tutulması
Durum:Temel
%T Saniye cinsinden, isteği sunmak için harcanan zaman.
%u
%{BİRİM}TBİRİM ile belirtilen zaman birimi cinsinden, isteği + sunmak için harcanan zaman. Geçerli birimler: milisaniye için + ms, mikrosaniye için us, saniye için + s. s kullanımı birimsiz %T ile + aynı sonucu verir; us kullanımı %D ile aynı + sonucu verir. Birimli %T kullanımı 2.4.13 ve sonrasında + geçerlidir.
%u Uzak kullanıcı (kimlik doğrulaması istenmişse vardır; durum kodu (%s) 401 ise yanlış olabilir).
%U
%U Herhangi bir sorgu dizgesi içermeksizin istenen URL yolu.
%v
%v İsteği sunan sunucunun meşru sunucu ismi (ServerName).
%V
%V UseCanonicalName ayarı ile ilgili sunucu ismi.
%X
%X Yanıt tamamlandığında bağlantı durumu: @@ -224,20 +231,22 @@
- = Yanıt gönderildikten sonra bağlantı kapatılacak.
%I
%I İstek ve başlıklar dahil alınan bayt sayısı. Sıfır olamaz. Bunu kullanmak için mod_logio etkin olmalıdır.
%OBaşlıklar dahil gönderilen bayt sayısı. Sıfır olamaz. Bunu - kullanmak için mod_logio etkin olmalıdır.
%S
%OBaşlıklar dahil gönderilen bayt sayısı. Bir yanıtın + gönderilmesinden önce istekten vazgeçilmesi gibi nadir durumlarda + sıfır olabilir. Bunu kullanmak için mod_logio etkin + olmalıdır.
%S Aktarılan bayt sayısı (alınan ve gönderilen), istekler ve başlıklar dahil; sıfır olamaz. %I ve %O'nun birleşimidir. Bunu kullanmak için mod_logio etkinleştirilmelidir.
%{ALANADI}^ti
%{ALANADI}^ti Sunucuya gönderilen istekteki ALANADI: Trailer satır(lar)ının içeriği.
%{VARNAME}^to
%{VARNAME}^to Sunucudan gönderilen yanıttaki ALANADI: Trailer satır(lar)ının içeriği.
@@ -417,10 +426,10 @@ expr=ifade] 
# Biçem dizgesi yerine takma ad içeren CustomLog
 LogFormat "%h %l %u %t \"%r\" %>s %b" common
-CustomLog logs/access_log common
+CustomLog "logs/access_log" common
 
 # Biçem dizgesinin kendisini içeren CustomLog
-CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"
+CustomLog "logs/access_log" "%h %l %u %t \"%r\" %>s %b"

Üçüncü argüman isteğe bağlı olup,belli bir isteğin günlüğe kaydedilip @@ -438,15 +447,15 @@ CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b" isterseniz:

SetEnvIf Request_URI \.gif$ gif-image
-CustomLog gif-requests.log common env=gif-image
-CustomLog nongif-requests.log common env=!gif-image
+CustomLog "gif-requests.log" common env=gif-image +CustomLog "nongif-requests.log" common env=!gif-image

Veya eski RefererIgnore yönergesinin davranışını taklit etmek isterseniz:

SetEnvIf Referer example\.com localreferer
-CustomLog referer.log referer env=!localreferer
+CustomLog "referer.log" referer env=!localreferer @@ -506,7 +515,7 @@ CustomLog referer.log referer env=!localreferer belirtilmedikçe Ortak Günlük Biçemi öntanımlıdır.

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
-TransferLog logs/access_log
+TransferLog "logs/access_log" diff --git a/docs/manual/mod/mod_logio.html.tr.utf8 b/docs/manual/mod/mod_logio.html.tr.utf8 index e3f43b03..3706245f 100644 --- a/docs/manual/mod/mod_logio.html.tr.utf8 +++ b/docs/manual/mod/mod_logio.html.tr.utf8 @@ -32,7 +32,6 @@  ko  |  tr 

-
Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
@@ -88,6 +87,9 @@ + +
Açıklama:Her isteğin girdi ve çıktı uzunluklarının günlüklenmesi.
Durum:Eklenti
Aktarılan bayt sayısı (alınan ve gönderilen), istekler ve başlıklar dahil; sıfır olamaz. %I ve %O'nun birleşimidir.
Apache 2.4.7 ve sonrasında kullanılabilmektedir.
%^FBİstek gelip yanıt başlıklarının ilk baytı yazılana kadar mikrosaniye cinsinden geçen zaman. Sadece LogIOTrackTTFB yönergesine ON atanmışsa kullanılabilir.
+ Apache 2.4.13 ve sonrasında kullanılabilir.

Genel olarak, işlevsellik şöyle kullanılır:

@@ -101,16 +103,20 @@
top

LogIOTrackTTFB Yönergesi

- + - -
Açıklama:Enable tracking of time to first byte (TTFB)
Açıklama:İlk baytın yazılmasına kadar geçen süreyi izler
Sözdizimi:LogIOTrackTTFB ON|OFF
Öntanımlı:LogIOTrackTTFB OFF
Bağlam:sunucu geneli, sanal konak, dizin, .htaccess
Geçersizleştirme:none
Durum:Eklenti
Modül:mod_logio
Uyumluluk:Apache HTTP Server 2.4.13 and later

Bu yönergenin belgesi henüz Türkçeye çevrilmedi. - Lütfen İngilizce sürümüne bakınız.

+Uyumluluk:Apache 2.4.13 ve sonrasında kullanılabilir + +

Bu yönerge isteğin okunmasından yanıt başlığının ilk baytının + yazılmasına kadar geçen sürenin izlenmesini yapılandırır. Sonuçlanan + değeri %^FB biçemi ile günlüğe kaydettirebilirsiniz.

+ +

Mevcut Diller:  en  | diff --git a/docs/manual/mod/mod_lua.html.en b/docs/manual/mod/mod_lua.html.en index f5f6989e..f695985e 100644 --- a/docs/manual/mod/mod_lua.html.en +++ b/docs/manual/mod/mod_lua.html.en @@ -165,7 +165,7 @@ function handle(r) -- use our own Error contents r:puts("Unsupported HTTP method " .. r.method) r.status = 405 - return apache2.ok + return apache2.OK else -- use the ErrorDocument return 501 diff --git a/docs/manual/mod/mod_lua.html.fr b/docs/manual/mod/mod_lua.html.fr index a9581f7c..67f37bba 100644 --- a/docs/manual/mod/mod_lua.html.fr +++ b/docs/manual/mod/mod_lua.html.fr @@ -173,7 +173,7 @@ function handle(r) -- message d'erreur personnalis r:puts("Unsupported HTTP method " .. r.method) r.status = 405 - return apache2.ok + return apache2.OK else -- message d'erreur ErrorDocument return 501 diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en index 81b70bfb..5ce4af60 100644 --- a/docs/manual/mod/mod_proxy.html.en +++ b/docs/manual/mod/mod_proxy.html.en @@ -58,7 +58,7 @@ capabilities

  • mod_proxy_balancer and one or more - balancer modules, if load balancing is required. (See + balancer modules if load balancing is required. (See mod_proxy_balancer for more information.)
  • one or more proxy scheme, or protocol, modules: @@ -93,7 +93,7 @@
  • Basic Examples
  • Access via Handler
  • Workers
    • -
  • Controlling access to your proxy
    • +
  • Controlling Access to Your Proxy
  • Slow Startup
  • Intranet Proxy
  • Protocol Adjustments
    • @@ -157,7 +157,7 @@ server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server - as the target and the proxy then requests the content from the + as the target. The proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites.

    @@ -177,15 +177,15 @@

    A reverse proxy (or gateway), by contrast, appears to the client just like an ordinary web server. No special configuration on the client is necessary. - The client makes ordinary requests for content in the name-space + The client makes ordinary requests for content in the namespace of the reverse proxy. The reverse proxy then decides where to - send those requests, and returns the content as if it was itself + send those requests and returns the content as if it were itself the origin.

    A typical usage of a reverse proxy is to provide Internet users access to a server that is behind a firewall. Reverse proxies can also be used to balance load among several back-end - servers, or to provide caching for a slower back-end server. + servers or to provide caching for a slower back-end server. In addition, reverse proxies can be used simply to bring several servers into the same URL space.

    @@ -238,7 +238,7 @@ ProxyVia On

    Workers

    The proxy manages the configuration of origin servers and their communication parameters in objects called workers. - There are two built-in workers, the default forward proxy worker and the + There are two built-in workers: the default forward proxy worker and the default reverse proxy worker. Additional workers can be configured explicitly.

    @@ -258,7 +258,7 @@ ProxyVia On

    This will create a worker associated with the origin server URL - http://backend.example.com and using the given timeout + http://backend.example.com that will use the given timeout values. When used in a forward proxy, workers are usually defined via the ProxySet directive:

    @@ -276,13 +276,13 @@ ProxyVia On

    Using explicitly configured workers in the forward mode is not very common, because forward proxies usually communicate with many different origin servers. Creating explicit workers for some of the - origin servers can still be useful, if they are used very often. + origin servers can still be useful if they are used very often. Explicitly configured workers have no concept of forward or reverse proxying by themselves. They encapsulate a common concept of communication with origin servers. A worker created by ProxyPass for use in a - reverse proxy will be also used for forward proxy requests whenever - the URL to the origin server matches the worker URL and vice versa.

    + reverse proxy will also be used for forward proxy requests whenever + the URL to the origin server matches the worker URL, and vice versa.

    The URL identifying a direct worker is the URL of its origin server including any path components given:

    @@ -307,13 +307,13 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10 worker is used. The benefit is, that there is only one connection pool, so connections are more often reused. Note that all configuration attributes given explicitly for the later worker will be ignored. This will be logged - as a warning. In the above example the resulting timeout value + as a warning. In the above example, the resulting timeout value for the URL /examples will be 60 instead of 10!

    If you want to avoid worker sharing, sort your worker definitions by URL length, starting with the longest worker URLs. If you want to maximize - worker sharing use the reverse sort order. See also the related warning about + worker sharing, use the reverse sort order. See also the related warning about ordering ProxyPass directives.

    @@ -326,7 +326,7 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10 ProxySet.

    The set of options available for a direct worker - depends on the protocol, which is specified in the origin server URL. + depends on the protocol which is specified in the origin server URL. Available protocols include ajp, fcgi, ftp, http and scgi.

    @@ -343,7 +343,7 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10
    top
    -

    Controlling access to your proxy

    +

    Controlling Access to Your Proxy

    You can control who can access your proxy via the <Proxy> control block as in the following example:

    @@ -496,7 +496,7 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10

    This directive allows for growth potential in the number of Balancers available for a virtualhost in addition to the number pre-configured. It only takes effect if there is at - least 1 pre-configured Balancer.

    + least one pre-configured Balancer.

    top
    @@ -528,15 +528,15 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10 Compatibility:BalancerMember is only available in Apache HTTP Server 2.2 and later. -

    This directive adds a member to a load balancing group. It could be used +

    This directive adds a member to a load balancing group. It can be used within a <Proxy balancer://...> container - directive, and can take any of the key value pair parameters available to + directive and can take any of the key value pair parameters available to ProxyPass directives.

    One additional parameter is available only to BalancerMember directives: loadfactor. This is the member load factor - a number between 1 (default) and 100, which defines the weighted load to be applied to the member in question.

    -

    The balancerurl is only needed when not in +

    The balancerurl is only needed when not within a <Proxy balancer://...> container directive. It corresponds to the url of a balancer defined in ProxyPass directive.

    @@ -608,7 +608,7 @@ NoProxy ".example.com" "192.168.112.0/21"

    Note

    Domain name comparisons are done without regard to the case, and Domains are always assumed to be anchored in the root of the - DNS tree, therefore two domains .ExAmple.com and + DNS tree; therefore, the two domains .ExAmple.com and .example.com. (note the trailing period) are considered equal. Since a domain comparison does not involve a DNS lookup, it is much more efficient than subnet comparison.

    @@ -677,7 +677,7 @@ NoProxy ".example.com" "192.168.112.0/21" link.

    Hostname comparisons are done without regard to the case, and Hostnames are always assumed to be anchored in the root - of the DNS tree, therefore two hosts WWW.ExAmple.com + of the DNS tree; therefore, the two hosts WWW.ExAmple.com and www.example.com. (note the trailing period) are considered equal.

    @@ -767,14 +767,14 @@ response Module:mod_proxy

    The ProxyBadHeader directive determines the - behaviour of mod_proxy if it receives syntactically invalid + behavior of mod_proxy if it receives syntactically invalid response header lines (i.e. containing no colon) from the origin server. The following arguments are possible:

    IsError
    Abort the request and end up with a 502 (Bad Gateway) response. This is - the default behaviour.
    + the default behavior.
    Ignore
    Treat bad header lines as if they weren't sent.
    @@ -853,13 +853,13 @@ proxied Status:Extension Module:mod_proxy -

    This directive is useful for reverse-proxy setups, where you want to +

    This directive is useful for reverse-proxy setups where you want to have a common look and feel on the error pages seen by the end user. This also allows for included files (via mod_include's SSI) to get - the error code and act accordingly (default behavior would display - the error page of the proxied server, turning this on shows the SSI - Error message).

    + the error code and act accordingly. (Default behavior would display + the error page of the proxied server. Turning this on shows the SSI + Error message.)

    This directive does not affect the processing of informational (1xx), normal success (2xx), or redirect (3xx) responses.

    @@ -876,12 +876,12 @@ proxied Module:mod_proxy

    The ProxyIOBufferSize directive adjusts the size - of the internal buffer, which is used as a scratchpad for the data between + of the internal buffer which is used as a scratchpad for the data between input and output. The size must be at least 512.

    -

    In almost every case there's no reason to change that value.

    +

    In almost every case, there's no reason to change that value.

    -

    If used with AJP this directive sets the maximum AJP packet size in +

    If used with AJP, this directive sets the maximum AJP packet size in bytes. Values larger than 65536 are set to 65536. If you change it from the default, you must also change the packetSize attribute of your AJP connector on the Tomcat side! The attribute @@ -905,7 +905,7 @@ proxied resources Module:mod_proxy

    The <ProxyMatch> directive is - identical to the <Proxy> directive, except it matches URLs + identical to the <Proxy> directive, except that it matches URLs using regular expressions.

    From 2.4.8 onwards, named groups and backreferences are captured and @@ -938,9 +938,9 @@ through Compatibility:Default behaviour changed in 2.2.7

    The ProxyMaxForwards directive specifies the - maximum number of proxies through which a request may pass, if there's no + maximum number of proxies through which a request may pass if there's no Max-Forwards header supplied with the request. This may - be set to prevent infinite proxy loops, or a DoS attack.

    + be set to prevent infinite proxy loops or a DoS attack.

    Example

    ProxyMaxForwards 15
    @@ -950,7 +950,7 @@ through setting Max-Forwards if the Client didn't set it. Earlier Apache httpd versions would always set it. A negative ProxyMaxForwards value, including the - default -1, gives you protocol-compliant behaviour, but may + default -1, gives you protocol-compliant behavior but may leave you open to loops.

    @@ -966,8 +966,8 @@ through Compatibility:Unix Domain Socket (UDS) support added in 2.4.7

    This directive allows remote servers to be mapped into the - space of the local server; the local server does not act as a - proxy in the conventional sense, but appears to be a mirror of the + space of the local server. The local server does not act as a + proxy in the conventional sense but appears to be a mirror of the remote server. The local server is often called a reverse proxy or gateway. The path is the name of a local virtual path; url is a partial URL for the @@ -982,12 +982,18 @@ through

    In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target which prepends unix:/path/lis.sock|. For example, to proxy - HTTP and target the UDS at /home/www/socket you would use + HTTP and target the UDS at /home/www/socket, you would use unix:/home/www.socket|http://localhost/whatever/.

    Note: The path associated with the unix: URL is DefaultRuntimeDir aware.
    +

    When used inside a <Location> section, the first argument is omitted and the local + directory is obtained from the <Location>. The same will occur inside a + <LocationMatch> section; + however, ProxyPass does not interpret the regexp as such, so it is necessary + to use ProxyPassMatch in this situation instead.

    +

    Suppose the local server has address http://example.com/; then

    @@ -1000,7 +1006,13 @@ through http://example.com/mirror/foo/bar to be internally converted into a proxy request to http://backend.example.com/bar.

    -

    The following alternative syntax is possible, however it can carry a +

    The ProxyPass directive is not supported in <Directory> or <Files> sections.

    + +

    If you require a more flexible reverse-proxy configuration, see the + RewriteRule directive with the + [P] flag.

    + +

    The following alternative syntax is possible; however, it can carry a performance penalty when present in very large numbers. The advantage of the below syntax is that it allows for dynamic control via the Balancer Manager interface:

    @@ -1010,8 +1022,8 @@ through

    If the first argument ends with a trailing /, the second - argument should also end with a trailing / and vice - versa. Otherwise the resulting requests to the backend may miss some + argument should also end with a trailing /, and vice + versa. Otherwise, the resulting requests to the backend may miss some needed slashes and do not deliver the expected results.

    @@ -1041,24 +1053,26 @@ ProxyPass "/mirror/foo" "http://backend.example.com" rules are checked in the order of configuration. The first rule that matches wins. So usually you should sort conflicting ProxyPass rules starting with the - longest URLs first. Otherwise later rules for longer URLS will be hidden + longest URLs first. Otherwise, later rules for longer URLS will be hidden by any earlier rule which uses a leading substring of the URL. Note that there is some relation with worker sharing. In contrast, only one ProxyPass directive can be placed in a Location block, and the most specific location will take precedence.

    -

    For the same reasons exclusions must come before the +

    For the same reasons, exclusions must come before the general ProxyPass directives.

    +

    ProxyPass key=value Parameters

    +

    In Apache HTTP Server 2.1 and later, mod_proxy supports pooled connections to a backend server. Connections created on demand can be retained in a pool for future use. Limits on the pool size and other settings can be coded on the ProxyPass directive - using key=value parameters, described in the table + using key=value parameters, described in the tables below.

    By default, mod_proxy will allow and retain the maximum number of @@ -1094,7 +1108,7 @@ ProxyPass "/mirror/foo" "http://backend.example.com" Maximum number of connections that will be allowed to the backend server. The default for this limit is the number of threads per process in the active MPM. In the Prefork MPM, this is always 1, - while with other MPMs it is controlled by the + while with other MPMs, it is controlled by the ThreadsPerChild directive. smax max @@ -1108,16 +1122,16 @@ ProxyPass "/mirror/foo" "http://backend.example.com" closed more aggressively. acquire - - If set this will be the maximum time to wait for a free + If set, this will be the maximum time to wait for a free connection in the connection pool, in milliseconds. If there are no free - connections in the pool the Apache httpd will return SERVER_BUSY + connections in the pool, the Apache httpd will return SERVER_BUSY status to the client. connectiontimeout timeout Connect timeout in seconds. The number of seconds Apache httpd waits for the creation of a connection to - the backend to complete. By adding a postfix of ms the timeout can be + the backend to complete. By adding a postfix of ms, the timeout can be also set in milliseconds. disablereuse @@ -1142,10 +1156,10 @@ ProxyPass "/mirror/foo" "http://backend.example.com" off Determines whether the proxy module will auto-flush the output brigade after each "chunk" of data. 'off' means that it will flush - only when needed, 'on' means after each chunk is sent and + only when needed; 'on' means after each chunk is sent; and 'auto' means poll/wait for a period of time and flush if no input has been received for 'flushwait' milliseconds. - Currently this is in effect only for AJP. + Currently, this is in effect only for AJP. flushwait 10 @@ -1161,10 +1175,11 @@ ProxyPass "/mirror/foo" "http://backend.example.com" keepalive Off

    This parameter should be used when you have a firewall between your - Apache httpd and the backend server, who tend to drop inactive connections. + Apache httpd and the backend server, which tends to drop inactive connections. This flag will tell the Operating System to send KEEP_ALIVE - messages on inactive connections and thus prevent the firewall to drop the connection. - To enable keepalive set this property value to On.

    + messages on inactive connections and thus prevent the firewall from dropping + the connection. + To enable keepalive, set this property value to On.

    The frequency of initial and subsequent TCP keepalive probes depends on global OS settings, and may be as high as 2 hours. To be useful, the frequency configured in the OS must be smaller than the threshold used @@ -1180,19 +1195,19 @@ ProxyPass "/mirror/foo" "http://backend.example.com" 0 Ping property tells the webserver to "test" the connection to the backend before forwarding the request. For AJP, it causes - mod_proxy_ajpto send a CPING + mod_proxy_ajp to send a CPING request on the ajp13 connection (implemented on Tomcat 3.3.2+, 4.1.28+ and 5.0.13+). For HTTP, it causes mod_proxy_http to send a 100-Continue to the backend (only valid for HTTP/1.1 - for non HTTP/1.1 backends, this property has no - effect). In both cases the parameter is the delay in seconds to wait + effect). In both cases, the parameter is the delay in seconds to wait for the reply. This feature has been added to avoid problems with hung and busy backends. This will increase the network traffic during the normal operation which could be an issue, but it will lower the traffic in case some of the cluster nodes are down or busy. - By adding a postfix of ms the delay can be also set in + By adding a postfix of ms, the delay can be also set in milliseconds. receivebuffersize @@ -1206,16 +1221,16 @@ ProxyPass "/mirror/foo" "http://backend.example.com" - Redirection Route of the worker. This value is usually set dynamically to enable safe removal of the node from - the cluster. If set all requests without session id will be + the cluster. If set, all requests without session id will be redirected to the BalancerMember that has route parameter - equal as this value. + equal to this value. retry 60 Connection pool worker retry timeout in seconds. If the connection pool worker to the backend server is in the error state, Apache httpd will not forward any requests to that server until the timeout - expires. This enables to shut down the backend server for maintenance, + expires. This enables to shut down the backend server for maintenance and bring it back online later. A value of 0 means always retry workers in an error state with no timeout. @@ -1231,11 +1246,11 @@ ProxyPass "/mirror/foo" "http://backend.example.com" - + -
    D: Worker is disabled and will not accept any requests.
    S: Worker is administratively stopped.
    I: Worker is in ignore-errors mode, and will always be considered available.
    I: Worker is in ignore-errors mode and will always be considered available.
    H: Worker is in hot-standby mode and will only be used if no other viable workers are available.
    E: Worker is in an error state.
    N: Worker is in drain mode, and will only accept existing sticky sessions +
    N: Worker is in drain mode and will only accept existing sticky sessions destined for itself and ignore all other requests.
    Status can be set (which is the default) by prepending with '+' or @@ -1260,11 +1275,12 @@ ProxyPass "/mirror/foo" "http://backend.example.com"

    If the Proxy directive scheme starts with the balancer:// (eg: balancer://cluster, - any path information is ignored) then a virtual worker that does not really - communicate with the backend server will be created. Instead it is responsible - for the management of several "real" workers. In that case the special set of - parameters can be add to this virtual worker. See mod_proxy_balancer - for more information about how the balancer works. + any path information is ignored), then a virtual worker that does not really + communicate with the backend server will be created. Instead, it is responsible + for the management of several "real" workers. In that case, the special set of + parameters can be added to this virtual worker. + See mod_proxy_balancer for more information about how + the balancer works.

    Balancer parameters
    @@ -1275,9 +1291,9 @@ ProxyPass "/mirror/foo" "http://backend.example.com" @@ -1285,7 +1301,7 @@ ProxyPass "/mirror/foo" "http://backend.example.com" - @@ -1295,32 +1311,32 @@ ProxyPass "/mirror/foo" "http://backend.example.com" like JSESSIONID or PHPSESSIONID, and it depends on the backend application server that support sessions. If the backend application server uses different name for cookies - and url encoded id (like servlet containers) use | to to separate them. + and url encoded id (like servlet containers) use | to separate them. The first part is for the cookie the second for the path.
    Available in Apache HTTP Server 2.4.4 and later. - - - @@ -1354,13 +1370,13 @@ ProxyPass "/mirror/foo" "http://backend.example.com" retry parameter of the workers if all workers of a balancer are in error state. There might be cases where an already overloaded backend can get into deeper trouble if the recovery of all workers is enforced - without considering the retry parameter of each worker. In this case + without considering the retry parameter of each worker. In this case, set to Off.
    Available in Apache HTTP Server 2.4.2 and later.
    byrequests Balancer load-balance method. Select the load-balancing scheduler method to use. Either byrequests, to perform weighted - request counting, bytraffic, to perform weighted - traffic byte count balancing, or bybusyness, to perform - pending request balancing. Default is byrequests. + request counting; bytraffic, to perform weighted + traffic byte count balancing; or bybusyness, to perform + pending request balancing. The default is byrequests.
    maxattempts One less than the number of workers, or 1 with a single worker.
    nofailover OffIf set to On the session will break if the worker is in + If set to On, the session will break if the worker is in error state or disabled. Set this value to On if backend servers do not support session replication.
    stickysessionsep "." Sets the separation symbol in the session cookie. Some backend application servers - do not use the '.' as the symbol. For example the Oracle Weblogic server uses + do not use the '.' as the symbol. For example, the Oracle Weblogic server uses '!'. The correct symbol can be set using this option. The setting of 'Off' signifies that no symbol is used.
    scolonpathdelim OffIf set to On the semi-colon character ';' will be + If set to On, the semi-colon character ';' will be used as an additional sticky session path delimiter/separator. This is mainly used to emulate mod_jk's behavior when dealing with paths such as JSESSIONID=6736bcf34;foo=aabfa
    timeout 0Balancer timeout in seconds. If set this will be the maximum time - to wait for a free worker. Default is not to wait. + Balancer timeout in seconds. If set, this will be the maximum time + to wait for a free worker. The default is to not wait.
    failonstatus -A single or comma-separated list of HTTP status codes. If set this will + A single or comma-separated list of HTTP status codes. If set, this will force the worker into error state when the backend returns any status code in the list. Worker recovery behaves the same as other worker errors.
    -

    A sample balancer setup

    +

    A sample balancer setup:

    ProxyPass "/special-area" "http://special.example.com" smax=5 max=10
 ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofailover=On
 <Proxy "balancer://mycluster">
@@ -1371,8 +1387,8 @@ ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofail
 </Proxy>
    -

    Setting up a hot-standby, that will only be used if no other - members are available

    +

    Setting up a hot-standby that will only be used if no other + members are available:

    ProxyPass "/" "balancer://hotcluster/"
 <Proxy "balancer://hotcluster">
     BalancerMember "ajp://1.2.3.4:8009" loadfactor=1
@@ -1383,12 +1399,14 @@ ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofail
 </Proxy>
    +

    Additional ProxyPass Keywords

    +

    Normally, mod_proxy will canonicalise ProxyPassed URLs. But this may be incompatible with some backends, particularly those that make use of PATH_INFO. The optional nocanon - keyword suppresses this, and passes the URL path "raw" to the - backend. Note that may affect the security of your backend, as it - removes the normal limited protection against URL-based attacks + keyword suppresses this and passes the URL path "raw" to the + backend. Note that this keyword may affect the security of your backend, + as it removes the normal limited protection against URL-based attacks provided by the proxy.

    Normally, mod_proxy will include the query string when @@ -1396,20 +1414,8 @@ ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofail The optional noquery keyword (available in httpd 2.4.1 and later) prevents this.

    -

    When used inside a <Location> section, the first argument is omitted and the local - directory is obtained from the <Location>. The same will occur inside a - <LocationMatch> section, - however ProxyPass does not interpret the regexp as such, so it is necessary - to use ProxyPassMatch in this situation instead.

    - -

    This directive is not supported in <Directory> or <Files> sections.

    - -

    If you require a more flexible reverse-proxy configuration, see the - RewriteRule directive with the - [P] flag.

    -

    The optional interpolate keyword, in combination with - ProxyPassInterpolateEnv causes the ProxyPass + ProxyPassInterpolateEnv, causes the ProxyPass to interpolate environment variables, using the syntax ${VARNAME}. Note that many of the standard CGI-derived environment variables will not exist when this interpolation happens, @@ -1442,7 +1448,7 @@ ProxyPassReverse "/mirror/foo/" "https://backend.example.com/" Status:Extension Module:mod_proxy Compatibility:ProxyPassInherit is only available in Apache HTTP Server 2.4.5 and later. - and later. +

    This directive will cause the current server/vhost to "inherit" ProxyPass @@ -1466,18 +1472,18 @@ ProxyPassReverse "/mirror/foo/" "https://backend.example.com/"

    This directive, together with the interpolate argument to ProxyPass, ProxyPassReverse, - ProxyPassReverseCookieDomain and - ProxyPassReverseCookiePath + ProxyPassReverseCookieDomain, and + ProxyPassReverseCookiePath, enables reverse proxies to be dynamically - configured using environment variables, which may be set by + configured using environment variables which may be set by another module such as mod_rewrite. It affects the ProxyPass, ProxyPassReverse, ProxyPassReverseCookieDomain, and - ProxyPassReverseCookiePath directives, + ProxyPassReverseCookiePath directives and causes them to substitute the value of an environment variable varname for the string ${varname} - in configuration directives (if the interpolate option is set).

    + in configuration directives if the interpolate option is set.

    Keep this turned off (for server performance) unless you need it!

    @@ -1491,8 +1497,8 @@ ProxyPassReverse "/mirror/foo/" "https://backend.example.com/" Status:Extension Module:mod_proxy -

    This directive is equivalent to ProxyPass, - but makes use of regular expressions, instead of simple prefix matching. The +

    This directive is equivalent to ProxyPass + but makes use of regular expressions instead of simple prefix matching. The supplied regular expression is matched against the url, and if it matches, the server will substitute any parenthesized matches into the given string and use it as a new url.

    @@ -1543,7 +1549,7 @@ ProxyPassReverse "/mirror/foo/" "https://backend.example.com/"

    Take care when constructing the target URL of the rule, considering the security impact from allowing the client influence over the set of URLs to which your server will act as a proxy. Ensure that the scheme - and hostname part of the URL is either fixed, or does not allow the + and hostname part of the URL is either fixed or does not allow the client undue influence.

    @@ -1562,7 +1568,7 @@ proxied server

    This directive lets Apache httpd adjust the URL in the Location, Content-Location and URI headers on HTTP redirect responses. This is essential when Apache httpd is used as a - reverse proxy (or gateway) to avoid by-passing the reverse proxy + reverse proxy (or gateway) to avoid bypassing the reverse proxy because of HTTP redirects on the backend servers which stay behind the reverse proxy.

    @@ -1570,12 +1576,13 @@ proxied server will be rewritten. Apache httpd will not rewrite other response headers, nor will it by default rewrite URL references inside HTML pages. This means that if the proxied content contains absolute URL - references, they will by-pass the proxy. To rewrite HTML content to + references, they will bypass the proxy. To rewrite HTML content to match the proxy, you must load and enable mod_proxy_html.

    -

    path is the name of a local virtual path. url is a - partial URL for the remote server - the same way they are used for the +

    path is the name of a local virtual path; url is a + partial URL for the remote server. + These parameters are used the same way as for the ProxyPass directive.

    For example, suppose the local server has address @@ -1590,16 +1597,16 @@ ProxyPassReverseCookiePath "/" "/mirror/foo/"

    will not only cause a local request for the http://example.com/mirror/foo/bar to be internally converted into a proxy request to http://backend.example.com/bar - (the functionality ProxyPass provides here). It also takes care - of redirects the server backend.example.com sends: when - http://backend.example.com/bar is redirected by him to - http://backend.example.com/quux Apache httpd adjusts this to + (the functionality which ProxyPass provides here). + It also takes care of redirects which the server backend.example.com + sends when redirecting http://backend.example.com/bar to + http://backend.example.com/quux . Apache httpd adjusts this to http://example.com/mirror/foo/quux before forwarding the HTTP redirect response to the client. Note that the hostname used for constructing the URL is chosen in respect to the setting of the UseCanonicalName directive.

    Note that this ProxyPassReverse directive can - also be used in conjunction with the proxy pass-through feature + also be used in conjunction with the proxy feature (RewriteRule ... [P]) from mod_rewrite because it doesn't depend on a corresponding ProxyPass directive.

    @@ -1613,7 +1620,7 @@ ProxyPassReverseCookiePath "/" "/mirror/foo/" directory is obtained from the <Location>. The same occurs inside a <LocationMatch> section, but will probably not work as intended, as ProxyPassReverse will interpret the regexp literally as a path; if needed in this situation, specify the ProxyPassReverse outside - the section, or in a separate <Location> section.

    + the section or in a separate <Location> section.

    This directive is not supported in <Directory> or <Files> sections.

    @@ -1681,7 +1688,7 @@ context in 2.3.3 and later.

    When enabled, this option will pass the Host: line from the incoming request to the proxied host, instead of the hostname specified in the - ProxyPass line.

    + ProxyPass line.

    This option should normally be turned Off. It is mostly useful in special configurations like proxied mass name-based virtual @@ -1744,7 +1751,7 @@ ProxyRemote "ftp" "http://ftpproxy.mydomain:8080" as yet another HTTP proxy request, to another proxy which can handle them.

    -

    This option also supports reverse proxy configuration - a backend +

    This option also supports reverse proxy configuration; a backend webserver can be embedded within a virtualhost URL space even if that server is hidden by another forward proxy.

    @@ -1760,7 +1767,7 @@ expressions Module:mod_proxy

    The ProxyRemoteMatch is identical to the - ProxyRemote directive, except the + ProxyRemote directive, except that the first argument is a regular expression match against the requested URL.

    @@ -1841,7 +1848,7 @@ expressions

    Warning

    Keep in mind that the same parameter key can have a different meaning - depending whether it is applied to a balancer or a worker as shown by the two + depending whether it is applied to a balancer or a worker, as shown by the two examples above regarding timeout.

    diff --git a/docs/manual/mod/mod_proxy.html.fr b/docs/manual/mod/mod_proxy.html.fr index d029f813..91f022c5 100644 --- a/docs/manual/mod/mod_proxy.html.fr +++ b/docs/manual/mod/mod_proxy.html.fr @@ -30,8 +30,6 @@  fr  |  ja 

    -
    Cette traduction peut tre prime. Vrifiez la version - anglaise pour les changements rcents.
    @@ -171,7 +169,7 @@ demand. Pour obtenir un contenu hberg par le serveur demand, le client envoie une requte au mandataire en nommant le serveur demand comme - cible, puis le mandataire extrait le contenu depuis le + cible. Le mandataire extrait alors le contenu depuis le serveur demand et le renvoie enfin au client. Le client doit tre configur de manire approprie pour pouvoir utiliser le mandataire direct afin d'accder d'autres sites.

    @@ -283,7 +281,7 @@ ProxyVia On

    Cette directive va crer un worker associ l'URL du serveur - original http://backend.example.com, et utilisant les + original http://backend.example.com qui utilisera les valeurs de timeout donnes. Lorsqu'ils sont utiliss dans le cadre d'un mandataire direct, les workers sont en gnral dfinis via la directive ProxySet,

    @@ -1087,7 +1085,7 @@ l'espace d'URLs du serveur local sont supports partir de la version 2.4.7 du serveur HTTP Apache
    Description:Serveur mandataire/passerelle multi-protocole
    Statut:Extension
    IdentificateurdeModule:proxy_module

    Cette directive permet de rfrencer des serveurs distants depuis - l'espace d'URLs du serveur local ; le serveur + l'espace d'URLs du serveur local. Le serveur local n'agit pas en tant que mandataire au sens conventionnel, mais plutt comme miroir du serveur distant. Le serveur local est souvent nomm mandataire inverse ou @@ -1113,6 +1111,15 @@ sont support unix: tient compte de la directive DefaultRuntimeDir. +

    Lorsque cette directive est utilise dans une section <Location>, le premier + argument est omis et le rpertoire local est obtenu partir de + l'argument de la directive <Location>. Il en est de mme l'intrieur + d'une section <LocationMatch>, mais le rsultat ne sera + probablement pas celui attendu car ProxyPassReverse va interprter + l'expression rationnelle littralement comme un chemin ; si besoin + est dans ce cas, dfinissez la directive ProxyPassReverse en dehors + de la section, ou dans une section <Location> spare.

    +

    Supposons que le serveur local a pour adresse http://example.com/ ; alors la ligne

    @@ -1125,6 +1132,14 @@ sont support http://example.com/miroir/foo/bar en une requte mandate pour http://backend.example.com/bar.

    +

    La directive ProxyPass ne peut pas tre place dans une section + <Directory> ou + <Files>.

    + +

    Si vous avez besoin d'un configuration de mandataire inverse plus + souple, reportez-vous la documentaion de la directive RewriteRule et son drapeau + [P].

    +

    La syntaxe alternative suivante est valide, bien qu'elle puisse induire une dgradation des performances lorsqu'elle est prsente en trs grand nombre. Elle possde l'avantage de @@ -1180,14 +1195,16 @@ ProxyPass "/mirror/foo" "http://backend.example.com" +

    ProxyPass cl=valeur Paramtres

    +

    Depuis la version 2.1 du serveur HTTP Apache, mod_proxy supporte les groupements de connexions vers un serveur d'arrire-plan. Les connexions cres la demande peuvent tre enregistres dans un groupement pour une utilisation ultrieure. La taille du groupe ainsi que d'autres caractristiques peuvent tre dfinies via la directive ProxyPass au moyen de paramtres - cl=valeur dont la description fait l'objet du tableau - ci-dessous.

    + cl=valeur dont la description fait l'objet des + tableaux ci-dessous.

    Par dfaut, mod_proxy permet et met en rserve le nombre maximum de connexions pouvant tre utilises simultanment par le processus @@ -1281,8 +1298,9 @@ ProxyPass "/mirror/foo" "http://backend.example.com" off Permet de dfinir si le module mandataire doit vider automatiquement le tampon de sortie aprs chaque tronon de - donnes. 'off' signifie que le tampon sera vid si ncessaire, - 'on' que le tampon sera vid aprs chaque envoi d'un + donnes. 'off' signifie que le tampon sera vid si + ncessaire ; + 'on' signifie que le tampon sera vid aprs chaque envoi d'un tronon de donnes, et 'auto' que le tampon sera vid aprs un dlai de 'flushwait' millisecondes si aucune entre n'est reue. Actuellement, cette cl n'est supporte que par AJP. @@ -1456,7 +1474,7 @@ ProxyPass "/mirror/foo" "http://backend.example.com" Off Si ce paramtre est dfini On, la session va s'interrompre si le serveur cible est dans un tat d'erreur ou - dsactiv. Dfinissez ce paramtre On si le serveur + dsactiv. Dfinissez ce paramtre On si le serveur d'arrire-plan ne supporte pas la rplication de session. stickysession @@ -1465,7 +1483,7 @@ ProxyPass "/mirror/foo" "http://backend.example.com" gnralement du style JSESSIONID ou PHPSESSIONID, et dpend du serveur d'application d'arrire-plan qui supporte les sessions. Si le serveur - d'application d'arrire-plan utilise des noms diffrents pour + d'application d'arrire-plan utilise un nom diffrent pour les cookies et les identifiants cods d'URL (comme les conteneurs de servlet), sparez-les par le caractre '|'. La premire partie contient le cookie et la seconde le chemin.
    @@ -1569,6 +1587,8 @@ ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofail </Proxy> +

    Mots-cls additionnels de ProxyPass

    +

    Normalement, mod_proxy va mettre sous leur forme canonique les URLs traites par ProxyPass. Mais ceci peut tre incompatible avec certains serveurs d'arrire-plan, et en particulier avec ceux qui @@ -1793,8 +1813,9 @@ par un serveur mandat

    chemin est le nom d'un chemin virtuel local. - url est une URL partielle pour le serveur distant - ils - sont utiliss de la mme faon qu'avec la directive ProxyPass.

    + url est une URL partielle pour le serveur distant. Ces + paramtres s'utilisent de la mme faon qu'avec la + directive ProxyPass.

    Supposons par exemple que le serveur local a pour adresse http://example.com/ ; alors

    @@ -1810,17 +1831,18 @@ ProxyPassReverseCookiePath "/" "/mirror/foo/" requte mandate pour http://backend.example.com/bar (la fonctionnalit fournie par ProxyPass). Il va aussi s'occuper des redirections que le serveur - backend.example.com envoie : lorsque - http://backend.example.com/bar est redirig par - celui-ci vers http://backend.example.com/quux, Apache + backend.example.com envoie lorsqu'il redirige + http://backend.example.com/bar vers + http://backend.example.com/quux. Apache httpd corrige ceci en http://example.com/miroir/foo/quux avant de faire suivre la redirection HTTP au client. Notez que le nom d'hte utilis pour construire l'URL est choisi en respectant la dfinition de la directive UseCanonicalName.

    Notez que la directive ProxyPassReverse - peut aussi tre utilise en conjonction avec la fonctionnalit - pass-through (RewriteRule ... [P]) du module + peut aussi tre utilise en conjonction avec la + fonctionnalit de mandataire + (RewriteRule ... [P]) du module mod_rewrite, car elle ne dpend pas d'une directive ProxyPass correspondante.

    @@ -1912,7 +1934,7 @@ dans un contexte de r

    Lorsqu'elle est active, cette directive va transmettre l'en-tte Host: de la requte entrante vers le serveur mandat, au lieu du nom - d'hte spcifi par la directive ProxyPass.

    + d'hte spcifi par la directive ProxyPass.

    Cette directive est habituellement dfinie Off. Elle est principalement utile dans les configurations particulires @@ -1983,7 +2005,7 @@ ProxyRemote "ftp" "http://ftpproxy.mydomain:8080" HTTP, vers un autre mandataire capable de les traiter.

    Cette directive supporte aussi les configurations de mandataire - inverse - un serveur web d'arrire-plan peut tre intgr dans + inverse ; un serveur web d'arrire-plan peut tre intgr dans l'espace d'URL d'un serveur virtuel, mme si ce serveur est cach par un autre mandataire direct.

    diff --git a/docs/manual/mod/mod_proxy.html.ja.utf8 b/docs/manual/mod/mod_proxy.html.ja.utf8 index 2519a3b2..fd6a41b7 100644 --- a/docs/manual/mod/mod_proxy.html.ja.utf8 +++ b/docs/manual/mod/mod_proxy.html.ja.utf8 @@ -925,7 +925,7 @@ ステータス:Extension モジュール:mod_proxy 互換性:ProxyPassInherit is only available in Apache HTTP Server 2.4.5 and later. - and later. +

    このディレクティブの解説文書は まだ翻訳されていません。英語版をご覧ください。

    diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en index ecacc71c..a5a44289 100644 --- a/docs/manual/mod/mod_rewrite.html.en +++ b/docs/manual/mod/mod_rewrite.html.en @@ -361,7 +361,7 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
    The path component of the requested URI, such as "/index.html". This notably excludes the - query string which is available as as its own variable + query string which is available as its own variable named QUERY_STRING.
    THE_REQUEST
    @@ -422,7 +422,9 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3" mod_ssl is loaded, but will always expand to the empty string if it is not. Example: %{SSL:SSL_CIPHER_USEKEYSIZE} may expand to - 128. + 128. These variables are available even without + setting the StdEnvVars option of the + SSLOptions directive.
  • %{HTTP:header}, where header can be diff --git a/docs/manual/mod/mod_rewrite.html.fr b/docs/manual/mod/mod_rewrite.html.fr index 67a9981f..c7401c43 100644 --- a/docs/manual/mod/mod_rewrite.html.fr +++ b/docs/manual/mod/mod_rewrite.html.fr @@ -29,6 +29,8 @@

    Langues Disponibles:  en  |  fr 

    +
    Cette traduction peut tre prime. Vrifiez la version + anglaise pour les changements rcents.
    diff --git a/docs/manual/mod/mod_socache_memcache.html.en b/docs/manual/mod/mod_socache_memcache.html.en index 276157f5..0a96035a 100644 --- a/docs/manual/mod/mod_socache_memcache.html.en +++ b/docs/manual/mod/mod_socache_memcache.html.en @@ -57,10 +57,45 @@

    Directives

    -

    This module provides no - directives.

    +
    +
    top
    +

    MemcacheConnTTL Directive

    +
    Description:Ce module fournit un moteur de rcriture base de rgles permettant de rcrire les URLs des requtes la vole
    + + + + + + + +
    Description:Keepalive time for idle connections
    Syntax:MemcacheConnTTL num[units]
    Default:MemcacheConnTTL 15s
    Context:server config, virtual host
    Status:Extension
    Module:mod_socache_memcache
    Compatibility:Available in Apache 2.4.17 and later
    + +

    Set the time to keep idle connections with the memcache server(s) + alive (threaded platforms only).

    + +

    Valid values for MemcacheConnTTL are times + up to one hour. 0 means no timeout.

    + +

    This timeout defaults to units of seconds, but accepts + suffixes for milliseconds (ms), seconds (s), minutes (min), and hours (h). +

    + +

    Before Apache 2.4.17, this timeout was hardcoded and its value was 600 usec. + So, the closest configuration to match the legacy behaviour is to set + MemcacheConnTTL to 1ms.

    + + 
    # Set a timeout of 10 minutes
+MemcacheConnTTL 10min
+# Set a timeout of 60 seconds
+MemcacheConnTTL 60
    +
    + + +

    Available Languages:  en  | diff --git a/docs/manual/mod/mod_socache_memcache.html.fr b/docs/manual/mod/mod_socache_memcache.html.fr index 184c7e93..95af8778 100644 --- a/docs/manual/mod/mod_socache_memcache.html.fr +++ b/docs/manual/mod/mod_socache_memcache.html.fr @@ -58,9 +58,50 @@

    Directives

    -

    Ce module ne fournit aucune directive.

    +
    +
    top
    +

    Directive MemcacheConnTTL

    + + + + + + + + +
    Description:Dure de conservation des connexions inactives
    Syntaxe:MemcacheConnTTL num[units]
    Dfaut:MemcacheConnTTL 15s
    Contexte:configuration du serveur, serveur virtuel
    Statut:Extension
    Module:mod_socache_memcache
    Compatibilit:Disponible partir de la version 2.4.17 du serveur HTTP +Apache.
    + +

    Dfinit la dure pendant laquelle les connexions + inactives avec le(s) serveur(s) memcache seront conserves + (plateformes threades seulement).

    + +

    Les valeurs valides de la directive + MemcacheConnTTL sont des dures d'une heure + maximum. La valeur 0 signifie une absence de premption

    + +

    L'unit par dfaut pour ce dlai est la seconde, mais vous + pouvez ajouter un suffixe pour spcifier une unit diffrente ; ms + pour milliseconde, s pour seconde, min pour minute et h pour heure.. +

    + +

    Dans les versions antrieures 2.4.17, ce dlai tait cod en + dur et sa valeur tait 600 microsecondes. La valeur la plus proche + de cette ancienne valeur pour la directive + MemcacheConnTTL est donc 1ms.

    + + 
    # Dfinition d'un dlai de 10 minutes
+MemcacheConnTTL 10min
+# Dfinition d'un dlai de 60 secondes
+MemcacheConnTTL 60
    +
    + + +

    Langues Disponibles:  en  | diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en index 206537f0..6a0c4614 100644 --- a/docs/manual/mod/mod_ssl.html.en +++ b/docs/manual/mod/mod_ssl.html.en @@ -160,6 +160,7 @@ compatibility variables.

    SSL_CLIENT_S_DN_x509 string Component of client's Subject DN SSL_CLIENT_SAN_Email_n string Client certificate's subjectAltName extension entries of type rfc822Name SSL_CLIENT_SAN_DNS_n string Client certificate's subjectAltName extension entries of type dNSName +SSL_CLIENT_SAN_OTHER_msUPN_n string Client certificate's subjectAltName extension entries of type otherName, Microsoft User Principal Name form (OID 1.3.6.1.4.1.311.20.2.3) SSL_CLIENT_I_DN string Issuer DN of client's certificate SSL_CLIENT_I_DN_x509 string Component of client's Issuer DN SSL_CLIENT_V_START string Validity of client's certificate (start time) @@ -176,6 +177,7 @@ compatibility variables.

    SSL_SERVER_S_DN string Subject DN in server's certificate SSL_SERVER_SAN_Email_n string Server certificate's subjectAltName extension entries of type rfc822Name SSL_SERVER_SAN_DNS_n string Server certificate's subjectAltName extension entries of type dNSName +SSL_SERVER_SAN_OTHER_dnsSRV_n string Server certificate's subjectAltName extension entries of type otherName, SRVName form (OID 1.3.6.1.5.5.7.8.7, RFC 4985) SSL_SERVER_S_DN_x509 string Component of server's Subject DN SSL_SERVER_I_DN string Issuer DN of server's certificate SSL_SERVER_I_DN_x509 string Component of server's Issuer DN @@ -259,6 +261,9 @@ For backward compatibility there is additionally a special provided. Information about this function is provided in the Compatibility chapter.

    Example

    CustomLog "logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    +

    These formats even work without setting the StdEnvVars +option of the SSLOptions +directive.

    top

    Request Notes

    @@ -596,7 +601,7 @@ algorithm type.

    -Finally the the end-entity certificate's private key can also be +Finally the end-entity certificate's private key can also be added to the certificate file instead of using a separate SSLCertificateKeyFile directive. This practice is highly discouraged. If it is used, @@ -769,8 +774,8 @@ prefixes are:

    aNULL, eNULL and EXP ciphers are always disabled

    Beginning with version 2.4.7, null and export-grade -ciphers are always disabled, as mod_ssl unconditionally prepends any supplied -cipher suite string with !aNULL:!eNULL:!EXP: at initialization.

    +ciphers are always disabled, as mod_ssl unconditionally adds +!aNULL:!eNULL:!EXP to any cipher string at initialization.

    A simpler way to look at all of this is to use the ``openssl ciphers @@ -1118,7 +1123,7 @@ features are added to OpenSSL.

    depends on the OpenSSL version being used for mod_ssl (at least version 1.0.2 is required). For a list of supported command names, see the section Supported configuration file commands in the -SSL_CONF_cmd(3) manual page for OpenSSL.

    +SSL_CONF_cmd(3) manual page for OpenSSL.

    Some of the SSLOpenSSLConfCmd commands can be used as an alternative to existing directives (such as @@ -1333,7 +1338,7 @@ query can be done in two ways which can be configured by - + @@ -1348,7 +1353,8 @@ The available (case-insensitive) protocols are:

    This is the Secure Sockets Layer (SSL) protocol, version 3.0, from the Netscape Corporation. - It is the successor to SSLv2 and the predecessor to TLSv1.

    + It is the successor to SSLv2 and the predecessor to TLSv1, but is + deprecated in RFC 7568.

  • TLSv1

    @@ -1371,7 +1377,9 @@ The available (case-insensitive) protocols are:

    This is a shortcut for ``+SSLv3 +TLSv1'' or - when using OpenSSL 1.0.1 and later - - ``+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2, respectively.

    • + ``+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2'', respectively + (except for OpenSSL versions compiled with the ``no-ssl3'' configuration + option, where all does not include +SSLv3).

    Example

    SSLProtocol TLSv1
    @@ -1713,7 +1721,7 @@ directory contains the appropriate symbolic links.

    Description:Configure usable SSL/TLS protocol versions
    Syntax:SSLProtocol [+|-]protocol ...
    Default:SSLProtocol all
    Default:SSLProtocol all -SSLv3 (up to 2.4.16: all)
    Context:server config, virtual host
    Status:Extension
    Module:mod_ssl
    - + diff --git a/docs/manual/mod/mod_ssl.html.fr b/docs/manual/mod/mod_ssl.html.fr index a8dc92d0..75fd7dbd 100644 --- a/docs/manual/mod/mod_ssl.html.fr +++ b/docs/manual/mod/mod_ssl.html.fr @@ -29,6 +29,8 @@

    Langues Disponibles:  en  |  fr 

    +
    Cette traduction peut tre prime. Vrifiez la version + anglaise pour les changements rcents.
    Description:Configure usable SSL protocol flavors for proxy usage
    Syntax:SSLProxyProtocol [+|-]protocol ...
    Default:SSLProxyProtocol all
    Default:SSLProxyProtocol all -SSLv3 (up to 2.4.16: all)
    Context:server config, virtual host
    Override:Options
    Status:Extension
    @@ -186,6 +188,9 @@ export + + @@ -226,6 +231,9 @@ certificat de serveur de type rfc822Name + + @@ -892,9 +900,9 @@ peut plus y EXP sont toujours dsactivs

    Depuis la version 2.4.7, les algorithmes de type null ou destins l'exportation sont toujours -dsactivs car mod_ssl fait -obligatoirement prcder toute chane de suite d'algorithmes par -!aNULL:!eNULL:!EXP: l'initialisation.

    +dsactivs car mod_ssl ajoute obligatoirement +!aNULL:!eNULL:!EXP toute chane d'algorithme de +chiffrement l'initialisation.

    Pour vous simplifier la vie, vous pouvez utiliser la commande @@ -1266,8 +1274,7 @@ ce dernier beaucoup plus souple.

    utilise pour mod_ssl (la version minimale 1.0.2 est un prrequis). Pour obtenir la liste des commandes supportes, voir la section Supported configuration file commands de la page de -manuel SSL_CONF_cmd(3) -d'OpenSSL.

    +manuel d'OpenSSL SSL_CONF_cmd(3).

    Certaines commandes peuvent remplacer des directives existantes (comme SSLCipherSuite ou @@ -1514,7 +1521,7 @@ cette demande peut

    - + @@ -1530,7 +1537,9 @@ casse) :

    Il s'agit du protocole Secure Sockets Layer (SSL) version 3.0 de Netscape Corporation. C'est le successeur de SSLv2 et le - prdcesseur de TLSv1.

    + prdcesseur de TLSv1, mais est considr comme + obsolte dans la RFC + 7568

  • TLSv1

    @@ -1549,7 +1558,10 @@ casse) :

  • all

    C'est un raccourci pour ``+SSLv3 +TLSv1'' ou - partir - de la version 1.0.1 d'OpenSSL - ``+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2.

    • + de la version 1.0.1 d'OpenSSL - ``+SSLv3 +TLSv1 +TLSv1.1 + +TLSv1.2'' (sauf si OpenSSL a t compil avec l'option + ``no-ssl3'', auquel cas all n'inclura pas + +SSLv3).

    Exemple

    SSLProtocol TLSv1
    @@ -1927,7 +1939,7 @@ assurer que ce r - + diff --git a/docs/manual/mod/mod_status.html.tr.utf8 b/docs/manual/mod/mod_status.html.tr.utf8 index d89dce5b..a70919e8 100644 --- a/docs/manual/mod/mod_status.html.tr.utf8 +++ b/docs/manual/mod/mod_status.html.tr.utf8 @@ -32,7 +32,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    Description:Chiffrement de haut niveau bas sur les protocoles Secure Sockets Layer (SSL) et Transport Layer Security (TLS)
    Statut:Extension
    Les entres d'extension subjectAltName du certificat client de type rfc822Name
    SSL_CLIENT_SAN_DNS_n chane Les entres d'extension subjectAltName du certificat client de type dNSName
    SSL_CLIENT_SAN_OTHER_msUPN_nchane Extensions subjectAltName de type otherName du +certificat client, forme Microsoft du nom principal de l'utilisateur (OID 1.3.6.1.4.1.311.20.2.3)
    SSL_CLIENT_I_DN chane DN de l'metteur du certificat du client
    SSL_CLIENT_I_DN_x509 chane
    SSL_SERVER_SAN_DNS_n chane Les entres d'extension subjectAltName du certificat de serveur de type dNSName
    SSL_SERVER_SAN_OTHER_dnsSRV_nchane Extensions subjectAltName de type otherName du +certificat serveur, sous la forme SRVName (OID 1.3.6.1.5.5.7.8.7, RFC 4985)
    SSL_SERVER_I_DN chane DN de l'metteur du certificat du serveur
    SSL_SERVER_I_DN_x509 chane
    Description:Indique les versions du protocole SSL/TLS disponibles
    Syntaxe:SSLProtocol [+|-]protocole ...
    Dfaut:SSLProtocol all
    Dfaut:SSLProtocol all -SSLv3 (jusqu' la version 2.4.16 : all)
    Contexte:configuration du serveur, serveur virtuel
    Statut:Extension
    Module:mod_ssl
    Description:Dfinit les protocoles SSL disponibles pour la fonction de mandataire
    Syntaxe:SSLProxyProtocol [+|-]protocole ...
    Dfaut:SSLProxyProtocol all
    Dfaut:SSLProxyProtocol all -SSLv3 (jusqu' la version 2.4.16: all)
    Contexte:configuration du serveur, serveur virtuel
    AllowOverride:Options
    Statut:Extension
    @@ -93,7 +92,7 @@ etkin kılınmak istenirse httpd.conf dosyasına şu satırlar eklenebilir:

    -
    <Location /server-status>
+
    <Location "/server-status">
     SetHandler server-status
     Require host example.com
 </Location>
    
diff --git a/docs/manual/mod/mod_substitute.html.en b/docs/manual/mod/mod_substitute.html.en
index 423ce021..7de791f8 100644
--- a/docs/manual/mod/mod_substitute.html.en
+++ b/docs/manual/mod/mod_substitute.html.en
@@ -43,6 +43,7 @@
 
@@ -129,6 +130,27 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
     fixing up the HTML response as well.
    
 
 
+
+
    top
    
+
    SubstituteInheritBefore Directive
    
+
    Açıklama:Sunucu etkinliği ve başarımı hakkında bilgi sağlar.
    Durum:Temel
    Modül Betimleyici:status_module
    + + + + + + + + +
    Description:Change the merge order of inherited patterns
    Syntax:SubstituteInheritBefore on|off
    Default:SubstituteInheritBefore off
    Context:directory, .htaccess
    Override:FileInfo
    Status:Extension
    Module:mod_substitute
    Compatibility:Available in httpd 2.4.17 and later
    +

    Whether to apply the inherited Substitute + patterns first (on), or after the ones of the current + context (off). + SubstituteInheritBefore is itself inherited, + hence contexts that inherit it (those that don't specify their own + SubstituteInheritBefore value) will apply the + closest defined merge order.

    +
    top

    SubstituteMaxLineLength Directive

    diff --git a/docs/manual/mod/mod_substitute.html.fr b/docs/manual/mod/mod_substitute.html.fr index 08510a98..f631c46a 100644 --- a/docs/manual/mod/mod_substitute.html.fr +++ b/docs/manual/mod/mod_substitute.html.fr @@ -29,6 +29,8 @@

    Langues Disponibles:  en  |  fr 

    +
    Cette traduction peut tre prime. Vrifiez la version + anglaise pour les changements rcents.
    @@ -45,6 +47,7 @@ du serveur HTTP Apache
    Description:Effectue des oprations de recherche/remplacement sur les corps de rponses
    Statut:Extension
    @@ -144,6 +147,20 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
    top
    +

    Directive SubstituteInheritBefore

    + + + + + + + + + +
    Description:Change the merge order of inherited patterns
    Syntaxe:SubstituteInheritBefore on|off
    Dfaut:SubstituteInheritBefore off
    Contexte:rpertoire, .htaccess
    AllowOverride:FileInfo
    Statut:Extension
    Module:mod_substitute
    Compatibilit:Available in httpd 2.4.17 and later

    La documentation de cette directive + n'a pas encore t traduite. Veuillez vous reporter la version + en langue anglaise.

    +
    top

    Directive SubstituteMaxLineLength

    diff --git a/docs/manual/mod/mod_vhost_alias.html.tr.utf8 b/docs/manual/mod/mod_vhost_alias.html.tr.utf8 index 08cabf79..6db9b0b1 100644 --- a/docs/manual/mod/mod_vhost_alias.html.tr.utf8 +++ b/docs/manual/mod/mod_vhost_alias.html.tr.utf8 @@ -30,7 +30,6 @@  fr  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    Description:Dfinit la longueur de ligne maximale
    @@ -51,8 +50,8 @@ her durumda /cgi-bin/script.pl betiğini /usr/local/apache2/cgi-bin/script.pl betiğine eşleyecektir:

    - 
    ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
-VirtualScriptAlias /nerede/bilinmiyor/%0/cgi-bin/
    + 
    ScriptAlias "/cgi-bin/" "/usr/local/apache2/cgi-bin/"
+VirtualScriptAlias "/nerede/bilinmiyor/%0/cgi-bin/"
    @@ -144,7 +143,7 @@ Sanal Barındırma aşağıdaki yönergeler kullanılıyor olsun:

    UseCanonicalName    Off
-VirtualDocumentRoot /usr/local/apache/sankonlar/%0
    +VirtualDocumentRoot "/usr/local/apache/sankonlar/%0"

    http://example.com/dizin/dosya.html için yapılan bir istek @@ -156,7 +155,7 @@ VirtualDocumentRoot /usr/local/apache/sankonlar/%0 yapılandırma dosyanızda şöyle yapabilirsiniz:

    UseCanonicalName    Off
-VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2
    +VirtualDocumentRoot "/usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2"

    http://falan.filan.example.com/dizin/dosya.html için @@ -166,7 +165,7 @@ VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2

    Bu sefer de parçaları ismin sonundan toplayalım:

    - 
    VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.-1/%2.-2/%2.-3/%2
    + 
    VirtualDocumentRoot "/usr/local/apache/sankonlar/%3+/%2.-1/%2.-2/%2.-3/%2"

    Bu durumda istek @@ -175,7 +174,7 @@ VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2

    Şöyle bir şey de yapabilirsiniz:

    - 
    VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2.4+
    + 
    VirtualDocumentRoot "/usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2.4+"

    Bu örnek için istek @@ -206,8 +205,8 @@ VirtualDocumentRoot /usr/local/apache/sankonlar/%3+/%2.1/%2.2/%2.3/%2 olabilirdi:

    UseCanonicalName DNS
-VirtualDocumentRootIP /usr/local/apache/sankonlar/%1/%2/%3/%4/belgeler
-VirtualScriptAliasIP  /usr/local/apache/sankonlar/%1/%2/%3/%4/cgi-bin
    +VirtualDocumentRootIP "/usr/local/apache/sankonlar/%1/%2/%3/%4/belgeler" +VirtualScriptAliasIP "/usr/local/apache/sankonlar/%1/%2/%3/%4/cgi-bin"

    http://falan.filan.example.com/dizin/dosya.html için @@ -224,7 +223,7 @@ VirtualScriptAliasIP /usr/local/apache/sankonlar/%1/%2/%3/%4/cgi-bin karakterini içermesini isterseniz, bir biçem belirteci ile karışıklığa sebep olmaksızın bunu şöyle sağlayabilirsiniz:

    - 
    VirtualDocumentRoot /usr/local/apache/sankonlar/%2.0.%3.0
    + 
    VirtualDocumentRoot "/usr/local/apache/sankonlar/%2.0.%3.0"

    Bu durumda http://falan.filan.example.com/dizin/dosya.html diff --git a/docs/manual/mod/mpm_common.html.de b/docs/manual/mod/mpm_common.html.de index 44c15339..1198797d 100644 --- a/docs/manual/mod/mpm_common.html.de +++ b/docs/manual/mod/mpm_common.html.de @@ -46,6 +46,7 @@

  • GracefulShutdownTimeout
  • Listen
  • ListenBackLog
    • +
  • ListenCoresBucketsRatio
  • MaxConnectionsPerChild
  • MaxMemFree
  • MaxRequestWorkers
    • @@ -127,7 +128,7 @@ will exit. - +
    Açıklama:Kitlesel sanal konakların devingen olarak yapılandırılmasını sağlar
    Durum:Eklenti
    Modül Betimleyici:vhost_alias_module
    Voreinstellung:GracefulShutdownTimeout 0
    Kontext:Serverkonfiguration
    Status:MPM
    Modul:prefork, worker, event
    Modul:event, worker, prefork
    Kompatibilitt:Available in version 2.2 and later

    Die Dokumentation zu dieser Direktive wurde noch nicht bersetzt. Bitte schauen Sie in die englische @@ -224,6 +225,24 @@ will exit.

    top
    +

    ListenCoresBucketsRatio-Direktive

    + + + + + + + + +
    Beschreibung:Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    Syntax:ListenCoresBucketsRatio ratio
    Voreinstellung:ListenCoresBucketsRatio 0 (disabled)
    Kontext:Serverkonfiguration
    Status:MPM
    Modul:event, worker, prefork
    Kompatibilitt:Available in Apache HTTP Server 2.4.17, with a kernel supporting +the socket option SO_REUSEPORT and distributing new connections +evenly accross listening processes' (or threads') sockets using it (eg. Linux +3.9 and later, but not the current implementations of SO_REUSEPORT +in *BSDs.

    Die Dokumentation zu dieser Direktive wurde + noch nicht bersetzt. Bitte schauen Sie in die englische + Version.

    +
    top

    MaxConnectionsPerChild-Direktive

    - +
    Beschreibung:Limit on the number of connections that an individual child server @@ -232,7 +251,7 @@ will handle during its life
    Voreinstellung:MaxConnectionsPerChild 0
    Kontext:Serverkonfiguration
    Status:MPM
    Modul:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker
    Modul:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2
    Kompatibilitt:Available Apache HTTP Server 2.3.9 and later. The old name MaxRequestsPerChild is still supported.

    Die Dokumentation zu dieser Direktive wurde @@ -265,7 +284,7 @@ simultaneously Voreinstellung:See usage for details Kontext:Serverkonfiguration Status:MPM -Modul:event, prefork, worker +Modul:event, worker, prefork

    Die Dokumentation zu dieser Direktive wurde noch nicht bersetzt. Bitte schauen Sie in die englische Version.

    @@ -425,7 +444,7 @@ ablegt Voreinstellung:ReceiveBufferSize 0 Kontext:Serverkonfiguration Status:MPM -Modul:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker +Modul:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2

    Die Dokumentation zu dieser Direktive wurde noch nicht bersetzt. Bitte schauen Sie in die englische Version.

    diff --git a/docs/manual/mod/mpm_common.html.en b/docs/manual/mod/mpm_common.html.en index 4e53e370..61ef48ec 100644 --- a/docs/manual/mod/mpm_common.html.en +++ b/docs/manual/mod/mpm_common.html.en @@ -43,6 +43,7 @@ more than one multi-processing module (MPM)
  • GracefulShutdownTimeout
  • Listen
  • ListenBackLog
    • +
  • ListenCoresBucketsRatio
  • MaxConnectionsPerChild
  • MaxMemFree
  • MaxRequestWorkers
    • @@ -70,7 +71,7 @@ switch before dumping core Default:See usage for the default setting Context:server config Status:MPM -Module:event, prefork, worker +Module:event, worker, prefork

    This controls the directory to which Apache httpd attempts to switch before dumping core. If your operating system is configured to @@ -119,7 +120,7 @@ after a crash Default:EnableExceptionHook Off Context:server config Status:MPM -Module:event, prefork, worker +Module:event, worker, prefork

    For safety reasons this directive is only available if the server was configured with the --enable-exception-hook option. It @@ -140,7 +141,7 @@ will exit. Default:GracefulShutdownTimeout 0 Context:server config Status:MPM -Module:prefork, worker, event +Module:event, worker, prefork Compatibility:Available in version 2.2 and later

    The GracefulShutdownTimeout specifies @@ -159,7 +160,7 @@ listens to Syntax:Listen [IP-address:]portnumber [protocol] Context:server config Status:MPM -Module:mpm_netware, mpm_winnt, mpmt_os2, prefork, worker, event +Module:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2 Compatibility:The protocol argument was added in 2.1.5

    The Listen directive instructs Apache httpd to @@ -238,7 +239,7 @@ including other causes. Default:ListenBacklog 511 Context:server config Status:MPM -Module:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2

    The maximum length of the queue of pending connections. Generally no tuning is needed or desired, however on some @@ -252,6 +253,41 @@ including other causes. but use a number based on (but normally larger than) what is set.

    + +
    top
    +

    ListenCoresBucketsRatio Directive

    + + + + + + + + +
    Description:Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    Syntax:ListenCoresBucketsRatio ratio
    Default:ListenCoresBucketsRatio 0 (disabled)
    Context:server config
    Status:MPM
    Module:event, worker, prefork
    Compatibility:Available in Apache HTTP Server 2.4.17, with a kernel supporting +the socket option SO_REUSEPORT and distributing new connections +evenly accross listening processes' (or threads') sockets using it (eg. Linux +3.9 and later, but not the current implementations of SO_REUSEPORT +in *BSDs.
    +

    A ratio between the number of (online) CPU cores and the + number of listeners' buckets can be used to make Apache HTTP Server create + num_cpu_cores / ratio listening buckets, each containing its + own Listen-ing socket(s) on the same port(s), and + then make each child handle a single bucket (with round-robin distribution + of the buckets at children creation time).

    + +

    ListenCoresBucketsRatio can improve the + scalability when accepting new connections is/becomes the bottleneck. + On systems with a large number of CPU cores, enabling this feature has + been tested to show significant performances improvement and shorter + responses time.

    + +

    There must be at least twice the number of CPU cores than the + configured ratio for this to be active. The recommended + ratio is 8, hence at least 16 + cores should be available at runtime when this value is used.

    +
    top

    MaxConnectionsPerChild Directive

    @@ -262,7 +298,7 @@ will handle during its life Default:MaxConnectionsPerChild 0 Context:server config Status:MPM -Module:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2 Compatibility:Available Apache HTTP Server 2.3.9 and later. The old name MaxRequestsPerChild is still supported. @@ -287,7 +323,7 @@ to hold without calling free() Default:MaxMemFree 2048 Context:server config Status:MPM -Module:event, mpm_netware, prefork, worker, mpm_winnt +Module:event, worker, prefork, mpm_winnt, mpm_netware

    The MaxMemFree directive sets the maximum number of free Kbytes that every allocator is allowed @@ -305,7 +341,7 @@ simultaneously Default:See usage for details Context:server config Status:MPM -Module:event, prefork, worker +Module:event, worker, prefork

    The MaxRequestWorkers directive sets the limit on the number of simultaneous requests that will be served. Any @@ -341,13 +377,13 @@ simultaneously Default:See usage for details Context:server config Status:MPM -Module:event, mpm_netware, mpmt_os2, worker +Module:event, worker, mpm_netware, mpmt_os2

    Maximum number of idle threads. Different MPMs deal with this directive differently.

    -

    For worker, the default is - MaxSpareThreads 250. This MPM deals with idle threads +

    For worker and event, the default is + MaxSpareThreads 250. These MPMs deal with idle threads on a server-wide basis. If there are too many idle threads in the server then child processes are killed until the number of idle threads is less than this number.

    @@ -368,9 +404,10 @@ simultaneously
  • mpm_netware wants the value to be greater than MinSpareThreads.
    • -
  • For worker, the value must be greater or equal - to the sum of MinSpareThreads - and ThreadsPerChild.
    • +
  • For worker and event, the value + must be greater or equal to the sum of + MinSpareThreads and + ThreadsPerChild.
    • @@ -390,15 +427,14 @@ spikes Default:See usage for details Context:server config Status:MPM -Module:event, mpm_netware, mpmt_os2, worker +Module:event, worker, mpm_netware, mpmt_os2

    Minimum number of idle threads to handle request spikes. - Different MPMs deal with this directive - differently.

    + Different MPMs deal with this directive differently.

    -

    worker uses a default of MinSpareThreads - 75 and deals with idle threads on a server-wide basis. If - there aren't enough idle threads in the server then child +

    worker and event use a default of + MinSpareThreads 75 and deal with idle threads on a server-wide + basis. If there aren't enough idle threads in the server then child processes are created until the number of idle threads is greater than number.

    @@ -426,7 +462,7 @@ of the daemon Default:PidFile logs/httpd.pid Context:server config Status:MPM -Module:event, mpm_winnt, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpm_winnt, mpmt_os2

    The PidFile directive sets the file to which the server records the process id of the daemon. If the @@ -459,7 +495,7 @@ of the daemon Default:ReceiveBufferSize 0 Context:server config Status:MPM -Module:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2

    The server will set the TCP receive buffer size to the number of bytes specified.

    @@ -477,7 +513,7 @@ the child processes Default:ScoreBoardFile logs/apache_runtime_status Context:server config Status:MPM -Module:event, mpm_winnt, prefork, worker +Module:event, worker, prefork, mpm_winnt

    Apache HTTP Server uses a scoreboard to communicate between its parent and child processes. Some architectures require a file to facilitate @@ -512,7 +548,7 @@ Apache HTTP Server Default:SendBufferSize 0 Context:server config Status:MPM -Module:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2

    Sets the server's TCP send buffer size to the number of bytes specified. It is often useful to set this past the OS's standard @@ -540,14 +576,14 @@ Apache HTTP Server Default:See usage for details Context:server config Status:MPM -Module:event, prefork, worker +Module:event, worker, prefork

    For the prefork MPM, this directive sets the maximum configured value for MaxRequestWorkers for the lifetime of the - Apache httpd process. For the worker MPM, this directive - in combination with ThreadLimit sets + Apache httpd process. For the worker and event + MPMs, this directive in combination with ThreadLimit sets the maximum configured value for MaxRequestWorkers for the lifetime of the - Apache httpd process. Any attempts to change this directive during a + Apache httpd process. Any attempts to change this directive during a restart will be ignored, but MaxRequestWorkers can be modified during a restart.

    @@ -563,9 +599,9 @@ Apache HTTP Server Do not set the value of this directive any higher than what you might want to set MaxRequestWorkers to.

    -

    With worker, use this directive only - if your MaxRequestWorkers and - ThreadsPerChild +

    With worker and event, use this + directive only if your MaxRequestWorkers + and ThreadsPerChild settings require more than 16 server processes (default). Do not set the value of this directive any higher than the number of server processes required by what you may want for MaxRequestWorkers and ThreadsPerChild.

    @@ -591,7 +627,7 @@ Apache HTTP Server Default:See usage for details Context:server config Status:MPM -Module:event, mpmt_os2, prefork, worker +Module:event, worker, prefork, mpmt_os2

    The StartServers directive sets the number of child server processes created on startup. As the number @@ -601,10 +637,10 @@ Apache HTTP Server MinSpareServers, MaxSpareServers) there is usually little reason to adjust this parameter.

    -

    The default value differs from MPM to MPM. worker - defaults to StartServers 3; prefork - defaults to 5; mpmt_os2 defaults to - 2.

    +

    The default value differs from MPM to MPM. worker and + event default to StartServers 3; + prefork defaults to 5; mpmt_os2 + defaults to 2.

    top
    @@ -641,7 +677,7 @@ per child process Default:See usage for details Context:server config Status:MPM -Module:event, mpm_winnt, worker +Module:event, worker, mpm_winnt

    This directive sets the maximum configured value for ThreadsPerChild for the lifetime of the Apache httpd process. Any attempts to change this directive @@ -681,7 +717,7 @@ per child process Default:See usage for details Context:server config Status:MPM -Module:event, mpm_winnt, worker +Module:event, worker, mpm_winnt

    This directive sets the number of threads created by each child process. The child creates these threads at startup and @@ -706,7 +742,7 @@ client connections Default:65536 on NetWare; varies on other operating systems Context:server config Status:MPM -Module:event, mpm_netware, mpmt_os2, mpm_winnt, worker, event +Module:event, worker, mpm_winnt, mpm_netware, mpmt_os2 Compatibility:Available in Apache HTTP Server 2.1 and later

    The ThreadStackSize directive sets the diff --git a/docs/manual/mod/mpm_common.html.fr b/docs/manual/mod/mpm_common.html.fr index 7c6d6d18..921b440a 100644 --- a/docs/manual/mod/mpm_common.html.fr +++ b/docs/manual/mod/mpm_common.html.fr @@ -32,6 +32,8 @@  ja  |  tr 

    +
    Cette traduction peut tre prime. Vrifiez la version + anglaise pour les changements rcents.
    Description:Une srie de directives implmentes par plusieurs modules multi-processus (MPM)
    Statut:MPM
    @@ -43,6 +45,7 @@ modules multi-processus (MPM)
  • GracefulShutdownTimeout
  • Listen
  • ListenBackLog
    • +
  • ListenCoresBucketsRatio
  • MaxConnectionsPerChild
  • MaxMemFree
  • MaxRequestWorkers
    • @@ -277,6 +280,49 @@ connexions la valeur spcifie pour l'argument backlog, mais s'en inspirent seulement (et choisissent en gnral une valeur suprieure).

    + +
    top
    +

    Directive ListenCoresBucketsRatio

    + + + + + + + + +
    Description:Rapport entre le nombre de coeurs de processeur activs et +le nombre de segments d'coute
    Syntaxe:ListenCoresBucketsRatio ratio
    Dfaut:ListenCoresBucketsRatio 0 (disabled)
    Contexte:configuration du serveur
    Statut:MPM
    Module:event, prefork, worker
    Compatibilit:Disponible partir de la version 2.4.13 du serveur HTTP +Apache, avec un noyau supportant l'option de socket +SO_REUSEPORT, et distribuant uniformment les nouvelles +connexions aux sockets d'coute des processus (ou threads) qui +l'utilisent (par exemple Linux versions 3.9 et ultrieures, mais pas +l'implmentation courante de SO_REUSEPORT par les +plateformes de type BSD.
    +

    Vous pouvez utiliser la directive + ListenCoresBucketsRatio pour spcifier un + ratio entre le nombre de coeurs de CPU activs et le + nombre de segments d'coute (listeners' buckets) souhaits ; le + serveur HTTP Apache va alors crernum_cpu_cores / ratio + segments d'coute, chacun contenant son propre socket d'coute + Listen sur le ou les mmes ports ; chaque + processus enfant sera associ un seul segment d'coute (avec une + distribution de type round-robin des segments la cration des + processus enfants).

    + +

    La directive ListenCoresBucketsRatio peut + amliorer le support de la monte en charge lorsque l'arrive de + nouvelles connexions est/devient un goulot d'tranglement. Le test + de cette fonctionnalit avec des machines possdant un nombre de + coeurs de CPU important a permit de constater une amlioration des + performances significative et des temps de rponse plus courts.

    + +

    Pour que cette fonctionnalit soit active, le nombre de coeurs + de CPU doit tre gal au moins au double du ratio + spcifi. Si vous spcifiez la valeur recommande pour + ratio, savoir 8, le nombre minimum de + coeurs de processeurs disponibles sera alors de 16.

    +
    top

    Directive MaxConnectionsPerChild

    diff --git a/docs/manual/mod/mpm_common.html.ja.utf8 b/docs/manual/mod/mpm_common.html.ja.utf8 index 79552d3a..d2e05ebe 100644 --- a/docs/manual/mod/mpm_common.html.ja.utf8 +++ b/docs/manual/mod/mpm_common.html.ja.utf8 @@ -47,6 +47,7 @@
  • GracefulShutdownTimeout
  • Listen
  • ListenBackLog
    • +
  • ListenCoresBucketsRatio
  • MaxConnectionsPerChild
  • MaxMemFree
  • MaxRequestWorkers
    • @@ -243,6 +244,24 @@
    top
    +

    ListenCoresBucketsRatio ディレクティブ

    + + + + + + + + +
    説明:Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    構文:ListenCoresBucketsRatio ratio
    デフォルト:ListenCoresBucketsRatio 0 (disabled)
    コンテキスト:サーバ設定ファイル
    ステータス:MPM
    モジュール:event, worker, prefork
    互換性:Available in Apache HTTP Server 2.4.17, with a kernel supporting +the socket option SO_REUSEPORT and distributing new connections +evenly accross listening processes' (or threads') sockets using it (eg. Linux +3.9 and later, but not the current implementations of SO_REUSEPORT +in *BSDs.

    このディレクティブの解説文書は + まだ翻訳されていません。英語版をご覧ください。 +

    +
    top

    MaxConnectionsPerChild ディレクティブ

    - +
    説明:Limit on the number of connections that an individual child server @@ -251,7 +270,7 @@ will handle during its life
    デフォルト:MaxConnectionsPerChild 0
    コンテキスト:サーバ設定ファイル
    ステータス:MPM
    モジュール:event, mpm_netware, mpm_winnt, mpmt_os2, prefork, worker
    モジュール:event, worker, prefork, mpm_winnt, mpm_netware, mpmt_os2
    互換性:Available Apache HTTP Server 2.3.9 and later. The old name MaxRequestsPerChild is still supported.

    このディレクティブの解説文書は @@ -283,7 +302,7 @@ simultaneously デフォルト:See usage for details コンテキスト:サーバ設定ファイル ステータス:MPM -モジュール:event, prefork, worker +モジュール:event, worker, prefork

    このディレクティブの解説文書は まだ翻訳されていません。英語版をご覧ください。

    diff --git a/docs/manual/mod/mpm_common.html.tr.utf8 b/docs/manual/mod/mpm_common.html.tr.utf8 index 2bbc26c9..381ace9a 100644 --- a/docs/manual/mod/mpm_common.html.tr.utf8 +++ b/docs/manual/mod/mpm_common.html.tr.utf8 @@ -32,6 +32,7 @@  ja  |  tr 

    +
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    Açıklama:Birden fazla Çok Süreçlilik Modülü (MPM) tarafından gerçeklenmiş yönergeler bütünü.
    Durum:MPM
    @@ -43,6 +44,7 @@
  • GracefulShutdownTimeout
  • Listen
  • ListenBackLog
    • +
  • ListenCoresBucketsRatio
  • MaxConnectionsPerChild
  • MaxMemFree
  • MaxRequestWorkers
    • @@ -265,6 +267,42 @@ açıklaması ile ne belirttiğinize bakmaksızın kendisi için atanmış değeri (fakat normal olarak daha büyüğünü) kullanacağına dikkat ediniz.

    + +
    top
    +

    ListenCoresBucketsRatio Yönergesi

    + + + + + + + + +
    Açıklama:İşlemci çekirdek sayısının dinleyenlerin buket sayısına oranı
    Sözdizimi:ListenCoresBucketsRatio oran
    Öntanımlı:ListenCoresBucketsRatio 0 (iptal)
    Bağlam:sunucu geneli
    Durum:MPM
    Modül:event, prefork, worker
    Uyumluluk:Apache HTTP Server 2.4.17 ve sonrasında, + SO_REUSEPORT soket seçeneğini destekleyen bir Linux çekirdeğinin + varlığında ve yeni bağlantıların bunu kullanan dinleme süreçlerinin (veya + evrelerinin) soketleri arasında eşit paylaştırılıyor olması halinde + kullanılır. Örneğin Linux 3.9 ve sonrasında kullanılabilirken *BSD'lerin şu + anki SO_REUSEPORT gerçeklenimi ile kullanılamaz.
    +

    (çevrimiçi) İşlemci çekirdek sayısının dinleyenlerin buket sayısına + oranı, Apache HTTP Sunucusunun işlemci_çekirdek_sayısı / + oran sayıda dinleme buketi oluşturması için kullanılabilir ve bu + buketlerin herbiri aynı portlar üzerinde kendi + Listen soketlerini içeriyor olurlar. Bu durumda, + her çocuk süreç tek bir buketle çalışır (çocukların oluşturulması + sırasında buketler döner dağılımla eşleştirilir).

    + +

    ListenCoresBucketsRatio yeni bağlantılar kabul + edilirken/darboğazlar oluşurken ölçeklenebilirliği arttırabilir. Çok + sayıda işlemci çekirdekli sistemlerde bu özelliğin etkinleştirilmesinin + önemli başarım artışları ve daha kısa yanıt süreleri oluşturduğu + gözlenmiştir.

    + +

    Bu oranın etkin olabilmesi için işlemci çekirdeği çift sayıda + olmalıdır. oran için önerilen değer 8 olup bu + durumda çalışma anında en azından 16 çekirdek + kullanılabiliyor olmalıdır.

    +
    top

    MaxConnectionsPerChild Yönergesi

    diff --git a/docs/manual/mod/mpmt_os2.html.en b/docs/manual/mod/mpmt_os2.html.en index 79226b0c..0617f0c5 100644 --- a/docs/manual/mod/mpmt_os2.html.en +++ b/docs/manual/mod/mpmt_os2.html.en @@ -43,7 +43,7 @@ StartServers processes accepting connections.

    -

    Each child process consists of a a pool of worker threads and a +

    Each child process consists of a pool of worker threads and a main thread that accepts connections and passes them to the workers via a work queue. The worker thread pool is dynamic, managed by a maintenance thread so that the number of idle threads is kept between diff --git a/docs/manual/mod/quickreference.html.de b/docs/manual/mod/quickreference.html.de index b0a58bb7..bf4fed3d 100644 --- a/docs/manual/mod/quickreference.html.de +++ b/docs/manual/mod/quickreference.html.de @@ -472,118 +472,129 @@ angegebenen MIME-Content-Type will exit. Group unix-group #-1 sBGroup under which the server will answer requests -Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +H2Direct on|off on (for non TLS) svEH2 Direct Protocol Switch +H2MaxSessionStreams n 100 svEMaximum number of active streams per HTTP/2 session. +H2MaxWorkerIdleSeconds n 600 sEMaximum number of seconds h2 workers remain idle until shut down. +H2MaxWorkers nsEMaximum number of worker threads to use per child process. +H2MinWorkers nsEMinimal number of worker threads to use per child process. +H2SerializeHeaders on|off off svESerialize Request/Resoonse Processing Switch +H2SessionExtraFiles n 5 svENumber of Extra File Handles +H2StreamMaxMemSize bytes 65536 svEMaximum amount of output data buffered per stream. +H2WindowSize bytes 65536 svESize of Stream Window for upstream data. +Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP response headers -HeaderName filenamesvdhBName of the file that will be inserted at the top +svdhEConfigure HTTP response headers +HeaderName filenamesvdhBName of the file that will be inserted at the top of the index listing -HeartbeatAddress addr:portsXMulticast address for heartbeat packets -HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests -HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending +HeartbeatAddress addr:portsXMulticast address for heartbeat packets +HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests +HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending heartbeat requests to this server -HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data -HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data -HostnameLookups On|Off|Double Off svdCAktiviert DNS-Lookups auf Client-IP-Adressen -IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote +HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data +HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data +HostnameLookups On|Off|Double Off svdCAktiviert DNS-Lookups auf Client-IP-Adressen +IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote user -IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests -<If expression> ... </If>svdhCContains directives that apply only if a condition is +IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests +<If expression> ... </If>svdhCContains directives that apply only if a condition is satisfied by a request at runtime -<IfDefine [!]Parametername> ... - </IfDefine>svdhCSchliet Direktiven ein, die nur ausgefhrt werden, +<IfDefine [!]Parametername> ... + </IfDefine>svdhCSchliet Direktiven ein, die nur ausgefhrt werden, wenn eine Testbedingung beim Start wahr ist -<IfModule [!]Modulname|Modulbezeichner> - ... </IfModule>svdhCSchliet Direktiven ein, die abhngig vom +<IfModule [!]Modulname|Modulbezeichner> + ... </IfModule>svdhCSchliet Direktiven ein, die abhngig vom Vorhandensein oder Fehlen eines speziellen Moduls ausgefhrt werden -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include Dateiname|VerzeichnissvdCFgt andere Konfigurationsdateien innerhalb der +Include Dateiname|VerzeichnissvdCFgt andere Konfigurationsdateien innerhalb der Server-Konfigurationsdatei ein -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCAktiviert persistente HTTP-Verbindungen -KeepAliveTimeout Sekunden 5 svCZeitspanne, die der Server whrend persistenter Verbindungen +KeepAlive On|Off On svCAktiviert persistente HTTP-Verbindungen +KeepAliveTimeout Sekunden 5 svCZeitspanne, die der Server whrend persistenter Verbindungen auf nachfolgende Anfragen wartet -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precendence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit Methode [Methode] ... > ... - </Limit>svdhCBeschrnkt die eingeschlossenen Zugriffskontrollen auf +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit Methode [Methode] ... > ... + </Limit>svdhCBeschrnkt die eingeschlossenen Zugriffskontrollen auf bestimmte HTTP-Methoden -<LimitExcept Methode [Methode] ... > ... - </LimitExcept>svdhCBeschrnkt Zugriffskontrollen auf alle HTTP-Methoden +<LimitExcept Methode [Methode] ... > ... + </LimitExcept>svdhCBeschrnkt Zugriffskontrollen auf alle HTTP-Methoden auer den genannten -LimitInternalRecursion Zahl [Zahl] 10 svCBestimmt die maximale Anzahl interner Umleitungen und +LimitInternalRecursion Zahl [Zahl] 10 svCBestimmt die maximale Anzahl interner Umleitungen und verschachtelter Unteranfragen -LimitRequestBody Bytes 0 svdhCBegrenzt die Gesamtgre des vom Client gesendeten +LimitRequestBody Bytes 0 svdhCBegrenzt die Gesamtgre des vom Client gesendeten HTTP-Request-Body -LimitRequestFields Anzahl 100 sCBegrenzt die Anzahl der HTTP-Request-Header, die vom Client +LimitRequestFields Anzahl 100 sCBegrenzt die Anzahl der HTTP-Request-Header, die vom Client entgegengenommen werden -LimitRequestFieldsize BytessCBegrenzt die Lnge des vom Client gesendeten +LimitRequestFieldsize BytessCBegrenzt die Lnge des vom Client gesendeten HTTP-Request-Headers -LimitRequestLine Bytes 8190 sCBegrenzt die Lnge der vom Client entgegengenommenen +LimitRequestLine Bytes 8190 sCBegrenzt die Lnge der vom Client entgegengenommenen HTTP-Anfragezeile -LimitXMLRequestBody Bytes 1000000 svdhCBegrenzt die Gre eines XML-basierten +LimitXMLRequestBody Bytes 1000000 svdhCBegrenzt die Gre eines XML-basierten Request-Bodys -Listen [IP-Addresse:]PortsMIP-Adressen und Ports, an denen der Server lauscht -ListenBacklog backlogsMMaximale Lnge der Warteschlange schwebender +Listen [IP-Addresse:]PortsMIP-Adressen und Ports, an denen der Server lauscht +ListenBacklog backlogsMMaximale Lnge der Warteschlange schwebender Verbindungen +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +listeners' buckets LoadFile filename [filename] ...svELink in the named object file or library LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules @@ -646,386 +657,390 @@ simultaneously Servers MaxSpareThreads AnzahlsMMaximale Anzahl unbeschftigter Threads MaxThreads number 2048 sMSet the maximum number of worker threads -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers Anzahl 5 sMMinimale Anzahl der unbeschftigten Kindprozesse des +MinSpareServers Anzahl 5 sMMinimale Anzahl der unbeschftigten Kindprozesse des Servers -MinSpareThreads AnzahlsMMinimale Anzahl unbeschftigter Threads, die zur +MinSpareThreads AnzahlsMMinimale Anzahl unbeschftigter Threads, die zur Bedienung von Anfragespitzen zur Verfgung stehen -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost Adresse[:Port]sCBestimmt eine IP-Adresse fr den Betrieb namensbasierter +NameVirtualHost Adresse[:Port]sCBestimmt eine IP-Adresse fr den Betrieb namensbasierter virtueller Hosts -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]Option [[+|-]Option] ... All svdhCDefiniert, welche Eigenschaften oder Funktionen in einem +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]Option [[+|-]Option] ... All svdhCDefiniert, welche Eigenschaften oder Funktionen in einem bestimmten Verzeichnis verfgbar sind - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile Dateiname logs/httpd.pid sMDatei, in welcher der Server die Prozess-ID des Daemons +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile Dateiname logs/httpd.pid sMDatei, in welcher der Server die Prozess-ID des Daemons ablegt -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] URL-path -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] URL-path +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP request headers -RequestReadTimeout +svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU Sekunden|max [Sekunden|max]svdhCBegrenzt den CPU-Verbrauch von Prozessen, die von +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU Sekunden|max [Sekunden|max]svdhCBegrenzt den CPU-Verbrauch von Prozessen, die von Apache-Kindprozessen gestartet wurden -RLimitMEM Bytes|max [Bytes|max]svdhCBegrenzt den Speicherverbrauch von Prozessen, die von +RLimitMEM Bytes|max [Bytes|max]svdhCBegrenzt den Speicherverbrauch von Prozessen, die von Apache-Kindprozessen gestartet wurden -RLimitNPROC Zahl|max [Zahl|max]svdhCBegrenzt die Anzahl der Prozesse, die von Prozessen gestartet +RLimitNPROC Zahl|max [Zahl|max]svdhCBegrenzt die Anzahl der Prozesse, die von Prozessen gestartet werden knnen, der ihrerseits von Apache-Kinprozessen gestartet wurden -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile Dateipfad logs/apache_status sMAblageort der Datei, die zur Speicherung von Daten zur +ScoreBoardFile Dateipfad logs/apache_status sMAblageort der Datei, die zur Speicherung von Daten zur Koordinierung der Kindprozesse verwendet wird -Script Methode CGI-SkriptsvdBAktiviert ein CGI-Skript fr eine bestimmte +Script Methode CGI-SkriptsvdBAktiviert ein CGI-Skript fr eine bestimmte Anfragemethode. -ScriptAlias URL-path -file-path|directory-pathsvBMaps a URL to a filesystem location and designates the +ScriptAlias URL-path +file-path|directory-pathsvBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCMethode zur Ermittlung des Interpreters von +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCMethode zur Ermittlung des Interpreters von CGI-Skripten -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize Bytes 0 sMGre des TCP-Puffers -ServerAdmin E-Mail-Adresse|URLsvCE-Mail-Adresse, die der Server in Fehlermeldungen einfgt, +SendBufferSize Bytes 0 sMGre des TCP-Puffers +ServerAdmin E-Mail-Adresse|URLsvCE-Mail-Adresse, die der Server in Fehlermeldungen einfgt, welche an den Client gesendet werden -ServerAlias Hostname [Hostname] ...vCAlternativer Name fr einen Host, der verwendet wird, wenn +ServerAlias Hostname [Hostname] ...vCAlternativer Name fr einen Host, der verwendet wird, wenn Anfragen einem namensbasierten virtuellen Host zugeordnet werden -ServerLimit AnzahlsMObergrenze fr die konfigurierbare Anzahl von +ServerLimit AnzahlsMObergrenze fr die konfigurierbare Anzahl von Prozessen -ServerName -voll-qualifizierter-Domainname[:port]svCRechnername und Port, die der Server dazu verwendet, sich +ServerName +voll-qualifizierter-Domainname[:port]svCRechnername und Port, die der Server dazu verwendet, sich selbst zu identifizieren -ServerPath URL-PfadvCVeralteter URL-Pfad fr einen namensbasierten +ServerPath URL-PfadvCVeralteter URL-Pfad fr einen namensbasierten virtuellen Host, auf den von einem inkompatiblen Browser zugegriffen wird -ServerRoot Verzeichnis /usr/local/apache sCBasisverzeichnis der Serverinstallation -ServerSignature On|Off|EMail Off svdhCKonfiguriert die Fuzeile von servergenerierten +ServerRoot Verzeichnis /usr/local/apache sCBasisverzeichnis der Serverinstallation +ServerSignature On|Off|EMail Off svdhCKonfiguriert die Fuzeile von servergenerierten Dokumenten -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCKonfiguriert den HTTP-Response-Header +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCKonfiguriert den HTTP-Response-Header Server -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable [value]svdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable [value]svdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler Handlername|NonesvdhCErzwingt die Verarbeitung aller passenden Dateien durch +SetHandler Handlername|NonesvdhCErzwingt die Verarbeitung aller passenden Dateien durch einen Handler -SetInputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Client-Anfragen und POST-Eingaben +SetInputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Client-Anfragen und POST-Eingaben verarbeiten -SetOutputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Antworten des Servers verarbeiten -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SetOutputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Antworten des Servers verarbeiten +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCompression on|off off svEEnable compression on the SSL level -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries -SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCompression on|off off svEEnable compression on the SSL level +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries +SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates +SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets -SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed -SSLSRPVerifierFile file-pathsvEPath to SRP verifier file -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets +SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed +SSLSRPVerifierFile file-pathsvEPath to SRP verifier file +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses +SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation +SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client +SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache +SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual host. -SSLUserName varnamesdhEVariable name to determine user name -SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLUserName varnamesdhEVariable name to determine user name +SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers AnzahlsMAnzahl der Kindprozesse des Servers, die beim Start erstellt +StartServers AnzahlsMAnzahl der Kindprozesse des Servers, die beim Start erstellt werden -StartThreads AnzahlsMAnzahl der Threads, die beim Start erstellt werden -Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +StartThreads AnzahlsMAnzahl der Threads, die beim Start erstellt werden +Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size Suexec On|OffsBEnable or disable the suEXEC feature SuexecUserGroup User GroupsvEUser and group for CGI programs to run as diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index ca697e87..11a38299 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -467,116 +467,127 @@ media type in the HTTP Content-Type header field will exit. Group unix-group #-1 sBGroup under which the server will answer requests -Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +H2Direct on|off on (for non TLS) svEH2 Direct Protocol Switch +H2MaxSessionStreams n 100 svEMaximum number of active streams per HTTP/2 session. +H2MaxWorkerIdleSeconds n 600 sEMaximum number of seconds h2 workers remain idle until shut down. +H2MaxWorkers nsEMaximum number of worker threads to use per child process. +H2MinWorkers nsEMinimal number of worker threads to use per child process. +H2SerializeHeaders on|off off svESerialize Request/Resoonse Processing Switch +H2SessionExtraFiles n 5 svENumber of Extra File Handles +H2StreamMaxMemSize bytes 65536 svEMaximum amount of output data buffered per stream. +H2WindowSize bytes 65536 svESize of Stream Window for upstream data. +Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP response headers -HeaderName filenamesvdhBName of the file that will be inserted at the top +svdhEConfigure HTTP response headers +HeaderName filenamesvdhBName of the file that will be inserted at the top of the index listing -HeartbeatAddress addr:portsXMulticast address for heartbeat packets -HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests -HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending +HeartbeatAddress addr:portsXMulticast address for heartbeat packets +HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests +HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending heartbeat requests to this server -HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data -HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data -HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses -IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote +HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data +HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data +HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses +IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote user -IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests -<If expression> ... </If>svdhCContains directives that apply only if a condition is +IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests +<If expression> ... </If>svdhCContains directives that apply only if a condition is satisfied by a request at runtime -<IfDefine [!]parameter-name> ... - </IfDefine>svdhCEncloses directives that will be processed only +<IfDefine [!]parameter-name> ... + </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup -<IfModule [!]module-file|module-identifier> ... - </IfModule>svdhCEncloses directives that are processed conditional on the +<IfModule [!]module-file|module-identifier> ... + </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precendence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +listeners' buckets LoadFile filename [filename] ...svELink in the named object file or library LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules @@ -639,380 +650,384 @@ simultaneously MaxSpareServers number 10 sMMaximum number of idle child server processes MaxSpareThreads numbersMMaximum number of idle threads MaxThreads number 2048 sMSet the maximum number of worker threads -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual +NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] URL-path -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] URL-path +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP request headers -RequestReadTimeout +svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched by Apache httpd children -RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched +RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched by Apache httpd children -RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by +RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by processes launched by Apache httpd children -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for +ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for the child processes -Script method cgi-scriptsvdBActivates a CGI script for a particular request +Script method cgi-scriptsvdBActivates a CGI script for a particular request method. -ScriptAlias URL-path -file-path|directory-pathsvBMaps a URL to a filesystem location and designates the +ScriptAlias URL-path +file-path|directory-pathsvBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI scripts -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize bytes 0 sMTCP buffer size -ServerAdmin email-address|URLsvCEmail address that the server includes in error +SendBufferSize bytes 0 sMTCP buffer size +ServerAdmin email-address|URLsvCEmail address that the server includes in error messages sent to the client -ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests +ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests to name-virtual hosts -ServerLimit numbersMUpper limit on configurable number of processes -ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify +ServerLimit numbersMUpper limit on configurable number of processes +ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify itself -ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that +ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that is accessed by an incompatible browser -ServerRoot directory-path /usr/local/apache sCBase directory for the server installation -ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response +ServerRoot directory-path /usr/local/apache sCBase directory for the server installation +ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response header -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable [value]svdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable [value]svdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler handler-name|NonesvdhCForces all matching files to be processed by a +SetHandler handler-name|NonesvdhCForces all matching files to be processed by a handler -SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST +SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST input -SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the +SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the server -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCompression on|off off svEEnable compression on the SSL level -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries -SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCompression on|off off svEEnable compression on the SSL level +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries +SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates +SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets -SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed -SSLSRPVerifierFile file-pathsvEPath to SRP verifier file -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets +SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed +SSLSRPVerifierFile file-pathsvEPath to SRP verifier file +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses +SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation +SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client +SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache +SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual host. -SSLUserName varnamesdhEVariable name to determine user name -SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLUserName varnamesdhEVariable name to determine user name +SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers numbersMNumber of child server processes created at startup -StartThreads numbersMNumber of threads created on startup -Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +StartServers numbersMNumber of child server processes created at startup +StartThreads numbersMNumber of threads created on startup +Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size Suexec On|OffsBEnable or disable the suEXEC feature SuexecUserGroup User GroupsvEUser and group for CGI programs to run as diff --git a/docs/manual/mod/quickreference.html.es b/docs/manual/mod/quickreference.html.es index 83b12b1a..e2b41e56 100644 --- a/docs/manual/mod/quickreference.html.es +++ b/docs/manual/mod/quickreference.html.es @@ -474,116 +474,127 @@ media type in the HTTP Content-Type header field will exit. Group unix-group #-1 sBGroup under which the server will answer requests -Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +H2Direct on|off on (for non TLS) svEH2 Direct Protocol Switch +H2MaxSessionStreams n 100 svEMaximum number of active streams per HTTP/2 session. +H2MaxWorkerIdleSeconds n 600 sEMaximum number of seconds h2 workers remain idle until shut down. +H2MaxWorkers nsEMaximum number of worker threads to use per child process. +H2MinWorkers nsEMinimal number of worker threads to use per child process. +H2SerializeHeaders on|off off svESerialize Request/Resoonse Processing Switch +H2SessionExtraFiles n 5 svENumber of Extra File Handles +H2StreamMaxMemSize bytes 65536 svEMaximum amount of output data buffered per stream. +H2WindowSize bytes 65536 svESize of Stream Window for upstream data. +Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP response headers -HeaderName filenamesvdhBName of the file that will be inserted at the top +svdhEConfigure HTTP response headers +HeaderName filenamesvdhBName of the file that will be inserted at the top of the index listing -HeartbeatAddress addr:portsXMulticast address for heartbeat packets -HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests -HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending +HeartbeatAddress addr:portsXMulticast address for heartbeat packets +HeartbeatListenaddr:portsXmulticast address to listen for incoming heartbeat requests +HeartbeatMaxServers number-of-servers 10 sXSpecifies the maximum number of servers that will be sending heartbeat requests to this server -HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data -HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data -HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses -IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote +HeartbeatStorage file-path logs/hb.dat sXPath to store heartbeat data +HeartbeatStorage file-path logs/hb.dat sXPath to read heartbeat data +HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses +IdentityCheck On|Off Off svdEEnables logging of the RFC 1413 identity of the remote user -IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests -<If expression> ... </If>svdhCContains directives that apply only if a condition is +IdentityCheckTimeout seconds 30 svdEDetermines the timeout duration for ident requests +<If expression> ... </If>svdhCContains directives that apply only if a condition is satisfied by a request at runtime -<IfDefine [!]parameter-name> ... - </IfDefine>svdhCEncloses directives that will be processed only +<IfDefine [!]parameter-name> ... + </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup -<IfModule [!]module-file|module-identifier> ... - </IfModule>svdhCEncloses directives that are processed conditional on the +<IfModule [!]module-file|module-identifier> ... + </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include [optional|strict] file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include [optional|strict] file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precendence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +listeners' buckets LoadFile filename [filename] ...svELink in the named object file or library LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules @@ -646,380 +657,384 @@ simultaneously MaxSpareServers number 10 sMMaximum number of idle child server processes MaxSpareThreads numbersMMaximum number of idle threads MaxThreads number 2048 sMSet the maximum number of worker threads -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual +NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] URL-path -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] URL-path +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP request headers -RequestReadTimeout +svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched by Apache httpd children -RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched +RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched by Apache httpd children -RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by +RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by processes launched by Apache httpd children -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for +ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for the child processes -Script method cgi-scriptsvdBActivates a CGI script for a particular request +Script method cgi-scriptsvdBActivates a CGI script for a particular request method. -ScriptAlias URL-path -file-path|directory-pathsvBMaps a URL to a filesystem location and designates the +ScriptAlias URL-path +file-path|directory-pathsvBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI scripts -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize bytes 0 sMTCP buffer size -ServerAdmin email-address|URLsvCEmail address that the server includes in error +SendBufferSize bytes 0 sMTCP buffer size +ServerAdmin email-address|URLsvCEmail address that the server includes in error messages sent to the client -ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests +ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests to name-virtual hosts -ServerLimit numbersMUpper limit on configurable number of processes -ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify +ServerLimit numbersMUpper limit on configurable number of processes +ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify itself -ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that +ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that is accessed by an incompatible browser -ServerRoot directory-path /usr/local/apache sCBase directory for the server installation -ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response +ServerRoot directory-path /usr/local/apache sCBase directory for the server installation +ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response header -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable [value]svdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable [value]svdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler handler-name|NonesvdhCForces all matching files to be processed by a +SetHandler handler-name|NonesvdhCForces all matching files to be processed by a handler -SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST +SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST input -SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the +SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the server -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCompression on|off off svEEnable compression on the SSL level -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries -SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCompression on|off off svEEnable compression on the SSL level +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries +SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates +SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets -SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed -SSLSRPVerifierFile file-pathsvEPath to SRP verifier file -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets +SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed +SSLSRPVerifierFile file-pathsvEPath to SRP verifier file +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses +SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation +SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client +SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache +SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual host. -SSLUserName varnamesdhEVariable name to determine user name -SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLUserName varnamesdhEVariable name to determine user name +SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers numbersMNumber of child server processes created at startup -StartThreads numbersMNumber of threads created on startup -Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +StartServers numbersMNumber of child server processes created at startup +StartThreads numbersMNumber of threads created on startup +Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size Suexec On|OffsBEnable or disable the suEXEC feature SuexecUserGroup User GroupsvEUser and group for CGI programs to run as diff --git a/docs/manual/mod/quickreference.html.fr b/docs/manual/mod/quickreference.html.fr index ff4550d3..cc823ef9 100644 --- a/docs/manual/mod/quickreference.html.fr +++ b/docs/manual/mod/quickreference.html.fr @@ -46,8 +46,8 @@ Si la valeur par dfaut est trop grande pour pouvoir tre affiche, elle sera tronque et suivie d'un "+".

    -

    Les troisime et quatrime colonnes numrent les contextes dans - lesquels la directive est applicable ainsi que son statut en accord avec le +

    La troisime colonne numre les contextes dans + lesquels la directive est applicable, et la quatrime indique son statut en accord avec le tableau des lgendes ci-dessous.

    @@ -124,7 +124,7 @@ particulier - s'arrter dans le cas d'un arrt "en douceur" - + + + + + + + + + - + - - - + - - + - - - - - - - - + - - - - - + - - - - - - - - - - - - - - + - - - - - - - - + - - - - - - - - + - - - - - - - - - - - - - - + + - + - - - + - - - - - - + + - - - - - - + - - - - - - - - - + + + + - - - - - - - - - + + + - - - - - - - + + - - - + - - - - - + + - - - - - - - - - - - - - - - - - - - - - - - - + - - - - - + - - - - - - - - - - - - - - + - - - - - - - - - - - + - - - - - - - + - - - - - - - - - + - - - - - - - - - + - - - - + - - + - - - - - - - + - - - - - - - - + - - + - - - - - + - - + - - - - + - - - - - - + - - - - - - - + - - - + + - - - - - - - + + - - - - + + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + - - + - - - - - - + - - - - + + - - - + + - - + + + + + + + + + + - - - + + - - - + + - - - + - - - - - + + - - - + - - + - - - - - - + + - - - - + + - - - - + + - - - - - - - + + + + + - - - - - - - - - + + + + + + + - - - - + + - - - + - - - - - - + + + + + @@ -605,344 +616,348 @@ simultaneously - - + + - - + - - - + - - - + + - - - - - - - - + + + + + - - - + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - - - - + + + + - - + - - + - - - - - - - - - - + + + + + + + + + - - - - - - - - + + + + + - - - - - - + + + + - - - + + - - - - - - - - - - - + + + + + + + - - - - - - + + + - - + - - - - - - + - - - - - + + + + - - - - + - - - - - - - - - - + + + + + + - - + - - - - + + - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + - - + - - - - - - - + + + + + + + - - - - - + + + + - - - - - + - - - - - + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - + - - - + - - - - - - - - - - - - + + + + + + - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - + + + + diff --git a/docs/manual/mod/quickreference.html.ko.euc-kr b/docs/manual/mod/quickreference.html.ko.euc-kr index 6761fd26..7ee2dc23 100644 --- a/docs/manual/mod/quickreference.html.ko.euc-kr +++ b/docs/manual/mod/quickreference.html.ko.euc-kr @@ -443,109 +443,120 @@ media type in the HTTP Content-Type header field will exit. - - - - - + + + + + + + + + + + + + - - - - - - + + + + + - - - - - + + - - + - - - - + + - - - - - + + + + - - - - + + - - - + - - - - - - - - + + + + + - - - - - - - - - + + + + + + + - - - - + + - - - - - - - - + - + + @@ -608,370 +619,374 @@ simultaneously - - - - - + + + + + - - + - - - + + - - - - - - - + + - - - - + + - - - - - - + + + + + + - - - - - - - - - - + + + + + + + + - - - - - + + + + - - + - - + - - - - + + + - - - - - - + + + + - - - - - - + - - + - - - - - - + + + + - - - + + - - - - - - - - - - - + + + + + + + - - - - - - - - + - - - - - - + - - - - - + + + + - - - - - - - - - - - - - - + + + + + - - + - - - + - - - - + + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - - - - - + + + + + - - + + - - - - - + - - + - - - + + - - + - - - - - + - - - - - + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - + - - - + - - - - - - - - - - - - + + + + + + - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - + + + + diff --git a/docs/manual/mod/quickreference.html.tr.utf8 b/docs/manual/mod/quickreference.html.tr.utf8 index 636ecfc9..9855dea6 100644 --- a/docs/manual/mod/quickreference.html.tr.utf8 +++ b/docs/manual/mod/quickreference.html.tr.utf8 @@ -117,8 +117,8 @@ responses from the server - + @@ -465,118 +465,128 @@ found - + + + + + + + + + - + - - - + + - - - + + - - - + - - - - - + + - - - - - + + - - - - - - + + - - - - + + - - - + - - - - - - - - + + + + + - - - - - - - - - + + + + + + + - - - - + + - - - - - - - - - + + + - + @@ -641,378 +651,382 @@ processing - - + + - - + - - - + - - - + + - - - - + + - - - + + - - - - - + + + - - - - - + + + + + + - - - - - - - - - - + + + + + + + + - - - - - + + + + - - + - - + - - - - + + + - - - - - - + + + + - - - - - - + - - + - - - - - - + + + + - - - + - - - - - - - - - - - + + + + + + + - - - - - - - - + - - - - - - + - - - - - + + + + - - - - - - - + - - - + + - - + - - + - - + - - - - - - + + + + - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - - - - - + + + + + - - + - - - - - + + - - + - - - + + - - + - - - - - + - - - - - + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - + - - - + - - - - - - - - - - - - + + + + + + - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - + + will exit. - + + + + + + + + + - + - - - + + - - - - + + + - - + - - - - - + + - - - - - + - - - - - - + + + - - - - + + - - - + - - - - - - - - + + + + + - - - - - - - - - + + + + + + + - - - - + + - - - - - - - - + - + + @@ -634,380 +645,384 @@ simultaneously - - + + - - + - - - + - - - + + - - - - - - - + + - - - - + + - - - - - - + + + + + + - - - - - - - - - - + + + + + + + + - - - - - + + + + - - + - - + - - - - + + + - - - - - - + + + + - - - - - - + - - + - - - - - - + + + + - - - + - - - - - - - - - - - + + + + + + + - - - - - - - - + - - - - - - + - - - - - + + + + - - - - - - - - - - + - - + - - + - - + - - - + - - - - + + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - - - - - + + + + + - - + - - - - - + - - + - - - + + - - + - - - - - + - - - - - + + + - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - - + - - - + - - - - - - - - - - - - + + + + + + - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - + + + + diff --git a/docs/manual/new_features_2_4.html.tr.utf8 b/docs/manual/new_features_2_4.html.tr.utf8 index e719cebc..3796c425 100644 --- a/docs/manual/new_features_2_4.html.tr.utf8 +++ b/docs/manual/new_features_2_4.html.tr.utf8 @@ -27,7 +27,6 @@  fr  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Bu belgede Apache HTTP Sunucusunun 2.2 ve 2.4 sürümleri arasındaki başlıca farklara değinilmiştir. 2.0 sürümüne göre yeni özellikler için Apache 2.2’de Yeni olan Özellikler @@ -47,8 +46,9 @@

    Çalışma anında yüklenebilen MPM'ler
    Çok sayıda MPM artık yüklenebilir - modül olarak derlenebilmektedir. - Kullanılacak MPM'in seçimi çalışma anında yapılabilmektedir.
    + modül olarak derlenebilmektedir. Kullanılacak MPM'in seçimi + çalışma anında LoadModule + yönergesi üzerinden yapılabilmektedir.
    Event MPM
    Event MPM artık deneysel değil, ancak diff --git a/docs/manual/programs/ab.html.tr.utf8 b/docs/manual/programs/ab.html.tr.utf8 index 6d5d17cb..8da3aad3 100644 --- a/docs/manual/programs/ab.html.tr.utf8 +++ b/docs/manual/programs/ab.html.tr.utf8 @@ -28,7 +28,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    ab Apache Hiper Metin Aktarım Protokolü (HTTP) sunucunuzun başarımını ölçmek amacıyla kullanabileceğiniz bir diff --git a/docs/manual/rewrite/flags.html.en b/docs/manual/rewrite/flags.html.en index bffe1d90..cfd8f7e0 100644 --- a/docs/manual/rewrite/flags.html.en +++ b/docs/manual/rewrite/flags.html.en @@ -134,6 +134,15 @@ follows:

    [CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly]

    +

    If a literal ':' character is needed in any of the cookie fields, an +alternate syntax is available. To opt-in to the alternate syntax, the cookie +"Name" should be preceded with a ';' character, and field separators should be +specified as ';'.

    + +

    +[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly] +

    +

    You must declare a name, a value, and a domain for the cookie to be set.

    diff --git a/docs/manual/rewrite/flags.html.fr b/docs/manual/rewrite/flags.html.fr index 7050bd9a..82779aeb 100644 --- a/docs/manual/rewrite/flags.html.fr +++ b/docs/manual/rewrite/flags.html.fr @@ -145,6 +145,15 @@ suivante :

    [CO=NAME:VALUE:DOMAIN:lifetime:path:secure:httponly]

    +

    Si un caractre littral ':' doit tre insrer dans un des champs du +cookie, une autre syntaxe est disponible. Pour utiliser cette syntaxe +alternative, le contenu du champ "Name" doit tre prcd du caractre +';', et les spateurs de champs deviendront des ';'.

    + +

    +[CO=;NAME;VALUE:MOREVALUE;DOMAIN;lifetime;path;secure;httponly] +

    +

    Vous devez dclarer un nom, une valeur et un domaine pour que le cookie puisse tre dfini.

    diff --git a/docs/manual/sitemap.html.de b/docs/manual/sitemap.html.de index dc901081..1f3f0d85 100644 --- a/docs/manual/sitemap.html.de +++ b/docs/manual/sitemap.html.de @@ -240,6 +240,7 @@ HPUX betreiben
  • Apache-Modul mod_headers
  • Apache-Modul mod_heartbeat
  • Apache-Modul mod_heartmonitor
    • +
  • Apache-Modul mod_http2
  • Apache-Modul mod_ident
  • Apache-Modul mod_imagemap
  • Apache-Modul mod_include
    • diff --git a/docs/manual/sitemap.html.en b/docs/manual/sitemap.html.en index a741c1de..5a0a1634 100644 --- a/docs/manual/sitemap.html.en +++ b/docs/manual/sitemap.html.en @@ -240,6 +240,7 @@ log_server_status
  • Apache Module mod_headers
  • Apache Module mod_heartbeat
  • Apache Module mod_heartmonitor
    • +
  • Apache Module mod_http2
  • Apache Module mod_ident
  • Apache Module mod_imagemap
  • Apache Module mod_include
    • diff --git a/docs/manual/sitemap.html.es b/docs/manual/sitemap.html.es index 13a2dece..aeff96cf 100644 --- a/docs/manual/sitemap.html.es +++ b/docs/manual/sitemap.html.es @@ -222,6 +222,7 @@ usados para describir las directivas de Apache
  • Mdulo Apache mod_headers
  • Mdulo Apache mod_heartbeat
  • Mdulo Apache mod_heartmonitor
    • +
  • Mdulo Apache mod_http2
  • Mdulo Apache mod_ident
  • Mdulo Apache mod_imagemap
  • Mdulo Apache mod_include
    • diff --git a/docs/manual/sitemap.html.fr b/docs/manual/sitemap.html.fr index dda7548a..fc41619a 100644 --- a/docs/manual/sitemap.html.fr +++ b/docs/manual/sitemap.html.fr @@ -255,6 +255,7 @@ pour d
  • Module Apache mod_headers
  • Module Apache mod_heartbeat
  • Module Apache mod_heartmonitor
    • +
  • Module Apache mod_http2
  • Module Apache mod_ident
  • Module Apache mod_imagemap
  • Module Apache mod_include
    • diff --git a/docs/manual/sitemap.html.ja.utf8 b/docs/manual/sitemap.html.ja.utf8 index 39c39388..3a5b99b4 100644 --- a/docs/manual/sitemap.html.ja.utf8 +++ b/docs/manual/sitemap.html.ja.utf8 @@ -221,6 +221,7 @@
  • Apache モジュール mod_headers
  • Apache モジュール mod_heartbeat
  • Apache モジュール mod_heartmonitor
    • +
  • Apache モジュール mod_http2
  • Apache モジュール mod_ident
  • Apache モジュール mod_imagemap
  • Apache モジュール mod_include
    • diff --git a/docs/manual/sitemap.html.ko.euc-kr b/docs/manual/sitemap.html.ko.euc-kr index 80872653..d8111df5 100644 --- a/docs/manual/sitemap.html.ko.euc-kr +++ b/docs/manual/sitemap.html.ko.euc-kr @@ -220,6 +220,7 @@
  • ġ mod_headers
  • ġ mod_heartbeat
  • ġ mod_heartmonitor
    • +
  • ġ mod_http2
  • ġ mod_ident
  • ġ mod_imagemap
  • ġ mod_include
    • diff --git a/docs/manual/sitemap.html.tr.utf8 b/docs/manual/sitemap.html.tr.utf8 index 532bae34..c5d8b4fe 100644 --- a/docs/manual/sitemap.html.tr.utf8 +++ b/docs/manual/sitemap.html.tr.utf8 @@ -235,6 +235,7 @@ Windows ile Apache Kullanımı
  • Apache Modülü mod_headers
  • Apache Modülü mod_heartbeat
  • Apache Modülü mod_heartmonitor
    • +
  • Apache Modülü mod_http2
  • Apache Modülü mod_ident
  • Apache Modülü mod_imagemap
  • Apache Modülü mod_include
    • diff --git a/docs/manual/sitemap.html.zh-cn.utf8 b/docs/manual/sitemap.html.zh-cn.utf8 index a7b31604..d54e1d83 100644 --- a/docs/manual/sitemap.html.zh-cn.utf8 +++ b/docs/manual/sitemap.html.zh-cn.utf8 @@ -221,6 +221,7 @@
  • Apache 模块 mod_headers
  • Apache 模块 mod_heartbeat
  • Apache 模块 mod_heartmonitor
    • +
  • Apache 模块 mod_http2
  • Apache 模块 mod_ident
  • Apache 模块 mod_imagemap
  • Apache 模块 mod_include
    • diff --git a/docs/manual/ssl/ssl_howto.html.fr b/docs/manual/ssl/ssl_howto.html.fr index 868aab84..693fb43b 100644 --- a/docs/manual/ssl/ssl_howto.html.fr +++ b/docs/manual/ssl/ssl_howto.html.fr @@ -26,8 +26,6 @@

    Langues Disponibles:  en  |  fr 

    -
    Cette traduction peut tre prime. Vrifiez la version - anglaise pour les changements rcents.

    Ce document doit vous permettre de dmarrer et de faire fonctionner diff --git a/docs/manual/stopping.html.fr b/docs/manual/stopping.html.fr index efbc82d3..4878c0e4 100644 --- a/docs/manual/stopping.html.fr +++ b/docs/manual/stopping.html.fr @@ -54,7 +54,8 @@

    Afin d'arrter ou redmarrer le serveur HTTP Apache, vous devez envoyer un signal aux processus httpd en cours d'excution. Les signaux - peuvent tre envoys de deux manires. Tout d'abord, vous pouvez + peuvent tre envoys de deux manires. La + premire mthode consiste utiliser la commande unix kill pour envoyer directement des signaux aux processus. Vous pouvez remarquer que plusieurs processus httpd s'excutent sur votre @@ -62,13 +63,13 @@ dont le PID est enregistr dans le fichier prcis par la directive PidFile. Autrement dit, vous n'aurez jamais besoin d'envoyer des signaux aucun des - processus enfants, mais seulement au processus parent. Trois types + processus enfants, mais seulement au processus parent. Quatre types de signaux peuvent tre envoys au processus parent : TERM, USR1, HUP, et WINCH, qui - sera dcrit plus loin.

    + seront dcrit plus loin.

    Pour envoyer un signal au processus parent, vous devez entrer une commande du style :

    @@ -77,10 +78,10 @@

    La seconde mthode permettant d'envoyer des signaux aux processus httpd - consiste utiliser les options de ligne de commande -k : - stop, - restart, graceful et graceful-stop, - comme dcrit ci-dessous. Ce sont des arguments du binaire + consiste utiliser les options stop, + restart, graceful et + graceful-stop du commutateur -k de la ligne + de commande comme dcrit ci-dessous. Ce sont des arguments du binaire httpd, mais il est recommand de les utiliser avec le script de contrle apachectl, qui se chargera de les passer httpd.

    @@ -137,7 +138,7 @@ enfants n'ont pas t crs, un nombre suffisant de processus supplmentaires est cr pour combler le manque. Ainsi le code tente de maintenir la fois le nombre appropri de processus enfants - en fonction de la charge du serveur, et vos souhaits dfinis par la + en fonction de la charge du serveur, et le nombre de processus dfini par la directive StartServers.

    Les utilisateurs du module mod_status @@ -152,7 +153,7 @@ enfants au cours des diffrentes gnrations.

    Dans son tat des processus, - le module status utilise aussi un G afin d'indiquer + le module status utilise aussi un caractre G afin d'indiquer quels processus enfants ont encore des traitements de requtes en cours dbuts avant que l'ordre graceful restart ne soit donn.

    @@ -182,7 +183,7 @@ correctement. Pour vrifier la smantique des fichiers de configuration en plus de leur syntaxe, vous pouvez essayer de dmarrer httpd sous un utilisateur non root. - S'il n'y a pas d'erreurs, il tentera d'ouvrir ses sockets et ses fichiers + S'il n'y a pas d'erreur, il tentera d'ouvrir ses sockets et ses fichiers de log et chouera car il n'a pas les privilges root (ou parce que l'instance actuelle de httpd est dj associe ces ports). S'il choue @@ -224,7 +225,7 @@ vous recevrez un message concernant ces erreurs.

    A la rception du signal WINCH ou graceful-stop, le - processus parent avise ses processus enfants + processus parent ordonne ses processus enfants de s'arrter aprs le traitement de leur requte en cours (ou de s'arrter immdiatement s'ils n'ont plus de requte traiter). Le processus parent va alors supprimer son fichier diff --git a/docs/manual/style/version.ent b/docs/manual/style/version.ent index 084db614..bf0e2316 100644 --- a/docs/manual/style/version.ent +++ b/docs/manual/style/version.ent @@ -19,6 +19,6 @@ - + diff --git a/docs/manual/vhosts/examples.html.tr.utf8 b/docs/manual/vhosts/examples.html.tr.utf8 index 674234fa..3368065e 100644 --- a/docs/manual/vhosts/examples.html.tr.utf8 +++ b/docs/manual/vhosts/examples.html.tr.utf8 @@ -29,7 +29,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Bu belgede sanal konaklarla ile ilgili olarak @@ -79,14 +78,14 @@ 

    # Apache’nin 80. portu dinlediğinden emin olalım
 Listen 80
 <VirtualHost *:80>
-  DocumentRoot /siteler/ecom
+  DocumentRoot "/siteler/ecom"
   ServerName example.com
 
   # Diğer yönergeler, burada ...
 </VirtualHost>
 
 <VirtualHost *:80>
-  DocumentRoot /siteler/eorg
+  DocumentRoot "/siteler/eorg"
   ServerName example.org
 
   # Diğer yönergeler, burada ...
@@ -147,17 +146,17 @@ Listen 80
 
 # Bu, 192.168.1.2 adresindeki "ana sunucu" olsun
 ServerName sunucu.example.com
-DocumentRoot /siteler/anasunucu
+DocumentRoot "/siteler/anasunucu"
 
 <VirtualHost 192.168.1.20>
-    DocumentRoot /siteler/ecom
+    DocumentRoot "/siteler/ecom"
     ServerName example.com
 
     # Diğer yönergeler, burada ...
 </VirtualHost>
 
 <VirtualHost 192.168.1.20>
-    DocumentRoot /siteler/eorg
+    DocumentRoot "/siteler/eorg"
     ServerName example.org
 
     # Diğer yönergeler, burada ...
@@ -184,7 +183,7 @@ DocumentRoot /siteler/anasunucu
       verebilir.
    
 
     
    <VirtualHost 192.168.1.1 172.20.30.40>
-    DocumentRoot /siteler/sunucu
+    DocumentRoot "/siteler/sunucu"
     ServerName sunucu.example.com
     ServerAlias sunucu
 </VirtualHost>
    
@@ -218,22 +217,22 @@ Listen 8080
 
 <VirtualHost 172.20.30.40:80>
     ServerName example.com
-    DocumentRoot /siteler/ecom-80
+    DocumentRoot "/siteler/ecom-80"
 </VirtualHost>
 
 <VirtualHost 172.20.30.40:8080>
     ServerName example.com
-    DocumentRoot /siteler/ecom-8080
+    DocumentRoot "/siteler/ecom-8080"
 </VirtualHost>
 
 <VirtualHost 172.20.30.40:80>
     ServerName example.org
-    DocumentRoot /siteler/eorg-80
+    DocumentRoot "/siteler/eorg-80"
 </VirtualHost>
 
 <VirtualHost 172.20.30.40:8080>
     ServerName example.org
-    DocumentRoot /siteler/eorg-8080
+    DocumentRoot "/siteler/eorg-8080"
 </VirtualHost>
    @@ -248,12 +247,12 @@ Listen 8080 
    Listen 80
 
 <VirtualHost 172.20.30.40>
-    DocumentRoot /siteler/ecom
+    DocumentRoot "/siteler/ecom"
     ServerName example.com
 </VirtualHost>
 
 <VirtualHost 172.20.30.50>
-    DocumentRoot /siteler/eorg
+    DocumentRoot "/siteler/eorg"
     ServerName example.org
 </VirtualHost>
    @@ -277,22 +276,22 @@ Listen 172.20.30.50:80 Listen 172.20.30.50:8080 <VirtualHost 172.20.30.40:80> - DocumentRoot /siteler/ecom-80 + DocumentRoot "/siteler/ecom-80" ServerName example.com </VirtualHost> <VirtualHost 172.20.30.40:8080> - DocumentRoot /siteler/ecom-8080 + DocumentRoot "/siteler/ecom-8080" ServerName example.com </VirtualHost> <VirtualHost 172.20.30.50:80> - DocumentRoot /siteler/eorg-80 + DocumentRoot "/siteler/eorg-80" ServerName example.org </VirtualHost> <VirtualHost 172.20.30.50:8080> - DocumentRoot /siteler/eorg-8080 + DocumentRoot "/siteler/eorg-8080" ServerName example.org </VirtualHost> @@ -309,28 +308,28 @@ Listen 172.20.30.50:8080 
    Listen 80
 
 <VirtualHost 172.20.30.40>
-    DocumentRoot /siteler/ecom
+    DocumentRoot "/siteler/ecom"
     ServerName example.com
 </VirtualHost>
 
 <VirtualHost 172.20.30.40>
-    DocumentRoot /siteler/eorg
+    DocumentRoot "/siteler/eorg"
     ServerName example.org
 </VirtualHost>
 
 <VirtualHost 172.20.30.40>
-    DocumentRoot /siteler/enet
+    DocumentRoot "/siteler/enet"
     ServerName example.net
 </VirtualHost>
 
 # IP'ye dayalı
 <VirtualHost 172.20.30.50>
-    DocumentRoot /siteler/eedu
+    DocumentRoot "/siteler/eedu"
     ServerName example.edu
 </VirtualHost>
 
 <VirtualHost 172.20.30.60>
-    DocumentRoot /siteler/egov
+    DocumentRoot "/siteler/egov"
     ServerName example.gov
 </VirtualHost>
    @@ -350,8 +349,8 @@ Listen 172.20.30.50:8080 
    <VirtualHost *:*>
     ProxyPreserveHost On
-    ProxyPass / http://192.168.111.2/
-    ProxyPassReverse / http://192.168.111.2/
+    ProxyPass "/" "http://192.168.111.2/"
+    ProxyPassReverse "/" "http://192.168.111.2/"
     ServerName konak.example.com
 </VirtualHost>
    @@ -367,7 +366,7 @@ Listen 172.20.30.50:8080 adresi/portu ile eşleşmeyen istekleri yakalamak istersek...

    <VirtualHost _default_:*>
-    DocumentRoot /siteler/default
+    DocumentRoot "/siteler/default"
 </VirtualHost>
    @@ -393,12 +392,12 @@ Listen 172.20.30.50:8080 _default_ sanal konağı kullanmak istersek...

    <VirtualHost _default_:80>
-    DocumentRoot /siteler/default80
+    DocumentRoot "/siteler/default80"
     # ...
 </VirtualHost>
 
 <VirtualHost _default_:*>
-    DocumentRoot /siteler/default
+    DocumentRoot "/siteler/default"
     # ...
 </VirtualHost>
    @@ -416,7 +415,7 @@ Listen 172.20.30.50:8080 sunmasını istersek...

    <VirtualHost _default_:80>
-    DocumentRoot /siteler/default
+    DocumentRoot "/siteler/default"
     ...
 </VirtualHost>
    @@ -447,16 +446,16 @@ Listen 172.20.30.50:8080 
    Listen 80
 ServerName example.com
-DocumentRoot /siteler/ecom
+DocumentRoot "/siteler/ecom"
 
 <VirtualHost 192.168.1.20 192.168.1.2>
-    DocumentRoot /siteler/eorg
+    DocumentRoot "/siteler/eorg"
     ServerName example.org
     # ...
 </VirtualHost>
 
 <VirtualHost 192.168.1.20>
-    DocumentRoot /siteler/enet
+    DocumentRoot "/siteler/enet"
     ServerName example.enet
     ServerAlias *.example.enet
     # ...
@@ -483,27 +482,27 @@ DocumentRoot /siteler/ecom
 
     
    <VirtualHost 172.20.30.40>
     # ilk sanal konak
-    DocumentRoot /siteler/baska
+    DocumentRoot "/siteler/baska"
     RewriteEngine On
-    RewriteRule . /siteler/baska/index.html
+    RewriteRule "." "/siteler/baska/index.html"
     # ...
 </VirtualHost>
 
 <VirtualHost 172.20.30.40>
 DocumentRoot /siteler/baska/bir
-    ServerName bir.baska.tld
-    ServerPath /bir/
+    ServerName "bir.baska.tld"
+    ServerPath "/bir/"
     RewriteEngine On
-    RewriteRule ^(/bir/.*) /siteler/baska$1
+    RewriteRule "^(/bir/.*) /siteler/baska$1"
     # ...
 </VirtualHost>
 
 <VirtualHost 172.20.30.40>
-    DocumentRoot /siteler/baska/iki
+    DocumentRoot "/siteler/baska/iki"
     ServerName iki.baska.tld
-    ServerPath /iki/
+    ServerPath "/iki/"
     RewriteEngine On
-    RewriteRule ^(/iki/.*) /siteler/baska$1
+    RewriteRule "^(/iki/.*)" "/siteler/baska$1"
     # ...
 </VirtualHost>
    
 
diff --git a/docs/manual/vhosts/ip-based.html.tr.utf8 b/docs/manual/vhosts/ip-based.html.tr.utf8
index 16b2a8ee..fe8d43b2 100644
--- a/docs/manual/vhosts/ip-based.html.tr.utf8
+++ b/docs/manual/vhosts/ip-based.html.tr.utf8
@@ -29,7 +29,6 @@
  ko  |
  tr 
    
 
-
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    
 
 
    •  IP'ye dayalı sanal konak desteği nedir
      • 
 
    •  Sistem gereksinimleri
      • 
@@ -138,18 +137,18 @@
 
     
      <VirtualHost 192.168.1.10:80>
     ServerAdmin bilgi@example.com
-    DocumentRoot /siteler/belgeler/ecom
+    DocumentRoot "/siteler/belgeler/ecom"
     ServerName example.com
-    ErrorLog /siteler/gunlukler/ecom/hatalar.log
-    CustomLog /siteler/gunlukler/ecom/erisim.log combined
+    ErrorLog "/siteler/gunlukler/ecom/hatalar.log"
+    CustomLog "/siteler/gunlukler/ecom/erisim.log" combined
 </VirtualHost>
 
 <VirtualHost 192.168.1.20:80>
     ServerAdmin bilgi@example.org
-    DocumentRoot /siteler/belgeler/eorg
+    DocumentRoot "/siteler/belgeler/eorg"
     ServerName example.org
-    ErrorLog /siteler/gunlukler/eorg/hatalar.log
-    CustomLog /siteler/gunlukler/eorg/erisim.log combined
+    ErrorLog "/siteler/gunlukler/eorg/hatalar.log"
+    CustomLog "/siteler/gunlukler/eorg/erisim.log" combined
 </VirtualHost>
      
 
 
diff --git a/docs/manual/vhosts/mass.html.tr.utf8 b/docs/manual/vhosts/mass.html.tr.utf8
index e5f87d59..6a5e90fb 100644
--- a/docs/manual/vhosts/mass.html.tr.utf8
+++ b/docs/manual/vhosts/mass.html.tr.utf8
@@ -28,7 +28,6 @@
  ko  |
  tr 
      
 
    
-
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    
 
 
     
    Bu belgede sanal konakların sonu belirsiz bir şekilde artışı karşısında
@@ -58,20 +57,20 @@
 
 
    <VirtualHost 111.22.33.44>
     ServerName                 musteri-1.example.com
-    DocumentRoot        /siteler/musteri-1/belgeler
-    ScriptAlias  /cgi-bin/  /siteler/musteri-1/cgi-bin
+    DocumentRoot        "/siteler/musteri-1/belgeler"
+    ScriptAlias  "/cgi-bin/"  "/siteler/musteri-1/cgi-bin"
 </VirtualHost>
 
 <VirtualHost 111.22.33.44>
     ServerName                 musteri-2.example.com
-    DocumentRoot        /siteler/musteri-2/belgeler
-    ScriptAlias  /cgi-bin/  /siteler/musteri-2/cgi-bin
+    DocumentRoot        "/siteler/musteri-2/belgeler"
+    ScriptAlias   "/cgi-bin/"   "/siteler/musteri-2/cgi-bin"
 </VirtualHost>
 
 <VirtualHost 111.22.33.44>
     ServerName                 musteri-N.example.com
-    DocumentRoot        /siteler/musteri-N/belgeler
-    ScriptAlias  /cgi-bin/  /siteler/musteri-N/cgi-bin
+    DocumentRoot          "/siteler/musteri-N/belgeler"
+    ScriptAlias   "/cgi-bin/"  "/siteler/musteri-N/cgi-bin"
 </VirtualHost>
    
 
 
@@ -157,12 +156,12 @@ UseCanonicalName Off
 # Bu günlükleme biçiminde split-logfile aracı kullanılarak
 # sanal konak günlükleri ilk alana göre ayrıştırılabilir
 LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
-CustomLog logs/access_log vcommon
+CustomLog "logs/access_log vcommon"
 
 # istekleri yerine getirmek için kullanılacak
 # dosya isimlerine sunucu ismini ekleyelim
-VirtualDocumentRoot /siteler/%0/belgeler
-VirtualScriptAlias  /siteler/%0/cgi-bin
    +VirtualDocumentRoot "/siteler/%0/belgeler" +VirtualScriptAlias "/siteler/%0/cgi-bin"

    Bu yapılandırmayı IP’ye dayalı sanal konaklar için kullanmak isterseniz @@ -193,10 +192,10 @@ LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon CustomLog logs/access_log vcommon # sunucu ismini içerecek dosya isimlerini oluşturalım -VirtualDocumentRoot /home/%2/www +VirtualDocumentRoot "/home/%2/www" # ortak cgi-bin dizini -ScriptAlias /cgi-bin/ /siteler/std-cgi/ +ScriptAlias "/cgi-bin/" "/siteler/std-cgi/"

    mod_vhost_alias belgesinde daha karmaşık @@ -217,12 +216,12 @@ ScriptAlias /cgi-bin/ /siteler/std-cgi/ LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon -<Directory /siteler/kurumsal> +<Directory "/siteler/kurumsal"> Options FollowSymLinks AllowOverride All </Directory> -<Directory /siteler/bireysel> +<Directory "/siteler/bireysel"> Options FollowSymLinks AllowOverride None </Directory> @@ -230,19 +229,19 @@ LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <VirtualHost 111.22.33.44> ServerName kurumsal.example.com - CustomLog logs/access_log.kurumsal vcommon + CustomLog "logs/access_log.kurumsal" vcommon - VirtualDocumentRoot /siteler/kurumsal/%0/belgeler - VirtualScriptAlias /siteler/kurumsal/%0/cgi-bin + VirtualDocumentRoot "/siteler/kurumsal/%0/belgeler" + VirtualScriptAlias "/siteler/kurumsal/%0/cgi-bin" </VirtualHost> <VirtualHost 111.22.33.45> ServerName bireysel.example.com - CustomLog logs/access_log.bireysel vcommon + CustomLog "logs/access_log.bireysel" vcommon - VirtualDocumentRoot /siteler/bireysel/%0/belgeler - ScriptAlias /cgi-bin/ /siteler/std-cgi/ + VirtualDocumentRoot "/siteler/bireysel/%0/belgeler" + ScriptAlias "/cgi-bin/" "/siteler/std-cgi/" </VirtualHost> @@ -272,11 +271,11 @@ UseCanonicalName DNS # Günlük kayıtları IP adreslerine göre ayrıştırılabilsin LogFormat "%A %h %l %u %t \"%r\" %s %b" vcommon -CustomLog logs/access_log vcommon +CustomLog "logs/access_log" vcommon # dosya isimleri IP adreslerini içersin -VirtualDocumentRootIP /siteler/%0/belgeler -VirtualScriptAliasIP /siteler/%0/cgi-bin +VirtualDocumentRootIP "/siteler/%0/belgeler" +VirtualScriptAliasIP "/siteler/%0/cgi-bin"

    top
    diff --git a/docs/manual/vhosts/name-based.html.tr.utf8 b/docs/manual/vhosts/name-based.html.tr.utf8 index 84dd4c98..17c2b2fd 100644 --- a/docs/manual/vhosts/name-based.html.tr.utf8 +++ b/docs/manual/vhosts/name-based.html.tr.utf8 @@ -30,7 +30,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Bu belgede isme dayalı sanal konakların ne zaman, nasıl kullanılacakları açıklanmıştır.

    @@ -151,12 +150,12 @@ Barındırma
  • Çok kullanılan sanal konak ya #İlk sanal konak aynı zamanda *:80 için de öntanımlıdır. ServerName site1.example.com ServerAlias example.com - DocumentRoot /siteler/site1 + DocumentRoot "/siteler/site1" </VirtualHost> <VirtualHost *:80> ServerName site2.example.com - DocumentRoot /siteler/site2 + DocumentRoot "/siteler/site2" </VirtualHost> diff --git a/httpd.spec b/httpd.spec index 09560653..911f4dcc 100644 --- a/httpd.spec +++ b/httpd.spec @@ -4,7 +4,7 @@ Summary: Apache HTTP Server Name: httpd -Version: 2.4.16 +Version: 2.4.17 Release: 1 URL: http://httpd.apache.org/ Vendor: Apache Software Foundation diff --git a/include/ap_config_auto.h.in b/include/ap_config_auto.h.in index dc3481c5..eecd4aad 100644 --- a/include/ap_config_auto.h.in +++ b/include/ap_config_auto.h.in @@ -109,6 +109,15 @@ /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H +/* Define if nghttp2 is available */ +#undef HAVE_NGHTTP2 + +/* Define to 1 if you have the header file. */ +#undef HAVE_NGHTTP2_NGHTTP2_H + +/* Define to 1 if you have the `nghttp2_session_server_new2' function. */ +#undef HAVE_NGHTTP2_SESSION_SERVER_NEW2 + /* Define if OpenSSL is available */ #undef HAVE_OPENSSL diff --git a/include/ap_listen.h b/include/ap_listen.h index 21101cd8..9e3098f2 100644 --- a/include/ap_listen.h +++ b/include/ap_listen.h @@ -77,6 +77,8 @@ struct ap_listen_rec { * The global list of ap_listen_rec structures */ AP_DECLARE_DATA extern ap_listen_rec *ap_listeners; +AP_DECLARE_DATA extern int ap_num_listen_buckets; +AP_DECLARE_DATA extern int ap_have_so_reuseport; /** * Setup all of the defaults for the listener list @@ -91,11 +93,34 @@ AP_DECLARE(void) ap_listen_pre_config(void); */ AP_DECLARE(int) ap_setup_listeners(server_rec *s); +/** + * This function duplicates ap_listeners into multiple buckets when configured + * to (see ListenCoresBucketsRatio) and the platform supports it (eg. number of + * online CPU cores and SO_REUSEPORT available). + * @param p The config pool + * @param s The global server_rec + * @param buckets The array of listeners buckets. + * @param num_buckets The total number of listeners buckets (array size). + * @remark If the given *num_buckets is 0 (input), it will be computed + * according to the platform capacities, otherwise (positive) it + * will be preserved. The number of listeners duplicated will + * always match *num_buckets, be it computed or given. + */ +AP_DECLARE(apr_status_t) ap_duplicate_listeners(apr_pool_t *p, server_rec *s, + ap_listen_rec ***buckets, + int *num_buckets); + /** * Loop through the global ap_listen_rec list and close each of the sockets. */ AP_DECLARE_NONSTD(void) ap_close_listeners(void); +/** + * Loop through the given ap_listen_rec list and close each of the sockets. + * @param listener The listener to close. + */ +AP_DECLARE_NONSTD(void) ap_close_listeners_ex(ap_listen_rec *listeners); + /** * FIXMEDOC */ @@ -109,6 +134,7 @@ AP_DECLARE_NONSTD(int) ap_close_selected_listeners(ap_slave_t *); * called. */ AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd, void *dummy, const char *arg); +AP_DECLARE_NONSTD(const char *) ap_set_listencbratio(cmd_parms *cmd, void *dummy, const char *arg); AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy, int argc, char *const argv[]); AP_DECLARE_NONSTD(const char *) ap_set_send_buffer_size(cmd_parms *cmd, void *dummy, @@ -120,6 +146,8 @@ AP_DECLARE_NONSTD(const char *) ap_set_receive_buffer_size(cmd_parms *cmd, #define LISTEN_COMMANDS \ AP_INIT_TAKE1("ListenBacklog", ap_set_listenbacklog, NULL, RSRC_CONF, \ "Maximum length of the queue of pending connections, as used by listen(2)"), \ +AP_INIT_TAKE1("ListenCoresBucketsRatio", ap_set_listencbratio, NULL, RSRC_CONF, \ + "Ratio between the number of CPU cores (online) and the number of listeners buckets"), \ AP_INIT_TAKE_ARGV("Listen", ap_set_listener, NULL, RSRC_CONF, \ "A port number or a numeric IP address and a port number, and an optional protocol"), \ AP_INIT_TAKE1("SendBufferSize", ap_set_send_buffer_size, NULL, RSRC_CONF, \ diff --git a/include/ap_mmn.h b/include/ap_mmn.h index 7e609e3e..015ff6d3 100644 --- a/include/ap_mmn.h +++ b/include/ap_mmn.h @@ -445,6 +445,17 @@ * 20120211.46 (2.4.13-dev) Add ap_map_http_request_error() * 20120211.47 (2.4.13-dev) Add ap_some_authn_required, ap_force_authn hook. * Deprecate broken ap_some_auth_required. + * 20120211.48 (2.4.17-dev) Added ap_log_mpm_common(). + * 20120211.49 (2.4.17-dev) Add listener bucket in scoreboard.h's process_score. + * 20120211.50 (2.4.17-dev) Add ap_set_listencbratio(), ap_close_listeners_ex(), + * ap_duplicate_listeners(), ap_num_listen_buckets and + * ap_have_so_reuseport to ap_listen.h. + * 20120211.51 (2.4.17-dev) Add protocols and protocols_honor_order to + * core_server_config. Add hooks protocol_propose + * protocol_switch and protocol_get. Add + * ap_select_protocol(), ap_switch_protocol(), + * ap_get_protocol(). Add HTTP_MISDIRECTED_REQUEST. + * Added ap_parse_token_list_strict() to httpd.h */ #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */ @@ -452,7 +463,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20120211 #endif -#define MODULE_MAGIC_NUMBER_MINOR 47 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 51 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a diff --git a/include/ap_release.h b/include/ap_release.h index f7542cf8..0b49ada5 100644 --- a/include/ap_release.h +++ b/include/ap_release.h @@ -43,7 +43,7 @@ #define AP_SERVER_MAJORVERSION_NUMBER 2 #define AP_SERVER_MINORVERSION_NUMBER 4 -#define AP_SERVER_PATCHLEVEL_NUMBER 16 +#define AP_SERVER_PATCHLEVEL_NUMBER 17 #define AP_SERVER_DEVBUILD_BOOLEAN 0 /* Synchronize the above with docs/manual/style/version.ent */ diff --git a/include/http_core.h b/include/http_core.h index 8171823a..6ca53f76 100644 --- a/include/http_core.h +++ b/include/http_core.h @@ -681,6 +681,10 @@ typedef struct { #define AP_MERGE_TRAILERS_DISABLE 2 int merge_trailers; + + + apr_array_header_t *protocols; + int protocols_honor_order; } core_server_config; /* for AddOutputFiltersByType in core.c */ diff --git a/include/http_log.h b/include/http_log.h index bd0faf7f..801dcceb 100644 --- a/include/http_log.h +++ b/include/http_log.h @@ -634,7 +634,7 @@ AP_DECLARE(void) ap_log_rdata(const char *file, int line, int module_index, #ifdef AP_HAVE_C99 /* need additional step to expand APLOG_MARK first */ #define ap_log_rdata(...) ap_log_rdata__(__VA_ARGS__) -#define ap_log_rdata__(file, line, mi, level, s, ...) \ +#define ap_log_rdata__(file, line, mi, level, r, ...) \ do { if (APLOG_R_MODULE_IS_LEVEL(r, mi, level)) \ ap_log_rdata_(file, line, mi, level, r, __VA_ARGS__); \ } while(0) @@ -740,6 +740,13 @@ AP_DECLARE(void) ap_error_log2stderr(server_rec *s); */ AP_DECLARE(void) ap_log_command_line(apr_pool_t *p, server_rec *s); +/** + * Log common (various) MPM shared data at startup. + * @param s The server_rec of the error log we want to log to. + * Misc commonly logged data is logged to that server's error log. + */ +AP_DECLARE(void) ap_log_mpm_common(server_rec *s); + /** * Log the current pid of the parent process * @param p The pool to use for processing diff --git a/include/http_protocol.h b/include/http_protocol.h index ee61b687..64ed0136 100644 --- a/include/http_protocol.h +++ b/include/http_protocol.h @@ -700,6 +700,139 @@ AP_DECLARE_HOOK(const char *,http_scheme,(const request_rec *r)) */ AP_DECLARE_HOOK(apr_port_t,default_port,(const request_rec *r)) + +#define AP_PROTOCOL_HTTP1 "http/1.1" + +/** + * Determine the list of protocols available for a connection/request. This may + * be collected with or without any request sent, in which case the request is + * NULL. Or it may be triggered by the request received, e.g. through the + * "Upgrade" header. + * + * This hook will be run whenever protocols are being negotiated (ALPN as + * one example). It may also be invoked at other times, e.g. when the server + * wants to advertise protocols it is capable of switching to. + * + * The identifiers for protocols are taken from the TLS extension type ALPN: + * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xml + * + * If no protocols are added to the proposals, the server not perform any + * switch. If the protocol selected from the proposals is the protocol + * already in place, also no protocol switch will be invoked. + * + * The client may already have announced the protocols it is willing to + * accept. These will then be listed as offers. This parameter may also + * be NULL, indicating that offers from the client are not known and + * the hooks should propose all protocols that are valid for the + * current connection/request. + * + * All hooks are run, unless one returns an error. Proposals may contain + * duplicates. The order in which proposals are added is usually ignored. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected + * @param offers A list of protocol identifiers offered by the client or + * NULL to indicated that the hooks are free to propose + * @param proposals The list of protocol identifiers proposed by the hooks + * @return OK or DECLINED + */ +AP_DECLARE_HOOK(int,protocol_propose,(conn_rec *c, request_rec *r, + server_rec *s, + const apr_array_header_t *offers, + apr_array_header_t *proposals)) + +/** + * Perform a protocol switch on the connection. The exact requirements for + * that depend on the protocol in place and the one switched to. The first + * protocol module to handle the switch is the last module run. + * + * For a connection level switch (r == NULL), the handler must on return + * leave the conn_rec in a state suitable for processing the switched + * protocol, e.g. correct filters in place. + * + * For a request triggered switch (r != NULL), the protocol switch is done + * before the response is sent out. When switching from "http/1.1" via Upgrade + * header, the 101 intermediate response will have been sent. The + * hook needs then to process the connection until it can be closed. Which + * the server will enforce on hook return. + * Any error the hook might encounter must already be sent by the hook itself + * to the client in whatever form the new protocol requires. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected + * @param choices A list of protocol identifiers, normally the clients whishes + * @param proposals the list of protocol identifiers proposed by the hooks + * @return OK or DECLINED + */ +AP_DECLARE_HOOK(int,protocol_switch,(conn_rec *c, request_rec *r, + server_rec *s, + const char *protocol)) + +/** + * Return the protocol used on the connection. Modules implementing + * protocol switching must register here and return the correct protocol + * identifier for connections they switched. + * + * To find out the protocol for the current connection, better call + * @see ap_get_protocol which internally uses this hook. + * + * @param c The current connection + * @return The identifier of the protocol in place or NULL + */ +AP_DECLARE_HOOK(const char *,protocol_get,(const conn_rec *c)) + +/** + * Select a protocol for the given connection and optional request. Will return + * the protocol identifier selected which may be the protocol already in place + * on the connection. The selected protocol will be NULL if non of the given + * choices could be agreed upon (e.g. no proposal as made). + * + * A special case is where the choices itself is NULL (instead of empty). In + * this case there are no restrictions imposed on protocol selection. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected + * @param choices A list of protocol identifiers, normally the clients whishes + * @return The selected protocol or NULL if no protocol could be agreed upon + */ +AP_DECLARE(const char *) ap_select_protocol(conn_rec *c, request_rec *r, + server_rec *s, + const apr_array_header_t *choices); + +/** + * Perform the actual protocol switch. The protocol given must have been + * selected before on the very same connection and request pair. + * + * @param c The current connection + * @param r The current request or NULL + * @param s The server/virtual host selected + * @param protocol the protocol to switch to + * @return APR_SUCCESS, if caller may continue processing as usual + * APR_EOF, if caller needs to stop processing the connection + * APR_EINVAL, if the protocol is already in place + * APR_NOTIMPL, if no module performed the switch + * Other errors where appropriate + */ +AP_DECLARE(apr_status_t) ap_switch_protocol(conn_rec *c, request_rec *r, + server_rec *s, + const char *protocol); + +/** + * Call the protocol_get hook to determine the protocol currently in use + * for the given connection. + * + * Unless another protocol has been switch to, will default to + * @see AP_PROTOCOL_HTTP1 and modules implementing a new protocol must + * report a switched connection via the protocol_get hook. + * + * @param c The connection to determine the protocol for + * @return the protocol in use, never NULL + */ +AP_DECLARE(const char *) ap_get_protocol(conn_rec *c); + /** @see ap_bucket_type_error */ typedef struct ap_bucket_error ap_bucket_error; diff --git a/include/http_request.h b/include/http_request.h index fabb4c84..3d0b143e 100644 --- a/include/http_request.h +++ b/include/http_request.h @@ -315,7 +315,7 @@ AP_DECLARE(void) ap_allow_standard_methods(request_rec *r, int reset, ...); * the response to the client * @param r The current request */ -void ap_process_request(request_rec *r); +AP_DECLARE(void) ap_process_request(request_rec *r); /* For post-processing after a handler has finished with a request. * (Commonly used after it was suspended) diff --git a/include/httpd.h b/include/httpd.h index 64ab325d..4204cd04 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -518,6 +518,7 @@ AP_DECLARE(const char *) ap_get_server_built(void); #define HTTP_UNSUPPORTED_MEDIA_TYPE 415 #define HTTP_RANGE_NOT_SATISFIABLE 416 #define HTTP_EXPECTATION_FAILED 417 +#define HTTP_MISDIRECTED_REQUEST 421 #define HTTP_UNPROCESSABLE_ENTITY 422 #define HTTP_LOCKED 423 #define HTTP_FAILED_DEPENDENCY 424 @@ -1548,6 +1549,23 @@ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, const char *t */ AP_DECLARE(int) ap_find_etag_strong(apr_pool_t *p, const char *line, const char *tok); +/** + * Retrieve an array of tokens in the format "1#token" defined in RFC2616. Only + * accepts ',' as a delimiter, does not accept quoted strings, and errors on + * any separator. + * @param p The pool to allocate from + * @param tok The line to read tokens from + * @param tokens Pointer to an array of tokens. If not NULL, must be an array + * of char*, otherwise it will be allocated on @a p when a token is found + * @param skip_invalid If true, when an invalid separator is encountered, it + * will be ignored. + * @return NULL on success, an error string otherwise. + * @remark *tokens may be NULL on output if NULL in input and no token is found + */ +AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p, const char *tok, + apr_array_header_t **tokens, + int skip_invalid); + /** * Retrieve a token, spacing over it and adjusting the pointer to * the first non-white byte afterwards. Note that these tokens @@ -1644,7 +1662,7 @@ AP_DECLARE(char *) ap_escape_path_segment(apr_pool_t *p, const char *s); AP_DECLARE(char *) ap_escape_path_segment_buffer(char *c, const char *s); /** - * convert an OS path to a URL in an OS dependant way. + * convert an OS path to a URL in an OS dependent way. * @param p The pool to allocate from * @param path The path to convert * @param partial if set, assume that the path will be appended to something @@ -1769,7 +1787,7 @@ AP_DECLARE(char *) ap_make_dirstr_parent(apr_pool_t *p, const char *s); AP_DECLARE(char *) ap_make_full_path(apr_pool_t *a, const char *dir, const char *f); /** - * Test if the given path has an an absolute path. + * Test if the given path has an absolute path. * @param p The pool to allocate from * @param dir The directory name * @note The converse is not necessarily true, some OS's (Win32/OS2/Netware) have @@ -2265,6 +2283,28 @@ AP_DECLARE(char *) ap_get_exec_line(apr_pool_t *p, #define AP_NORESTART APR_OS_START_USEERR + 1 +/** + * Get the first index of the string in the array or -1 if not found. Start + * searching a start. + * @param array The array the check + * @param s The string to find + * @param start Start index for search. If start is out of bounds (negative or + equal to array length or greater), -1 will be returned. + * @return index of string in array or -1 + */ +AP_DECLARE(int) ap_array_str_index(const apr_array_header_t *array, + const char *s, + int start); + +/** + * Check if the string is member of the given array by strcmp. + * @param array The array the check + * @param s The string to find + * @return !=0 iff string is member of array (via strcmp) + */ +AP_DECLARE(int) ap_array_str_contains(const apr_array_header_t *array, + const char *s); + #ifdef __cplusplus } #endif diff --git a/include/scoreboard.h b/include/scoreboard.h index d218545a..99d6ba74 100644 --- a/include/scoreboard.h +++ b/include/scoreboard.h @@ -142,6 +142,7 @@ struct process_score { apr_uint32_t lingering_close; /* async connections in lingering close */ apr_uint32_t keep_alive; /* async connections in keep alive */ apr_uint32_t suspended; /* connections suspended by some module */ + int bucket; /* Listener bucket used by this child */ }; /* Scoreboard is now in 'local' memory, since it isn't updated once created, diff --git a/modules/NWGNUmakefile b/modules/NWGNUmakefile index 6e8113d4..337d6f6d 100644 --- a/modules/NWGNUmakefile +++ b/modules/NWGNUmakefile @@ -5,7 +5,8 @@ # variable WITH_SSL=1 # To build with the mod_lua module set the environment # variable WITH_LUA=1 - +# To build with the mod_http2 module set the environment +# variable WITH_HTTP2=1 # # Check if LDAP is enabled in APR-UTIL # @@ -72,6 +73,13 @@ SUBDIRS += lua endif endif +# Allow the mod_http2 module to be built if WITH_HTTP2 is defined +ifeq "$(WITH_HTTP2)" "1" +ifneq "$(NGH2SRC)" "" +SUBDIRS += http2 +endif +endif + # Allow the experimental modules to be built if WITH_EXPERIMENTAL is defined ifeq "$(WITH_EXPERIMENTAL)" "1" SUBDIRS += experimental diff --git a/modules/README b/modules/README index f11ad42f..2dee0795 100644 --- a/modules/README +++ b/modules/README @@ -41,6 +41,9 @@ generators/ http/ This directory houses modules that basic HTTP protocol implementation. +http2/ + This directory houses modules that provide HTTP/2 protocol implementation. + loggers/ This directory houses modules that handle logging functions. diff --git a/modules/aaa/mod_authn_core.c b/modules/aaa/mod_authn_core.c index 1f1163ec..7af12655 100644 --- a/modules/aaa/mod_authn_core.c +++ b/modules/aaa/mod_authn_core.c @@ -108,7 +108,7 @@ static authn_status authn_alias_check_password(request_rec *r, const char *user, const char *password) { /* Look up the provider alias in the alias list */ - /* Get the the dir_config and call ap_Merge_per_dir_configs() */ + /* Get the dir_config and call ap_Merge_per_dir_configs() */ /* Call the real provider->check_password() function */ /* return the result of the above function call */ @@ -140,7 +140,7 @@ static authn_status authn_alias_get_realm_hash(request_rec *r, const char *user, const char *realm, char **rethash) { /* Look up the provider alias in the alias list */ - /* Get the the dir_config and call ap_Merge_per_dir_configs() */ + /* Get the dir_config and call ap_Merge_per_dir_configs() */ /* Call the real provider->get_realm_hash() function */ /* return the result of the above function call */ diff --git a/modules/aaa/mod_authz_core.c b/modules/aaa/mod_authz_core.c index d70e6965..b669c8c8 100644 --- a/modules/aaa/mod_authz_core.c +++ b/modules/aaa/mod_authz_core.c @@ -196,7 +196,7 @@ static authz_status authz_alias_check_authorization(request_rec *r, authz_status ret = AUTHZ_DENIED; /* Look up the provider alias in the alias list. - * Get the the dir_config and call ap_Merge_per_dir_configs() + * Get the dir_config and call ap_Merge_per_dir_configs() * Call the real provider->check_authorization() function * return the result of the above function call */ diff --git a/modules/aaa/mod_authz_dbd.c b/modules/aaa/mod_authz_dbd.c index a165eb0e..628a165d 100644 --- a/modules/aaa/mod_authz_dbd.c +++ b/modules/aaa/mod_authz_dbd.c @@ -126,6 +126,13 @@ static int authz_dbd_login(request_rec *r, authz_dbd_cfg *cfg, "No query configured for %s!", action); return HTTP_INTERNAL_SERVER_ERROR; } + if (dbd == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02902) + "No db handle available for %s! " + "Check your database access", + action); + return HTTP_INTERNAL_SERVER_ERROR; + } query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING); if (query == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01643) @@ -212,6 +219,12 @@ static int authz_dbd_group_query(request_rec *r, authz_dbd_cfg *cfg, "No query configured for dbd-group!"); return HTTP_INTERNAL_SERVER_ERROR; } + if (dbd == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02903) + "No db handle available for dbd-query! " + "Check your database access"); + return HTTP_INTERNAL_SERVER_ERROR; + } query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING); if (query == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01650) diff --git a/modules/arch/netware/mod_netware.c b/modules/arch/netware/mod_netware.c index b34a5222..f873827e 100644 --- a/modules/arch/netware/mod_netware.c +++ b/modules/arch/netware/mod_netware.c @@ -137,8 +137,9 @@ static apr_status_t ap_cgi_build_command(const char **cmd, const char ***argv, } /* eliminate the '.' if there is one */ - if (*ext == '.') + if (*ext == '.') { ++ext; + } /* check if we have a registered command for the extension*/ new_cmd = apr_table_get(d->file_type_handlers, ext); @@ -154,8 +155,9 @@ static apr_status_t ap_cgi_build_command(const char **cmd, const char ***argv, *cmd = apr_pstrcat (p, new_cmd, " ", cmd_only, NULL); /* Run in its own address space if specified */ - if(apr_table_get(d->file_handler_mode, ext)) + if (apr_table_get(d->file_handler_mode, ext)) { e_info->addrspace = 1; + } } /* Tokenize the full command string into its arguments */ diff --git a/modules/arch/win32/mod_isapi.c b/modules/arch/win32/mod_isapi.c index ce0875a5..ec0d35e7 100644 --- a/modules/arch/win32/mod_isapi.c +++ b/modules/arch/win32/mod_isapi.c @@ -1415,7 +1415,7 @@ static apr_status_t isapi_handler (request_rec *r) apr_uint32_t read; int res; - if(strcmp(r->handler, "isapi-isa") + if (strcmp(r->handler, "isapi-isa") && strcmp(r->handler, "isapi-handler")) { /* Hang on to the isapi-isa for compatibility with older docs * (wtf did '-isa' mean in the first place?) but introduce diff --git a/modules/cache/NWGNUcach_socache b/modules/cache/NWGNUcach_socache index f7ed0e43..68b3cd9f 100644 --- a/modules/cache/NWGNUcach_socache +++ b/modules/cache/NWGNUcach_socache @@ -26,6 +26,7 @@ XINCDIRS += \ $(APR)/include \ $(APRUTIL)/include \ $(SRC)/include \ + $(STDMOD)/generators \ $(SERVER)/mpm/netware \ $(NWOS) \ $(EOLIST) diff --git a/modules/cache/NWGNUsocachdbm b/modules/cache/NWGNUsocachdbm index dc06af7d..f6739242 100644 --- a/modules/cache/NWGNUsocachdbm +++ b/modules/cache/NWGNUsocachdbm @@ -28,6 +28,7 @@ XINCDIRS += \ $(AP_WORK)/include \ $(AP_WORK)/server/mpm/netware \ $(NWOS) \ + $(STDMOD)/generators \ $(EOLIST) # diff --git a/modules/cache/NWGNUsocachshmcb b/modules/cache/NWGNUsocachshmcb index 8f11c4b6..bc1850ed 100644 --- a/modules/cache/NWGNUsocachshmcb +++ b/modules/cache/NWGNUsocachshmcb @@ -28,6 +28,7 @@ XINCDIRS += \ $(AP_WORK)/include \ $(AP_WORK)/server/mpm/netware \ $(NWOS) \ + $(STDMOD)/generators \ $(EOLIST) # diff --git a/modules/cache/cache_storage.c b/modules/cache/cache_storage.c index 234eb9bb..59d12aca 100644 --- a/modules/cache/cache_storage.c +++ b/modules/cache/cache_storage.c @@ -50,7 +50,7 @@ int cache_remove_url(cache_request_rec *cache, request_rec *r) "cache: Removing url %s from the cache", h->cache_obj->key); /* for each specified cache type, delete the URL */ - while(list) { + while (list) { list->provider->remove_url(h, r); list = list->next; } diff --git a/modules/cache/cache_util.c b/modules/cache/cache_util.c index b7454ad6..070a5f0d 100644 --- a/modules/cache/cache_util.c +++ b/modules/cache/cache_util.c @@ -1254,7 +1254,6 @@ apr_table_t *cache_merge_headers_out(request_rec *r) headers_out = apr_table_overlay(r->pool, r->headers_out, r->err_headers_out); - apr_table_clear(r->err_headers_out); if (r->content_type && !apr_table_get(headers_out, "Content-Type")) { diff --git a/modules/cache/cache_util.h b/modules/cache/cache_util.h index 5f296bc7..59436c42 100644 --- a/modules/cache/cache_util.h +++ b/modules/cache/cache_util.h @@ -264,7 +264,7 @@ int cache_check_freshness(cache_handle_t *h, cache_request_rec *cache, * Try obtain a cache wide lock on the given cache key. * * If we return APR_SUCCESS, we obtained the lock, and we are clear to - * proceed to the backend. If we return APR_EEXISTS, the the lock is + * proceed to the backend. If we return APR_EEXISTS, then the lock is * already locked, someone else has gone to refresh the backend data * already, so we must return stale data with a warning in the mean * time. If we return anything else, then something has gone pear diff --git a/modules/cache/config.m4 b/modules/cache/config.m4 index b9799b76..8115094d 100644 --- a/modules/cache/config.m4 +++ b/modules/cache/config.m4 @@ -34,7 +34,7 @@ dnl dnl Configure for the detected distcache installation, giving dnl preference to "--with-distcache=" if it was specified. dnl -AC_DEFUN(APACHE_CHECK_DISTCACHE,[ +AC_DEFUN([APACHE_CHECK_DISTCACHE],[ if test "x$ap_distcache_configured" = "x"; then dnl initialise the variables we use ap_distcache_found="" diff --git a/modules/cache/mod_cache.c b/modules/cache/mod_cache.c index b95f0a8a..091d5270 100644 --- a/modules/cache/mod_cache.c +++ b/modules/cache/mod_cache.c @@ -1452,6 +1452,7 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in) * forward all of them to the client, including non-cacheable ones). */ r->headers_out = cache_merge_headers_out(r); + apr_table_clear(r->err_headers_out); /* Merge in our cached headers. However, keep any updated values. */ /* take output, overlay on top of cached */ diff --git a/modules/cache/mod_cache_disk.c b/modules/cache/mod_cache_disk.c index ddf64314..14dee81f 100644 --- a/modules/cache/mod_cache_disk.c +++ b/modules/cache/mod_cache_disk.c @@ -185,7 +185,8 @@ static apr_status_t file_cache_el_final(disk_cache_conf *conf, disk_cache_file_t return rv; } -static apr_status_t file_cache_temp_cleanup(void *dummy) { +static apr_status_t file_cache_temp_cleanup(void *dummy) +{ disk_cache_file_t *file = (disk_cache_file_t *)dummy; /* clean up the temporary file */ @@ -293,7 +294,7 @@ static const char* regen_key(apr_pool_t *p, apr_table_t *headers, * quoted-string expectation-extensions. */ - for(i=0, k=0; i < varray->nelts; i++) { + for (i=0, k=0; i < varray->nelts; i++) { header = apr_table_get(headers, elts[i]); if (!header) { header = ""; @@ -738,7 +739,7 @@ static apr_status_t read_array(request_rec *r, apr_array_header_t* arr, break; } - *((const char **) apr_array_push(arr)) = apr_pstrdup(r->pool, w); + *((const char **) apr_array_push(arr)) = apr_pstrdup(r->pool, w); } return APR_SUCCESS; @@ -1045,7 +1046,7 @@ static apr_status_t write_headers(cache_handle_t *h, request_rec *r) APR_BUFFERED | APR_EXCL, dobj->hdrs.pool); if (rv != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_WARNING, rv, r, APLOGNO(00725) + ap_log_rerror(APLOG_MARK, APLOG_WARNING, rv, r, APLOGNO(00725) "could not create header file %s", dobj->hdrs.tempfile); return rv; @@ -1332,7 +1333,7 @@ static apr_status_t commit_entity(cache_handle_t *h, request_rec *r) if (!dobj->disk_info.header_only) { rv = file_cache_el_final(conf, &dobj->data, r); } - else if (dobj->data.file){ + else if (dobj->data.file) { rv = apr_file_remove(dobj->data.file, dobj->data.pool); } } @@ -1382,7 +1383,8 @@ static void *create_dir_config(apr_pool_t *p, char *dummy) return dconf; } -static void *merge_dir_config(apr_pool_t *p, void *basev, void *addv) { +static void *merge_dir_config(apr_pool_t *p, void *basev, void *addv) +{ disk_cache_dir_conf *new = (disk_cache_dir_conf *) apr_pcalloc(p, sizeof(disk_cache_dir_conf)); disk_cache_dir_conf *add = (disk_cache_dir_conf *) addv; disk_cache_dir_conf *base = (disk_cache_dir_conf *) basev; diff --git a/modules/cache/mod_cache_socache.c b/modules/cache/mod_cache_socache.c index c5b49ab9..6761bf7e 100644 --- a/modules/cache/mod_cache_socache.c +++ b/modules/cache/mod_cache_socache.c @@ -191,7 +191,6 @@ static apr_status_t read_table(cache_handle_t *handle, request_rec *r, apr_size_t *slider) { apr_size_t key = *slider, colon = 0, len = 0; - ; while (*slider < buffer_len) { if (buffer[*slider] == ':') { diff --git a/modules/cache/mod_socache_memcache.c b/modules/cache/mod_socache_memcache.c index 8cabd8a5..e1fb2357 100644 --- a/modules/cache/mod_socache_memcache.c +++ b/modules/cache/mod_socache_memcache.c @@ -51,9 +51,15 @@ #endif #ifndef MC_DEFAULT_SERVER_TTL -#define MC_DEFAULT_SERVER_TTL 600 +#define MC_DEFAULT_SERVER_TTL apr_time_from_sec(15) #endif +module AP_MODULE_DECLARE_DATA socache_memcache_module; + +typedef struct { + apr_uint32_t ttl; +} socache_mc_svr_cfg; + struct ap_socache_instance_t { const char *servers; apr_memcache_t *mc; @@ -90,6 +96,9 @@ static apr_status_t socache_mc_init(ap_socache_instance_t *ctx, char *split; char *tok; + socache_mc_svr_cfg *sconf = ap_get_module_config(s->module_config, + &socache_memcache_module); + ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit); /* Find all the servers in the first run to get a total count */ @@ -140,7 +149,7 @@ static apr_status_t socache_mc_init(ap_socache_instance_t *ctx, MC_DEFAULT_SERVER_MIN, MC_DEFAULT_SERVER_SMAX, thread_limit, - MC_DEFAULT_SERVER_TTL, + sconf->ttl, &st); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s, APLOGNO(00788) @@ -304,6 +313,38 @@ static const ap_socache_provider_t socache_mc = { #endif /* HAVE_APU_MEMCACHE */ +static void *create_server_config(apr_pool_t *p, server_rec *s) +{ + socache_mc_svr_cfg *sconf = apr_pcalloc(p, sizeof(socache_mc_svr_cfg)); + + sconf->ttl = MC_DEFAULT_SERVER_TTL; + + return sconf; +} + +static const char *socache_mc_set_ttl(cmd_parms *cmd, void *dummy, + const char *arg) +{ + apr_interval_time_t ttl; + socache_mc_svr_cfg *sconf = ap_get_module_config(cmd->server->module_config, + &socache_memcache_module); + + if (ap_timeout_parameter_parse(arg, &ttl, "s") != APR_SUCCESS) { + return apr_pstrcat(cmd->pool, cmd->cmd->name, + " has wrong format", NULL); + } + + if ((ttl < apr_time_from_sec(0)) || (ttl > apr_time_from_sec(3600))) { + return apr_pstrcat(cmd->pool, cmd->cmd->name, + " can only be 0 or up to one hour.", NULL); + } + + /* apr_memcache_server_create needs a ttl in usec. */ + sconf->ttl = ttl; + + return NULL; +} + static void register_hooks(apr_pool_t *p) { #ifdef HAVE_APU_MEMCACHE @@ -313,8 +354,18 @@ static void register_hooks(apr_pool_t *p) #endif } +static const command_rec socache_memcache_cmds[] = { + AP_INIT_TAKE1("MemcacheConnTTL", socache_mc_set_ttl, NULL, RSRC_CONF, + "TTL used for the connection with the memcache server(s)"), + { NULL } +}; + AP_DECLARE_MODULE(socache_memcache) = { STANDARD20_MODULE_STUFF, - NULL, NULL, NULL, NULL, NULL, - register_hooks + NULL, /* create per-dir config structures */ + NULL, /* merge per-dir config structures */ + create_server_config, /* create per-server config structures */ + NULL, /* merge per-server config structures */ + socache_memcache_cmds, /* table of config file commands */ + register_hooks /* register hooks */ }; diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c index 6b724eb2..ec484ac9 100644 --- a/modules/core/mod_macro.c +++ b/modules/core/mod_macro.c @@ -14,10 +14,6 @@ * limitations under the License. */ -/* - $Id: mod_macro.c 1663260 2015-03-02 11:12:18Z jim $ -*/ - #include "httpd.h" #include "http_config.h" #include "http_log.h" diff --git a/modules/core/test/Makefile b/modules/core/test/Makefile old mode 100755 new mode 100644 index 8ebb1a9e..bd2a6cb0 --- a/modules/core/test/Makefile +++ b/modules/core/test/Makefile @@ -1,6 +1,4 @@ # -# $Id: Makefile 1435811 2013-01-20 10:07:44Z fabien $ -# # mod_macro non regression tests # where is apache diff --git a/modules/core/test/conf/test01.conf b/modules/core/test/conf/test01.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test02.conf b/modules/core/test/conf/test02.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test03.conf b/modules/core/test/conf/test03.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test04.conf b/modules/core/test/conf/test04.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test05.conf b/modules/core/test/conf/test05.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test06.conf b/modules/core/test/conf/test06.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test07.conf b/modules/core/test/conf/test07.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test08.conf b/modules/core/test/conf/test08.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test09.conf b/modules/core/test/conf/test09.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test10.conf b/modules/core/test/conf/test10.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test11.conf b/modules/core/test/conf/test11.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test12.conf b/modules/core/test/conf/test12.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test13.conf b/modules/core/test/conf/test13.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test14.conf b/modules/core/test/conf/test14.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test15.conf b/modules/core/test/conf/test15.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test16.conf b/modules/core/test/conf/test16.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test17.conf b/modules/core/test/conf/test17.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test18.conf b/modules/core/test/conf/test18.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test19.conf b/modules/core/test/conf/test19.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test20.conf b/modules/core/test/conf/test20.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test21.conf b/modules/core/test/conf/test21.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test22.conf b/modules/core/test/conf/test22.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test23.conf b/modules/core/test/conf/test23.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test24.conf b/modules/core/test/conf/test24.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test25.conf b/modules/core/test/conf/test25.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test26.conf b/modules/core/test/conf/test26.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test27.conf b/modules/core/test/conf/test27.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test28.conf b/modules/core/test/conf/test28.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test29.conf b/modules/core/test/conf/test29.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test30.conf b/modules/core/test/conf/test30.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test31.conf b/modules/core/test/conf/test31.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test32.conf b/modules/core/test/conf/test32.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test33.conf b/modules/core/test/conf/test33.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test34.conf b/modules/core/test/conf/test34.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test35.conf b/modules/core/test/conf/test35.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test36.conf b/modules/core/test/conf/test36.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test37.conf b/modules/core/test/conf/test37.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test38.conf b/modules/core/test/conf/test38.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test39.conf b/modules/core/test/conf/test39.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test40.conf b/modules/core/test/conf/test40.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test41.conf b/modules/core/test/conf/test41.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test42.conf b/modules/core/test/conf/test42.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test43.conf b/modules/core/test/conf/test43.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test44.conf b/modules/core/test/conf/test44.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test45.conf b/modules/core/test/conf/test45.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test46.conf b/modules/core/test/conf/test46.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test47.conf b/modules/core/test/conf/test47.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test48.conf b/modules/core/test/conf/test48.conf old mode 100755 new mode 100644 diff --git a/modules/core/test/conf/test53.conf b/modules/core/test/conf/test53.conf old mode 100755 new mode 100644 diff --git a/modules/dav/lock/locks.c b/modules/dav/lock/locks.c index ccf972d3..17b9ee69 100644 --- a/modules/dav/lock/locks.c +++ b/modules/dav/lock/locks.c @@ -465,11 +465,11 @@ static dav_error * dav_generic_save_lock_record(dav_lockdb *lockdb, return NULL; } - while(dp) { + while (dp) { val.dsize += dav_size_direct(dp); dp = dp->next; } - while(ip) { + while (ip) { val.dsize += dav_size_indirect(ip); ip = ip->next; } @@ -480,7 +480,7 @@ static dav_error * dav_generic_save_lock_record(dav_lockdb *lockdb, dp = direct; ip = indirect; - while(dp) { + while (dp) { /* Direct lock - lock_discovery struct follows */ *ptr++ = DAV_LOCK_DIRECT; memcpy(ptr, dp, sizeof(dp->f)); /* Fixed portion of struct */ @@ -505,7 +505,7 @@ static dav_error * dav_generic_save_lock_record(dav_lockdb *lockdb, dp = dp->next; } - while(ip) { + while (ip) { /* Indirect lock prefix */ *ptr++ = DAV_LOCK_INDIRECT; diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c index 2319549a..cd45ef94 100644 --- a/modules/dav/main/mod_dav.c +++ b/modules/dav/main/mod_dav.c @@ -254,7 +254,7 @@ static const char *dav_cmd_dav(cmd_parms *cmd, void *config, const char *arg1) conf->provider = NULL; } else { - conf->provider_name = apr_pstrdup(cmd->pool, arg1); + conf->provider_name = arg1; } if (conf->provider_name != NULL) { diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c index 3d4b1ec3..8d4f64a2 100644 --- a/modules/dav/main/util.c +++ b/modules/dav/main/util.c @@ -1823,10 +1823,11 @@ DAV_DECLARE(void) dav_add_vary_header(request_rec *in_req, * so only do this check if there is a versioning provider */ if (vsn_hooks != NULL) { const char *target = apr_table_get(in_req->headers_in, DAV_LABEL_HDR); - const char *vary = apr_table_get(out_req->headers_out, "Vary"); /* If Target-Selector specified, add it to the Vary header */ if (target != NULL) { + const char *vary = apr_table_get(out_req->headers_out, "Vary"); + if (vary == NULL) vary = DAV_LABEL_HDR; else diff --git a/modules/examples/mod_case_filter_in.c b/modules/examples/mod_case_filter_in.c index 7200765b..5116e3b9 100644 --- a/modules/examples/mod_case_filter_in.c +++ b/modules/examples/mod_case_filter_in.c @@ -99,7 +99,7 @@ static apr_status_t CaseFilterInFilter(ap_filter_t *f, * for a file or socket buffer, for example... */ - if(APR_BUCKET_IS_EOS(pbktIn)) { + if (APR_BUCKET_IS_EOS(pbktIn)) { APR_BUCKET_REMOVE(pbktIn); APR_BRIGADE_INSERT_TAIL(pbbOut, pbktIn); break; diff --git a/modules/filters/config.m4 b/modules/filters/config.m4 index abcec1bd..60917eda 100644 --- a/modules/filters/config.m4 +++ b/modules/filters/config.m4 @@ -96,7 +96,7 @@ APACHE_MODULE(deflate, Deflate transfer encoding support, , , most, [ fi ]) -AC_DEFUN(FIND_LIBXML2, [ +AC_DEFUN([FIND_LIBXML2], [ AC_CACHE_CHECK([for libxml2], [ac_cv_libxml2], [ AC_ARG_WITH(libxml2, [APACHE_HELP_STRING(--with-libxml2=PATH,location for libxml2)], diff --git a/modules/filters/mod_buffer.c b/modules/filters/mod_buffer.c index 8140af5d..203e6724 100644 --- a/modules/filters/mod_buffer.c +++ b/modules/filters/mod_buffer.c @@ -52,7 +52,8 @@ typedef struct buffer_ctx { /** * Buffer buckets being written to the output filter stack. */ -static apr_status_t buffer_out_filter(ap_filter_t *f, apr_bucket_brigade *bb) { +static apr_status_t buffer_out_filter(ap_filter_t *f, apr_bucket_brigade *bb) +{ apr_bucket *e; request_rec *r = f->r; buffer_ctx *ctx = f->ctx; @@ -74,7 +75,6 @@ static apr_status_t buffer_out_filter(ap_filter_t *f, apr_bucket_brigade *bb) { ctx = f->ctx = apr_pcalloc(r->pool, sizeof(*ctx)); ctx->bb = apr_brigade_create(r->pool, f->c->bucket_alloc); ctx->conf = ap_get_module_config(f->r->per_dir_config, &buffer_module); - } /* Do nothing if asked to filter nothing. */ @@ -187,7 +187,8 @@ static apr_status_t buffer_out_filter(ap_filter_t *f, apr_bucket_brigade *bb) { * Buffer buckets being read from the input filter stack. */ static apr_status_t buffer_in_filter(ap_filter_t *f, apr_bucket_brigade *bb, - ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes) { + ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes) +{ apr_bucket *e, *after; apr_status_t rv; buffer_ctx *ctx = f->ctx; @@ -294,7 +295,8 @@ static apr_status_t buffer_in_filter(ap_filter_t *f, apr_bucket_brigade *bb, return APR_SUCCESS; } -static void *create_buffer_config(apr_pool_t *p, char *dummy) { +static void *create_buffer_config(apr_pool_t *p, char *dummy) +{ buffer_conf *new = (buffer_conf *) apr_pcalloc(p, sizeof(buffer_conf)); new->size_set = 0; /* unset */ @@ -303,7 +305,8 @@ static void *create_buffer_config(apr_pool_t *p, char *dummy) { return (void *) new; } -static void *merge_buffer_config(apr_pool_t *p, void *basev, void *addv) { +static void *merge_buffer_config(apr_pool_t *p, void *basev, void *addv) +{ buffer_conf *new = (buffer_conf *) apr_pcalloc(p, sizeof(buffer_conf)); buffer_conf *add = (buffer_conf *) addv; buffer_conf *base = (buffer_conf *) basev; @@ -314,7 +317,8 @@ static void *merge_buffer_config(apr_pool_t *p, void *basev, void *addv) { return new; } -static const char *set_buffer_size(cmd_parms *cmd, void *dconf, const char *arg) { +static const char *set_buffer_size(cmd_parms *cmd, void *dconf, const char *arg) +{ buffer_conf *conf = dconf; if (APR_SUCCESS != apr_strtoff(&(conf->size), arg, NULL, 10) || conf->size @@ -330,7 +334,8 @@ static const command_rec buffer_cmds[] = { AP_INIT_TAKE1("BufferSize", set_buffer_size, NULL, ACCESS_CONF, "Maximum size of the buffer used by the buffer filter"), { NULL } }; -static void register_hooks(apr_pool_t *p) { +static void register_hooks(apr_pool_t *p) +{ ap_register_output_filter(bufferFilterName, buffer_out_filter, NULL, AP_FTYPE_CONTENT_SET); ap_register_input_filter(bufferFilterName, buffer_in_filter, NULL, diff --git a/modules/filters/mod_charset_lite.c b/modules/filters/mod_charset_lite.c index e05517b8..d991c12b 100644 --- a/modules/filters/mod_charset_lite.c +++ b/modules/filters/mod_charset_lite.c @@ -1026,7 +1026,7 @@ static apr_status_t xlate_in_filter(ap_filter_t *f, apr_bucket_brigade *bb, * Content-Length can't be unset here because that would break * being able to read the request body. * Processing of chunked request bodies is not impacted by this - * filter since the the length was not declared anyway. + * filter since the length was not declared anyway. */ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, f->r, "Request body length may change, resulting in " diff --git a/modules/filters/mod_deflate.c b/modules/filters/mod_deflate.c index 0b38e9a3..60a136c0 100644 --- a/modules/filters/mod_deflate.c +++ b/modules/filters/mod_deflate.c @@ -62,9 +62,9 @@ typedef struct deflate_filter_config_t int memlevel; int compressionlevel; apr_size_t bufferSize; - char *note_ratio_name; - char *note_input_name; - char *note_output_name; + const char *note_ratio_name; + const char *note_input_name; + const char *note_output_name; } deflate_filter_config; typedef struct deflate_dirconf_t { @@ -261,16 +261,16 @@ static const char *deflate_set_note(cmd_parms *cmd, void *dummy, &deflate_module); if (arg2 == NULL) { - c->note_ratio_name = apr_pstrdup(cmd->pool, arg1); + c->note_ratio_name = arg1; } else if (!strcasecmp(arg1, "ratio")) { - c->note_ratio_name = apr_pstrdup(cmd->pool, arg2); + c->note_ratio_name = arg2; } else if (!strcasecmp(arg1, "input")) { - c->note_input_name = apr_pstrdup(cmd->pool, arg2); + c->note_input_name = arg2; } else if (!strcasecmp(arg1, "output")) { - c->note_output_name = apr_pstrdup(cmd->pool, arg2); + c->note_output_name = arg2; } else { return apr_psprintf(cmd->pool, "Unknown note type %s", arg1); diff --git a/modules/filters/mod_ext_filter.c b/modules/filters/mod_ext_filter.c index 4f97acae..9f183f69 100644 --- a/modules/filters/mod_ext_filter.c +++ b/modules/filters/mod_ext_filter.c @@ -635,7 +635,7 @@ static apr_status_t init_filter_instance(ap_filter_t *f) /* drain_available_output(): * * if any data is available from the filter, read it and append it - * to the the bucket brigade + * to the bucket brigade */ static apr_status_t drain_available_output(ap_filter_t *f, apr_bucket_brigade *bb) diff --git a/modules/filters/mod_filter.c b/modules/filters/mod_filter.c index bd2cf7ac..d3a8b2be 100644 --- a/modules/filters/mod_filter.c +++ b/modules/filters/mod_filter.c @@ -351,7 +351,7 @@ static const char *filter_protocol(cmd_parms *cmd, void *CFG, const char *fname, } else { /* Find provider */ - for (provider = filter->providers; provider; provider = provider->next){ + for (provider = filter->providers; provider; provider = provider->next) { if (!strcasecmp(provider->frec->name, pname)) { break; } diff --git a/modules/filters/mod_include.c b/modules/filters/mod_include.c index e8d8ea78..843da952 100644 --- a/modules/filters/mod_include.c +++ b/modules/filters/mod_include.c @@ -1949,7 +1949,7 @@ static apr_status_t handle_echo(include_ctx_t *ctx, ap_filter_t *f, d = apr_pstrdup(ctx->pool, decoding); token = apr_strtok(d, ", \t", &last); - while(token) { + while (token) { if (!strcasecmp(token, "none")) { /* do nothing */ } @@ -1985,7 +1985,7 @@ static apr_status_t handle_echo(include_ctx_t *ctx, ap_filter_t *f, e = apr_pstrdup(ctx->pool, encoding); token = apr_strtok(e, ", \t", &last); - while(token) { + while (token) { if (!strcasecmp(token, "none")) { /* do nothing */ } @@ -2587,7 +2587,7 @@ static apr_status_t handle_set(include_ctx_t *ctx, ap_filter_t *f, d = apr_pstrdup(ctx->pool, decoding); token = apr_strtok(d, ", \t", &last); - while(token) { + while (token) { if (!strcasecmp(token, "none")) { /* do nothing */ } @@ -2623,7 +2623,7 @@ static apr_status_t handle_set(include_ctx_t *ctx, ap_filter_t *f, e = apr_pstrdup(ctx->pool, encoding); token = apr_strtok(e, ", \t", &last); - while(token) { + while (token) { if (!strcasecmp(token, "none")) { /* do nothing */ } @@ -3725,7 +3725,7 @@ static apr_status_t send_parsed_content(ap_filter_t *f, apr_bucket_brigade *bb) } /* switch(ctx->state) */ - } /* while(brigade) */ + } /* while (brigade) */ /* End of stream. Final cleanup */ if (intern->seen_eos) { @@ -4138,13 +4138,13 @@ static const char *set_default_time_fmt(cmd_parms *cmd, void *mconfig, */ static int include_post_config(apr_pool_t *p, apr_pool_t *plog, - apr_pool_t *ptemp, server_rec *s) + apr_pool_t *ptemp, server_rec *s) { include_handlers = apr_hash_make(p); ssi_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_include_handler); - if(ssi_pfn_register) { + if (ssi_pfn_register) { ssi_pfn_register("if", handle_if); ssi_pfn_register("set", handle_set); ssi_pfn_register("else", handle_else); diff --git a/modules/filters/mod_reqtimeout.c b/modules/filters/mod_reqtimeout.c index bc778996..206e6217 100644 --- a/modules/filters/mod_reqtimeout.c +++ b/modules/filters/mod_reqtimeout.c @@ -479,7 +479,8 @@ static void *reqtimeout_merge_srv_config(apr_pool_t *p, void *base_, void *add_) return cfg; } -static const char *parse_int(apr_pool_t *p, const char *arg, int *val) { +static const char *parse_int(apr_pool_t *p, const char *arg, int *val) +{ char *endptr; *val = strtol(arg, &endptr, 10); diff --git a/modules/filters/mod_request.c b/modules/filters/mod_request.c index 9cbde0a9..21db7de3 100644 --- a/modules/filters/mod_request.c +++ b/modules/filters/mod_request.c @@ -178,7 +178,8 @@ typedef struct kept_body_filter_ctx { * been removed from the body during storage. We need to change the request * from Transfer-Encoding: chunked to an explicit Content-Length. */ -static int kept_body_filter_init(ap_filter_t *f) { +static int kept_body_filter_init(ap_filter_t *f) +{ apr_off_t length = 0; request_rec *r = f->r; apr_bucket_brigade *kept_body = r->kept_body; diff --git a/modules/filters/mod_sed.c b/modules/filters/mod_sed.c index dd776c48..c49bad28 100644 --- a/modules/filters/mod_sed.c +++ b/modules/filters/mod_sed.c @@ -312,7 +312,7 @@ static apr_status_t sed_response_filter(ap_filter_t *f, * evaluation is allocated on request's pool so it will be cleared once * request is over. * - * If flush bucket is found then append the the flush bucket to ctx->bb + * If flush bucket is found then append the flush bucket to ctx->bb * and pass it to next filter. There may be some data which will still be * in sed's internal buffer which can't be flushed until new line * character is arrived. @@ -424,7 +424,7 @@ static apr_status_t sed_request_filter(ap_filter_t *f, * the buckets in bbinp and read the data from buckets and invoke * sed_eval_buffer on the data. libsed will generate its output using * sed_write_output which will add data in ctx->bb. Do it until it have - * atleast one bucket bucket in ctx->bb. At the end of data eos bucket + * atleast one bucket in ctx->bb. At the end of data eos bucket * should be there. * * Once eos bucket is seen, then invoke sed_finalize_eval to clear the diff --git a/modules/filters/mod_substitute.c b/modules/filters/mod_substitute.c index 9326348c..59f5bf3e 100644 --- a/modules/filters/mod_substitute.c +++ b/modules/filters/mod_substitute.c @@ -57,6 +57,7 @@ typedef struct { apr_array_header_t *patterns; apr_size_t max_line_length; int max_line_length_set; + int inherit_before; } subst_dir_conf; typedef struct { @@ -70,26 +71,43 @@ typedef struct { static void *create_substitute_dcfg(apr_pool_t *p, char *d) { subst_dir_conf *dcfg = - (subst_dir_conf *) apr_pcalloc(p, sizeof(subst_dir_conf)); + (subst_dir_conf *) apr_palloc(p, sizeof(subst_dir_conf)); dcfg->patterns = apr_array_make(p, 10, sizeof(subst_pattern_t)); dcfg->max_line_length = AP_SUBST_MAX_LINE_LENGTH; + dcfg->max_line_length_set = 0; + dcfg->inherit_before = -1; return dcfg; } static void *merge_substitute_dcfg(apr_pool_t *p, void *basev, void *overv) { subst_dir_conf *a = - (subst_dir_conf *) apr_pcalloc(p, sizeof(subst_dir_conf)); + (subst_dir_conf *) apr_palloc(p, sizeof(subst_dir_conf)); subst_dir_conf *base = (subst_dir_conf *) basev; subst_dir_conf *over = (subst_dir_conf *) overv; - a->patterns = apr_array_append(p, over->patterns, - base->patterns); + a->inherit_before = (over->inherit_before != -1) + ? over->inherit_before + : base->inherit_before; + /* SubstituteInheritBefore wasn't the default behavior until 2.5.x, + * and may be re-disabled as desired; the original default behavior + * was to apply inherited subst patterns after locally scoped patterns. + * In later 2.2 and 2.4 versions, SubstituteInheritBefore may be toggled + * 'on' to follow the corrected/expected behavior, without violating POLS. + */ + if (a->inherit_before == 1) { + a->patterns = apr_array_append(p, base->patterns, + over->patterns); + } + else { + a->patterns = apr_array_append(p, over->patterns, + base->patterns); + } a->max_line_length = over->max_line_length_set ? - over->max_line_length : base->max_line_length; - a->max_line_length_set = over->max_line_length_set ? - over->max_line_length_set : base->max_line_length_set; + over->max_line_length : base->max_line_length; + a->max_line_length_set = over->max_line_length_set + | base->max_line_length_set; return a; } @@ -695,6 +713,9 @@ static const command_rec substitute_cmds[] = { "Pattern to filter the response content (s/foo/bar/[inf])"), AP_INIT_TAKE1("SubstituteMaxLineLength", set_max_line_length, NULL, OR_FILEINFO, "Maximum line length"), + AP_INIT_FLAG("SubstituteInheritBefore", ap_set_flag_slot, + (void *)APR_OFFSETOF(subst_dir_conf, inherit_before), OR_FILEINFO, + "Apply inherited patterns before those of the current context"), {NULL} }; diff --git a/modules/filters/mod_xml2enc.c b/modules/filters/mod_xml2enc.c index d28c97d1..7b34c717 100644 --- a/modules/filters/mod_xml2enc.c +++ b/modules/filters/mod_xml2enc.c @@ -127,7 +127,7 @@ static void fix_skipto(request_rec* r, xml2ctx* ctx) { apr_status_t rv; xml2cfg* cfg = ap_get_module_config(r->per_dir_config, &xml2enc_module); - if ((cfg->skipto != NULL) && (ctx->flags | ENC_SKIPTO)) { + if ((cfg->skipto != NULL) && (ctx->flags & ENC_SKIPTO)) { int found = 0; char* p = ap_strchr(ctx->buf, '<'); tattr* starts = (tattr*) cfg->skipto->elts; diff --git a/modules/generators/mod_autoindex.c b/modules/generators/mod_autoindex.c index 5e86e407..a9e96231 100644 --- a/modules/generators/mod_autoindex.c +++ b/modules/generators/mod_autoindex.c @@ -1336,7 +1336,7 @@ static struct ent *make_autoindex_entry(const apr_finfo_t *dirent, return (NULL); } - if((autoindex_opts & SHOW_FORBIDDEN) + if ((autoindex_opts & SHOW_FORBIDDEN) && (rr->status == HTTP_UNAUTHORIZED || rr->status == HTTP_FORBIDDEN)) { show_forbidden = 1; } @@ -1981,7 +1981,7 @@ static int dsortf(struct ent **e1, struct ent **e2) } } - /* The names may be identical in respects other other than + /* The names may be identical in respects other than * filename case when strnatcmp is used above, so fall back * to strcmp on conflicts so that fn1.01.zzz and fn1.1.zzz * are also sorted in a deterministic order. @@ -2274,7 +2274,10 @@ static int handle_autoindex(request_rec *r) autoindex_config_rec *d; int allow_opts; - if(strcmp(r->handler,DIR_MAGIC_TYPE)) { + if (strcmp(r->handler,DIR_MAGIC_TYPE) && !AP_IS_DEFAULT_HANDLER_NAME(r->handler)) { + return DECLINED; + } + if (r->finfo.filetype != APR_DIR) { return DECLINED; } diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index fc7ec6cc..589611b5 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -135,7 +135,7 @@ static const char * const status_lines[RESPONSE_CODES] = NULL, /* 418 */ NULL, /* 419 */ NULL, /* 420 */ - NULL, /* 421 */ + "421 Misdirected Request", "422 Unprocessable Entity", "423 Locked", "424 Failed Dependency", @@ -1293,6 +1293,11 @@ static const char *get_canned_error_string(int status, case HTTP_NETWORK_AUTHENTICATION_REQUIRED: return("

    The client needs to authenticate to gain\n" "network access.

    \n"); + case HTTP_MISDIRECTED_REQUEST: + return("

    The client needs a new connection for this\n" + "request as the requested host name does not match\n" + "the Server Name Indication (SNI) in use for this\n" + "connection.

    \n"); default: /* HTTP_INTERNAL_SERVER_ERROR */ /* * This comparison to expose error-notes could be modified to diff --git a/modules/http/http_request.c b/modules/http/http_request.c index 7b06def9..70bf2937 100644 --- a/modules/http/http_request.c +++ b/modules/http/http_request.c @@ -363,7 +363,7 @@ void ap_process_async_request(request_rec *r) ap_process_request_after_handler(r); } -void ap_process_request(request_rec *r) +AP_DECLARE(void) ap_process_request(request_rec *r) { apr_bucket_brigade *bb; apr_bucket *b; diff --git a/modules/http2/.gitignore b/modules/http2/.gitignore new file mode 100644 index 00000000..ca49620f --- /dev/null +++ b/modules/http2/.gitignore @@ -0,0 +1,35 @@ +*.xcuserstate +sandbox/httpd/packages/httpd-2.4.x.tar.gz +sandbox/test/conf/sites/mod-h2.greenbytes.de.conf +*.o +*.slo +*.lo +*.la +*.pcap +.libs +.configured +.deps +compile +aclocal.m4 +autom4te.cache +autoscan.log +config.guess +config.log +config.status +config.sub +config.h +config.h.in +config.h.in~ +configure +configure.scan +depcomp +install-sh +libtool +ltmain.sh +missing +stamp-h1 +Makefile.in +Makefile +mod_h2-*.tar.gz +mod_h2/h2_version.h +m4 diff --git a/modules/http2/NWGNUmakefile b/modules/http2/NWGNUmakefile new file mode 100644 index 00000000..1ab6282d --- /dev/null +++ b/modules/http2/NWGNUmakefile @@ -0,0 +1,331 @@ +# +# This Makefile requires the environment var NGH2SRC +# pointing to the base directory of nghttp2 source tree. +# + +# +# Declare the sub-directories to be built here +# + +SUBDIRS = \ + $(EOLIST) + +# +# Get the 'head' of the build environment. This includes default targets and +# paths to tools +# + +include $(AP_WORK)/build/NWGNUhead.inc + +# +# build this level's files +# +# Make sure all needed macro's are defined +# + +# +# These directories will be at the beginning of the include list, followed by +# INCDIRS +# +XINCDIRS += \ + $(APR)/include \ + $(APRUTIL)/include \ + $(SRC)/include \ + $(NGH2SRC)/lib/ \ + $(NGH2SRC)/lib/includes \ + $(SERVER)/mpm/NetWare \ + $(NWOS) \ + $(EOLIST) + +# +# These flags will come after CFLAGS +# +XCFLAGS += \ + $(EOLIST) + +# +# These defines will come after DEFINES +# +XDEFINES += \ + -DHAVE_CONFIG_H \ + $(EOLIST) + +# +# These flags will be added to the link.opt file +# +XLFLAGS += \ + -L$(OBJDIR) \ + $(EOLIST) + +# +# These values will be appended to the correct variables based on the value of +# RELEASE +# +ifeq "$(RELEASE)" "debug" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "noopt" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "release" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +# +# These are used by the link target if an NLM is being generated +# This is used by the link 'name' directive to name the nlm. If left blank +# TARGET_nlm (see below) will be used. +# +NLM_NAME = mod_http2 + +# +# This is used by the link '-desc ' directive. +# If left blank, NLM_NAME will be used. +# +NLM_DESCRIPTION = Apache $(VERSION_STR) HTTP2 Support module (w/ NGHTTP2 Lib) + +# +# This is used by the '-threadname' directive. If left blank, +# NLM_NAME Thread will be used. +# +NLM_THREAD_NAME = $(NLM_NAME) + +# +# If this is specified, it will override VERSION value in +# $(AP_WORK)/build/NWGNUenvironment.inc +# +NLM_VERSION = + +# +# If this is specified, it will override the default of 64K +# +NLM_STACK_SIZE = 65536 + +# +# If this is specified it will be used by the link '-entry' directive +# +NLM_ENTRY_SYM = + +# +# If this is specified it will be used by the link '-exit' directive +# +NLM_EXIT_SYM = + +# +# If this is specified it will be used by the link '-check' directive +# +NLM_CHECK_SYM = + +# +# If this is specified it will be used by the link '-flags' directive +# +NLM_FLAGS = + +# +# If this is specified it will be linked in with the XDCData option in the def +# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled +# by setting APACHE_UNIPROC in the environment +# +XDCDATA = + +# +# Declare all target files (you must add your files here) +# + +# +# If there is an NLM target, put it here +# +TARGET_nlm = \ + $(OBJDIR)/$(NLM_NAME).nlm \ + $(EOLIST) + +# +# If there is an LIB target, put it here +# +TARGET_lib = \ + $(OBJDIR)/nghttp2.lib \ + $(EOLIST) + +# +# These are the OBJ files needed to create the NLM target above. +# Paths must all use the '/' character +# +FILES_nlm_objs := $(sort $(patsubst %.c,$(OBJDIR)/%.o,$(wildcard *.c))) + +# +# These are the LIB files needed to create the NLM target above. +# These will be added as a library command in the link.opt file. +# +FILES_nlm_libs = \ + $(PRELUDE) \ + $(OBJDIR)/nghttp2.lib \ + $(EOLIST) + +# +# These are the modules that the above NLM target depends on to load. +# These will be added as a module command in the link.opt file. +# +FILES_nlm_modules = \ + Libc \ + Apache2 \ + $(EOLIST) + +# +# If the nlm has a msg file, put it's path here +# +FILE_nlm_msg = + +# +# If the nlm has a hlp file put it's path here +# +FILE_nlm_hlp = + +# +# If this is specified, it will override $(NWOS)\copyright.txt. +# +FILE_nlm_copyright = + +# +# Any additional imports go here +# +FILES_nlm_Ximports = \ + @libc.imp \ + @aprlib.imp \ + @httpd.imp \ + $(EOLIST) + +# +# Any symbols exported to here +# +FILES_nlm_exports = \ + http2_module \ + $(EOLIST) + +# +# These are the OBJ files needed to create the LIB target above. +# Paths must all use the '/' character +# +FILES_lib_objs := $(sort $(patsubst $(NGH2SRC)/lib/%.c,$(OBJDIR)/%.o,$(wildcard $(NGH2SRC)/lib/*.c))) +# +# implement targets and dependancies (leave this section alone) +# + +libs :: $(OBJDIR) $(NGH2SRC)/lib/config.h $(TARGET_lib) + +nlms :: libs $(TARGET_nlm) + +# +# Updated this target to create necessary directories and copy files to the +# correct place. (See $(AP_WORK)/build/NWGNUhead.inc for examples) +# +install :: nlms FORCE + $(call COPY,$(OBJDIR)/*.nlm, $(INSTALLBASE)/modules/) + +clean :: + $(call DEL,$(NGH2SRC)/lib/config.h) +# +# Any specialized rules here +# +vpath %.c $(NGH2SRC)/lib + +$(NGH2SRC)/lib/config.h : NWGNUmakefile + @echo $(DL)GEN $@$(DL) + @echo $(DL)/* For NetWare target.$(DL) > $@ + @echo $(DL)** Do not edit - created by Make!$(DL) >> $@ + @echo $(DL)*/$(DL) >> $@ + @echo $(DL)#ifndef NGH2_CONFIG_H$(DL) >> $@ + @echo $(DL)#define NGH2_CONFIG_H$(DL) >> $@ + @echo #define HAVE_ARPA_INET_H 1 >> $@ + @echo #define HAVE_CHOWN 1 >> $@ + @echo #define HAVE_DECL_STRERROR_R 1 >> $@ + @echo #define HAVE_DLFCN_H 1 >> $@ + @echo #define HAVE_DUP2 1 >> $@ + @echo #define HAVE_FCNTL_H 1 >> $@ + @echo #define HAVE_GETCWD 1 >> $@ + @echo #define HAVE_INTTYPES_H 1 >> $@ + @echo #define HAVE_LIMITS_H 1 >> $@ + @echo #define HAVE_LOCALTIME_R 1 >> $@ + @echo #define HAVE_MALLOC 1 >> $@ + @echo #define HAVE_MEMCHR 1 >> $@ + @echo #define HAVE_MEMMOVE 1 >> $@ + @echo #define HAVE_MEMORY_H 1 >> $@ + @echo #define HAVE_MEMSET 1 >> $@ + @echo #define HAVE_NETDB_H 1 >> $@ + @echo #define HAVE_NETINET_IN_H 1 >> $@ + @echo #define HAVE_PTRDIFF_T 1 >> $@ + @echo #define HAVE_PWD_H 1 >> $@ + @echo #define HAVE_SOCKET 1 >> $@ + @echo #define HAVE_SQRT 1 >> $@ + @echo #define HAVE_STDDEF_H 1 >> $@ + @echo #define HAVE_STDINT_H 1 >> $@ + @echo #define HAVE_STDLIB_H 1 >> $@ + @echo #define HAVE_STRCHR 1 >> $@ + @echo #define HAVE_STRDUP 1 >> $@ + @echo #define HAVE_STRERROR 1 >> $@ + @echo #define HAVE_STRERROR_R 1 >> $@ + @echo #define HAVE_STRINGS_H 1 >> $@ + @echo #define HAVE_STRING_H 1 >> $@ + @echo #define HAVE_STRSTR 1 >> $@ + @echo #define HAVE_STRTOL 1 >> $@ + @echo #define HAVE_STRTOUL 1 >> $@ + @echo #define HAVE_SYSLOG_H 1 >> $@ + @echo #define HAVE_SYS_SOCKET_H 1 >> $@ + @echo #define HAVE_SYS_STAT_H 1 >> $@ + @echo #define HAVE_SYS_TIME_H 1 >> $@ + @echo #define HAVE_SYS_TYPES_H 1 >> $@ + @echo #define HAVE_TIME_H 1 >> $@ + @echo #define HAVE_UNISTD_H 1 >> $@ + + @echo #define SIZEOF_INT_P 4 >> $@ + @echo #define STDC_HEADERS 1 >> $@ + @echo #define STRERROR_R_CHAR_P 4 >> $@ + +# Hint to compiler a function parameter is not used + @echo #define _U_ >> $@ + + @echo #ifndef __cplusplus >> $@ + @echo #define inline __inline >> $@ + @echo #endif >> $@ + + @echo $(DL)#endif /* NGH2_CONFIG_H */$(DL) >> $@ + +# +# Include the 'tail' makefile that has targets that depend on variables defined +# in this makefile +# + +include $(APBUILD)/NWGNUtail.inc + + diff --git a/modules/http2/README.h2 b/modules/http2/README.h2 new file mode 100644 index 00000000..399086b7 --- /dev/null +++ b/modules/http2/README.h2 @@ -0,0 +1,70 @@ +The http2 module adds support for the HTTP/2 protocol to the server. + +Specifically, it supports the protocols "h2" (HTTP2 over TLS) and "h2c" +(HTTP2 over plain HTTP connections via Upgrade). Additionally it offers +the "direct" mode for both encrypted and unencrypted connections. + +You may enable it for the whole server or specific virtual hosts only. + + +BUILD + +If you have libnghttp2 (https://nghttp2.org) installed on your system, simply +add + + --enable-http2 + +to your httpd ./configure invocation. Should libnghttp2 reside in a unusual +location, add + + --with-nghttp2= + +to ./configure. is expected to be the installation prefix, so there +should be a /lib/libnghttp2.*. If your system support pkg-config, +/lib/pkgconfig/libnghttp2.pc will be inspected. + +If you want to link nghttp2 statically into the mod_http2 module, you may +similarly to mod_ssl add + + --enable-nghttp2-staticlib-deps + +For this, the lib directory should only contain the libnghttp2.a, not its +shared cousins. + + +CONFIGURATION + +If mod_http2 is enabled for a site or not depends on the new "Protocols" +directive. This directive list all protocols enabled for a server or +virtual host. + +If you do not specify "Protocols" all available protocols are enabled. For +sites using TLS, the protocol supported by mod_http2 is "h2". For cleartext +http:, the offered protocol is "h2c". + +The following is an example of a server that only supports http/1.1 in +general and offers h2 for a specific virtual host. + + ... + Protocols http/1.1 + + Protocols h2 http/1.1 + ... + + +Please see the documentation of mod_http2 for a complete list and explanation +of all options. + + +TLS CONFIGURATION + +If you want to use HTTP/2 with a browser, most modern browsers will support +it without further configuration. However, browsers so far only support +HTTP/2 over TLS and are expecially picky about the certificate and +encryption ciphers used. + +Server admins may look for up-to-date information about "modern" TLS +compatibility under: + + https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + diff --git a/modules/http2/config.m4 b/modules/http2/config.m4 new file mode 100644 index 00000000..9c5eb867 --- /dev/null +++ b/modules/http2/config.m4 @@ -0,0 +1,189 @@ +dnl Licensed to the Apache Software Foundation (ASF) under one or more +dnl contributor license agreements. See the NOTICE file distributed with +dnl this work for additional information regarding copyright ownership. +dnl The ASF licenses this file to You under the Apache License, Version 2.0 +dnl (the "License"); you may not use this file except in compliance with +dnl the License. You may obtain a copy of the License at +dnl +dnl http://www.apache.org/licenses/LICENSE-2.0 +dnl +dnl Unless required by applicable law or agreed to in writing, software +dnl distributed under the License is distributed on an "AS IS" BASIS, +dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +dnl See the License for the specific language governing permissions and +dnl limitations under the License. + +dnl # start of module specific part +APACHE_MODPATH_INIT(http2) + +dnl # list of module object files +http2_objs="dnl +mod_http2.lo dnl +h2_alt_svc.lo dnl +h2_config.lo dnl +h2_conn.lo dnl +h2_conn_io.lo dnl +h2_ctx.lo dnl +h2_from_h1.lo dnl +h2_h2.lo dnl +h2_io.lo dnl +h2_io_set.lo dnl +h2_mplx.lo dnl +h2_request.lo dnl +h2_response.lo dnl +h2_session.lo dnl +h2_stream.lo dnl +h2_stream_set.lo dnl +h2_switch.lo dnl +h2_task.lo dnl +h2_task_input.lo dnl +h2_task_output.lo dnl +h2_task_queue.lo dnl +h2_to_h1.lo dnl +h2_util.lo dnl +h2_worker.lo dnl +h2_workers.lo dnl +" + +dnl +dnl APACHE_CHECK_NGHTTP2 +dnl +dnl Configure for nghttp2, giving preference to +dnl "--with-nghttp2=" if it was specified. +dnl +AC_DEFUN([APACHE_CHECK_NGHTTP2],[ + AC_CACHE_CHECK([for nghttp2], [ac_cv_nghttp2], [ + dnl initialise the variables we use + ac_cv_nghttp2=no + ap_nghttp2_found="" + ap_nghttp2_base="" + ap_nghttp2_libs="" + + dnl Determine the nghttp2 base directory, if any + AC_MSG_CHECKING([for user-provided nghttp2 base directory]) + AC_ARG_WITH(nghttp2, APACHE_HELP_STRING(--with-nghttp2=PATH, nghttp2 installation directory), [ + dnl If --with-nghttp2 specifies a directory, we use that directory + if test "x$withval" != "xyes" -a "x$withval" != "x"; then + dnl This ensures $withval is actually a directory and that it is absolute + ap_nghttp2_base="`cd $withval ; pwd`" + fi + ]) + if test "x$ap_nghttp2_base" = "x"; then + AC_MSG_RESULT(none) + else + AC_MSG_RESULT($ap_nghttp2_base) + fi + + dnl Run header and version checks + saved_CPPFLAGS="$CPPFLAGS" + saved_LIBS="$LIBS" + saved_LDFLAGS="$LDFLAGS" + + dnl Before doing anything else, load in pkg-config variables + if test -n "$PKGCONFIG"; then + saved_PKG_CONFIG_PATH="$PKG_CONFIG_PATH" + AC_MSG_CHECKING([for pkg-config along $PKG_CONFIG_PATH]) + if test "x$ap_nghttp2_base" != "x" -a \ + -f "${ap_nghttp2_base}/lib/pkgconfig/libnghttp2.pc"; then + dnl Ensure that the given path is used by pkg-config too, otherwise + dnl the system libnghttp2.pc might be picked up instead. + PKG_CONFIG_PATH="${ap_nghttp2_base}/lib/pkgconfig${PKG_CONFIG_PATH+:}${PKG_CONFIG_PATH}" + export PKG_CONFIG_PATH + fi + AC_ARG_ENABLE(nghttp2-staticlib-deps,APACHE_HELP_STRING(--enable-nghttp2-staticlib-deps,[link mod_http2 with dependencies of libnghttp2's static libraries (as indicated by "pkg-config --static"). Must be specified in addition to --enable-http2.]), [ + if test "$enableval" = "yes"; then + PKGCONFIG_LIBOPTS="--static" + fi + ]) + ap_nghttp2_libs="`$PKGCONFIG $PKGCONFIG_LIBOPTS --libs-only-l --silence-errors libnghttp2`" + if test $? -eq 0; then + ap_nghttp2_found="yes" + pkglookup="`$PKGCONFIG --cflags-only-I libnghttp2`" + APR_ADDTO(CPPFLAGS, [$pkglookup]) + APR_ADDTO(MOD_CFLAGS, [$pkglookup]) + APR_ADDTO(ab_CFLAGS, [$pkglookup]) + pkglookup="`$PKGCONFIG $PKGCONFIG_LIBOPTS --libs-only-L libnghttp2`" + APR_ADDTO(LDFLAGS, [$pkglookup]) + APR_ADDTO(MOD_LDFLAGS, [$pkglookup]) + pkglookup="`$PKGCONFIG $PKGCONFIG_LIBOPTS --libs-only-other libnghttp2`" + APR_ADDTO(LDFLAGS, [$pkglookup]) + APR_ADDTO(MOD_LDFLAGS, [$pkglookup]) + fi + PKG_CONFIG_PATH="$saved_PKG_CONFIG_PATH" + fi + + dnl fall back to the user-supplied directory if not found via pkg-config + if test "x$ap_nghttp2_base" != "x" -a "x$ap_nghttp2_found" = "x"; then + APR_ADDTO(CPPFLAGS, [-I$ap_nghttp2_base/include]) + APR_ADDTO(MOD_CFLAGS, [-I$ap_nghttp2_base/include]) + APR_ADDTO(ab_CFLAGS, [-I$ap_nghttp2_base/include]) + APR_ADDTO(LDFLAGS, [-L$ap_nghttp2_base/lib]) + APR_ADDTO(MOD_LDFLAGS, [-L$ap_nghttp2_base/lib]) + if test "x$ap_platform_runtime_link_flag" != "x"; then + APR_ADDTO(LDFLAGS, [$ap_platform_runtime_link_flag$ap_nghttp2_base/lib]) + APR_ADDTO(MOD_LDFLAGS, [$ap_platform_runtime_link_flag$ap_nghttp2_base/lib]) + fi + fi + + AC_MSG_CHECKING([for nghttp2 version >= 1.0.0]) + AC_TRY_COMPILE([#include ],[ +#if !defined(NGHTTP2_VERSION_NUM) +#error "Missing nghttp2 version" +#endif +#if NGHTTP2_VERSION_NUM < 0x010000 +#error "Unsupported nghttp2 version " NGHTTP2_VERSION_TEXT +#endif], + [AC_MSG_RESULT(OK) + ac_cv_nghttp2=yes], + [AC_MSG_RESULT(FAILED)]) + + if test "x$ac_cv_nghttp2" = "xyes"; then + ap_nghttp2_libs="${ap_nghttp2_libs:--lnghttp2} `$apr_config --libs`" + APR_ADDTO(MOD_LDFLAGS, [$ap_nghttp2_libs]) + APR_ADDTO(LIBS, [$ap_nghttp2_libs]) + APR_SETVAR(ab_LDFLAGS, [$MOD_LDFLAGS]) + APACHE_SUBST(ab_CFLAGS) + APACHE_SUBST(ab_LDFLAGS) + + dnl Run library and function checks + liberrors="" + AC_CHECK_HEADERS([nghttp2/nghttp2.h]) + AC_CHECK_FUNCS([nghttp2_session_server_new2], [], [liberrors="yes"]) + if test "x$liberrors" != "x"; then + AC_MSG_WARN([nghttp2 library is unusable]) + fi + else + AC_MSG_WARN([nghttp2 version is too old]) + fi + + dnl restore + CPPFLAGS="$saved_CPPFLAGS" + LIBS="$saved_LIBS" + LDFLAGS="$saved_LDFLAGS" + ]) + if test "x$ac_cv_nghttp2" = "xyes"; then + AC_DEFINE(HAVE_NGHTTP2, 1, [Define if nghttp2 is available]) + fi +]) + + +dnl # hook module into the Autoconf mechanism (--enable-http2) +APACHE_MODULE(http2, [HTTP/2 protocol handling in addition to HTTP protocol +handling. Implemented by mod_http2. This module requires a libnghttp2 installation. +See --with-nghttp2 on how to manage non-standard locations. This module +is usually linked shared and requires loading. ], $http2_objs, , most, [ + APACHE_CHECK_NGHTTP2 + if test "$ac_cv_nghttp2" = "yes" ; then + if test "x$enable_http2" = "xshared"; then + # The only symbol which needs to be exported is the module + # structure, so ask libtool to hide everything else: + APR_ADDTO(MOD_HTTP2_LDADD, [-export-symbols-regex http2_module]) + fi + else + enable_http2=no + fi +]) + +dnl # end of module specific part +APACHE_MODPATH_FINISH + diff --git a/modules/http2/h2_alt_svc.c b/modules/http2/h2_alt_svc.c new file mode 100644 index 00000000..d18ae5f2 --- /dev/null +++ b/modules/http2/h2_alt_svc.c @@ -0,0 +1,132 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_alt_svc.h" +#include "h2_ctx.h" +#include "h2_config.h" +#include "h2_h2.h" +#include "h2_util.h" + +static int h2_alt_svc_handler(request_rec *r); + +void h2_alt_svc_register_hooks(void) +{ + ap_hook_post_read_request(h2_alt_svc_handler, NULL, NULL, APR_HOOK_MIDDLE); +} + +/** + * Parse an Alt-Svc specifier as described in "HTTP Alternative Services" + * (https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-04) + * with the following changes: + * - do not percent encode token values + * - do not use quotation marks + */ +h2_alt_svc *h2_alt_svc_parse(const char *s, apr_pool_t *pool) { + const char *sep = ap_strchr_c(s, '='); + if (sep) { + const char *alpn = apr_pstrndup(pool, s, sep - s); + const char *host = NULL; + int port = 0; + s = sep + 1; + sep = ap_strchr_c(s, ':'); /* mandatory : */ + if (sep) { + if (sep != s) { /* optional host */ + host = apr_pstrndup(pool, s, sep - s); + } + s = sep + 1; + if (*s) { /* must be a port number */ + port = (int)apr_atoi64(s); + if (port > 0 && port < (0x1 << 16)) { + h2_alt_svc *as = apr_pcalloc(pool, sizeof(*as)); + as->alpn = alpn; + as->host = host; + as->port = port; + return as; + } + } + } + } + return NULL; +} + +#define h2_alt_svc_IDX(list, i) ((h2_alt_svc**)(list)->elts)[i] + +static int h2_alt_svc_handler(request_rec *r) +{ + h2_ctx *ctx; + h2_config *cfg; + int i; + + if (r->connection->keepalives > 0) { + /* Only announce Alt-Svc on the first response */ + return DECLINED; + } + + ctx = h2_ctx_rget(r); + if (h2_ctx_is_active(ctx) || h2_ctx_is_task(ctx)) { + return DECLINED; + } + + cfg = h2_config_rget(r); + if (r->hostname && cfg && cfg->alt_svcs && cfg->alt_svcs->nelts > 0) { + const char *alt_svc_used = apr_table_get(r->headers_in, "Alt-Svc-Used"); + if (!alt_svc_used) { + /* We have alt-svcs defined and client is not already using + * one, announce the services that were configured and match. + * The security of this connection determines if we allow + * other host names or ports only. + */ + const char *alt_svc = ""; + const char *svc_ma = ""; + int secure = h2_h2_is_tls(r->connection); + int ma = h2_config_geti(cfg, H2_CONF_ALT_SVC_MAX_AGE); + if (ma >= 0) { + svc_ma = apr_psprintf(r->pool, "; ma=%d", ma); + } + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "h2_alt_svc: announce %s for %s:%d", + (secure? "secure" : "insecure"), + r->hostname, (int)r->server->port); + for (i = 0; i < cfg->alt_svcs->nelts; ++i) { + h2_alt_svc *as = h2_alt_svc_IDX(cfg->alt_svcs, i); + const char *ahost = as->host; + if (ahost && !apr_strnatcasecmp(ahost, r->hostname)) { + ahost = NULL; + } + if (secure || !ahost) { + alt_svc = apr_psprintf(r->pool, "%s%s%s=\"%s:%d\"%s", + alt_svc, + (*alt_svc? ", " : ""), as->alpn, + ahost? ahost : "", as->port, + svc_ma); + } + } + if (*alt_svc) { + apr_table_set(r->headers_out, "Alt-Svc", alt_svc); + } + } + } + + return DECLINED; +} + diff --git a/modules/http2/h2_alt_svc.h b/modules/http2/h2_alt_svc.h new file mode 100644 index 00000000..51f89d00 --- /dev/null +++ b/modules/http2/h2_alt_svc.h @@ -0,0 +1,39 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_alt_svc__ +#define __mod_h2__h2_alt_svc__ + +typedef struct h2_alt_svc h2_alt_svc; + +struct h2_alt_svc { + const char *alpn; + const char *host; + int port; +}; + +void h2_alt_svc_register_hooks(void); + +/** + * Parse an Alt-Svc specifier as described in "HTTP Alternative Services" + * (https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-04) + * with the following changes: + * - do not percent encode token values + * - do not use quotation marks + */ +h2_alt_svc *h2_alt_svc_parse(const char *s, apr_pool_t *pool); + + +#endif /* defined(__mod_h2__h2_alt_svc__) */ diff --git a/modules/http2/h2_config.c b/modules/http2/h2_config.c new file mode 100644 index 00000000..6db702ec --- /dev/null +++ b/modules/http2/h2_config.c @@ -0,0 +1,386 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include +#include +#include + +#include + +#include + +#include "h2_alt_svc.h" +#include "h2_ctx.h" +#include "h2_conn.h" +#include "h2_config.h" +#include "h2_private.h" + +#define DEF_VAL (-1) + +#define H2_CONFIG_GET(a, b, n) \ + (((a)->n == DEF_VAL)? (b) : (a))->n + +static h2_config defconf = { + "default", + 100, /* max_streams */ + 64 * 1024, /* window_size */ + -1, /* min workers */ + -1, /* max workers */ + 10 * 60, /* max workers idle secs */ + 64 * 1024, /* stream max mem size */ + NULL, /* no alt-svcs */ + -1, /* alt-svc max age */ + 0, /* serialize headers */ + -1, /* h2 direct mode */ + -1, /* # session extra files */ +}; + +static int files_per_session = 0; + +void h2_config_init(apr_pool_t *pool) { + /* Determine a good default for this platform and mpm? + * TODO: not sure how APR wants to hand out this piece of + * information. + */ + int max_files = 256; + int conn_threads = 1; + int tx_files = max_files / 4; + + (void)pool; + ap_mpm_query(AP_MPMQ_MAX_THREADS, &conn_threads); + switch (h2_conn_mpm_type()) { + case H2_MPM_PREFORK: + case H2_MPM_WORKER: + case H2_MPM_EVENT: + /* allow that many transfer open files per mplx */ + files_per_session = (tx_files / conn_threads); + break; + default: + /* don't know anything about it, stay safe */ + break; + } +} + +static void *h2_config_create(apr_pool_t *pool, + const char *prefix, const char *x) +{ + h2_config *conf = (h2_config *)apr_pcalloc(pool, sizeof(h2_config)); + + const char *s = x? x : "unknown"; + char *name = apr_pcalloc(pool, strlen(prefix) + strlen(s) + 20); + strcpy(name, prefix); + strcat(name, "["); + strcat(name, s); + strcat(name, "]"); + + conf->name = name; + conf->h2_max_streams = DEF_VAL; + conf->h2_window_size = DEF_VAL; + conf->min_workers = DEF_VAL; + conf->max_workers = DEF_VAL; + conf->max_worker_idle_secs = DEF_VAL; + conf->stream_max_mem_size = DEF_VAL; + conf->alt_svc_max_age = DEF_VAL; + conf->serialize_headers = DEF_VAL; + conf->h2_direct = DEF_VAL; + conf->session_extra_files = DEF_VAL; + return conf; +} + +void *h2_config_create_svr(apr_pool_t *pool, server_rec *s) +{ + return h2_config_create(pool, "srv", s->defn_name); +} + +void *h2_config_create_dir(apr_pool_t *pool, char *x) +{ + return h2_config_create(pool, "dir", x); +} + +void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv) +{ + h2_config *base = (h2_config *)basev; + h2_config *add = (h2_config *)addv; + h2_config *n = (h2_config *)apr_pcalloc(pool, sizeof(h2_config)); + + char *name = apr_pcalloc(pool, 20 + strlen(add->name) + strlen(base->name)); + strcpy(name, "merged["); + strcat(name, add->name); + strcat(name, ", "); + strcat(name, base->name); + strcat(name, "]"); + n->name = name; + + n->h2_max_streams = H2_CONFIG_GET(add, base, h2_max_streams); + n->h2_window_size = H2_CONFIG_GET(add, base, h2_window_size); + n->min_workers = H2_CONFIG_GET(add, base, min_workers); + n->max_workers = H2_CONFIG_GET(add, base, max_workers); + n->max_worker_idle_secs = H2_CONFIG_GET(add, base, max_worker_idle_secs); + n->stream_max_mem_size = H2_CONFIG_GET(add, base, stream_max_mem_size); + n->alt_svcs = add->alt_svcs? add->alt_svcs : base->alt_svcs; + n->alt_svc_max_age = H2_CONFIG_GET(add, base, alt_svc_max_age); + n->serialize_headers = H2_CONFIG_GET(add, base, serialize_headers); + n->h2_direct = H2_CONFIG_GET(add, base, h2_direct); + n->session_extra_files = H2_CONFIG_GET(add, base, session_extra_files); + + return n; +} + +int h2_config_geti(h2_config *conf, h2_config_var_t var) +{ + int n; + switch(var) { + case H2_CONF_MAX_STREAMS: + return H2_CONFIG_GET(conf, &defconf, h2_max_streams); + case H2_CONF_WIN_SIZE: + return H2_CONFIG_GET(conf, &defconf, h2_window_size); + case H2_CONF_MIN_WORKERS: + return H2_CONFIG_GET(conf, &defconf, min_workers); + case H2_CONF_MAX_WORKERS: + return H2_CONFIG_GET(conf, &defconf, max_workers); + case H2_CONF_MAX_WORKER_IDLE_SECS: + return H2_CONFIG_GET(conf, &defconf, max_worker_idle_secs); + case H2_CONF_STREAM_MAX_MEM: + return H2_CONFIG_GET(conf, &defconf, stream_max_mem_size); + case H2_CONF_ALT_SVC_MAX_AGE: + return H2_CONFIG_GET(conf, &defconf, alt_svc_max_age); + case H2_CONF_SER_HEADERS: + return H2_CONFIG_GET(conf, &defconf, serialize_headers); + case H2_CONF_DIRECT: + return H2_CONFIG_GET(conf, &defconf, h2_direct); + case H2_CONF_SESSION_FILES: + n = H2_CONFIG_GET(conf, &defconf, session_extra_files); + if (n < 0) { + n = files_per_session; + } + return n; + default: + return DEF_VAL; + } +} + +h2_config *h2_config_sget(server_rec *s) +{ + h2_config *cfg = (h2_config *)ap_get_module_config(s->module_config, + &http2_module); + AP_DEBUG_ASSERT(cfg); + return cfg; +} + + +static const char *h2_conf_set_max_streams(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->h2_max_streams = (int)apr_atoi64(value); + (void)arg; + if (cfg->h2_max_streams < 1) { + return "value must be > 0"; + } + return NULL; +} + +static const char *h2_conf_set_window_size(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->h2_window_size = (int)apr_atoi64(value); + (void)arg; + if (cfg->h2_window_size < 1024) { + return "value must be > 1k"; + } + return NULL; +} + +static const char *h2_conf_set_min_workers(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->min_workers = (int)apr_atoi64(value); + (void)arg; + if (cfg->min_workers < 1) { + return "value must be > 1"; + } + return NULL; +} + +static const char *h2_conf_set_max_workers(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->max_workers = (int)apr_atoi64(value); + (void)arg; + if (cfg->max_workers < 1) { + return "value must be > 1"; + } + return NULL; +} + +static const char *h2_conf_set_max_worker_idle_secs(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->max_worker_idle_secs = (int)apr_atoi64(value); + (void)arg; + if (cfg->max_worker_idle_secs < 1) { + return "value must be > 1"; + } + return NULL; +} + +static const char *h2_conf_set_stream_max_mem_size(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + + + cfg->stream_max_mem_size = (int)apr_atoi64(value); + (void)arg; + if (cfg->stream_max_mem_size < 1024) { + return "value must be > 1k"; + } + return NULL; +} + +static const char *h2_add_alt_svc(cmd_parms *parms, + void *arg, const char *value) +{ + if (value && strlen(value)) { + h2_config *cfg = h2_config_sget(parms->server); + h2_alt_svc *as = h2_alt_svc_parse(value, parms->pool); + if (!as) { + return "unable to parse alt-svc specifier"; + } + if (!cfg->alt_svcs) { + cfg->alt_svcs = apr_array_make(parms->pool, 5, sizeof(h2_alt_svc*)); + } + APR_ARRAY_PUSH(cfg->alt_svcs, h2_alt_svc*) = as; + } + (void)arg; + return NULL; +} + +static const char *h2_conf_set_alt_svc_max_age(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + cfg->alt_svc_max_age = (int)apr_atoi64(value); + (void)arg; + return NULL; +} + +static const char *h2_conf_set_session_extra_files(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + apr_int64_t max = (int)apr_atoi64(value); + if (max <= 0) { + return "value must be a positive number"; + } + cfg->session_extra_files = (int)max; + (void)arg; + return NULL; +} + +static const char *h2_conf_set_serialize_headers(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + if (!strcasecmp(value, "On")) { + cfg->serialize_headers = 1; + return NULL; + } + else if (!strcasecmp(value, "Off")) { + cfg->serialize_headers = 0; + return NULL; + } + + (void)arg; + return "value must be On or Off"; +} + +static const char *h2_conf_set_direct(cmd_parms *parms, + void *arg, const char *value) +{ + h2_config *cfg = h2_config_sget(parms->server); + if (!strcasecmp(value, "On")) { + cfg->h2_direct = 1; + return NULL; + } + else if (!strcasecmp(value, "Off")) { + cfg->h2_direct = 0; + return NULL; + } + + (void)arg; + return "value must be On or Off"; +} + +#define AP_END_CMD AP_INIT_TAKE1(NULL, NULL, NULL, RSRC_CONF, NULL) + + +const command_rec h2_cmds[] = { + AP_INIT_TAKE1("H2MaxSessionStreams", h2_conf_set_max_streams, NULL, + RSRC_CONF, "maximum number of open streams per session"), + AP_INIT_TAKE1("H2WindowSize", h2_conf_set_window_size, NULL, + RSRC_CONF, "window size on client DATA"), + AP_INIT_TAKE1("H2MinWorkers", h2_conf_set_min_workers, NULL, + RSRC_CONF, "minimum number of worker threads per child"), + AP_INIT_TAKE1("H2MaxWorkers", h2_conf_set_max_workers, NULL, + RSRC_CONF, "maximum number of worker threads per child"), + AP_INIT_TAKE1("H2MaxWorkerIdleSeconds", h2_conf_set_max_worker_idle_secs, NULL, + RSRC_CONF, "maximum number of idle seconds before a worker shuts down"), + AP_INIT_TAKE1("H2StreamMaxMemSize", h2_conf_set_stream_max_mem_size, NULL, + RSRC_CONF, "maximum number of bytes buffered in memory for a stream"), + AP_INIT_TAKE1("H2AltSvc", h2_add_alt_svc, NULL, + RSRC_CONF, "adds an Alt-Svc for this server"), + AP_INIT_TAKE1("H2AltSvcMaxAge", h2_conf_set_alt_svc_max_age, NULL, + RSRC_CONF, "set the maximum age (in seconds) that client can rely on alt-svc information"), + AP_INIT_TAKE1("H2SerializeHeaders", h2_conf_set_serialize_headers, NULL, + RSRC_CONF, "on to enable header serialization for compatibility"), + AP_INIT_TAKE1("H2Direct", h2_conf_set_direct, NULL, + RSRC_CONF, "on to enable direct HTTP/2 mode"), + AP_INIT_TAKE1("H2SessionExtraFiles", h2_conf_set_session_extra_files, NULL, + RSRC_CONF, "number of extra file a session might keep open"), + AP_END_CMD +}; + + +h2_config *h2_config_rget(request_rec *r) +{ + h2_config *cfg = (h2_config *)ap_get_module_config(r->per_dir_config, + &http2_module); + return cfg? cfg : h2_config_sget(r->server); +} + +h2_config *h2_config_get(conn_rec *c) +{ + h2_ctx *ctx = h2_ctx_get(c); + + if (ctx->config) { + return ctx->config; + } + else if (ctx->server) { + ctx->config = h2_config_sget(ctx->server); + return ctx->config; + } + + return h2_config_sget(c->base_server); +} + diff --git a/modules/http2/h2_config.h b/modules/http2/h2_config.h new file mode 100644 index 00000000..931af59d --- /dev/null +++ b/modules/http2/h2_config.h @@ -0,0 +1,74 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_config_h__ +#define __mod_h2__h2_config_h__ + +#undef PACKAGE_VERSION +#undef PACKAGE_TARNAME +#undef PACKAGE_STRING +#undef PACKAGE_NAME +#undef PACKAGE_BUGREPORT + +typedef enum { + H2_CONF_MAX_STREAMS, + H2_CONF_WIN_SIZE, + H2_CONF_MIN_WORKERS, + H2_CONF_MAX_WORKERS, + H2_CONF_MAX_WORKER_IDLE_SECS, + H2_CONF_STREAM_MAX_MEM, + H2_CONF_ALT_SVCS, + H2_CONF_ALT_SVC_MAX_AGE, + H2_CONF_SER_HEADERS, + H2_CONF_DIRECT, + H2_CONF_SESSION_FILES, +} h2_config_var_t; + +/* Apache httpd module configuration for h2. */ +typedef struct h2_config { + const char *name; + int h2_max_streams; /* max concurrent # streams (http2) */ + int h2_window_size; /* stream window size (http2) */ + int min_workers; /* min # of worker threads/child */ + int max_workers; /* max # of worker threads/child */ + int max_worker_idle_secs; /* max # of idle seconds for worker */ + int stream_max_mem_size; /* max # bytes held in memory/stream */ + apr_array_header_t *alt_svcs; /* h2_alt_svc specs for this server */ + int alt_svc_max_age; /* seconds clients can rely on alt-svc info*/ + int serialize_headers; /* Use serialized HTTP/1.1 headers for + processing, better compatibility */ + int h2_direct; /* if mod_h2 is active directly */ + int session_extra_files; /* # of extra files a session may keep open */ +} h2_config; + + +void *h2_config_create_dir(apr_pool_t *pool, char *x); +void *h2_config_create_svr(apr_pool_t *pool, server_rec *s); +void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv); + +apr_status_t h2_config_apply_header(h2_config *config, request_rec *r); + +extern const command_rec h2_cmds[]; + +h2_config *h2_config_get(conn_rec *c); +h2_config *h2_config_sget(server_rec *s); +h2_config *h2_config_rget(request_rec *r); + +int h2_config_geti(h2_config *conf, h2_config_var_t var); + +void h2_config_init(apr_pool_t *pool); + +#endif /* __mod_h2__h2_config_h__ */ + diff --git a/modules/http2/h2_conn.c b/modules/http2/h2_conn.c new file mode 100644 index 00000000..8bffbc42 --- /dev/null +++ b/modules/http2/h2_conn.c @@ -0,0 +1,532 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_config.h" +#include "h2_ctx.h" +#include "h2_mplx.h" +#include "h2_session.h" +#include "h2_stream.h" +#include "h2_stream_set.h" +#include "h2_task.h" +#include "h2_worker.h" +#include "h2_workers.h" +#include "h2_conn.h" + +static struct h2_workers *workers; + +static apr_status_t h2_session_process(h2_session *session); + +static h2_mpm_type_t mpm_type = H2_MPM_UNKNOWN; +static module *mpm_module; +static module *ssl_module; +static int checked; + +static void check_modules(void) +{ + int i; + if (!checked) { + for (i = 0; ap_loaded_modules[i]; ++i) { + module *m = ap_loaded_modules[i]; + if (!strcmp("event.c", m->name)) { + mpm_type = H2_MPM_EVENT; + mpm_module = m; + } + else if (!strcmp("worker.c", m->name)) { + mpm_type = H2_MPM_WORKER; + mpm_module = m; + } + else if (!strcmp("prefork.c", m->name)) { + mpm_type = H2_MPM_PREFORK; + mpm_module = m; + } + else if (!strcmp("mod_ssl.c", m->name)) { + ssl_module = m; + } + } + checked = 1; + } +} + +apr_status_t h2_conn_child_init(apr_pool_t *pool, server_rec *s) +{ + h2_config *config = h2_config_sget(s); + apr_status_t status = APR_SUCCESS; + int minw = h2_config_geti(config, H2_CONF_MIN_WORKERS); + int maxw = h2_config_geti(config, H2_CONF_MAX_WORKERS); + + int max_threads_per_child = 0; + int threads_limit = 0; + int idle_secs = 0; + int i; + + h2_config_init(pool); + + ap_mpm_query(AP_MPMQ_MAX_THREADS, &max_threads_per_child); + ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &threads_limit); + + for (i = 0; ap_loaded_modules[i]; ++i) { + module *m = ap_loaded_modules[i]; + if (!strcmp("event.c", m->name)) { + mpm_type = H2_MPM_EVENT; + mpm_module = m; + } + else if (!strcmp("worker.c", m->name)) { + mpm_type = H2_MPM_WORKER; + mpm_module = m; + } + else if (!strcmp("prefork.c", m->name)) { + mpm_type = H2_MPM_PREFORK; + mpm_module = m; + } + else if (!strcmp("mod_ssl.c", m->name)) { + ssl_module = m; + } + } + + if (minw <= 0) { + minw = max_threads_per_child; + } + if (maxw <= 0) { + maxw = threads_limit; + if (maxw < minw) { + maxw = minw; + } + } + + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, + "h2_workers: min=%d max=%d, mthrpchild=%d, thr_limit=%d", + minw, maxw, max_threads_per_child, threads_limit); + + workers = h2_workers_create(s, pool, minw, maxw); + idle_secs = h2_config_geti(config, H2_CONF_MAX_WORKER_IDLE_SECS); + h2_workers_set_max_idle_secs(workers, idle_secs); + + return status; +} + +h2_mpm_type_t h2_conn_mpm_type(void) { + check_modules(); + return mpm_type; +} + +static module *h2_conn_mpm_module(void) { + check_modules(); + return mpm_module; +} + +apr_status_t h2_conn_rprocess(request_rec *r) +{ + h2_config *config = h2_config_rget(r); + h2_session *session; + + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "h2_conn_process start"); + if (!workers) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02911) + "workers not initialized"); + return APR_EGENERAL; + } + + session = h2_session_rcreate(r, config, workers); + if (!session) { + return APR_EGENERAL; + } + + return h2_session_process(session); +} + +apr_status_t h2_conn_main(conn_rec *c) +{ + h2_config *config = h2_config_get(c); + h2_session *session; + apr_status_t status; + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "h2_conn_main start"); + if (!workers) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02912) + "workers not initialized"); + return APR_EGENERAL; + } + + session = h2_session_create(c, config, workers); + if (!session) { + return APR_EGENERAL; + } + + status = h2_session_process(session); + + /* Make sure this connection gets closed properly. */ + c->keepalive = AP_CONN_CLOSE; + if (c->cs) { + c->cs->state = CONN_STATE_WRITE_COMPLETION; + } + + return status; +} + +apr_status_t h2_session_process(h2_session *session) +{ + apr_status_t status = APR_SUCCESS; + int rv = 0; + apr_interval_time_t wait_micros = 0; + static const int MAX_WAIT_MICROS = 200 * 1000; + + /* Start talking to the client. Apart from protocol meta data, + * we mainly will see new http/2 streams opened by the client, which + * basically are http requests we need to dispatch. + * + * There will be bursts of new streams, to be served concurrently, + * followed by long pauses of no activity. + * + * Since the purpose of http/2 is to allow siumultaneous streams, we + * need to dispatch the handling of each stream into a separate worker + * thread, keeping this thread open for sending responses back as + * soon as they arrive. + * At the same time, we need to continue reading new frames from + * our client, which may be meta (WINDOWS_UPDATEs, PING, SETTINGS) or + * new streams. + * + * As long as we have streams open in this session, we cannot really rest + * since there are two conditions to wait on: 1. new data from the client, + * 2. new data from the open streams to send back. + * + * Only when we have no more streams open, can we do a blocking read + * on our connection. + * + * TODO: implement graceful GO_AWAY after configurable idle time + */ + + ap_update_child_status_from_conn(session->c->sbh, SERVER_BUSY_READ, + session->c); + + if (APLOGctrace2(session->c)) { + ap_filter_t *filter = session->c->input_filters; + while (filter) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c, + "h2_conn(%ld), has connection filter %s", + session->id, filter->frec->name); + filter = filter->next; + } + } + + status = h2_session_start(session, &rv); + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_session(%ld): starting on %s:%d", session->id, + session->c->base_server->defn_name, + session->c->local_addr->port); + if (status != APR_SUCCESS) { + h2_session_abort(session, status, rv); + h2_session_destroy(session); + return status; + } + + while (!h2_session_is_done(session)) { + int have_written = 0; + int have_read = 0; + int got_streams; + + status = h2_session_write(session, wait_micros); + if (status == APR_SUCCESS) { + have_written = 1; + wait_micros = 0; + } + else if (status == APR_EAGAIN) { + /* nop */ + } + else if (status == APR_TIMEUP) { + wait_micros *= 2; + if (wait_micros > MAX_WAIT_MICROS) { + wait_micros = MAX_WAIT_MICROS; + } + } + else { + ap_log_cerror( APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_session(%ld): writing, terminating", + session->id); + h2_session_abort(session, status, 0); + break; + } + + /* We would like to do blocking reads as often as possible as they + * are more efficient in regard to server resources. + * We can do them under the following circumstances: + * - we have no open streams and therefore have nothing to write + * - we have just started the session and are waiting for the first + * two frames to come in. There will always be at least 2 frames as + * * h2 will send SETTINGS and SETTINGS-ACK + * * h2c will count the header settings as one frame and we + * submit our settings and need the ACK. + */ + got_streams = !h2_stream_set_is_empty(session->streams); + status = h2_session_read(session, + (!got_streams + || session->frames_received <= 1)? + APR_BLOCK_READ : APR_NONBLOCK_READ); + switch (status) { + case APR_SUCCESS: /* successful read, reset our idle timers */ + have_read = 1; + wait_micros = 0; + break; + case APR_EAGAIN: /* non-blocking read, nothing there */ + break; + case APR_EBADF: /* connection is not there any more */ + case APR_EOF: + case APR_ECONNABORTED: + case APR_ECONNRESET: + case APR_TIMEUP: /* blocked read, timed out */ + ap_log_cerror( APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_session(%ld): reading", + session->id); + h2_session_abort(session, status, 0); + break; + default: + ap_log_cerror( APLOG_MARK, APLOG_INFO, status, session->c, + APLOGNO(02950) + "h2_session(%ld): error reading, terminating", + session->id); + h2_session_abort(session, status, 0); + break; + } + + if (!have_read && !have_written + && !h2_stream_set_is_empty(session->streams)) { + /* Nothing to read or write, we have streams, but + * the have no data yet ready to be delivered. Slowly + * back off to give others a chance to do their work. + */ + if (wait_micros == 0) { + wait_micros = 10; + } + } + } + + ap_log_cerror( APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_session(%ld): done", session->id); + + ap_update_child_status_from_conn(session->c->sbh, SERVER_CLOSING, + session->c); + + h2_session_close(session); + h2_session_destroy(session); + + return DONE; +} + + +static void fix_event_conn(conn_rec *c, conn_rec *master); + +/* + * We would like to create the connection more lightweight like + * slave connections in 2.5-DEV. But we get 500 responses on long + * cgi tests in modules/h2.t as the script parsing seems to see an + * EOF from the cgi before anything is sent. + * +conn_rec *h2_conn_create(conn_rec *master, apr_pool_t *pool) +{ + conn_rec *c = (conn_rec *) apr_palloc(pool, sizeof(conn_rec)); + + memcpy(c, master, sizeof(conn_rec)); + c->id = (master->id & (long)pool); + c->slaves = NULL; + c->master = master; + c->input_filters = NULL; + c->output_filters = NULL; + c->pool = pool; + + return c; +} +*/ + +conn_rec *h2_conn_create(conn_rec *master, apr_pool_t *pool) +{ + apr_socket_t *socket; + conn_rec *c; + + AP_DEBUG_ASSERT(master); + + /* CAVEAT: it seems necessary to setup the conn_rec in the master + * connection thread. Other attempts crashed. + * HOWEVER: we setup the connection using the pools and other items + * from the master connection, since we do not want to allocate + * lots of resources here. + * Lets allocated pools and everything else when we actually start + * working on this new connection. + */ + /* Not sure about the scoreboard handle. Reusing the one from the main + * connection could make sense, is not really correct, but we cannot + * easily create new handles for our worker threads either. + * TODO + */ + socket = ap_get_module_config(master->conn_config, &core_module); + c = ap_run_create_connection(pool, master->base_server, + socket, + master->id^((long)pool), + master->sbh, + master->bucket_alloc); + if (c == NULL) { + ap_log_perror(APLOG_MARK, APLOG_ERR, APR_ENOMEM, pool, + APLOGNO(02913) "h2_task: creating conn"); + return NULL; + } + return c; +} + +apr_status_t h2_conn_setup(h2_task_env *env, struct h2_worker *worker) +{ + conn_rec *master = env->mplx->c; + + ap_log_perror(APLOG_MARK, APLOG_TRACE3, 0, env->pool, + "h2_conn(%ld): created from master", master->id); + + /* Ok, we are just about to start processing the connection and + * the worker is calling us to setup all necessary resources. + * We can borrow some from the worker itself and some we do as + * sub-resources from it, so that we get a nice reuse of + * pools. + */ + env->c.pool = env->pool; + env->c.bucket_alloc = h2_worker_get_bucket_alloc(worker); + env->c.current_thread = h2_worker_get_thread(worker); + + env->c.conn_config = ap_create_conn_config(env->pool); + env->c.notes = apr_table_make(env->pool, 5); + + ap_set_module_config(env->c.conn_config, &core_module, + h2_worker_get_socket(worker)); + + /* If we serve http:// requests over a TLS connection, we do + * not want any mod_ssl vars to be visible. + */ + if (ssl_module && (!env->scheme || strcmp("http", env->scheme))) { + /* See #19, there is a range of SSL variables to be gotten from + * the main connection that should be available in request handlers + */ + void *sslcfg = ap_get_module_config(master->conn_config, ssl_module); + if (sslcfg) { + ap_set_module_config(env->c.conn_config, ssl_module, sslcfg); + } + } + + /* This works for mpm_worker so far. Other mpm modules have + * different needs, unfortunately. The most interesting one + * being mpm_event... + */ + switch (h2_conn_mpm_type()) { + case H2_MPM_WORKER: + /* all fine */ + break; + case H2_MPM_EVENT: + fix_event_conn(&env->c, master); + break; + default: + /* fingers crossed */ + break; + } + + /* TODO: we simulate that we had already a request on this connection. + * This keeps the mod_ssl SNI vs. Host name matcher from answering + * 400 Bad Request + * when names do not match. We prefer a predictable 421 status. + */ + env->c.keepalives = 1; + + return APR_SUCCESS; +} + +apr_status_t h2_conn_post(conn_rec *c, h2_worker *worker) +{ + (void)worker; + + /* be sure no one messes with this any more */ + memset(c, 0, sizeof(*c)); + return APR_SUCCESS; +} + +apr_status_t h2_conn_process(conn_rec *c, apr_socket_t *socket) +{ + AP_DEBUG_ASSERT(c); + + c->clogging_input_filters = 1; + ap_process_connection(c, socket); + + return APR_SUCCESS; +} + +/* This is an internal mpm event.c struct which is disguised + * as a conn_state_t so that mpm_event can have special connection + * state information without changing the struct seen on the outside. + * + * For our task connections we need to create a new beast of this type + * and fill it with enough meaningful things that mpm_event reads and + * starts processing out task request. + */ +typedef struct event_conn_state_t event_conn_state_t; +struct event_conn_state_t { + /** APR_RING of expiration timeouts */ + APR_RING_ENTRY(event_conn_state_t) timeout_list; + /** the expiration time of the next keepalive timeout */ + apr_time_t expiration_time; + /** connection record this struct refers to */ + conn_rec *c; + /** request record (if any) this struct refers to */ + request_rec *r; + /** is the current conn_rec suspended? (disassociated with + * a particular MPM thread; for suspend_/resume_connection + * hooks) + */ + int suspended; + /** memory pool to allocate from */ + apr_pool_t *p; + /** bucket allocator */ + apr_bucket_alloc_t *bucket_alloc; + /** poll file descriptor information */ + apr_pollfd_t pfd; + /** public parts of the connection state */ + conn_state_t pub; +}; +APR_RING_HEAD(timeout_head_t, event_conn_state_t); + +static void fix_event_conn(conn_rec *c, conn_rec *master) +{ + event_conn_state_t *master_cs = ap_get_module_config(master->conn_config, + h2_conn_mpm_module()); + event_conn_state_t *cs = apr_pcalloc(c->pool, sizeof(event_conn_state_t)); + cs->bucket_alloc = apr_bucket_alloc_create(c->pool); + + ap_set_module_config(c->conn_config, h2_conn_mpm_module(), cs); + + cs->c = c; + cs->r = NULL; + cs->p = master_cs->p; + cs->pfd = master_cs->pfd; + cs->pub = master_cs->pub; + cs->pub.state = CONN_STATE_READ_REQUEST_LINE; + + c->cs = &(cs->pub); +} + diff --git a/modules/http2/h2_conn.h b/modules/http2/h2_conn.h new file mode 100644 index 00000000..49a70db8 --- /dev/null +++ b/modules/http2/h2_conn.h @@ -0,0 +1,60 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_conn__ +#define __mod_h2__h2_conn__ + +struct h2_task; +struct h2_task_env; +struct h2_worker; + +/* Process the connection that is now starting the HTTP/2 + * conversation. Return when the HTTP/2 session is done + * and the connection will close. + */ +apr_status_t h2_conn_main(conn_rec *c); + +/* Process the request that has been upgraded to a HTTP/2 + * conversation. Return when the HTTP/2 session is done + * and the connection will close. + */ +apr_status_t h2_conn_rprocess(request_rec *r); + +/* Initialize this child process for h2 connection work, + * to be called once during child init before multi processing + * starts. + */ +apr_status_t h2_conn_child_init(apr_pool_t *pool, server_rec *s); + + +typedef enum { + H2_MPM_UNKNOWN, + H2_MPM_WORKER, + H2_MPM_EVENT, + H2_MPM_PREFORK, +} h2_mpm_type_t; + +/* Returns the type of MPM module detected */ +h2_mpm_type_t h2_conn_mpm_type(void); + + +conn_rec *h2_conn_create(conn_rec *master, apr_pool_t *stream_pool); + +apr_status_t h2_conn_setup(struct h2_task_env *env, struct h2_worker *worker); +apr_status_t h2_conn_post(conn_rec *c, struct h2_worker *worker); + +apr_status_t h2_conn_process(conn_rec *c, apr_socket_t *socket); + +#endif /* defined(__mod_h2__h2_conn__) */ diff --git a/modules/http2/h2_conn_io.c b/modules/http2/h2_conn_io.c new file mode 100644 index 00000000..08d00a4f --- /dev/null +++ b/modules/http2/h2_conn_io.c @@ -0,0 +1,312 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_config.h" +#include "h2_conn_io.h" +#include "h2_h2.h" +#include "h2_util.h" + +#define WRITE_BUFFER_SIZE (64*1024) +#define WRITE_SIZE_INITIAL 1300 +#define WRITE_SIZE_MAX (16*1024) +#define WRITE_SIZE_IDLE_USEC (1*APR_USEC_PER_SEC) +#define WRITE_SIZE_THRESHOLD (1*1024*1024) + +apr_status_t h2_conn_io_init(h2_conn_io *io, conn_rec *c) +{ + io->connection = c; + io->input = apr_brigade_create(c->pool, c->bucket_alloc); + io->output = apr_brigade_create(c->pool, c->bucket_alloc); + io->buflen = 0; + /* That is where we start with, + * see https://issues.apache.org/jira/browse/TS-2503 */ + io->write_size = WRITE_SIZE_INITIAL; + io->last_write = 0; + io->buffer_output = h2_h2_is_tls(c); + + /* Currently we buffer only for TLS output. The reason this gives + * improved performance is that buckets send to the mod_ssl network + * filter will be encrypted in chunks. There is a special filter + * that tries to aggregate data, but that does not work well when + * bucket sizes alternate between tiny frame headers and large data + * chunks. + */ + if (io->buffer_output) { + io->bufsize = WRITE_BUFFER_SIZE; + io->buffer = apr_pcalloc(c->pool, io->bufsize); + } + else { + io->bufsize = 0; + } + + return APR_SUCCESS; +} + +void h2_conn_io_destroy(h2_conn_io *io) +{ + io->input = NULL; + io->output = NULL; +} + +static apr_status_t h2_conn_io_bucket_read(h2_conn_io *io, + apr_read_type_e block, + h2_conn_io_on_read_cb on_read_cb, + void *puser, int *pdone) +{ + apr_status_t status = APR_SUCCESS; + apr_size_t readlen = 0; + *pdone = 0; + + while (status == APR_SUCCESS && !*pdone + && !APR_BRIGADE_EMPTY(io->input)) { + + apr_bucket* bucket = APR_BRIGADE_FIRST(io->input); + if (APR_BUCKET_IS_METADATA(bucket)) { + /* we do nothing regarding any meta here */ + } + else { + const char *bucket_data = NULL; + apr_size_t bucket_length = 0; + status = apr_bucket_read(bucket, &bucket_data, + &bucket_length, block); + + if (status == APR_SUCCESS && bucket_length > 0) { + if (APLOGctrace2(io->connection)) { + char buffer[32]; + h2_util_hex_dump(buffer, sizeof(buffer)/sizeof(buffer[0]), + bucket_data, bucket_length); + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, io->connection, + "h2_conn_io(%ld): read %d bytes: %s", + io->connection->id, (int)bucket_length, buffer); + } + + if (bucket_length > 0) { + apr_size_t consumed = 0; + status = on_read_cb(bucket_data, bucket_length, + &consumed, pdone, puser); + if (status == APR_SUCCESS && bucket_length > consumed) { + /* We have data left in the bucket. Split it. */ + status = apr_bucket_split(bucket, consumed); + } + readlen += consumed; + } + } + } + apr_bucket_delete(bucket); + } + if (readlen == 0 && status == APR_SUCCESS && block == APR_NONBLOCK_READ) { + return APR_EAGAIN; + } + return status; +} + +apr_status_t h2_conn_io_read(h2_conn_io *io, + apr_read_type_e block, + h2_conn_io_on_read_cb on_read_cb, + void *puser) +{ + apr_status_t status; + int done = 0; + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, io->connection, + "h2_conn_io: try read, block=%d", block); + + if (!APR_BRIGADE_EMPTY(io->input)) { + /* Seems something is left from a previous read, lets + * satisfy our caller with the data we already have. */ + status = h2_conn_io_bucket_read(io, block, on_read_cb, puser, &done); + if (status != APR_SUCCESS || done) { + return status; + } + apr_brigade_cleanup(io->input); + } + + /* We only do a blocking read when we have no streams to process. So, + * in httpd scoreboard lingo, we are in a KEEPALIVE connection state. + * When reading non-blocking, we do have streams to process and update + * child with NULL request. That way, any current request information + * in the scoreboard is preserved. + */ + if (block == APR_BLOCK_READ) { + ap_update_child_status_from_conn(io->connection->sbh, + SERVER_BUSY_KEEPALIVE, + io->connection); + } + else { + ap_update_child_status(io->connection->sbh, SERVER_BUSY_READ, NULL); + } + + status = ap_get_brigade(io->connection->input_filters, + io->input, AP_MODE_READBYTES, + block, 16 * 4096); + switch (status) { + case APR_SUCCESS: + return h2_conn_io_bucket_read(io, block, on_read_cb, puser, &done); + case APR_EOF: + case APR_EAGAIN: + break; + default: + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, io->connection, + "h2_conn_io: error reading"); + break; + } + return status; +} + +static apr_status_t flush_out(apr_bucket_brigade *bb, void *ctx) +{ + h2_conn_io *io = (h2_conn_io*)ctx; + apr_status_t status; + apr_off_t bblen; + + ap_update_child_status(io->connection->sbh, SERVER_BUSY_WRITE, NULL); + status = apr_brigade_length(bb, 1, &bblen); + if (status == APR_SUCCESS) { + status = ap_pass_brigade(io->connection->output_filters, bb); + if (status == APR_SUCCESS) { + io->bytes_written += (apr_size_t)bblen; + io->last_write = apr_time_now(); + } + apr_brigade_cleanup(bb); + } + return status; +} + +static apr_status_t bucketeer_buffer(h2_conn_io *io) { + const char *data = io->buffer; + apr_size_t remaining = io->buflen; + apr_bucket *b; + int bcount, i; + + if (io->write_size > WRITE_SIZE_INITIAL + && (apr_time_now() - io->last_write) >= WRITE_SIZE_IDLE_USEC) { + /* long time not written, reset write size */ + io->write_size = WRITE_SIZE_INITIAL; + io->bytes_written = 0; + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, io->connection, + "h2_conn_io(%ld): timeout write size reset to %ld", + (long)io->connection->id, (long)io->write_size); + } + else if (io->write_size < WRITE_SIZE_MAX + && io->bytes_written >= WRITE_SIZE_THRESHOLD) { + /* connection is hot, use max size */ + io->write_size = WRITE_SIZE_MAX; + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, io->connection, + "h2_conn_io(%ld): threshold reached, write size now %ld", + (long)io->connection->id, (long)io->write_size); + } + + bcount = (int)(remaining / io->write_size); + for (i = 0; i < bcount; ++i) { + b = apr_bucket_transient_create(data, io->write_size, + io->output->bucket_alloc); + APR_BRIGADE_INSERT_TAIL(io->output, b); + data += io->write_size; + remaining -= io->write_size; + } + + if (remaining > 0) { + b = apr_bucket_transient_create(data, remaining, + io->output->bucket_alloc); + APR_BRIGADE_INSERT_TAIL(io->output, b); + } + return APR_SUCCESS; +} + +apr_status_t h2_conn_io_write(h2_conn_io *io, + const char *buf, size_t length) +{ + apr_status_t status = APR_SUCCESS; + io->unflushed = 1; + + if (io->buffer_output) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, io->connection, + "h2_conn_io: buffering %ld bytes", (long)length); + while (length > 0 && (status == APR_SUCCESS)) { + apr_size_t avail = io->bufsize - io->buflen; + if (avail <= 0) { + bucketeer_buffer(io); + status = flush_out(io->output, io); + io->buflen = 0; + } + else if (length > avail) { + memcpy(io->buffer + io->buflen, buf, avail); + io->buflen += avail; + length -= avail; + buf += avail; + } + else { + memcpy(io->buffer + io->buflen, buf, length); + io->buflen += length; + length = 0; + break; + } + } + + } + else { + status = apr_brigade_write(io->output, flush_out, io, buf, length); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, io->connection, + "h2_conn_io: write error"); + } + } + + return status; +} + + +apr_status_t h2_conn_io_flush(h2_conn_io *io) +{ + if (io->unflushed) { + apr_status_t status; + if (io->buflen > 0) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, io->connection, + "h2_conn_io: flush, flushing %ld bytes", (long)io->buflen); + bucketeer_buffer(io); + io->buflen = 0; + } + /* Append flush. + */ + APR_BRIGADE_INSERT_TAIL(io->output, + apr_bucket_flush_create(io->output->bucket_alloc)); + + /* Send it out through installed filters (TLS) to the client */ + status = flush_out(io->output, io); + + if (status == APR_SUCCESS) { + /* These are all fine and no reason for concern. Everything else + * is interesting. */ + io->unflushed = 0; + } + else { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, io->connection, + "h2_conn_io: flush error"); + } + + return status; + } + return APR_SUCCESS; +} + diff --git a/modules/http2/h2_conn_io.h b/modules/http2/h2_conn_io.h new file mode 100644 index 00000000..084445ef --- /dev/null +++ b/modules/http2/h2_conn_io.h @@ -0,0 +1,58 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_conn_io__ +#define __mod_h2__h2_conn_io__ + +/* h2_io is the basic handler of a httpd connection. It keeps two brigades, + * one for input, one for output and works with the installed connection + * filters. + * The read is done via a callback function, so that input can be processed + * directly without copying. + */ +typedef struct { + conn_rec *connection; + apr_bucket_brigade *input; + apr_bucket_brigade *output; + int buffer_output; + int write_size; + apr_time_t last_write; + apr_size_t bytes_written; + + char *buffer; + apr_size_t buflen; + apr_size_t bufsize; + int unflushed; +} h2_conn_io; + +apr_status_t h2_conn_io_init(h2_conn_io *io, conn_rec *c); +void h2_conn_io_destroy(h2_conn_io *io); + +typedef apr_status_t (*h2_conn_io_on_read_cb)(const char *data, apr_size_t len, + apr_size_t *readlen, int *done, + void *puser); + +apr_status_t h2_conn_io_read(h2_conn_io *io, + apr_read_type_e block, + h2_conn_io_on_read_cb on_read_cb, + void *puser); + +apr_status_t h2_conn_io_write(h2_conn_io *io, + const char *buf, + size_t length); + +apr_status_t h2_conn_io_flush(h2_conn_io *io); + +#endif /* defined(__mod_h2__h2_conn_io__) */ diff --git a/modules/http2/h2_ctx.c b/modules/http2/h2_ctx.c new file mode 100644 index 00000000..422835c2 --- /dev/null +++ b/modules/http2/h2_ctx.c @@ -0,0 +1,90 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include + +#include "h2_private.h" +#include "h2_task.h" +#include "h2_ctx.h" +#include "h2_private.h" + +static h2_ctx *h2_ctx_create(const conn_rec *c) +{ + h2_ctx *ctx = apr_pcalloc(c->pool, sizeof(h2_ctx)); + AP_DEBUG_ASSERT(ctx); + ap_set_module_config(c->conn_config, &http2_module, ctx); + return ctx; +} + +h2_ctx *h2_ctx_create_for(const conn_rec *c, h2_task_env *env) +{ + h2_ctx *ctx = h2_ctx_create(c); + if (ctx) { + ctx->task_env = env; + } + return ctx; +} + +h2_ctx *h2_ctx_get(const conn_rec *c) +{ + h2_ctx *ctx = (h2_ctx*)ap_get_module_config(c->conn_config, &http2_module); + if (ctx == NULL) { + ctx = h2_ctx_create(c); + } + return ctx; +} + +h2_ctx *h2_ctx_rget(const request_rec *r) +{ + return h2_ctx_get(r->connection); +} + +const char *h2_ctx_protocol_get(const conn_rec *c) +{ + h2_ctx *ctx = (h2_ctx*)ap_get_module_config(c->conn_config, &http2_module); + return ctx? ctx->protocol : NULL; +} + +h2_ctx *h2_ctx_protocol_set(h2_ctx *ctx, const char *proto) +{ + ctx->protocol = proto; + ctx->is_h2 = (proto != NULL); + return ctx; +} + +h2_ctx *h2_ctx_server_set(h2_ctx *ctx, server_rec *s) +{ + ctx->server = s; + return ctx; +} + +int h2_ctx_is_task(h2_ctx *ctx) +{ + return ctx && !!ctx->task_env; +} + +int h2_ctx_is_active(h2_ctx *ctx) +{ + return ctx && ctx->is_h2; +} + +struct h2_task_env *h2_ctx_get_task(h2_ctx *ctx) +{ + return ctx->task_env; +} diff --git a/modules/http2/h2_ctx.h b/modules/http2/h2_ctx.h new file mode 100644 index 00000000..86c59206 --- /dev/null +++ b/modules/http2/h2_ctx.h @@ -0,0 +1,63 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_ctx__ +#define __mod_h2__h2_ctx__ + +struct h2_task_env; +struct h2_config; + +/** + * The h2 module context associated with a connection. + * + * It keeps track of the different types of connections: + * - those from clients that use HTTP/2 protocol + * - those from clients that do not use HTTP/2 + * - those created by ourself to perform work on HTTP/2 streams + */ +typedef struct h2_ctx { + int is_h2; /* h2 engine is used */ + const char *protocol; /* the protocol negotiated */ + struct h2_task_env *task_env; /* the h2_task environment or NULL */ + const char *hostname; /* hostname negotiated via SNI, optional */ + server_rec *server; /* httpd server config selected. */ + struct h2_config *config; /* effective config in this context */ +} h2_ctx; + +h2_ctx *h2_ctx_get(const conn_rec *c); +h2_ctx *h2_ctx_rget(const request_rec *r); +h2_ctx *h2_ctx_create_for(const conn_rec *c, struct h2_task_env *env); + + +/* Set the h2 protocol established on this connection context or + * NULL when other protocols are in place. + */ +h2_ctx *h2_ctx_protocol_set(h2_ctx *ctx, const char *proto); + +/* Set the server_rec relevant for this context. + */ +h2_ctx *h2_ctx_server_set(h2_ctx *ctx, server_rec *s); + +/** + * Get the h2 protocol negotiated for this connection, or NULL. + */ +const char *h2_ctx_protocol_get(const conn_rec *c); + +int h2_ctx_is_task(h2_ctx *ctx); +int h2_ctx_is_active(h2_ctx *ctx); + +struct h2_task_env *h2_ctx_get_task(h2_ctx *ctx); + +#endif /* defined(__mod_h2__h2_ctx__) */ diff --git a/modules/http2/h2_from_h1.c b/modules/http2/h2_from_h1.c new file mode 100644 index 00000000..be11f5c3 --- /dev/null +++ b/modules/http2/h2_from_h1.c @@ -0,0 +1,570 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_response.h" +#include "h2_from_h1.h" +#include "h2_task.h" +#include "h2_task_output.h" +#include "h2_util.h" + + +static void set_state(h2_from_h1 *from_h1, h2_from_h1_state_t state); + +h2_from_h1 *h2_from_h1_create(int stream_id, apr_pool_t *pool) +{ + h2_from_h1 *from_h1 = apr_pcalloc(pool, sizeof(h2_from_h1)); + if (from_h1) { + from_h1->stream_id = stream_id; + from_h1->pool = pool; + from_h1->state = H2_RESP_ST_STATUS_LINE; + from_h1->hlines = apr_array_make(pool, 10, sizeof(char *)); + } + return from_h1; +} + +apr_status_t h2_from_h1_destroy(h2_from_h1 *from_h1) +{ + if (from_h1->response) { + h2_response_destroy(from_h1->response); + from_h1->response = NULL; + } + from_h1->bb = NULL; + return APR_SUCCESS; +} + +h2_from_h1_state_t h2_from_h1_get_state(h2_from_h1 *from_h1) +{ + return from_h1->state; +} + +static void set_state(h2_from_h1 *from_h1, h2_from_h1_state_t state) +{ + if (from_h1->state != state) { + from_h1->state = state; + } +} + +h2_response *h2_from_h1_get_response(h2_from_h1 *from_h1) +{ + return from_h1->response; +} + +static apr_status_t make_h2_headers(h2_from_h1 *from_h1, request_rec *r) +{ + from_h1->response = h2_response_create(from_h1->stream_id, + from_h1->status, from_h1->hlines, + from_h1->pool); + if (from_h1->response == NULL) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EINVAL, r->connection, + APLOGNO(02915) + "h2_from_h1(%d): unable to create resp_head", + from_h1->stream_id); + return APR_EINVAL; + } + from_h1->content_length = from_h1->response->content_length; + from_h1->chunked = r->chunked; + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection, + "h2_from_h1(%d): converted headers, content-length: %d" + ", chunked=%d", + from_h1->stream_id, (int)from_h1->content_length, + (int)from_h1->chunked); + + set_state(from_h1, ((from_h1->chunked || from_h1->content_length > 0)? + H2_RESP_ST_BODY : H2_RESP_ST_DONE)); + /* We are ready to be sent to the client */ + return APR_SUCCESS; +} + +static apr_status_t parse_header(h2_from_h1 *from_h1, ap_filter_t* f, + char *line) { + (void)f; + + if (line[0] == ' ' || line[0] == '\t') { + char **plast; + /* continuation line from the header before this */ + while (line[0] == ' ' || line[0] == '\t') { + ++line; + } + + plast = apr_array_pop(from_h1->hlines); + if (plast == NULL) { + /* not well formed */ + return APR_EINVAL; + } + APR_ARRAY_PUSH(from_h1->hlines, const char*) = apr_psprintf(from_h1->pool, "%s %s", *plast, line); + } + else { + /* new header line */ + APR_ARRAY_PUSH(from_h1->hlines, const char*) = apr_pstrdup(from_h1->pool, line); + } + return APR_SUCCESS; +} + +static apr_status_t get_line(h2_from_h1 *from_h1, apr_bucket_brigade *bb, + ap_filter_t* f, char *line, apr_size_t len) +{ + apr_status_t status; + if (!from_h1->bb) { + from_h1->bb = apr_brigade_create(from_h1->pool, f->c->bucket_alloc); + } + else { + apr_brigade_cleanup(from_h1->bb); + } + status = apr_brigade_split_line(from_h1->bb, bb, + APR_BLOCK_READ, + HUGE_STRING_LEN); + if (status == APR_SUCCESS) { + --len; + status = apr_brigade_flatten(from_h1->bb, line, &len); + if (status == APR_SUCCESS) { + /* we assume a non-0 containing line and remove + * trailing crlf. */ + line[len] = '\0'; + if (len >= 2 && !strcmp(H2_CRLF, line + len - 2)) { + len -= 2; + line[len] = '\0'; + } + + apr_brigade_cleanup(from_h1->bb); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_from_h1(%d): read line: %s", + from_h1->stream_id, line); + } + } + return status; +} + +apr_status_t h2_from_h1_read_response(h2_from_h1 *from_h1, ap_filter_t* f, + apr_bucket_brigade* bb) +{ + apr_status_t status = APR_SUCCESS; + char line[HUGE_STRING_LEN]; + + if ((from_h1->state == H2_RESP_ST_BODY) + || (from_h1->state == H2_RESP_ST_DONE)) { + if (from_h1->chunked) { + /* The httpd core HTTP_HEADER filter has or will install the + * "CHUNK" output transcode filter, which appears further down + * the filter chain. We do not want it for HTTP/2. + * Once we successfully deinstalled it, this filter has no + * further function and we remove it. + */ + status = ap_remove_output_filter_byhandle(f->r->output_filters, + "CHUNK"); + if (status == APR_SUCCESS) { + ap_remove_output_filter(f); + } + } + + return ap_pass_brigade(f->next, bb); + } + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_from_h1(%d): read_response", from_h1->stream_id); + + while (!APR_BRIGADE_EMPTY(bb) && status == APR_SUCCESS) { + + switch (from_h1->state) { + + case H2_RESP_ST_STATUS_LINE: + case H2_RESP_ST_HEADERS: + status = get_line(from_h1, bb, f, line, sizeof(line)); + if (status != APR_SUCCESS) { + return status; + } + if (from_h1->state == H2_RESP_ST_STATUS_LINE) { + /* instead of parsing, just take it directly */ + from_h1->status = apr_psprintf(from_h1->pool, + "%d", f->r->status); + from_h1->state = H2_RESP_ST_HEADERS; + } + else if (line[0] == '\0') { + /* end of headers, create the h2_response and + * pass the rest of the brigade down the filter + * chain. + */ + status = make_h2_headers(from_h1, f->r); + if (from_h1->bb) { + apr_brigade_destroy(from_h1->bb); + from_h1->bb = NULL; + } + if (!APR_BRIGADE_EMPTY(bb)) { + return ap_pass_brigade(f->next, bb); + } + } + else { + status = parse_header(from_h1, f, line); + } + break; + + default: + return ap_pass_brigade(f->next, bb); + } + + } + + return status; +} + +/* This routine is called by apr_table_do and merges all instances of + * the passed field values into a single array that will be further + * processed by some later routine. Originally intended to help split + * and recombine multiple Vary fields, though it is generic to any field + * consisting of comma/space-separated tokens. + */ +static int uniq_field_values(void *d, const char *key, const char *val) +{ + apr_array_header_t *values; + char *start; + char *e; + char **strpp; + int i; + + (void)key; + values = (apr_array_header_t *)d; + + e = apr_pstrdup(values->pool, val); + + do { + /* Find a non-empty fieldname */ + + while (*e == ',' || apr_isspace(*e)) { + ++e; + } + if (*e == '\0') { + break; + } + start = e; + while (*e != '\0' && *e != ',' && !apr_isspace(*e)) { + ++e; + } + if (*e != '\0') { + *e++ = '\0'; + } + + /* Now add it to values if it isn't already represented. + * Could be replaced by a ap_array_strcasecmp() if we had one. + */ + for (i = 0, strpp = (char **) values->elts; i < values->nelts; + ++i, ++strpp) { + if (*strpp && strcasecmp(*strpp, start) == 0) { + break; + } + } + if (i == values->nelts) { /* if not found */ + *(char **)apr_array_push(values) = start; + } + } while (*e != '\0'); + + return 1; +} + +/* + * Since some clients choke violently on multiple Vary fields, or + * Vary fields with duplicate tokens, combine any multiples and remove + * any duplicates. + */ +static void fix_vary(request_rec *r) +{ + apr_array_header_t *varies; + + varies = apr_array_make(r->pool, 5, sizeof(char *)); + + /* Extract all Vary fields from the headers_out, separate each into + * its comma-separated fieldname values, and then add them to varies + * if not already present in the array. + */ + apr_table_do((int (*)(void *, const char *, const char *))uniq_field_values, + (void *) varies, r->headers_out, "Vary", NULL); + + /* If we found any, replace old Vary fields with unique-ified value */ + + if (varies->nelts > 0) { + apr_table_setn(r->headers_out, "Vary", + apr_array_pstrcat(r->pool, varies, ',')); + } +} + +static void set_basic_http_header(request_rec *r, apr_table_t *headers) +{ + char *date = NULL; + const char *proxy_date = NULL; + const char *server = NULL; + const char *us = ap_get_server_banner(); + + /* + * keep the set-by-proxy server and date headers, otherwise + * generate a new server header / date header + */ + if (r->proxyreq != PROXYREQ_NONE) { + proxy_date = apr_table_get(r->headers_out, "Date"); + if (!proxy_date) { + /* + * proxy_date needs to be const. So use date for the creation of + * our own Date header and pass it over to proxy_date later to + * avoid a compiler warning. + */ + date = apr_palloc(r->pool, APR_RFC822_DATE_LEN); + ap_recent_rfc822_date(date, r->request_time); + } + server = apr_table_get(r->headers_out, "Server"); + } + else { + date = apr_palloc(r->pool, APR_RFC822_DATE_LEN); + ap_recent_rfc822_date(date, r->request_time); + } + + apr_table_setn(headers, "Date", proxy_date ? proxy_date : date ); + apr_table_unset(r->headers_out, "Date"); + + if (!server && *us) { + server = us; + } + if (server) { + apr_table_setn(headers, "Server", server); + apr_table_unset(r->headers_out, "Server"); + } +} + +static int copy_header(void *ctx, const char *name, const char *value) +{ + apr_table_t *headers = ctx; + + apr_table_addn(headers, name, value); + return 1; +} + +static h2_response *create_response(h2_from_h1 *from_h1, request_rec *r) +{ + const char *clheader; + const char *ctype; + apr_table_t *headers; + /* + * Now that we are ready to send a response, we need to combine the two + * header field tables into a single table. If we don't do this, our + * later attempts to set or unset a given fieldname might be bypassed. + */ + if (!apr_is_empty_table(r->err_headers_out)) { + r->headers_out = apr_table_overlay(r->pool, r->err_headers_out, + r->headers_out); + } + + /* + * Remove the 'Vary' header field if the client can't handle it. + * Since this will have nasty effects on HTTP/1.1 caches, force + * the response into HTTP/1.0 mode. + */ + if (apr_table_get(r->subprocess_env, "force-no-vary") != NULL) { + apr_table_unset(r->headers_out, "Vary"); + r->proto_num = HTTP_VERSION(1,0); + apr_table_setn(r->subprocess_env, "force-response-1.0", "1"); + } + else { + fix_vary(r); + } + + /* + * Now remove any ETag response header field if earlier processing + * says so (such as a 'FileETag None' directive). + */ + if (apr_table_get(r->notes, "no-etag") != NULL) { + apr_table_unset(r->headers_out, "ETag"); + } + + /* determine the protocol and whether we should use keepalives. */ + ap_set_keepalive(r); + + if (r->chunked) { + apr_table_unset(r->headers_out, "Content-Length"); + } + + ctype = ap_make_content_type(r, r->content_type); + if (ctype) { + apr_table_setn(r->headers_out, "Content-Type", ctype); + } + + if (r->content_encoding) { + apr_table_setn(r->headers_out, "Content-Encoding", + r->content_encoding); + } + + if (!apr_is_empty_array(r->content_languages)) { + int i; + char *token; + char **languages = (char **)(r->content_languages->elts); + const char *field = apr_table_get(r->headers_out, "Content-Language"); + + while (field && (token = ap_get_list_item(r->pool, &field)) != NULL) { + for (i = 0; i < r->content_languages->nelts; ++i) { + if (!strcasecmp(token, languages[i])) + break; + } + if (i == r->content_languages->nelts) { + *((char **) apr_array_push(r->content_languages)) = token; + } + } + + field = apr_array_pstrcat(r->pool, r->content_languages, ','); + apr_table_setn(r->headers_out, "Content-Language", field); + } + + /* + * Control cachability for non-cachable responses if not already set by + * some other part of the server configuration. + */ + if (r->no_cache && !apr_table_get(r->headers_out, "Expires")) { + char *date = apr_palloc(r->pool, APR_RFC822_DATE_LEN); + ap_recent_rfc822_date(date, r->request_time); + apr_table_addn(r->headers_out, "Expires", date); + } + + /* This is a hack, but I can't find anyway around it. The idea is that + * we don't want to send out 0 Content-Lengths if it is a head request. + * This happens when modules try to outsmart the server, and return + * if they see a HEAD request. Apache 1.3 handlers were supposed to + * just return in that situation, and the core handled the HEAD. In + * 2.0, if a handler returns, then the core sends an EOS bucket down + * the filter stack, and the content-length filter computes a C-L of + * zero and that gets put in the headers, and we end up sending a + * zero C-L to the client. We can't just remove the C-L filter, + * because well behaved 2.0 handlers will send their data down the stack, + * and we will compute a real C-L for the head request. RBB + */ + if (r->header_only + && (clheader = apr_table_get(r->headers_out, "Content-Length")) + && !strcmp(clheader, "0")) { + apr_table_unset(r->headers_out, "Content-Length"); + } + + headers = apr_table_make(r->pool, 10); + + set_basic_http_header(r, headers); + if (r->status == HTTP_NOT_MODIFIED) { + apr_table_do((int (*)(void *, const char *, const char *)) copy_header, + (void *) headers, r->headers_out, + "ETag", + "Content-Location", + "Expires", + "Cache-Control", + "Vary", + "Warning", + "WWW-Authenticate", + "Proxy-Authenticate", + "Set-Cookie", + "Set-Cookie2", + NULL); + } + else { + apr_table_do((int (*)(void *, const char *, const char *)) copy_header, + (void *) headers, r->headers_out, NULL); + } + + return h2_response_rcreate(from_h1->stream_id, r, headers, r->pool); +} + +apr_status_t h2_response_output_filter(ap_filter_t *f, apr_bucket_brigade *bb) +{ + h2_task_env *env = f->ctx; + h2_from_h1 *from_h1 = env->output? env->output->from_h1 : NULL; + request_rec *r = f->r; + apr_bucket *b; + ap_bucket_error *eb = NULL; + + AP_DEBUG_ASSERT(from_h1 != NULL); + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_from_h1(%d): output_filter called", from_h1->stream_id); + + if (r->header_only && env->output && from_h1->response) { + /* throw away any data after we have compiled the response */ + apr_brigade_cleanup(bb); + return OK; + } + + for (b = APR_BRIGADE_FIRST(bb); + b != APR_BRIGADE_SENTINEL(bb); + b = APR_BUCKET_NEXT(b)) + { + if (AP_BUCKET_IS_ERROR(b) && !eb) { + eb = b->data; + continue; + } + /* + * If we see an EOC bucket it is a signal that we should get out + * of the way doing nothing. + */ + if (AP_BUCKET_IS_EOC(b)) { + ap_remove_output_filter(f); + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, + "h2_from_h1(%d): eoc bucket passed", + from_h1->stream_id); + return ap_pass_brigade(f->next, bb); + } + } + + if (eb) { + int st = eb->status; + apr_brigade_cleanup(bb); + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, + "h2_from_h1(%d): err bucket status=%d", + from_h1->stream_id, st); + ap_die(st, r); + return AP_FILTER_ERROR; + } + + from_h1->response = create_response(from_h1, r); + if (from_h1->response == NULL) { + ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, + "h2_from_h1(%d): unable to create response", + from_h1->stream_id); + return APR_ENOMEM; + } + + if (r->header_only) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_from_h1(%d): header_only, cleanup output brigade", + from_h1->stream_id); + apr_brigade_cleanup(bb); + return OK; + } + + r->sent_bodyct = 1; /* Whatever follows is real body stuff... */ + + ap_remove_output_filter(f); + if (APLOGctrace1(f->c)) { + apr_off_t len = 0; + apr_brigade_length(bb, 0, &len); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_from_h1(%d): removed header filter, passing brigade " + "len=%ld", from_h1->stream_id, (long)len); + } + return ap_pass_brigade(f->next, bb); +} diff --git a/modules/http2/h2_from_h1.h b/modules/http2/h2_from_h1.h new file mode 100644 index 00000000..115a3142 --- /dev/null +++ b/modules/http2/h2_from_h1.h @@ -0,0 +1,82 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_from_h1__ +#define __mod_h2__h2_from_h1__ + +/** + * h2_from_h1 parses a HTTP/1.1 response into + * - response status + * - a list of header values + * - a series of bytes that represent the response body alone, without + * any meta data, such as inserted by chunked transfer encoding. + * + * All data is allocated from the stream memory pool. + * + * Again, see comments in h2_request: ideally we would take the headers + * and status from the httpd structures instead of parsing them here, but + * we need to have all handlers and filters involved in request/response + * processing, so this seems to be the way for now. + */ + +typedef enum { + H2_RESP_ST_STATUS_LINE, /* parsing http/1 status line */ + H2_RESP_ST_HEADERS, /* parsing http/1 response headers */ + H2_RESP_ST_BODY, /* transferring response body */ + H2_RESP_ST_DONE /* complete response converted */ +} h2_from_h1_state_t; + +struct h2_response; + +typedef struct h2_from_h1 h2_from_h1; + +struct h2_from_h1 { + int stream_id; + h2_from_h1_state_t state; + apr_pool_t *pool; + apr_bucket_brigade *bb; + + apr_size_t content_length; + int chunked; + + const char *status; + apr_array_header_t *hlines; + + struct h2_response *response; +}; + + +typedef void h2_from_h1_state_change_cb(struct h2_from_h1 *resp, + h2_from_h1_state_t prevstate, + void *cb_ctx); + +h2_from_h1 *h2_from_h1_create(int stream_id, apr_pool_t *pool); + +apr_status_t h2_from_h1_destroy(h2_from_h1 *response); + +void h2_from_h1_set_state_change_cb(h2_from_h1 *from_h1, + h2_from_h1_state_change_cb *callback, + void *cb_ctx); + +apr_status_t h2_from_h1_read_response(h2_from_h1 *from_h1, + ap_filter_t* f, apr_bucket_brigade* bb); + +struct h2_response *h2_from_h1_get_response(h2_from_h1 *from_h1); + +h2_from_h1_state_t h2_from_h1_get_state(h2_from_h1 *from_h1); + +apr_status_t h2_response_output_filter(ap_filter_t *f, apr_bucket_brigade *bb); + +#endif /* defined(__mod_h2__h2_from_h1__) */ diff --git a/modules/http2/h2_h2.c b/modules/http2/h2_h2.c new file mode 100644 index 00000000..221f5118 --- /dev/null +++ b/modules/http2/h2_h2.c @@ -0,0 +1,232 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" + +#include "h2_stream.h" +#include "h2_task.h" +#include "h2_config.h" +#include "h2_ctx.h" +#include "h2_conn.h" +#include "h2_h2.h" + +const char *h2_tls_protos[] = { + "h2", NULL +}; + +const char *h2_clear_protos[] = { + "h2c", NULL +}; + +const char *H2_MAGIC_TOKEN = "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"; + +/******************************************************************************* + * The optional mod_ssl functions we need. + */ +APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec*)); +APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec*)); + +static int (*opt_ssl_engine_disable)(conn_rec*); +static int (*opt_ssl_is_https)(conn_rec*); +/******************************************************************************* + * Hooks for processing incoming connections: + * - pre_conn_before_tls switches SSL off for stream connections + * - process_conn take over connection in case of h2 + */ +static int h2_h2_process_conn(conn_rec* c); +static int h2_h2_remove_timeout(conn_rec* c); +static int h2_h2_post_read_req(request_rec *r); + + +/******************************************************************************* + * Once per lifetime init, retrieve optional functions + */ +apr_status_t h2_h2_init(apr_pool_t *pool, server_rec *s) +{ + (void)pool; + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "h2_h2, child_init"); + opt_ssl_engine_disable = APR_RETRIEVE_OPTIONAL_FN(ssl_engine_disable); + opt_ssl_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https); + + if (!opt_ssl_is_https) { + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, + APLOGNO(02951) "mod_ssl does not seem to be enabled"); + } + + return APR_SUCCESS; +} + +int h2_h2_is_tls(conn_rec *c) +{ + return opt_ssl_is_https && opt_ssl_is_https(c); +} + +int h2_tls_disable(conn_rec *c) +{ + if (opt_ssl_engine_disable) { + return opt_ssl_engine_disable(c); + } + return 0; +} + +/******************************************************************************* + * Register various hooks + */ +static const char *const mod_reqtimeout[] = { "reqtimeout.c", NULL}; + +void h2_h2_register_hooks(void) +{ + /* When the connection processing actually starts, we might to + * take over, if h2* was selected as protocol. + */ + ap_hook_process_connection(h2_h2_process_conn, + NULL, NULL, APR_HOOK_FIRST); + /* Perform connection cleanup before the actual processing happens. + */ + ap_hook_process_connection(h2_h2_remove_timeout, + mod_reqtimeout, NULL, APR_HOOK_LAST); + + /* With "H2SerializeHeaders On", we install the filter in this hook + * that parses the response. This needs to happen before any other post + * read function terminates the request with an error. Otherwise we will + * never see the response. + */ + ap_hook_post_read_request(h2_h2_post_read_req, NULL, NULL, APR_HOOK_REALLY_FIRST); +} + +int h2_h2_remove_timeout(conn_rec* c) +{ + h2_ctx *ctx = h2_ctx_get(c); + + if (h2_ctx_is_active(ctx) && !h2_ctx_is_task(ctx)) { + /* cleanup on master h2 connections */ + ap_remove_input_filter_byhandle(c->input_filters, "reqtimeout"); + } + + return DECLINED; +} + +int h2_h2_process_conn(conn_rec* c) +{ + h2_ctx *ctx = h2_ctx_get(c); + h2_config *cfg = h2_config_get(c); + apr_bucket_brigade* temp; + int is_tls = h2_h2_is_tls(c); + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_h2, process_conn"); + if (h2_ctx_is_task(ctx)) { + /* our stream pseudo connection */ + return DECLINED; + } + + /* If we have not already switched to a h2* protocol and the connection + * is on "http/1.1" + * -> sniff for the magic PRIamble. On TLS, this might trigger the ALPN. + */ + if (!h2_ctx_protocol_get(c) + && !strcmp(AP_PROTOCOL_HTTP1, ap_get_protocol(c))) { + apr_status_t status; + + temp = apr_brigade_create(c->pool, c->bucket_alloc); + status = ap_get_brigade(c->input_filters, temp, + AP_MODE_SPECULATIVE, APR_BLOCK_READ, 24); + + if (status == APR_SUCCESS) { + if (h2_ctx_protocol_get(c) + || strcmp(AP_PROTOCOL_HTTP1, ap_get_protocol(c))) { + /* h2 or another protocol has been selected. */ + } + else { + /* ALPN might have been triggered, but we're still on + * http/1.1. Check the actual bytes read for the H2 Magic + * Token, *if* H2Direct mode is enabled here. + */ + int direct_mode = h2_config_geti(cfg, H2_CONF_DIRECT); + if (direct_mode > 0 || (direct_mode < 0 && !is_tls)) { + char *s = NULL; + apr_size_t slen; + + apr_brigade_pflatten(temp, &s, &slen, c->pool); + if ((slen >= 24) && !memcmp(H2_MAGIC_TOKEN, s, 24)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, + "h2_h2, direct mode detected"); + h2_ctx_protocol_set(ctx, is_tls? "h2" : "h2c"); + } + else { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, + "h2_h2, not detected in %d bytes: %s", + (int)slen, s); + } + } + } + } + else { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c, + "h2_h2, error reading 24 bytes speculative"); + } + apr_brigade_destroy(temp); + } + + /* If "h2" was selected as protocol (by whatever mechanism), take over + * the connection. + */ + if (h2_ctx_is_active(ctx)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, + "h2_h2, connection, h2 active"); + + return h2_conn_main(c); + } + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_h2, declined"); + return DECLINED; +} + +static int h2_h2_post_read_req(request_rec *r) +{ + h2_ctx *ctx = h2_ctx_rget(r); + struct h2_task_env *env = h2_ctx_get_task(ctx); + if (env) { + /* h2_task connection for a stream, not for h2c */ + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "adding h1_to_h2_resp output filter"); + if (env->serialize_headers) { + ap_remove_output_filter_byhandle(r->output_filters, "H1_TO_H2_RESP"); + ap_add_output_filter("H1_TO_H2_RESP", env, r, r->connection); + } + else { + /* replace the core http filter that formats response headers + * in HTTP/1 with our own that collects status and headers */ + ap_remove_output_filter_byhandle(r->output_filters, "HTTP_HEADER"); + ap_remove_output_filter_byhandle(r->output_filters, "H2_RESPONSE"); + ap_add_output_filter("H2_RESPONSE", env, r, r->connection); + } + } + return DECLINED; +} + + diff --git a/modules/http2/h2_h2.h b/modules/http2/h2_h2.h new file mode 100644 index 00000000..9a1184d8 --- /dev/null +++ b/modules/http2/h2_h2.h @@ -0,0 +1,57 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_h2__ +#define __mod_h2__h2_h2__ + +/** + * List of ALPN protocol identifiers that we suport in cleartext + * negotiations. NULL terminated. + */ +extern const char *h2_clear_protos[]; + +/** + * List of ALPN protocol identifiers that we support in TLS encrypted + * negotiations. NULL terminated. + */ +extern const char *h2_tls_protos[]; + +/** + * The magic PRIamble of RFC 7540 that is always sent when starting + * a h2 communication. + */ +extern const char *H2_MAGIC_TOKEN; + +/* + * One time, post config intialization. + */ +apr_status_t h2_h2_init(apr_pool_t *pool, server_rec *s); + +/* Is the connection a TLS connection? + */ +int h2_h2_is_tls(conn_rec *c); + +/* Disable SSL for this connection, can only be invoked in a pre- + * connection hook before mod_ssl. + * @return != 0 iff disable worked + */ +int h2_tls_disable(conn_rec *c); + +/* Register apache hooks for h2 protocol + */ +void h2_h2_register_hooks(void); + + +#endif /* defined(__mod_h2__h2_h2__) */ diff --git a/modules/http2/h2_io.c b/modules/http2/h2_io.c new file mode 100644 index 00000000..42734430 --- /dev/null +++ b/modules/http2/h2_io.c @@ -0,0 +1,164 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_io.h" +#include "h2_response.h" +#include "h2_util.h" + +h2_io *h2_io_create(int id, apr_pool_t *pool, apr_bucket_alloc_t *bucket_alloc) +{ + h2_io *io = apr_pcalloc(pool, sizeof(*io)); + if (io) { + io->id = id; + io->pool = pool; + io->bbin = NULL; + io->bbout = apr_brigade_create(pool, bucket_alloc); + } + return io; +} + +static void h2_io_cleanup(h2_io *io) +{ + (void)io; +} + +void h2_io_destroy(h2_io *io) +{ + h2_io_cleanup(io); +} + +int h2_io_in_has_eos_for(h2_io *io) +{ + return io->eos_in || (io->bbin && h2_util_has_eos(io->bbin, 0)); +} + +int h2_io_out_has_data(h2_io *io) +{ + return h2_util_bb_has_data_or_eos(io->bbout); +} + +apr_size_t h2_io_out_length(h2_io *io) +{ + if (io->bbout) { + apr_off_t len = 0; + apr_brigade_length(io->bbout, 0, &len); + return (len > 0)? len : 0; + } + return 0; +} + +apr_status_t h2_io_in_read(h2_io *io, apr_bucket_brigade *bb, + apr_size_t maxlen) +{ + apr_off_t start_len = 0; + apr_bucket *last; + apr_status_t status; + + if (!io->bbin || APR_BRIGADE_EMPTY(io->bbin)) { + return io->eos_in? APR_EOF : APR_EAGAIN; + } + + apr_brigade_length(bb, 1, &start_len); + last = APR_BRIGADE_LAST(bb); + status = h2_util_move(bb, io->bbin, maxlen, 0, + "h2_io_in_read"); + if (status == APR_SUCCESS) { + apr_bucket *nlast = APR_BRIGADE_LAST(bb); + apr_off_t end_len = 0; + apr_brigade_length(bb, 1, &end_len); + if (last == nlast) { + return APR_EAGAIN; + } + io->input_consumed += (end_len - start_len); + } + return status; +} + +apr_status_t h2_io_in_write(h2_io *io, apr_bucket_brigade *bb) +{ + if (io->eos_in) { + return APR_EOF; + } + io->eos_in = h2_util_has_eos(bb, 0); + if (!APR_BRIGADE_EMPTY(bb)) { + if (!io->bbin) { + io->bbin = apr_brigade_create(io->bbout->p, + io->bbout->bucket_alloc); + } + return h2_util_move(io->bbin, bb, 0, 0, "h2_io_in_write"); + } + return APR_SUCCESS; +} + +apr_status_t h2_io_in_close(h2_io *io) +{ + if (io->bbin) { + APR_BRIGADE_INSERT_TAIL(io->bbin, + apr_bucket_eos_create(io->bbin->bucket_alloc)); + } + io->eos_in = 1; + return APR_SUCCESS; +} + +apr_status_t h2_io_out_readx(h2_io *io, + h2_io_data_cb *cb, void *ctx, + apr_size_t *plen, int *peos) +{ + if (cb == NULL) { + /* just checking length available */ + return h2_util_bb_avail(io->bbout, plen, peos); + } + return h2_util_bb_readx(io->bbout, cb, ctx, plen, peos); +} + +apr_status_t h2_io_out_write(h2_io *io, apr_bucket_brigade *bb, + apr_size_t maxlen, int *pfile_handles_allowed) +{ + /* Let's move the buckets from the request processing in here, so + * that the main thread can read them when it has time/capacity. + * + * Move at most "maxlen" memory bytes. If buckets remain, it is + * the caller's responsibility to take care of this. + * + * We allow passing of file buckets as long as we do not have too + * many open files already buffered. Otherwise we will run out of + * file handles. + */ + int start_allowed = *pfile_handles_allowed; + apr_status_t status; + status = h2_util_move(io->bbout, bb, maxlen, pfile_handles_allowed, + "h2_io_out_write"); + /* track # file buckets moved into our pool */ + if (start_allowed != *pfile_handles_allowed) { + io->files_handles_owned += (start_allowed - *pfile_handles_allowed); + } + return status; +} + + +apr_status_t h2_io_out_close(h2_io *io) +{ + APR_BRIGADE_INSERT_TAIL(io->bbout, + apr_bucket_eos_create(io->bbout->bucket_alloc)); + return APR_SUCCESS; +} diff --git a/modules/http2/h2_io.h b/modules/http2/h2_io.h new file mode 100644 index 00000000..946ee443 --- /dev/null +++ b/modules/http2/h2_io.h @@ -0,0 +1,126 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_io__ +#define __mod_h2__h2_io__ + +struct h2_response; +struct apr_thread_cond_t; +struct h2_task; + + +typedef apr_status_t h2_io_data_cb(void *ctx, + const char *data, apr_size_t len); + + +typedef struct h2_io h2_io; + +struct h2_io { + int id; /* stream identifier */ + apr_pool_t *pool; /* stream pool */ + apr_bucket_brigade *bbin; /* input data for stream */ + int eos_in; + int task_done; + + apr_size_t input_consumed; /* how many bytes have been read */ + struct apr_thread_cond_t *input_arrived; /* block on reading */ + + apr_bucket_brigade *bbout; /* output data from stream */ + struct apr_thread_cond_t *output_drained; /* block on writing */ + + struct h2_response *response;/* submittable response created */ + int files_handles_owned; +}; + +/******************************************************************************* + * Object lifecycle and information. + ******************************************************************************/ + +/** + * Creates a new h2_io for the given stream id. + */ +h2_io *h2_io_create(int id, apr_pool_t *pool, apr_bucket_alloc_t *bucket_alloc); + +/** + * Frees any resources hold by the h2_io instance. + */ +void h2_io_destroy(h2_io *io); + +/** + * The input data is completely queued. Blocked reads will return immediately + * and give either data or EOF. + */ +int h2_io_in_has_eos_for(h2_io *io); +/** + * Output data is available. + */ +int h2_io_out_has_data(h2_io *io); + +/******************************************************************************* + * Input handling of streams. + ******************************************************************************/ +/** + * Reads the next bucket from the input. Returns APR_EAGAIN if none + * is currently available, APR_EOF if end of input has been reached. + */ +apr_status_t h2_io_in_read(h2_io *io, apr_bucket_brigade *bb, + apr_size_t maxlen); + +/** + * Appends given bucket to the input. + */ +apr_status_t h2_io_in_write(h2_io *io, apr_bucket_brigade *bb); + +/** + * Closes the input. After existing data has been read, APR_EOF will + * be returned. + */ +apr_status_t h2_io_in_close(h2_io *io); + +/******************************************************************************* + * Output handling of streams. + ******************************************************************************/ + +/** + * Read a bucket from the output head. Return APR_EAGAIN if non is available, + * APR_EOF if none available and output has been closed. + * May be called with buffer == NULL in order to find out how much data + * is available. + * @param io the h2_io to read output from + * @param buffer the buffer to copy the data to, may be NULL + * @param plen the requested max len, set to amount of data on return + * @param peos != 0 iff the end of stream has been reached + */ +apr_status_t h2_io_out_readx(h2_io *io, + h2_io_data_cb *cb, void *ctx, + apr_size_t *plen, int *peos); + +apr_status_t h2_io_out_write(h2_io *io, apr_bucket_brigade *bb, + apr_size_t maxlen, int *pfile_buckets_allowed); + +/** + * Closes the input. After existing data has been read, APR_EOF will + * be returned. + */ +apr_status_t h2_io_out_close(h2_io *io); + +/** + * Gives the overall length of the data that is currently queued for + * output. + */ +apr_size_t h2_io_out_length(h2_io *io); + + +#endif /* defined(__mod_h2__h2_io__) */ diff --git a/modules/http2/h2_io_set.c b/modules/http2/h2_io_set.c new file mode 100644 index 00000000..91afde8f --- /dev/null +++ b/modules/http2/h2_io_set.c @@ -0,0 +1,180 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_io.h" +#include "h2_io_set.h" + +#define h2_io_IDX(list, i) ((h2_io**)(list)->elts)[i] + +struct h2_io_set { + apr_array_header_t *list; +}; + +h2_io_set *h2_io_set_create(apr_pool_t *pool) +{ + h2_io_set *sp = apr_pcalloc(pool, sizeof(h2_io_set)); + if (sp) { + sp->list = apr_array_make(pool, 100, sizeof(h2_io*)); + if (!sp->list) { + return NULL; + } + } + return sp; +} + +void h2_io_set_destroy(h2_io_set *sp) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_io *io = h2_io_IDX(sp->list, i); + h2_io_destroy(io); + } + sp->list->nelts = 0; +} + +static int h2_stream_id_cmp(const void *s1, const void *s2) +{ + h2_io **pio1 = (h2_io **)s1; + h2_io **pio2 = (h2_io **)s2; + return (*pio1)->id - (*pio2)->id; +} + +h2_io *h2_io_set_get(h2_io_set *sp, int stream_id) +{ + /* we keep the array sorted by id, so lookup can be done + * by bsearch. + */ + h2_io **ps; + h2_io key; + h2_io *pkey = &key; + + memset(&key, 0, sizeof(key)); + key.id = stream_id; + ps = bsearch(&pkey, sp->list->elts, sp->list->nelts, + sp->list->elt_size, h2_stream_id_cmp); + return ps? *ps : NULL; +} + +h2_io *h2_io_set_get_highest_prio(h2_io_set *set) +{ + h2_io *highest = NULL; + int i; + for (i = 0; i < set->list->nelts; ++i) { + h2_io *io = h2_io_IDX(set->list, i); + if (!highest /*|| io-prio even higher */ ) { + highest = io; + } + } + return highest; +} + +static void h2_io_set_sort(h2_io_set *sp) +{ + qsort(sp->list->elts, sp->list->nelts, sp->list->elt_size, + h2_stream_id_cmp); +} + +apr_status_t h2_io_set_add(h2_io_set *sp, h2_io *io) +{ + h2_io *existing = h2_io_set_get(sp, io->id); + if (!existing) { + int last; + APR_ARRAY_PUSH(sp->list, h2_io*) = io; + /* Normally, streams get added in ascending order if id. We + * keep the array sorted, so we just need to check of the newly + * appended stream has a lower id than the last one. if not, + * sorting is not necessary. + */ + last = sp->list->nelts - 1; + if (last > 0 + && (h2_io_IDX(sp->list, last)->id + < h2_io_IDX(sp->list, last-1)->id)) { + h2_io_set_sort(sp); + } + } + return APR_SUCCESS; +} + +h2_io *h2_io_set_remove(h2_io_set *sp, h2_io *io) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_io *e = h2_io_IDX(sp->list, i); + if (e == io) { + int n; + --sp->list->nelts; + n = sp->list->nelts - i; + if (n > 0) { + /* Close the hole in the array by moving the upper + * parts down one step. + */ + h2_io **selts = (h2_io**)sp->list->elts; + memmove(selts+i, selts+i+1, n * sizeof(h2_io*)); + } + return e; + } + } + return NULL; +} + +void h2_io_set_destroy_all(h2_io_set *sp) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_io *io = h2_io_IDX(sp->list, i); + h2_io_destroy(io); + } + sp->list->nelts = 0; +} + +void h2_io_set_remove_all(h2_io_set *sp) +{ + sp->list->nelts = 0; +} + +int h2_io_set_is_empty(h2_io_set *sp) +{ + AP_DEBUG_ASSERT(sp); + return sp->list->nelts == 0; +} + +void h2_io_set_iter(h2_io_set *sp, + h2_io_set_iter_fn *iter, void *ctx) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_io *s = h2_io_IDX(sp->list, i); + if (!iter(ctx, s)) { + break; + } + } +} + +apr_size_t h2_io_set_size(h2_io_set *sp) +{ + return sp->list->nelts; +} + diff --git a/modules/http2/h2_io_set.h b/modules/http2/h2_io_set.h new file mode 100644 index 00000000..a9c6546c --- /dev/null +++ b/modules/http2/h2_io_set.h @@ -0,0 +1,47 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_io_set__ +#define __mod_h2__h2_io_set__ + +struct h2_io; + +/** + * A set of h2_io instances. Allows lookup by stream id + * and other criteria. + */ +typedef struct h2_io_set h2_io_set; + +h2_io_set *h2_io_set_create(apr_pool_t *pool); + +void h2_io_set_destroy(h2_io_set *set); + +apr_status_t h2_io_set_add(h2_io_set *set, struct h2_io *io); +h2_io *h2_io_set_get(h2_io_set *set, int stream_id); +h2_io *h2_io_set_get_highest_prio(h2_io_set *set); +h2_io *h2_io_set_remove(h2_io_set *set, struct h2_io *io); + +void h2_io_set_remove_all(h2_io_set *set); +void h2_io_set_destroy_all(h2_io_set *set); +int h2_io_set_is_empty(h2_io_set *set); +apr_size_t h2_io_set_size(h2_io_set *set); + + +typedef int h2_io_set_iter_fn(void *ctx, struct h2_io *io); + +void h2_io_set_iter(h2_io_set *set, + h2_io_set_iter_fn *iter, void *ctx); + +#endif /* defined(__mod_h2__h2_io_set__) */ diff --git a/modules/http2/h2_mplx.c b/modules/http2/h2_mplx.c new file mode 100644 index 00000000..2d07b1eb --- /dev/null +++ b/modules/http2/h2_mplx.c @@ -0,0 +1,802 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "h2_private.h" +#include "h2_config.h" +#include "h2_conn.h" +#include "h2_io.h" +#include "h2_io_set.h" +#include "h2_response.h" +#include "h2_mplx.h" +#include "h2_request.h" +#include "h2_stream.h" +#include "h2_stream_set.h" +#include "h2_task.h" +#include "h2_task_input.h" +#include "h2_task_output.h" +#include "h2_task_queue.h" +#include "h2_workers.h" + + +static int is_aborted(h2_mplx *m, apr_status_t *pstatus) { + AP_DEBUG_ASSERT(m); + if (m->aborted) { + *pstatus = APR_ECONNABORTED; + return 1; + } + return 0; +} + +static void have_out_data_for(h2_mplx *m, int stream_id); + +static void h2_mplx_destroy(h2_mplx *m) +{ + AP_DEBUG_ASSERT(m); + m->aborted = 1; + if (m->q) { + h2_tq_destroy(m->q); + m->q = NULL; + } + if (m->ready_ios) { + h2_io_set_destroy(m->ready_ios); + m->ready_ios = NULL; + } + if (m->stream_ios) { + h2_io_set_destroy(m->stream_ios); + m->stream_ios = NULL; + } + + if (m->lock) { + apr_thread_mutex_destroy(m->lock); + m->lock = NULL; + } + + if (m->pool) { + apr_pool_destroy(m->pool); + } +} + +/** + * A h2_mplx needs to be thread-safe *and* if will be called by + * the h2_session thread *and* the h2_worker threads. Therefore: + * - calls are protected by a mutex lock, m->lock + * - the pool needs its own allocator, since apr_allocator_t are + * not re-entrant. The separate allocator works without a + * separate lock since we already protect h2_mplx itself. + * Since HTTP/2 connections can be expected to live longer than + * their HTTP/1 cousins, the separate allocator seems to work better + * than protecting a shared h2_session one with an own lock. + */ +h2_mplx *h2_mplx_create(conn_rec *c, apr_pool_t *parent, h2_workers *workers) +{ + apr_status_t status = APR_SUCCESS; + h2_config *conf = h2_config_get(c); + apr_allocator_t *allocator = NULL; + h2_mplx *m; + AP_DEBUG_ASSERT(conf); + + status = apr_allocator_create(&allocator); + if (status != APR_SUCCESS) { + return NULL; + } + + m = apr_pcalloc(parent, sizeof(h2_mplx)); + if (m) { + m->id = c->id; + APR_RING_ELEM_INIT(m, link); + apr_atomic_set32(&m->refs, 1); + m->c = c; + apr_pool_create_ex(&m->pool, parent, NULL, allocator); + if (!m->pool) { + return NULL; + } + apr_allocator_owner_set(allocator, m->pool); + + status = apr_thread_mutex_create(&m->lock, APR_THREAD_MUTEX_DEFAULT, + m->pool); + if (status != APR_SUCCESS) { + h2_mplx_destroy(m); + return NULL; + } + + m->bucket_alloc = apr_bucket_alloc_create(m->pool); + + m->q = h2_tq_create(m->id, m->pool); + m->stream_ios = h2_io_set_create(m->pool); + m->ready_ios = h2_io_set_create(m->pool); + m->closed = h2_stream_set_create(m->pool); + m->stream_max_mem = h2_config_geti(conf, H2_CONF_STREAM_MAX_MEM); + m->workers = workers; + + m->file_handles_allowed = h2_config_geti(conf, H2_CONF_SESSION_FILES); + } + return m; +} + +static void reference(h2_mplx *m) +{ + apr_atomic_inc32(&m->refs); +} + +static void release(h2_mplx *m) +{ + if (!apr_atomic_dec32(&m->refs)) { + if (m->join_wait) { + apr_thread_cond_signal(m->join_wait); + } + } +} + +void h2_mplx_reference(h2_mplx *m) +{ + reference(m); +} +void h2_mplx_release(h2_mplx *m) +{ + release(m); +} + +static void workers_register(h2_mplx *m) { + /* Initially, there was ref count increase for this as well, but + * this is not needed, even harmful. + * h2_workers is only a hub for all the h2_worker instances. + * At the end-of-life of this h2_mplx, we always unregister at + * the workers. The thing to manage are all the h2_worker instances + * out there. Those may hold a reference to this h2_mplx and we cannot + * call them to unregister. + * + * Therefore: ref counting for h2_workers in not needed, ref counting + * for h2_worker using this is critical. + */ + h2_workers_register(m->workers, m); +} + +static void workers_unregister(h2_mplx *m) { + h2_workers_unregister(m->workers, m); +} + +apr_status_t h2_mplx_release_and_join(h2_mplx *m, apr_thread_cond_t *wait) +{ + apr_status_t status; + workers_unregister(m); + + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + int attempts = 0; + + release(m); + while (apr_atomic_read32(&m->refs) > 0) { + m->join_wait = wait; + ap_log_cerror(APLOG_MARK, (attempts? APLOG_INFO : APLOG_DEBUG), + 0, m->c, + "h2_mplx(%ld): release_join, refs=%d, waiting...", + m->id, m->refs); + apr_thread_cond_timedwait(wait, m->lock, apr_time_from_sec(10)); + if (++attempts >= 6) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c, + APLOGNO(02952) + "h2_mplx(%ld): join attempts exhausted, refs=%d", + m->id, m->refs); + break; + } + } + if (m->join_wait) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, + "h2_mplx(%ld): release_join -> destroy", m->id); + } + m->join_wait = NULL; + apr_thread_mutex_unlock(m->lock); + h2_mplx_destroy(m); + } + return status; +} + +void h2_mplx_abort(h2_mplx *m) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + m->aborted = 1; + h2_io_set_destroy_all(m->stream_ios); + apr_thread_mutex_unlock(m->lock); + } + workers_unregister(m); +} + + +h2_stream *h2_mplx_open_io(h2_mplx *m, int stream_id) +{ + h2_stream *stream = NULL; + apr_status_t status; + h2_io *io; + + if (m->aborted) { + return NULL; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + apr_pool_t *stream_pool = m->spare_pool; + + if (!stream_pool) { + apr_pool_create(&stream_pool, m->pool); + } + else { + m->spare_pool = NULL; + } + + stream = h2_stream_create(stream_id, stream_pool, m); + stream->state = H2_STREAM_ST_OPEN; + + io = h2_io_set_get(m->stream_ios, stream_id); + if (!io) { + io = h2_io_create(stream_id, stream_pool, m->bucket_alloc); + h2_io_set_add(m->stream_ios, io); + } + status = io? APR_SUCCESS : APR_ENOMEM; + apr_thread_mutex_unlock(m->lock); + } + return stream; +} + +static void stream_destroy(h2_mplx *m, h2_stream *stream, h2_io *io) +{ + apr_pool_t *pool = h2_stream_detach_pool(stream); + if (pool) { + apr_pool_clear(pool); + if (m->spare_pool) { + apr_pool_destroy(m->spare_pool); + } + m->spare_pool = pool; + } + h2_stream_destroy(stream); + if (io) { + /* The pool is cleared/destroyed which also closes all + * allocated file handles. Give this count back to our + * file handle pool. */ + m->file_handles_allowed += io->files_handles_owned; + h2_io_set_remove(m->stream_ios, io); + h2_io_set_remove(m->ready_ios, io); + h2_io_destroy(io); + } +} + +apr_status_t h2_mplx_cleanup_stream(h2_mplx *m, h2_stream *stream) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream->id); + if (!io || io->task_done) { + /* No more io or task already done -> cleanup immediately */ + stream_destroy(m, stream, io); + } + else { + /* Add stream to closed set for cleanup when task is done */ + h2_stream_set_add(m->closed, stream); + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +void h2_mplx_task_done(h2_mplx *m, int stream_id) +{ + apr_status_t status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_stream *stream = h2_stream_set_get(m->closed, stream_id); + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c, + "h2_mplx(%ld): task(%d) done", m->id, stream_id); + if (stream) { + /* stream was already closed by main connection and is in + * zombie state. Now that the task is done with it, we + * can free its resources. */ + h2_stream_set_remove(m->closed, stream); + stream_destroy(m, stream, io); + } + else if (io) { + /* main connection has not finished stream. Mark task as done + * so that eventual cleanup can start immediately. */ + io->task_done = 1; + } + apr_thread_mutex_unlock(m->lock); + } +} + +apr_status_t h2_mplx_in_read(h2_mplx *m, apr_read_type_e block, + int stream_id, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + io->input_arrived = iowait; + status = h2_io_in_read(io, bb, 0); + while (status == APR_EAGAIN + && !is_aborted(m, &status) + && block == APR_BLOCK_READ) { + apr_thread_cond_wait(io->input_arrived, m->lock); + status = h2_io_in_read(io, bb, 0); + } + io->input_arrived = NULL; + } + else { + status = APR_EOF; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +apr_status_t h2_mplx_in_write(h2_mplx *m, int stream_id, + apr_bucket_brigade *bb) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + status = h2_io_in_write(io, bb); + if (io->input_arrived) { + apr_thread_cond_signal(io->input_arrived); + } + } + else { + status = APR_EOF; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +apr_status_t h2_mplx_in_close(h2_mplx *m, int stream_id) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + status = h2_io_in_close(io); + if (io->input_arrived) { + apr_thread_cond_signal(io->input_arrived); + } + } + else { + status = APR_ECONNABORTED; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +typedef struct { + h2_mplx_consumed_cb *cb; + void *cb_ctx; + int streams_updated; +} update_ctx; + +static int update_window(void *ctx, h2_io *io) +{ + if (io->input_consumed) { + update_ctx *uctx = (update_ctx*)ctx; + uctx->cb(uctx->cb_ctx, io->id, io->input_consumed); + io->input_consumed = 0; + ++uctx->streams_updated; + } + return 1; +} + +apr_status_t h2_mplx_in_update_windows(h2_mplx *m, + h2_mplx_consumed_cb *cb, void *cb_ctx) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + update_ctx ctx; + + ctx.cb = cb; + ctx.cb_ctx = cb_ctx; + ctx.streams_updated = 0; + + status = APR_EAGAIN; + h2_io_set_iter(m->stream_ios, update_window, &ctx); + + if (ctx.streams_updated) { + status = APR_SUCCESS; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +apr_status_t h2_mplx_out_readx(h2_mplx *m, int stream_id, + h2_io_data_cb *cb, void *ctx, + apr_size_t *plen, int *peos) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + status = h2_io_out_readx(io, cb, ctx, plen, peos); + if (status == APR_SUCCESS && io->output_drained) { + apr_thread_cond_signal(io->output_drained); + } + } + else { + status = APR_ECONNABORTED; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +h2_stream *h2_mplx_next_submit(h2_mplx *m, h2_stream_set *streams) +{ + apr_status_t status; + h2_stream *stream = NULL; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return NULL; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get_highest_prio(m->ready_ios); + if (io) { + h2_response *response = io->response; + + AP_DEBUG_ASSERT(response); + h2_io_set_remove(m->ready_ios, io); + + stream = h2_stream_set_get(streams, response->stream_id); + if (stream) { + h2_stream_set_response(stream, response, io->bbout); + if (io->output_drained) { + apr_thread_cond_signal(io->output_drained); + } + } + else { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_NOTFOUND, m->c, + APLOGNO(02953) "h2_mplx(%ld): stream for response %d", + m->id, response->stream_id); + } + } + apr_thread_mutex_unlock(m->lock); + } + return stream; +} + +static apr_status_t out_write(h2_mplx *m, h2_io *io, + ap_filter_t* f, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait) +{ + apr_status_t status = APR_SUCCESS; + /* We check the memory footprint queued for this stream_id + * and block if it exceeds our configured limit. + * We will not split buckets to enforce the limit to the last + * byte. After all, the bucket is already in memory. + */ + while (!APR_BRIGADE_EMPTY(bb) + && (status == APR_SUCCESS) + && !is_aborted(m, &status)) { + + status = h2_io_out_write(io, bb, m->stream_max_mem, + &m->file_handles_allowed); + + /* Wait for data to drain until there is room again */ + while (!APR_BRIGADE_EMPTY(bb) + && iowait + && status == APR_SUCCESS + && (m->stream_max_mem <= h2_io_out_length(io)) + && !is_aborted(m, &status)) { + io->output_drained = iowait; + if (f) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_mplx(%ld-%d): waiting for out drain", + m->id, io->id); + } + apr_thread_cond_wait(io->output_drained, m->lock); + io->output_drained = NULL; + } + } + apr_brigade_cleanup(bb); + return status; +} + +static apr_status_t out_open(h2_mplx *m, int stream_id, h2_response *response, + ap_filter_t* f, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait) +{ + apr_status_t status = APR_SUCCESS; + + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + if (f) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, + "h2_mplx(%ld-%d): open response: %s", + m->id, stream_id, response->status); + } + + io->response = h2_response_copy(io->pool, response); + AP_DEBUG_ASSERT(io->response); + h2_io_set_add(m->ready_ios, io); + if (bb) { + status = out_write(m, io, f, bb, iowait); + } + have_out_data_for(m, stream_id); + } + else { + status = APR_ECONNABORTED; + } + return status; +} + +apr_status_t h2_mplx_out_open(h2_mplx *m, int stream_id, h2_response *response, + ap_filter_t* f, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + status = out_open(m, stream_id, response, f, bb, iowait); + if (m->aborted) { + return APR_ECONNABORTED; + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + + +apr_status_t h2_mplx_out_write(h2_mplx *m, int stream_id, + ap_filter_t* f, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + if (!m->aborted) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + status = out_write(m, io, f, bb, iowait); + have_out_data_for(m, stream_id); + if (m->aborted) { + return APR_ECONNABORTED; + } + } + else { + status = APR_ECONNABORTED; + } + } + + if (m->lock) { + apr_thread_mutex_unlock(m->lock); + } + } + return status; +} + +apr_status_t h2_mplx_out_close(h2_mplx *m, int stream_id) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + if (!m->aborted) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + if (!io->response || !io->response->ngheader) { + /* In case a close comes before a response was created, + * insert an error one so that our streams can properly + * reset. + */ + h2_response *r = h2_response_create(stream_id, + "500", NULL, m->pool); + status = out_open(m, stream_id, r, NULL, NULL, NULL); + } + status = h2_io_out_close(io); + have_out_data_for(m, stream_id); + if (m->aborted) { + /* if we were the last output, the whole session might + * have gone down in the meantime. + */ + return APR_SUCCESS; + } + } + else { + status = APR_ECONNABORTED; + } + } + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +int h2_mplx_in_has_eos_for(h2_mplx *m, int stream_id) +{ + int has_eos = 0; + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return 0; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + has_eos = h2_io_in_has_eos_for(io); + } + apr_thread_mutex_unlock(m->lock); + } + return has_eos; +} + +int h2_mplx_out_has_data_for(h2_mplx *m, int stream_id) +{ + apr_status_t status; + int has_data = 0; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return 0; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + h2_io *io = h2_io_set_get(m->stream_ios, stream_id); + if (io) { + has_data = h2_io_out_has_data(io); + } + apr_thread_mutex_unlock(m->lock); + } + return has_data; +} + +apr_status_t h2_mplx_out_trywait(h2_mplx *m, apr_interval_time_t timeout, + apr_thread_cond_t *iowait) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + m->added_output = iowait; + status = apr_thread_cond_timedwait(m->added_output, m->lock, timeout); + if (APLOGctrace2(m->c)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c, + "h2_mplx(%ld): trywait on data for %f ms)", + m->id, timeout/1000.0); + } + m->added_output = NULL; + apr_thread_mutex_unlock(m->lock); + } + return status; +} + +static void have_out_data_for(h2_mplx *m, int stream_id) +{ + (void)stream_id; + AP_DEBUG_ASSERT(m); + if (m->added_output) { + apr_thread_cond_signal(m->added_output); + } +} + +apr_status_t h2_mplx_do_task(h2_mplx *m, struct h2_task *task) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + /* TODO: needs to sort queue by priority */ + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c, + "h2_mplx: do task(%s)", task->id); + h2_tq_append(m->q, task); + apr_thread_mutex_unlock(m->lock); + } + workers_register(m); + return status; +} + +h2_task *h2_mplx_pop_task(h2_mplx *m, int *has_more) +{ + h2_task *task = NULL; + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + *has_more = 0; + return NULL; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + task = h2_tq_pop_first(m->q); + if (task) { + h2_task_set_started(task); + } + *has_more = !h2_tq_empty(m->q); + apr_thread_mutex_unlock(m->lock); + } + return task; +} + +apr_status_t h2_mplx_create_task(h2_mplx *m, struct h2_stream *stream) +{ + apr_status_t status; + AP_DEBUG_ASSERT(m); + if (m->aborted) { + return APR_ECONNABORTED; + } + status = apr_thread_mutex_lock(m->lock); + if (APR_SUCCESS == status) { + conn_rec *c = h2_conn_create(m->c, stream->pool); + stream->task = h2_task_create(m->id, stream->id, + stream->pool, m, c); + + apr_thread_mutex_unlock(m->lock); + } + return status; +} + diff --git a/modules/http2/h2_mplx.h b/modules/http2/h2_mplx.h new file mode 100644 index 00000000..62977d61 --- /dev/null +++ b/modules/http2/h2_mplx.h @@ -0,0 +1,322 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_mplx__ +#define __mod_h2__h2_mplx__ + +/** + * The stream multiplexer. It pushes buckets from the connection + * thread to the stream task threads and vice versa. It's thread-safe + * to use. + * + * There is one h2_mplx instance for each h2_session, which sits on top + * of a particular httpd conn_rec. Input goes from the connection to + * the stream tasks. Output goes from the stream tasks to the connection, + * e.g. the client. + * + * For each stream, there can be at most "H2StreamMaxMemSize" output bytes + * queued in the multiplexer. If a task thread tries to write more + * data, it is blocked until space becomes available. + * + * Writing input is never blocked. In order to use flow control on the input, + * the mplx can be polled for input data consumption. + */ + +struct apr_pool_t; +struct apr_thread_mutex_t; +struct apr_thread_cond_t; +struct h2_config; +struct h2_response; +struct h2_task; +struct h2_stream; +struct h2_io_set; +struct apr_thread_cond_t; +struct h2_workers; +struct h2_stream_set; +struct h2_task_queue; + +#include "h2_io.h" + +typedef struct h2_mplx h2_mplx; + +struct h2_mplx { + long id; + APR_RING_ENTRY(h2_mplx) link; + volatile apr_uint32_t refs; + conn_rec *c; + apr_pool_t *pool; + apr_bucket_alloc_t *bucket_alloc; + + struct h2_task_queue *q; + struct h2_io_set *stream_ios; + struct h2_io_set *ready_ios; + + apr_thread_mutex_t *lock; + struct apr_thread_cond_t *added_output; + struct apr_thread_cond_t *join_wait; + + int aborted; + apr_size_t stream_max_mem; + + apr_pool_t *spare_pool; /* spare pool, ready for next stream */ + struct h2_stream_set *closed; /* streams closed, but task ongoing */ + struct h2_workers *workers; + int file_handles_allowed; +}; + +/******************************************************************************* + * Object lifecycle and information. + ******************************************************************************/ + +/** + * Create the multiplexer for the given HTTP2 session. + * Implicitly has reference count 1. + */ +h2_mplx *h2_mplx_create(conn_rec *c, apr_pool_t *master, + struct h2_workers *workers); + +/** + * Increase the reference counter of this mplx. + */ +void h2_mplx_reference(h2_mplx *m); + +/** + * Decreases the reference counter of this mplx. + */ +void h2_mplx_release(h2_mplx *m); +/** + * Decreases the reference counter of this mplx and waits for it + * to reached 0, destroy the mplx afterwards. + * This is to be called from the thread that created the mplx in + * the first place. + * @param m the mplx to be released and destroyed + * @param wait condition var to wait on for ref counter == 0 + */ +apr_status_t h2_mplx_release_and_join(h2_mplx *m, struct apr_thread_cond_t *wait); + +/** + * Aborts the multiplexer. It will answer all future invocation with + * APR_ECONNABORTED, leading to early termination of ongoing tasks. + */ +void h2_mplx_abort(h2_mplx *mplx); + +void h2_mplx_task_done(h2_mplx *m, int stream_id); + +/******************************************************************************* + * IO lifetime of streams. + ******************************************************************************/ +/** + * Prepares the multiplexer to handle in-/output on the given stream id. + */ +struct h2_stream *h2_mplx_open_io(h2_mplx *mplx, int stream_id); + +/** + * Ends cleanup of a stream in sync with execution thread. + */ +apr_status_t h2_mplx_cleanup_stream(h2_mplx *m, struct h2_stream *stream); + +/* Return != 0 iff the multiplexer has data for the given stream. + */ +int h2_mplx_out_has_data_for(h2_mplx *m, int stream_id); + +/** + * Waits on output data from any stream in this session to become available. + * Returns APR_TIMEUP if no data arrived in the given time. + */ +apr_status_t h2_mplx_out_trywait(h2_mplx *m, apr_interval_time_t timeout, + struct apr_thread_cond_t *iowait); + +/******************************************************************************* + * Stream processing. + ******************************************************************************/ + +/** + * Perform the task on the given stream. + */ +apr_status_t h2_mplx_do_task(h2_mplx *mplx, struct h2_task *task); + +struct h2_task *h2_mplx_pop_task(h2_mplx *mplx, int *has_more); + +apr_status_t h2_mplx_create_task(h2_mplx *mplx, struct h2_stream *stream); + +/******************************************************************************* + * Input handling of streams. + ******************************************************************************/ + +/** + * Reads a buckets for the given stream_id. Will return ARP_EAGAIN when + * called with APR_NONBLOCK_READ and no data present. Will return APR_EOF + * when the end of the stream input has been reached. + * The condition passed in will be used for blocking/signalling and will + * be protected by the mplx's own mutex. + */ +apr_status_t h2_mplx_in_read(h2_mplx *m, apr_read_type_e block, + int stream_id, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait); + +/** + * Appends data to the input of the given stream. Storage of input data is + * not subject to flow control. + */ +apr_status_t h2_mplx_in_write(h2_mplx *mplx, int stream_id, + apr_bucket_brigade *bb); + +/** + * Closes the input for the given stream_id. + */ +apr_status_t h2_mplx_in_close(h2_mplx *m, int stream_id); + +/** + * Returns != 0 iff the input for the given stream has been closed. There + * could still be data queued, but it can be read without blocking. + */ +int h2_mplx_in_has_eos_for(h2_mplx *m, int stream_id); + +/** + * Callback invoked for every stream that had input data read since + * the last invocation. + */ +typedef void h2_mplx_consumed_cb(void *ctx, int stream_id, apr_size_t consumed); + +/** + * Invoke the callback for all streams that had bytes read since the last + * call to this function. If no stream had input data consumed, the callback + * is not invoked. + * Returns APR_SUCCESS when an update happened, APR_EAGAIN if no update + * happened. + */ +apr_status_t h2_mplx_in_update_windows(h2_mplx *m, + h2_mplx_consumed_cb *cb, void *ctx); + +/******************************************************************************* + * Output handling of streams. + ******************************************************************************/ + +/** + * Get a stream whose response is ready for submit. Will set response and + * any out data available in stream. + * @param m the mplxer to get a response from + * @param bb the brigade to place any existing repsonse body data into + */ +struct h2_stream *h2_mplx_next_submit(h2_mplx *m, + struct h2_stream_set *streams); + +/** + * Reads output data from the given stream. Will never block, but + * return APR_EAGAIN until data arrives or the stream is closed. + */ +apr_status_t h2_mplx_out_readx(h2_mplx *mplx, int stream_id, + h2_io_data_cb *cb, void *ctx, + apr_size_t *plen, int *peos); + +/** + * Opens the output for the given stream with the specified response. + */ +apr_status_t h2_mplx_out_open(h2_mplx *mplx, int stream_id, + struct h2_response *response, + ap_filter_t* filter, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait); + +/** + * Append the brigade to the stream output. Might block if amount + * of bytes buffered reaches configured max. + * @param stream_id the stream identifier + * @param filter the apache filter context of the data + * @param bb the bucket brigade to append + * @param iowait a conditional used for block/signalling in h2_mplx + */ +apr_status_t h2_mplx_out_write(h2_mplx *mplx, int stream_id, + ap_filter_t* filter, apr_bucket_brigade *bb, + struct apr_thread_cond_t *iowait); + +/** + * Closes the output stream. Readers of this stream will get all pending + * data and then only APR_EOF as result. + */ +apr_status_t h2_mplx_out_close(h2_mplx *m, int stream_id); + +/******************************************************************************* + * h2_mplx list Manipulation. + ******************************************************************************/ + +/** + * The magic pointer value that indicates the head of a h2_mplx list + * @param b The mplx list + * @return The magic pointer value + */ +#define H2_MPLX_LIST_SENTINEL(b) APR_RING_SENTINEL((b), h2_mplx, link) + +/** + * Determine if the mplx list is empty + * @param b The list to check + * @return true or false + */ +#define H2_MPLX_LIST_EMPTY(b) APR_RING_EMPTY((b), h2_mplx, link) + +/** + * Return the first mplx in a list + * @param b The list to query + * @return The first mplx in the list + */ +#define H2_MPLX_LIST_FIRST(b) APR_RING_FIRST(b) + +/** + * Return the last mplx in a list + * @param b The list to query + * @return The last mplx int he list + */ +#define H2_MPLX_LIST_LAST(b) APR_RING_LAST(b) + +/** + * Insert a single mplx at the front of a list + * @param b The list to add to + * @param e The mplx to insert + */ +#define H2_MPLX_LIST_INSERT_HEAD(b, e) do { \ +h2_mplx *ap__b = (e); \ +APR_RING_INSERT_HEAD((b), ap__b, h2_mplx, link); \ +} while (0) + +/** + * Insert a single mplx at the end of a list + * @param b The list to add to + * @param e The mplx to insert + */ +#define H2_MPLX_LIST_INSERT_TAIL(b, e) do { \ +h2_mplx *ap__b = (e); \ +APR_RING_INSERT_TAIL((b), ap__b, h2_mplx, link); \ +} while (0) + +/** + * Get the next mplx in the list + * @param e The current mplx + * @return The next mplx + */ +#define H2_MPLX_NEXT(e) APR_RING_NEXT((e), link) +/** + * Get the previous mplx in the list + * @param e The current mplx + * @return The previous mplx + */ +#define H2_MPLX_PREV(e) APR_RING_PREV((e), link) + +/** + * Remove a mplx from its list + * @param e The mplx to remove + */ +#define H2_MPLX_REMOVE(e) APR_RING_REMOVE((e), link) + + +#endif /* defined(__mod_h2__h2_mplx__) */ diff --git a/modules/http2/h2_private.h b/modules/http2/h2_private.h new file mode 100644 index 00000000..a6081fc6 --- /dev/null +++ b/modules/http2/h2_private.h @@ -0,0 +1,36 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef mod_h2_h2_private_h +#define mod_h2_h2_private_h + +#include + +extern module AP_MODULE_DECLARE_DATA http2_module; + +APLOG_USE_MODULE(http2); + + +#define H2_HEADER_METHOD ":method" +#define H2_HEADER_METHOD_LEN 7 +#define H2_HEADER_SCHEME ":scheme" +#define H2_HEADER_SCHEME_LEN 7 +#define H2_HEADER_AUTH ":authority" +#define H2_HEADER_AUTH_LEN 10 +#define H2_HEADER_PATH ":path" +#define H2_HEADER_PATH_LEN 5 +#define H2_CRLF "\r\n" + +#endif diff --git a/modules/http2/h2_request.c b/modules/http2/h2_request.c new file mode 100644 index 00000000..ca9a362c --- /dev/null +++ b/modules/http2/h2_request.c @@ -0,0 +1,182 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_mplx.h" +#include "h2_to_h1.h" +#include "h2_request.h" +#include "h2_task.h" +#include "h2_util.h" + + +h2_request *h2_request_create(int id, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc) +{ + h2_request *req = apr_pcalloc(pool, sizeof(h2_request)); + if (req) { + req->id = id; + req->pool = pool; + req->bucket_alloc = bucket_alloc; + } + return req; +} + +void h2_request_destroy(h2_request *req) +{ + if (req->to_h1) { + h2_to_h1_destroy(req->to_h1); + req->to_h1 = NULL; + } +} + +static apr_status_t insert_request_line(h2_request *req, h2_mplx *m); + +apr_status_t h2_request_rwrite(h2_request *req, request_rec *r, h2_mplx *m) +{ + apr_status_t status; + req->method = r->method; + req->authority = r->hostname; + req->path = r->uri; + if (!ap_strchr_c(req->authority, ':') && r->parsed_uri.port_str) { + req->authority = apr_psprintf(req->pool, "%s:%s", req->authority, + r->parsed_uri.port_str); + } + req->scheme = NULL; + + + status = insert_request_line(req, m); + if (status == APR_SUCCESS) { + status = h2_to_h1_add_headers(req->to_h1, r->headers_in); + } + + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, + "h2_request(%d): written request %s %s, host=%s", + req->id, req->method, req->path, req->authority); + + return status; +} + +apr_status_t h2_request_write_header(h2_request *req, + const char *name, size_t nlen, + const char *value, size_t vlen, + h2_mplx *m) +{ + apr_status_t status = APR_SUCCESS; + + if (nlen <= 0) { + return status; + } + + if (name[0] == ':') { + /* pseudo header, see ch. 8.1.2.3, always should come first */ + if (req->to_h1) { + ap_log_perror(APLOG_MARK, APLOG_ERR, 0, req->pool, + APLOGNO(02917) + "h2_request(%d): pseudo header after request start", + req->id); + return APR_EGENERAL; + } + + if (H2_HEADER_METHOD_LEN == nlen + && !strncmp(H2_HEADER_METHOD, name, nlen)) { + req->method = apr_pstrndup(req->pool, value, vlen); + } + else if (H2_HEADER_SCHEME_LEN == nlen + && !strncmp(H2_HEADER_SCHEME, name, nlen)) { + req->scheme = apr_pstrndup(req->pool, value, vlen); + } + else if (H2_HEADER_PATH_LEN == nlen + && !strncmp(H2_HEADER_PATH, name, nlen)) { + req->path = apr_pstrndup(req->pool, value, vlen); + } + else if (H2_HEADER_AUTH_LEN == nlen + && !strncmp(H2_HEADER_AUTH, name, nlen)) { + req->authority = apr_pstrndup(req->pool, value, vlen); + } + else { + char buffer[32]; + memset(buffer, 0, 32); + strncpy(buffer, name, (nlen > 31)? 31 : nlen); + ap_log_perror(APLOG_MARK, APLOG_WARNING, 0, req->pool, + APLOGNO(02954) + "h2_request(%d): ignoring unknown pseudo header %s", + req->id, buffer); + } + } + else { + /* non-pseudo header, append to work bucket of stream */ + if (!req->to_h1) { + status = insert_request_line(req, m); + if (status != APR_SUCCESS) { + return status; + } + } + + if (status == APR_SUCCESS) { + status = h2_to_h1_add_header(req->to_h1, + name, nlen, value, vlen); + } + } + + return status; +} + +apr_status_t h2_request_write_data(h2_request *req, + const char *data, size_t len) +{ + return h2_to_h1_add_data(req->to_h1, data, len); +} + +apr_status_t h2_request_end_headers(h2_request *req, struct h2_mplx *m, + h2_task *task, int eos) +{ + if (!req->to_h1) { + apr_status_t status = insert_request_line(req, m); + if (status != APR_SUCCESS) { + return status; + } + } + return h2_to_h1_end_headers(req->to_h1, task, eos); +} + +apr_status_t h2_request_close(h2_request *req) +{ + return h2_to_h1_close(req->to_h1); +} + +static apr_status_t insert_request_line(h2_request *req, h2_mplx *m) +{ + req->to_h1 = h2_to_h1_create(req->id, req->pool, req->bucket_alloc, + req->method, + req->scheme, + req->authority, + req->path, m); + return req->to_h1? APR_SUCCESS : APR_ENOMEM; +} + +apr_status_t h2_request_flush(h2_request *req) +{ + return h2_to_h1_flush(req->to_h1); +} + diff --git a/modules/http2/h2_request.h b/modules/http2/h2_request.h new file mode 100644 index 00000000..aa5e0bc3 --- /dev/null +++ b/modules/http2/h2_request.h @@ -0,0 +1,67 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_request__ +#define __mod_h2__h2_request__ + +/* h2_request is the transformer of HTTP2 streams into HTTP/1.1 internal + * format that will be fed to various httpd input filters to finally + * become a request_rec to be handled by soemone. + * + * Ideally, we would make a request_rec without serializing the headers + * we have only to make someone else parse them back. + */ +struct h2_to_h1; +struct h2_mplx; +struct h2_task; + +typedef struct h2_request h2_request; + +struct h2_request { + int id; /* http2 stream id */ + apr_pool_t *pool; + apr_bucket_alloc_t *bucket_alloc; + struct h2_to_h1 *to_h1; /* Converter to HTTP/1.1 format*/ + + /* pseudo header values, see ch. 8.1.2.3 */ + const char *method; + const char *scheme; + const char *authority; + const char *path; +}; + +h2_request *h2_request_create(int id, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc); +void h2_request_destroy(h2_request *req); + +apr_status_t h2_request_flush(h2_request *req); + +apr_status_t h2_request_write_header(h2_request *req, + const char *name, size_t nlen, + const char *value, size_t vlen, + struct h2_mplx *m); + +apr_status_t h2_request_write_data(h2_request *request, + const char *data, size_t len); + +apr_status_t h2_request_end_headers(h2_request *req, struct h2_mplx *m, + struct h2_task *task, int eos); + +apr_status_t h2_request_close(h2_request *req); + +apr_status_t h2_request_rwrite(h2_request *req, request_rec *r, + struct h2_mplx *m); + +#endif /* defined(__mod_h2__h2_request__) */ diff --git a/modules/http2/h2_response.c b/modules/http2/h2_response.c new file mode 100644 index 00000000..9cedd855 --- /dev/null +++ b/modules/http2/h2_response.c @@ -0,0 +1,232 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include + +#include +#include +#include + +#include + +#include "h2_private.h" +#include "h2_util.h" +#include "h2_response.h" + +static h2_ngheader *make_ngheader(apr_pool_t *pool, const char *status, + apr_table_t *header); + +static int ignore_header(const char *name) +{ + return (H2_HD_MATCH_LIT_CS("connection", name) + || H2_HD_MATCH_LIT_CS("proxy-connection", name) + || H2_HD_MATCH_LIT_CS("upgrade", name) + || H2_HD_MATCH_LIT_CS("keep-alive", name) + || H2_HD_MATCH_LIT_CS("transfer-encoding", name)); +} + +h2_response *h2_response_create(int stream_id, + const char *http_status, + apr_array_header_t *hlines, + apr_pool_t *pool) +{ + apr_table_t *header; + h2_response *response = apr_pcalloc(pool, sizeof(h2_response)); + int i; + if (response == NULL) { + return NULL; + } + + response->stream_id = stream_id; + response->status = http_status; + response->content_length = -1; + + if (hlines) { + header = apr_table_make(pool, hlines->nelts); + for (i = 0; i < hlines->nelts; ++i) { + char *hline = ((char **)hlines->elts)[i]; + char *sep = ap_strchr(hline, ':'); + if (!sep) { + ap_log_perror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, pool, + APLOGNO(02955) "h2_response(%d): invalid header[%d] '%s'", + response->stream_id, i, (char*)hline); + /* not valid format, abort */ + return NULL; + } + (*sep++) = '\0'; + while (*sep == ' ' || *sep == '\t') { + ++sep; + } + if (ignore_header(hline)) { + /* never forward, ch. 8.1.2.2 */ + } + else { + apr_table_merge(header, hline, sep); + if (*sep && H2_HD_MATCH_LIT_CS("content-length", hline)) { + char *end; + response->content_length = apr_strtoi64(sep, &end, 10); + if (sep == end) { + ap_log_perror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, + pool, APLOGNO(02956) + "h2_response(%d): content-length" + " value not parsed: %s", + response->stream_id, sep); + response->content_length = -1; + } + } + } + } + } + else { + header = apr_table_make(pool, 0); + } + + response->rheader = header; + return response; +} + +h2_response *h2_response_rcreate(int stream_id, request_rec *r, + apr_table_t *header, apr_pool_t *pool) +{ + h2_response *response = apr_pcalloc(pool, sizeof(h2_response)); + if (response == NULL) { + return NULL; + } + + response->stream_id = stream_id; + response->status = apr_psprintf(pool, "%d", r->status); + response->content_length = -1; + response->rheader = header; + + return response; +} + +void h2_response_destroy(h2_response *response) +{ + (void)response; +} + +h2_response *h2_response_copy(apr_pool_t *pool, h2_response *from) +{ + h2_response *to = apr_pcalloc(pool, sizeof(h2_response)); + to->stream_id = from->stream_id; + to->status = apr_pstrdup(pool, from->status); + to->content_length = from->content_length; + if (from->rheader) { + to->ngheader = make_ngheader(pool, to->status, from->rheader); + } + return to; +} + +typedef struct { + nghttp2_nv *nv; + size_t nvlen; + size_t nvstrlen; + size_t offset; + char *strbuf; + apr_pool_t *pool; +} nvctx_t; + +static int count_header(void *ctx, const char *key, const char *value) +{ + if (!ignore_header(key)) { + nvctx_t *nvctx = (nvctx_t*)ctx; + nvctx->nvlen++; + nvctx->nvstrlen += strlen(key) + strlen(value) + 2; + } + return 1; +} + +#define NV_ADD_LIT_CS(nv, k, v) addnv_lit_cs(nv, k, sizeof(k) - 1, v, strlen(v)) +#define NV_ADD_CS_CS(nv, k, v) addnv_cs_cs(nv, k, strlen(k), v, strlen(v)) +#define NV_BUF_ADD(nv, s, len) memcpy(nv->strbuf, s, len); \ +s = nv->strbuf; \ +nv->strbuf += len + 1 + +static void addnv_cs_cs(nvctx_t *ctx, const char *key, size_t key_len, + const char *value, size_t val_len) +{ + nghttp2_nv *nv = &ctx->nv[ctx->offset]; + + NV_BUF_ADD(ctx, key, key_len); + NV_BUF_ADD(ctx, value, val_len); + + nv->name = (uint8_t*)key; + nv->namelen = key_len; + nv->value = (uint8_t*)value; + nv->valuelen = val_len; + + ctx->offset++; +} + +static void addnv_lit_cs(nvctx_t *ctx, const char *key, size_t key_len, + const char *value, size_t val_len) +{ + nghttp2_nv *nv = &ctx->nv[ctx->offset]; + + NV_BUF_ADD(ctx, value, val_len); + + nv->name = (uint8_t*)key; + nv->namelen = key_len; + nv->value = (uint8_t*)value; + nv->valuelen = val_len; + + ctx->offset++; +} + +static int add_header(void *ctx, const char *key, const char *value) +{ + if (!ignore_header(key)) { + nvctx_t *nvctx = (nvctx_t*)ctx; + NV_ADD_CS_CS(nvctx, key, value); + } + return 1; +} + +static h2_ngheader *make_ngheader(apr_pool_t *pool, const char *status, + apr_table_t *header) +{ + size_t n; + h2_ngheader *h; + nvctx_t ctx; + + ctx.nv = NULL; + ctx.nvlen = 1; + ctx.nvstrlen = strlen(status) + 1; + ctx.offset = 0; + ctx.strbuf = NULL; + ctx.pool = pool; + + apr_table_do(count_header, &ctx, header, NULL); + + n = (sizeof(h2_ngheader) + + (ctx.nvlen * sizeof(nghttp2_nv)) + ctx.nvstrlen); + h = apr_pcalloc(pool, n); + if (h) { + ctx.nv = (nghttp2_nv*)(h + 1); + ctx.strbuf = (char*)&ctx.nv[ctx.nvlen]; + + NV_ADD_LIT_CS(&ctx, ":status", status); + apr_table_do(add_header, &ctx, header, NULL); + + h->nv = ctx.nv; + h->nvlen = ctx.nvlen; + } + return h; +} + diff --git a/modules/http2/h2_response.h b/modules/http2/h2_response.h new file mode 100644 index 00000000..456d2226 --- /dev/null +++ b/modules/http2/h2_response.h @@ -0,0 +1,47 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_response__ +#define __mod_h2__h2_response__ + +/* h2_response is just the data belonging the the head of a HTTP response, + * suitable prepared to be fed to nghttp2 for response submit. + */ +typedef struct h2_ngheader { + nghttp2_nv *nv; + apr_size_t nvlen; +} h2_ngheader; + +typedef struct h2_response { + int stream_id; + const char *status; + apr_off_t content_length; + apr_table_t *rheader; + h2_ngheader *ngheader; +} h2_response; + +h2_response *h2_response_create(int stream_id, + const char *http_status, + apr_array_header_t *hlines, + apr_pool_t *pool); + +h2_response *h2_response_rcreate(int stream_id, request_rec *r, + apr_table_t *header, apr_pool_t *pool); + +void h2_response_destroy(h2_response *response); + +h2_response *h2_response_copy(apr_pool_t *pool, h2_response *from); + +#endif /* defined(__mod_h2__h2_response__) */ diff --git a/modules/http2/h2_session.c b/modules/http2/h2_session.c new file mode 100644 index 00000000..c3456a06 --- /dev/null +++ b/modules/http2/h2_session.c @@ -0,0 +1,1270 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_config.h" +#include "h2_h2.h" +#include "h2_mplx.h" +#include "h2_response.h" +#include "h2_stream.h" +#include "h2_stream_set.h" +#include "h2_from_h1.h" +#include "h2_task.h" +#include "h2_session.h" +#include "h2_util.h" +#include "h2_version.h" +#include "h2_workers.h" + +static int frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen); + +static int h2_session_status_from_apr_status(apr_status_t rv) +{ + switch (rv) { + case APR_SUCCESS: + return NGHTTP2_NO_ERROR; + case APR_EAGAIN: + case APR_TIMEUP: + return NGHTTP2_ERR_WOULDBLOCK; + case APR_EOF: + return NGHTTP2_ERR_EOF; + default: + return NGHTTP2_ERR_PROTO; + } +} + +static int stream_open(h2_session *session, int stream_id) +{ + h2_stream * stream; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + stream = h2_mplx_open_io(session->mplx, stream_id); + if (stream) { + h2_stream_set_add(session->streams, stream); + if (stream->id > session->max_stream_received) { + session->max_stream_received = stream->id; + } + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_session: stream(%ld-%d): opened", + session->id, stream_id); + + return 0; + } + + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_ENOMEM, session->c, + APLOGNO(02918) + "h2_session: stream(%ld-%d): unable to create", + session->id, stream_id); + return NGHTTP2_ERR_INVALID_STREAM_ID; +} + +static apr_status_t stream_end_headers(h2_session *session, + h2_stream *stream, int eos) +{ + (void)session; + return h2_stream_write_eoh(stream, eos); +} + +static apr_status_t send_data(h2_session *session, const char *data, + apr_size_t length); + +/* + * Callback when nghttp2 wants to send bytes back to the client. + */ +static ssize_t send_cb(nghttp2_session *ngh2, + const uint8_t *data, size_t length, + int flags, void *userp) +{ + h2_session *session = (h2_session *)userp; + apr_status_t status = send_data(session, (const char *)data, length); + + (void)ngh2; + (void)flags; + if (status == APR_SUCCESS) { + return length; + } + if (status == APR_EAGAIN || status == APR_TIMEUP) { + return NGHTTP2_ERR_WOULDBLOCK; + } + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_session: send error"); + return h2_session_status_from_apr_status(status); +} + +static int on_invalid_frame_recv_cb(nghttp2_session *ngh2, + const nghttp2_frame *frame, + int error, void *userp) +{ + h2_session *session = (h2_session *)userp; + (void)ngh2; + + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + if (APLOGctrace2(session->c)) { + char buffer[256]; + + frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0])); + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c, + "h2_session: callback on_invalid_frame_recv error=%d %s", + error, buffer); + } + return 0; +} + +static int on_data_chunk_recv_cb(nghttp2_session *ngh2, uint8_t flags, + int32_t stream_id, + const uint8_t *data, size_t len, void *userp) +{ + int rv; + h2_session *session = (h2_session *)userp; + h2_stream * stream; + apr_status_t status; + + (void)flags; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + stream = h2_stream_set_get(session->streams, stream_id); + if (!stream) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c, + APLOGNO(02919) + "h2_session: stream(%ld-%d): on_data_chunk for unknown stream", + session->id, (int)stream_id); + rv = nghttp2_submit_rst_stream(ngh2, NGHTTP2_FLAG_NONE, stream_id, + NGHTTP2_INTERNAL_ERROR); + if (nghttp2_is_fatal(rv)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + + status = h2_stream_write_data(stream, (const char *)data, len); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, session->c, + "h2_stream(%ld-%d): written DATA, length %d", + session->id, stream_id, (int)len); + if (status != APR_SUCCESS) { + rv = nghttp2_submit_rst_stream(ngh2, NGHTTP2_FLAG_NONE, stream_id, + NGHTTP2_INTERNAL_ERROR); + if (nghttp2_is_fatal(rv)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + } + return 0; +} + +static int before_frame_send_cb(nghttp2_session *ngh2, + const nghttp2_frame *frame, + void *userp) +{ + h2_session *session = (h2_session *)userp; + (void)ngh2; + + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + if (APLOGctrace2(session->c)) { + char buffer[256]; + frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0])); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_session(%ld): before_frame_send %s", + session->id, buffer); + } + return 0; +} + +static int on_frame_send_cb(nghttp2_session *ngh2, + const nghttp2_frame *frame, + void *userp) +{ + h2_session *session = (h2_session *)userp; + (void)ngh2; (void)frame; + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c, + "h2_session(%ld): on_frame_send", session->id); + return 0; +} + +static int on_frame_not_send_cb(nghttp2_session *ngh2, + const nghttp2_frame *frame, + int lib_error_code, void *userp) +{ + h2_session *session = (h2_session *)userp; + (void)ngh2; + + if (APLOGctrace2(session->c)) { + char buffer[256]; + + frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0])); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_session: callback on_frame_not_send error=%d %s", + lib_error_code, buffer); + } + return 0; +} + +static apr_status_t stream_destroy(h2_session *session, + h2_stream *stream, + uint32_t error_code) +{ + if (!error_code) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_stream(%ld-%d): handled, closing", + session->id, (int)stream->id); + if (stream->id > session->max_stream_handled) { + session->max_stream_handled = stream->id; + } + } + else { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_stream(%ld-%d): closing with err=%d %s", + session->id, (int)stream->id, (int)error_code, + nghttp2_strerror(error_code)); + } + + h2_stream_set_remove(session->streams, stream); + return h2_mplx_cleanup_stream(session->mplx, stream); +} + +static int on_stream_close_cb(nghttp2_session *ngh2, int32_t stream_id, + uint32_t error_code, void *userp) +{ + h2_session *session = (h2_session *)userp; + h2_stream *stream; + + (void)ngh2; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + stream = h2_stream_set_get(session->streams, stream_id); + if (stream) { + stream_destroy(session, stream, error_code); + } + + if (error_code) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_stream(%ld-%d): close error %d", + session->id, (int)stream_id, error_code); + } + + return 0; +} + +static int on_begin_headers_cb(nghttp2_session *ngh2, + const nghttp2_frame *frame, void *userp) +{ + /* This starts a new stream. */ + int rv; + (void)ngh2; + rv = stream_open((h2_session *)userp, frame->hd.stream_id); + if (rv != NGHTTP2_ERR_CALLBACK_FAILURE) { + /* on_header_cb or on_frame_recv_cb will dectect that stream + does not exist and submit RST_STREAM. */ + return 0; + } + return NGHTTP2_ERR_CALLBACK_FAILURE; +} + +static int on_header_cb(nghttp2_session *ngh2, const nghttp2_frame *frame, + const uint8_t *name, size_t namelen, + const uint8_t *value, size_t valuelen, + uint8_t flags, + void *userp) +{ + h2_session *session = (h2_session *)userp; + h2_stream * stream; + apr_status_t status; + + (void)ngh2; + (void)flags; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + stream = h2_stream_set_get(session->streams, + frame->hd.stream_id); + if (!stream) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c, + APLOGNO(02920) + "h2_session: stream(%ld-%d): on_header for unknown stream", + session->id, (int)frame->hd.stream_id); + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + + status = h2_stream_write_header(stream, + (const char *)name, namelen, + (const char *)value, valuelen); + if (status != APR_SUCCESS) { + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + return 0; +} + +/** + * nghttp2 session has received a complete frame. Most, it uses + * for processing of internal state. HEADER and DATA frames however + * we need to handle ourself. + */ +static int on_frame_recv_cb(nghttp2_session *ng2s, + const nghttp2_frame *frame, + void *userp) +{ + int rv; + h2_session *session = (h2_session *)userp; + apr_status_t status = APR_SUCCESS; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + ++session->frames_received; + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c, + "h2_session(%ld): on_frame_rcv #%ld, type=%d", session->id, + (long)session->frames_received, frame->hd.type); + switch (frame->hd.type) { + case NGHTTP2_HEADERS: { + int eos; + h2_stream * stream = h2_stream_set_get(session->streams, + frame->hd.stream_id); + if (stream == NULL) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c, + APLOGNO(02921) + "h2_session: stream(%ld-%d): HEADERS frame " + "for unknown stream", session->id, + (int)frame->hd.stream_id); + rv = nghttp2_submit_rst_stream(ng2s, NGHTTP2_FLAG_NONE, + frame->hd.stream_id, + NGHTTP2_INTERNAL_ERROR); + if (nghttp2_is_fatal(rv)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + + eos = (frame->hd.flags & NGHTTP2_FLAG_END_STREAM); + status = stream_end_headers(session, stream, eos); + + break; + } + case NGHTTP2_DATA: { + h2_stream * stream = h2_stream_set_get(session->streams, + frame->hd.stream_id); + if (stream == NULL) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c, + APLOGNO(02922) + "h2_session: stream(%ld-%d): DATA frame " + "for unknown stream", session->id, + (int)frame->hd.stream_id); + rv = nghttp2_submit_rst_stream(ng2s, NGHTTP2_FLAG_NONE, + frame->hd.stream_id, + NGHTTP2_INTERNAL_ERROR); + if (nghttp2_is_fatal(rv)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + break; + } + case NGHTTP2_PRIORITY: { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c, + "h2_session: stream(%ld-%d): PRIORITY frame " + " weight=%d, dependsOn=%d, exclusive=%d", + session->id, (int)frame->hd.stream_id, + frame->priority.pri_spec.weight, + frame->priority.pri_spec.stream_id, + frame->priority.pri_spec.exclusive); + break; + } + default: + if (APLOGctrace2(session->c)) { + char buffer[256]; + + frame_print(frame, buffer, + sizeof(buffer)/sizeof(buffer[0])); + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c, + "h2_session: on_frame_rcv %s", buffer); + } + break; + } + + /* only DATA and HEADERS frame can bear END_STREAM flag. Other + frame types may have other flag which has the same value, so we + have to check the frame type first. */ + if ((frame->hd.type == NGHTTP2_DATA || frame->hd.type == NGHTTP2_HEADERS) && + frame->hd.flags & NGHTTP2_FLAG_END_STREAM) { + h2_stream * stream = h2_stream_set_get(session->streams, + frame->hd.stream_id); + if (stream != NULL) { + status = h2_stream_write_eos(stream); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, session->c, + "h2_stream(%ld-%d): input closed", + session->id, (int)frame->hd.stream_id); + } + } + + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, session->c, + APLOGNO(02923) + "h2_session: stream(%ld-%d): error handling frame", + session->id, (int)frame->hd.stream_id); + rv = nghttp2_submit_rst_stream(ng2s, NGHTTP2_FLAG_NONE, + frame->hd.stream_id, + NGHTTP2_INTERNAL_ERROR); + if (nghttp2_is_fatal(rv)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + + return 0; +} + +static apr_status_t send_data(h2_session *session, const char *data, + apr_size_t length) +{ + return h2_conn_io_write(&session->io, data, length); +} + +static apr_status_t pass_data(void *ctx, + const char *data, apr_size_t length) +{ + return send_data((h2_session*)ctx, data, length); +} + +static int on_send_data_cb(nghttp2_session *ngh2, + nghttp2_frame *frame, + const uint8_t *framehd, + size_t length, + nghttp2_data_source *source, + void *userp) +{ + apr_status_t status = APR_SUCCESS; + h2_session *session = (h2_session *)userp; + int stream_id = (int)frame->hd.stream_id; + const unsigned char padlen = frame->data.padlen; + int eos; + h2_stream *stream; + + (void)ngh2; + (void)source; + if (session->aborted) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + stream = h2_stream_set_get(session->streams, stream_id); + if (!stream) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_NOTFOUND, session->c, + APLOGNO(02924) + "h2_stream(%ld-%d): send_data", + session->id, (int)stream_id); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + status = send_data(session, (const char *)framehd, 9); + if (status == APR_SUCCESS) { + if (padlen) { + status = send_data(session, (const char *)&padlen, 1); + } + + if (status == APR_SUCCESS) { + apr_size_t len = length; + status = h2_stream_readx(stream, pass_data, session, + &len, &eos); + if (status == APR_SUCCESS && len != length) { + status = APR_EINVAL; + } + } + + if (status == APR_SUCCESS && padlen) { + if (padlen) { + char pad[256]; + memset(pad, 0, padlen); + status = send_data(session, pad, padlen); + } + } + } + + if (status == APR_SUCCESS) { + return 0; + } + else if (status != APR_EOF) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, session->c, + APLOGNO(02925) + "h2_stream(%ld-%d): failed send_data_cb", + session->id, (int)stream_id); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + return h2_session_status_from_apr_status(status); +} + + +#define NGH2_SET_CALLBACK(callbacks, name, fn)\ +nghttp2_session_callbacks_set_##name##_callback(callbacks, fn) + +static apr_status_t init_callbacks(conn_rec *c, nghttp2_session_callbacks **pcb) +{ + int rv = nghttp2_session_callbacks_new(pcb); + if (rv != 0) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, + APLOGNO(02926) "nghttp2_session_callbacks_new: %s", + nghttp2_strerror(rv)); + return APR_EGENERAL; + } + + NGH2_SET_CALLBACK(*pcb, send, send_cb); + NGH2_SET_CALLBACK(*pcb, on_frame_recv, on_frame_recv_cb); + NGH2_SET_CALLBACK(*pcb, on_invalid_frame_recv, on_invalid_frame_recv_cb); + NGH2_SET_CALLBACK(*pcb, on_data_chunk_recv, on_data_chunk_recv_cb); + NGH2_SET_CALLBACK(*pcb, before_frame_send, before_frame_send_cb); + NGH2_SET_CALLBACK(*pcb, on_frame_send, on_frame_send_cb); + NGH2_SET_CALLBACK(*pcb, on_frame_not_send, on_frame_not_send_cb); + NGH2_SET_CALLBACK(*pcb, on_stream_close, on_stream_close_cb); + NGH2_SET_CALLBACK(*pcb, on_begin_headers, on_begin_headers_cb); + NGH2_SET_CALLBACK(*pcb, on_header, on_header_cb); + NGH2_SET_CALLBACK(*pcb, send_data, on_send_data_cb); + + return APR_SUCCESS; +} + +static h2_session *h2_session_create_int(conn_rec *c, + request_rec *r, + h2_config *config, + h2_workers *workers) +{ + nghttp2_session_callbacks *callbacks = NULL; + nghttp2_option *options = NULL; + + apr_pool_t *pool = NULL; + apr_status_t status = apr_pool_create(&pool, r? r->pool : c->pool); + h2_session *session; + if (status != APR_SUCCESS) { + return NULL; + } + + session = apr_pcalloc(pool, sizeof(h2_session)); + if (session) { + int rv; + session->id = c->id; + session->c = c; + session->r = r; + + session->max_stream_count = h2_config_geti(config, H2_CONF_MAX_STREAMS); + session->max_stream_mem = h2_config_geti(config, H2_CONF_STREAM_MAX_MEM); + + session->pool = pool; + + status = apr_thread_cond_create(&session->iowait, session->pool); + if (status != APR_SUCCESS) { + return NULL; + } + + session->streams = h2_stream_set_create(session->pool); + + session->workers = workers; + session->mplx = h2_mplx_create(c, session->pool, workers); + + h2_conn_io_init(&session->io, c); + session->bbtmp = apr_brigade_create(session->pool, c->bucket_alloc); + + status = init_callbacks(c, &callbacks); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, c, APLOGNO(02927) + "nghttp2: error in init_callbacks"); + h2_session_destroy(session); + return NULL; + } + + rv = nghttp2_option_new(&options); + if (rv != 0) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, c, + APLOGNO(02928) "nghttp2_option_new: %s", + nghttp2_strerror(rv)); + h2_session_destroy(session); + return NULL; + } + + nghttp2_option_set_peer_max_concurrent_streams(options, + (uint32_t)session->max_stream_count); + + /* We need to handle window updates ourself, otherwise we + * get flooded by nghttp2. */ + nghttp2_option_set_no_auto_window_update(options, 1); + + rv = nghttp2_session_server_new2(&session->ngh2, callbacks, + session, options); + nghttp2_session_callbacks_del(callbacks); + nghttp2_option_del(options); + + if (rv != 0) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, c, + APLOGNO(02929) "nghttp2_session_server_new: %s", + nghttp2_strerror(rv)); + h2_session_destroy(session); + return NULL; + } + + } + return session; +} + +h2_session *h2_session_create(conn_rec *c, h2_config *config, + h2_workers *workers) +{ + return h2_session_create_int(c, NULL, config, workers); +} + +h2_session *h2_session_rcreate(request_rec *r, h2_config *config, + h2_workers *workers) +{ + return h2_session_create_int(r->connection, r, config, workers); +} + +void h2_session_destroy(h2_session *session) +{ + AP_DEBUG_ASSERT(session); + if (session->mplx) { + h2_mplx_release_and_join(session->mplx, session->iowait); + session->mplx = NULL; + } + if (session->streams) { + if (h2_stream_set_size(session->streams)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c, + "h2_session(%ld): destroy, %d streams open", + session->id, (int)h2_stream_set_size(session->streams)); + } + h2_stream_set_destroy(session->streams); + session->streams = NULL; + } + if (session->ngh2) { + nghttp2_session_del(session->ngh2); + session->ngh2 = NULL; + } + h2_conn_io_destroy(&session->io); + + if (session->iowait) { + apr_thread_cond_destroy(session->iowait); + session->iowait = NULL; + } + + if (session->pool) { + apr_pool_destroy(session->pool); + } +} + +static apr_status_t h2_session_abort_int(h2_session *session, int reason) +{ + AP_DEBUG_ASSERT(session); + if (!session->aborted) { + session->aborted = 1; + if (session->ngh2) { + + if (!reason) { + nghttp2_submit_goaway(session->ngh2, NGHTTP2_FLAG_NONE, + session->max_stream_received, + reason, NULL, 0); + nghttp2_session_send(session->ngh2); + h2_conn_io_flush(&session->io); + } + else { + const char *err = nghttp2_strerror(reason); + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "session(%ld): aborting session, reason=%d %s", + session->id, reason, err); + + if (NGHTTP2_ERR_EOF == reason) { + /* This is our way of indication that the connection is + * gone. No use to send any GOAWAY frames. */ + nghttp2_session_terminate_session(session->ngh2, reason); + } + else { + /* The connection might still be there and we shut down + * with GOAWAY and reason information. */ + nghttp2_submit_goaway(session->ngh2, NGHTTP2_FLAG_NONE, + session->max_stream_received, + reason, (const uint8_t *)err, + strlen(err)); + nghttp2_session_send(session->ngh2); + h2_conn_io_flush(&session->io); + } + } + } + h2_mplx_abort(session->mplx); + } + return APR_SUCCESS; +} + +apr_status_t h2_session_abort(h2_session *session, apr_status_t reason, int rv) +{ + AP_DEBUG_ASSERT(session); + if (rv == 0) { + rv = NGHTTP2_ERR_PROTO; + switch (reason) { + case APR_ENOMEM: + rv = NGHTTP2_ERR_NOMEM; + break; + case APR_SUCCESS: /* all fine, just... */ + case APR_EOF: /* client closed its end... */ + case APR_TIMEUP: /* got bored waiting... */ + rv = 0; /* ...gracefully shut down */ + break; + case APR_EBADF: /* connection unusable, terminate silently */ + case APR_ECONNABORTED: + rv = NGHTTP2_ERR_EOF; + break; + default: + break; + } + } + return h2_session_abort_int(session, rv); +} + +apr_status_t h2_session_start(h2_session *session, int *rv) +{ + apr_status_t status = APR_SUCCESS; + h2_config *config; + nghttp2_settings_entry settings[3]; + + AP_DEBUG_ASSERT(session); + /* Start the conversation by submitting our SETTINGS frame */ + *rv = 0; + config = h2_config_get(session->c); + if (session->r) { + const char *s, *cs; + apr_size_t dlen; + h2_stream * stream; + + /* better for vhost matching */ + config = h2_config_rget(session->r); + + /* 'h2c' mode: we should have a 'HTTP2-Settings' header with + * base64 encoded client settings. */ + s = apr_table_get(session->r->headers_in, "HTTP2-Settings"); + if (!s) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_EINVAL, session->r, + APLOGNO(02931) + "HTTP2-Settings header missing in request"); + return APR_EINVAL; + } + cs = NULL; + dlen = h2_util_base64url_decode(&cs, s, session->pool); + + if (APLOGrdebug(session->r)) { + char buffer[128]; + h2_util_hex_dump(buffer, 128, (char*)cs, dlen); + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, session->r, + "upgrading h2c session with HTTP2-Settings: %s -> %s (%d)", + s, buffer, (int)dlen); + } + + *rv = nghttp2_session_upgrade(session->ngh2, (uint8_t*)cs, dlen, NULL); + if (*rv != 0) { + status = APR_EINVAL; + ap_log_rerror(APLOG_MARK, APLOG_ERR, status, session->r, + APLOGNO(02932) "nghttp2_session_upgrade: %s", + nghttp2_strerror(*rv)); + return status; + } + + /* Now we need to auto-open stream 1 for the request we got. */ + *rv = stream_open(session, 1); + if (*rv != 0) { + status = APR_EGENERAL; + ap_log_rerror(APLOG_MARK, APLOG_ERR, status, session->r, + APLOGNO(02933) "open stream 1: %s", + nghttp2_strerror(*rv)); + return status; + } + + stream = h2_stream_set_get(session->streams, 1); + if (stream == NULL) { + status = APR_EGENERAL; + ap_log_rerror(APLOG_MARK, APLOG_ERR, status, session->r, + APLOGNO(02934) "lookup of stream 1"); + return status; + } + + status = h2_stream_rwrite(stream, session->r); + if (status != APR_SUCCESS) { + return status; + } + status = stream_end_headers(session, stream, 1); + if (status != APR_SUCCESS) { + return status; + } + } + + settings[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS; + settings[0].value = (uint32_t)session->max_stream_count; + settings[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE; + settings[1].value = h2_config_geti(config, H2_CONF_WIN_SIZE); + settings[2].settings_id = NGHTTP2_SETTINGS_MAX_HEADER_LIST_SIZE; + settings[2].value = 64*1024; + + *rv = nghttp2_submit_settings(session->ngh2, NGHTTP2_FLAG_NONE, + settings, + sizeof(settings)/sizeof(settings[0])); + if (*rv != 0) { + status = APR_EGENERAL; + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, session->c, + APLOGNO(02935) "nghttp2_submit_settings: %s", + nghttp2_strerror(*rv)); + } + + return status; +} + +static int h2_session_want_write(h2_session *session) +{ + return nghttp2_session_want_write(session->ngh2); +} + +typedef struct { + h2_session *session; + int resume_count; +} resume_ctx; + +static int resume_on_data(void *ctx, h2_stream *stream) { + resume_ctx *rctx = (resume_ctx*)ctx; + h2_session *session = rctx->session; + AP_DEBUG_ASSERT(session); + AP_DEBUG_ASSERT(stream); + + if (h2_stream_is_suspended(stream)) { + if (h2_mplx_out_has_data_for(stream->m, stream->id)) { + int rv; + h2_stream_set_suspended(stream, 0); + ++rctx->resume_count; + + rv = nghttp2_session_resume_data(session->ngh2, stream->id); + ap_log_cerror(APLOG_MARK, nghttp2_is_fatal(rv)? + APLOG_ERR : APLOG_DEBUG, 0, session->c, + APLOGNO(02936) + "h2_stream(%ld-%d): resuming stream %s", + session->id, stream->id, nghttp2_strerror(rv)); + } + } + return 1; +} + +static int h2_session_resume_streams_with_data(h2_session *session) { + AP_DEBUG_ASSERT(session); + if (!h2_stream_set_is_empty(session->streams) + && session->mplx && !session->aborted) { + resume_ctx ctx; + + ctx.session = session; + ctx.resume_count = 0; + + /* Resume all streams where we have data in the out queue and + * which had been suspended before. */ + h2_stream_set_iter(session->streams, resume_on_data, &ctx); + return ctx.resume_count; + } + return 0; +} + +static void update_window(void *ctx, int stream_id, apr_size_t bytes_read) +{ + h2_session *session = (h2_session*)ctx; + nghttp2_session_consume(session->ngh2, stream_id, bytes_read); +} + +static apr_status_t h2_session_update_windows(h2_session *session) +{ + return h2_mplx_in_update_windows(session->mplx, update_window, session); +} + +apr_status_t h2_session_write(h2_session *session, apr_interval_time_t timeout) +{ + apr_status_t status = APR_EAGAIN; + h2_stream *stream = NULL; + int flush_output = 0; + + AP_DEBUG_ASSERT(session); + + /* Check that any pending window updates are sent. */ + status = h2_session_update_windows(session); + if (status == APR_SUCCESS) { + flush_output = 1; + } + else if (status != APR_EAGAIN) { + return status; + } + + if (h2_session_want_write(session)) { + int rv; + status = APR_SUCCESS; + rv = nghttp2_session_send(session->ngh2); + if (rv != 0) { + ap_log_cerror( APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_session: send: %s", nghttp2_strerror(rv)); + if (nghttp2_is_fatal(rv)) { + h2_session_abort_int(session, rv); + status = APR_ECONNABORTED; + } + } + flush_output = 1; + } + + /* If we have responses ready, submit them now. */ + while ((stream = h2_mplx_next_submit(session->mplx, + session->streams)) != NULL) { + status = h2_session_handle_response(session, stream); + flush_output = 1; + } + + if (h2_session_resume_streams_with_data(session) > 0) { + flush_output = 1; + } + + if (!flush_output && timeout > 0 && !h2_session_want_write(session)) { + status = h2_mplx_out_trywait(session->mplx, timeout, session->iowait); + + if (status != APR_TIMEUP + && h2_session_resume_streams_with_data(session) > 0) { + flush_output = 1; + } + else { + /* nothing happened to ongoing streams, do some house-keeping */ + } + } + + if (h2_session_want_write(session)) { + int rv; + status = APR_SUCCESS; + rv = nghttp2_session_send(session->ngh2); + if (rv != 0) { + ap_log_cerror( APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_session: send2: %s", nghttp2_strerror(rv)); + if (nghttp2_is_fatal(rv)) { + h2_session_abort_int(session, rv); + status = APR_ECONNABORTED; + } + } + flush_output = 1; + } + + if (flush_output) { + h2_conn_io_flush(&session->io); + } + + return status; +} + +h2_stream *h2_session_get_stream(h2_session *session, int stream_id) +{ + AP_DEBUG_ASSERT(session); + return h2_stream_set_get(session->streams, stream_id); +} + +/* h2_io_on_read_cb implementation that offers the data read + * directly to the session for consumption. + */ +static apr_status_t session_receive(const char *data, apr_size_t len, + apr_size_t *readlen, int *done, + void *puser) +{ + h2_session *session = (h2_session *)puser; + AP_DEBUG_ASSERT(session); + if (len > 0) { + ssize_t n = nghttp2_session_mem_recv(session->ngh2, + (const uint8_t *)data, len); + if (n < 0) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, + session->c, + "h2_session: nghttp2_session_mem_recv error %d", + (int)n); + if (nghttp2_is_fatal((int)n)) { + *done = 1; + h2_session_abort_int(session, (int)n); + return APR_EGENERAL; + } + } + else { + *readlen = n; + } + } + return APR_SUCCESS; +} + +apr_status_t h2_session_read(h2_session *session, apr_read_type_e block) +{ + AP_DEBUG_ASSERT(session); + return h2_conn_io_read(&session->io, block, session_receive, session); +} + +apr_status_t h2_session_close(h2_session *session) +{ + AP_DEBUG_ASSERT(session); + return session->aborted? APR_SUCCESS : h2_conn_io_flush(&session->io); +} + +/* The session wants to send more DATA for the given stream. + */ +static ssize_t stream_data_cb(nghttp2_session *ng2s, + int32_t stream_id, + uint8_t *buf, + size_t length, + uint32_t *data_flags, + nghttp2_data_source *source, + void *puser) +{ + h2_session *session = (h2_session *)puser; + apr_size_t nread = length; + int eos = 0; + apr_status_t status; + h2_stream *stream; + AP_DEBUG_ASSERT(session); + + (void)ng2s; + (void)buf; + (void)source; + stream = h2_stream_set_get(session->streams, stream_id); + if (!stream) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_NOTFOUND, session->c, + APLOGNO(02937) + "h2_stream(%ld-%d): data requested but stream not found", + session->id, (int)stream_id); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + AP_DEBUG_ASSERT(!h2_stream_is_suspended(stream)); + + status = h2_stream_prep_read(stream, &nread, &eos); + if (nread) { + *data_flags |= NGHTTP2_DATA_FLAG_NO_COPY; + } + + switch (status) { + case APR_SUCCESS: + break; + + case APR_EAGAIN: + /* If there is no data available, our session will automatically + * suspend this stream and not ask for more data until we resume + * it. Remember at our h2_stream that we need to do this. + */ + nread = 0; + h2_stream_set_suspended(stream, 1); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_stream(%ld-%d): suspending stream", + session->id, (int)stream_id); + return NGHTTP2_ERR_DEFERRED; + + case APR_EOF: + nread = 0; + eos = 1; + break; + + default: + nread = 0; + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, session->c, + APLOGNO(02938) "h2_stream(%ld-%d): reading data", + session->id, (int)stream_id); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + if (eos) { + *data_flags |= NGHTTP2_DATA_FLAG_EOF; + } + + return (ssize_t)nread; +} + +typedef struct { + nghttp2_nv *nv; + size_t nvlen; + size_t offset; +} nvctx_t; + +static int submit_response(h2_session *session, h2_response *response) +{ + nghttp2_data_provider provider; + int rv; + + memset(&provider, 0, sizeof(provider)); + provider.source.fd = response->stream_id; + provider.read_callback = stream_data_cb; + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c, + "h2_stream(%ld-%d): submitting response %s", + session->id, response->stream_id, response->status); + + rv = nghttp2_submit_response(session->ngh2, response->stream_id, + response->ngheader->nv, + response->ngheader->nvlen, &provider); + + if (rv != 0) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c, + APLOGNO(02939) "h2_stream(%ld-%d): submit_response: %s", + session->id, response->stream_id, nghttp2_strerror(rv)); + } + else { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, + "h2_stream(%ld-%d): submitted response %s, rv=%d", + session->id, response->stream_id, + response->status, rv); + } + return rv; +} + +/* Start submitting the response to a stream request. This is possible + * once we have all the response headers. The response body will be + * read by the session using the callback we supply. + */ +apr_status_t h2_session_handle_response(h2_session *session, h2_stream *stream) +{ + apr_status_t status = APR_SUCCESS; + int rv = 0; + AP_DEBUG_ASSERT(session); + AP_DEBUG_ASSERT(stream); + AP_DEBUG_ASSERT(stream->response); + + if (stream->response->ngheader) { + rv = submit_response(session, stream->response); + } + else { + rv = nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE, + stream->id, NGHTTP2_PROTOCOL_ERROR); + } + + if (nghttp2_is_fatal(rv)) { + status = APR_EGENERAL; + h2_session_abort_int(session, rv); + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, session->c, + APLOGNO(02940) "submit_response: %s", + nghttp2_strerror(rv)); + } + return status; +} + +int h2_session_is_done(h2_session *session) +{ + AP_DEBUG_ASSERT(session); + return (session->aborted + || !session->ngh2 + || (!nghttp2_session_want_read(session->ngh2) + && !nghttp2_session_want_write(session->ngh2))); +} + +static int log_stream(void *ctx, h2_stream *stream) +{ + h2_session *session = (h2_session *)ctx; + AP_DEBUG_ASSERT(session); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c, + "h2_stream(%ld-%d): in set, suspended=%d, aborted=%d, " + "has_data=%d", + session->id, stream->id, stream->suspended, stream->aborted, + h2_mplx_out_has_data_for(session->mplx, stream->id)); + return 1; +} + +void h2_session_log_stats(h2_session *session) +{ + AP_DEBUG_ASSERT(session); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c, + "h2_session(%ld): %d open streams", + session->id, (int)h2_stream_set_size(session->streams)); + h2_stream_set_iter(session->streams, log_stream, session); +} + +static int frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen) +{ + char scratch[128]; + size_t s_len = sizeof(scratch)/sizeof(scratch[0]); + + switch (frame->hd.type) { + case NGHTTP2_DATA: { + return apr_snprintf(buffer, maxlen, + "DATA[length=%d, flags=%d, stream=%d, padlen=%d]", + (int)frame->hd.length, frame->hd.flags, + frame->hd.stream_id, (int)frame->data.padlen); + } + case NGHTTP2_HEADERS: { + return apr_snprintf(buffer, maxlen, + "HEADERS[length=%d, hend=%d, stream=%d, eos=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), + frame->hd.stream_id, + !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)); + } + case NGHTTP2_PRIORITY: { + return apr_snprintf(buffer, maxlen, + "PRIORITY[length=%d, flags=%d, stream=%d]", + (int)frame->hd.length, + frame->hd.flags, frame->hd.stream_id); + } + case NGHTTP2_RST_STREAM: { + return apr_snprintf(buffer, maxlen, + "RST_STREAM[length=%d, flags=%d, stream=%d]", + (int)frame->hd.length, + frame->hd.flags, frame->hd.stream_id); + } + case NGHTTP2_SETTINGS: { + if (frame->hd.flags & NGHTTP2_FLAG_ACK) { + return apr_snprintf(buffer, maxlen, + "SETTINGS[ack=1, stream=%d]", + frame->hd.stream_id); + } + return apr_snprintf(buffer, maxlen, + "SETTINGS[length=%d, stream=%d]", + (int)frame->hd.length, frame->hd.stream_id); + } + case NGHTTP2_PUSH_PROMISE: { + return apr_snprintf(buffer, maxlen, + "PUSH_PROMISE[length=%d, hend=%d, stream=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), + frame->hd.stream_id); + } + case NGHTTP2_PING: { + return apr_snprintf(buffer, maxlen, + "PING[length=%d, ack=%d, stream=%d]", + (int)frame->hd.length, + frame->hd.flags&NGHTTP2_FLAG_ACK, + frame->hd.stream_id); + } + case NGHTTP2_GOAWAY: { + size_t len = (frame->goaway.opaque_data_len < s_len)? + frame->goaway.opaque_data_len : s_len-1; + memcpy(scratch, frame->goaway.opaque_data, len); + scratch[len+1] = '\0'; + return apr_snprintf(buffer, maxlen, "GOAWAY[error=%d, reason='%s']", + frame->goaway.error_code, scratch); + } + case NGHTTP2_WINDOW_UPDATE: { + return apr_snprintf(buffer, maxlen, + "WINDOW_UPDATE[length=%d, stream=%d]", + (int)frame->hd.length, frame->hd.stream_id); + } + default: + return apr_snprintf(buffer, maxlen, + "FRAME[type=%d, length=%d, flags=%d, stream=%d]", + frame->hd.type, (int)frame->hd.length, + frame->hd.flags, frame->hd.stream_id); + } +} + diff --git a/modules/http2/h2_session.h b/modules/http2/h2_session.h new file mode 100644 index 00000000..12768a90 --- /dev/null +++ b/modules/http2/h2_session.h @@ -0,0 +1,163 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_session__ +#define __mod_h2__h2_session__ + +#include "h2_conn_io.h" + +/** + * A HTTP/2 connection, a session with a specific client. + * + * h2_session sits on top of a httpd conn_rec* instance and takes complete + * control of the connection data. It receives protocol frames from the + * client. For new HTTP/2 streams it creates h2_task(s) that are sent + * via callback to a dispatcher (see h2_conn.c). + * h2_session keeps h2_io's for each ongoing stream which buffer the + * payload for that stream. + * + * New incoming HEADER frames are converted into a h2_stream+h2_task instance + * that both represent a HTTP/2 stream, but may have separate lifetimes. This + * allows h2_task to be scheduled in other threads without semaphores + * all over the place. It allows task memory to be freed independant of + * session lifetime and sessions may close down while tasks are still running. + * + * + */ + +struct apr_thread_mutext_t; +struct apr_thread_cond_t; +struct h2_config; +struct h2_mplx; +struct h2_response; +struct h2_session; +struct h2_stream; +struct h2_task; +struct h2_workers; + +struct nghttp2_session; + +typedef struct h2_session h2_session; + +struct h2_session { + long id; /* identifier of this session, unique + * inside a httpd process */ + conn_rec *c; /* the connection this session serves */ + request_rec *r; /* the request that started this in case + * of 'h2c', NULL otherwise */ + int aborted; /* this session is being aborted */ + apr_size_t frames_received; /* number of http/2 frames received */ + apr_size_t max_stream_count; /* max number of open streams */ + apr_size_t max_stream_mem; /* max buffer memory for a single stream */ + + apr_pool_t *pool; /* pool to use in session handling */ + apr_bucket_brigade *bbtmp; /* brigade for keeping temporary data */ + struct apr_thread_cond_t *iowait; /* our cond when trywaiting for data */ + + h2_conn_io io; /* io on httpd conn filters */ + struct h2_mplx *mplx; /* multiplexer for stream data */ + + struct h2_stream_set *streams; /* streams handled by this session */ + + int max_stream_received; /* highest stream id created */ + int max_stream_handled; /* highest stream id handled successfully */ + + struct nghttp2_session *ngh2; /* the nghttp2 session (internal use) */ + struct h2_workers *workers; /* for executing stream tasks */ +}; + + +/** + * Create a new h2_session for the given connection. + * The session will apply the configured parameter. + * @param c the connection to work on + * @param cfg the module config to apply + * @param workers the worker pool to use + * @return the created session + */ +h2_session *h2_session_create(conn_rec *c, struct h2_config *cfg, + struct h2_workers *workers); + +/** + * Create a new h2_session for the given request. + * The session will apply the configured parameter. + * @param r the request that was upgraded + * @param cfg the module config to apply + * @param workers the worker pool to use + * @return the created session + */ +h2_session *h2_session_rcreate(request_rec *r, struct h2_config *cfg, + struct h2_workers *workers); + +/** + * Destroy the session and all objects it still contains. This will not + * destroy h2_task instances that have not finished yet. + * @param session the session to destroy + */ +void h2_session_destroy(h2_session *session); + +/** + * Called once at start of session. + * Sets up the session and sends the initial SETTINGS frame. + * @param session the session to start + * @param rv error codes in libnghttp2 lingo are returned here + * @return APR_SUCCESS if all went well + */ +apr_status_t h2_session_start(h2_session *session, int *rv); + +/** + * Determine if session is finished. + * @return != 0 iff session is finished and connection can be closed. + */ +int h2_session_is_done(h2_session *session); + +/** + * Called when an error occured and the session needs to shut down. + * @param session the session to shut down + * @param reason the apache status that caused the shutdown + * @param rv the nghttp2 reason for shutdown, set to 0 if you have none. + * + */ +apr_status_t h2_session_abort(h2_session *session, apr_status_t reason, int rv); + +/** + * Called before a session gets destroyed, might flush output etc. + */ +apr_status_t h2_session_close(h2_session *session); + +/* Read more data from the client connection. Used normally with blocking + * APR_NONBLOCK_READ, which will return APR_EAGAIN when no data is available. + * Use with APR_BLOCK_READ only when certain that no data needs to be written + * while waiting. */ +apr_status_t h2_session_read(h2_session *session, apr_read_type_e block); + +/* Write data out to the client, if there is any. Otherwise, wait for + * a maximum of timeout micro-seconds and return to the caller. If timeout + * occurred, APR_TIMEUP will be returned. + */ +apr_status_t h2_session_write(h2_session *session, + apr_interval_time_t timeout); + +/* Start submitting the response to a stream request. This is possible + * once we have all the response headers. */ +apr_status_t h2_session_handle_response(h2_session *session, + struct h2_stream *stream); + +/* Get the h2_stream for the given stream idenrtifier. */ +struct h2_stream *h2_session_get_stream(h2_session *session, int stream_id); + +void h2_session_log_stats(h2_session *session); + +#endif /* defined(__mod_h2__h2_session__) */ diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c new file mode 100644 index 00000000..52781d84 --- /dev/null +++ b/modules/http2/h2_stream.c @@ -0,0 +1,273 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#define APR_POOL_DEBUG 7 + +#include +#include +#include +#include + +#include + +#include "h2_private.h" +#include "h2_conn.h" +#include "h2_mplx.h" +#include "h2_request.h" +#include "h2_response.h" +#include "h2_stream.h" +#include "h2_task.h" +#include "h2_ctx.h" +#include "h2_task_input.h" +#include "h2_task.h" +#include "h2_util.h" + + +static void set_state(h2_stream *stream, h2_stream_state_t state) +{ + AP_DEBUG_ASSERT(stream); + if (stream->state != state) { + stream->state = state; + } +} + +h2_stream *h2_stream_create(int id, apr_pool_t *pool, struct h2_mplx *m) +{ + h2_stream *stream = apr_pcalloc(pool, sizeof(h2_stream)); + if (stream != NULL) { + stream->id = id; + stream->state = H2_STREAM_ST_IDLE; + stream->pool = pool; + stream->m = m; + stream->request = h2_request_create(id, pool, m->c->bucket_alloc); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, + "h2_stream(%ld-%d): created", m->id, stream->id); + } + return stream; +} + +static void h2_stream_cleanup(h2_stream *stream) +{ + if (stream->request) { + h2_request_destroy(stream->request); + stream->request = NULL; + } +} + +apr_status_t h2_stream_destroy(h2_stream *stream) +{ + AP_DEBUG_ASSERT(stream); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, stream->m->c, + "h2_stream(%ld-%d): destroy", stream->m->id, stream->id); + h2_stream_cleanup(stream); + + if (stream->task) { + h2_task_destroy(stream->task); + stream->task = NULL; + } + if (stream->pool) { + apr_pool_destroy(stream->pool); + } + return APR_SUCCESS; +} + +void h2_stream_attach_pool(h2_stream *stream, apr_pool_t *pool) +{ + stream->pool = pool; +} + +apr_pool_t *h2_stream_detach_pool(h2_stream *stream) +{ + apr_pool_t *pool = stream->pool; + stream->pool = NULL; + return pool; +} + +void h2_stream_abort(h2_stream *stream) +{ + AP_DEBUG_ASSERT(stream); + stream->aborted = 1; +} + +apr_status_t h2_stream_set_response(h2_stream *stream, h2_response *response, + apr_bucket_brigade *bb) +{ + stream->response = response; + if (bb && !APR_BRIGADE_EMPTY(bb)) { + if (!stream->bbout) { + stream->bbout = apr_brigade_create(stream->pool, + stream->m->c->bucket_alloc); + } + return h2_util_move(stream->bbout, bb, 16 * 1024, NULL, + "h2_stream_set_response"); + } + return APR_SUCCESS; +} + +static int set_closed(h2_stream *stream) +{ + switch (stream->state) { + case H2_STREAM_ST_CLOSED_INPUT: + case H2_STREAM_ST_CLOSED: + return 0; /* ignore, idempotent */ + case H2_STREAM_ST_CLOSED_OUTPUT: + /* both closed now */ + set_state(stream, H2_STREAM_ST_CLOSED); + break; + default: + /* everything else we jump to here */ + set_state(stream, H2_STREAM_ST_CLOSED_INPUT); + break; + } + return 1; +} + +apr_status_t h2_stream_rwrite(h2_stream *stream, request_rec *r) +{ + apr_status_t status; + AP_DEBUG_ASSERT(stream); + set_state(stream, H2_STREAM_ST_OPEN); + status = h2_request_rwrite(stream->request, r, stream->m); + return status; +} + +apr_status_t h2_stream_write_eoh(h2_stream *stream, int eos) +{ + apr_status_t status; + AP_DEBUG_ASSERT(stream); + + /* Seeing the end-of-headers, we have everything we need to + * start processing it. + */ + status = h2_mplx_create_task(stream->m, stream); + if (status == APR_SUCCESS) { + status = h2_request_end_headers(stream->request, + stream->m, stream->task, eos); + if (status == APR_SUCCESS) { + status = h2_mplx_do_task(stream->m, stream->task); + } + if (eos) { + status = h2_stream_write_eos(stream); + } + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, stream->m->c, + "h2_mplx(%ld-%d): start stream, task %s %s (%s)", + stream->m->id, stream->id, + stream->request->method, stream->request->path, + stream->request->authority); + + } + return status; +} + +apr_status_t h2_stream_write_eos(h2_stream *stream) +{ + AP_DEBUG_ASSERT(stream); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, stream->m->c, + "h2_stream(%ld-%d): closing input", + stream->m->id, stream->id); + if (set_closed(stream)) { + return h2_request_close(stream->request); + } + return APR_SUCCESS; +} + +apr_status_t h2_stream_write_header(h2_stream *stream, + const char *name, size_t nlen, + const char *value, size_t vlen) +{ + AP_DEBUG_ASSERT(stream); + switch (stream->state) { + case H2_STREAM_ST_IDLE: + set_state(stream, H2_STREAM_ST_OPEN); + break; + case H2_STREAM_ST_OPEN: + break; + default: + return APR_EINVAL; + } + return h2_request_write_header(stream->request, name, nlen, + value, vlen, stream->m); +} + +apr_status_t h2_stream_write_data(h2_stream *stream, + const char *data, size_t len) +{ + AP_DEBUG_ASSERT(stream); + AP_DEBUG_ASSERT(stream); + switch (stream->state) { + case H2_STREAM_ST_OPEN: + break; + default: + return APR_EINVAL; + } + return h2_request_write_data(stream->request, data, len); +} + +apr_status_t h2_stream_prep_read(h2_stream *stream, + apr_size_t *plen, int *peos) +{ + apr_status_t status = APR_SUCCESS; + const char *src; + + if (stream->bbout && !APR_BRIGADE_EMPTY(stream->bbout)) { + src = "stream"; + status = h2_util_bb_avail(stream->bbout, plen, peos); + if (status == APR_SUCCESS && !*peos && !*plen) { + apr_brigade_cleanup(stream->bbout); + return h2_stream_prep_read(stream, plen, peos); + } + } + else { + src = "mplx"; + status = h2_mplx_out_readx(stream->m, stream->id, + NULL, NULL, plen, peos); + } + if (status == APR_SUCCESS && !*peos && !*plen) { + status = APR_EAGAIN; + } + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, stream->m->c, + "h2_stream(%ld-%d): prep_read %s, len=%ld eos=%d", + stream->m->id, stream->id, + src, (long)*plen, *peos); + return status; +} + +apr_status_t h2_stream_readx(h2_stream *stream, + h2_io_data_cb *cb, void *ctx, + apr_size_t *plen, int *peos) +{ + if (stream->bbout && !APR_BRIGADE_EMPTY(stream->bbout)) { + return h2_util_bb_readx(stream->bbout, cb, ctx, plen, peos); + } + return h2_mplx_out_readx(stream->m, stream->id, + cb, ctx, plen, peos); +} + + +void h2_stream_set_suspended(h2_stream *stream, int suspended) +{ + AP_DEBUG_ASSERT(stream); + stream->suspended = !!suspended; +} + +int h2_stream_is_suspended(h2_stream *stream) +{ + AP_DEBUG_ASSERT(stream); + return stream->suspended; +} + diff --git a/modules/http2/h2_stream.h b/modules/http2/h2_stream.h new file mode 100644 index 00000000..0608f2f3 --- /dev/null +++ b/modules/http2/h2_stream.h @@ -0,0 +1,107 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_stream__ +#define __mod_h2__h2_stream__ + +/** + * A HTTP/2 stream, e.g. a client request+response in HTTP/1.1 terms. + * + * Ok, not quite, but close enough, since we do not implement server + * pushes yet. + * + * A stream always belongs to a h2_session, the one managing the + * connection to the client. The h2_session writes to the h2_stream, + * adding HEADERS and DATA and finally an EOS. When headers are done, + * h2_stream can create a h2_task that can be scheduled to fullfill the + * request. + * + * This response headers are added directly to the h2_mplx of the session, + * but the response DATA can be read via h2_stream. Reading data will + * never block but return APR_EAGAIN when there currently is no data (and + * no eos) in the multiplexer for this stream. + */ +#include "h2_io.h" + +typedef enum { + H2_STREAM_ST_IDLE, + H2_STREAM_ST_OPEN, + H2_STREAM_ST_RESV_LOCAL, + H2_STREAM_ST_RESV_REMOTE, + H2_STREAM_ST_CLOSED_INPUT, + H2_STREAM_ST_CLOSED_OUTPUT, + H2_STREAM_ST_CLOSED, +} h2_stream_state_t; + +struct h2_mplx; +struct h2_request; +struct h2_response; +struct h2_task; + +typedef struct h2_stream h2_stream; + +struct h2_stream { + int id; /* http2 stream id */ + h2_stream_state_t state; /* http/2 state of this stream */ + struct h2_mplx *m; /* the multiplexer to work with */ + + int aborted; /* was aborted */ + int suspended; /* DATA sending has been suspended */ + + apr_pool_t *pool; /* the memory pool for this stream */ + struct h2_request *request; /* the request made in this stream */ + + struct h2_task *task; /* task created for this stream */ + struct h2_response *response; /* the response, once ready */ + apr_bucket_brigade *bbout; /* output DATA */ +}; + + +h2_stream *h2_stream_create(int id, apr_pool_t *pool, struct h2_mplx *m); + +apr_status_t h2_stream_destroy(h2_stream *stream); + +apr_pool_t *h2_stream_detach_pool(h2_stream *stream); +void h2_stream_attach_pool(h2_stream *stream, apr_pool_t *pool); + +void h2_stream_abort(h2_stream *stream); + +apr_status_t h2_stream_rwrite(h2_stream *stream, request_rec *r); + +apr_status_t h2_stream_write_eos(h2_stream *stream); + +apr_status_t h2_stream_write_header(h2_stream *stream, + const char *name, size_t nlen, + const char *value, size_t vlen); + +apr_status_t h2_stream_write_eoh(h2_stream *stream, int eos); + +apr_status_t h2_stream_write_data(h2_stream *stream, + const char *data, size_t len); + +apr_status_t h2_stream_set_response(h2_stream *stream, + struct h2_response *response, + apr_bucket_brigade *bb); + +apr_status_t h2_stream_prep_read(h2_stream *stream, + apr_size_t *plen, int *peos); + +apr_status_t h2_stream_readx(h2_stream *stream, h2_io_data_cb *cb, + void *ctx, apr_size_t *plen, int *peos); + +void h2_stream_set_suspended(h2_stream *stream, int suspended); +int h2_stream_is_suspended(h2_stream *stream); + +#endif /* defined(__mod_h2__h2_stream__) */ diff --git a/modules/http2/h2_stream_set.c b/modules/http2/h2_stream_set.c new file mode 100644 index 00000000..dddd2e39 --- /dev/null +++ b/modules/http2/h2_stream_set.c @@ -0,0 +1,164 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_session.h" +#include "h2_stream.h" +#include "h2_task.h" +#include "h2_stream_set.h" + +#define H2_STREAM_IDX(list, i) ((h2_stream**)(list)->elts)[i] + +struct h2_stream_set { + apr_array_header_t *list; +}; + +h2_stream_set *h2_stream_set_create(apr_pool_t *pool) +{ + h2_stream_set *sp = apr_pcalloc(pool, sizeof(h2_stream_set)); + if (sp) { + sp->list = apr_array_make(pool, 100, sizeof(h2_stream*)); + if (!sp->list) { + return NULL; + } + } + return sp; +} + +void h2_stream_set_destroy(h2_stream_set *sp) +{ + (void)sp; +} + +static int h2_stream_id_cmp(const void *s1, const void *s2) +{ + h2_stream **pstream1 = (h2_stream **)s1; + h2_stream **pstream2 = (h2_stream **)s2; + return (*pstream1)->id - (*pstream2)->id; +} + +h2_stream *h2_stream_set_get(h2_stream_set *sp, int stream_id) +{ + /* we keep the array sorted by id, so lookup can be done + * by bsearch. + */ + h2_stream key; + h2_stream *pkey, **ps; + memset(&key, 0, sizeof(key)); + key.id = stream_id; + pkey = &key; + ps = bsearch(&pkey, sp->list->elts, sp->list->nelts, + sp->list->elt_size, h2_stream_id_cmp); + return ps? *ps : NULL; +} + +static void h2_stream_set_sort(h2_stream_set *sp) +{ + qsort(sp->list->elts, sp->list->nelts, sp->list->elt_size, + h2_stream_id_cmp); +} + +apr_status_t h2_stream_set_add(h2_stream_set *sp, h2_stream *stream) +{ + h2_stream *existing = h2_stream_set_get(sp, stream->id); + if (!existing) { + int last; + APR_ARRAY_PUSH(sp->list, h2_stream*) = stream; + /* Normally, streams get added in ascending order if id. We + * keep the array sorted, so we just need to check of the newly + * appended stream has a lower id than the last one. if not, + * sorting is not necessary. + */ + last = sp->list->nelts - 1; + if (last > 0 + && (H2_STREAM_IDX(sp->list, last)->id + < H2_STREAM_IDX(sp->list, last-1)->id)) { + h2_stream_set_sort(sp); + } + } + return APR_SUCCESS; +} + +h2_stream *h2_stream_set_remove(h2_stream_set *sp, h2_stream *stream) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_stream *s = H2_STREAM_IDX(sp->list, i); + if (s == stream) { + int n; + --sp->list->nelts; + n = sp->list->nelts - i; + if (n > 0) { + /* Close the hole in the array by moving the upper + * parts down one step. + */ + h2_stream **selts = (h2_stream**)sp->list->elts; + memmove(selts+i, selts+i+1, n * sizeof(h2_stream*)); + } + return s; + } + } + return NULL; +} + +void h2_stream_set_remove_all(h2_stream_set *sp) +{ + sp->list->nelts = 0; +} + +int h2_stream_set_is_empty(h2_stream_set *sp) +{ + AP_DEBUG_ASSERT(sp); + return sp->list->nelts == 0; +} + +h2_stream *h2_stream_set_find(h2_stream_set *sp, + h2_stream_set_match_fn *match, void *ctx) +{ + h2_stream *s = NULL; + int i; + for (i = 0; !s && i < sp->list->nelts; ++i) { + s = match(ctx, H2_STREAM_IDX(sp->list, i)); + } + return s; +} + +void h2_stream_set_iter(h2_stream_set *sp, + h2_stream_set_iter_fn *iter, void *ctx) +{ + int i; + for (i = 0; i < sp->list->nelts; ++i) { + h2_stream *s = H2_STREAM_IDX(sp->list, i); + if (!iter(ctx, s)) { + break; + } + } +} + +apr_size_t h2_stream_set_size(h2_stream_set *sp) +{ + return sp->list->nelts; +} + diff --git a/modules/http2/h2_stream_set.h b/modules/http2/h2_stream_set.h new file mode 100644 index 00000000..56075834 --- /dev/null +++ b/modules/http2/h2_stream_set.h @@ -0,0 +1,52 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_stream_set__ +#define __mod_h2__h2_stream_set__ + +/** + * A set of h2_stream instances. Allows lookup by stream id + * and other criteria. + */ + +typedef h2_stream *h2_stream_set_match_fn(void *ctx, h2_stream *stream); +typedef int h2_stream_set_iter_fn(void *ctx, h2_stream *stream); + +typedef struct h2_stream_set h2_stream_set; + + +h2_stream_set *h2_stream_set_create(apr_pool_t *pool); + +void h2_stream_set_destroy(h2_stream_set *sp); + +apr_status_t h2_stream_set_add(h2_stream_set *sp, h2_stream *stream); + +h2_stream *h2_stream_set_get(h2_stream_set *sp, int stream_id); + +h2_stream *h2_stream_set_remove(h2_stream_set *sp,h2_stream *stream); + +void h2_stream_set_remove_all(h2_stream_set *sp); + +int h2_stream_set_is_empty(h2_stream_set *sp); + +apr_size_t h2_stream_set_size(h2_stream_set *sp); + +h2_stream *h2_stream_set_find(h2_stream_set *sp, + h2_stream_set_match_fn *match, void *ctx); + +void h2_stream_set_iter(h2_stream_set *sp, + h2_stream_set_iter_fn *iter, void *ctx); + +#endif /* defined(__mod_h2__h2_stream_set__) */ diff --git a/modules/http2/h2_switch.c b/modules/http2/h2_switch.c new file mode 100644 index 00000000..23c34490 --- /dev/null +++ b/modules/http2/h2_switch.c @@ -0,0 +1,181 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" + +#include "h2_config.h" +#include "h2_ctx.h" +#include "h2_conn.h" +#include "h2_h2.h" +#include "h2_switch.h" + +/******************************************************************************* + * SSL var lookup + */ +APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup, + (apr_pool_t *, server_rec *, + conn_rec *, request_rec *, + char *)); +static char *(*opt_ssl_var_lookup)(apr_pool_t *, server_rec *, + conn_rec *, request_rec *, + char *); + +/******************************************************************************* + * Once per lifetime init, retrieve optional functions + */ +apr_status_t h2_switch_init(apr_pool_t *pool, server_rec *s) +{ + (void)pool; + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "h2_switch init"); + opt_ssl_var_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup); + + return APR_SUCCESS; +} + +static int h2_protocol_propose(conn_rec *c, request_rec *r, + server_rec *s, + const apr_array_header_t *offers, + apr_array_header_t *proposals) +{ + int proposed = 0; + const char **protos = h2_h2_is_tls(c)? h2_tls_protos : h2_clear_protos; + + (void)s; + if (strcmp(AP_PROTOCOL_HTTP1, ap_get_protocol(c))) { + /* We do not know how to switch from anything else but http/1.1. + */ + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, + "protocol switch: current proto != http/1.1, declined"); + return DECLINED; + } + + if (r) { + const char *p; + /* So far, this indicates an HTTP/1 Upgrade header initiated + * protocol switch. For that, the HTTP2-Settings header needs + * to be present and valid for the connection. + */ + p = apr_table_get(r->headers_in, "HTTP2-Settings"); + if (!p) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "upgrade without HTTP2-Settings declined"); + return DECLINED; + } + + p = apr_table_get(r->headers_in, "Connection"); + if (!ap_find_token(r->pool, p, "http2-settings")) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "upgrade without HTTP2-Settings declined"); + return DECLINED; + } + + /* We also allow switching only for requests that have no body. + */ + p = apr_table_get(r->headers_in, "Content-Length"); + if (p && strcmp(p, "0")) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "upgrade with content-length: %s, declined", p); + return DECLINED; + } + } + + while (*protos) { + /* Add all protocols we know (tls or clear) and that + * are part of the offerings (if there have been any). + */ + if (!offers || ap_array_str_contains(offers, *protos)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, + "proposing protocol '%s'", *protos); + APR_ARRAY_PUSH(proposals, const char*) = *protos; + proposed = 1; + } + ++protos; + } + return proposed? DECLINED : OK; +} + +static int h2_protocol_switch(conn_rec *c, request_rec *r, server_rec *s, + const char *protocol) +{ + int found = 0; + const char **protos = h2_h2_is_tls(c)? h2_tls_protos : h2_clear_protos; + const char **p = protos; + + (void)s; + while (*p) { + if (!strcmp(*p, protocol)) { + found = 1; + break; + } + p++; + } + + if (found) { + h2_ctx *ctx = h2_ctx_get(c); + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, + "switching protocol to '%s'", protocol); + h2_ctx_protocol_set(ctx, protocol); + h2_ctx_server_set(ctx, s); + + if (r != NULL) { + apr_status_t status; + /* Switching in the middle of a request means that + * we have to send out the response to this one in h2 + * format. So we need to take over the connection + * right away. + */ + ap_remove_input_filter_byhandle(r->input_filters, "http_in"); + ap_remove_input_filter_byhandle(r->input_filters, "reqtimeout"); + + /* Ok, start an h2_conn on this one. */ + status = h2_conn_rprocess(r); + if (status != DONE) { + /* Nothing really to do about this. */ + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, + "session proessed, unexpected status"); + } + } + return DONE; + } + + return DECLINED; +} + +static const char *h2_protocol_get(const conn_rec *c) +{ + return h2_ctx_protocol_get(c); +} + +void h2_switch_register_hooks(void) +{ + ap_hook_protocol_propose(h2_protocol_propose, NULL, NULL, APR_HOOK_MIDDLE); + ap_hook_protocol_switch(h2_protocol_switch, NULL, NULL, APR_HOOK_MIDDLE); + ap_hook_protocol_get(h2_protocol_get, NULL, NULL, APR_HOOK_MIDDLE); +} + diff --git a/modules/http2/h2_switch.h b/modules/http2/h2_switch.h new file mode 100644 index 00000000..3d9c628c --- /dev/null +++ b/modules/http2/h2_switch.h @@ -0,0 +1,29 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_switch__ +#define __mod_h2__h2_switch__ + +/* + * One time, post config intialization. + */ +apr_status_t h2_switch_init(apr_pool_t *pool, server_rec *s); + +/* Register apache hooks for protocol switching + */ +void h2_switch_register_hooks(void); + + +#endif /* defined(__mod_h2__h2_switch__) */ diff --git a/modules/http2/h2_task.c b/modules/http2/h2_task.c new file mode 100644 index 00000000..bbea7b20 --- /dev/null +++ b/modules/http2/h2_task.c @@ -0,0 +1,467 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_conn.h" +#include "h2_config.h" +#include "h2_from_h1.h" +#include "h2_h2.h" +#include "h2_mplx.h" +#include "h2_session.h" +#include "h2_stream.h" +#include "h2_task_input.h" +#include "h2_task_output.h" +#include "h2_task.h" +#include "h2_ctx.h" +#include "h2_worker.h" + + +static apr_status_t h2_filter_stream_input(ap_filter_t* filter, + apr_bucket_brigade* brigade, + ap_input_mode_t mode, + apr_read_type_e block, + apr_off_t readbytes) { + h2_task_env *env = filter->ctx; + AP_DEBUG_ASSERT(env); + if (!env->input) { + return APR_ECONNABORTED; + } + return h2_task_input_read(env->input, filter, brigade, + mode, block, readbytes); +} + +static apr_status_t h2_filter_stream_output(ap_filter_t* filter, + apr_bucket_brigade* brigade) { + h2_task_env *env = filter->ctx; + AP_DEBUG_ASSERT(env); + if (!env->output) { + return APR_ECONNABORTED; + } + return h2_task_output_write(env->output, filter, brigade); +} + +static apr_status_t h2_filter_read_response(ap_filter_t* f, + apr_bucket_brigade* bb) { + h2_task_env *env = f->ctx; + AP_DEBUG_ASSERT(env); + if (!env->output || !env->output->from_h1) { + return APR_ECONNABORTED; + } + return h2_from_h1_read_response(env->output->from_h1, f, bb); +} + +/******************************************************************************* + * Register various hooks + */ +static const char *const mod_ssl[] = { "mod_ssl.c", NULL}; +static int h2_task_pre_conn(conn_rec* c, void *arg); +static int h2_task_process_conn(conn_rec* c); + +void h2_task_register_hooks(void) +{ + /* This hook runs on new connections before mod_ssl has a say. + * Its purpose is to prevent mod_ssl from touching our pseudo-connections + * for streams. + */ + ap_hook_pre_connection(h2_task_pre_conn, + NULL, mod_ssl, APR_HOOK_FIRST); + /* When the connection processing actually starts, we might to + * take over, if the connection is for a task. + */ + ap_hook_process_connection(h2_task_process_conn, + NULL, NULL, APR_HOOK_FIRST); + + ap_register_output_filter("H2_RESPONSE", h2_response_output_filter, + NULL, AP_FTYPE_PROTOCOL); + ap_register_input_filter("H2_TO_H1", h2_filter_stream_input, + NULL, AP_FTYPE_NETWORK); + ap_register_output_filter("H1_TO_H2", h2_filter_stream_output, + NULL, AP_FTYPE_NETWORK); + ap_register_output_filter("H1_TO_H2_RESP", h2_filter_read_response, + NULL, AP_FTYPE_PROTOCOL); +} + +static int h2_task_pre_conn(conn_rec* c, void *arg) +{ + + h2_ctx *ctx = h2_ctx_get(c); + + (void)arg; + if (h2_ctx_is_task(ctx)) { + h2_task_env *env = h2_ctx_get_task(ctx); + + /* This connection is a pseudo-connection used for a h2_task. + * Since we read/write directly from it ourselves, we need + * to disable a possible ssl connection filter. + */ + h2_tls_disable(c); + + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, + "h2_h2, pre_connection, found stream task"); + + /* Add our own, network level in- and output filters. + */ + ap_add_input_filter("H2_TO_H1", env, NULL, c); + ap_add_output_filter("H1_TO_H2", env, NULL, c); + } + return OK; +} + +static int h2_task_process_conn(conn_rec* c) +{ + h2_ctx *ctx = h2_ctx_get(c); + + if (h2_ctx_is_task(ctx)) { + if (!ctx->task_env->serialize_headers) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, + "h2_h2, processing request directly"); + h2_task_process_request(ctx->task_env); + return DONE; + } + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, + "h2_task(%s), serialized handling", ctx->task_env->id); + } + return DECLINED; +} + + +h2_task *h2_task_create(long session_id, + int stream_id, + apr_pool_t *stream_pool, + h2_mplx *mplx, conn_rec *c) +{ + h2_task *task = apr_pcalloc(stream_pool, sizeof(h2_task)); + if (task == NULL) { + ap_log_perror(APLOG_MARK, APLOG_ERR, APR_ENOMEM, stream_pool, + APLOGNO(02941) "h2_task(%ld-%d): create stream task", + session_id, stream_id); + h2_mplx_out_close(mplx, stream_id); + return NULL; + } + + APR_RING_ELEM_INIT(task, link); + + task->id = apr_psprintf(stream_pool, "%ld-%d", session_id, stream_id); + task->stream_id = stream_id; + task->mplx = mplx; + + task->c = c; + + ap_log_perror(APLOG_MARK, APLOG_DEBUG, 0, stream_pool, + "h2_task(%s): created", task->id); + return task; +} + +void h2_task_set_request(h2_task *task, + const char *method, + const char *scheme, + const char *authority, + const char *path, + apr_table_t *headers, int eos) +{ + task->method = method; + task->scheme = scheme; + task->authority = authority; + task->path = path; + task->headers = headers; + task->input_eos = eos; +} + +apr_status_t h2_task_destroy(h2_task *task) +{ + (void)task; + return APR_SUCCESS; +} + +apr_status_t h2_task_do(h2_task *task, h2_worker *worker) +{ + apr_status_t status = APR_SUCCESS; + h2_config *cfg = h2_config_get(task->mplx->c); + h2_task_env env; + + AP_DEBUG_ASSERT(task); + + memset(&env, 0, sizeof(env)); + + env.id = task->id; + env.stream_id = task->stream_id; + env.mplx = task->mplx; + task->mplx = NULL; + + env.input_eos = task->input_eos; + env.serialize_headers = h2_config_geti(cfg, H2_CONF_SER_HEADERS); + + /* Create a subpool from the worker one to be used for all things + * with life-time of this task_env execution. + */ + apr_pool_create(&env.pool, h2_worker_get_pool(worker)); + + /* Link the env to the worker which provides useful things such + * as mutex, a socket etc. */ + env.io = h2_worker_get_cond(worker); + + /* Clone fields, so that lifetimes become (more) independent. */ + env.method = apr_pstrdup(env.pool, task->method); + env.scheme = apr_pstrdup(env.pool, task->scheme); + env.authority = apr_pstrdup(env.pool, task->authority); + env.path = apr_pstrdup(env.pool, task->path); + env.headers = apr_table_clone(env.pool, task->headers); + + /* Setup the pseudo connection to use our own pool and bucket_alloc */ + env.c = *task->c; + task->c = NULL; + status = h2_conn_setup(&env, worker); + + /* save in connection that this one is a pseudo connection, prevents + * other hooks from messing with it. */ + h2_ctx_create_for(&env.c, &env); + + if (status == APR_SUCCESS) { + env.input = h2_task_input_create(&env, env.pool, + env.c.bucket_alloc); + env.output = h2_task_output_create(&env, env.pool, + env.c.bucket_alloc); + status = h2_conn_process(&env.c, h2_worker_get_socket(worker)); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, &env.c, + "h2_task(%s): processing done", env.id); + } + else { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, status, &env.c, + APLOGNO(02957) "h2_task(%s): error setting up h2_task_env", + env.id); + } + + if (env.input) { + h2_task_input_destroy(env.input); + env.input = NULL; + } + + if (env.output) { + h2_task_output_close(env.output); + h2_task_output_destroy(env.output); + env.output = NULL; + } + + h2_task_set_finished(task); + if (env.io) { + apr_thread_cond_signal(env.io); + } + + if (env.pool) { + apr_pool_destroy(env.pool); + env.pool = NULL; + } + + if (env.c.id) { + h2_conn_post(&env.c, worker); + } + + h2_mplx_task_done(env.mplx, env.stream_id); + + return status; +} + +int h2_task_has_started(h2_task *task) +{ + AP_DEBUG_ASSERT(task); + return apr_atomic_read32(&task->has_started); +} + +void h2_task_set_started(h2_task *task) +{ + AP_DEBUG_ASSERT(task); + apr_atomic_set32(&task->has_started, 1); +} + +int h2_task_has_finished(h2_task *task) +{ + return apr_atomic_read32(&task->has_finished); +} + +void h2_task_set_finished(h2_task *task) +{ + apr_atomic_set32(&task->has_finished, 1); +} + +void h2_task_die(h2_task_env *env, int status, request_rec *r) +{ + (void)env; + ap_die(status, r); +} + +static request_rec *h2_task_create_request(h2_task_env *env) +{ + conn_rec *conn = &env->c; + request_rec *r; + apr_pool_t *p; + int access_status = HTTP_OK; + + apr_pool_create(&p, conn->pool); + apr_pool_tag(p, "request"); + r = apr_pcalloc(p, sizeof(request_rec)); + AP_READ_REQUEST_ENTRY((intptr_t)r, (uintptr_t)conn); + r->pool = p; + r->connection = conn; + r->server = conn->base_server; + + r->user = NULL; + r->ap_auth_type = NULL; + + r->allowed_methods = ap_make_method_list(p, 2); + + r->headers_in = apr_table_copy(r->pool, env->headers); + r->trailers_in = apr_table_make(r->pool, 5); + r->subprocess_env = apr_table_make(r->pool, 25); + r->headers_out = apr_table_make(r->pool, 12); + r->err_headers_out = apr_table_make(r->pool, 5); + r->trailers_out = apr_table_make(r->pool, 5); + r->notes = apr_table_make(r->pool, 5); + + r->request_config = ap_create_request_config(r->pool); + /* Must be set before we run create request hook */ + + r->proto_output_filters = conn->output_filters; + r->output_filters = r->proto_output_filters; + r->proto_input_filters = conn->input_filters; + r->input_filters = r->proto_input_filters; + ap_run_create_request(r); + r->per_dir_config = r->server->lookup_defaults; + + r->sent_bodyct = 0; /* bytect isn't for body */ + + r->read_length = 0; + r->read_body = REQUEST_NO_BODY; + + r->status = HTTP_OK; /* Until further notice */ + r->header_only = 0; + r->the_request = NULL; + + /* Begin by presuming any module can make its own path_info assumptions, + * until some module interjects and changes the value. + */ + r->used_path_info = AP_REQ_DEFAULT_PATH_INFO; + + r->useragent_addr = conn->client_addr; + r->useragent_ip = conn->client_ip; + + ap_run_pre_read_request(r, conn); + + /* Time to populate r with the data we have. */ + r->request_time = apr_time_now(); + r->the_request = apr_psprintf(r->pool, "%s %s HTTP/1.1", + env->method, env->path); + r->method = env->method; + /* Provide quick information about the request method as soon as known */ + r->method_number = ap_method_number_of(r->method); + if (r->method_number == M_GET && r->method[0] == 'H') { + r->header_only = 1; + } + + ap_parse_uri(r, env->path); + r->protocol = (char*)"HTTP/2"; + r->proto_num = HTTP_VERSION(2, 0); + + /* update what we think the virtual host is based on the headers we've + * now read. may update status. + * Leave r->hostname empty, vhost will parse if form our Host: header, + * otherwise we get complains about port numbers. + */ + r->hostname = NULL; + ap_update_vhost_from_headers(r); + + /* we may have switched to another server */ + r->per_dir_config = r->server->lookup_defaults; + + /* + * Add the HTTP_IN filter here to ensure that ap_discard_request_body + * called by ap_die and by ap_send_error_response works correctly on + * status codes that do not cause the connection to be dropped and + * in situations where the connection should be kept alive. + */ + ap_add_input_filter_handle(ap_http_input_filter_handle, + NULL, r, r->connection); + + if (access_status != HTTP_OK + || (access_status = ap_run_post_read_request(r))) { + /* Request check post hooks failed. An example of this would be a + * request for a vhost where h2 is disabled --> 421. + */ + h2_task_die(env, access_status, r); + ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r); + ap_run_log_transaction(r); + r = NULL; + goto traceout; + } + + AP_READ_REQUEST_SUCCESS((uintptr_t)r, (char *)r->method, + (char *)r->uri, (char *)r->server->defn_name, + r->status); + return r; +traceout: + AP_READ_REQUEST_FAILURE((uintptr_t)r); + return r; +} + + +apr_status_t h2_task_process_request(h2_task_env *env) +{ + conn_rec *c = &env->c; + request_rec *r; + conn_state_t *cs = c->cs; + + r = h2_task_create_request(env); + if (r && (r->status == HTTP_OK)) { + ap_update_child_status(c->sbh, SERVER_BUSY_READ, r); + + if (cs) + cs->state = CONN_STATE_HANDLER; + ap_process_request(r); + /* After the call to ap_process_request, the + * request pool will have been deleted. We set + * r=NULL here to ensure that any dereference + * of r that might be added later in this function + * will result in a segfault immediately instead + * of nondeterministic failures later. + */ + r = NULL; + } + ap_update_child_status(c->sbh, SERVER_BUSY_WRITE, NULL); + c->sbh = NULL; + + return APR_SUCCESS; +} + + + + diff --git a/modules/http2/h2_task.h b/modules/http2/h2_task.h new file mode 100644 index 00000000..b66ce38c --- /dev/null +++ b/modules/http2/h2_task.h @@ -0,0 +1,187 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_task__ +#define __mod_h2__h2_task__ + +/** + * A h2_task fakes a HTTP/1.1 request from the data in a HTTP/2 stream + * (HEADER+CONT.+DATA) the module recieves. + * + * In order to answer a HTTP/2 stream, we want all Apache httpd infrastructure + * to be involved as usual, as if this stream can as a separate HTTP/1.1 + * request. The basic trickery to do so was derived from google's mod_spdy + * source. Basically, we fake a new conn_rec object, even with its own + * socket and give it to ap_process_connection(). + * + * Since h2_task instances are executed in separate threads, we may have + * different lifetimes than our h2_stream or h2_session instances. Basically, + * we would like to be as standalone as possible. + * + * Finally, to keep certain connection level filters, such as ourselves and + * especially mod_ssl ones, from messing with our data, we need a filter + * of our own to disble those. + */ + +struct apr_thread_cond_t; +struct h2_conn; +struct h2_mplx; +struct h2_task; +struct h2_resp_head; +struct h2_worker; + +typedef struct h2_task h2_task; + +struct h2_task { + /** Links to the rest of the tasks */ + APR_RING_ENTRY(h2_task) link; + + const char *id; + int stream_id; + struct h2_mplx *mplx; + + volatile apr_uint32_t has_started; + volatile apr_uint32_t has_finished; + + const char *method; + const char *scheme; + const char *authority; + const char *path; + apr_table_t *headers; + int input_eos; + + struct conn_rec *c; +}; + +typedef struct h2_task_env h2_task_env; + +struct h2_task_env { + const char *id; + int stream_id; + struct h2_mplx *mplx; + + apr_pool_t *pool; /* pool for task lifetime things */ + apr_bucket_alloc_t *bucket_alloc; + + const char *method; + const char *scheme; + const char *authority; + const char *path; + apr_table_t *headers; + int input_eos; + + int serialize_headers; + + struct conn_rec c; + struct h2_task_input *input; + struct h2_task_output *output; + + struct apr_thread_cond_t *io; /* used to wait for events on */ +}; + +/** + * The magic pointer value that indicates the head of a h2_task list + * @param b The task list + * @return The magic pointer value + */ +#define H2_TASK_LIST_SENTINEL(b) APR_RING_SENTINEL((b), h2_task, link) + +/** + * Determine if the task list is empty + * @param b The list to check + * @return true or false + */ +#define H2_TASK_LIST_EMPTY(b) APR_RING_EMPTY((b), h2_task, link) + +/** + * Return the first task in a list + * @param b The list to query + * @return The first task in the list + */ +#define H2_TASK_LIST_FIRST(b) APR_RING_FIRST(b) + +/** + * Return the last task in a list + * @param b The list to query + * @return The last task int he list + */ +#define H2_TASK_LIST_LAST(b) APR_RING_LAST(b) + +/** + * Insert a single task at the front of a list + * @param b The list to add to + * @param e The task to insert + */ +#define H2_TASK_LIST_INSERT_HEAD(b, e) do { \ + h2_task *ap__b = (e); \ + APR_RING_INSERT_HEAD((b), ap__b, h2_task, link); \ +} while (0) + +/** + * Insert a single task at the end of a list + * @param b The list to add to + * @param e The task to insert + */ +#define H2_TASK_LIST_INSERT_TAIL(b, e) do { \ + h2_task *ap__b = (e); \ + APR_RING_INSERT_TAIL((b), ap__b, h2_task, link); \ +} while (0) + +/** + * Get the next task in the list + * @param e The current task + * @return The next task + */ +#define H2_TASK_NEXT(e) APR_RING_NEXT((e), link) +/** + * Get the previous task in the list + * @param e The current task + * @return The previous task + */ +#define H2_TASK_PREV(e) APR_RING_PREV((e), link) + +/** + * Remove a task from its list + * @param e The task to remove + */ +#define H2_TASK_REMOVE(e) APR_RING_REMOVE((e), link) + + +h2_task *h2_task_create(long session_id, int stream_id, + apr_pool_t *pool, struct h2_mplx *mplx, + conn_rec *c); + +apr_status_t h2_task_destroy(h2_task *task); + +void h2_task_set_request(h2_task *task, + const char *method, + const char *scheme, + const char *authority, + const char *path, + apr_table_t *headers, int eos); + + +apr_status_t h2_task_do(h2_task *task, struct h2_worker *worker); +apr_status_t h2_task_process_request(h2_task_env *env); + +int h2_task_has_started(h2_task *task); +void h2_task_set_started(h2_task *task); +int h2_task_has_finished(h2_task *task); +void h2_task_set_finished(h2_task *task); + +void h2_task_register_hooks(void); +void h2_task_die(h2_task_env *env, int status, request_rec *r); + +#endif /* defined(__mod_h2__h2_task__) */ diff --git a/modules/http2/h2_task_input.c b/modules/http2/h2_task_input.c new file mode 100644 index 00000000..487f7e60 --- /dev/null +++ b/modules/http2/h2_task_input.c @@ -0,0 +1,222 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_conn.h" +#include "h2_mplx.h" +#include "h2_session.h" +#include "h2_stream.h" +#include "h2_task_input.h" +#include "h2_task.h" +#include "h2_util.h" + + +static int is_aborted(ap_filter_t *f) +{ + return (f->c->aborted); +} + +static int ser_header(void *ctx, const char *name, const char *value) +{ + h2_task_input *input = (h2_task_input*)ctx; + apr_brigade_printf(input->bb, NULL, NULL, "%s: %s\r\n", name, value); + return 1; +} + +h2_task_input *h2_task_input_create(h2_task_env *env, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc) +{ + h2_task_input *input = apr_pcalloc(pool, sizeof(h2_task_input)); + if (input) { + input->env = env; + input->bb = NULL; + + if (env->serialize_headers) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, &env->c, + "h2_task_input(%s): serialize request %s %s", + env->id, env->method, env->path); + input->bb = apr_brigade_create(pool, bucket_alloc); + apr_brigade_printf(input->bb, NULL, NULL, "%s %s HTTP/1.1\r\n", + env->method, env->path); + apr_table_do(ser_header, input, env->headers, NULL); + apr_brigade_puts(input->bb, NULL, NULL, "\r\n"); + if (input->env->input_eos) { + APR_BRIGADE_INSERT_TAIL(input->bb, apr_bucket_eos_create(bucket_alloc)); + } + } + else if (!input->env->input_eos) { + input->bb = apr_brigade_create(pool, bucket_alloc); + } + else { + /* We do not serialize and have eos already, no need to + * create a bucket brigade. */ + } + + if (APLOGcdebug(&env->c)) { + char buffer[1024]; + apr_size_t len = sizeof(buffer)-1; + if (input->bb) { + apr_brigade_flatten(input->bb, buffer, &len); + } + else { + len = 0; + } + buffer[len] = 0; + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, &env->c, + "h2_task_input(%s): request is: %s", + env->id, buffer); + } + } + return input; +} + +void h2_task_input_destroy(h2_task_input *input) +{ + input->bb = NULL; +} + +apr_status_t h2_task_input_read(h2_task_input *input, + ap_filter_t* f, + apr_bucket_brigade* bb, + ap_input_mode_t mode, + apr_read_type_e block, + apr_off_t readbytes) +{ + apr_status_t status = APR_SUCCESS; + apr_off_t bblen = 0; + + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, + "h2_task_input(%s): read, block=%d, mode=%d, readbytes=%ld", + input->env->id, block, mode, (long)readbytes); + + if (is_aborted(f)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_task_input(%s): is aborted", + input->env->id); + return APR_ECONNABORTED; + } + + if (mode == AP_MODE_INIT) { + return APR_SUCCESS; + } + + if (input->bb) { + status = apr_brigade_length(input->bb, 1, &bblen); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, status, f->c, + APLOGNO(02958) "h2_task_input(%s): brigade length fail", + input->env->id); + return status; + } + } + + if ((bblen == 0) && input->env->input_eos) { + return APR_EOF; + } + + while ((bblen == 0) || (mode == AP_MODE_READBYTES && bblen < readbytes)) { + /* Get more data for our stream from mplx. + */ + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_input(%s): get more data from mplx, block=%d, " + "readbytes=%ld, queued=%ld", + input->env->id, block, + (long)readbytes, (long)bblen); + + /* Although we sometimes get called with APR_NONBLOCK_READs, + we seem to fill our buffer blocking. Otherwise we get EAGAIN, + return that to our caller and everyone throws up their hands, + never calling us again. */ + status = h2_mplx_in_read(input->env->mplx, APR_BLOCK_READ, + input->env->stream_id, input->bb, + input->env->io); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_input(%s): mplx in read returned", + input->env->id); + if (status != APR_SUCCESS) { + return status; + } + status = apr_brigade_length(input->bb, 1, &bblen); + if (status != APR_SUCCESS) { + return status; + } + if ((bblen == 0) && (block == APR_NONBLOCK_READ)) { + return h2_util_has_eos(input->bb, 0)? APR_EOF : APR_EAGAIN; + } + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_input(%s): mplx in read, %ld bytes in brigade", + input->env->id, (long)bblen); + } + + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_input(%s): read, mode=%d, block=%d, " + "readbytes=%ld, queued=%ld", + input->env->id, mode, block, + (long)readbytes, (long)bblen); + + if (!APR_BRIGADE_EMPTY(input->bb)) { + if (mode == AP_MODE_EXHAUSTIVE) { + /* return all we have */ + return h2_util_move(bb, input->bb, readbytes, 0, + "task_input_read(exhaustive)"); + } + else if (mode == AP_MODE_READBYTES) { + return h2_util_move(bb, input->bb, readbytes, 0, + "task_input_read(readbytes)"); + } + else if (mode == AP_MODE_SPECULATIVE) { + /* return not more than was asked for */ + return h2_util_copy(bb, input->bb, readbytes, + "task_input_read(speculative)"); + } + else if (mode == AP_MODE_GETLINE) { + /* we are reading a single LF line, e.g. the HTTP headers */ + status = apr_brigade_split_line(bb, input->bb, block, + HUGE_STRING_LEN); + if (APLOGctrace1(f->c)) { + char buffer[1024]; + apr_size_t len = sizeof(buffer)-1; + apr_brigade_flatten(bb, buffer, &len); + buffer[len] = 0; + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_input(%s): getline: %s", + input->env->id, buffer); + } + return status; + } + else { + /* Hmm, well. There is mode AP_MODE_EATCRLF, but we chose not + * to support it. Seems to work. */ + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_ENOTIMPL, f->c, + APLOGNO(02942) + "h2_task_input, unsupported READ mode %d", mode); + return APR_ENOTIMPL; + } + } + + if (is_aborted(f)) { + return APR_ECONNABORTED; + } + + return (block == APR_NONBLOCK_READ)? APR_EAGAIN : APR_EOF; +} + diff --git a/modules/http2/h2_task_input.h b/modules/http2/h2_task_input.h new file mode 100644 index 00000000..32adc177 --- /dev/null +++ b/modules/http2/h2_task_input.h @@ -0,0 +1,46 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_task_input__ +#define __mod_h2__h2_task_input__ + +/* h2_task_input places the HEADER+DATA, formatted in HTTP/1.1, into + * a bucket brigade. The brigade is setup as the input brigade for our + * pseudo httpd conn_rec that is handling a specific h2_task. + */ +struct apr_thread_cond_t; +struct h2_mplx; +struct h2_task_env; + +typedef struct h2_task_input h2_task_input; +struct h2_task_input { + struct h2_task_env *env; + apr_bucket_brigade *bb; +}; + + +h2_task_input *h2_task_input_create(struct h2_task_env *env, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc); + +void h2_task_input_destroy(h2_task_input *input); + +apr_status_t h2_task_input_read(h2_task_input *input, + ap_filter_t* filter, + apr_bucket_brigade* brigade, + ap_input_mode_t mode, + apr_read_type_e block, + apr_off_t readbytes); + +#endif /* defined(__mod_h2__h2_task_input__) */ diff --git a/modules/http2/h2_task_output.c b/modules/http2/h2_task_output.c new file mode 100644 index 00000000..879cb5fa --- /dev/null +++ b/modules/http2/h2_task_output.c @@ -0,0 +1,132 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_conn.h" +#include "h2_mplx.h" +#include "h2_session.h" +#include "h2_stream.h" +#include "h2_from_h1.h" +#include "h2_response.h" +#include "h2_task_output.h" +#include "h2_task.h" +#include "h2_util.h" + + +h2_task_output *h2_task_output_create(h2_task_env *env, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc) +{ + h2_task_output *output = apr_pcalloc(pool, sizeof(h2_task_output)); + + (void)bucket_alloc; + if (output) { + output->env = env; + output->state = H2_TASK_OUT_INIT; + output->from_h1 = h2_from_h1_create(env->stream_id, pool); + if (!output->from_h1) { + return NULL; + } + } + return output; +} + +void h2_task_output_destroy(h2_task_output *output) +{ + if (output->from_h1) { + h2_from_h1_destroy(output->from_h1); + output->from_h1 = NULL; + } +} + +static apr_status_t open_if_needed(h2_task_output *output, ap_filter_t *f, + apr_bucket_brigade *bb) +{ + if (output->state == H2_TASK_OUT_INIT) { + h2_response *response; + output->state = H2_TASK_OUT_STARTED; + response = h2_from_h1_get_response(output->from_h1); + if (!response) { + if (f) { + /* This happens currently when ap_die(status, r) is invoked + * by a read request filter. + */ + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, + "h2_task_output(%s): write without response " + "for %s %s %s", + output->env->id, output->env->method, + output->env->authority, output->env->path); + f->c->aborted = 1; + } + if (output->env->io) { + apr_thread_cond_broadcast(output->env->io); + } + return APR_ECONNABORTED; + } + + return h2_mplx_out_open(output->env->mplx, output->env->stream_id, + response, f, bb, output->env->io); + } + return APR_EOF; +} + +void h2_task_output_close(h2_task_output *output) +{ + open_if_needed(output, NULL, NULL); + if (output->state != H2_TASK_OUT_DONE) { + h2_mplx_out_close(output->env->mplx, output->env->stream_id); + output->state = H2_TASK_OUT_DONE; + } +} + +int h2_task_output_has_started(h2_task_output *output) +{ + return output->state >= H2_TASK_OUT_STARTED; +} + +/* Bring the data from the brigade (which represents the result of the + * request_rec out filter chain) into the h2_mplx for further sending + * on the master connection. + */ +apr_status_t h2_task_output_write(h2_task_output *output, + ap_filter_t* f, apr_bucket_brigade* bb) +{ + apr_status_t status; + if (APR_BRIGADE_EMPTY(bb)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_task_output(%s): empty write", output->env->id); + return APR_SUCCESS; + } + + status = open_if_needed(output, f, bb); + if (status != APR_EOF) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c, + "h2_task_output(%s): opened and passed brigade", + output->env->id); + return status; + } + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c, + "h2_task_output(%s): write brigade", output->env->id); + return h2_mplx_out_write(output->env->mplx, output->env->stream_id, + f, bb, output->env->io); +} + diff --git a/modules/http2/h2_task_output.h b/modules/http2/h2_task_output.h new file mode 100644 index 00000000..86571a1e --- /dev/null +++ b/modules/http2/h2_task_output.h @@ -0,0 +1,56 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_task_output__ +#define __mod_h2__h2_task_output__ + +/* h2_task_output reads a HTTP/1 response from the brigade and applies + * them to a h2_output_converter. The brigade is setup as the output brigade + * for our pseudo httpd conn_rec that is handling a specific h2_task. + * + */ +struct apr_thread_cond_t; +struct h2_mplx; +struct h2_task_env; +struct h2_from_h1; + +typedef enum { + H2_TASK_OUT_INIT, + H2_TASK_OUT_STARTED, + H2_TASK_OUT_DONE, +} h2_task_output_state_t; + +typedef struct h2_task_output h2_task_output; + +struct h2_task_output { + struct h2_task_env *env; + h2_task_output_state_t state; + struct h2_from_h1 *from_h1; +}; + +h2_task_output *h2_task_output_create(struct h2_task_env *env, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc); + +void h2_task_output_destroy(h2_task_output *output); + +apr_status_t h2_task_output_write(h2_task_output *output, + ap_filter_t* filter, + apr_bucket_brigade* brigade); + +void h2_task_output_close(h2_task_output *output); + +int h2_task_output_has_started(h2_task_output *output); + +#endif /* defined(__mod_h2__h2_task_output__) */ diff --git a/modules/http2/h2_task_queue.c b/modules/http2/h2_task_queue.c new file mode 100644 index 00000000..a81cc100 --- /dev/null +++ b/modules/http2/h2_task_queue.c @@ -0,0 +1,88 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include +#include + +#include "h2_task.h" +#include "h2_task_queue.h" + + +h2_task_queue *h2_tq_create(long id, apr_pool_t *pool) +{ + h2_task_queue *q = apr_pcalloc(pool, sizeof(h2_task_queue)); + if (q) { + q->id = id; + APR_RING_ELEM_INIT(q, link); + APR_RING_INIT(&q->tasks, h2_task, link); + } + return q; +} + +void h2_tq_destroy(h2_task_queue *q) +{ + while (!H2_TASK_LIST_EMPTY(&q->tasks)) { + h2_task *task = H2_TASK_LIST_FIRST(&q->tasks); + H2_TASK_REMOVE(task); + } +} + +static int in_list(h2_task_queue *q, h2_task *task) +{ + h2_task *e; + for (e = H2_TASK_LIST_FIRST(&q->tasks); + e != H2_TASK_LIST_SENTINEL(&q->tasks); + e = H2_TASK_NEXT(e)) { + if (e == task) { + return 1; + } + } + return 0; +} + +int h2_tq_empty(h2_task_queue *q) +{ + return H2_TASK_LIST_EMPTY(&q->tasks); +} + +void h2_tq_append(h2_task_queue *q, struct h2_task *task) +{ + H2_TASK_LIST_INSERT_TAIL(&q->tasks, task); +} + +apr_status_t h2_tq_remove(h2_task_queue *q, struct h2_task *task) +{ + if (in_list(q, task)) { + H2_TASK_REMOVE(task); + return APR_SUCCESS; + } + return APR_NOTFOUND; +} + +h2_task *h2_tq_pop_first(h2_task_queue *q) +{ + if (!H2_TASK_LIST_EMPTY(&q->tasks)) { + h2_task *task = H2_TASK_LIST_FIRST(&q->tasks); + H2_TASK_REMOVE(task); + return task; + } + return NULL; +} + + + diff --git a/modules/http2/h2_task_queue.h b/modules/http2/h2_task_queue.h new file mode 100644 index 00000000..d93d74ac --- /dev/null +++ b/modules/http2/h2_task_queue.h @@ -0,0 +1,148 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_task_queue__ +#define __mod_h2__h2_task_queue__ + +struct h2_task; + +/** + * A simple ring of rings that keeps a list of h2_tasks and can + * be ringed itself, using the APR RING macros. + */ +typedef struct h2_task_queue h2_task_queue; + +struct h2_task_queue { + APR_RING_ENTRY(h2_task_queue) link; + APR_RING_HEAD(h2_tasks, h2_task) tasks; + long id; +}; + +/** + * Allocate a new queue from the pool and initialize. + * @param id the identifier of the queue + * @param pool the memory pool + */ +h2_task_queue *h2_tq_create(long id, apr_pool_t *pool); + +/** + * Release all queue tasks. + * @param q the queue to destroy + */ +void h2_tq_destroy(h2_task_queue *q); + +/** + * Return != 0 iff there are no tasks in the queue. + * @param q the queue to check + */ +int h2_tq_empty(h2_task_queue *q); + +/** + * Append the task to the end of the queue. + * @param q the queue to append the task to + * @param task the task to append + */ +void h2_tq_append(h2_task_queue *q, struct h2_task *task); + +/** + * Remove a task from the queue. Return APR_SUCCESS if the task + * was indeed queued, APR_NOTFOUND otherwise. + * @param q the queue to remove from + * @param task the task to remove + */ +apr_status_t h2_tq_remove(h2_task_queue *q, struct h2_task *task); + +/** + * Get the first task from the queue or NULL if the queue is empty. The + * task will be removed. + * @param q the queue to pop the first task from + */ +h2_task *h2_tq_pop_first(h2_task_queue *q); + +/******************************************************************************* + * Queue Manipulation. + ******************************************************************************/ + +/** + * The magic pointer value that indicates the head of a h2_task_queue list + * @param b The queue list + * @return The magic pointer value + */ +#define H2_TQ_LIST_SENTINEL(b) APR_RING_SENTINEL((b), h2_task_queue, link) + +/** + * Determine if the queue list is empty + * @param b The list to check + * @return true or false + */ +#define H2_TQ_LIST_EMPTY(b) APR_RING_EMPTY((b), h2_task_queue, link) + +/** + * Return the first queue in a list + * @param b The list to query + * @return The first queue in the list + */ +#define H2_TQ_LIST_FIRST(b) APR_RING_FIRST(b) + +/** + * Return the last queue in a list + * @param b The list to query + * @return The last queue int he list + */ +#define H2_TQ_LIST_LAST(b) APR_RING_LAST(b) + +/** + * Insert a single queue at the front of a list + * @param b The list to add to + * @param e The queue to insert + */ +#define H2_TQ_LIST_INSERT_HEAD(b, e) do { \ +h2_task_queue *ap__b = (e); \ +APR_RING_INSERT_HEAD((b), ap__b, h2_task_queue, link); \ +} while (0) + +/** + * Insert a single queue at the end of a list + * @param b The list to add to + * @param e The queue to insert + */ +#define H2_TQ_LIST_INSERT_TAIL(b, e) do { \ +h2_task_queue *ap__b = (e); \ +APR_RING_INSERT_TAIL((b), ap__b, h2_task_queue, link); \ +} while (0) + +/** + * Get the next queue in the list + * @param e The current queue + * @return The next queue + */ +#define H2_TQ_NEXT(e) APR_RING_NEXT((e), link) +/** + * Get the previous queue in the list + * @param e The current queue + * @return The previous queue + */ +#define H2_TQ_PREV(e) APR_RING_PREV((e), link) + +/** + * Remove a queue from its list + * @param e The queue to remove + */ +#define H2_TQ_REMOVE(e) APR_RING_REMOVE((e), link) + + +#define H2_TQ_EMPTY(e) H2_TASK_LIST_EMPTY(&(e)->tasks) + +#endif /* defined(__mod_h2__h2_task_queue__) */ diff --git a/modules/http2/h2_to_h1.c b/modules/http2/h2_to_h1.c new file mode 100644 index 00000000..8dacfe80 --- /dev/null +++ b/modules/http2/h2_to_h1.c @@ -0,0 +1,305 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include + +#include +#include +#include +#include + +#include "h2_private.h" +#include "h2_mplx.h" +#include "h2_response.h" +#include "h2_task.h" +#include "h2_to_h1.h" +#include "h2_util.h" + + +h2_to_h1 *h2_to_h1_create(int stream_id, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc, + const char *method, + const char *scheme, + const char *authority, + const char *path, + struct h2_mplx *m) +{ + h2_to_h1 *to_h1; + if (!method) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, m->c, + APLOGNO(02943) + "h2_to_h1: header start but :method missing"); + return NULL; + } + if (!path) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, m->c, + APLOGNO(02944) + "h2_to_h1: header start but :path missing"); + return NULL; + } + + to_h1 = apr_pcalloc(pool, sizeof(h2_to_h1)); + if (to_h1) { + to_h1->stream_id = stream_id; + to_h1->pool = pool; + to_h1->method = method; + to_h1->scheme = scheme; + to_h1->authority = authority; + to_h1->path = path; + to_h1->m = m; + to_h1->headers = apr_table_make(to_h1->pool, 10); + to_h1->bb = apr_brigade_create(pool, bucket_alloc); + to_h1->chunked = 0; /* until we see a content-type and no length */ + to_h1->content_len = -1; + } + return to_h1; +} + +void h2_to_h1_destroy(h2_to_h1 *to_h1) +{ + to_h1->bb = NULL; +} + +apr_status_t h2_to_h1_add_header(h2_to_h1 *to_h1, + const char *name, size_t nlen, + const char *value, size_t vlen) +{ + char *hname, *hvalue; + if (H2_HD_MATCH_LIT("transfer-encoding", name, nlen)) { + if (!apr_strnatcasecmp("chunked", value)) { + /* This should never arrive here in a HTTP/2 request */ + ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_BADARG, to_h1->m->c, + APLOGNO(02945) + "h2_to_h1: 'transfer-encoding: chunked' received"); + return APR_BADARG; + } + } + else if (H2_HD_MATCH_LIT("content-length", name, nlen)) { + char *end; + to_h1->content_len = apr_strtoi64(value, &end, 10); + if (value == end) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, to_h1->m->c, + APLOGNO(02959) + "h2_request(%d): content-length value not parsed: %s", + to_h1->stream_id, value); + return APR_EINVAL; + } + to_h1->remain_len = to_h1->content_len; + to_h1->chunked = 0; + } + else if (H2_HD_MATCH_LIT("content-type", name, nlen)) { + /* If we see a content-type and have no length (yet), + * we need to chunk. */ + to_h1->chunked = (to_h1->content_len == -1); + } + else if ((to_h1->seen_host && H2_HD_MATCH_LIT("host", name, nlen)) + || H2_HD_MATCH_LIT("expect", name, nlen) + || H2_HD_MATCH_LIT("upgrade", name, nlen) + || H2_HD_MATCH_LIT("connection", name, nlen) + || H2_HD_MATCH_LIT("proxy-connection", name, nlen) + || H2_HD_MATCH_LIT("keep-alive", name, nlen) + || H2_HD_MATCH_LIT("http2-settings", name, nlen)) { + /* ignore these. */ + return APR_SUCCESS; + } + else if (H2_HD_MATCH_LIT("cookie", name, nlen)) { + const char *existing = apr_table_get(to_h1->headers, "cookie"); + if (existing) { + char *nval; + + /* Cookie headers come separately in HTTP/2, but need + * to be merged by "; " (instead of default ", ") + */ + hvalue = apr_pstrndup(to_h1->pool, value, vlen); + nval = apr_psprintf(to_h1->pool, "%s; %s", existing, hvalue); + apr_table_setn(to_h1->headers, "Cookie", nval); + return APR_SUCCESS; + } + } + else if (H2_HD_MATCH_LIT("host", name, nlen)) { + to_h1->seen_host = 1; + } + + hname = apr_pstrndup(to_h1->pool, name, nlen); + hvalue = apr_pstrndup(to_h1->pool, value, vlen); + h2_util_camel_case_header(hname, nlen); + apr_table_mergen(to_h1->headers, hname, hvalue); + + return APR_SUCCESS; +} + +static int set_header(void *ctx, const char *key, const char *value) +{ + h2_to_h1 *to_h1 = (h2_to_h1*)ctx; + h2_to_h1_add_header(to_h1, key, strlen(key), value, strlen(value)); + return 1; +} + +apr_status_t h2_to_h1_add_headers(h2_to_h1 *to_h1, apr_table_t *headers) +{ + apr_table_do(set_header, to_h1, headers, NULL); + return APR_SUCCESS; +} + +apr_status_t h2_to_h1_end_headers(h2_to_h1 *to_h1, h2_task *task, int eos) +{ + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, to_h1->m->c, + "h2_to_h1(%ld-%d): end headers", + to_h1->m->id, to_h1->stream_id); + + if (to_h1->eoh) { + return APR_EINVAL; + } + + if (!to_h1->seen_host) { + /* Need to add a "Host" header if not already there to + * make virtual hosts work correctly. */ + if (!to_h1->authority) { + return APR_BADARG; + } + apr_table_set(to_h1->headers, "Host", to_h1->authority); + } + + if (eos && to_h1->chunked) { + /* We had chunking figured out, but the EOS is already there. + * unmark chunking and set a definitive content-length. + */ + to_h1->chunked = 0; + apr_table_setn(to_h1->headers, "Content-Length", "0"); + } + else if (to_h1->chunked) { + /* We have not seen a content-length. We therefore must + * pass any request content in chunked form. + */ + apr_table_mergen(to_h1->headers, "Transfer-Encoding", "chunked"); + } + + h2_task_set_request(task, to_h1->method, + to_h1->scheme, + to_h1->authority, + to_h1->path, + to_h1->headers, eos); + to_h1->eoh = 1; + + if (eos) { + apr_status_t status = h2_to_h1_close(to_h1); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, status, to_h1->m->c, + APLOGNO(02960) + "h2_to_h1(%ld-%d): end headers, eos=%d", + to_h1->m->id, to_h1->stream_id, eos); + } + return status; + } + return APR_SUCCESS; +} + +static apr_status_t flush(apr_bucket_brigade *bb, void *ctx) +{ + (void)bb; + return h2_to_h1_flush((h2_to_h1*)ctx); +} + +static apr_status_t h2_to_h1_add_data_raw(h2_to_h1 *to_h1, + const char *data, size_t len) +{ + apr_status_t status = APR_SUCCESS; + + if (to_h1->eos || !to_h1->eoh) { + return APR_EINVAL; + } + + status = apr_brigade_write(to_h1->bb, flush, to_h1, data, len); + if (status == APR_SUCCESS) { + status = h2_to_h1_flush(to_h1); + } + return status; +} + + +apr_status_t h2_to_h1_add_data(h2_to_h1 *to_h1, + const char *data, size_t len) +{ + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, to_h1->m->c, + "h2_to_h1(%ld-%d): add %ld data bytes", + to_h1->m->id, to_h1->stream_id, (long)len); + + if (to_h1->chunked) { + /* if input may have a body and we have not seen any + * content-length header, we need to chunk the input data. + */ + apr_status_t status = apr_brigade_printf(to_h1->bb, NULL, NULL, + "%lx\r\n", (unsigned long)len); + if (status == APR_SUCCESS) { + status = h2_to_h1_add_data_raw(to_h1, data, len); + if (status == APR_SUCCESS) { + status = apr_brigade_puts(to_h1->bb, NULL, NULL, "\r\n"); + } + } + return status; + } + else { + to_h1->remain_len -= len; + if (to_h1->remain_len < 0) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, to_h1->m->c, + APLOGNO(02961) + "h2_to_h1(%ld-%d): got %ld more content bytes than announced " + "in content-length header: %ld", + to_h1->m->id, to_h1->stream_id, + (long)to_h1->content_len, -(long)to_h1->remain_len); + } + return h2_to_h1_add_data_raw(to_h1, data, len); + } +} + +apr_status_t h2_to_h1_flush(h2_to_h1 *to_h1) +{ + apr_status_t status = APR_SUCCESS; + if (!APR_BRIGADE_EMPTY(to_h1->bb)) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, to_h1->m->c, + "h2_to_h1(%ld-%d): flush request bytes", + to_h1->m->id, to_h1->stream_id); + + status = h2_mplx_in_write(to_h1->m, to_h1->stream_id, to_h1->bb); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, to_h1->m->c, + APLOGNO(02946) "h2_request(%d): pushing request data", + to_h1->stream_id); + } + } + return status; +} + +apr_status_t h2_to_h1_close(h2_to_h1 *to_h1) +{ + apr_status_t status = APR_SUCCESS; + if (!to_h1->eos) { + if (to_h1->chunked) { + status = h2_to_h1_add_data_raw(to_h1, "0\r\n\r\n", 5); + } + to_h1->eos = 1; + status = h2_to_h1_flush(to_h1); + ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, to_h1->m->c, + "h2_to_h1(%d): close", to_h1->stream_id); + + status = h2_mplx_in_close(to_h1->m, to_h1->stream_id); + } + return status; +} + + diff --git a/modules/http2/h2_to_h1.h b/modules/http2/h2_to_h1.h new file mode 100644 index 00000000..74586e2b --- /dev/null +++ b/modules/http2/h2_to_h1.h @@ -0,0 +1,87 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_to_h1__ +#define __mod_h2__h2_to_h1__ + +struct h2_mplx; +struct h2_task; +typedef struct h2_to_h1 h2_to_h1; + +struct h2_to_h1 { + int stream_id; + apr_pool_t *pool; + h2_mplx *m; + + const char *method; + const char *scheme; + const char *authority; + const char *path; + + int chunked; + int eoh; + int eos; + int flushed; + int seen_host; + + apr_off_t content_len; + apr_off_t remain_len; + apr_table_t *headers; + apr_bucket_brigade *bb; +}; + +/* Create a converter from a HTTP/2 request to a serialzation in + * HTTP/1.1 format. The serialized data will be written onto the + * given h2_mplx instance. + */ +h2_to_h1 *h2_to_h1_create(int stream_id, apr_pool_t *pool, + apr_bucket_alloc_t *bucket_alloc, + const char *method, + const char *scheme, + const char *authority, + const char *path, + struct h2_mplx *m); + +/* Destroy the converter and free resources. */ +void h2_to_h1_destroy(h2_to_h1 *to_h1); + +/* Add a header to the serialization. Only valid to call after start + * and before end_headers. + */ +apr_status_t h2_to_h1_add_header(h2_to_h1 *to_h1, + const char *name, size_t nlen, + const char *value, size_t vlen); + +apr_status_t h2_to_h1_add_headers(h2_to_h1 *to_h1, apr_table_t *headers); + +/** End the request headers. + */ +apr_status_t h2_to_h1_end_headers(h2_to_h1 *to_h1, + struct h2_task *task, int eos); + +/* Add request body data. + */ +apr_status_t h2_to_h1_add_data(h2_to_h1 *to_h1, + const char *data, size_t len); + +/* Flush the converted data onto the h2_mplx instance. + */ +apr_status_t h2_to_h1_flush(h2_to_h1 *to_h1); + +/* Close the request, flushed automatically. + */ +apr_status_t h2_to_h1_close(h2_to_h1 *to_h1); + +#endif /* defined(__mod_h2__h2_to_h1__) */ diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c new file mode 100644 index 00000000..9d141be9 --- /dev/null +++ b/modules/http2/h2_util.c @@ -0,0 +1,649 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +#include +#include +#include + +#include + +#include "h2_private.h" +#include "h2_util.h" + +size_t h2_util_hex_dump(char *buffer, size_t maxlen, + const char *data, size_t datalen) +{ + size_t offset = 0; + size_t maxoffset = (maxlen-4); + size_t i; + for (i = 0; i < datalen && offset < maxoffset; ++i) { + const char *sep = (i && i % 16 == 0)? "\n" : " "; + int n = apr_snprintf(buffer+offset, maxoffset-offset, + "%2x%s", ((unsigned int)data[i]&0xff), sep); + offset += n; + } + strcpy(buffer+offset, (i= 'A' && *p <= 'Z') { + *p += 'a' - 'A'; + } + } + return s; +} + +void h2_util_camel_case_header(char *s, size_t len) +{ + size_t start = 1; + size_t i; + for (i = 0; i < len; ++i) { + if (start) { + if (s[i] >= 'a' && s[i] <= 'z') { + s[i] -= 'a' - 'A'; + } + + start = 0; + } + else if (s[i] == '-') { + start = 1; + } + } +} + +static const int BASE64URL_TABLE[] = { + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, + 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, + 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, + 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, + 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1 +}; + +apr_size_t h2_util_base64url_decode(const char **decoded, const char *encoded, + apr_pool_t *pool) +{ + const unsigned char *e = (const unsigned char *)encoded; + const unsigned char *p = e; + unsigned char *d; + int n; + apr_size_t len, mlen, remain, i; + + while (*p && BASE64URL_TABLE[ *p ] == -1) { + ++p; + } + len = p - e; + mlen = (len/4)*4; + *decoded = apr_pcalloc(pool, len+1); + + i = 0; + d = (unsigned char*)*decoded; + for (; i < mlen; i += 4) { + n = ((BASE64URL_TABLE[ e[i+0] ] << 18) + + (BASE64URL_TABLE[ e[i+1] ] << 12) + + (BASE64URL_TABLE[ e[i+2] ] << 6) + + BASE64URL_TABLE[ e[i+3] ]); + *d++ = n >> 16; + *d++ = n >> 8 & 0xffu; + *d++ = n & 0xffu; + } + remain = len - mlen; + switch (remain) { + case 2: + n = ((BASE64URL_TABLE[ e[mlen+0] ] << 18) + + (BASE64URL_TABLE[ e[mlen+1] ] << 12)); + *d++ = n >> 16; + break; + case 3: + n = ((BASE64URL_TABLE[ e[mlen+0] ] << 18) + + (BASE64URL_TABLE[ e[mlen+1] ] << 12) + + (BASE64URL_TABLE[ e[mlen+2] ] << 6)); + *d++ = n >> 16; + *d++ = n >> 8 & 0xffu; + break; + default: /* do nothing */ + break; + } + return len; +} + +int h2_util_contains_token(apr_pool_t *pool, const char *s, const char *token) +{ + char *c; + if (s) { + if (!apr_strnatcasecmp(s, token)) { /* the simple life */ + return 1; + } + + for (c = ap_get_token(pool, &s, 0); c && *c; + c = *s? ap_get_token(pool, &s, 0) : NULL) { + if (!apr_strnatcasecmp(c, token)) { /* seeing the token? */ + return 1; + } + while (*s++ == ';') { /* skip parameters */ + ap_get_token(pool, &s, 0); + } + if (*s++ != ',') { /* need comma separation */ + return 0; + } + } + } + return 0; +} + +const char *h2_util_first_token_match(apr_pool_t *pool, const char *s, + const char *tokens[], apr_size_t len) +{ + char *c; + apr_size_t i; + if (s && *s) { + for (c = ap_get_token(pool, &s, 0); c && *c; + c = *s? ap_get_token(pool, &s, 0) : NULL) { + for (i = 0; i < len; ++i) { + if (!apr_strnatcasecmp(c, tokens[i])) { + return tokens[i]; + } + } + while (*s++ == ';') { /* skip parameters */ + ap_get_token(pool, &s, 0); + } + if (*s++ != ',') { /* need comma separation */ + return 0; + } + } + } + return NULL; +} + +/* DEEP_COPY==0 crashes under load. I think the setaside is fine, + * however buckets moved to another thread will still be + * free'd against the old bucket_alloc. *And* if the old + * pool gets destroyed too early, the bucket disappears while + * still needed. + */ +static const int DEEP_COPY = 1; +static const int FILE_MOVE = 1; + +static apr_status_t last_not_included(apr_bucket_brigade *bb, + apr_size_t maxlen, + int same_alloc, + int *pfile_buckets_allowed, + apr_bucket **pend) +{ + apr_bucket *b; + apr_status_t status = APR_SUCCESS; + int files_allowed = pfile_buckets_allowed? *pfile_buckets_allowed : 0; + + if (maxlen > 0) { + /* Find the bucket, up to which we reach maxlen/mem bytes */ + for (b = APR_BRIGADE_FIRST(bb); + (b != APR_BRIGADE_SENTINEL(bb)); + b = APR_BUCKET_NEXT(b)) { + + if (APR_BUCKET_IS_METADATA(b)) { + /* included */ + } + else { + if (maxlen == 0) { + *pend = b; + return status; + } + + if (b->length == ((apr_size_t)-1)) { + const char *ign; + apr_size_t ilen; + status = apr_bucket_read(b, &ign, &ilen, APR_BLOCK_READ); + if (status != APR_SUCCESS) { + return status; + } + } + + if (same_alloc && APR_BUCKET_IS_FILE(b)) { + /* we like it move it, always */ + } + else if (files_allowed > 0 && APR_BUCKET_IS_FILE(b)) { + /* this has no memory footprint really unless + * it is read, disregard it in length count, + * unless we do not move the file buckets */ + --files_allowed; + } + else if (maxlen < b->length) { + apr_bucket_split(b, maxlen); + maxlen = 0; + } + else { + maxlen -= b->length; + } + } + } + } + *pend = APR_BRIGADE_SENTINEL(bb); + return status; +} + +#define LOG_BUCKETS 0 +#define LOG_LEVEL APLOG_INFO + +apr_status_t h2_util_move(apr_bucket_brigade *to, apr_bucket_brigade *from, + apr_size_t maxlen, int *pfile_handles_allowed, + const char *msg) +{ + apr_status_t status = APR_SUCCESS; + int same_alloc; + + AP_DEBUG_ASSERT(to); + AP_DEBUG_ASSERT(from); + same_alloc = (to->bucket_alloc == from->bucket_alloc); + + if (!FILE_MOVE) { + pfile_handles_allowed = NULL; + } + + if (!APR_BRIGADE_EMPTY(from)) { + apr_bucket *b, *end; + + status = last_not_included(from, maxlen, same_alloc, + pfile_handles_allowed, &end); + if (status != APR_SUCCESS) { + return status; + } + + while (!APR_BRIGADE_EMPTY(from) && status == APR_SUCCESS) { + b = APR_BRIGADE_FIRST(from); + if (b == end) { + break; + } + + if (same_alloc || (b->list == to->bucket_alloc)) { + /* both brigades use the same bucket_alloc and auto-cleanups + * have the same life time. It's therefore safe to just move + * directly. */ + APR_BUCKET_REMOVE(b); + APR_BRIGADE_INSERT_TAIL(to, b); +#if LOG_BUCKETS + ap_log_perror(APLOG_MARK, LOG_LEVEL, 0, to->p, + "h2_util_move: %s, passed bucket(same bucket_alloc) " + "%ld-%ld, type=%s", + msg, (long)b->start, (long)b->length, + APR_BUCKET_IS_METADATA(b)? + (APR_BUCKET_IS_EOS(b)? "EOS": + (APR_BUCKET_IS_FLUSH(b)? "FLUSH" : "META")) : + (APR_BUCKET_IS_FILE(b)? "FILE" : "DATA")); +#endif + } + else if (DEEP_COPY) { + /* we have not managed the magic of passing buckets from + * one thread to another. Any attempts result in + * cleanup of pools scrambling memory. + */ + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + APR_BRIGADE_INSERT_TAIL(to, apr_bucket_eos_create(to->bucket_alloc)); + } + else if (APR_BUCKET_IS_FLUSH(b)) { + APR_BRIGADE_INSERT_TAIL(to, apr_bucket_flush_create(to->bucket_alloc)); + } + else { + /* ignore */ + } + } + else if (pfile_handles_allowed + && *pfile_handles_allowed > 0 + && APR_BUCKET_IS_FILE(b)) { + /* We do not want to read files when passing buckets, if + * we can avoid it. However, what we've come up so far + * is not working corrently, resulting either in crashes or + * too many open file descriptors. + */ + apr_bucket_file *f = (apr_bucket_file *)b->data; + apr_file_t *fd = f->fd; + int setaside = (f->readpool != to->p); +#if LOG_BUCKETS + ap_log_perror(APLOG_MARK, LOG_LEVEL, 0, to->p, + "h2_util_move: %s, moving FILE bucket %ld-%ld " + "from=%lx(p=%lx) to=%lx(p=%lx), setaside=%d", + msg, (long)b->start, (long)b->length, + (long)from, (long)from->p, + (long)to, (long)to->p, setaside); +#endif + if (setaside) { + status = apr_file_setaside(&fd, fd, to->p); + if (status != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_ERR, status, to->p, + APLOGNO(02947) "h2_util: %s, setaside FILE", + msg); + return status; + } + } + apr_brigade_insert_file(to, fd, b->start, b->length, + to->p); + --(*pfile_handles_allowed); + } + else { + const char *data; + apr_size_t len; + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status == APR_SUCCESS && len > 0) { + status = apr_brigade_write(to, NULL, NULL, data, len); +#if LOG_BUCKETS + ap_log_perror(APLOG_MARK, LOG_LEVEL, 0, to->p, + "h2_util_move: %s, copied bucket %ld-%ld " + "from=%lx(p=%lx) to=%lx(p=%lx)", + msg, (long)b->start, (long)b->length, + (long)from, (long)from->p, + (long)to, (long)to->p); +#endif + } + } + apr_bucket_delete(b); + } + else { + apr_bucket_setaside(b, to->p); + APR_BUCKET_REMOVE(b); + APR_BRIGADE_INSERT_TAIL(to, b); +#if LOG_BUCKETS + ap_log_perror(APLOG_MARK, LOG_LEVEL, 0, to->p, + "h2_util_move: %s, passed setaside bucket %ld-%ld " + "from=%lx(p=%lx) to=%lx(p=%lx)", + msg, (long)b->start, (long)b->length, + (long)from, (long)from->p, + (long)to, (long)to->p); +#endif + } + } + } + + return status; +} + +apr_status_t h2_util_copy(apr_bucket_brigade *to, apr_bucket_brigade *from, + apr_size_t maxlen, const char *msg) +{ + apr_status_t status = APR_SUCCESS; + int same_alloc; + + (void)msg; + AP_DEBUG_ASSERT(to); + AP_DEBUG_ASSERT(from); + same_alloc = (to->bucket_alloc == from->bucket_alloc); + + if (!APR_BRIGADE_EMPTY(from)) { + apr_bucket *b, *end, *cpy; + + status = last_not_included(from, maxlen, 0, 0, &end); + if (status != APR_SUCCESS) { + return status; + } + + for (b = APR_BRIGADE_FIRST(from); + b != APR_BRIGADE_SENTINEL(from) && b != end; + b = APR_BUCKET_NEXT(b)) + { + if (same_alloc) { + status = apr_bucket_copy(b, &cpy); + if (status != APR_SUCCESS) { + break; + } + APR_BRIGADE_INSERT_TAIL(to, cpy); + } + else { + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + APR_BRIGADE_INSERT_TAIL(to, apr_bucket_eos_create(to->bucket_alloc)); + } + else if (APR_BUCKET_IS_FLUSH(b)) { + APR_BRIGADE_INSERT_TAIL(to, apr_bucket_flush_create(to->bucket_alloc)); + } + else { + /* ignore */ + } + } + else { + const char *data; + apr_size_t len; + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status == APR_SUCCESS && len > 0) { + status = apr_brigade_write(to, NULL, NULL, data, len); +#if LOG_BUCKETS + ap_log_perror(APLOG_MARK, LOG_LEVEL, 0, to->p, + "h2_util_copy: %s, copied bucket %ld-%ld " + "from=%lx(p=%lx) to=%lx(p=%lx)", + msg, (long)b->start, (long)b->length, + (long)from, (long)from->p, + (long)to, (long)to->p); +#endif + } + } + } + } + } + return status; +} + +int h2_util_has_flush_or_eos(apr_bucket_brigade *bb) { + apr_bucket *b; + for (b = APR_BRIGADE_FIRST(bb); + b != APR_BRIGADE_SENTINEL(bb); + b = APR_BUCKET_NEXT(b)) + { + if (APR_BUCKET_IS_EOS(b) || APR_BUCKET_IS_FLUSH(b)) { + return 1; + } + } + return 0; +} + +int h2_util_has_eos(apr_bucket_brigade *bb, apr_size_t len) +{ + apr_bucket *b, *end; + + apr_status_t status = last_not_included(bb, len, 0, 0, &end); + if (status != APR_SUCCESS) { + return status; + } + + for (b = APR_BRIGADE_FIRST(bb); + b != APR_BRIGADE_SENTINEL(bb) && b != end; + b = APR_BUCKET_NEXT(b)) + { + if (APR_BUCKET_IS_EOS(b)) { + return 1; + } + } + return 0; +} + +int h2_util_bb_has_data(apr_bucket_brigade *bb) +{ + apr_bucket *b; + for (b = APR_BRIGADE_FIRST(bb); + b != APR_BRIGADE_SENTINEL(bb); + b = APR_BUCKET_NEXT(b)) + { + if (!APR_BUCKET_IS_METADATA(b)) { + return 1; + } + } + return 0; +} + +int h2_util_bb_has_data_or_eos(apr_bucket_brigade *bb) +{ + apr_bucket *b; + for (b = APR_BRIGADE_FIRST(bb); + b != APR_BRIGADE_SENTINEL(bb); + b = APR_BUCKET_NEXT(b)) + { + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + return 1; + } + } + else { + return 1; + } + } + return 0; +} + +apr_status_t h2_util_bb_avail(apr_bucket_brigade *bb, + apr_size_t *plen, int *peos) +{ + apr_status_t status; + apr_off_t blen = 0; + + /* test read to determine available length */ + status = apr_brigade_length(bb, 1, &blen); + if (status != APR_SUCCESS) { + return status; + } + else if (blen == 0) { + /* empty brigade, does it have an EOS bucket somwhere? */ + *plen = 0; + *peos = h2_util_has_eos(bb, 0); + } + else if (blen > 0) { + /* data in the brigade, limit the length returned. Check for EOS + * bucket only if we indicate data. This is required since plen == 0 + * means "the whole brigade" for h2_util_hash_eos() + */ + if (blen < (apr_off_t)*plen) { + *plen = blen; + } + *peos = (*plen > 0)? h2_util_has_eos(bb, *plen) : 0; + } + else if (blen < 0) { + /* famous SHOULD NOT HAPPEN, sinc we told apr_brigade_length to readall + */ + *plen = 0; + *peos = h2_util_has_eos(bb, 0); + return APR_EINVAL; + } + return APR_SUCCESS; +} + +apr_status_t h2_util_bb_readx(apr_bucket_brigade *bb, + h2_util_pass_cb *cb, void *ctx, + apr_size_t *plen, int *peos) +{ + apr_status_t status = APR_SUCCESS; + int consume = (cb != NULL); + apr_size_t written = 0; + apr_size_t avail = *plen; + apr_bucket *next, *b; + + /* Pass data in our brigade through the callback until the length + * is satisfied or we encounter an EOS. + */ + *peos = 0; + for (b = APR_BRIGADE_FIRST(bb); + (status == APR_SUCCESS) && (b != APR_BRIGADE_SENTINEL(bb)); + b = next) { + + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + *peos = 1; + } + else { + /* ignore */ + } + } + else if (avail <= 0) { + break; + } + else { + const char *data = NULL; + apr_size_t data_len; + + if (b->length == ((apr_size_t)-1)) { + /* read to determine length */ + status = apr_bucket_read(b, &data, &data_len, + APR_NONBLOCK_READ); + } + else { + data_len = b->length; + } + + if (data_len > avail) { + apr_bucket_split(b, avail); + data_len = avail; + } + + if (consume) { + if (!data) { + status = apr_bucket_read(b, &data, &data_len, + APR_NONBLOCK_READ); + } + if (status == APR_SUCCESS) { + status = cb(ctx, data, data_len); + } + } + else { + data_len = b->length; + } + avail -= data_len; + written += data_len; + } + + next = APR_BUCKET_NEXT(b); + if (consume) { + apr_bucket_delete(b); + } + } + + *plen = written; + if (status == APR_SUCCESS && !*peos && !*plen) { + return APR_EAGAIN; + } + return status; +} + diff --git a/modules/http2/h2_util.h b/modules/http2/h2_util.h new file mode 100644 index 00000000..9a1b5c6d --- /dev/null +++ b/modules/http2/h2_util.h @@ -0,0 +1,124 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_util__ +#define __mod_h2__h2_util__ + +struct nghttp2_frame; + +size_t h2_util_hex_dump(char *buffer, size_t maxlen, + const char *data, size_t datalen); + +size_t h2_util_header_print(char *buffer, size_t maxlen, + const char *name, size_t namelen, + const char *value, size_t valuelen); + +char *h2_strlwr(char *s); + +void h2_util_camel_case_header(char *s, size_t len); + +/** + * Return != 0 iff the string s contains the token, as specified in + * HTTP header syntax, rfc7230. + */ +int h2_util_contains_token(apr_pool_t *pool, const char *s, const char *token); + +const char *h2_util_first_token_match(apr_pool_t *pool, const char *s, + const char *tokens[], apr_size_t len); + +/** + * I always wanted to write my own base64url decoder...not. See + * https://tools.ietf.org/html/rfc4648#section-5 for description. + */ +apr_size_t h2_util_base64url_decode(const char **decoded, + const char *encoded, + apr_pool_t *pool); + +#define H2_HD_MATCH_LIT(l, name, nlen) \ + ((nlen == sizeof(l) - 1) && !apr_strnatcasecmp(l, name)) + +#define H2_HD_MATCH_LIT_CS(l, name) \ + ((strlen(name) == sizeof(l) - 1) && !apr_strnatcasecmp(l, name)) + +#define H2_CREATE_NV_LIT_CS(nv, NAME, VALUE) nv->name = (uint8_t *)NAME; \ + nv->namelen = sizeof(NAME) - 1; \ + nv->value = (uint8_t *)VALUE; \ + nv->valuelen = strlen(VALUE) + +#define H2_CREATE_NV_CS_LIT(nv, NAME, VALUE) nv->name = (uint8_t *)NAME; \ + nv->namelen = strlen(NAME); \ + nv->value = (uint8_t *)VALUE; \ + nv->valuelen = sizeof(VALUE) - 1 + +#define H2_CREATE_NV_CS_CS(nv, NAME, VALUE) nv->name = (uint8_t *)NAME; \ + nv->namelen = strlen(NAME); \ + nv->value = (uint8_t *)VALUE; \ + nv->valuelen = strlen(VALUE) + +/** + * Moves data from one brigade into another. If maxlen > 0, it only + * moves up to maxlen bytes into the target brigade, making bucket splits + * if needed. + * @param to the brigade to move the data to + * @param from the brigade to get the data from + * @param maxlen of bytes to move, 0 for all + * @param pfile_buckets_allowed how many file buckets may be moved, + * may be 0 or NULL + * @param msg message for use in logging + */ +apr_status_t h2_util_move(apr_bucket_brigade *to, apr_bucket_brigade *from, + apr_size_t maxlen, int *pfile_buckets_allowed, + const char *msg); + +/** + * Copies buckets from one brigade into another. If maxlen > 0, it only + * copies up to maxlen bytes into the target brigade, making bucket splits + * if needed. + * @param to the brigade to copy the data to + * @param from the brigade to get the data from + * @param maxlen of bytes to copy, 0 for all + * @param msg message for use in logging + */ +apr_status_t h2_util_copy(apr_bucket_brigade *to, apr_bucket_brigade *from, + apr_size_t maxlen, const char *msg); + +/** + * Return != 0 iff there is a FLUSH or EOS bucket in the brigade. + * @param bb the brigade to check on + * @return != 0 iff brigade holds FLUSH or EOS bucket (or both) + */ +int h2_util_has_flush_or_eos(apr_bucket_brigade *bb); +int h2_util_has_eos(apr_bucket_brigade *bb, apr_size_t len); +int h2_util_bb_has_data(apr_bucket_brigade *bb); +int h2_util_bb_has_data_or_eos(apr_bucket_brigade *bb); + +/** + * Check how many bytes of the desired amount are available and if the + * end of stream is reached by that amount. + * @param bb the brigade to check + * @param plen the desired length and, on return, the available length + * @param on return, if eos has been reached + */ +apr_status_t h2_util_bb_avail(apr_bucket_brigade *bb, + apr_size_t *plen, int *peos); + +typedef apr_status_t h2_util_pass_cb(void *ctx, + const char *data, apr_size_t len); + +apr_status_t h2_util_bb_readx(apr_bucket_brigade *bb, + h2_util_pass_cb *cb, void *ctx, + apr_size_t *plen, int *peos); + +#endif /* defined(__mod_h2__h2_util__) */ diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h new file mode 100644 index 00000000..7a03865c --- /dev/null +++ b/modules/http2/h2_version.h @@ -0,0 +1,34 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 + +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +#ifndef mod_h2_h2_version_h +#define mod_h2_h2_version_h + +/** + * @macro + * Version number of the h2 module as c string + */ +#define MOD_HTTP2_VERSION "1.0.0" + +/** + * @macro + * Numerical representation of the version number of the h2 module + * release. This is a 24 bit number with 8 bits for major number, 8 bits + * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. + */ +#define MOD_HTTP2_VERSION_NUM 0x010000 + + +#endif /* mod_h2_h2_version_h */ diff --git a/modules/http2/h2_worker.c b/modules/http2/h2_worker.c new file mode 100644 index 00000000..8145b7aa --- /dev/null +++ b/modules/http2/h2_worker.c @@ -0,0 +1,170 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +#include +#include +#include + +#include "h2_private.h" +#include "h2_mplx.h" +#include "h2_task.h" +#include "h2_worker.h" + +static void* APR_THREAD_FUNC execute(apr_thread_t *thread, void *wctx) +{ + h2_worker *worker = (h2_worker *)wctx; + apr_status_t status = APR_SUCCESS; + h2_mplx *m; + (void)thread; + + /* Furthermore, other code might want to see the socket for + * this connection. Allocate one without further function... + */ + status = apr_socket_create(&worker->socket, + APR_INET, SOCK_STREAM, + APR_PROTO_TCP, worker->pool); + if (status != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_ERR, status, worker->pool, + APLOGNO(02948) "h2_worker(%d): alloc socket", + worker->id); + worker->worker_done(worker, worker->ctx); + return NULL; + } + + worker->task = NULL; + m = NULL; + while (!worker->aborted) { + status = worker->get_next(worker, &m, &worker->task, worker->ctx); + + if (worker->task) { + h2_task_do(worker->task, worker); + worker->task = NULL; + apr_thread_cond_signal(h2_worker_get_cond(worker)); + } + } + + status = worker->get_next(worker, &m, NULL, worker->ctx); + m = NULL; + + if (worker->socket) { + apr_socket_close(worker->socket); + worker->socket = NULL; + } + + worker->worker_done(worker, worker->ctx); + return NULL; +} + +h2_worker *h2_worker_create(int id, + apr_pool_t *parent_pool, + apr_threadattr_t *attr, + h2_worker_mplx_next_fn *get_next, + h2_worker_done_fn *worker_done, + void *ctx) +{ + apr_allocator_t *allocator = NULL; + apr_pool_t *pool = NULL; + h2_worker *w; + + apr_status_t status = apr_allocator_create(&allocator); + if (status != APR_SUCCESS) { + return NULL; + } + + status = apr_pool_create_ex(&pool, parent_pool, NULL, allocator); + if (status != APR_SUCCESS) { + return NULL; + } + apr_allocator_owner_set(allocator, pool); + + w = apr_pcalloc(pool, sizeof(h2_worker)); + if (w) { + APR_RING_ELEM_INIT(w, link); + + w->id = id; + w->pool = pool; + w->bucket_alloc = apr_bucket_alloc_create(pool); + + w->get_next = get_next; + w->worker_done = worker_done; + w->ctx = ctx; + + status = apr_thread_cond_create(&w->io, w->pool); + if (status != APR_SUCCESS) { + return NULL; + } + + apr_thread_create(&w->thread, attr, execute, w, pool); + } + return w; +} + +apr_status_t h2_worker_destroy(h2_worker *worker) +{ + if (worker->io) { + apr_thread_cond_destroy(worker->io); + worker->io = NULL; + } + if (worker->pool) { + apr_pool_destroy(worker->pool); + /* worker is gone */ + } + return APR_SUCCESS; +} + +int h2_worker_get_id(h2_worker *worker) +{ + return worker->id; +} + +void h2_worker_abort(h2_worker *worker) +{ + worker->aborted = 1; +} + +int h2_worker_is_aborted(h2_worker *worker) +{ + return worker->aborted; +} + +apr_thread_t *h2_worker_get_thread(h2_worker *worker) +{ + return worker->thread; +} + +apr_thread_cond_t *h2_worker_get_cond(h2_worker *worker) +{ + return worker->io; +} + +apr_socket_t *h2_worker_get_socket(h2_worker *worker) +{ + return worker->socket; +} + +apr_pool_t *h2_worker_get_pool(h2_worker *worker) +{ + return worker->pool; +} + +apr_bucket_alloc_t *h2_worker_get_bucket_alloc(h2_worker *worker) +{ + return worker->bucket_alloc; +} + diff --git a/modules/http2/h2_worker.h b/modules/http2/h2_worker.h new file mode 100644 index 00000000..9c69e6b5 --- /dev/null +++ b/modules/http2/h2_worker.h @@ -0,0 +1,155 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_worker__ +#define __mod_h2__h2_worker__ + +struct apr_thread_cond_t; +struct h2_mplx; +struct h2_task; + +/* h2_worker is a basically a apr_thread_t that reads fromt he h2_workers + * task queue and runs h2_tasks it is given. + */ +typedef struct h2_worker h2_worker; + +/* Invoked when the worker wants a new task to process. Will block + * until a h2_mplx becomes available or the worker itself + * gets aborted (idle timeout, for example). */ +typedef apr_status_t h2_worker_mplx_next_fn(h2_worker *worker, + struct h2_mplx **pm, + struct h2_task **ptask, + void *ctx); + +/* Invoked just before the worker thread exits. */ +typedef void h2_worker_done_fn(h2_worker *worker, void *ctx); + + +struct h2_worker { + /** Links to the rest of the workers */ + APR_RING_ENTRY(h2_worker) link; + + int id; + apr_thread_t *thread; + apr_pool_t *pool; + apr_bucket_alloc_t *bucket_alloc; + struct apr_thread_cond_t *io; + apr_socket_t *socket; + + h2_worker_mplx_next_fn *get_next; + h2_worker_done_fn *worker_done; + void *ctx; + + int aborted; + struct h2_task *task; +}; + +/** + * The magic pointer value that indicates the head of a h2_worker list + * @param b The worker list + * @return The magic pointer value + */ +#define H2_WORKER_LIST_SENTINEL(b) APR_RING_SENTINEL((b), h2_worker, link) + +/** + * Determine if the worker list is empty + * @param b The list to check + * @return true or false + */ +#define H2_WORKER_LIST_EMPTY(b) APR_RING_EMPTY((b), h2_worker, link) + +/** + * Return the first worker in a list + * @param b The list to query + * @return The first worker in the list + */ +#define H2_WORKER_LIST_FIRST(b) APR_RING_FIRST(b) + +/** + * Return the last worker in a list + * @param b The list to query + * @return The last worker int he list + */ +#define H2_WORKER_LIST_LAST(b) APR_RING_LAST(b) + +/** + * Insert a single worker at the front of a list + * @param b The list to add to + * @param e The worker to insert + */ +#define H2_WORKER_LIST_INSERT_HEAD(b, e) do { \ + h2_worker *ap__b = (e); \ + APR_RING_INSERT_HEAD((b), ap__b, h2_worker, link); \ + } while (0) + +/** + * Insert a single worker at the end of a list + * @param b The list to add to + * @param e The worker to insert + */ +#define H2_WORKER_LIST_INSERT_TAIL(b, e) do { \ + h2_worker *ap__b = (e); \ + APR_RING_INSERT_TAIL((b), ap__b, h2_worker, link); \ + } while (0) + +/** + * Get the next worker in the list + * @param e The current worker + * @return The next worker + */ +#define H2_WORKER_NEXT(e) APR_RING_NEXT((e), link) +/** + * Get the previous worker in the list + * @param e The current worker + * @return The previous worker + */ +#define H2_WORKER_PREV(e) APR_RING_PREV((e), link) + +/** + * Remove a worker from its list + * @param e The worker to remove + */ +#define H2_WORKER_REMOVE(e) APR_RING_REMOVE((e), link) + + +/* Create a new worker with given id, pool and attributes, callbacks + * callback parameter. + */ +h2_worker *h2_worker_create(int id, + apr_pool_t *pool, + apr_threadattr_t *attr, + h2_worker_mplx_next_fn *get_next, + h2_worker_done_fn *worker_done, + void *ctx); + +apr_status_t h2_worker_destroy(h2_worker *worker); + +void h2_worker_abort(h2_worker *worker); + +int h2_worker_get_id(h2_worker *worker); + +int h2_worker_is_aborted(h2_worker *worker); + +apr_pool_t *h2_worker_get_pool(h2_worker *worker); + +apr_bucket_alloc_t *h2_worker_get_bucket_alloc(h2_worker *worker); + +apr_socket_t *h2_worker_get_socket(h2_worker *worker); + +apr_thread_t *h2_worker_get_thread(h2_worker *worker); + +struct apr_thread_cond_t *h2_worker_get_cond(h2_worker *worker); + +#endif /* defined(__mod_h2__h2_worker__) */ diff --git a/modules/http2/h2_workers.c b/modules/http2/h2_workers.c new file mode 100644 index 00000000..cf300958 --- /dev/null +++ b/modules/http2/h2_workers.c @@ -0,0 +1,352 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include +#include +#include + +#include "h2_private.h" +#include "h2_mplx.h" +#include "h2_task.h" +#include "h2_task_queue.h" +#include "h2_worker.h" +#include "h2_workers.h" + +static int in_list(h2_workers *workers, h2_mplx *m) +{ + h2_mplx *e; + for (e = H2_MPLX_LIST_FIRST(&workers->mplxs); + e != H2_MPLX_LIST_SENTINEL(&workers->mplxs); + e = H2_MPLX_NEXT(e)) { + if (e == m) { + return 1; + } + } + return 0; +} + + +/** + * Get the next task for the given worker. Will block until a task arrives + * or the max_wait timer expires and more than min workers exist. + * The previous h2_mplx instance might be passed in and will be served + * with preference, since we can ask it for the next task without aquiring + * the h2_workers lock. + */ +static apr_status_t get_mplx_next(h2_worker *worker, h2_mplx **pm, + h2_task **ptask, void *ctx) +{ + apr_status_t status; + h2_mplx *m = NULL; + h2_task *task = NULL; + apr_time_t max_wait, start_wait; + int has_more = 0; + h2_workers *workers = (h2_workers *)ctx; + + if (*pm && ptask != NULL) { + /* We have a h2_mplx instance and the worker wants the next task. + * Try to get one from the given mplx. */ + *ptask = h2_mplx_pop_task(*pm, &has_more); + if (*ptask) { + return APR_SUCCESS; + } + } + + if (*pm) { + /* Got a mplx handed in, but did not get or want a task from it. + * Release it, as the workers reference will be wiped. + */ + h2_mplx_release(*pm); + *pm = NULL; + } + + if (!ptask) { + /* the worker does not want a next task, we're done. + */ + return APR_SUCCESS; + } + + max_wait = apr_time_from_sec(apr_atomic_read32(&workers->max_idle_secs)); + start_wait = apr_time_now(); + + status = apr_thread_mutex_lock(workers->lock); + if (status == APR_SUCCESS) { + ++workers->idle_worker_count; + ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, workers->s, + "h2_worker(%d): looking for work", h2_worker_get_id(worker)); + + while (!task && !h2_worker_is_aborted(worker) && !workers->aborted) { + + /* Get the next h2_mplx to process that has a task to hand out. + * If it does, place it at the end of the queu and return the + * task to the worker. + * If it (currently) has no tasks, remove it so that it needs + * to register again for scheduling. + * If we run out of h2_mplx in the queue, we need to wait for + * new mplx to arrive. Depending on how many workers do exist, + * we do a timed wait or block indefinitely. + */ + m = NULL; + while (!task && !H2_MPLX_LIST_EMPTY(&workers->mplxs)) { + m = H2_MPLX_LIST_FIRST(&workers->mplxs); + H2_MPLX_REMOVE(m); + + task = h2_mplx_pop_task(m, &has_more); + if (task) { + if (has_more) { + H2_MPLX_LIST_INSERT_TAIL(&workers->mplxs, m); + } + else { + has_more = !H2_MPLX_LIST_EMPTY(&workers->mplxs); + } + break; + } + } + + if (!task) { + /* Need to wait for either a new mplx to arrive. + */ + if (workers->worker_count > workers->min_size) { + apr_time_t now = apr_time_now(); + if (now >= (start_wait + max_wait)) { + /* waited long enough without getting a task. */ + status = APR_TIMEUP; + } + else { + ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, workers->s, + "h2_worker(%d): waiting signal, " + "worker_count=%d", worker->id, + (int)workers->worker_count); + status = apr_thread_cond_timedwait(workers->mplx_added, + workers->lock, max_wait); + } + + if (status == APR_TIMEUP) { + /* waited long enough */ + if (workers->worker_count > workers->min_size) { + ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, + workers->s, + "h2_workers: aborting idle worker"); + h2_worker_abort(worker); + break; + } + } + } + else { + ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, workers->s, + "h2_worker(%d): waiting signal (eternal), " + "worker_count=%d", worker->id, + (int)workers->worker_count); + apr_thread_cond_wait(workers->mplx_added, workers->lock); + } + } + } + + /* Here, we either have gotten task and mplx for the worker or + * needed to give up with more than enough workers. + */ + if (task) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, workers->s, + "h2_worker(%d): start task(%s)", + h2_worker_get_id(worker), task->id); + /* Since we hand out a reference to the worker, we increase + * its ref count. + */ + h2_mplx_reference(m); + *pm = m; + *ptask = task; + + if (has_more && workers->idle_worker_count > 1) { + apr_thread_cond_signal(workers->mplx_added); + } + status = APR_SUCCESS; + } + else { + status = APR_EOF; + } + + --workers->idle_worker_count; + apr_thread_mutex_unlock(workers->lock); + } + + return status; +} + +static void worker_done(h2_worker *worker, void *ctx) +{ + h2_workers *workers = (h2_workers *)ctx; + apr_status_t status = apr_thread_mutex_lock(workers->lock); + if (status == APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, workers->s, + "h2_worker(%d): done", h2_worker_get_id(worker)); + H2_WORKER_REMOVE(worker); + --workers->worker_count; + h2_worker_destroy(worker); + + apr_thread_mutex_unlock(workers->lock); + } +} + + +static apr_status_t add_worker(h2_workers *workers) +{ + h2_worker *w = h2_worker_create(workers->next_worker_id++, + workers->pool, workers->thread_attr, + get_mplx_next, worker_done, workers); + if (!w) { + return APR_ENOMEM; + } + ap_log_error(APLOG_MARK, APLOG_TRACE2, 0, workers->s, + "h2_workers: adding worker(%d)", h2_worker_get_id(w)); + ++workers->worker_count; + H2_WORKER_LIST_INSERT_TAIL(&workers->workers, w); + return APR_SUCCESS; +} + +static apr_status_t h2_workers_start(h2_workers *workers) { + apr_status_t status = apr_thread_mutex_lock(workers->lock); + if (status == APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, workers->s, + "h2_workers: starting"); + + while (workers->worker_count < workers->min_size + && status == APR_SUCCESS) { + status = add_worker(workers); + } + apr_thread_mutex_unlock(workers->lock); + } + return status; +} + +h2_workers *h2_workers_create(server_rec *s, apr_pool_t *pool, + int min_size, int max_size) +{ + apr_status_t status; + h2_workers *workers; + AP_DEBUG_ASSERT(s); + AP_DEBUG_ASSERT(pool); + status = APR_SUCCESS; + + workers = apr_pcalloc(pool, sizeof(h2_workers)); + if (workers) { + workers->s = s; + workers->pool = pool; + workers->min_size = min_size; + workers->max_size = max_size; + apr_atomic_set32(&workers->max_idle_secs, 10); + + apr_threadattr_create(&workers->thread_attr, workers->pool); + + APR_RING_INIT(&workers->workers, h2_worker, link); + APR_RING_INIT(&workers->mplxs, h2_mplx, link); + + status = apr_thread_mutex_create(&workers->lock, + APR_THREAD_MUTEX_DEFAULT, + workers->pool); + if (status == APR_SUCCESS) { + status = apr_thread_cond_create(&workers->mplx_added, workers->pool); + } + + if (status == APR_SUCCESS) { + status = h2_workers_start(workers); + } + + if (status != APR_SUCCESS) { + h2_workers_destroy(workers); + workers = NULL; + } + } + return workers; +} + +void h2_workers_destroy(h2_workers *workers) +{ + if (workers->mplx_added) { + apr_thread_cond_destroy(workers->mplx_added); + workers->mplx_added = NULL; + } + if (workers->lock) { + apr_thread_mutex_destroy(workers->lock); + workers->lock = NULL; + } + while (!H2_MPLX_LIST_EMPTY(&workers->mplxs)) { + h2_mplx *m = H2_MPLX_LIST_FIRST(&workers->mplxs); + H2_MPLX_REMOVE(m); + } + while (!H2_WORKER_LIST_EMPTY(&workers->workers)) { + h2_worker *w = H2_WORKER_LIST_FIRST(&workers->workers); + H2_WORKER_REMOVE(w); + } +} + +apr_status_t h2_workers_register(h2_workers *workers, struct h2_mplx *m) +{ + apr_status_t status = apr_thread_mutex_lock(workers->lock); + if (status == APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, status, workers->s, + "h2_workers: register mplx(%ld)", m->id); + if (in_list(workers, m)) { + status = APR_EAGAIN; + } + else { + H2_MPLX_LIST_INSERT_TAIL(&workers->mplxs, m); + status = APR_SUCCESS; + } + + if (workers->idle_worker_count > 0) { + apr_thread_cond_signal(workers->mplx_added); + } + else if (workers->worker_count < workers->max_size) { + ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, workers->s, + "h2_workers: got %d worker, adding 1", + workers->worker_count); + add_worker(workers); + } + + apr_thread_mutex_unlock(workers->lock); + } + return status; +} + +apr_status_t h2_workers_unregister(h2_workers *workers, struct h2_mplx *m) +{ + apr_status_t status = apr_thread_mutex_lock(workers->lock); + if (status == APR_SUCCESS) { + status = APR_EAGAIN; + if (in_list(workers, m)) { + H2_MPLX_REMOVE(m); + status = APR_SUCCESS; + } + apr_thread_mutex_unlock(workers->lock); + } + return status; +} + +void h2_workers_set_max_idle_secs(h2_workers *workers, int idle_secs) +{ + if (idle_secs <= 0) { + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, workers->s, + APLOGNO(02962) "h2_workers: max_worker_idle_sec value of %d" + " is not valid, ignored.", idle_secs); + return; + } + apr_atomic_set32(&workers->max_idle_secs, idle_secs); +} + diff --git a/modules/http2/h2_workers.h b/modules/http2/h2_workers.h new file mode 100644 index 00000000..50fd6b8a --- /dev/null +++ b/modules/http2/h2_workers.h @@ -0,0 +1,87 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __mod_h2__h2_workers__ +#define __mod_h2__h2_workers__ + +/* Thread pool specific to executing h2_tasks. Has a minimum and maximum + * number of workers it creates. Starts with minimum workers and adds + * some on load, reduces the number again when idle. + * + */ +struct apr_thread_mutex_t; +struct apr_thread_cond_t; +struct h2_mplx; +struct h2_task; +struct h2_task_queue; + +typedef struct h2_workers h2_workers; + +struct h2_workers { + server_rec *s; + apr_pool_t *pool; + int aborted; + + int next_worker_id; + int min_size; + int max_size; + + apr_threadattr_t *thread_attr; + + APR_RING_HEAD(h2_worker_list, h2_worker) workers; + APR_RING_HEAD(h2_mplx_list, h2_mplx) mplxs; + + int worker_count; + volatile apr_uint32_t max_idle_secs; + volatile apr_uint32_t idle_worker_count; + + struct apr_thread_mutex_t *lock; + struct apr_thread_cond_t *mplx_added; +}; + + +/* Create a worker pool with the given minimum and maximum number of + * threads. + */ +h2_workers *h2_workers_create(server_rec *s, apr_pool_t *pool, + int min_size, int max_size); + +/* Destroy the worker pool and all its threads. + */ +void h2_workers_destroy(h2_workers *workers); + +/** + * Registers a h2_mplx for task scheduling. If this h2_mplx runs + * out of tasks, it will be automatically be unregistered. Should + * new tasks arrive, it needs to be registered again. + */ +apr_status_t h2_workers_register(h2_workers *workers, + struct h2_mplx *m); + +/** + * Remove a h2_mplx from the worker registry. + */ +apr_status_t h2_workers_unregister(h2_workers *workers, + struct h2_mplx *m); + +/** + * Set the amount of seconds a h2_worker should wait for new tasks + * before shutting down (if there are more than the minimum number of + * workers). + */ +void h2_workers_set_max_idle_secs(h2_workers *workers, int idle_secs); + +#endif /* defined(__mod_h2__h2_workers__) */ diff --git a/modules/http2/mod_h2.h b/modules/http2/mod_h2.h new file mode 100644 index 00000000..bb895dd2 --- /dev/null +++ b/modules/http2/mod_h2.h @@ -0,0 +1,19 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef mod_h2_mod_h2_h +#define mod_h2_mod_h2_h + +#endif diff --git a/modules/http2/mod_http2.c b/modules/http2/mod_http2.c new file mode 100644 index 00000000..b1e79f16 --- /dev/null +++ b/modules/http2/mod_http2.c @@ -0,0 +1,146 @@ +/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include +#include + +#include "mod_h2.h" + +#include +#include "h2_stream.h" +#include "h2_alt_svc.h" +#include "h2_conn.h" +#include "h2_task.h" +#include "h2_session.h" +#include "h2_config.h" +#include "h2_ctx.h" +#include "h2_h2.h" +#include "h2_switch.h" +#include "h2_version.h" + + +static void h2_hooks(apr_pool_t *pool); + +AP_DECLARE_MODULE(http2) = { + STANDARD20_MODULE_STUFF, + NULL, + NULL, + h2_config_create_svr, /* func to create per server config */ + h2_config_merge, /* func to merge per server config */ + h2_cmds, /* command handlers */ + h2_hooks +}; + +/* The module initialization. Called once as apache hook, before any multi + * processing (threaded or not) happens. It is typically at least called twice, + * see + * http://wiki.apache.org/httpd/ModuleLife + * Since the first run is just a "practise" run, we want to initialize for real + * only on the second try. This defeats the purpose of the first dry run a bit, + * since apache wants to verify that a new configuration actually will work. + * So if we have trouble with the configuration, this will only be detected + * when the server has already switched. + * On the other hand, when we initialize lib nghttp2, all possible crazy things + * might happen and this might even eat threads. So, better init on the real + * invocation, for now at least. + */ +static int h2_post_config(apr_pool_t *p, apr_pool_t *plog, + apr_pool_t *ptemp, server_rec *s) +{ + void *data = NULL; + const char *mod_h2_init_key = "mod_h2_init_counter"; + nghttp2_info *ngh2; + apr_status_t status; + (void)plog;(void)ptemp; + + apr_pool_userdata_get(&data, mod_h2_init_key, s->process->pool); + if ( data == NULL ) { + ap_log_error( APLOG_MARK, APLOG_DEBUG, 0, s, + "initializing post config dry run"); + apr_pool_userdata_set((const void *)1, mod_h2_init_key, + apr_pool_cleanup_null, s->process->pool); + return APR_SUCCESS; + } + + ngh2 = nghttp2_version(0); + ap_log_error( APLOG_MARK, APLOG_INFO, 0, s, + "mod_http2 (v%s, nghttp2 %s), initializing...", + MOD_HTTP2_VERSION, ngh2? ngh2->version_str : "unknown"); + + switch (h2_conn_mpm_type()) { + case H2_MPM_EVENT: + case H2_MPM_WORKER: + /* all fine, we know these ones */ + break; + case H2_MPM_PREFORK: + /* ok, we now know how to handle that one */ + break; + case H2_MPM_UNKNOWN: + /* ??? */ + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, + "post_config: mpm type unknown"); + break; + } + + status = h2_h2_init(p, s); + if (status == APR_SUCCESS) { + status = h2_switch_init(p, s); + } + + return status; +} + +/* Runs once per created child process. Perform any process + * related initionalization here. + */ +static void h2_child_init(apr_pool_t *pool, server_rec *s) +{ + /* Set up our connection processing */ + apr_status_t status = h2_conn_child_init(pool, s); + if (status != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, status, s, + APLOGNO(02949) "initializing connection handling"); + } +} + +/* Install this module into the apache2 infrastructure. + */ +static void h2_hooks(apr_pool_t *pool) +{ + static const char *const mod_ssl[] = { "mod_ssl.c", NULL}; + + ap_log_perror(APLOG_MARK, APLOG_INFO, 0, pool, "installing hooks"); + + /* Run once after configuration is set, but before mpm children initialize. + */ + ap_hook_post_config(h2_post_config, mod_ssl, NULL, APR_HOOK_MIDDLE); + + /* Run once after a child process has been created. + */ + ap_hook_child_init(h2_child_init, NULL, NULL, APR_HOOK_MIDDLE); + + h2_h2_register_hooks(); + h2_switch_register_hooks(); + h2_task_register_hooks(); + + h2_alt_svc_register_hooks(); + +} + + diff --git a/modules/http2/mod_http2.dsp b/modules/http2/mod_http2.dsp new file mode 100644 index 00000000..c3e139e9 --- /dev/null +++ b/modules/http2/mod_http2.dsp @@ -0,0 +1,207 @@ +# Microsoft Developer Studio Project File - Name="mod_http2" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=mod_http2 - Win32 Release +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "mod_http2.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "mod_http2.mak" CFG="mod_http2 - Win32 Release" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "mod_http2 - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "mod_http2 - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "mod_http2 - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "ssize_t=long" /FD /c +# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../../srclib/nghttp2/lib/includes" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "ssize_t=long" /Fd"Release\mod_http2_src" /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /win32 +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /fo"Release/mod_http2.res" /i "../../include" /i "../../srclib/apr/include" /d "NDEBUG" /d BIN_NAME="mod_http2.so" /d LONG_NAME="http2_module for Apache" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib nghttp2.lib /nologo /subsystem:windows /dll /libpath:"..\..\srclib\nghttp2\lib\MSVC_obj" /out:".\Release\mod_http2.so" /base:@..\..\os\win32\BaseAddr.ref,mod_http2.so +# ADD LINK32 kernel32.lib nghttp2.lib /nologo /subsystem:windows /dll /libpath:"..\..\srclib\nghttp2\lib\MSVC_obj" /incremental:no /debug /out:".\Release\mod_http2.so" /base:@..\..\os\win32\BaseAddr.ref,mod_http2.so /opt:ref +# Begin Special Build Tool +TargetPath=.\Release\mod_http2.so +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ELSEIF "$(CFG)" == "mod_http2 - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "ssize_t=long" /FD /c +# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../../srclib/nghttp2/lib/includes" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "ssize_t=long" /Fd"Debug\mod_http2_src" /FD /c +# ADD BASE MTL /nologo /D "_DEBUG" /win32 +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /fo"Debug/mod_http2.res" /i "../../include" /i "../../srclib/apr/include" /d "_DEBUG" /d BIN_NAME="mod_http2.so" /d LONG_NAME="http2_module for Apache" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib nghttp2d.lib /nologo /subsystem:windows /dll /libpath:"..\..\srclib\nghttp2\lib\MSVC_obj" /incremental:no /debug /out:".\Debug\mod_http2.so" /base:@..\..\os\win32\BaseAddr.ref,mod_http2.so +# ADD LINK32 kernel32.lib nghttp2d.lib /nologo /subsystem:windows /dll /libpath:"..\..\srclib\nghttp2\lib\MSVC_obj" /incremental:no /debug /out:".\Debug\mod_http2.so" /base:@..\..\os\win32\BaseAddr.ref,mod_http2.so +# Begin Special Build Tool +TargetPath=.\Debug\mod_http2.so +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ENDIF + +# Begin Target + +# Name "mod_http2 - Win32 Release" +# Name "mod_http2 - Win32 Debug" +# Begin Source File + +SOURCE=./h2_alt_svc.c +# End Source File +# Begin Source File + +SOURCE=./h2_config.c +# End Source File +# Begin Source File + +SOURCE=./h2_conn.c +# End Source File +# Begin Source File + +SOURCE=./h2_conn_io.c +# End Source File +# Begin Source File + +SOURCE=./h2_ctx.c +# End Source File +# Begin Source File + +SOURCE=./h2_from_h1.c +# End Source File +# Begin Source File + +SOURCE=./h2_h2.c +# End Source File +# Begin Source File + +SOURCE=./h2_io.c +# End Source File +# Begin Source File + +SOURCE=./h2_io_set.c +# End Source File +# Begin Source File + +SOURCE=./h2_mplx.c +# End Source File +# Begin Source File + +SOURCE=./h2_request.c +# End Source File +# Begin Source File + +SOURCE=./h2_response.c +# End Source File +# Begin Source File + +SOURCE=./h2_session.c +# End Source File +# Begin Source File + +SOURCE=./h2_stream.c +# End Source File +# Begin Source File + +SOURCE=./h2_stream_set.c +# End Source File +# Begin Source File + +SOURCE=./h2_switch.c +# End Source File +# Begin Source File + +SOURCE=./h2_task.c +# End Source File +# Begin Source File + +SOURCE=./h2_task_input.c +# End Source File +# Begin Source File + +SOURCE=./h2_task_output.c +# End Source File +# Begin Source File + +SOURCE=./h2_task_queue.c +# End Source File +# Begin Source File + +SOURCE=./h2_to_h1.c +# End Source File +# Begin Source File + +SOURCE=./h2_util.c +# End Source File +# Begin Source File + +SOURCE=./h2_worker.c +# End Source File +# Begin Source File + +SOURCE=./h2_workers.c +# End Source File +# Begin Source File + +SOURCE=./mod_http2.c +# End Source File +# Begin Source File + +SOURCE=..\..\build\win32\httpd.rc +# End Source File +# End Target +# End Project diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c index 156e131d..52acafb0 100644 --- a/modules/ldap/util_ldap.c +++ b/modules/ldap/util_ldap.c @@ -209,8 +209,9 @@ static apr_status_t uldap_connection_unbind(void *param) * * The caller should hold the lock for this connection */ -static apr_status_t util_ldap_connection_remove (void *param) { - util_ldap_connection_t *ldc = param, *l = NULL, *prev = NULL; +static apr_status_t util_ldap_connection_remove (void *param) +{ + util_ldap_connection_t *ldc = param, *l = NULL, *prev = NULL; util_ldap_state_t *st; if (!ldc) return APR_SUCCESS; @@ -2670,16 +2671,17 @@ static const char *util_ldap_set_referral_hop_limit(cmd_parms *cmd, return NULL; } -static void *util_ldap_create_dir_config(apr_pool_t *p, char *d) { - util_ldap_config_t *dc = - (util_ldap_config_t *) apr_pcalloc(p,sizeof(util_ldap_config_t)); +static void *util_ldap_create_dir_config(apr_pool_t *p, char *d) +{ + util_ldap_config_t *dc = + (util_ldap_config_t *) apr_pcalloc(p,sizeof(util_ldap_config_t)); - /* defaults are AP_LDAP_CHASEREFERRALS_ON and AP_LDAP_DEFAULT_HOPLIMIT */ - dc->client_certs = apr_array_make(p, 10, sizeof(apr_ldap_opt_tls_cert_t)); - dc->ChaseReferrals = AP_LDAP_CHASEREFERRALS_ON; - dc->ReferralHopLimit = AP_LDAP_HOPLIMIT_UNSET; + /* defaults are AP_LDAP_CHASEREFERRALS_ON and AP_LDAP_DEFAULT_HOPLIMIT */ + dc->client_certs = apr_array_make(p, 10, sizeof(apr_ldap_opt_tls_cert_t)); + dc->ChaseReferrals = AP_LDAP_CHASEREFERRALS_ON; + dc->ReferralHopLimit = AP_LDAP_HOPLIMIT_UNSET; - return dc; + return dc; } static const char *util_ldap_set_op_timeout(cmd_parms *cmd, @@ -2891,7 +2893,6 @@ static void *util_ldap_merge_config(apr_pool_t *p, void *basev, static apr_status_t util_ldap_cleanup_module(void *data) { - server_rec *s = data; util_ldap_state_t *st = (util_ldap_state_t *)ap_get_module_config( s->module_config, &ldap_module); @@ -2901,7 +2902,6 @@ static apr_status_t util_ldap_cleanup_module(void *data) } return APR_SUCCESS; - } static int util_ldap_pre_config(apr_pool_t *pconf, apr_pool_t *plog, diff --git a/modules/ldap/util_ldap_cache.c b/modules/ldap/util_ldap_cache.c index b1346f05..d8c1ed9b 100644 --- a/modules/ldap/util_ldap_cache.c +++ b/modules/ldap/util_ldap_cache.c @@ -181,8 +181,8 @@ void *util_ldap_search_node_copy(util_ald_cache_t *cache, void *c) util_ldap_search_node_free(cache, newnode); return NULL; } - if(node->bindpw) { - if(!(newnode->bindpw = util_ald_strdup(cache, node->bindpw))) { + if (node->bindpw) { + if (!(newnode->bindpw = util_ald_strdup(cache, node->bindpw))) { util_ldap_search_node_free(cache, newnode); return NULL; } @@ -305,14 +305,14 @@ void util_ldap_compare_node_display(request_rec *r, util_ald_cache_t *cache, voi cmp_result = apr_itoa(r->pool, node->result); } - if(node->subgroupList) { + if (node->subgroupList) { sub_groups_val = "Yes"; } else { sub_groups_val = "No"; } - if(node->sgl_processed) { + if (node->sgl_processed) { sub_groups_checked = "Yes"; } else { diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c index d5687c24..4dd140f6 100644 --- a/modules/loggers/mod_log_config.c +++ b/modules/loggers/mod_log_config.c @@ -1172,12 +1172,13 @@ static int config_log_transaction(request_rec *r, config_log_state *cls, if (!log_writer) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00645) "log writer isn't correctly setup"); - return HTTP_INTERNAL_SERVER_ERROR; + return HTTP_INTERNAL_SERVER_ERROR; } rv = log_writer(r, cls->log_writer, strs, strl, format->nelts, len); - if (rv != APR_SUCCESS) - ap_log_rerror(APLOG_MARK, APLOG_WARNING, rv, r, APLOGNO(00646) "Error writing to %s", - cls->fname); + if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_WARNING, rv, r, APLOGNO(00646) + "Error writing to %s", cls->fname); + } return OK; } diff --git a/modules/loggers/mod_logio.c b/modules/loggers/mod_logio.c index ab922e30..58aa92cf 100644 --- a/modules/loggers/mod_logio.c +++ b/modules/loggers/mod_logio.c @@ -38,6 +38,7 @@ module AP_MODULE_DECLARE_DATA logio_module; static const char logio_filter_name[] = "LOG_INPUT_OUTPUT"; +static const char logio_ttfb_filter_name[] = "LOGIO_TTFB_OUT"; /* * Logging of input and output config... @@ -47,15 +48,18 @@ typedef struct logio_config_t { apr_off_t bytes_in; apr_off_t bytes_out; apr_off_t bytes_last_request; - apr_time_t ttfb; - request_rec *r; /* Use for TTFB only */ - unsigned int first_byte_seen:1; } logio_config_t; typedef struct logio_dirconf_t { unsigned int track_ttfb:1; } logio_dirconf_t; +typedef struct logio_req_t { + apr_time_t ttfb; +} logio_req_t; + + + /* * Optional function for the core to add to bytes_out */ @@ -64,19 +68,6 @@ static void ap_logio_add_bytes_out(conn_rec *c, apr_off_t bytes) { logio_config_t *cf = ap_get_module_config(c->conn_config, &logio_module); cf->bytes_out += bytes; - - if (!cf->first_byte_seen) { - /* cleared during log_transaction, after mod_log_config */ - cf->first_byte_seen = 1; - - if (cf->r) { - logio_dirconf_t *conf = (logio_dirconf_t*) - ap_get_module_config(cf->r->per_dir_config, &logio_module); - if (conf && conf->track_ttfb) { - cf->ttfb = apr_time_now() - cf->r->request_time; - } - } - } } /* @@ -132,14 +123,14 @@ static const char *log_bytes_combined(request_rec *r, char *a) static const char *log_ttfb(request_rec *r, char *a) { - logio_config_t *cf = ap_get_module_config(r->connection->conn_config, - &logio_module); + logio_req_t *rconf = ap_get_module_config(r->request_config, + &logio_module); - if (!cf->first_byte_seen || !cf->ttfb) { + if (!rconf || !rconf->ttfb) { return "-"; } - return apr_psprintf(r->pool, "%" APR_TIME_T_FMT, cf->ttfb); + return apr_psprintf(r->pool, "%" APR_TIME_T_FMT, rconf->ttfb); } /* * Reset counters after logging... @@ -154,20 +145,6 @@ static int logio_transaction(request_rec *r) cf->bytes_last_request = cf->bytes_in + cf->bytes_out; cf->bytes_in = cf->bytes_out = 0; - cf->r = NULL; - cf->ttfb = 0; - cf->first_byte_seen = 0; - - return OK; -} - -static int logio_post_read_request(request_rec *r) -{ - logio_config_t *cf = ap_get_module_config(r->connection->conn_config, - &logio_module); - if (cf) { - cf->r = r; - } return OK; } @@ -226,6 +203,34 @@ static int logio_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp) return OK; } +static apr_status_t logio_ttfb_filter(ap_filter_t *f, apr_bucket_brigade *b) +{ + request_rec *r = f->r; + logio_dirconf_t *conf = ap_get_module_config(r->per_dir_config, + &logio_module); + if (conf && conf->track_ttfb) { + logio_req_t *rconf = ap_get_module_config(r->request_config, + &logio_module); + if (rconf == NULL) { + rconf = apr_pcalloc(r->pool, sizeof(logio_req_t)); + rconf->ttfb = apr_time_now() - r->request_time; + ap_set_module_config(r->request_config, &logio_module, rconf); + } + } + ap_remove_output_filter(f); + return ap_pass_brigade(f->next, b); +} + +static void logio_insert_filter(request_rec * r) +{ + logio_dirconf_t *conf = ap_get_module_config(r->per_dir_config, + &logio_module); + if (conf->track_ttfb) { + ap_add_output_filter(logio_ttfb_filter_name, NULL, r, r->connection); + } + return; +} + static const char *logio_track_ttfb(cmd_parms *cmd, void *in_dir_config, int arg) { logio_dirconf_t *dir_config = in_dir_config; @@ -254,12 +259,15 @@ static void register_hooks(apr_pool_t *p) ap_hook_pre_connection(logio_pre_conn, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_pre_config(logio_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST); - ap_hook_post_read_request(logio_post_read_request, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_log_transaction(logio_transaction, pre, NULL, APR_HOOK_MIDDLE); ap_register_input_filter(logio_filter_name, logio_in_filter, NULL, AP_FTYPE_NETWORK - 1); + ap_hook_insert_filter(logio_insert_filter, NULL, NULL, APR_HOOK_LAST); + ap_register_output_filter(logio_ttfb_filter_name, logio_ttfb_filter, NULL, + AP_FTYPE_RESOURCE); + APR_REGISTER_OPTIONAL_FN(ap_logio_add_bytes_out); APR_REGISTER_OPTIONAL_FN(ap_logio_add_bytes_in); APR_REGISTER_OPTIONAL_FN(ap_logio_get_last_bytes); diff --git a/modules/lua/config.m4 b/modules/lua/config.m4 index c9567ef0..18e9fe56 100644 --- a/modules/lua/config.m4 +++ b/modules/lua/config.m4 @@ -1,7 +1,7 @@ APACHE_MODPATH_INIT(lua) -dnl Check for Lua 5.1 Libraries +dnl Check for Lua 5.2/5.1 Libraries dnl CHECK_LUA(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]) dnl Sets: dnl LUA_CFLAGS @@ -11,7 +11,7 @@ AC_DEFUN([CHECK_LUA], AC_ARG_WITH( lua, - [AC_HELP_STRING([--with-lua=PATH],[Path to the Lua 5.1/5.2 prefix])], + [AC_HELP_STRING([--with-lua=PATH],[Path to the Lua 5.2/5.1 prefix])], lua_path="$withval", :) @@ -25,42 +25,39 @@ fi AC_CHECK_LIB(m, pow, lib_m="-lm") AC_CHECK_LIB(m, sqrt, lib_m="-lm") for x in $test_paths ; do - if test "x$x" = "x."; then - AC_CHECK_HEADER(lua.h,[ + AC_MSG_CHECKING([for lua.h in ${x}/include/lua-5.2]) + if test -f ${x}/include/lua-5.2/lua.h; then + AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" - LDFLAGS="$LDFLAGS $lib_m" - AC_CHECK_LIB(lua5.1, luaL_newstate, [ - LUA_LIBS="-llua5.1 $lib_m" - ],[ - AC_CHECK_LIB(lua-5.1, luaL_newstate, [ - LUA_LIBS="-llua-5.1 $lib_m" - ],[ - AC_CHECK_LIB(lua, luaL_newstate, [ - LUA_LIBS="-llua $lib_m" - ]) + LDFLAGS="-L$x/lib/lua-5.2 $LDFLAGS $lib_m" + AC_CHECK_LIB(lua-5.2, luaL_newstate, [ + LUA_LIBS="-L$x/lib/lua-5.2 -llua-5.2 $lib_m" + if test "x$ap_platform_runtime_link_flag" != "x"; then + APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua-5.2]) + fi + LUA_CFLAGS="-I$x/include/lua-5.2" ]) - ]) - LUA_CFLAGS= CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS break - ]) - else - AC_MSG_CHECKING([for lua.h in ${x}/include/lua5.1]) - if test -f ${x}/include/lua5.1/lua.h; then + else + AC_MSG_RESULT([no]) + fi + AC_MSG_CHECKING([for lua.h in ${x}/include/lua5.2]) + if test -f ${x}/include/lua5.2/lua.h; then AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" LDFLAGS="-L$x/lib $LDFLAGS $lib_m" - AC_CHECK_LIB(lua5.1, luaL_newstate, [ - LUA_LIBS="-L$x/lib -llua5.1 $lib_m" + AC_CHECK_LIB(lua5.2, luaL_newstate, [ + LUA_LIBS="-L$x/lib -llua5.2 $lib_m" if test "x$ap_platform_runtime_link_flag" != "x"; then APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib]) fi - LUA_CFLAGS="-I$x/include/lua5.1" + LUA_CFLAGS="-I$x/include/lua5.2" ]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS @@ -68,19 +65,19 @@ for x in $test_paths ; do else AC_MSG_RESULT([no]) fi - AC_MSG_CHECKING([for lua.h in ${x}/include/lua51]) - if test -f ${x}/include/lua51/lua.h; then + AC_MSG_CHECKING([for lua.h in ${x}/include/lua52]) + if test -f ${x}/include/lua52/lua.h; then AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" - LDFLAGS="-L$x/lib/lua51 $LDFLAGS $lib_m" + LDFLAGS="-L$x/lib/lua52 $LDFLAGS $lib_m" AC_CHECK_LIB(lua, luaL_newstate, [ - LUA_LIBS="-L$x/lib/lua51 -llua $lib_m" + LUA_LIBS="-L$x/lib/lua52 -llua $lib_m" if test "x$ap_platform_runtime_link_flag" != "x"; then - APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua51]) + APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua52]) fi - LUA_CFLAGS="-I$x/include/lua51" + LUA_CFLAGS="-I$x/include/lua52" ]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS @@ -88,19 +85,19 @@ for x in $test_paths ; do else AC_MSG_RESULT([no]) fi - AC_MSG_CHECKING([for lua.h in ${x}/include/lua5.2]) - if test -f ${x}/include/lua5.2/lua.h; then + AC_MSG_CHECKING([for lua.h in ${x}/include]) + if test -f ${x}/include/lua.h; then AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" LDFLAGS="-L$x/lib $LDFLAGS $lib_m" - AC_CHECK_LIB(lua5.2, luaL_newstate, [ - LUA_LIBS="-L$x/lib -llua5.2 $lib_m" + AC_CHECK_LIB(lua, luaL_newstate, [ + LUA_LIBS="-L$x/lib -llua $lib_m" if test "x$ap_platform_runtime_link_flag" != "x"; then APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib]) fi - LUA_CFLAGS="-I$x/include/lua5.2" + LUA_CFLAGS="-I$x/include" ]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS @@ -108,19 +105,20 @@ for x in $test_paths ; do else AC_MSG_RESULT([no]) fi - AC_MSG_CHECKING([for lua.h in ${x}/include/lua52]) - if test -f ${x}/include/lua52/lua.h; then + + AC_MSG_CHECKING([for lua.h in ${x}/include/lua-5.1]) + if test -f ${x}/include/lua-5.1/lua.h; then AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" - LDFLAGS="-L$x/lib/lua52 $LDFLAGS $lib_m" - AC_CHECK_LIB(lua, luaL_newstate, [ - LUA_LIBS="-L$x/lib/lua52 -llua $lib_m" + LDFLAGS="-L$x/lib/lua-5.1 $LDFLAGS $lib_m" + AC_CHECK_LIB(lua-5.1, luaL_newstate, [ + LUA_LIBS="-L$x/lib/lua-5.1 -llua-5.1 $lib_m" if test "x$ap_platform_runtime_link_flag" != "x"; then - APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua52]) + APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua-5.1]) fi - LUA_CFLAGS="-I$x/include/lua52" + LUA_CFLAGS="-I$x/include/lua-5.1" ]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS @@ -128,19 +126,39 @@ for x in $test_paths ; do else AC_MSG_RESULT([no]) fi - AC_MSG_CHECKING([for lua.h in ${x}/include]) - if test -f ${x}/include/lua.h; then + AC_MSG_CHECKING([for lua.h in ${x}/include/lua5.1]) + if test -f ${x}/include/lua5.1/lua.h; then AC_MSG_RESULT([yes]) save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS" LDFLAGS="-L$x/lib $LDFLAGS $lib_m" - AC_CHECK_LIB(lua, luaL_newstate, [ - LUA_LIBS="-L$x/lib -llua $lib_m" + AC_CHECK_LIB(lua5.1, luaL_newstate, [ + LUA_LIBS="-L$x/lib -llua5.1 $lib_m" if test "x$ap_platform_runtime_link_flag" != "x"; then APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib]) fi - LUA_CFLAGS="-I$x/include" + LUA_CFLAGS="-I$x/include/lua5.1" + ]) + CFLAGS=$save_CFLAGS + LDFLAGS=$save_LDFLAGS + break + else + AC_MSG_RESULT([no]) + fi + AC_MSG_CHECKING([for lua.h in ${x}/include/lua51]) + if test -f ${x}/include/lua51/lua.h; then + AC_MSG_RESULT([yes]) + save_CFLAGS=$CFLAGS + save_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS" + LDFLAGS="-L$x/lib/lua51 $LDFLAGS $lib_m" + AC_CHECK_LIB(lua, luaL_newstate, [ + LUA_LIBS="-L$x/lib/lua51 -llua $lib_m" + if test "x$ap_platform_runtime_link_flag" != "x"; then + APR_ADDTO(LUA_LIBS, [$ap_platform_runtime_link_flag$x/lib/lua51]) + fi + LUA_CFLAGS="-I$x/include/lua51" ]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS @@ -148,20 +166,19 @@ for x in $test_paths ; do else AC_MSG_RESULT([no]) fi - fi done AC_SUBST(LUA_LIBS) AC_SUBST(LUA_CFLAGS) if test -z "${LUA_LIBS}"; then - AC_MSG_WARN([*** Lua 5.1 library not found.]) + AC_MSG_WARN([*** Lua 5.2 or 5.1 library not found.]) ifelse([$2], , enable_lua="no" if test -z "${lua_path}"; then - AC_MSG_WARN([Lua 5.1 library is required]) + AC_MSG_WARN([Lua 5.2 or 5.1 library is required]) else - AC_MSG_ERROR([Lua 5.1 library is required]) + AC_MSG_ERROR([Lua 5.2 or 5.1 library is required]) fi, $2) else diff --git a/modules/lua/lua_config.c b/modules/lua/lua_config.c index bb082380..3b307ebc 100644 --- a/modules/lua/lua_config.c +++ b/modules/lua/lua_config.c @@ -141,7 +141,8 @@ static int cfg_directory(lua_State *L) return 1; } -/*static int cfg_root(lua_State *L) { +/*static int cfg_root(lua_State *L) +{ ap_lua_dir_cfg *cfg = check_dir_config(L, 1); lua_pushstring(L, cfg->root_path); return 1; diff --git a/modules/mappers/mod_dir.c b/modules/mappers/mod_dir.c index 542236b5..50cef26e 100644 --- a/modules/mappers/mod_dir.c +++ b/modules/mappers/mod_dir.c @@ -276,10 +276,18 @@ static int fixup_dir(request_rec *r) /* we're running between mod_rewrites fixup and its internal redirect handler, step aside */ if (!strcmp(r->handler, REWRITE_REDIRECT_HANDLER_NAME)) { + /* Prevent DIR_MAGIC_TYPE from leaking out when someone has taken over */ + if (!strcmp(r->content_type, DIR_MAGIC_TYPE)) { + r->content_type = NULL; + } return DECLINED; } if (d->checkhandler == MODDIR_ON && strcmp(r->handler, DIR_MAGIC_TYPE)) { + /* Prevent DIR_MAGIC_TYPE from leaking out when someone has taken over */ + if (!strcmp(r->content_type, DIR_MAGIC_TYPE)) { + r->content_type = NULL; + } return DECLINED; } diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c index 0089a6c9..77f27cc6 100644 --- a/modules/mappers/mod_negotiation.c +++ b/modules/mappers/mod_negotiation.c @@ -828,33 +828,27 @@ static apr_off_t get_body(char *buffer, apr_size_t *len, const char *tag, apr_file_t *map) { char *endbody; - int bodylen; - int taglen; + apr_size_t bodylen; apr_off_t pos; - taglen = strlen(tag); - *len -= taglen; /* We are at the first character following a body:tag\n entry * Suck in the body, then backspace to the first char after the * closing tag entry. If we fail to read, find the tag or back * up then we have a hosed file, so give up already */ + --*len; /* Reserve space for '\0' */ if (apr_file_read(map, buffer, len) != APR_SUCCESS) { return -1; } + buffer[*len] = '\0'; - /* put a copy of the tag *after* the data read from the file - * so that strstr() will find something with no reliance on - * terminating '\0' - */ - memcpy(buffer + *len, tag, taglen); - endbody = strstr(buffer, tag); - if (endbody == buffer + *len) { + endbody = ap_strstr(buffer, tag); + if (!endbody) { return -1; } bodylen = endbody - buffer; - endbody += taglen; + endbody += strlen(tag); /* Skip all the trailing cruft after the end tag to the next line */ while (*endbody) { if (*endbody == '\n') { @@ -2890,7 +2884,7 @@ static int do_negotiation(request_rec *r, negotiation_state *neg, /* Some HTTP/1.0 clients are known to choke when they get * a 300 (multiple choices) response without a Location - * header. However the 300 code response we are are about + * header. However the 300 code response we are about * to generate will only reach 1.0 clients which support * transparent negotiation, and they should be OK. The * response should never reach older 1.0 clients, even if diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index f1ed708b..8156a7d7 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -142,60 +142,60 @@ static const char* really_last_key = "rewrite_really_last"; #define REDIRECT_ENVVAR_SCRIPT_URL "REDIRECT_" ENVVAR_SCRIPT_URL #define ENVVAR_SCRIPT_URI "SCRIPT_URI" -#define CONDFLAG_NONE 1<<0 -#define CONDFLAG_NOCASE 1<<1 -#define CONDFLAG_NOTMATCH 1<<2 -#define CONDFLAG_ORNEXT 1<<3 -#define CONDFLAG_NOVARY 1<<4 - -#define RULEFLAG_NONE 1<<0 -#define RULEFLAG_FORCEREDIRECT 1<<1 -#define RULEFLAG_LASTRULE 1<<2 -#define RULEFLAG_NEWROUND 1<<3 -#define RULEFLAG_CHAIN 1<<4 -#define RULEFLAG_IGNOREONSUBREQ 1<<5 -#define RULEFLAG_NOTMATCH 1<<6 -#define RULEFLAG_PROXY 1<<7 -#define RULEFLAG_PASSTHROUGH 1<<8 -#define RULEFLAG_QSAPPEND 1<<9 -#define RULEFLAG_NOCASE 1<<10 -#define RULEFLAG_NOESCAPE 1<<11 -#define RULEFLAG_NOSUB 1<<12 -#define RULEFLAG_STATUS 1<<13 -#define RULEFLAG_ESCAPEBACKREF 1<<14 -#define RULEFLAG_DISCARDPATHINFO 1<<15 -#define RULEFLAG_QSDISCARD 1<<16 -#define RULEFLAG_END 1<<17 +#define CONDFLAG_NONE (1<<0) +#define CONDFLAG_NOCASE (1<<1) +#define CONDFLAG_NOTMATCH (1<<2) +#define CONDFLAG_ORNEXT (1<<3) +#define CONDFLAG_NOVARY (1<<4) + +#define RULEFLAG_NONE (1<<0) +#define RULEFLAG_FORCEREDIRECT (1<<1) +#define RULEFLAG_LASTRULE (1<<2) +#define RULEFLAG_NEWROUND (1<<3) +#define RULEFLAG_CHAIN (1<<4) +#define RULEFLAG_IGNOREONSUBREQ (1<<5) +#define RULEFLAG_NOTMATCH (1<<6) +#define RULEFLAG_PROXY (1<<7) +#define RULEFLAG_PASSTHROUGH (1<<8) +#define RULEFLAG_QSAPPEND (1<<9) +#define RULEFLAG_NOCASE (1<<10) +#define RULEFLAG_NOESCAPE (1<<11) +#define RULEFLAG_NOSUB (1<<12) +#define RULEFLAG_STATUS (1<<13) +#define RULEFLAG_ESCAPEBACKREF (1<<14) +#define RULEFLAG_DISCARDPATHINFO (1<<15) +#define RULEFLAG_QSDISCARD (1<<16) +#define RULEFLAG_END (1<<17) /* return code of the rewrite rule * the result may be escaped - or not */ -#define ACTION_NORMAL 1<<0 -#define ACTION_NOESCAPE 1<<1 -#define ACTION_STATUS 1<<2 - - -#define MAPTYPE_TXT 1<<0 -#define MAPTYPE_DBM 1<<1 -#define MAPTYPE_PRG 1<<2 -#define MAPTYPE_INT 1<<3 -#define MAPTYPE_RND 1<<4 -#define MAPTYPE_DBD 1<<5 -#define MAPTYPE_DBD_CACHE 1<<6 - -#define ENGINE_DISABLED 1<<0 -#define ENGINE_ENABLED 1<<1 - -#define OPTION_NONE 1<<0 -#define OPTION_INHERIT 1<<1 -#define OPTION_INHERIT_BEFORE 1<<2 -#define OPTION_NOSLASH 1<<3 -#define OPTION_ANYURI 1<<4 -#define OPTION_MERGEBASE 1<<5 -#define OPTION_INHERIT_DOWN 1<<6 -#define OPTION_INHERIT_DOWN_BEFORE 1<<7 -#define OPTION_IGNORE_INHERIT 1<<8 -#define OPTION_IGNORE_CONTEXT_INFO 1<<9 +#define ACTION_NORMAL (1<<0) +#define ACTION_NOESCAPE (1<<1) +#define ACTION_STATUS (1<<2) + + +#define MAPTYPE_TXT (1<<0) +#define MAPTYPE_DBM (1<<1) +#define MAPTYPE_PRG (1<<2) +#define MAPTYPE_INT (1<<3) +#define MAPTYPE_RND (1<<4) +#define MAPTYPE_DBD (1<<5) +#define MAPTYPE_DBD_CACHE (1<<6) + +#define ENGINE_DISABLED (1<<0) +#define ENGINE_ENABLED (1<<1) + +#define OPTION_NONE (1<<0) +#define OPTION_INHERIT (1<<1) +#define OPTION_INHERIT_BEFORE (1<<2) +#define OPTION_NOSLASH (1<<3) +#define OPTION_ANYURI (1<<4) +#define OPTION_MERGEBASE (1<<5) +#define OPTION_INHERIT_DOWN (1<<6) +#define OPTION_INHERIT_DOWN_BEFORE (1<<7) +#define OPTION_IGNORE_INHERIT (1<<8) +#define OPTION_IGNORE_CONTEXT_INFO (1<<9) #ifndef RAND_MAX #define RAND_MAX 32767 @@ -1338,6 +1338,13 @@ static char *lookup_map_dbd(request_rec *r, char *key, const char *label) char *ret = NULL; int n = 0; ap_dbd_t *db = dbd_acquire(r); + + if (db == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02963) + "rewritemap: No db handle available! " + "Check your database access"); + return NULL; + } stmt = apr_hash_get(db->prepared, label, APR_HASH_KEY_STRING); @@ -2478,10 +2485,18 @@ static void add_cookie(request_rec *r, char *s) char *tok_cntx; char *cookie; + /* long-standing default, but can't use ':' in a cookie */ + const char *sep = ":"; + + /* opt-in to ; separator if first character is a ; */ + if (s && *s == ';') { + sep = ";"; + s++; + } - var = apr_strtok(s, ":", &tok_cntx); - val = apr_strtok(NULL, ":", &tok_cntx); - domain = apr_strtok(NULL, ":", &tok_cntx); + var = apr_strtok(s, sep, &tok_cntx); + val = apr_strtok(NULL, sep, &tok_cntx); + domain = apr_strtok(NULL, sep, &tok_cntx); if (var && val && domain) { request_rec *rmain = r; @@ -2497,10 +2512,10 @@ static void add_cookie(request_rec *r, char *s) if (!data) { char *exp_time = NULL; - expires = apr_strtok(NULL, ":", &tok_cntx); - path = expires ? apr_strtok(NULL, ":", &tok_cntx) : NULL; - secure = path ? apr_strtok(NULL, ":", &tok_cntx) : NULL; - httponly = secure ? apr_strtok(NULL, ":", &tok_cntx) : NULL; + expires = apr_strtok(NULL, sep, &tok_cntx); + path = expires ? apr_strtok(NULL, sep, &tok_cntx) : NULL; + secure = path ? apr_strtok(NULL, sep, &tok_cntx) : NULL; + httponly = secure ? apr_strtok(NULL, sep, &tok_cntx) : NULL; if (expires) { apr_time_exp_t tms; diff --git a/modules/mappers/mod_vhost_alias.c b/modules/mappers/mod_vhost_alias.c index 70c857d4..0b616947 100644 --- a/modules/mappers/mod_vhost_alias.c +++ b/modules/mappers/mod_vhost_alias.c @@ -269,7 +269,7 @@ static void vhost_alias_interpolate(request_rec *r, const char *name, ndots = 0; dots[ndots++] = name-1; /* slightly naughty */ - for (p = name; *p; ++p){ + for (p = name; *p; ++p) { if (*p == '.' && ndots < MAXDOTS) { dots[ndots++] = p; } diff --git a/modules/metadata/mod_cern_meta.c b/modules/metadata/mod_cern_meta.c index f06c464c..09a41e1c 100644 --- a/modules/metadata/mod_cern_meta.c +++ b/modules/metadata/mod_cern_meta.c @@ -246,7 +246,7 @@ static int scan_meta_file(request_rec *r, apr_file_t *f) char *endp = l + strlen(l) - 1; while (endp > l && apr_isspace(*endp)) - *endp-- = '\0'; + *endp-- = '\0'; tmp = apr_pstrdup(r->pool, l); ap_content_type_tolower(tmp); @@ -332,7 +332,7 @@ static int add_cern_meta_data(request_rec *r) */ rr = ap_sub_req_lookup_file(metafilename, r, NULL); if (rr->status != HTTP_OK) { - ap_destroy_sub_req(rr); + ap_destroy_sub_req(rr); return DECLINED; } ap_destroy_sub_req(rr); diff --git a/modules/metadata/mod_ident.c b/modules/metadata/mod_ident.c index 06295ef3..5520a802 100644 --- a/modules/metadata/mod_ident.c +++ b/modules/metadata/mod_ident.c @@ -202,7 +202,7 @@ static apr_status_t rfc1413_query(apr_socket_t *sock, conn_rec *conn, * Note that the strchr function below checks for \012 instead of '\n' * this allows it to work on both ASCII and EBCDIC machines. */ - while((cp = strchr(buffer, '\012')) == NULL && i < sizeof(buffer) - 1) { + while ((cp = strchr(buffer, '\012')) == NULL && i < sizeof(buffer) - 1) { apr_size_t j = sizeof(buffer) - 1 - i; apr_status_t status; status = apr_socket_recv(sock, buffer+i, &j); @@ -298,7 +298,7 @@ static const command_rec ident_cmds[] = module AP_MODULE_DECLARE_DATA ident_module; /* - * Optional function for the core to to the actual ident request + * Optional function for the core to the actual ident request */ static const char *ap_ident_lookup(request_rec *r) { diff --git a/modules/metadata/mod_setenvif.c b/modules/metadata/mod_setenvif.c index a62670e0..db58b601 100644 --- a/modules/metadata/mod_setenvif.c +++ b/modules/metadata/mod_setenvif.c @@ -41,7 +41,7 @@ * done. If the value matches the string or regular expression, the * environment variables listed as var ... are set. Each var can * be in one of three formats: var, which sets the named variable - * (the value value "1"); var=value, which sets the variable to + * (the value "1"); var=value, which sets the variable to * the given value; or !var, which unsets the variable is it has * been previously set. * diff --git a/modules/proxy/NWGNUproxy b/modules/proxy/NWGNUproxy index b66cccfa..327ba5e6 100644 --- a/modules/proxy/NWGNUproxy +++ b/modules/proxy/NWGNUproxy @@ -282,6 +282,7 @@ $(OBJDIR)/mod_proxy.imp: NWGNUproxy @echo $(DL) ap_proxy_connect_backend,$(DL)>> $@ @echo $(DL) ap_proxy_connect_to_backend,$(DL)>> $@ @echo $(DL) ap_proxy_connection_create,$(DL)>> $@ + @echo $(DL) ap_proxy_connection_reusable,$(DL)>> $@ @echo $(DL) ap_proxy_cookie_reverse_map,$(DL)>> $@ @echo $(DL) ap_proxy_create_hdrbrgd,$(DL)>> $@ @echo $(DL) ap_proxy_define_balancer,$(DL)>> $@ diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c index edb9d23c..0ec94ad7 100644 --- a/modules/proxy/ajp_header.c +++ b/modules/proxy/ajp_header.c @@ -37,7 +37,7 @@ static const char *long_res_header_for_sc(int sc) { const char *rc = NULL; sc = sc & 0X00FF; - if(sc <= SC_RES_HEADERS_NUM && sc > 0) { + if (sc <= SC_RES_HEADERS_NUM && sc > 0) { rc = response_trans_headers[sc - 1]; } @@ -89,39 +89,39 @@ static int sc_for_req_header(const char *header_name) return UNKNOWN_METHOD; break; case 'C': - if(strcmp(p, "OOKIE2") == 0) + if (strcmp(p, "OOKIE2") == 0) return SC_COOKIE2; else if (strcmp(p, "OOKIE") == 0) return SC_COOKIE; - else if(strcmp(p, "ONNECTION") == 0) + else if (strcmp(p, "ONNECTION") == 0) return SC_CONNECTION; - else if(strcmp(p, "ONTENT-TYPE") == 0) + else if (strcmp(p, "ONTENT-TYPE") == 0) return SC_CONTENT_TYPE; - else if(strcmp(p, "ONTENT-LENGTH") == 0) + else if (strcmp(p, "ONTENT-LENGTH") == 0) return SC_CONTENT_LENGTH; else return UNKNOWN_METHOD; break; case 'H': - if(strcmp(p, "OST") == 0) + if (strcmp(p, "OST") == 0) return SC_HOST; else return UNKNOWN_METHOD; break; case 'P': - if(strcmp(p, "RAGMA") == 0) + if (strcmp(p, "RAGMA") == 0) return SC_PRAGMA; else return UNKNOWN_METHOD; break; case 'R': - if(strcmp(p, "EFERER") == 0) + if (strcmp(p, "EFERER") == 0) return SC_REFERER; else return UNKNOWN_METHOD; break; case 'U': - if(strcmp(p, "SER-AGENT") == 0) + if (strcmp(p, "SER-AGENT") == 0) return SC_USER_AGENT; else return UNKNOWN_METHOD; @@ -548,7 +548,7 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg, rc = ajp_msg_get_uint16(msg, &status); if (rc != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00983) + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00983) "ajp_unmarshal_response: Null status"); return rc; } @@ -561,7 +561,8 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg, ap_xlate_proto_from_ascii(ptr, strlen(ptr)); #endif r->status_line = apr_psprintf(r->pool, "%d %s", status, ptr); - } else { + } + else { r->status_line = NULL; } @@ -581,7 +582,8 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg, apr_table_do(addit_dammit, save_table, r->headers_out, "Set-Cookie", NULL); r->headers_out = save_table; - } else { + } + else { r->headers_out = NULL; num_headers = 0; } @@ -590,7 +592,7 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg, "ajp_unmarshal_response: Number of headers is = %d", num_headers); - for(i = 0 ; i < (int) num_headers ; i++) { + for (i = 0; i < (int)num_headers; i++) { apr_uint16_t name; const char *stringname; const char *value; @@ -609,7 +611,8 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg, name); return AJP_EBAD_HEADER; } - } else { + } + else { name = 0; rc = ajp_msg_get_string(msg, &stringname); if (rc != APR_SUCCESS) { diff --git a/modules/proxy/ajp_msg.c b/modules/proxy/ajp_msg.c index 71bc1dd9..06bee9be 100644 --- a/modules/proxy/ajp_msg.c +++ b/modules/proxy/ajp_msg.c @@ -78,7 +78,7 @@ apr_status_t ajp_msg_dump(apr_pool_t *pool, ajp_msg_t *msg, char *err, line_len = AJP_MSG_DUMP_BYTES_PER_LINE; } for (j = 0; j < line_len; j++) { - x = msg->buf[i + j]; + x = msg->buf[i + j]; *current++ = hex_table[x >> 4]; *current++ = hex_table[x & 0x0f]; diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c index 6a1c3cf5..0f896bdf 100644 --- a/modules/proxy/mod_proxy.c +++ b/modules/proxy/mod_proxy.c @@ -934,6 +934,7 @@ static int proxy_handler(request_rec *r) proxy_worker *worker = NULL; int attempts = 0, max_attempts = 0; struct dirconn_entry *list = (struct dirconn_entry *)conf->dirconn->elts; + int saved_status; /* is this for us? */ if (!r->filename) { @@ -1206,7 +1207,23 @@ static int proxy_handler(request_rec *r) goto cleanup; } cleanup: + /* + * Save current r->status and set it to the value of access_status which + * might be different (e.g. r->status could be HTTP_OK if e.g. we override + * the error page on the proxy or if the error was not generated by the + * backend itself but by the proxy e.g. a bad gateway) in order to give + * ap_proxy_post_request a chance to act correctly on the status code. + */ + saved_status = r->status; + r->status = access_status; ap_proxy_post_request(worker, balancer, r, conf); + /* + * Only restore r->status if it has not been changed by + * ap_proxy_post_request as we assume that this change was intentional. + */ + if (r->status == access_status) { + r->status = saved_status; + } proxy_run_request_status(&access_status, r); AP_PROXY_RUN_FINISHED(r, attempts, access_status); diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c index 72ffb1c0..702650a9 100644 --- a/modules/proxy/mod_proxy_balancer.c +++ b/modules/proxy/mod_proxy_balancer.c @@ -1255,7 +1255,7 @@ static int balancer_handler(request_rec *r) ap_rputs(" \n", r); /* Start proxy_balancer */ ap_rvputs(r, " ", balancer->s->name, "\n", NULL); - if (balancer->s->sticky) { + if (*balancer->s->sticky) { ap_rvputs(r, " ", balancer->s->sticky, "\n", NULL); ap_rprintf(r, @@ -1272,7 +1272,7 @@ static int balancer_handler(request_rec *r) } ap_rvputs(r, " ", balancer->lbmethod->name, "\n", NULL); - if (balancer->s->sticky) { + if (*balancer->s->sticky) { ap_rprintf(r, " %s\n", (balancer->s->scolonsep ? "On" : "Off")); @@ -1509,7 +1509,7 @@ static int balancer_handler(request_rec *r) ap_rprintf(r, "
    • \n", balancer->s->lbpname); ap_rputs("\n", NULL); diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c index 5c689aa1..a62a2828 100644 --- a/modules/proxy/mod_proxy_ftp.c +++ b/modules/proxy/mod_proxy_ftp.c @@ -172,7 +172,7 @@ static int ftp_check_globbingchars(const char *path) { for ( ; *path; ++path) { if (*path == '\\') - ++path; + ++path; if (*path != '\0' && strchr(FTP_GLOBBING_CHARS, *path) != NULL) return TRUE; } diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index 319721f3..5e95ea2f 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -759,7 +759,7 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, /* WE only understand chunked. Other modules might inject * (and therefore, decode) other flavors but we don't know - * that the can and have done so unless they they remove + * that the can and have done so unless they remove * their decoding from the headers_in T-E list. * XXX: Make this extensible, but in doing so, presume the * encoding has been done by the extensions' handler, and @@ -951,7 +951,7 @@ skip_body: break; default: /* shouldn't be possible */ - rv = HTTP_INTERNAL_SERVER_ERROR ; + rv = HTTP_INTERNAL_SERVER_ERROR; break; } @@ -1117,7 +1117,7 @@ static void ap_proxy_read_headers(request_rec *r, request_rec *rr, if (psc->badopt == bad_error) { /* Nope, it wasn't even an extra HTTP header. Give up. */ r->headers_out = NULL; - return ; + return; } else if (psc->badopt == bad_body) { /* if we've already started loading headers_out, then @@ -1131,12 +1131,12 @@ static void ap_proxy_read_headers(request_rec *r, request_rec *rr, "in headers returned by %s (%s)", r->uri, r->method); *pread_len = len; - return ; + return; } else { ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01099) "No HTTP headers returned by %s (%s)", r->uri, r->method); - return ; + return; } } } @@ -1156,15 +1156,14 @@ static void ap_proxy_read_headers(request_rec *r, request_rec *rr, ++value; /* Skip to start of value */ /* should strip trailing whitespace as well */ - for (end = &value[strlen(value)-1]; end > value && apr_isspace(*end); -- -end) + for (end = &value[strlen(value)-1]; end > value && apr_isspace(*end); --end) *end = '\0'; /* make sure we add so as not to destroy duplicated headers * Modify headers requiring canonicalisation and/or affected * by ProxyPassReverse and family with process_proxy_header */ - process_proxy_header(r, dconf, buffer, value) ; + process_proxy_header(r, dconf, buffer, value); saw_headers = 1; /* the header was too long; at the least we should skip extra data */ diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index b35278a7..92e1f3eb 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -1320,6 +1320,14 @@ PROXY_DECLARE(apr_status_t) ap_proxy_initialize_balancer(proxy_balancer *balance * CONNECTION related... */ +static void socket_cleanup(proxy_conn_rec *conn) +{ + conn->sock = NULL; + conn->connection = NULL; + conn->ssl_hostname = NULL; + apr_pool_clear(conn->scpool); +} + static apr_status_t conn_pool_cleanup(void *theworker) { proxy_worker *worker = (proxy_worker *)theworker; @@ -1386,7 +1394,7 @@ static apr_status_t connection_cleanup(void *theconn) } /* determine if the connection need to be closed */ - if (!ap_proxy_connection_reusable(conn)) { + if (!worker->s->is_address_reusable || worker->s->disablereuse) { apr_pool_t *p = conn->pool; apr_pool_clear(p); conn = apr_pcalloc(p, sizeof(proxy_conn_rec)); @@ -1395,6 +1403,12 @@ static apr_status_t connection_cleanup(void *theconn) apr_pool_create(&(conn->scpool), p); apr_pool_tag(conn->scpool, "proxy_conn_scpool"); } + else if (conn->close + || (conn->connection + && conn->connection->keepalive == AP_CONN_CLOSE)) { + socket_cleanup(conn); + conn->close = 0; + } if (worker->s->hmax && worker->cp->res) { conn->inreslist = 1; @@ -1409,14 +1423,6 @@ static apr_status_t connection_cleanup(void *theconn) return APR_SUCCESS; } -static void socket_cleanup(proxy_conn_rec *conn) -{ - conn->sock = NULL; - conn->connection = NULL; - conn->ssl_hostname = NULL; - apr_pool_clear(conn->scpool); -} - PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn, request_rec *r) { @@ -2076,7 +2082,14 @@ PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **newsock, proxy_function, backend_addr->family, backend_name); if (conf->source_address) { - rv = apr_socket_bind(*newsock, conf->source_address); + apr_sockaddr_t *local_addr; + /* Make a copy since apr_socket_bind() could change + * conf->source_address, which we don't want. + */ + local_addr = apr_pmemdup(r->pool, conf->source_address, + sizeof(apr_sockaddr_t)); + local_addr->pool = r->pool; + rv = apr_socket_bind(*newsock, local_addr); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00938) "%s: failed to bind socket to local address", @@ -2752,9 +2765,9 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function, proxy_function, backend_addr->family, worker->s->hostname); if (conf->source_address_set) { - local_addr = apr_pmemdup(conn->pool, conf->source_address, + local_addr = apr_pmemdup(conn->scpool, conf->source_address, sizeof(apr_sockaddr_t)); - local_addr->pool = conn->pool; + local_addr->pool = conn->scpool; rv = apr_socket_bind(newsock, local_addr); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00956) @@ -2826,33 +2839,47 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function, connected = 1; } - /* - * Put the entire worker to error state if - * the PROXY_WORKER_IGNORE_ERRORS flag is not set. - * Altrough some connections may be alive - * no further connections to the worker could be made - */ - if (!connected && PROXY_WORKER_IS_USABLE(worker) && - !(worker->s->status & PROXY_WORKER_IGNORE_ERRORS)) { - worker->s->error_time = apr_time_now(); - worker->s->status |= PROXY_WORKER_IN_ERROR; - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(00959) - "ap_proxy_connect_backend disabling worker for (%s) for %" - APR_TIME_T_FMT "s", - worker->s->hostname, apr_time_sec(worker->s->retry)); + if (PROXY_WORKER_IS_USABLE(worker)) { + /* + * Put the entire worker to error state if + * the PROXY_WORKER_IGNORE_ERRORS flag is not set. + * Although some connections may be alive + * no further connections to the worker could be made + */ + if (!connected) { + if (!(worker->s->status & PROXY_WORKER_IGNORE_ERRORS)) { + worker->s->error_time = apr_time_now(); + worker->s->status |= PROXY_WORKER_IN_ERROR; + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(00959) + "ap_proxy_connect_backend disabling worker for (%s) for %" + APR_TIME_T_FMT "s", + worker->s->hostname, apr_time_sec(worker->s->retry)); + } + } + else { + if (worker->s->retries) { + /* + * A worker came back. So here is where we need to + * either reset all params to initial conditions or + * apply some sort of aging + */ + } + worker->s->error_time = 0; + worker->s->retries = 0; + } + return connected ? OK : DECLINED; } else { - if (worker->s->retries) { - /* - * A worker came back. So here is where we need to - * either reset all params to initial conditions or - * apply some sort of aging - */ + /* + * The worker is in error likely done by a different thread / process + * e.g. for a timeout or bad status. We should respect this and should + * not continue with a connection via this worker even if we got one. + */ + if (connected) { + socket_cleanup(conn); } - worker->s->error_time = 0; - worker->s->retries = 0; + return DECLINED; } - return connected ? OK : DECLINED; } static apr_status_t connection_shutdown(void *theconn) diff --git a/modules/session/mod_session_dbd.c b/modules/session/mod_session_dbd.c index cf65e5af..0be7306f 100644 --- a/modules/session/mod_session_dbd.c +++ b/modules/session/mod_session_dbd.c @@ -94,8 +94,11 @@ static apr_status_t dbd_init(request_rec *r, const char *query, ap_dbd_t **dbdp, /** * Load the session by the key specified. + * + * The session value is allocated using the passed apr_pool_t. */ -static apr_status_t dbd_load(request_rec * r, const char *key, const char **val) +static apr_status_t dbd_load(apr_pool_t *p, request_rec * r, + const char *key, const char **val) { apr_status_t rv; @@ -138,8 +141,7 @@ static apr_status_t dbd_load(request_rec * r, const char *key, const char **val) return APR_EGENERAL; } if (*val == NULL) { - *val = apr_pstrdup(r->pool, - apr_dbd_get_entry(dbd->driver, row, 0)); + *val = apr_pstrdup(p, apr_dbd_get_entry(dbd->driver, row, 0)); } /* we can't break out here or row won't get cleaned up */ } @@ -191,7 +193,7 @@ static apr_status_t session_dbd_load(request_rec * r, session_rec ** z) } /* first look in the notes */ - note = apr_pstrcat(r->pool, MOD_SESSION_DBD, name, NULL); + note = apr_pstrcat(m->pool, MOD_SESSION_DBD, name, NULL); zz = (session_rec *)apr_table_get(m->notes, note); if (zz) { *z = zz; @@ -204,7 +206,7 @@ static apr_status_t session_dbd_load(request_rec * r, session_rec ** z) /* load an RFC2109 or RFC2965 compliant cookie */ ap_cookie_read(r, name, &key, conf->remove); if (key) { - ret = dbd_load(r, key, &val); + ret = dbd_load(m->pool, r, key, &val); if (ret != APR_SUCCESS) { return ret; } @@ -215,7 +217,7 @@ static apr_status_t session_dbd_load(request_rec * r, session_rec ** z) /* load named session */ else if (conf->peruser) { if (r->user) { - ret = dbd_load(r, r->user, &val); + ret = dbd_load(m->pool, r, r->user, &val); if (ret != APR_SUCCESS) { return ret; } @@ -228,8 +230,8 @@ static apr_status_t session_dbd_load(request_rec * r, session_rec ** z) } /* create a new session and return it */ - zz = (session_rec *) apr_pcalloc(r->pool, sizeof(session_rec)); - zz->pool = r->pool; + zz = (session_rec *) apr_pcalloc(m->pool, sizeof(session_rec)); + zz->pool = m->pool; zz->entries = apr_table_make(zz->pool, 10); if (key && val) { apr_uuid_t *uuid = apr_pcalloc(zz->pool, sizeof(apr_uuid_t)); diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c index d0106992..4f0eeeae 100644 --- a/modules/slotmem/mod_slotmem_shm.c +++ b/modules/slotmem/mod_slotmem_shm.c @@ -25,23 +25,7 @@ #include "httpd.h" #include "http_main.h" -#ifdef AP_NEED_SET_MUTEX_PERMS -#include "unixd.h" -#endif - -#if APR_HAVE_UNISTD_H -#include /* for getpid() */ -#endif - -#if HAVE_SYS_SEM_H -#include -#if !defined(SHM_R) -#define SHM_R 0400 -#endif -#if !defined(SHM_W) -#define SHM_W 0200 -#endif -#endif +#include "ap_mpm.h" /* for ap_mpm_query() */ #define AP_SLOTMEM_IS_PREGRAB(t) (t->desc.type & AP_SLOTMEM_TYPE_PREGRAB) #define AP_SLOTMEM_IS_PERSIST(t) (t->desc.type & AP_SLOTMEM_TYPE_PERSIST) @@ -58,7 +42,8 @@ typedef struct { #define AP_UNSIGNEDINT_OFFSET (APR_ALIGN_DEFAULT(sizeof(unsigned int))) struct ap_slotmem_instance_t { - char *name; /* per segment name */ + char *name; /* file based SHM path/name */ + char *pname; /* persisted file path/name */ int fbased; /* filebased? */ void *shm; /* ptr to memory segment (apr_shm_t *) */ void *base; /* data set start */ @@ -86,6 +71,31 @@ static apr_pool_t *gpool = NULL; #define DEFAULT_SLOTMEM_SUFFIX ".shm" #define DEFAULT_SLOTMEM_PERSIST_SUFFIX ".persist" +/* Unixes (and Netware) have the unlink() semantic, which allows to + * apr_file_remove() a file still in use (opened elsewhere), the inode + * remains until the last fd is closed, whereas any file created with + * the same name/path will use a new inode. + * + * On windows and OS/2 ("\SHAREMEM\..." tree), apr_file_remove() marks + * the files for deletion until the last HANDLE is closed, meanwhile the + * same file/path can't be opened/recreated. + * Thus on graceful restart (the only restart mode with mpm_winnt), the + * old file may still exist until all the children stop, while we ought + * to create a new one for our new clear SHM. Therefore, we would only + * be able to reuse (attach) the old SHM, preventing some changes to + * the config file, like the number of balancers/members, since the + * size checks (to fit the new config) would fail. Let's avoid this by + * including the generation number in the SHM filename (obviously not + * the persisted name!) + */ +#ifndef SLOTMEM_UNLINK_SEMANTIC +#if defined(WIN32) || defined(OS2) +#define SLOTMEM_UNLINK_SEMANTIC 0 +#else +#define SLOTMEM_UNLINK_SEMANTIC 1 +#endif +#endif + /* * Persist the slotmem in a file * slotmem name and file name. @@ -94,29 +104,59 @@ static apr_pool_t *gpool = NULL; * /abs_name : $abs_name * */ - -static const char *slotmem_filename(apr_pool_t *pool, const char *slotmemname, - int persist) +static int slotmem_filenames(apr_pool_t *pool, + const char *slotname, + const char **filename, + const char **persistname) { - const char *fname; - if (!slotmemname || strcasecmp(slotmemname, "none") == 0) { - return NULL; - } - else if (slotmemname[0] != '/') { - const char *filenm = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, - slotmemname, DEFAULT_SLOTMEM_SUFFIX, - NULL); - fname = ap_runtime_dir_relative(pool, filenm); - } - else { - fname = slotmemname; + const char *fname = NULL, *pname = NULL; + + if (slotname && *slotname && strcasecmp(slotname, "none") != 0) { + if (slotname[0] != '/') { +#if !SLOTMEM_UNLINK_SEMANTIC + /* Each generation needs its own file name. */ + int generation = 0; + ap_mpm_query(AP_MPMQ_GENERATION, &generation); + fname = apr_psprintf(pool, "%s%s_%x%s", DEFAULT_SLOTMEM_PREFIX, + slotname, generation, DEFAULT_SLOTMEM_SUFFIX); +#else + /* Reuse the same file name for each generation. */ + fname = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, + slotname, DEFAULT_SLOTMEM_SUFFIX, + NULL); +#endif + fname = ap_runtime_dir_relative(pool, fname); + } + else { + /* Don't mangle the file name if given an absolute path, it's + * up to the caller to provide a unique name when necessary. + */ + fname = slotname; + } + + if (persistname) { + /* Persisted file names are immutable... */ +#if !SLOTMEM_UNLINK_SEMANTIC + if (slotname[0] != '/') { + pname = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, + slotname, DEFAULT_SLOTMEM_SUFFIX, + DEFAULT_SLOTMEM_PERSIST_SUFFIX, + NULL); + pname = ap_runtime_dir_relative(pool, pname); + } + else +#endif + pname = apr_pstrcat(pool, fname, + DEFAULT_SLOTMEM_PERSIST_SUFFIX, + NULL); + } } - if (persist) { - return apr_pstrcat(pool, fname, DEFAULT_SLOTMEM_PERSIST_SUFFIX, - NULL); + *filename = fname; + if (persistname) { + *persistname = pname; } - return fname; + return (fname != NULL); } static void slotmem_clearinuse(ap_slotmem_instance_t *slot) @@ -143,10 +183,8 @@ static void store_slotmem(ap_slotmem_instance_t *slotmem) apr_file_t *fp; apr_status_t rv; apr_size_t nbytes; - const char *storename; unsigned char digest[APR_MD5_DIGESTSIZE]; - - storename = slotmem_filename(slotmem->gpool, slotmem->name, 1); + const char *storename = slotmem->pname; ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(02334) "storing %s", storename); @@ -179,18 +217,15 @@ static void store_slotmem(ap_slotmem_instance_t *slotmem) } } -static apr_status_t restore_slotmem(void *ptr, const char *name, apr_size_t size, - apr_pool_t *pool) +static apr_status_t restore_slotmem(void *ptr, const char *storename, + apr_size_t size, apr_pool_t *pool) { - const char *storename; apr_file_t *fp; apr_size_t nbytes = size; apr_status_t rv = APR_SUCCESS; unsigned char digest[APR_MD5_DIGESTSIZE]; unsigned char digest2[APR_MD5_DIGESTSIZE]; - storename = slotmem_filename(pool, name, 1); - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(02335) "restoring %s", storename); @@ -246,15 +281,11 @@ static apr_status_t cleanup_slotmem(void *param) if (AP_SLOTMEM_IS_PERSIST(next)) { store_slotmem(next); } + apr_shm_destroy((apr_shm_t *)next->shm); if (next->fbased) { - const char *name; apr_shm_remove(next->name, next->gpool); - name = slotmem_filename(next->gpool, next->name, 0); - if (name) { - apr_file_remove(name, next->gpool); - } + apr_file_remove(next->name, next->gpool); } - apr_shm_destroy((apr_shm_t *)next->shm); next = next->next; } } @@ -295,25 +326,24 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool) { -/* void *slotmem = NULL; */ int fbased = 1; int restored = 0; char *ptr; sharedslotdesc_t desc; ap_slotmem_instance_t *res; ap_slotmem_instance_t *next = globallistmem; - const char *fname; + const char *fname, *pname = NULL; apr_shm_t *shm; apr_size_t basesize = (item_size * item_num); apr_size_t size = AP_SLOTMEM_OFFSET + AP_UNSIGNEDINT_OFFSET + (item_num * sizeof(char)) + basesize; + int persist = (type & AP_SLOTMEM_TYPE_PERSIST) != 0; apr_status_t rv; if (gpool == NULL) { return APR_ENOSHMAVAIL; } - fname = slotmem_filename(pool, name, 0); - if (fname) { + if (slotmem_filenames(pool, name, &fname, persist ? &pname : NULL)) { /* first try to attach to existing slotmem */ if (next) { for (;;) { @@ -399,8 +429,8 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new, * TODO: Error check the below... What error makes * sense if the restore fails? Any? */ - if (type & AP_SLOTMEM_TYPE_PERSIST) { - rv = restore_slotmem(ptr, fname, dsize, pool); + if (persist) { + rv = restore_slotmem(ptr, pname, dsize, pool); if (rv == APR_SUCCESS) { restored = 1; } @@ -417,6 +447,7 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new, res = (ap_slotmem_instance_t *) apr_pcalloc(gpool, sizeof(ap_slotmem_instance_t)); res->name = apr_pstrdup(gpool, fname); + res->pname = apr_pstrdup(gpool, pname); res->fbased = fbased; res->shm = shm; res->num_free = (unsigned int *)ptr; @@ -457,8 +488,7 @@ static apr_status_t slotmem_attach(ap_slotmem_instance_t **new, if (gpool == NULL) { return APR_ENOSHMAVAIL; } - fname = slotmem_filename(pool, name, 0); - if (!fname) { + if (!slotmem_filenames(pool, name, &fname, NULL)) { return APR_ENOSHMAVAIL; } diff --git a/modules/ssl/README.dsov.fig b/modules/ssl/README.dsov.fig index d8d03db2..77cd2ca2 100644 --- a/modules/ssl/README.dsov.fig +++ b/modules/ssl/README.dsov.fig @@ -339,7 +339,7 @@ Single 4 0 0 200 0 20 8 0.0000 4 90 465 11745 4770 ->method\001 4 0 0 200 0 20 8 0.0000 4 120 1665 9945 6480 X509_STORE_CTX_get_app_data()\001 4 0 0 200 0 20 8 0.0000 4 120 1215 10980 6705 SSL_CTX_get_cert_store()\001 -4 0 0 200 0 20 8 0.0000 4 120 1020 8280 5130 SSL_get_app_data2()\001 +4 0 0 200 0 20 8 0.0000 4 120 1020 8280 5130 modssl_get_app_data2()\001 4 0 0 100 0 18 20 0.0000 4 270 1290 10710 7605 OpenSSL\001 4 0 0 100 0 18 12 0.0000 4 180 720 10710 7785 [Crypto]\001 4 0 0 100 0 18 20 0.0000 4 270 1290 10935 3645 OpenSSL\001 diff --git a/modules/ssl/README.dsov.ps b/modules/ssl/README.dsov.ps index def19dbe..bcbf2687 100644 --- a/modules/ssl/README.dsov.ps +++ b/modules/ssl/README.dsov.ps @@ -1002,7 +1002,7 @@ gs 1 -1 sc (X509_STORE_CTX_get_app_data\(\)) col0 sh gr gs 1 -1 sc (SSL_CTX_get_cert_store\(\)) col0 sh gr /Helvetica-Narrow-iso ff 120.00 scf sf 8280 5130 m -gs 1 -1 sc (SSL_get_app_data2\(\)) col0 sh gr +gs 1 -1 sc (modssl_get_app_data2\(\)) col0 sh gr /Helvetica-Bold-iso ff 180.00 scf sf 3645 1620 m gs 1 -1 sc (SSLDirConfig) col0 sh gr diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c index 7e1c431d..41d7f9f7 100644 --- a/modules/ssl/mod_ssl.c +++ b/modules/ssl/mod_ssl.c @@ -125,10 +125,15 @@ static const command_rec ssl_config_cmds[] = { SSL_CMD_SRV(SessionCacheTimeout, TAKE1, "SSL Session Cache object lifetime " "('N' - number of seconds)") +#ifdef OPENSSL_NO_SSL3 +#define SSLv3_PROTO_PREFIX "" +#else +#define SSLv3_PROTO_PREFIX "SSLv3|" +#endif #ifdef HAVE_TLSV1_X -#define SSL_PROTOCOLS "SSLv3|TLSv1|TLSv1.1|TLSv1.2" +#define SSL_PROTOCOLS SSLv3_PROTO_PREFIX "TLSv1|TLSv1.1|TLSv1.2" #else -#define SSL_PROTOCOLS "SSLv3|TLSv1" +#define SSL_PROTOCOLS SSLv3_PROTO_PREFIX "TLSv1" #endif SSL_CMD_SRV(Protocol, RAW_ARGS, "Enable or disable various SSL protocols " @@ -340,6 +345,11 @@ static int ssl_hook_pre_config(apr_pool_t *pconf, OpenSSL_add_all_algorithms(); OPENSSL_load_builtin_modules(); + if (OBJ_txt2nid("id-on-dnsSRV") == NID_undef) { + (void)OBJ_create("1.3.6.1.5.5.7.8.7", "id-on-dnsSRV", + "SRVName otherName form"); + } + /* * Let us cleanup the ssl library when the module is unloaded */ @@ -480,7 +490,7 @@ int ssl_init_ssl_connection(conn_rec *c, request_rec *r) } SSL_set_app_data(ssl, c); - SSL_set_app_data2(ssl, NULL); /* will be request_rec */ + modssl_set_app_data2(ssl, NULL); /* will be request_rec */ sslconn->ssl = ssl; diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c index 8e8e7618..e5c70f39 100644 --- a/modules/ssl/ssl_engine_config.c +++ b/modules/ssl/ssl_engine_config.c @@ -111,7 +111,7 @@ static void modssl_ctx_init(modssl_ctx_t *mctx, apr_pool_t *p) mctx->ticket_key = NULL; #endif - mctx->protocol = SSL_PROTOCOL_ALL; + mctx->protocol = SSL_PROTOCOL_DEFAULT; mctx->protocol_set = 0; mctx->pphrase_dialog_type = SSL_PPTYPE_UNSET; @@ -612,7 +612,7 @@ const char *ssl_cmd_SSLRandomSeed(cmd_parms *cmd, seed->cpPath = ap_server_root_relative(mc->pPool, arg2+4); #else return apr_pstrcat(cmd->pool, "Invalid SSLRandomSeed entropy source `", - arg2, "': This version of " SSL_LIBRARY_NAME + arg2, "': This version of " MODSSL_LIBRARY_NAME " does not support the Entropy Gathering Daemon " "(EGD).", NULL); #endif @@ -709,7 +709,7 @@ const char *ssl_cmd_SSLCipherSuite(cmd_parms *cmd, SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg; /* always disable null and export ciphers */ - arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL); + arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL); if (cmd->path) { dc->szCipherSuite = arg; @@ -1343,7 +1343,15 @@ static const char *ssl_cmd_protocol_parse(cmd_parms *parms, } } else if (strcEQ(w, "SSLv3")) { +#ifdef OPENSSL_NO_SSL3 + if (action != '-') { + return "SSLv3 not supported by this version of OpenSSL"; + } + /* Nothing to do, the flag is not present to be toggled */ + continue; +#else thisopt = SSL_PROTOCOL_SSLV3; +#endif } else if (strcEQ(w, "TLSv1")) { thisopt = SSL_PROTOCOL_TLSV1; @@ -1421,7 +1429,7 @@ const char *ssl_cmd_SSLProxyCipherSuite(cmd_parms *cmd, SSLSrvConfigRec *sc = mySrvConfig(cmd->server); /* always disable null and export ciphers */ - arg = apr_pstrcat(cmd->pool, "!aNULL:!eNULL:!EXP:", arg, NULL); + arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL); sc->proxy->auth.cipher_suite = arg; @@ -1877,6 +1885,11 @@ const char *ssl_cmd_SSLOpenSSLConfCmd(cmd_parms *cmd, void *dcfg, return err; } + if (strcEQ(arg1, "CipherString")) { + /* always disable null and export ciphers */ + arg2 = apr_pstrcat(cmd->pool, arg2, ":!aNULL:!eNULL:!EXP", NULL); + } + param = apr_array_push(sc->server->ssl_ctx_param); param->name = arg1; param->value = arg2; diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 6baf2f51..8b26c353 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -142,12 +142,12 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, apr_status_t rv; apr_array_header_t *pphrases; - if (SSLeay() < SSL_LIBRARY_VERSION) { + if (SSLeay() < MODSSL_LIBRARY_VERSION) { ap_log_error(APLOG_MARK, APLOG_WARNING, 0, base_server, APLOGNO(01882) "Init: this version of mod_ssl was compiled against " "a newer library (%s, version currently loaded is %s)" " - may result in undefined or erroneous behavior", - SSL_LIBRARY_TEXT, SSLeay_version(SSLEAY_VERSION)); + MODSSL_LIBRARY_TEXT, SSLeay_version(SSLEAY_VERSION)); } /* We initialize mc->pid per-process in the child init, @@ -236,7 +236,7 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, #endif ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, APLOGNO(01883) - "Init: Initialized %s library", SSL_LIBRARY_NAME); + "Init: Initialized %s library", MODSSL_LIBRARY_NAME); /* * Seed the Pseudo Random Number Generator (PRNG) @@ -327,7 +327,7 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, */ ssl_add_version_components(p, base_server); - SSL_init_app_data2_idx(); /* for SSL_get_app_data2() at request time */ + modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */ init_dh_params(); @@ -471,7 +471,9 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, } cp = apr_pstrcat(p, +#ifndef OPENSSL_NO_SSL3 (protocol & SSL_PROTOCOL_SSLV3 ? "SSLv3, " : ""), +#endif (protocol & SSL_PROTOCOL_TLSV1 ? "TLSv1, " : ""), #ifdef HAVE_TLSV1_X (protocol & SSL_PROTOCOL_TLSV1_1 ? "TLSv1.1, " : ""), @@ -483,12 +485,15 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s, "Creating new SSL context (protocols: %s)", cp); +#ifndef OPENSSL_NO_SSL3 if (protocol == SSL_PROTOCOL_SSLV3) { method = mctx->pkp ? SSLv3_client_method() : /* proxy */ SSLv3_server_method(); /* server */ } - else if (protocol == SSL_PROTOCOL_TLSV1) { + else +#endif + if (protocol == SSL_PROTOCOL_TLSV1) { method = mctx->pkp ? TLSv1_client_method() : /* proxy */ TLSv1_server_method(); /* server */ @@ -519,9 +524,11 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, /* always disable SSLv2, as per RFC 6176 */ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); +#ifndef OPENSSL_NO_SSL3 if (!(protocol & SSL_PROTOCOL_SSLV3)) { SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); } +#endif if (!(protocol & SSL_PROTOCOL_TLSV1)) { SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1); @@ -625,6 +632,10 @@ static void ssl_init_ctx_callbacks(server_rec *s, SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH); SSL_CTX_set_info_callback(ctx, ssl_callback_Info); + +#ifdef HAVE_TLS_ALPN + SSL_CTX_set_alpn_select_cb(ctx, ssl_callback_alpn_select, NULL); +#endif } static apr_status_t ssl_init_ctx_verify(server_rec *s, @@ -726,11 +737,11 @@ static apr_status_t ssl_init_ctx_cipher_suite(server_rec *s, * Configure SSL Cipher Suite. Always disable NULL and export ciphers, * see also ssl_engine_config.c:ssl_cmd_SSLCipherSuite(). * OpenSSL's SSL_DEFAULT_CIPHER_LIST includes !aNULL:!eNULL from 0.9.8f, - * and !EXP from 0.9.8zf/1.0.1m/1.0.2a, so prepend them while we support + * and !EXP from 0.9.8zf/1.0.1m/1.0.2a, so append them while we support * earlier versions. */ suite = mctx->auth.cipher_suite ? mctx->auth.cipher_suite : - apr_pstrcat(ptemp, "!aNULL:!eNULL:!EXP:", SSL_DEFAULT_CIPHER_LIST, + apr_pstrcat(ptemp, SSL_DEFAULT_CIPHER_LIST, ":!aNULL:!eNULL:!EXP", NULL); ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, s, @@ -807,6 +818,65 @@ static apr_status_t ssl_init_ctx_crl(server_rec *s, return APR_SUCCESS; } +/* + * Read a file that optionally contains the server certificate in PEM + * format, possibly followed by a sequence of CA certificates that + * should be sent to the peer in the SSL Certificate message. + */ +static int use_certificate_chain( + SSL_CTX *ctx, char *file, int skipfirst, pem_password_cb *cb) +{ + BIO *bio; + X509 *x509; + unsigned long err; + int n; + + if ((bio = BIO_new(BIO_s_file_internal())) == NULL) + return -1; + if (BIO_read_filename(bio, file) <= 0) { + BIO_free(bio); + return -1; + } + /* optionally skip a leading server certificate */ + if (skipfirst) { + if ((x509 = PEM_read_bio_X509(bio, NULL, cb, NULL)) == NULL) { + BIO_free(bio); + return -1; + } + X509_free(x509); + } + /* free a perhaps already configured extra chain */ +#ifdef OPENSSL_NO_SSL_INTERN + SSL_CTX_clear_extra_chain_certs(ctx); +#else + if (ctx->extra_certs != NULL) { + sk_X509_pop_free((STACK_OF(X509) *)ctx->extra_certs, X509_free); + ctx->extra_certs = NULL; + } +#endif + /* create new extra chain by loading the certs */ + n = 0; + while ((x509 = PEM_read_bio_X509(bio, NULL, cb, NULL)) != NULL) { + if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) { + X509_free(x509); + BIO_free(bio); + return -1; + } + n++; + } + /* Make sure that only the error is just an EOF */ + if ((err = ERR_peek_error()) > 0) { + if (!( ERR_GET_LIB(err) == ERR_LIB_PEM + && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) { + BIO_free(bio); + return -1; + } + while (ERR_get_error() > 0) ; + } + BIO_free(bio); + return n; +} + static apr_status_t ssl_init_ctx_cert_chain(server_rec *s, apr_pool_t *p, apr_pool_t *ptemp, @@ -842,9 +912,7 @@ static apr_status_t ssl_init_ctx_cert_chain(server_rec *s, } } - n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, - (char *)chain, - skip_first, NULL); + n = use_certificate_chain(mctx->ssl_ctx, (char *)chain, skip_first, NULL); if (n < 0) { ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01903) "Failed to configure CA certificate chain!"); @@ -917,7 +985,7 @@ static void ssl_check_public_cert(server_rec *s, * Some information about the certificate(s) */ - if (SSL_X509_getBC(cert, &is_ca, &pathlen)) { + if (modssl_X509_getBC(cert, &is_ca, &pathlen)) { if (is_ca) { ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(01906) "%s server certificate is a CA certificate " @@ -932,8 +1000,8 @@ static void ssl_check_public_cert(server_rec *s, } } - if (SSL_X509_match_name(ptemp, cert, (const char *)s->server_hostname, - TRUE, s) == FALSE) { + if (modssl_X509_match_name(ptemp, cert, (const char *)s->server_hostname, + TRUE, s) == FALSE) { ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(01909) "%s server certificate does NOT include an ID " "which matches the server name", key_id); @@ -1198,6 +1266,30 @@ static apr_status_t ssl_init_ticket_key(server_rec *s, } #endif +static BOOL load_x509_info(apr_pool_t *ptemp, + STACK_OF(X509_INFO) *sk, + const char *filename) +{ + BIO *in; + + if (!(in = BIO_new(BIO_s_file()))) { + return FALSE; + } + + if (BIO_read_filename(in, filename) <= 0) { + BIO_free(in); + return FALSE; + } + + ERR_clear_error(); + + PEM_X509_INFO_read_bio(in, sk, NULL, NULL); + + BIO_free(in); + + return TRUE; +} + static apr_status_t ssl_init_proxy_certs(server_rec *s, apr_pool_t *p, apr_pool_t *ptemp, @@ -1220,11 +1312,30 @@ static apr_status_t ssl_init_proxy_certs(server_rec *s, sk = sk_X509_INFO_new_null(); if (pkp->cert_file) { - SSL_X509_INFO_load_file(ptemp, sk, pkp->cert_file); + load_x509_info(ptemp, sk, pkp->cert_file); } if (pkp->cert_path) { - SSL_X509_INFO_load_path(ptemp, sk, pkp->cert_path); + apr_dir_t *dir; + apr_finfo_t dirent; + apr_int32_t finfo_flags = APR_FINFO_TYPE|APR_FINFO_NAME; + + if (apr_dir_open(&dir, pkp->cert_path, ptemp) == APR_SUCCESS) { + while ((apr_dir_read(&dirent, finfo_flags, dir)) == APR_SUCCESS) { + const char *fullname; + + if (dirent.filetype == APR_DIR) { + continue; /* don't try to load directories */ + } + + fullname = apr_pstrcat(ptemp, + pkp->cert_path, "/", dirent.name, + NULL); + load_x509_info(ptemp, sk, fullname); + } + + apr_dir_close(dir); + } } if ((ncerts = sk_X509_INFO_num(sk)) <= 0) { @@ -1612,7 +1723,7 @@ static void ssl_init_PushCAList(STACK_OF(X509_NAME) *ca_list, ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02209) "CA certificate: %s", - SSL_X509_NAME_to_string(ptemp, name, 0)); + modssl_X509_NAME_to_string(ptemp, name, 0)); /* * note that SSL_load_client_CA_file() checks for duplicates, diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c index 1971400d..1e6c6184 100644 --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c @@ -28,6 +28,7 @@ core keeps dumping.'' -- Unknown */ #include "ssl_private.h" +#include "mod_ssl.h" #include "apr_date.h" /* _________________________________________________________________ @@ -297,6 +298,9 @@ typedef struct { apr_pool_t *pool; char buffer[AP_IOBUFSIZE]; ssl_filter_ctx_t *filter_ctx; +#ifdef HAVE_TLS_ALPN + int alpn_finished; /* 1 if ALPN has finished, 0 otherwise */ +#endif } bio_filter_in_ctx_t; /* @@ -317,7 +321,7 @@ static int char_buffer_read(char_buffer_t *buffer, char *in, int inl) } if (buffer->length > inl) { - /* we have have enough to fill the caller's buffer */ + /* we have enough to fill the caller's buffer */ memmove(in, buffer->value, inl); buffer->value += inl; buffer->length -= inl; @@ -992,7 +996,7 @@ static void ssl_filter_io_shutdown(ssl_filter_ctx_t *filter_ctx, } SSL_set_shutdown(ssl, shutdown_type); - SSL_smart_shutdown(ssl); + modssl_smart_shutdown(ssl); /* and finally log the fact that we've closed the connection */ if (APLOG_CS_IS_LEVEL(c, mySrvFromConn(c), loglevel)) { @@ -1077,7 +1081,9 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx) * IPv4 and IPv6 addresses are not permitted".) */ if (hostname_note && +#ifndef OPENSSL_NO_SSL3 sc->proxy->protocol != SSL_PROTOCOL_SSLV3 && +#endif apr_ipsubnet_create(&ip, hostname_note, NULL, c->pool) != APR_SUCCESS) { if (SSL_set_tlsext_host_name(filter_ctx->pssl, hostname_note)) { @@ -1120,8 +1126,8 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx) hostname_note) { apr_table_unset(c->notes, "proxy-request-hostname"); if (!cert - || SSL_X509_match_name(c->pool, cert, hostname_note, - TRUE, server) == FALSE) { + || modssl_X509_match_name(c->pool, cert, hostname_note, + TRUE, server) == FALSE) { proxy_ssl_check_peer_ok = FALSE; ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, c, APLOGNO(02411) "SSL Proxy: Peer certificate does not match " @@ -1412,6 +1418,41 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f, APR_BRIGADE_INSERT_TAIL(bb, bucket); } +#ifdef HAVE_TLS_ALPN + /* By this point, Application-Layer Protocol Negotiation (ALPN) should be + * completed (if our version of OpenSSL supports it). If we haven't already, + * find out which protocol was decided upon and inform other modules + * by calling alpn_proto_negotiated_hook. + */ + if (!inctx->alpn_finished) { + SSLConnRec *sslconn = myConnConfig(f->c); + const unsigned char *next_proto = NULL; + unsigned next_proto_len = 0; + const char *protocol; + + SSL_get0_alpn_selected(inctx->ssl, &next_proto, &next_proto_len); + if (next_proto && next_proto_len) { + protocol = apr_pstrmemdup(f->c->pool, (const char *)next_proto, + next_proto_len); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c, + APLOGNO(02836) "ALPN selected protocol: '%s'", + protocol); + + if (strcmp(protocol, ap_get_protocol(f->c))) { + status = ap_switch_protocol(f->c, NULL, sslconn->server, + protocol); + if (status != APR_SUCCESS) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, status, f->c, + APLOGNO(02908) "protocol switch to '%s' failed", + protocol); + return status; + } + } + } + inctx->alpn_finished = 1; + } +#endif + return APR_SUCCESS; } @@ -1893,6 +1934,9 @@ static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c, inctx->block = APR_BLOCK_READ; inctx->pool = c->pool; inctx->filter_ctx = filter_ctx; +#ifdef HAVE_TLS_ALPN + inctx->alpn_finished = 0; +#endif } /* The request_rec pointer is passed in here only to ensure that the @@ -2043,7 +2087,7 @@ long ssl_io_data_cb(BIO *bio, int cmd, if (rc >= 0) { ap_log_cserror(APLOG_MARK, APLOG_TRACE4, 0, c, s, "%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s", - SSL_LIBRARY_NAME, + MODSSL_LIBRARY_NAME, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"), rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"), bio, argp, @@ -2054,7 +2098,7 @@ long ssl_io_data_cb(BIO *bio, int cmd, else { ap_log_cserror(APLOG_MARK, APLOG_TRACE4, 0, c, s, "%s: I/O error, %d bytes expected to %s on BIO#%pp [mem: %pp]", - SSL_LIBRARY_NAME, argi, + MODSSL_LIBRARY_NAME, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"), bio, argp); } diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 5642009c..cd07b1bc 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -29,6 +29,7 @@ time I was too famous.'' -- Unknown */ #include "ssl_private.h" +#include "mod_ssl.h" #include "util_md5.h" static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn); @@ -171,19 +172,18 @@ int ssl_hook_ReadReq(request_rec *r) * original problem. */ if (r->proxyreq != PROXYREQ_PROXY && ap_is_initial_req(r)) { - if ((servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name))) { - char *host, *scope_id; - apr_port_t port; - apr_status_t rv; + server_rec *handshakeserver = sslconn->server; + SSLSrvConfigRec *hssc = mySrvConfig(handshakeserver); + if ((servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name))) { /* * The SNI extension supplied a hostname. So don't accept requests - * with either no hostname or a different hostname as this could - * cause us to end up in a different virtual host as the one that - * was used for the handshake causing different SSL parameters to - * be applied as SSLProtocol, SSLCACertificateFile/Path and - * SSLCADNRequestFile/Path cannot be renegotiated (SSLCA* due - * to current limitations in OpenSSL, see + * with either no hostname or a hostname that selected a different + * virtual host than the one used for the handshake, causing + * different SSL parameters to be applied, such as SSLProtocol, + * SSLCACertificateFile/Path and SSLCADNRequestFile/Path which + * cannot be renegotiated (SSLCA* due to current limitations in + * OpenSSL, see: * http://mail-archives.apache.org/mod_mbox/httpd-dev/200806.mbox/%3C48592955.2090303@velox.ch%3E * and * http://mail-archives.apache.org/mod_mbox/httpd-dev/201312.mbox/%3CCAKQ1sVNpOrdiBm-UPw1hEdSN7YQXRRjeaT-MCWbW_7mN%3DuFiOw%40mail.gmail.com%3E @@ -195,20 +195,21 @@ int ssl_hook_ReadReq(request_rec *r) " provided in HTTP request", servername); return HTTP_BAD_REQUEST; } - rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool); - if (rv != APR_SUCCESS || scope_id) { - return HTTP_BAD_REQUEST; - } - if (strcasecmp(host, servername)) { + if (r->server != handshakeserver) { + /* + * We are really not in Kansas anymore... + * The request does not select the virtual host that was + * selected by the SNI. + */ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02032) - "Hostname %s provided via SNI and hostname %s provided" - " via HTTP are different", servername, host); - return HTTP_BAD_REQUEST; + "Hostname %s provided via SNI and hostname %s provided" + " via HTTP select a different server", + servername, r->hostname); + return HTTP_MISDIRECTED_REQUEST; } } else if (((sc->strict_sni_vhost_check == SSL_ENABLED_TRUE) - || (mySrvConfig(sslconn->server))->strict_sni_vhost_check - == SSL_ENABLED_TRUE) + || hssc->strict_sni_vhost_check == SSL_ENABLED_TRUE) && r->connection->vhost_lookup_data) { /* * We are using a name based configuration here, but no hostname was @@ -228,7 +229,7 @@ int ssl_hook_ReadReq(request_rec *r) } } #endif - SSL_set_app_data2(ssl, r); + modssl_set_app_data2(ssl, r); /* * Log information about incoming HTTPS requests @@ -845,6 +846,11 @@ int ssl_hook_Access(request_rec *r) r->connection->keepalive = AP_CONN_CLOSE; return HTTP_FORBIDDEN; } + + /* Full renegotiation successfull, we now have handshaken with + * this server's parameters. + */ + sslconn->server = r->server; } /* @@ -1372,7 +1378,7 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx) SSL *ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); conn_rec *conn = (conn_rec *)SSL_get_app_data(ssl); - request_rec *r = (request_rec *)SSL_get_app_data2(ssl); + request_rec *r = (request_rec *)modssl_get_app_data2(ssl); server_rec *s = r ? r->server : mySrvFromConn(conn); SSLSrvConfigRec *sc = mySrvConfig(s); @@ -1641,7 +1647,7 @@ static void ssl_session_log(server_rec *s, const char *result, long timeout) { - char buf[SSL_SESSION_ID_STRING_LEN]; + char buf[MODSSL_SESSION_ID_STRING_LEN]; char timeout_str[56] = {'\0'}; if (!APLOGdebug(s)) { @@ -1657,7 +1663,7 @@ static void ssl_session_log(server_rec *s, "Inter-Process Session Cache: " "request=%s status=%s id=%s %s(session %s)", request, status, - SSL_SESSION_id2sz(id, idlen, buf, sizeof(buf)), + modssl_SSL_SESSION_id2sz(id, idlen, buf, sizeof(buf)), timeout_str, result); } @@ -1749,7 +1755,7 @@ SSL_SESSION *ssl_callback_GetSessionCacheEntry(SSL *ssl, /* * This callback function is executed by OpenSSL whenever a - * SSL_SESSION is removed from the the internal OpenSSL cache. + * SSL_SESSION is removed from the internal OpenSSL cache. * We use this to remove the SSL_SESSION in the inter-process * disk-cache, too. */ @@ -1798,32 +1804,32 @@ static void log_tracing_state(const SSL *ssl, conn_rec *c, */ if (where & SSL_CB_HANDSHAKE_START) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, - "%s: Handshake: start", SSL_LIBRARY_NAME); + "%s: Handshake: start", MODSSL_LIBRARY_NAME); } else if (where & SSL_CB_HANDSHAKE_DONE) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, - "%s: Handshake: done", SSL_LIBRARY_NAME); + "%s: Handshake: done", MODSSL_LIBRARY_NAME); } else if (where & SSL_CB_LOOP) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Loop: %s", - SSL_LIBRARY_NAME, SSL_state_string_long(ssl)); + MODSSL_LIBRARY_NAME, SSL_state_string_long(ssl)); } else if (where & SSL_CB_READ) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Read: %s", - SSL_LIBRARY_NAME, SSL_state_string_long(ssl)); + MODSSL_LIBRARY_NAME, SSL_state_string_long(ssl)); } else if (where & SSL_CB_WRITE) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Write: %s", - SSL_LIBRARY_NAME, SSL_state_string_long(ssl)); + MODSSL_LIBRARY_NAME, SSL_state_string_long(ssl)); } else if (where & SSL_CB_ALERT) { char *str = (where & SSL_CB_READ) ? "read" : "write"; ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Alert: %s:%s:%s", - SSL_LIBRARY_NAME, str, + MODSSL_LIBRARY_NAME, str, SSL_alert_type_string_long(rc), SSL_alert_desc_string_long(rc)); } @@ -1831,12 +1837,12 @@ static void log_tracing_state(const SSL *ssl, conn_rec *c, if (rc == 0) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Exit: failed in %s", - SSL_LIBRARY_NAME, SSL_state_string_long(ssl)); + MODSSL_LIBRARY_NAME, SSL_state_string_long(ssl)); } else if (rc < 0) { ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, c, "%s: Exit: error in %s", - SSL_LIBRARY_NAME, SSL_state_string_long(ssl)); + MODSSL_LIBRARY_NAME, SSL_state_string_long(ssl)); } } @@ -1903,23 +1909,29 @@ void ssl_callback_Info(const SSL *ssl, int where, int rc) #ifdef HAVE_TLSEXT /* - * This callback function is executed when OpenSSL encounters an extended + * This function sets the virtual host from an extended * client hello with a server name indication extension ("SNI", cf. RFC 6066). */ -int ssl_callback_ServerNameIndication(SSL *ssl, int *al, modssl_ctx_t *mctx) +static apr_status_t init_vhost(conn_rec *c, SSL *ssl) { - const char *servername = - SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); - conn_rec *c = (conn_rec *)SSL_get_app_data(ssl); - + const char *servername; + if (c) { + SSLConnRec *sslcon = myConnConfig(c); + + if (sslcon->server != c->base_server) { + /* already found the vhost */ + return APR_SUCCESS; + } + + servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); if (servername) { if (ap_vhost_iterate_given_conn(c, ssl_find_vhost, (void *)servername)) { ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02043) "SSL virtual host for servername %s found", servername); - return SSL_TLSEXT_ERR_OK; + return APR_SUCCESS; } else { ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02044) @@ -1949,8 +1961,20 @@ int ssl_callback_ServerNameIndication(SSL *ssl, int *al, modssl_ctx_t *mctx) "(using default/first virtual host)"); } } + + return APR_NOTFOUND; +} - return SSL_TLSEXT_ERR_NOACK; +/* + * This callback function is executed when OpenSSL encounters an extended + * client hello with a server name indication extension ("SNI", cf. RFC 6066). + */ +int ssl_callback_ServerNameIndication(SSL *ssl, int *al, modssl_ctx_t *mctx) +{ + conn_rec *c = (conn_rec *)SSL_get_app_data(ssl); + apr_status_t status = init_vhost(c, ssl); + + return (status == APR_SUCCESS)? SSL_TLSEXT_ERR_OK : SSL_TLSEXT_ERR_NOACK; } /* @@ -1962,50 +1986,10 @@ static int ssl_find_vhost(void *servername, conn_rec *c, server_rec *s) { SSLSrvConfigRec *sc; SSL *ssl; - BOOL found = FALSE; - apr_array_header_t *names; - int i; + BOOL found; SSLConnRec *sslcon; - /* check ServerName */ - if (!strcasecmp(servername, s->server_hostname)) { - found = TRUE; - } - - /* - * if not matched yet, check ServerAlias entries - * (adapted from vhost.c:matches_aliases()) - */ - if (!found) { - names = s->names; - if (names) { - char **name = (char **)names->elts; - for (i = 0; i < names->nelts; ++i) { - if (!name[i]) - continue; - if (!strcasecmp(servername, name[i])) { - found = TRUE; - break; - } - } - } - } - - /* if still no match, check ServerAlias entries with wildcards */ - if (!found) { - names = s->wild_names; - if (names) { - char **name = (char **)names->elts; - for (i = 0; i < names->nelts; ++i) { - if (!name[i]) - continue; - if (!ap_strcasecmp_match(servername, name[i])) { - found = TRUE; - break; - } - } - } - } + found = ssl_util_vhost_matches(servername, s); /* set SSL_CTX (if matched) */ sslcon = myConnConfig(c); @@ -2149,6 +2133,80 @@ int ssl_callback_SessionTicket(SSL *ssl, } #endif /* HAVE_TLS_SESSION_TICKETS */ +#ifdef HAVE_TLS_ALPN + +/* + * This callback function is executed when the TLS Application-Layer + * Protocol Negotiation Extension (ALPN, RFC 7301) is triggered by the Client + * Hello, giving a list of desired protocol names (in descending preference) + * to the server. + * The callback has to select a protocol name or return an error if none of + * the clients preferences is supported. + * The selected protocol does not have to be on the client list, according + * to RFC 7301, so no checks are performed. + * The client protocol list is serialized as length byte followed by ASCII + * characters (not null-terminated), followed by the next protocol name. + */ +int ssl_callback_alpn_select(SSL *ssl, + const unsigned char **out, unsigned char *outlen, + const unsigned char *in, unsigned int inlen, + void *arg) +{ + conn_rec *c = (conn_rec*)SSL_get_app_data(ssl); + SSLConnRec *sslconn = myConnConfig(c); + apr_array_header_t *client_protos; + const char *proposed; + size_t len; + int i; + + /* If the connection object is not available, + * then there's nothing for us to do. */ + if (c == NULL) { + return SSL_TLSEXT_ERR_OK; + } + + if (inlen == 0) { + /* someone tries to trick us? */ + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02837) + "ALPN client protocol list empty"); + return SSL_TLSEXT_ERR_ALERT_FATAL; + } + + client_protos = apr_array_make(c->pool, 0, sizeof(char *)); + for (i = 0; i < inlen; /**/) { + unsigned int plen = in[i++]; + if (plen + i > inlen) { + /* someone tries to trick us? */ + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02838) + "ALPN protocol identifier too long"); + return SSL_TLSEXT_ERR_ALERT_FATAL; + } + APR_ARRAY_PUSH(client_protos, char *) = + apr_pstrndup(c->pool, (const char *)in+i, plen); + i += plen; + } + + /* The order the callbacks are invoked from TLS extensions is, unfortunately + * not defined and older openssl versions do call ALPN selection before + * they callback the SNI. We need to make sure that we know which vhost + * we are dealing with so we respect the correct protocols. + */ + init_vhost(c, ssl); + + proposed = ap_select_protocol(c, NULL, sslconn->server, client_protos); + *out = (const unsigned char *)(proposed? proposed : ap_get_protocol(c)); + len = strlen((const char*)*out); + if (len > 255) { + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02840) + "ALPN negotiated protocol name too long"); + return SSL_TLSEXT_ERR_ALERT_FATAL; + } + *outlen = (unsigned char)len; + + return SSL_TLSEXT_ERR_OK; +} +#endif /* HAVE_TLS_ALPN */ + #ifdef HAVE_SRP int ssl_callback_SRPServerParams(SSL *ssl, int *ad, void *arg) diff --git a/modules/ssl/ssl_engine_log.c b/modules/ssl/ssl_engine_log.c index 2c87638f..d2f9ed0a 100644 --- a/modules/ssl/ssl_engine_log.c +++ b/modules/ssl/ssl_engine_log.c @@ -141,8 +141,8 @@ static void ssl_log_cert_error(const char *file, int line, int level, int maxdnlen = (HUGE_STRING_LEN - msglen - 300) / 2; BIO_puts(bio, " [subject: "); - name = SSL_X509_NAME_to_string(p, X509_get_subject_name(cert), - maxdnlen); + name = modssl_X509_NAME_to_string(p, X509_get_subject_name(cert), + maxdnlen); if (!strIsEmpty(name)) { BIO_puts(bio, name); } else { @@ -150,8 +150,8 @@ static void ssl_log_cert_error(const char *file, int line, int level, } BIO_puts(bio, " / issuer: "); - name = SSL_X509_NAME_to_string(p, X509_get_issuer_name(cert), - maxdnlen); + name = modssl_X509_NAME_to_string(p, X509_get_issuer_name(cert), + maxdnlen); if (!strIsEmpty(name)) { BIO_puts(bio, name); } else { diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c index e158a476..4099864f 100644 --- a/modules/ssl/ssl_engine_pphrase.c +++ b/modules/ssl/ssl_engine_pphrase.c @@ -222,7 +222,7 @@ apr_status_t ssl_load_encrypted_pkey(server_rec *s, apr_pool_t *p, int idx, * is not empty. */ ERR_clear_error(); - bReadable = ((pPrivateKey = SSL_read_PrivateKey(ppcb_arg.pkey_file, + bReadable = ((pPrivateKey = modssl_read_privatekey(ppcb_arg.pkey_file, NULL, ssl_pphrase_Handle_CB, &ppcb_arg)) != NULL ? TRUE : FALSE); diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 413f7fe1..0530eea4 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -62,7 +62,7 @@ static int ssl_is_https(conn_rec *c) } static const char var_interface[] = "mod_ssl/" AP_SERVER_BASEREVISION; -static char var_library_interface[] = SSL_LIBRARY_TEXT; +static char var_library_interface[] = MODSSL_LIBRARY_TEXT; static char *var_library = NULL; static apr_array_header_t *expr_peer_ext_list_fn(ap_expr_eval_ctx_t *ctx, @@ -115,7 +115,7 @@ void ssl_var_register(apr_pool_t *p) APR_REGISTER_OPTIONAL_FN(ssl_ext_list); /* Perform once-per-process library version determination: */ - var_library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT); + var_library = apr_pstrdup(p, MODSSL_LIBRARY_DYNTEXT); if ((cp = strchr(var_library, ' ')) != NULL) { *cp = '/'; @@ -336,7 +336,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r, result = (char *)SSL_get_version(ssl); } else if (ssl != NULL && strcEQ(var, "SESSION_ID")) { - char buf[SSL_SESSION_ID_STRING_LEN]; + char buf[MODSSL_SESSION_ID_STRING_LEN]; SSL_SESSION *pSession = SSL_get_session(ssl); if (pSession) { unsigned char *id; @@ -349,8 +349,8 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r, idlen = pSession->session_id_length; #endif - result = apr_pstrdup(p, SSL_SESSION_id2sz(id, idlen, - buf, sizeof(buf))); + result = apr_pstrdup(p, modssl_SSL_SESSION_id2sz(id, idlen, + buf, sizeof(buf))); } } else if(ssl != NULL && strcEQ(var, "SESSION_RESUMED")) { @@ -581,7 +581,7 @@ static char *ssl_var_lookup_ssl_cert_dn(apr_pool_t *p, X509_NAME *xsname, char * n =OBJ_obj2nid((ASN1_OBJECT *)X509_NAME_ENTRY_get_object(xsne)); if (n == ssl_var_lookup_ssl_cert_dn_rec[i].nid && idx-- == 0) { - result = SSL_X509_NAME_ENTRY_to_string(p, xsne); + result = modssl_X509_NAME_ENTRY_to_string(p, xsne); break; } } @@ -594,6 +594,7 @@ static char *ssl_var_lookup_ssl_cert_dn(apr_pool_t *p, X509_NAME *xsname, char * static char *ssl_var_lookup_ssl_cert_san(apr_pool_t *p, X509 *xs, char *var) { int type, numlen; + const char *onf = NULL; apr_array_header_t *entries; if (strcEQn(var, "Email_", 6)) { @@ -604,6 +605,20 @@ static char *ssl_var_lookup_ssl_cert_san(apr_pool_t *p, X509 *xs, char *var) type = GEN_DNS; var += 4; } + else if (strcEQn(var, "OTHER_", 6)) { + type = GEN_OTHERNAME; + var += 6; + if (strEQn(var, "msUPN_", 6)) { + var += 6; + onf = "msUPN"; + } + else if (strEQn(var, "dnsSRV_", 7)) { + var += 7; + onf = "id-on-dnsSRV"; + } + else + return NULL; + } else return NULL; @@ -612,11 +627,11 @@ static char *ssl_var_lookup_ssl_cert_san(apr_pool_t *p, X509 *xs, char *var) if ((numlen < 1) || (numlen > 4) || (numlen != strlen(var))) return NULL; - if (SSL_X509_getSAN(p, xs, type, atoi(var), &entries)) - /* return the first entry from this 1-element array */ - return APR_ARRAY_IDX(entries, 0, char *); + if (modssl_X509_getSAN(p, xs, type, onf, atoi(var), &entries)) + /* return the first entry from this 1-element array */ + return APR_ARRAY_IDX(entries, 0, char *); else - return NULL; + return NULL; } static char *ssl_var_lookup_ssl_cert_valid(apr_pool_t *p, ASN1_TIME *tm) @@ -737,7 +752,7 @@ static char *ssl_var_lookup_ssl_cert_rfc4523_cea(apr_pool_t *p, SSL *ssl) char *decimal = BN_bn2dec(bn); result = apr_pstrcat(p, "{ serialNumber ", decimal, ", issuer rdnSequence:\"", - SSL_X509_NAME_to_string(p, issuer, 0), "\" }", NULL); + modssl_X509_NAME_to_string(p, issuer, 0), "\" }", NULL); OPENSSL_free(decimal); BN_free(bn); } @@ -902,7 +917,7 @@ static void extract_dn(apr_table_t *t, apr_hash_t *nids, const char *pfx, apr_hash_set(count, &nid, sizeof nid, dup); key = apr_pstrcat(p, pfx, tag, NULL); } - value = SSL_X509_NAME_ENTRY_to_string(p, xsne); + value = modssl_X509_NAME_ENTRY_to_string(p, xsne); apr_table_setn(t, key, value); } } @@ -962,24 +977,31 @@ void modssl_var_extract_san_entries(apr_table_t *t, SSL *ssl, apr_pool_t *p) /* subjectAltName entries of the server certificate */ xs = SSL_get_certificate(ssl); if (xs) { - if (SSL_X509_getSAN(p, xs, GEN_EMAIL, -1, &entries)) { + if (modssl_X509_getSAN(p, xs, GEN_EMAIL, NULL, -1, &entries)) { extract_san_array(t, "SSL_SERVER_SAN_Email", entries, p); } - if (SSL_X509_getSAN(p, xs, GEN_DNS, -1, &entries)) { + if (modssl_X509_getSAN(p, xs, GEN_DNS, NULL, -1, &entries)) { extract_san_array(t, "SSL_SERVER_SAN_DNS", entries, p); } + if (modssl_X509_getSAN(p, xs, GEN_OTHERNAME, "id-on-dnsSRV", -1, + &entries)) { + extract_san_array(t, "SSL_SERVER_SAN_OTHER_dnsSRV", entries, p); + } /* no need to free xs (refcount does not increase) */ } /* subjectAltName entries of the client certificate */ xs = SSL_get_peer_certificate(ssl); if (xs) { - if (SSL_X509_getSAN(p, xs, GEN_EMAIL, -1, &entries)) { + if (modssl_X509_getSAN(p, xs, GEN_EMAIL, NULL, -1, &entries)) { extract_san_array(t, "SSL_CLIENT_SAN_Email", entries, p); } - if (SSL_X509_getSAN(p, xs, GEN_DNS, -1, &entries)) { + if (modssl_X509_getSAN(p, xs, GEN_DNS, NULL, -1, &entries)) { extract_san_array(t, "SSL_CLIENT_SAN_DNS", entries, p); } + if (modssl_X509_getSAN(p, xs, GEN_OTHERNAME, "msUPN", -1, &entries)) { + extract_san_array(t, "SSL_CLIENT_SAN_OTHER_msUPN", entries, p); + } X509_free(xs); } } diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h index 8f889971..dc4e61a6 100644 --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h @@ -182,6 +182,11 @@ #include #endif +/* ALPN Protocol Negotiation */ +#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) +#define HAVE_TLS_ALPN +#endif + #endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */ /* mod_ssl headers */ @@ -292,16 +297,27 @@ typedef int ssl_opt_t; * Define the SSL Protocol options */ #define SSL_PROTOCOL_NONE (0) -#define SSL_PROTOCOL_SSLV2 (1<<0) +#ifndef OPENSSL_NO_SSL3 #define SSL_PROTOCOL_SSLV3 (1<<1) +#endif #define SSL_PROTOCOL_TLSV1 (1<<2) +#ifndef OPENSSL_NO_SSL3 +#define SSL_PROTOCOL_BASIC (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) +#else +#define SSL_PROTOCOL_BASIC (SSL_PROTOCOL_TLSV1) +#endif #ifdef HAVE_TLSV1_X #define SSL_PROTOCOL_TLSV1_1 (1<<3) #define SSL_PROTOCOL_TLSV1_2 (1<<4) -#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1| \ +#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC| \ SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2) #else -#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) +#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC) +#endif +#ifndef OPENSSL_NO_SSL3 +#define SSL_PROTOCOL_DEFAULT (SSL_PROTOCOL_ALL & ~SSL_PROTOCOL_SSLV3) +#else +#define SSL_PROTOCOL_DEFAULT (SSL_PROTOCOL_ALL) #endif typedef int ssl_proto_t; @@ -798,6 +814,12 @@ int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int); #endif +#ifdef HAVE_TLS_ALPN +int ssl_callback_alpn_select(SSL *ssl, const unsigned char **out, + unsigned char *outlen, const unsigned char *in, + unsigned int inlen, void *arg); +#endif + /** Session Cache Support */ apr_status_t ssl_scache_init(server_rec *, apr_pool_t *); void ssl_scache_status_register(apr_pool_t *p); @@ -856,6 +878,8 @@ BOOL ssl_util_path_check(ssl_pathcheck_t, const char *, apr_pool_t *); void ssl_util_thread_setup(apr_pool_t *); int ssl_init_ssl_connection(conn_rec *c, request_rec *r); +BOOL ssl_util_vhost_matches(const char *servername, server_rec *s); + /** Pass Phrase Support */ apr_status_t ssl_load_encrypted_pkey(server_rec *, apr_pool_t *, int, const char *, apr_array_header_t **); diff --git a/modules/ssl/ssl_scache.c b/modules/ssl/ssl_scache.c index 2d365b22..70d18772 100644 --- a/modules/ssl/ssl_scache.c +++ b/modules/ssl/ssl_scache.c @@ -115,7 +115,7 @@ BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p) { SSLModConfigRec *mc = myModConfig(s); - unsigned char encoded[SSL_SESSION_MAX_DER], *ptr; + unsigned char encoded[MODSSL_SESSION_MAX_DER], *ptr; unsigned int len; apr_status_t rv; @@ -148,8 +148,8 @@ SSL_SESSION *ssl_scache_retrieve(server_rec *s, UCHAR *id, int idlen, apr_pool_t *p) { SSLModConfigRec *mc = myModConfig(s); - unsigned char dest[SSL_SESSION_MAX_DER]; - unsigned int destlen = SSL_SESSION_MAX_DER; + unsigned char dest[MODSSL_SESSION_MAX_DER]; + unsigned int destlen = MODSSL_SESSION_MAX_DER; const unsigned char *ptr; apr_status_t rv; diff --git a/modules/ssl/ssl_util.c b/modules/ssl/ssl_util.c index 476aa0b6..ddde3c74 100644 --- a/modules/ssl/ssl_util.c +++ b/modules/ssl/ssl_util.c @@ -60,6 +60,52 @@ char *ssl_util_vhostid(apr_pool_t *p, server_rec *s) return id; } +/* + * Return TRUE iff the given servername matches the server record when + * selecting virtual hosts. + */ +BOOL ssl_util_vhost_matches(const char *servername, server_rec *s) +{ + apr_array_header_t *names; + int i; + + /* check ServerName */ + if (!strcasecmp(servername, s->server_hostname)) { + return TRUE; + } + + /* + * if not matched yet, check ServerAlias entries + * (adapted from vhost.c:matches_aliases()) + */ + names = s->names; + if (names) { + char **name = (char **)names->elts; + for (i = 0; i < names->nelts; ++i) { + if (!name[i]) + continue; + if (!strcasecmp(servername, name[i])) { + return TRUE; + } + } + } + + /* if still no match, check ServerAlias entries with wildcards */ + names = s->wild_names; + if (names) { + char **name = (char **)names->elts; + for (i = 0; i < names->nelts; ++i) { + if (!name[i]) + continue; + if (!ap_strcasecmp_match(servername, name[i])) { + return TRUE; + } + } + } + + return FALSE; +} + apr_file_t *ssl_util_ppopen(server_rec *s, apr_pool_t *p, const char *cmd, const char * const *argv) { diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c index a1fca362..a7607c73 100644 --- a/modules/ssl/ssl_util_ssl.c +++ b/modules/ssl/ssl_util_ssl.c @@ -38,33 +38,33 @@ * also note that OpenSSL increments at static variable when * SSL_get_ex_new_index() is called, so we _must_ do this at startup. */ -static int SSL_app_data2_idx = -1; +static int app_data2_idx = -1; -void SSL_init_app_data2_idx(void) +void modssl_init_app_data2_idx(void) { int i; - if (SSL_app_data2_idx > -1) { + if (app_data2_idx > -1) { return; } /* we _do_ need to call this twice */ - for (i=0; i<=1; i++) { - SSL_app_data2_idx = + for (i = 0; i <= 1; i++) { + app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", NULL, NULL, NULL); } } -void *SSL_get_app_data2(SSL *ssl) +void *modssl_get_app_data2(SSL *ssl) { - return (void *)SSL_get_ex_data(ssl, SSL_app_data2_idx); + return (void *)SSL_get_ex_data(ssl, app_data2_idx); } -void SSL_set_app_data2(SSL *ssl, void *arg) +void modssl_set_app_data2(SSL *ssl, void *arg) { - SSL_set_ex_data(ssl, SSL_app_data2_idx, (char *)arg); + SSL_set_ex_data(ssl, app_data2_idx, (char *)arg); return; } @@ -74,7 +74,7 @@ void SSL_set_app_data2(SSL *ssl, void *arg) ** _________________________________________________________________ */ -EVP_PKEY *SSL_read_PrivateKey(const char* filename, EVP_PKEY **key, pem_password_cb *cb, void *s) +EVP_PKEY *modssl_read_privatekey(const char* filename, EVP_PKEY **key, pem_password_cb *cb, void *s) { EVP_PKEY *rc; BIO *bioS; @@ -121,7 +121,7 @@ EVP_PKEY *SSL_read_PrivateKey(const char* filename, EVP_PKEY **key, pem_password ** _________________________________________________________________ */ -int SSL_smart_shutdown(SSL *ssl) +int modssl_smart_shutdown(SSL *ssl) { int i; int rc; @@ -161,7 +161,7 @@ int SSL_smart_shutdown(SSL *ssl) */ /* retrieve basic constraints ingredients */ -BOOL SSL_X509_getBC(X509 *cert, int *ca, int *pathlen) +BOOL modssl_X509_getBC(X509 *cert, int *ca, int *pathlen) { BASIC_CONSTRAINTS *bc; BIGNUM *bn = NULL; @@ -191,7 +191,7 @@ BOOL SSL_X509_getBC(X509 *cert, int *ca, int *pathlen) } /* convert an ASN.1 string to a UTF-8 string (escaping control characters) */ -char *SSL_ASN1_STRING_to_utf8(apr_pool_t *p, ASN1_STRING *asn1str) +static char *asn1_string_to_utf8(apr_pool_t *p, ASN1_STRING *asn1str) { char *result = NULL; BIO *bio; @@ -213,9 +213,9 @@ char *SSL_ASN1_STRING_to_utf8(apr_pool_t *p, ASN1_STRING *asn1str) } /* convert a NAME_ENTRY to UTF8 string */ -char *SSL_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne) +char *modssl_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne) { - char *result = SSL_ASN1_STRING_to_utf8(p, X509_NAME_ENTRY_get_data(xsne)); + char *result = asn1_string_to_utf8(p, X509_NAME_ENTRY_get_data(xsne)); ap_xlate_proto_from_ascii(result, len); return result; } @@ -224,7 +224,7 @@ char *SSL_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne) * convert an X509_NAME to an RFC 2253 formatted string, optionally truncated * to maxlen characters (specify a maxlen of 0 for no length limit) */ -char *SSL_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen) +char *modssl_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen) { char *result = NULL; BIO *bio; @@ -252,19 +252,48 @@ char *SSL_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen) return result; } +static void parse_otherName_value(apr_pool_t *p, ASN1_TYPE *value, + const char *onf, apr_array_header_t **entries) +{ + const char *str; + int nid = onf ? OBJ_txt2nid(onf) : NID_undef; + + if (!value || (nid == NID_undef) || !*entries) + return; + + /* + * Currently supported otherName forms (values for "onf"): + * "msUPN" (1.3.6.1.4.1.311.20.2.3): Microsoft User Principal Name + * "id-on-dnsSRV" (1.3.6.1.5.5.7.8.7): SRVName, as specified in RFC 4985 + */ + if ((nid == NID_ms_upn) && (value->type == V_ASN1_UTF8STRING) && + (str = asn1_string_to_utf8(p, value->value.utf8string))) { + APR_ARRAY_PUSH(*entries, const char *) = str; + } else if (strEQ(onf, "id-on-dnsSRV") && + (value->type == V_ASN1_IA5STRING) && + (str = asn1_string_to_utf8(p, value->value.ia5string))) { + APR_ARRAY_PUSH(*entries, const char *) = str; + } +} + /* * Return an array of subjectAltName entries of type "type". If idx is -1, * return all entries of the given type, otherwise return an array consisting * of the n-th occurrence of that type only. Currently supported types: * GEN_EMAIL (rfc822Name) * GEN_DNS (dNSName) + * GEN_OTHERNAME (requires the otherName form ["onf"] argument to be supplied, + * see parse_otherName_value for the currently supported forms) */ -BOOL SSL_X509_getSAN(apr_pool_t *p, X509 *x509, int type, int idx, - apr_array_header_t **entries) +BOOL modssl_X509_getSAN(apr_pool_t *p, X509 *x509, int type, const char *onf, + int idx, apr_array_header_t **entries) { STACK_OF(GENERAL_NAME) *names; + int nid = onf ? OBJ_txt2nid(onf) : NID_undef; - if (!x509 || (type < GEN_OTHERNAME) || (type > GEN_RID) || (idx < -1) || + if (!x509 || (type < GEN_OTHERNAME) || + ((type == GEN_OTHERNAME) && (nid == NID_undef)) || + (type > GEN_RID) || (idx < -1) || !(*entries = apr_array_make(p, 0, sizeof(char *)))) { *entries = NULL; return FALSE; @@ -277,33 +306,43 @@ BOOL SSL_X509_getSAN(apr_pool_t *p, X509 *x509, int type, int idx, for (i = 0; i < sk_GENERAL_NAME_num(names); i++) { name = sk_GENERAL_NAME_value(names, i); - if (name->type == type) { - if ((idx == -1) || (n == idx)) { - switch (type) { - case GEN_EMAIL: - case GEN_DNS: - utf8str = SSL_ASN1_STRING_to_utf8(p, name->d.ia5); - if (utf8str) { - APR_ARRAY_PUSH(*entries, const char *) = utf8str; - } - break; - default: - /* - * Not implemented right now: - * GEN_OTHERNAME (otherName) - * GEN_X400 (x400Address) - * GEN_DIRNAME (directoryName) - * GEN_EDIPARTY (ediPartyName) - * GEN_URI (uniformResourceIdentifier) - * GEN_IPADD (iPAddress) - * GEN_RID (registeredID) - */ - break; + + if (name->type != type) + continue; + + switch (type) { + case GEN_EMAIL: + case GEN_DNS: + if (((idx == -1) || (n == idx)) && + (utf8str = asn1_string_to_utf8(p, name->d.ia5))) { + APR_ARRAY_PUSH(*entries, const char *) = utf8str; + } + n++; + break; + case GEN_OTHERNAME: + if (OBJ_obj2nid(name->d.otherName->type_id) == nid) { + if (((idx == -1) || (n == idx))) { + parse_otherName_value(p, name->d.otherName->value, + onf, entries); } + n++; } - if ((idx != -1) && (n++ > idx)) - break; + break; + default: + /* + * Not implemented right now: + * GEN_X400 (x400Address) + * GEN_DIRNAME (directoryName) + * GEN_EDIPARTY (ediPartyName) + * GEN_URI (uniformResourceIdentifier) + * GEN_IPADD (iPAddress) + * GEN_RID (registeredID) + */ + break; } + + if ((idx != -1) && (n > idx)) + break; } sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); @@ -313,14 +352,14 @@ BOOL SSL_X509_getSAN(apr_pool_t *p, X509 *x509, int type, int idx, } /* return an array of (RFC 6125 coined) DNS-IDs and CN-IDs in a certificate */ -BOOL SSL_X509_getIDs(apr_pool_t *p, X509 *x509, apr_array_header_t **ids) +static BOOL getIDs(apr_pool_t *p, X509 *x509, apr_array_header_t **ids) { X509_NAME *subj; int i = -1; /* First, the DNS-IDs (dNSName entries in the subjectAltName extension) */ if (!x509 || - (SSL_X509_getSAN(p, x509, GEN_DNS, -1, ids) == FALSE && !*ids)) { + (modssl_X509_getSAN(p, x509, GEN_DNS, NULL, -1, ids) == FALSE && !*ids)) { *ids = NULL; return FALSE; } @@ -329,7 +368,7 @@ BOOL SSL_X509_getIDs(apr_pool_t *p, X509 *x509, apr_array_header_t **ids) subj = X509_get_subject_name(x509); while ((i = X509_NAME_get_index_by_NID(subj, NID_commonName, i)) != -1) { APR_ARRAY_PUSH(*ids, const char *) = - SSL_X509_NAME_ENTRY_to_string(p, X509_NAME_get_entry(subj, i)); + modssl_X509_NAME_ENTRY_to_string(p, X509_NAME_get_entry(subj, i)); } return apr_is_empty_array(*ids) ? FALSE : TRUE; @@ -340,8 +379,8 @@ BOOL SSL_X509_getIDs(apr_pool_t *p, X509 *x509, apr_array_header_t **ids) * DNS-IDs and CN-IDs (RFC 6125), optionally with basic wildcard matching. * If server_rec is non-NULL, some (debug/trace) logging is enabled. */ -BOOL SSL_X509_match_name(apr_pool_t *p, X509 *x509, const char *name, - BOOL allow_wildcard, server_rec *s) +BOOL modssl_X509_match_name(apr_pool_t *p, X509 *x509, const char *name, + BOOL allow_wildcard, server_rec *s) { BOOL matched = FALSE; apr_array_header_t *ids; @@ -356,7 +395,7 @@ BOOL SSL_X509_match_name(apr_pool_t *p, X509 *x509, const char *name, * is found). */ - if (SSL_X509_getIDs(p, x509, &ids)) { + if (getIDs(p, x509, &ids)) { const char *cp; int i; char **id = (char **)ids->elts; @@ -387,7 +426,7 @@ BOOL SSL_X509_match_name(apr_pool_t *p, X509 *x509, const char *name, if (s) { ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s, - "[%s] SSL_X509_match_name: expecting name '%s', " + "[%s] modssl_X509_match_name: expecting name '%s', " "%smatched by ID '%s'", (mySrvConfig(s))->vhost_id, name, matched == TRUE ? "" : "NOT ", id[i]); @@ -411,73 +450,6 @@ BOOL SSL_X509_match_name(apr_pool_t *p, X509 *x509, const char *name, return matched; } -/* _________________________________________________________________ -** -** Low-Level CA Certificate Loading -** _________________________________________________________________ -*/ - -BOOL SSL_X509_INFO_load_file(apr_pool_t *ptemp, - STACK_OF(X509_INFO) *sk, - const char *filename) -{ - BIO *in; - - if (!(in = BIO_new(BIO_s_file()))) { - return FALSE; - } - - if (BIO_read_filename(in, filename) <= 0) { - BIO_free(in); - return FALSE; - } - - ERR_clear_error(); - - PEM_X509_INFO_read_bio(in, sk, NULL, NULL); - - BIO_free(in); - - return TRUE; -} - -BOOL SSL_X509_INFO_load_path(apr_pool_t *ptemp, - STACK_OF(X509_INFO) *sk, - const char *pathname) -{ - /* XXX: this dir read code is exactly the same as that in - * ssl_engine_init.c, only the call to handle the fullname is different, - * should fold the duplication. - */ - apr_dir_t *dir; - apr_finfo_t dirent; - apr_int32_t finfo_flags = APR_FINFO_TYPE|APR_FINFO_NAME; - const char *fullname; - BOOL ok = FALSE; - - if (apr_dir_open(&dir, pathname, ptemp) != APR_SUCCESS) { - return FALSE; - } - - while ((apr_dir_read(&dirent, finfo_flags, dir)) == APR_SUCCESS) { - if (dirent.filetype == APR_DIR) { - continue; /* don't try to load directories */ - } - - fullname = apr_pstrcat(ptemp, - pathname, "/", dirent.name, - NULL); - - if (SSL_X509_INFO_load_file(ptemp, sk, fullname)) { - ok = TRUE; - } - } - - apr_dir_close(dir); - - return ok; -} - /* _________________________________________________________________ ** ** Custom (EC)DH parameter support @@ -510,79 +482,14 @@ EC_GROUP *ssl_ec_GetParamFromFile(const char *file) } #endif -/* _________________________________________________________________ -** -** Extra Server Certificate Chain Support -** _________________________________________________________________ -*/ - -/* - * Read a file that optionally contains the server certificate in PEM - * format, possibly followed by a sequence of CA certificates that - * should be sent to the peer in the SSL Certificate message. - */ -int SSL_CTX_use_certificate_chain( - SSL_CTX *ctx, char *file, int skipfirst, pem_password_cb *cb) -{ - BIO *bio; - X509 *x509; - unsigned long err; - int n; - - if ((bio = BIO_new(BIO_s_file_internal())) == NULL) - return -1; - if (BIO_read_filename(bio, file) <= 0) { - BIO_free(bio); - return -1; - } - /* optionally skip a leading server certificate */ - if (skipfirst) { - if ((x509 = PEM_read_bio_X509(bio, NULL, cb, NULL)) == NULL) { - BIO_free(bio); - return -1; - } - X509_free(x509); - } - /* free a perhaps already configured extra chain */ -#ifdef OPENSSL_NO_SSL_INTERN - SSL_CTX_clear_extra_chain_certs(ctx); -#else - if (ctx->extra_certs != NULL) { - sk_X509_pop_free((STACK_OF(X509) *)ctx->extra_certs, X509_free); - ctx->extra_certs = NULL; - } -#endif - /* create new extra chain by loading the certs */ - n = 0; - while ((x509 = PEM_read_bio_X509(bio, NULL, cb, NULL)) != NULL) { - if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) { - X509_free(x509); - BIO_free(bio); - return -1; - } - n++; - } - /* Make sure that only the error is just an EOF */ - if ((err = ERR_peek_error()) > 0) { - if (!( ERR_GET_LIB(err) == ERR_LIB_PEM - && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) { - BIO_free(bio); - return -1; - } - while (ERR_get_error() > 0) ; - } - BIO_free(bio); - return n; -} - /* _________________________________________________________________ ** ** Session Stuff ** _________________________________________________________________ */ -char *SSL_SESSION_id2sz(unsigned char *id, int idlen, - char *str, int strsize) +char *modssl_SSL_SESSION_id2sz(unsigned char *id, int idlen, + char *str, int strsize) { if (idlen > SSL_MAX_SSL_SESSION_ID_LENGTH) idlen = SSL_MAX_SSL_SESSION_ID_LENGTH; diff --git a/modules/ssl/ssl_util_ssl.h b/modules/ssl/ssl_util_ssl.h index 8944702d..5f748319 100644 --- a/modules/ssl/ssl_util_ssl.h +++ b/modules/ssl/ssl_util_ssl.h @@ -38,41 +38,36 @@ * SSL library version number */ -#define SSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER -#define SSL_LIBRARY_NAME "OpenSSL" -#define SSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT -#define SSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION) +#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER +#define MODSSL_LIBRARY_NAME "OpenSSL" +#define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT +#define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION) /** * Maximum length of a DER encoded session. * FIXME: There is no define in OpenSSL, but OpenSSL uses 1024*10, * so this value should be ok. Although we have no warm feeling. */ -#define SSL_SESSION_MAX_DER 1024*10 +#define MODSSL_SESSION_MAX_DER 1024*10 -/** max length for SSL_SESSION_id2sz */ -#define SSL_SESSION_ID_STRING_LEN \ +/** max length for modssl_SSL_SESSION_id2sz */ +#define MODSSL_SESSION_ID_STRING_LEN \ ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2) /** * Additional Functions */ -void SSL_init_app_data2_idx(void); -void *SSL_get_app_data2(SSL *); -void SSL_set_app_data2(SSL *, void *); -EVP_PKEY *SSL_read_PrivateKey(const char *, EVP_PKEY **, pem_password_cb *, void *); -int SSL_smart_shutdown(SSL *ssl); -BOOL SSL_X509_getBC(X509 *, int *, int *); -char *SSL_ASN1_STRING_to_utf8(apr_pool_t *, ASN1_STRING *); -char *SSL_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne); -char *SSL_X509_NAME_to_string(apr_pool_t *, X509_NAME *, int); -BOOL SSL_X509_getSAN(apr_pool_t *, X509 *, int, int, apr_array_header_t **); -BOOL SSL_X509_getIDs(apr_pool_t *, X509 *, apr_array_header_t **); -BOOL SSL_X509_match_name(apr_pool_t *, X509 *, const char *, BOOL, server_rec *); -BOOL SSL_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); -BOOL SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); -int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, pem_password_cb *); -char *SSL_SESSION_id2sz(unsigned char *, int, char *, int); +void modssl_init_app_data2_idx(void); +void *modssl_get_app_data2(SSL *); +void modssl_set_app_data2(SSL *, void *); +EVP_PKEY *modssl_read_privatekey(const char *, EVP_PKEY **, pem_password_cb *, void *); +int modssl_smart_shutdown(SSL *ssl); +BOOL modssl_X509_getBC(X509 *, int *, int *); +char *modssl_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne); +char *modssl_X509_NAME_to_string(apr_pool_t *, X509_NAME *, int); +BOOL modssl_X509_getSAN(apr_pool_t *, X509 *, int, const char *, int, apr_array_header_t **); +BOOL modssl_X509_match_name(apr_pool_t *, X509 *, const char *, BOOL, server_rec *); +char *modssl_SSL_SESSION_id2sz(unsigned char *, int, char *, int); #endif /* __SSL_UTIL_SSL_H__ */ /** @} */ diff --git a/modules/test/mod_optional_fn_import.c b/modules/test/mod_optional_fn_import.c index a01a3e74..aba70e12 100644 --- a/modules/test/mod_optional_fn_import.c +++ b/modules/test/mod_optional_fn_import.c @@ -27,14 +27,14 @@ static APR_OPTIONAL_FN_TYPE(TestOptionalFn) *pfn; static int ImportLogTransaction(request_rec *r) { - if(pfn) + if (pfn) return pfn(r->the_request); return DECLINED; } static void ImportFnRetrieve(void) { - pfn=APR_RETRIEVE_OPTIONAL_FN(TestOptionalFn); + pfn = APR_RETRIEVE_OPTIONAL_FN(TestOptionalFn); } static void ImportRegisterHooks(apr_pool_t *p) diff --git a/os/win32/BaseAddr.ref b/os/win32/BaseAddr.ref index 678e7be1..c7a98e00 100644 --- a/os/win32/BaseAddr.ref +++ b/os/win32/BaseAddr.ref @@ -127,3 +127,4 @@ mod_optional_fn_import.so 0x70BC0000 0x00010000 mod_optional_hook_export.so 0x70BD0000 0x00010000 mod_optional_hook_import.so 0x70BE0000 0x00010000 mod_authnz_fcgi.so 0x70BF0000 0x00020000 +mod_http2.so 0x70C10000 0x00030000 diff --git a/server/core.c b/server/core.c index a3681719..37484b66 100644 --- a/server/core.c +++ b/server/core.c @@ -468,6 +468,9 @@ static void *create_core_server_config(apr_pool_t *a, server_rec *s) conf->trace_enable = AP_TRACE_UNSET; + conf->protocols = apr_array_make(a, 5, sizeof(const char *)); + conf->protocols_honor_order = -1; + return (void *)conf; } @@ -518,6 +521,12 @@ static void *merge_core_server_configs(apr_pool_t *p, void *basev, void *virtv) ? virt->merge_trailers : base->merge_trailers; + conf->protocols = ((virt->protocols->nelts > 0)? + virt->protocols : base->protocols); + conf->protocols_honor_order = ((virt->protocols_honor_order < 0)? + base->protocols_honor_order : + virt->protocols_honor_order); + return conf; } @@ -1097,7 +1106,7 @@ AP_DECLARE(apr_off_t) ap_get_limit_req_body(const request_rec *r) /***************************************************************** * * Commands... this module handles almost all of the NCSA httpd.conf - * commands, but most of the old srm.conf is in the the modules. + * commands, but most of the old srm.conf is in the modules. */ @@ -1230,8 +1239,8 @@ AP_DECLARE(const char *) ap_resolve_env(apr_pool_t *p, const char * word) } if (*s == '$') { - if (s[1] == '{' && (e = ap_strchr_c(s, '}'))) { - char *name = apr_pstrndup(p, s+2, e-s-2); + if (s[1] == '{' && (e = ap_strchr_c(s+2, '}'))) { + char *name = apr_pstrmemdup(p, s+2, e-s-2); word = NULL; if (server_config_defined_vars) word = apr_table_get(server_config_defined_vars, name); @@ -2084,7 +2093,7 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd, return unclosed_directive(cmd); } - limited_methods = apr_pstrndup(cmd->temp_pool, arg, endp - arg); + limited_methods = apr_pstrmemdup(cmd->temp_pool, arg, endp - arg); if (!limited_methods[0]) { return missing_container_arg(cmd); @@ -2101,7 +2110,7 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd, return "TRACE cannot be controlled by , see TraceEnable"; } else if (methnum == M_INVALID) { - /* method has not been registered yet, but resorce restriction + /* method has not been registered yet, but resource restriction * is always checked before method handling, so register it. */ methnum = ap_method_register(cmd->pool, @@ -3692,6 +3701,48 @@ static const char *set_trace_enable(cmd_parms *cmd, void *dummy, return NULL; } +static const char *set_protocols(cmd_parms *cmd, void *dummy, + const char *arg) +{ + core_server_config *conf = + ap_get_core_module_config(cmd->server->module_config); + const char **np; + const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE); + + if (err) { + return err; + } + + np = (const char **)apr_array_push(conf->protocols); + *np = arg; + + return NULL; +} + +static const char *set_protocols_honor_order(cmd_parms *cmd, void *dummy, + const char *arg) +{ + core_server_config *conf = + ap_get_core_module_config(cmd->server->module_config); + const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE); + + if (err) { + return err; + } + + if (strcasecmp(arg, "on") == 0) { + conf->protocols_honor_order = 1; + } + else if (strcasecmp(arg, "off") == 0) { + conf->protocols_honor_order = 0; + } + else { + return "ProtocolsHonorOrder must be 'on' or 'off'"; + } + + return NULL; +} + static apr_hash_t *errorlog_hash; static int log_constant_item(const ap_errorlog_info *info, const char *arg, @@ -4205,6 +4256,11 @@ AP_INIT_TAKE1("TraceEnable", set_trace_enable, NULL, RSRC_CONF, "'on' (default), 'off' or 'extended' to trace request body content"), AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF, "merge request trailers into request headers or not"), +AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF, + "Controls which protocols are allowed"), +AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL, RSRC_CONF, + "'off' (default) or 'on' to respect given order of protocols, " + "by default the client specified order determines selection"), { NULL } }; @@ -4936,6 +4992,61 @@ static void core_dump_config(apr_pool_t *p, server_rec *s) } } +static int core_upgrade_handler(request_rec *r) +{ + conn_rec *c = r->connection; + const char *upgrade = apr_table_get(r->headers_in, "Upgrade"); + + if (upgrade && *upgrade) { + const char *conn = apr_table_get(r->headers_in, "Connection"); + if (ap_find_token(r->pool, conn, "upgrade")) { + apr_array_header_t *offers = NULL; + const char *err; + + err = ap_parse_token_list_strict(r->pool, upgrade, &offers, 0); + if (err) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02910) + "parsing Upgrade header: %s", err); + return DECLINED; + } + + if (offers && offers->nelts > 0) { + const char *protocol = ap_select_protocol(c, r, r->server, + offers); + if (protocol && strcmp(protocol, ap_get_protocol(c))) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02909) + "Upgrade selects '%s'", protocol); + /* Let the client know what we are upgrading to. */ + apr_table_clear(r->headers_out); + apr_table_setn(r->headers_out, "Upgrade", protocol); + apr_table_setn(r->headers_out, "Connection", "Upgrade"); + + r->status = HTTP_SWITCHING_PROTOCOLS; + r->status_line = ap_get_status_line(r->status); + ap_send_interim_response(r, 1); + + ap_switch_protocol(c, r, r->server, protocol); + + /* make sure httpd closes the connection after this */ + c->keepalive = AP_CONN_CLOSE; + return DONE; + } + } + } + } + + return DECLINED; +} + +static int core_upgrade_storage(request_rec *r) +{ + if ((r->method_number == M_OPTIONS) && r->uri && (r->uri[0] == '*') && + (r->uri[1] == '\0')) { + return core_upgrade_handler(r); + } + return DECLINED; +} + static void register_hooks(apr_pool_t *p) { errorlog_hash = apr_hash_make(p); @@ -4958,10 +5069,12 @@ static void register_hooks(apr_pool_t *p) ap_hook_check_config(core_check_config,NULL,NULL,APR_HOOK_FIRST); ap_hook_test_config(core_dump_config,NULL,NULL,APR_HOOK_FIRST); ap_hook_translate_name(ap_core_translate,NULL,NULL,APR_HOOK_REALLY_LAST); + ap_hook_map_to_storage(core_upgrade_storage,NULL,NULL,APR_HOOK_REALLY_FIRST); ap_hook_map_to_storage(core_map_to_storage,NULL,NULL,APR_HOOK_REALLY_LAST); ap_hook_open_logs(ap_open_logs,NULL,NULL,APR_HOOK_REALLY_FIRST); ap_hook_child_init(core_child_init,NULL,NULL,APR_HOOK_REALLY_FIRST); ap_hook_child_init(ap_logs_child_init,NULL,NULL,APR_HOOK_MIDDLE); + ap_hook_handler(core_upgrade_handler,NULL,NULL,APR_HOOK_REALLY_FIRST); ap_hook_handler(default_handler,NULL,NULL,APR_HOOK_REALLY_LAST); /* FIXME: I suspect we can eliminate the need for these do_nothings - Ben */ ap_hook_type_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST); diff --git a/server/core_filters.c b/server/core_filters.c index 61dc2f0a..958055ba 100644 --- a/server/core_filters.c +++ b/server/core_filters.c @@ -48,7 +48,6 @@ #include "mpm_common.h" #include "scoreboard.h" #include "mod_core.h" -#include "mod_proxy.h" #include "ap_listen.h" #include "mod_so.h" /* for ap_find_loaded_module_symbol */ diff --git a/server/listen.c b/server/listen.c index 7950a100..1d9be83f 100644 --- a/server/listen.c +++ b/server/listen.c @@ -22,20 +22,41 @@ #include "ap_config.h" #include "httpd.h" +#include "http_main.h" #include "http_config.h" #include "http_core.h" #include "ap_listen.h" #include "http_log.h" #include "mpm_common.h" +#include +#if APR_HAVE_UNISTD_H +#include +#endif + /* we know core's module_index is 0 */ #undef APLOG_MODULE_INDEX #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX AP_DECLARE_DATA ap_listen_rec *ap_listeners = NULL; +/* Let ap_num_listen_buckets be global so that it can + * be printed by ap_log_mpm_common(), but keep the listeners + * buckets static since it is used only here to close them + * all (including duplicated) with ap_close_listeners(). + */ +AP_DECLARE_DATA int ap_num_listen_buckets; +static ap_listen_rec **ap_listen_buckets; + +/* Determine once, at runtime, whether or not SO_REUSEPORT + * is usable on this platform, and hence whether or not + * listeners can be duplicated (if configured). + */ +AP_DECLARE_DATA int ap_have_so_reuseport = -1; + static ap_listen_rec *old_listeners; static int ap_listenbacklog; +static int ap_listencbratio; static int send_buffer_size; static int receive_buffer_size; @@ -131,6 +152,23 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server) ap_sock_disable_nagle(s); #endif +#if defined(SO_REUSEPORT) + if (ap_have_so_reuseport) { + int thesock; + apr_os_sock_get(&thesock, s); + if (setsockopt(thesock, SOL_SOCKET, SO_REUSEPORT, + (void *)&one, sizeof(int)) < 0) { + stat = apr_get_netos_error(); + ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(02638) + "make_sock: for address %pI, apr_socket_opt_set: " + "(SO_REUSEPORT)", + server->bind_addr); + apr_socket_close(s); + return stat; + } + } +#endif + if ((stat = apr_socket_bind(s, server->bind_addr)) != APR_SUCCESS) { ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, stat, p, APLOGNO(00072) "make_sock: could not bind to address %pI", @@ -482,11 +520,7 @@ static int open_listeners(apr_pool_t *pool) } /* close the old listeners */ - for (lr = old_listeners; lr; lr = next) { - apr_socket_close(lr->sd); - lr->active = 0; - next = lr->next; - } + ap_close_listeners_ex(old_listeners); old_listeners = NULL; #if AP_NONBLOCK_WHEN_MULTI_LISTEN @@ -558,7 +592,7 @@ AP_DECLARE(int) ap_setup_listeners(server_rec *s) } if (open_listeners(s->process->pool)) { - return 0; + return 0; } for (lr = ap_listeners; lr; lr = lr->next) { @@ -582,15 +616,124 @@ AP_DECLARE(int) ap_setup_listeners(server_rec *s) return num_listeners; } -AP_DECLARE_NONSTD(void) ap_close_listeners(void) +AP_DECLARE(apr_status_t) ap_duplicate_listeners(apr_pool_t *p, server_rec *s, + ap_listen_rec ***buckets, + int *num_buckets) { + static int warn_once; + int i; + apr_status_t stat; + int use_nonblock = 0; ap_listen_rec *lr; - for (lr = ap_listeners; lr; lr = lr->next) { + if (*num_buckets < 1) { + *num_buckets = 1; + if (ap_listencbratio > 0) { +#ifdef _SC_NPROCESSORS_ONLN + if (ap_have_so_reuseport) { + int num_online_cores = sysconf(_SC_NPROCESSORS_ONLN), + val = num_online_cores / ap_listencbratio; + if (val > 1) { + *num_buckets = val; + } + ap_log_perror(APLOG_MARK, APLOG_INFO, 0, p, APLOGNO(02819) + "Using %i listeners bucket(s) based on %i " + "online CPU cores and a ratio of %i", + *num_buckets, num_online_cores, + ap_listencbratio); + } + else +#endif + if (!warn_once) { + ap_log_perror(APLOG_MARK, APLOG_WARNING, 0, p, APLOGNO(02820) + "ListenCoresBucketsRatio ignored without " + "SO_REUSEPORT and _SC_NPROCESSORS_ONLN " + "support: using a single listeners bucket"); + warn_once = 1; + } + } + } + + *buckets = apr_pcalloc(p, *num_buckets * sizeof(ap_listen_rec *)); + (*buckets)[0] = ap_listeners; + + for (i = 1; i < *num_buckets; i++) { + ap_listen_rec *last = NULL; + lr = ap_listeners; + while (lr) { + ap_listen_rec *duplr; + char *hostname; + apr_port_t port; + apr_sockaddr_t *sa; + duplr = apr_palloc(p, sizeof(ap_listen_rec)); + duplr->slave = NULL; + duplr->protocol = apr_pstrdup(p, lr->protocol); + hostname = apr_pstrdup(p, lr->bind_addr->hostname); + port = lr->bind_addr->port; + apr_sockaddr_info_get(&sa, hostname, APR_UNSPEC, port, 0, p); + duplr->bind_addr = sa; + duplr->next = NULL; + stat = apr_socket_create(&duplr->sd, duplr->bind_addr->family, + SOCK_STREAM, 0, p); + if (stat != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_CRIT, 0, p, APLOGNO(02640) + "ap_duplicate_listeners: for address %pI, " + "cannot duplicate a new socket!", + duplr->bind_addr); + return stat; + } + make_sock(p, duplr); +#if AP_NONBLOCK_WHEN_MULTI_LISTEN + use_nonblock = (ap_listeners && ap_listeners->next); + stat = apr_socket_opt_set(duplr->sd, APR_SO_NONBLOCK, use_nonblock); + if (stat != APR_SUCCESS) { + ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(02641) + "unable to control socket non-blocking status"); + return stat; + } +#endif + ap_apply_accept_filter(p, duplr, s); + + if (last == NULL) { + (*buckets)[i] = last = duplr; + } + else { + last->next = duplr; + last = duplr; + } + lr = lr->next; + } + } + + ap_listen_buckets = *buckets; + ap_num_listen_buckets = *num_buckets; + return APR_SUCCESS; +} + +AP_DECLARE_NONSTD(void) ap_close_listeners(void) +{ + int i; + + ap_close_listeners_ex(ap_listeners); + + /* Start from index 1 since either ap_duplicate_listeners() + * was called and ap_listen_buckets[0] == ap_listeners, or + * it wasn't and ap_num_listen_buckets == 0. + */ + for (i = 1; i < ap_num_listen_buckets; i++) { + ap_close_listeners_ex(ap_listen_buckets[i]); + } +} + +AP_DECLARE_NONSTD(void) ap_close_listeners_ex(ap_listen_rec *listeners) +{ + ap_listen_rec *lr; + for (lr = listeners; lr; lr = lr->next) { apr_socket_close(lr->sd); lr->active = 0; } } + AP_DECLARE_NONSTD(int) ap_close_selected_listeners(ap_slave_t *slave) { ap_listen_rec *lr; @@ -612,7 +755,43 @@ AP_DECLARE(void) ap_listen_pre_config(void) { old_listeners = ap_listeners; ap_listeners = NULL; + ap_listen_buckets = NULL; + ap_num_listen_buckets = 0; ap_listenbacklog = DEFAULT_LISTENBACKLOG; + ap_listencbratio = 0; + + /* Check once whether or not SO_REUSEPORT is supported. */ + if (ap_have_so_reuseport < 0) { + /* This is limited to Linux with defined SO_REUSEPORT (ie. 3.9+) for + * now since the implementation evenly distributes connections accross + * all the listening threads/processes. + * + * *BSDs have SO_REUSEPORT too but with a different semantic: the first + * wildcard address bound socket or the last non-wildcard address bound + * socket will receive connections (no evenness garantee); the rest of + * the sockets bound to the same port will not. + * This can't (always) work for httpd. + * + * TODO: latests DragonFlyBSD's SO_REUSEPORT (seems to?) have the same + * semantic as Linux, so we may need HAVE_SO_REUSEPORT available from + * configure.in some day. + */ +#if defined(SO_REUSEPORT) && defined(__linux__) + apr_socket_t *sock; + if (apr_socket_create(&sock, APR_UNSPEC, SOCK_STREAM, 0, + ap_pglobal) == APR_SUCCESS) { + int thesock, on = 1; + apr_os_sock_get(&thesock, sock); + ap_have_so_reuseport = (setsockopt(thesock, SOL_SOCKET, + SO_REUSEPORT, (void *)&on, + sizeof(int)) == 0); + apr_socket_close(sock); + } + else +#endif + ap_have_so_reuseport = 0; + + } } AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy, @@ -684,6 +863,26 @@ AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd, return NULL; } +AP_DECLARE_NONSTD(const char *) ap_set_listencbratio(cmd_parms *cmd, + void *dummy, + const char *arg) +{ + int b; + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + + if (err != NULL) { + return err; + } + + b = atoi(arg); + if (b < 1) { + return "ListenCoresBucketsRatio must be > 0"; + } + + ap_listencbratio = b; + return NULL; +} + AP_DECLARE_NONSTD(const char *) ap_set_send_buffer_size(cmd_parms *cmd, void *dummy, const char *arg) diff --git a/server/log.c b/server/log.c index 03de91a2..bfec379d 100644 --- a/server/log.c +++ b/server/log.c @@ -53,6 +53,7 @@ #include "http_main.h" #include "util_time.h" #include "ap_mpm.h" +#include "ap_listen.h" #if HAVE_GETTID #include @@ -497,8 +498,8 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *p /* plog */, * as stdin. This in turn would prevent the piped logger from * exiting. */ - apr_file_close(s_main->error_log); - s_main->error_log = stderr_log; + apr_file_close(s_main->error_log); + s_main->error_log = stderr_log; } } /* note that stderr may still need to be replaced with something @@ -624,7 +625,7 @@ static int log_ctime(const ap_errorlog_info *info, const char *arg, int time_len = buflen; int option = AP_CTIME_OPTION_NONE; - while(arg && *arg) { + while (arg && *arg) { switch (*arg) { case 'u': option |= AP_CTIME_OPTION_USEC; break; @@ -1536,6 +1537,15 @@ AP_DECLARE(void) ap_log_command_line(apr_pool_t *plog, server_rec *s) "Command line: '%s'", result); } +/* grab bag function to log commonly logged and shared info */ +AP_DECLARE(void) ap_log_mpm_common(server_rec *s) +{ + ap_log_error(APLOG_MARK, APLOG_DEBUG , 0, s, APLOGNO(02639) + "Using SO_REUSEPORT: %s (%d)", + ap_have_so_reuseport ? "yes" : "no", + ap_num_listen_buckets); +} + AP_DECLARE(void) ap_remove_pid(apr_pool_t *p, const char *rel_fname) { apr_status_t rv; diff --git a/server/mpm/config.m4 b/server/mpm/config.m4 index 07118bd9..6d3ab86b 100644 --- a/server/mpm/config.m4 +++ b/server/mpm/config.m4 @@ -60,7 +60,7 @@ case $host in esac dnl APACHE_MPM_SUPPORTED(name, supports-shared, is_threaded) -AC_DEFUN(APACHE_MPM_SUPPORTED,[ +AC_DEFUN([APACHE_MPM_SUPPORTED],[ if test "$2" = "yes"; then eval "ap_supported_mpm_$1=shared" ap_supported_shared_mpms="$ap_supported_shared_mpms $1 " @@ -73,7 +73,7 @@ AC_DEFUN(APACHE_MPM_SUPPORTED,[ ])dnl dnl APACHE_MPM_ENABLED(name) -AC_DEFUN(APACHE_MPM_ENABLED,[ +AC_DEFUN([APACHE_MPM_ENABLED],[ if ap_mpm_is_enabled $1; then : else diff --git a/server/mpm/event/event.c b/server/mpm/event/event.c index 9d68dd9b..cd70b7d9 100644 --- a/server/mpm/event/event.c +++ b/server/mpm/event/event.c @@ -59,6 +59,8 @@ #include "apr_want.h" #include "apr_version.h" +#include + #if APR_HAVE_UNISTD_H #include #endif @@ -336,16 +338,29 @@ typedef struct event_retained_data { /* * idle_spawn_rate is the number of children that will be spawned on the * next maintenance cycle if there aren't enough idle servers. It is - * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by - * without the need to spawn. + * maintained per listeners bucket, doubled up to MAX_SPAWN_RATE, and + * reset only when a cycle goes by without the need to spawn. */ - int idle_spawn_rate; + int *idle_spawn_rate; #ifndef MAX_SPAWN_RATE #define MAX_SPAWN_RATE (32) #endif int hold_off_on_exponential_spawning; + /* + * Current number of listeners buckets and maximum reached accross + * restarts (to size retained data according to dynamic num_buckets, + * eg. idle_spawn_rate). + */ + int num_buckets, max_buckets; } event_retained_data; static event_retained_data *retained; + +typedef struct event_child_bucket { + ap_pod_t *pod; + ap_listen_rec *listeners; +} event_child_bucket; +static event_child_bucket *all_buckets, /* All listeners buckets */ + *my_bucket; /* Current child bucket */ struct event_srv_cfg_s { struct timeout_queue *wc_q, @@ -354,8 +369,6 @@ struct event_srv_cfg_s { #define ID_FROM_CHILD_THREAD(c, t) ((c * thread_limit) + t) -static ap_pod_t *pod; - /* The event MPM respects a couple of runtime flags that can aid * in debugging. Setting the -DNO_DETACH flag will prevent the root process * from detaching from its controlling terminal. Additionally, setting @@ -1190,11 +1203,12 @@ static void check_infinite_requests(void) } } -static void close_listeners(int process_slot, int *closed) { +static void close_listeners(int process_slot, int *closed) +{ if (!*closed) { int i; disable_listensocks(process_slot); - ap_close_listeners(); + ap_close_listeners_ex(my_bucket->listeners); *closed = 1; dying = 1; ap_scoreboard_image->parent[process_slot].quiescing = 1; @@ -1235,7 +1249,7 @@ static apr_status_t init_pollset(apr_pool_t *p) int i = 0; listener_pollfd = apr_palloc(p, sizeof(apr_pollfd_t) * num_listensocks); - for (lr = ap_listeners; lr != NULL; lr = lr->next, i++) { + for (lr = my_bucket->listeners; lr != NULL; lr = lr->next, i++) { apr_pollfd_t *pfd; AP_DEBUG_ASSERT(i < num_listensocks); pfd = &listener_pollfd[i]; @@ -2216,13 +2230,14 @@ static void join_start_thread(apr_thread_t * start_thread_id) } } -static void child_main(int child_num_arg) +static void child_main(int child_num_arg, int child_bucket) { apr_thread_t **threads; apr_status_t rv; thread_starter *ts; apr_threadattr_t *thread_attr; apr_thread_t *start_thread_id; + int i; mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this * child initializes @@ -2231,6 +2246,14 @@ static void child_main(int child_num_arg) ap_fatal_signal_child_setup(ap_server_conf); apr_pool_create(&pchild, pconf); + /* close unused listeners and pods */ + for (i = 0; i < retained->num_buckets; i++) { + if (i != child_bucket) { + ap_close_listeners_ex(all_buckets[i].listeners); + ap_mpm_podx_close(all_buckets[i].pod); + } + } + /*stuff to do before we switch id's, so we have permissions. */ ap_reopen_scoreboard(pchild, NULL, 0); @@ -2340,7 +2363,7 @@ static void child_main(int child_num_arg) apr_signal(SIGTERM, dummy_signal_handler); /* Watch for any messages from the parent over the POD */ while (1) { - rv = ap_mpm_podx_check(pod); + rv = ap_mpm_podx_check(my_bucket->pod); if (rv == AP_MPM_PODX_NORESTART) { /* see if termination was triggered while we slept */ switch (terminate_mode) { @@ -2378,7 +2401,7 @@ static void child_main(int child_num_arg) clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0); } -static int make_child(server_rec * s, int slot) +static int make_child(server_rec * s, int slot, int bucket) { int pid; @@ -2387,10 +2410,14 @@ static int make_child(server_rec * s, int slot) } if (one_process) { + my_bucket = &all_buckets[0]; + set_signals(); event_note_child_started(slot, getpid()); - child_main(slot); + child_main(slot, 0); /* NOTREACHED */ + ap_assert(0); + return -1; } if ((pid = fork()) == -1) { @@ -2413,6 +2440,8 @@ static int make_child(server_rec * s, int slot) } if (!pid) { + my_bucket = &all_buckets[bucket]; + #ifdef HAVE_BINDPROCESSOR /* By default, AIX binds to a single processor. This bit unbinds * children which will then bind to another CPU. @@ -2427,10 +2456,12 @@ static int make_child(server_rec * s, int slot) RAISE_SIGSTOP(MAKE_CHILD); apr_signal(SIGTERM, just_die); - child_main(slot); + child_main(slot, bucket); /* NOTREACHED */ + ap_assert(0); + return -1; } - /* else */ + if (ap_scoreboard_image->parent[slot].pid != 0) { /* This new child process is squatting on the scoreboard * entry owned by an exiting child process, which cannot @@ -2440,6 +2471,7 @@ static int make_child(server_rec * s, int slot) } ap_scoreboard_image->parent[slot].quiescing = 0; ap_scoreboard_image->parent[slot].not_accepting = 0; + ap_scoreboard_image->parent[slot].bucket = bucket; event_note_child_started(slot, pid); return 0; } @@ -2453,14 +2485,14 @@ static void startup_children(int number_to_start) if (ap_scoreboard_image->parent[i].pid != 0) { continue; } - if (make_child(ap_server_conf, i) < 0) { + if (make_child(ap_server_conf, i, i % retained->num_buckets) < 0) { break; } --number_to_start; } } -static void perform_idle_server_maintenance(void) +static void perform_idle_server_maintenance(int child_bucket, int num_buckets) { int i, j; int idle_thread_count; @@ -2490,7 +2522,7 @@ static void perform_idle_server_maintenance(void) int child_threads_active = 0; if (i >= retained->max_daemons_limit - && totally_free_length == retained->idle_spawn_rate) + && totally_free_length == retained->idle_spawn_rate[child_bucket]) /* short cut if all active processes have been examined and * enough empty scoreboard slots have been found */ @@ -2517,7 +2549,8 @@ static void perform_idle_server_maintenance(void) if (ps->pid != 0) { /* XXX just set all_dead_threads in outer for loop if no pid? not much else matters */ if (status <= SERVER_READY && !ps->quiescing && !ps->not_accepting - && ps->generation == retained->my_generation) + && ps->generation == retained->my_generation + && ps->bucket == child_bucket) { ++idle_thread_count; } @@ -2528,8 +2561,8 @@ static void perform_idle_server_maintenance(void) } active_thread_count += child_threads_active; if (any_dead_threads - && totally_free_length < retained->idle_spawn_rate - && free_length < MAX_SPAWN_RATE + && totally_free_length < retained->idle_spawn_rate[child_bucket] + && free_length < MAX_SPAWN_RATE / num_buckets && (!ps->pid /* no process in the slot */ || ps->quiescing)) { /* or at least one is going away */ if (all_dead_threads) { @@ -2585,12 +2618,13 @@ static void perform_idle_server_maintenance(void) retained->max_daemons_limit = last_non_dead + 1; - if (idle_thread_count > max_spare_threads) { + if (idle_thread_count > max_spare_threads / num_buckets) { /* Kill off one child */ - ap_mpm_podx_signal(pod, AP_MPM_PODX_GRACEFUL); - retained->idle_spawn_rate = 1; + ap_mpm_podx_signal(all_buckets[child_bucket].pod, + AP_MPM_PODX_GRACEFUL); + retained->idle_spawn_rate[child_bucket] = 1; } - else if (idle_thread_count < min_spare_threads) { + else if (idle_thread_count < min_spare_threads / num_buckets) { /* terminate the free list */ if (free_length == 0) { /* scoreboard is full, can't fork */ @@ -2608,13 +2642,13 @@ static void perform_idle_server_maintenance(void) ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(00485) "scoreboard is full, not at MaxRequestWorkers"); } - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[child_bucket] = 1; } else { - if (free_length > retained->idle_spawn_rate) { - free_length = retained->idle_spawn_rate; + if (free_length > retained->idle_spawn_rate[child_bucket]) { + free_length = retained->idle_spawn_rate[child_bucket]; } - if (retained->idle_spawn_rate >= 8) { + if (retained->idle_spawn_rate[child_bucket] >= 8) { ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00486) "server seems busy, (you may need " "to increase StartServers, ThreadsPerChild " @@ -2624,7 +2658,7 @@ static void perform_idle_server_maintenance(void) idle_thread_count, total_non_dead); } for (i = 0; i < free_length; ++i) { - make_child(ap_server_conf, free_slots[i]); + make_child(ap_server_conf, free_slots[i], child_bucket); } /* the next time around we want to spawn twice as many if this * wasn't good enough, but not if we've just done a graceful @@ -2632,17 +2666,18 @@ static void perform_idle_server_maintenance(void) if (retained->hold_off_on_exponential_spawning) { --retained->hold_off_on_exponential_spawning; } - else if (retained->idle_spawn_rate < MAX_SPAWN_RATE) { - retained->idle_spawn_rate *= 2; + else if (retained->idle_spawn_rate[child_bucket] + < MAX_SPAWN_RATE / num_buckets) { + retained->idle_spawn_rate[child_bucket] *= 2; } } } else { - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[child_bucket] = 1; } } -static void server_main_loop(int remaining_children_to_start) +static void server_main_loop(int remaining_children_to_start, int num_buckets) { ap_generation_t old_gen; int child_slot; @@ -2686,23 +2721,26 @@ static void server_main_loop(int remaining_children_to_start) } /* non-fatal death... note that it's gone in the scoreboard. */ if (child_slot >= 0) { + process_score *ps; + for (i = 0; i < threads_per_child; i++) ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD, (request_rec *) NULL); event_note_child_killed(child_slot, 0, 0); - ap_scoreboard_image->parent[child_slot].quiescing = 0; + ps = &ap_scoreboard_image->parent[child_slot]; + ps->quiescing = 0; if (processed_status == APEXIT_CHILDSICK) { /* resource shortage, minimize the fork rate */ - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[ps->bucket] = 1; } else if (remaining_children_to_start && child_slot < ap_daemons_limit) { /* we're still doing a 1-for-1 replacement of dead * children with new children */ - make_child(ap_server_conf, child_slot); + make_child(ap_server_conf, child_slot, ps->bucket); --remaining_children_to_start; } } @@ -2713,7 +2751,9 @@ static void server_main_loop(int remaining_children_to_start) if (processed_status == APEXIT_CHILDSICK && old_gen == retained->my_generation) { /* resource shortage, minimize the fork rate */ - retained->idle_spawn_rate = 1; + for (i = 0; i < num_buckets; i++) { + retained->idle_spawn_rate[i] = 1; + } } #if APR_HAS_OTHER_CHILD } @@ -2752,13 +2792,17 @@ static void server_main_loop(int remaining_children_to_start) continue; } - perform_idle_server_maintenance(); + for (i = 0; i < num_buckets; i++) { + perform_idle_server_maintenance(i, num_buckets); + } } } static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) { + int num_buckets = retained->num_buckets; int remaining_children_to_start; + int i; ap_log_pid(pconf, ap_pid_fname); @@ -2775,9 +2819,18 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) restart_pending = shutdown_pending = 0; set_signals(); - /* Don't thrash... */ - if (max_spare_threads < min_spare_threads + threads_per_child) - max_spare_threads = min_spare_threads + threads_per_child; + + /* Don't thrash since num_buckets depends on the + * system and the number of online CPU cores... + */ + if (ap_daemons_limit < num_buckets) + ap_daemons_limit = num_buckets; + if (ap_daemons_to_start < num_buckets) + ap_daemons_to_start = num_buckets; + if (min_spare_threads < threads_per_child * num_buckets) + min_spare_threads = threads_per_child * num_buckets; + if (max_spare_threads < min_spare_threads + threads_per_child * num_buckets) + max_spare_threads = min_spare_threads + threads_per_child * num_buckets; /* If we're doing a graceful_restart then we're going to see a lot * of children exiting immediately when we get into the main loop @@ -2808,17 +2861,21 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00490) "Server built: %s", ap_get_server_built()); ap_log_command_line(plog, s); + ap_log_mpm_common(s); mpm_state = AP_MPMQ_RUNNING; - server_main_loop(remaining_children_to_start); + server_main_loop(remaining_children_to_start, num_buckets); mpm_state = AP_MPMQ_STOPPING; if (shutdown_pending && !retained->is_graceful) { /* Time to shut down: * Kill child processes, tell them to call child_exit, etc... */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, /* Start with SIGTERM */ event_note_child_killed); @@ -2839,7 +2896,10 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) /* Close our listeners, and then ask our children to do same */ ap_close_listeners(); - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_GRACEFUL); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_GRACEFUL); + } ap_relieve_child_processes(event_note_child_killed); if (!child_fatal) { @@ -2879,7 +2939,10 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) * way, try and make sure that all of our processes are * really dead. */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, event_note_child_killed); return DONE; @@ -2905,8 +2968,10 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) AP_SIG_GRACEFUL_STRING " received. Doing graceful restart"); /* wake up the children...time to die. But we'll have more soon */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_GRACEFUL); - + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_GRACEFUL); + } /* This is mostly for debugging... so that we know what is still * gracefully dealing with existing request. @@ -2918,7 +2983,10 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s) * and a SIGHUP, we may as well use the same signal, because some user * pthreads are stealing signals from us left and right. */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, /* Start with SIGTERM */ event_note_child_killed); @@ -2937,7 +3005,10 @@ static int event_open_logs(apr_pool_t * p, apr_pool_t * plog, { int startup = 0; int level_flags = 0; + int num_buckets = 0; + ap_listen_rec **listen_buckets; apr_status_t rv; + int i; pconf = p; @@ -2954,14 +3025,62 @@ static int event_open_logs(apr_pool_t * p, apr_pool_t * plog, return DONE; } - if (!one_process) { - if ((rv = ap_mpm_podx_open(pconf, &pod))) { + if (one_process) { + num_buckets = 1; + } + else if (retained->is_graceful) { + /* Preserve the number of buckets on graceful restarts. */ + num_buckets = retained->num_buckets; + } + if ((rv = ap_duplicate_listeners(pconf, ap_server_conf, + &listen_buckets, &num_buckets))) { + ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, + (startup ? NULL : s), + "could not duplicate listeners"); + return DONE; + } + + all_buckets = apr_pcalloc(pconf, num_buckets * sizeof(*all_buckets)); + for (i = 0; i < num_buckets; i++) { + if (!one_process && /* no POD in one_process mode */ + (rv = ap_mpm_podx_open(pconf, &all_buckets[i].pod))) { ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, (startup ? NULL : s), "could not open pipe-of-death"); return DONE; } + all_buckets[i].listeners = listen_buckets[i]; + } + + if (retained->max_buckets < num_buckets) { + int new_max, *new_ptr; + new_max = retained->max_buckets * 2; + if (new_max < num_buckets) { + new_max = num_buckets; + } + new_ptr = (int *)apr_palloc(ap_pglobal, new_max * sizeof(int)); + memcpy(new_ptr, retained->idle_spawn_rate, + retained->num_buckets * sizeof(int)); + retained->idle_spawn_rate = new_ptr; + retained->max_buckets = new_max; } + if (retained->num_buckets < num_buckets) { + int rate_max = 1; + /* If new buckets are added, set their idle spawn rate to + * the highest so far, so that they get filled as quickly + * as the existing ones. + */ + for (i = 0; i < retained->num_buckets; i++) { + if (rate_max < retained->idle_spawn_rate[i]) { + rate_max = retained->idle_spawn_rate[i]; + } + } + for (/* up to date i */; i < num_buckets; i++) { + retained->idle_spawn_rate[i] = rate_max; + } + } + retained->num_buckets = num_buckets; + /* for skiplist */ srand((unsigned int)apr_time_now()); return OK; @@ -2993,7 +3112,6 @@ static int event_pre_config(apr_pool_t * pconf, apr_pool_t * plog, if (!retained) { retained = ap_retained_data_create(userdata_key, sizeof(*retained)); retained->max_daemons_limit = -1; - retained->idle_spawn_rate = 1; } ++retained->module_loads; if (retained->module_loads == 2) { @@ -3007,6 +3125,7 @@ static int event_pre_config(apr_pool_t * pconf, apr_pool_t * plog, "atomics not working as expected - add32 of negative number"); return HTTP_INTERNAL_SERVER_ERROR; } + rv = apr_pollset_create(&event_pollset, 1, plog, APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY); if (rv != APR_SUCCESS) { @@ -3309,7 +3428,7 @@ static int event_check_config(apr_pool_t *p, apr_pool_t *plog, } /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */ - if (ap_daemons_to_start < 0) { + if (ap_daemons_to_start < 1) { if (startup) { ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00517) "WARNING: StartServers of %d not allowed, " diff --git a/server/mpm/mpmt_os2/mpmt_os2.c b/server/mpm/mpmt_os2/mpmt_os2.c index 3bd360d0..c1e122d7 100644 --- a/server/mpm/mpmt_os2/mpmt_os2.c +++ b/server/mpm/mpmt_os2/mpmt_os2.c @@ -24,7 +24,7 @@ * spawning children as required to ensure there are always ap_daemons_to_start * processes accepting connections. * - * Each child process consists of a a pool of worker threads and a + * Each child process consists of a pool of worker threads and a * main thread that accepts connections & passes them to the workers via * a work queue. The worker thread pool is dynamic, managed by a maintanence * thread so that the number of idle threads is kept between diff --git a/server/mpm/netware/mpm_netware.c b/server/mpm/netware/mpm_netware.c index ecd76c7c..74f2ecc6 100644 --- a/server/mpm/netware/mpm_netware.c +++ b/server/mpm/netware/mpm_netware.c @@ -916,6 +916,7 @@ static int netware_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00225) "Server built: %s", ap_get_server_built()); ap_log_command_line(plog, s); + ap_log_mpm_common(s); show_server_data(); mpm_state = AP_MPMQ_RUNNING; @@ -1202,7 +1203,7 @@ static int CommandLineInterpreter(scr_t screenID, const char *commandLine) ActivateScreen (getscreenhandle()); /* If an instance id was not given but the nlm is loaded in - protected space, then the the command belongs to the + protected space, then the command belongs to the OS address space instance to pass it on. */ pID = strstr (szcommandLine, "-p"); if ((pID == NULL) && nlmisloadedprotected()) diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c index ae0fd374..9d424c54 100644 --- a/server/mpm/prefork/prefork.c +++ b/server/mpm/prefork/prefork.c @@ -48,6 +48,8 @@ #include "ap_mmn.h" #include "apr_poll.h" +#include + #ifdef HAVE_TIME_H #include #endif @@ -86,14 +88,12 @@ /* config globals */ -static apr_proc_mutex_t *accept_mutex; static int ap_daemons_to_start=0; static int ap_daemons_min_free=0; static int ap_daemons_max_free=0; static int ap_daemons_limit=0; /* MaxRequestWorkers */ static int server_limit = 0; static int mpm_state = AP_MPMQ_STARTING; -static ap_pod_t *pod; /* data retained by prefork across load/unload of the module * allocated on first call to pre-config hook; located on @@ -125,6 +125,15 @@ typedef struct prefork_retained_data { } prefork_retained_data; static prefork_retained_data *retained; +typedef struct prefork_child_bucket { + ap_pod_t *pod; + ap_listen_rec *listeners; + apr_proc_mutex_t *mutex; +} prefork_child_bucket; +static int num_buckets; /* Number of listeners buckets */ +static prefork_child_bucket *all_buckets, /* All listeners buckets */ + *my_bucket; /* Current child bucket */ + #define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid) /* one_process --- debugging mode variable; can be set from the command line @@ -222,14 +231,14 @@ static void clean_child_exit(int code) prefork_note_child_killed(/* slot */ 0, 0, 0); } - ap_mpm_pod_close(pod); + ap_mpm_pod_close(my_bucket->pod); chdir_for_gprof(); exit(code); } -static void accept_mutex_on(void) +static apr_status_t accept_mutex_on(void) { - apr_status_t rv = apr_proc_mutex_lock(accept_mutex); + apr_status_t rv = apr_proc_mutex_lock(my_bucket->mutex); if (rv != APR_SUCCESS) { const char *msg = "couldn't grab the accept mutex"; @@ -243,11 +252,12 @@ static void accept_mutex_on(void) exit(APEXIT_CHILDFATAL); } } + return APR_SUCCESS; } -static void accept_mutex_off(void) +static apr_status_t accept_mutex_off(void) { - apr_status_t rv = apr_proc_mutex_unlock(accept_mutex); + apr_status_t rv = apr_proc_mutex_unlock(my_bucket->mutex); if (rv != APR_SUCCESS) { const char *msg = "couldn't release the accept mutex"; @@ -264,6 +274,7 @@ static void accept_mutex_off(void) exit(APEXIT_CHILDFATAL); } } + return APR_SUCCESS; } /* On some architectures it's safe to do unserialized accept()s in the single @@ -272,9 +283,9 @@ static void accept_mutex_off(void) * when it's safe in the single Listen case. */ #ifdef SINGLE_LISTEN_UNSERIALIZED_ACCEPT -#define SAFE_ACCEPT(stmt) do {if (ap_listeners->next) {stmt;}} while(0) +#define SAFE_ACCEPT(stmt) (ap_listeners->next ? (stmt) : APR_SUCCESS) #else -#define SAFE_ACCEPT(stmt) do {stmt;} while(0) +#define SAFE_ACCEPT(stmt) (stmt) #endif static int prefork_query(int query_code, int *result, apr_status_t *rv) @@ -352,7 +363,7 @@ static int volatile die_now = 0; static void stop_listening(int sig) { mpm_state = AP_MPMQ_STOPPING; - ap_close_listeners(); + ap_close_listeners_ex(my_bucket->listeners); /* For a graceful stop, we want the child to exit when done */ die_now = 1; @@ -477,7 +488,7 @@ static void set_signals(void) static int requests_this_child; static int num_listensocks = 0; -static void child_main(int child_num_arg) +static void child_main(int child_num_arg, int child_bucket) { #if APR_HAS_THREADS apr_thread_t *thd = NULL; @@ -521,18 +532,26 @@ static void child_main(int child_num_arg) apr_pool_create(&ptrans, pchild); apr_pool_tag(ptrans, "transaction"); + /* close unused listeners and pods */ + for (i = 0; i < num_buckets; i++) { + if (i != child_bucket) { + ap_close_listeners_ex(all_buckets[i].listeners); + ap_mpm_pod_close(all_buckets[i].pod); + } + } + /* needs to be done before we switch UIDs so we have permissions */ ap_reopen_scoreboard(pchild, NULL, 0); - lockfile = apr_proc_mutex_lockfile(accept_mutex); - status = apr_proc_mutex_child_init(&accept_mutex, - lockfile, - pchild); + status = SAFE_ACCEPT(apr_proc_mutex_child_init(&my_bucket->mutex, + apr_proc_mutex_lockfile(my_bucket->mutex), + pchild)); if (status != APR_SUCCESS) { + lockfile = apr_proc_mutex_lockfile(my_bucket->mutex); ap_log_error(APLOG_MARK, APLOG_EMERG, status, ap_server_conf, APLOGNO(00155) "Couldn't initialize cross-process lock in child " "(%s) (%s)", lockfile ? lockfile : "none", - apr_proc_mutex_name(accept_mutex)); + apr_proc_mutex_name(my_bucket->mutex)); clean_child_exit(APEXIT_CHILDFATAL); } @@ -554,7 +573,7 @@ static void child_main(int child_num_arg) clean_child_exit(APEXIT_CHILDSICK); /* assume temporary resource issue */ } - for (lr = ap_listeners, i = num_listensocks; i--; lr = lr->next) { + for (lr = my_bucket->listeners, i = num_listensocks; i--; lr = lr->next) { apr_pollfd_t pfd = { 0 }; pfd.desc_type = APR_POLL_SOCKET; @@ -612,7 +631,7 @@ static void child_main(int child_num_arg) if (num_listensocks == 1) { /* There is only one listener record, so refer to that one. */ - lr = ap_listeners; + lr = my_bucket->listeners; } else { /* multiple listening sockets - need to poll */ @@ -710,7 +729,7 @@ static void child_main(int child_num_arg) * while we were processing the connection or we are the lucky * idle server process that gets to die. */ - if (ap_mpm_pod_check(pod) == APR_SUCCESS) { /* selected as idle? */ + if (ap_mpm_pod_check(my_bucket->pod) == APR_SUCCESS) { /* selected as idle? */ die_now = 1; } else if (retained->my_generation != @@ -726,7 +745,7 @@ static void child_main(int child_num_arg) } -static int make_child(server_rec *s, int slot) +static int make_child(server_rec *s, int slot, int bucket) { int pid; @@ -735,6 +754,8 @@ static int make_child(server_rec *s, int slot) } if (one_process) { + my_bucket = &all_buckets[0]; + apr_signal(SIGHUP, sig_term); /* Don't catch AP_SIG_GRACEFUL in ONE_PROCESS mode :) */ apr_signal(SIGINT, sig_term); @@ -743,14 +764,15 @@ static int make_child(server_rec *s, int slot) #endif apr_signal(SIGTERM, sig_term); prefork_note_child_started(slot, getpid()); - child_main(slot); + child_main(slot, 0); /* NOTREACHED */ + ap_assert(0); + return -1; } (void) ap_update_child_status_from_indexes(slot, 0, SERVER_STARTING, (request_rec *) NULL); - #ifdef _OSD_POSIX /* BS2000 requires a "special" version of fork() before a setuid() call */ if ((pid = os_fork(ap_unixd_config.user_name)) == -1) { @@ -775,6 +797,8 @@ static int make_child(server_rec *s, int slot) } if (!pid) { + my_bucket = &all_buckets[bucket]; + #ifdef HAVE_BINDPROCESSOR /* by default AIX binds to a single processor * this bit unbinds children which will then bind to another cpu @@ -797,9 +821,10 @@ static int make_child(server_rec *s, int slot) * The pod is used for signalling the graceful restart. */ apr_signal(AP_SIG_GRACEFUL, stop_listening); - child_main(slot); + child_main(slot, bucket); } + ap_scoreboard_image->parent[slot].bucket = bucket; prefork_note_child_started(slot, pid); return 0; @@ -815,7 +840,7 @@ static void startup_children(int number_to_start) if (ap_scoreboard_image->servers[i][0].status != SERVER_DEAD) { continue; } - if (make_child(ap_server_conf, i) < 0) { + if (make_child(ap_server_conf, i, i % num_buckets) < 0) { break; } --number_to_start; @@ -824,6 +849,8 @@ static void startup_children(int number_to_start) static void perform_idle_server_maintenance(apr_pool_t *p) { + static int bucket_make_child_record = -1; + static int bucket_kill_child_record = -1; int i; int idle_count; worker_score *ws; @@ -874,7 +901,8 @@ static void perform_idle_server_maintenance(apr_pool_t *p) * shut down gracefully, in case it happened to pick up a request * while we were counting */ - ap_mpm_pod_signal(pod); + bucket_kill_child_record = (bucket_kill_child_record + 1) % num_buckets; + ap_mpm_pod_signal(all_buckets[bucket_kill_child_record].pod); retained->idle_spawn_rate = 1; } else if (idle_count < ap_daemons_min_free) { @@ -899,7 +927,10 @@ static void perform_idle_server_maintenance(apr_pool_t *p) idle_count, total_non_dead); } for (i = 0; i < free_length; ++i) { - make_child(ap_server_conf, free_slots[i]); + bucket_make_child_record++; + bucket_make_child_record %= num_buckets; + make_child(ap_server_conf, free_slots[i], + bucket_make_child_record); } /* the next time around we want to spawn twice as many if this * wasn't good enough, but not if we've just done a graceful @@ -925,18 +956,10 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) { int index; int remaining_children_to_start; - apr_status_t rv; + int i; ap_log_pid(pconf, ap_pid_fname); - /* Initialize cross-process accept lock */ - rv = ap_proc_mutex_create(&accept_mutex, NULL, AP_ACCEPT_MUTEX_TYPE, NULL, - s, _pconf, 0); - if (rv != APR_SUCCESS) { - mpm_state = AP_MPMQ_STOPPING; - return DONE; - } - if (!retained->is_graceful) { if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) { mpm_state = AP_MPMQ_STOPPING; @@ -953,12 +976,23 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) if (one_process) { AP_MONCONTROL(1); - make_child(ap_server_conf, 0); + make_child(ap_server_conf, 0, 0); /* NOTREACHED */ + ap_assert(0); + return DONE; } - else { - if (ap_daemons_max_free < ap_daemons_min_free + 1) /* Don't thrash... */ - ap_daemons_max_free = ap_daemons_min_free + 1; + + /* Don't thrash since num_buckets depends on the + * system and the number of online CPU cores... + */ + if (ap_daemons_limit < num_buckets) + ap_daemons_limit = num_buckets; + if (ap_daemons_to_start < num_buckets) + ap_daemons_to_start = num_buckets; + if (ap_daemons_min_free < num_buckets) + ap_daemons_min_free = num_buckets; + if (ap_daemons_max_free < ap_daemons_min_free + num_buckets) + ap_daemons_max_free = ap_daemons_min_free + num_buckets; /* If we're doing a graceful_restart then we're going to see a lot * of children exiting immediately when we get into the main loop @@ -989,9 +1023,12 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00164) "Server built: %s", ap_get_server_built()); ap_log_command_line(plog, s); + ap_log_mpm_common(s); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(00165) "Accept mutex: %s (default: %s)", - apr_proc_mutex_name(accept_mutex), + (all_buckets[0].mutex) + ? apr_proc_mutex_name(all_buckets[0].mutex) + : "none", apr_proc_mutex_defname()); mpm_state = AP_MPMQ_RUNNING; @@ -1048,7 +1085,8 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) /* we're still doing a 1-for-1 replacement of dead * children with new children */ - make_child(ap_server_conf, child_slot); + make_child(ap_server_conf, child_slot, + ap_get_scoreboard_process(child_slot)->bucket); --remaining_children_to_start; } #if APR_HAS_OTHER_CHILD @@ -1089,7 +1127,6 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) perform_idle_server_maintenance(pconf); } - } /* one_process */ mpm_state = AP_MPMQ_STOPPING; @@ -1122,7 +1159,9 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) ap_close_listeners(); /* kill off the idle ones */ - ap_mpm_pod_killpg(pod, retained->max_daemons_limit); + for (i = 0; i < num_buckets; i++) { + ap_mpm_pod_killpg(all_buckets[i].pod, retained->max_daemons_limit); + } /* Send SIGUSR1 to the active children */ active_children = 0; @@ -1196,7 +1235,9 @@ static int prefork_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) "Graceful restart requested, doing restart"); /* kill off the idle ones */ - ap_mpm_pod_killpg(pod, retained->max_daemons_limit); + for (i = 0; i < num_buckets; i++) { + ap_mpm_pod_killpg(all_buckets[i].pod, retained->max_daemons_limit); + } /* This is mostly for debugging... so that we know what is still * gracefully dealing with existing request. This will break @@ -1238,7 +1279,10 @@ static int prefork_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, { int startup = 0; int level_flags = 0; + ap_listen_rec **listen_buckets; apr_status_t rv; + char id[16]; + int i; pconf = p; @@ -1255,12 +1299,43 @@ static int prefork_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, return DONE; } - if ((rv = ap_mpm_pod_open(pconf, &pod))) { + if (one_process) { + num_buckets = 1; + } + else if (!retained->is_graceful) { /* Preserve the number of buckets + on graceful restarts. */ + num_buckets = 0; + } + if ((rv = ap_duplicate_listeners(pconf, ap_server_conf, + &listen_buckets, &num_buckets))) { ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, (startup ? NULL : s), - "could not open pipe-of-death"); + "could not duplicate listeners"); return DONE; } + all_buckets = apr_pcalloc(pconf, num_buckets * + sizeof(prefork_child_bucket)); + for (i = 0; i < num_buckets; i++) { + if (!one_process && /* no POD in one_process mode */ + (rv = ap_mpm_pod_open(pconf, &all_buckets[i].pod))) { + ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, + (startup ? NULL : s), + "could not open pipe-of-death"); + return DONE; + } + /* Initialize cross-process accept lock (safe accept needed only) */ + if ((rv = SAFE_ACCEPT((apr_snprintf(id, sizeof id, "%i", i), + ap_proc_mutex_create(&all_buckets[i].mutex, + NULL, AP_ACCEPT_MUTEX_TYPE, + id, s, pconf, 0))))) { + ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, + (startup ? NULL : s), + "could not create accept mutex"); + return DONE; + } + all_buckets[i].listeners = listen_buckets[i]; + } + return OK; } @@ -1409,7 +1484,7 @@ static int prefork_check_config(apr_pool_t *p, apr_pool_t *plog, } /* ap_daemons_to_start > ap_daemons_limit checked in prefork_run() */ - if (ap_daemons_to_start < 0) { + if (ap_daemons_to_start < 1) { if (startup) { ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00184) "WARNING: StartServers of %d not allowed, " diff --git a/server/mpm/winnt/mpm_winnt.c b/server/mpm/winnt/mpm_winnt.c index 957af639..853c38b8 100644 --- a/server/mpm/winnt/mpm_winnt.c +++ b/server/mpm/winnt/mpm_winnt.c @@ -360,6 +360,13 @@ static int send_handles_to_child(apr_pool_t *p, HANDLE hScore; apr_size_t BytesWritten; + if ((rv = apr_file_write_full(child_in, &my_generation, + sizeof(my_generation), NULL)) + != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf, APLOGNO(02964) + "Parent: Unable to send its generation to the child"); + return -1; + } if (!DuplicateHandle(hCurrentProcess, child_ready_event, hProcess, &hDup, EVENT_MODIFY_STATE | SYNCHRONIZE, FALSE, 0)) { ap_log_error(APLOG_MARK, APLOG_CRIT, apr_get_os_error(), ap_server_conf, APLOGNO(00392) @@ -1037,6 +1044,7 @@ static void winnt_rewrite_args(process_rec *process) { HANDLE filehand; HANDLE hproc = GetCurrentProcess(); + DWORD BytesRead; /* This is the child */ my_pid = GetCurrentProcessId(); @@ -1074,6 +1082,16 @@ static void winnt_rewrite_args(process_rec *process) * already */ + /* Read this child's generation number as soon as now, + * so that further hooks can query it. + */ + if (!ReadFile(pipe, &my_generation, sizeof(my_generation), + &BytesRead, (LPOVERLAPPED) NULL) + || (BytesRead != sizeof(my_generation))) { + ap_log_error(APLOG_MARK, APLOG_CRIT, apr_get_os_error(), NULL, APLOGNO(02965) + "Child: Unable to retrieve my generation from the parent"); + exit(APEXIT_CHILDINIT); + } /* The parent is responsible for providing the * COMPLETE ARGUMENTS REQUIRED to the child. @@ -1665,8 +1683,6 @@ static void winnt_child_init(apr_pool_t *pchild, struct server_rec *s) /* Done reading from the parent, close that channel */ CloseHandle(pipe); - - my_generation = ap_scoreboard_image->global->running_generation; } else { /* Single process mode - this lock doesn't even need to exist */ @@ -1723,6 +1739,7 @@ static int winnt_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s ) ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf, APLOGNO(00456) "Server built: %s", ap_get_server_built()); ap_log_command_line(plog, s); + ap_log_mpm_common(s); restart = master_main(ap_server_conf, shutdown_event, restart_event); diff --git a/server/mpm/worker/worker.c b/server/mpm/worker/worker.c index 408d3176..4a729c0d 100644 --- a/server/mpm/worker/worker.c +++ b/server/mpm/worker/worker.c @@ -30,6 +30,9 @@ #include "apr_thread_mutex.h" #include "apr_proc_mutex.h" #include "apr_poll.h" + +#include + #define APR_WANT_STRFUNC #include "apr_want.h" @@ -156,17 +159,31 @@ typedef struct worker_retained_data { /* * idle_spawn_rate is the number of children that will be spawned on the * next maintenance cycle if there aren't enough idle servers. It is - * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by - * without the need to spawn. + * maintained per listeners bucket, doubled up to MAX_SPAWN_RATE, and + * reset only when a cycle goes by without the need to spawn. */ - int idle_spawn_rate; + int *idle_spawn_rate; #ifndef MAX_SPAWN_RATE #define MAX_SPAWN_RATE (32) #endif int hold_off_on_exponential_spawning; + /* + * Current number of listeners buckets and maximum reached accross + * restarts (to size retained data according to dynamic num_buckets, + * eg. idle_spawn_rate). + */ + int num_buckets, max_buckets; } worker_retained_data; static worker_retained_data *retained; +typedef struct worker_child_bucket { + ap_pod_t *pod; + ap_listen_rec *listeners; + apr_proc_mutex_t *mutex; +} worker_child_bucket; +static worker_child_bucket *all_buckets, /* All listeners buckets */ + *my_bucket; /* Current child bucket */ + #define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid) /* The structure used to pass unique initialization info to each thread */ @@ -188,8 +205,6 @@ typedef struct { #define ID_FROM_CHILD_THREAD(c, t) ((c * thread_limit) + t) -static ap_pod_t *pod; - /* The worker MPM respects a couple of runtime flags that can aid * in debugging. Setting the -DNO_DETACH flag will prevent the root process * from detaching from its controlling terminal. Additionally, setting @@ -217,9 +232,6 @@ static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main static pid_t parent_pid; static apr_os_thread_t *listener_os_thread; -/* Locks for accept serialization */ -static apr_proc_mutex_t *accept_mutex; - #ifdef SINGLE_LISTEN_UNSERIALIZED_ACCEPT #define SAFE_ACCEPT(stmt) (ap_listeners->next ? (stmt) : APR_SUCCESS) #else @@ -701,7 +713,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) clean_child_exit(APEXIT_CHILDSICK); } - for (lr = ap_listeners; lr != NULL; lr = lr->next) { + for (lr = my_bucket->listeners; lr != NULL; lr = lr->next) { apr_pollfd_t pfd = { 0 }; pfd.desc_type = APR_POLL_SOCKET; @@ -758,7 +770,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) /* We've already decremented the idle worker count inside * ap_queue_info_wait_for_idler. */ - if ((rv = SAFE_ACCEPT(apr_proc_mutex_lock(accept_mutex))) + if ((rv = SAFE_ACCEPT(apr_proc_mutex_lock(my_bucket->mutex))) != APR_SUCCESS) { if (!listener_may_exit) { @@ -767,9 +779,9 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) break; /* skip the lock release */ } - if (!ap_listeners->next) { + if (!my_bucket->listeners->next) { /* Only one listener, so skip the poll */ - lr = ap_listeners; + lr = my_bucket->listeners; } else { while (!listener_may_exit) { @@ -839,7 +851,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) resource_shortage = 1; signal_threads(ST_GRACEFUL); } - if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(accept_mutex))) + if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(my_bucket->mutex))) != APR_SUCCESS) { if (listener_may_exit) { @@ -863,7 +875,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) } } else { - if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(accept_mutex))) + if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(my_bucket->mutex))) != APR_SUCCESS) { int level = APLOG_EMERG; @@ -880,7 +892,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy) } } - ap_close_listeners(); + ap_close_listeners_ex(my_bucket->listeners); ap_queue_term(worker_queue); dying = 1; ap_scoreboard_image->parent[process_slot].quiescing = 1; @@ -1210,13 +1222,14 @@ static void join_start_thread(apr_thread_t *start_thread_id) } } -static void child_main(int child_num_arg) +static void child_main(int child_num_arg, int child_bucket) { apr_thread_t **threads; apr_status_t rv; thread_starter *ts; apr_threadattr_t *thread_attr; apr_thread_t *start_thread_id; + int i; mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this * child initializes @@ -1225,12 +1238,20 @@ static void child_main(int child_num_arg) ap_fatal_signal_child_setup(ap_server_conf); apr_pool_create(&pchild, pconf); + /* close unused listeners and pods */ + for (i = 0; i < retained->num_buckets; i++) { + if (i != child_bucket) { + ap_close_listeners_ex(all_buckets[i].listeners); + ap_mpm_podx_close(all_buckets[i].pod); + } + } + /*stuff to do before we switch id's, so we have permissions.*/ ap_reopen_scoreboard(pchild, NULL, 0); - rv = SAFE_ACCEPT(apr_proc_mutex_child_init(&accept_mutex, - apr_proc_mutex_lockfile(accept_mutex), - pchild)); + rv = SAFE_ACCEPT(apr_proc_mutex_child_init(&my_bucket->mutex, + apr_proc_mutex_lockfile(my_bucket->mutex), + pchild)); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf, APLOGNO(00280) "Couldn't initialize cross-process lock in child"); @@ -1338,7 +1359,7 @@ static void child_main(int child_num_arg) apr_signal(SIGTERM, dummy_signal_handler); /* Watch for any messages from the parent over the POD */ while (1) { - rv = ap_mpm_podx_check(pod); + rv = ap_mpm_podx_check(my_bucket->pod); if (rv == AP_MPM_PODX_NORESTART) { /* see if termination was triggered while we slept */ switch(terminate_mode) { @@ -1376,7 +1397,7 @@ static void child_main(int child_num_arg) clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0); } -static int make_child(server_rec *s, int slot) +static int make_child(server_rec *s, int slot, int bucket) { int pid; @@ -1385,10 +1406,14 @@ static int make_child(server_rec *s, int slot) } if (one_process) { + my_bucket = &all_buckets[0]; + set_signals(); worker_note_child_started(slot, getpid()); - child_main(slot); + child_main(slot, 0); /* NOTREACHED */ + ap_assert(0); + return -1; } if ((pid = fork()) == -1) { @@ -1410,6 +1435,8 @@ static int make_child(server_rec *s, int slot) } if (!pid) { + my_bucket = &all_buckets[bucket]; + #ifdef HAVE_BINDPROCESSOR /* By default, AIX binds to a single processor. This bit unbinds * children which will then bind to another CPU. @@ -1424,10 +1451,12 @@ static int make_child(server_rec *s, int slot) RAISE_SIGSTOP(MAKE_CHILD); apr_signal(SIGTERM, just_die); - child_main(slot); + child_main(slot, bucket); /* NOTREACHED */ + ap_assert(0); + return -1; } - /* else */ + if (ap_scoreboard_image->parent[slot].pid != 0) { /* This new child process is squatting on the scoreboard * entry owned by an exiting child process, which cannot @@ -1436,6 +1465,7 @@ static int make_child(server_rec *s, int slot) worker_note_child_lost_slot(slot, pid); } ap_scoreboard_image->parent[slot].quiescing = 0; + ap_scoreboard_image->parent[slot].bucket = bucket; worker_note_child_started(slot, pid); return 0; } @@ -1449,14 +1479,14 @@ static void startup_children(int number_to_start) if (ap_scoreboard_image->parent[i].pid != 0) { continue; } - if (make_child(ap_server_conf, i) < 0) { + if (make_child(ap_server_conf, i, i % retained->num_buckets) < 0) { break; } --number_to_start; } } -static void perform_idle_server_maintenance(void) +static void perform_idle_server_maintenance(int child_bucket, int num_buckets) { int i, j; int idle_thread_count; @@ -1485,7 +1515,7 @@ static void perform_idle_server_maintenance(void) int all_dead_threads = 1; int child_threads_active = 0; - if (i >= retained->max_daemons_limit && totally_free_length == retained->idle_spawn_rate) + if (i >= retained->max_daemons_limit && totally_free_length == retained->idle_spawn_rate[child_bucket]) /* short cut if all active processes have been examined and * enough empty scoreboard slots have been found */ @@ -1513,7 +1543,8 @@ static void perform_idle_server_maintenance(void) loop if no pid? not much else matters */ if (status <= SERVER_READY && !ps->quiescing && - ps->generation == retained->my_generation) { + ps->generation == retained->my_generation && + ps->bucket == child_bucket) { ++idle_thread_count; } if (status >= SERVER_READY && status < SERVER_GRACEFUL) { @@ -1522,8 +1553,8 @@ static void perform_idle_server_maintenance(void) } } active_thread_count += child_threads_active; - if (any_dead_threads && totally_free_length < retained->idle_spawn_rate - && free_length < MAX_SPAWN_RATE + if (any_dead_threads && totally_free_length < retained->idle_spawn_rate[child_bucket] + && free_length < MAX_SPAWN_RATE / num_buckets && (!ps->pid /* no process in the slot */ || ps->quiescing)) { /* or at least one is going away */ if (all_dead_threads) { @@ -1579,12 +1610,13 @@ static void perform_idle_server_maintenance(void) retained->max_daemons_limit = last_non_dead + 1; - if (idle_thread_count > max_spare_threads) { + if (idle_thread_count > max_spare_threads / num_buckets) { /* Kill off one child */ - ap_mpm_podx_signal(pod, AP_MPM_PODX_GRACEFUL); - retained->idle_spawn_rate = 1; + ap_mpm_podx_signal(all_buckets[child_bucket].pod, + AP_MPM_PODX_GRACEFUL); + retained->idle_spawn_rate[child_bucket] = 1; } - else if (idle_thread_count < min_spare_threads) { + else if (idle_thread_count < min_spare_threads / num_buckets) { /* terminate the free list */ if (free_length == 0) { /* scoreboard is full, can't fork */ @@ -1615,13 +1647,13 @@ static void perform_idle_server_maintenance(void) ap_server_conf, APLOGNO(00288) "scoreboard is full, not at MaxRequestWorkers"); } - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[child_bucket] = 1; } else { - if (free_length > retained->idle_spawn_rate) { - free_length = retained->idle_spawn_rate; + if (free_length > retained->idle_spawn_rate[child_bucket]) { + free_length = retained->idle_spawn_rate[child_bucket]; } - if (retained->idle_spawn_rate >= 8) { + if (retained->idle_spawn_rate[child_bucket] >= 8) { ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00289) "server seems busy, (you may need " @@ -1632,7 +1664,7 @@ static void perform_idle_server_maintenance(void) idle_thread_count, total_non_dead); } for (i = 0; i < free_length; ++i) { - make_child(ap_server_conf, free_slots[i]); + make_child(ap_server_conf, free_slots[i], child_bucket); } /* the next time around we want to spawn twice as many if this * wasn't good enough, but not if we've just done a graceful @@ -1640,17 +1672,18 @@ static void perform_idle_server_maintenance(void) if (retained->hold_off_on_exponential_spawning) { --retained->hold_off_on_exponential_spawning; } - else if (retained->idle_spawn_rate < MAX_SPAWN_RATE) { - retained->idle_spawn_rate *= 2; + else if (retained->idle_spawn_rate[child_bucket] + < MAX_SPAWN_RATE / num_buckets) { + retained->idle_spawn_rate[child_bucket] *= 2; } } } else { - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[child_bucket] = 1; } } -static void server_main_loop(int remaining_children_to_start) +static void server_main_loop(int remaining_children_to_start, int num_buckets) { ap_generation_t old_gen; int child_slot; @@ -1694,22 +1727,25 @@ static void server_main_loop(int remaining_children_to_start) } /* non-fatal death... note that it's gone in the scoreboard. */ if (child_slot >= 0) { + process_score *ps; + for (i = 0; i < threads_per_child; i++) ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD, (request_rec *) NULL); worker_note_child_killed(child_slot, 0, 0); - ap_scoreboard_image->parent[child_slot].quiescing = 0; + ps = &ap_scoreboard_image->parent[child_slot]; + ps->quiescing = 0; if (processed_status == APEXIT_CHILDSICK) { /* resource shortage, minimize the fork rate */ - retained->idle_spawn_rate = 1; + retained->idle_spawn_rate[ps->bucket] = 1; } else if (remaining_children_to_start && child_slot < ap_daemons_limit) { /* we're still doing a 1-for-1 replacement of dead * children with new children */ - make_child(ap_server_conf, child_slot); + make_child(ap_server_conf, child_slot, ps->bucket); --remaining_children_to_start; } } @@ -1719,7 +1755,9 @@ static void server_main_loop(int remaining_children_to_start) if (processed_status == APEXIT_CHILDSICK && old_gen == retained->my_generation) { /* resource shortage, minimize the fork rate */ - retained->idle_spawn_rate = 1; + for (i = 0; i < num_buckets; i++) { + retained->idle_spawn_rate[i] = 1; + } } #if APR_HAS_OTHER_CHILD } @@ -1758,25 +1796,20 @@ static void server_main_loop(int remaining_children_to_start) continue; } - perform_idle_server_maintenance(); + for (i = 0; i < num_buckets; i++) { + perform_idle_server_maintenance(i, num_buckets); + } } } static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) { + int num_buckets = retained->num_buckets; int remaining_children_to_start; - apr_status_t rv; + int i; ap_log_pid(pconf, ap_pid_fname); - /* Initialize cross-process accept lock */ - rv = ap_proc_mutex_create(&accept_mutex, NULL, AP_ACCEPT_MUTEX_TYPE, NULL, - s, _pconf, 0); - if (rv != APR_SUCCESS) { - mpm_state = AP_MPMQ_STOPPING; - return DONE; - } - if (!retained->is_graceful) { if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) { mpm_state = AP_MPMQ_STOPPING; @@ -1790,9 +1823,18 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) restart_pending = shutdown_pending = 0; set_signals(); - /* Don't thrash... */ - if (max_spare_threads < min_spare_threads + threads_per_child) - max_spare_threads = min_spare_threads + threads_per_child; + + /* Don't thrash since num_buckets depends on the + * system and the number of online CPU cores... + */ + if (ap_daemons_limit < num_buckets) + ap_daemons_limit = num_buckets; + if (ap_daemons_to_start < num_buckets) + ap_daemons_to_start = num_buckets; + if (min_spare_threads < threads_per_child * num_buckets) + min_spare_threads = threads_per_child * num_buckets; + if (max_spare_threads < min_spare_threads + threads_per_child * num_buckets) + max_spare_threads = min_spare_threads + threads_per_child * num_buckets; /* If we're doing a graceful_restart then we're going to see a lot * of children exiting immediately when we get into the main loop @@ -1823,20 +1865,26 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf, APLOGNO(00293) "Server built: %s", ap_get_server_built()); ap_log_command_line(plog, s); + ap_log_mpm_common(s); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(00294) "Accept mutex: %s (default: %s)", - apr_proc_mutex_name(accept_mutex), + (all_buckets[0].mutex) + ? apr_proc_mutex_name(all_buckets[0].mutex) + : "none", apr_proc_mutex_defname()); mpm_state = AP_MPMQ_RUNNING; - server_main_loop(remaining_children_to_start); + server_main_loop(remaining_children_to_start, num_buckets); mpm_state = AP_MPMQ_STOPPING; if (shutdown_pending && !retained->is_graceful) { /* Time to shut down: * Kill child processes, tell them to call child_exit, etc... */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, /* Start with SIGTERM */ worker_note_child_killed); @@ -1857,7 +1905,11 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) /* Close our listeners, and then ask our children to do same */ ap_close_listeners(); - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_GRACEFUL); + + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_GRACEFUL); + } ap_relieve_child_processes(worker_note_child_killed); if (!child_fatal) { @@ -1897,7 +1949,10 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) * way, try and make sure that all of our processes are * really dead. */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, worker_note_child_killed); return DONE; @@ -1922,8 +1977,10 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf, APLOGNO(00297) AP_SIG_GRACEFUL_STRING " received. Doing graceful restart"); /* wake up the children...time to die. But we'll have more soon */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_GRACEFUL); - + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_GRACEFUL); + } /* This is mostly for debugging... so that we know what is still * gracefully dealing with existing request. @@ -1935,7 +1992,10 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s) * and a SIGHUP, we may as well use the same signal, because some user * pthreads are stealing signals from us left and right. */ - ap_mpm_podx_killpg(pod, ap_daemons_limit, AP_MPM_PODX_RESTART); + for (i = 0; i < num_buckets; i++) { + ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit, + AP_MPM_PODX_RESTART); + } ap_reclaim_child_processes(1, /* Start with SIGTERM */ worker_note_child_killed); @@ -1953,7 +2013,11 @@ static int worker_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, { int startup = 0; int level_flags = 0; + int num_buckets = 0; + ap_listen_rec **listen_buckets; apr_status_t rv; + char id[16]; + int i; pconf = p; @@ -1970,14 +2034,72 @@ static int worker_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, return DONE; } - if (!one_process) { - if ((rv = ap_mpm_podx_open(pconf, &pod))) { + if (one_process) { + num_buckets = 1; + } + else if (retained->is_graceful) { + /* Preserve the number of buckets on graceful restarts. */ + num_buckets = retained->num_buckets; + } + if ((rv = ap_duplicate_listeners(pconf, ap_server_conf, + &listen_buckets, &num_buckets))) { + ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, + (startup ? NULL : s), + "could not duplicate listeners"); + return DONE; + } + + all_buckets = apr_pcalloc(pconf, num_buckets * sizeof(*all_buckets)); + for (i = 0; i < num_buckets; i++) { + if (!one_process && /* no POD in one_process mode */ + (rv = ap_mpm_podx_open(pconf, &all_buckets[i].pod))) { ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, (startup ? NULL : s), "could not open pipe-of-death"); return DONE; } + /* Initialize cross-process accept lock (safe accept needed only) */ + if ((rv = SAFE_ACCEPT((apr_snprintf(id, sizeof id, "%i", i), + ap_proc_mutex_create(&all_buckets[i].mutex, + NULL, AP_ACCEPT_MUTEX_TYPE, + id, s, pconf, 0))))) { + ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv, + (startup ? NULL : s), + "could not create accept mutex"); + return DONE; + } + all_buckets[i].listeners = listen_buckets[i]; } + + if (retained->max_buckets < num_buckets) { + int new_max, *new_ptr; + new_max = retained->max_buckets * 2; + if (new_max < num_buckets) { + new_max = num_buckets; + } + new_ptr = (int *)apr_palloc(ap_pglobal, new_max * sizeof(int)); + memcpy(new_ptr, retained->idle_spawn_rate, + retained->num_buckets * sizeof(int)); + retained->idle_spawn_rate = new_ptr; + retained->max_buckets = new_max; + } + if (retained->num_buckets < num_buckets) { + int rate_max = 1; + /* If new buckets are added, set their idle spawn rate to + * the highest so far, so that they get filled as quickly + * as the existing ones. + */ + for (i = 0; i < retained->num_buckets; i++) { + if (rate_max < retained->idle_spawn_rate[i]) { + rate_max = retained->idle_spawn_rate[i]; + } + } + for (/* up to date i */; i < num_buckets; i++) { + retained->idle_spawn_rate[i] = rate_max; + } + } + retained->num_buckets = num_buckets; + return OK; } @@ -2009,7 +2131,6 @@ static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog, if (!retained) { retained = ap_retained_data_create(userdata_key, sizeof(*retained)); retained->max_daemons_limit = -1; - retained->idle_spawn_rate = 1; } ++retained->module_loads; if (retained->module_loads == 2) { @@ -2241,7 +2362,7 @@ static int worker_check_config(apr_pool_t *p, apr_pool_t *plog, } /* ap_daemons_to_start > ap_daemons_limit checked in worker_run() */ - if (ap_daemons_to_start < 0) { + if (ap_daemons_to_start < 1) { if (startup) { ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00320) "WARNING: StartServers of %d not allowed, " diff --git a/server/protocol.c b/server/protocol.c index 8ebf4f41..fc507fa0 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -67,6 +67,9 @@ APR_HOOK_STRUCT( APR_HOOK_LINK(http_scheme) APR_HOOK_LINK(default_port) APR_HOOK_LINK(note_auth_failure) + APR_HOOK_LINK(protocol_propose) + APR_HOOK_LINK(protocol_switch) + APR_HOOK_LINK(protocol_get) ) AP_DECLARE_DATA ap_filter_rec_t *ap_old_write_func = NULL; @@ -1790,6 +1793,150 @@ AP_DECLARE(void) ap_send_interim_response(request_rec *r, int send_headers) apr_brigade_destroy(x.bb); } +/* + * Compare two protocol identifier. Result is similar to strcmp(): + * 0 gives same precedence, >0 means proto1 is preferred. + */ +static int protocol_cmp(const apr_array_header_t *preferences, + const char *proto1, + const char *proto2) +{ + if (preferences && preferences->nelts > 0) { + int index1 = ap_array_str_index(preferences, proto1, 0); + int index2 = ap_array_str_index(preferences, proto2, 0); + if (index2 > index1) { + return (index1 >= 0) ? 1 : -1; + } + else if (index1 > index2) { + return (index2 >= 0) ? -1 : 1; + } + } + /* both have the same index (mabye -1 or no pref configured) and we compare + * the names so that spdy3 gets precedence over spdy2. That makes + * the outcome at least deterministic. */ + return strcmp(proto1, proto2); +} + +AP_DECLARE(const char *) ap_get_protocol(conn_rec *c) +{ + const char *protocol = ap_run_protocol_get(c); + return protocol? protocol : AP_PROTOCOL_HTTP1; +} + +AP_DECLARE(const char *) ap_select_protocol(conn_rec *c, request_rec *r, + server_rec *s, + const apr_array_header_t *choices) +{ + apr_pool_t *pool = r? r->pool : c->pool; + core_server_config *conf = ap_get_core_module_config(s->module_config); + const char *protocol = NULL, *existing; + apr_array_header_t *proposals; + + if (APLOGcdebug(c)) { + const char *p = apr_array_pstrcat(pool, conf->protocols, ','); + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, + "select protocol from %s, choices=%s for server %s", + p, apr_array_pstrcat(pool, choices, ','), + s->server_hostname); + } + + if (conf->protocols->nelts <= 0) { + /* nothing configured, by default, we only allow http/1.1 here. + * For now... + */ + if (ap_array_str_contains(choices, AP_PROTOCOL_HTTP1)) { + return AP_PROTOCOL_HTTP1; + } + else { + return NULL; + } + } + + proposals = apr_array_make(pool, choices->nelts + 1, sizeof(char *)); + ap_run_protocol_propose(c, r, s, choices, proposals); + + /* If the existing protocol has not been proposed, but is a choice, + * add it to the proposals implicitly. + */ + existing = ap_get_protocol(c); + if (!ap_array_str_contains(proposals, existing) + && ap_array_str_contains(choices, existing)) { + APR_ARRAY_PUSH(proposals, const char*) = existing; + } + + if (proposals->nelts > 0) { + int i; + const apr_array_header_t *prefs = NULL; + + /* Default for protocols_honor_order is 'on' or != 0 */ + if (conf->protocols_honor_order == 0 && choices->nelts > 0) { + prefs = choices; + } + else { + prefs = conf->protocols; + } + + /* Select the most preferred protocol */ + if (APLOGcdebug(c)) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, + "select protocol, proposals=%s preferences=%s configured=%s", + apr_array_pstrcat(pool, proposals, ','), + apr_array_pstrcat(pool, prefs, ','), + apr_array_pstrcat(pool, conf->protocols, ',')); + } + for (i = 0; i < proposals->nelts; ++i) { + const char *p = APR_ARRAY_IDX(proposals, i, const char *); + if (!ap_array_str_contains(conf->protocols, p)) { + /* not a configured protocol here */ + continue; + } + else if (!protocol + || (protocol_cmp(prefs, protocol, p) < 0)) { + /* none selected yet or this one has preference */ + protocol = p; + } + } + } + if (APLOGcdebug(c)) { + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "selected protocol=%s", + protocol? protocol : "(none)"); + } + + return protocol; +} + +AP_DECLARE(apr_status_t) ap_switch_protocol(conn_rec *c, request_rec *r, + server_rec *s, + const char *protocol) +{ + const char *current = ap_get_protocol(c); + int rc; + + if (!strcmp(current, protocol)) { + ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, c, APLOGNO(02906) + "already at it, protocol_switch to %s", + protocol); + return APR_SUCCESS; + } + + rc = ap_run_protocol_switch(c, r, s, protocol); + switch (rc) { + case DECLINED: + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02907) + "no implementation for protocol_switch to %s", + protocol); + return APR_ENOTIMPL; + case OK: + case DONE: + return APR_SUCCESS; + default: + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02905) + "unexpected return code %d from protocol_switch to %s" + , rc, protocol); + return APR_EOF; + } +} + AP_IMPLEMENT_HOOK_VOID(pre_read_request, (request_rec *r, conn_rec *c), @@ -1805,3 +1952,14 @@ AP_IMPLEMENT_HOOK_RUN_FIRST(unsigned short,default_port, AP_IMPLEMENT_HOOK_RUN_FIRST(int, note_auth_failure, (request_rec *r, const char *auth_type), (r, auth_type), DECLINED) +AP_IMPLEMENT_HOOK_RUN_ALL(int,protocol_propose, + (conn_rec *c, request_rec *r, server_rec *s, + const apr_array_header_t *offers, + apr_array_header_t *proposals), + (c, r, s, offers, proposals), OK, DECLINED) +AP_IMPLEMENT_HOOK_RUN_FIRST(int,protocol_switch, + (conn_rec *c, request_rec *r, server_rec *s, + const char *protocol), + (c, r, s, protocol), DECLINED) +AP_IMPLEMENT_HOOK_RUN_FIRST(const char *,protocol_get, + (const conn_rec *c), (c), NULL) diff --git a/server/request.c b/server/request.c index 750b1511..849aad18 100644 --- a/server/request.c +++ b/server/request.c @@ -568,10 +568,9 @@ static void core_opts_merge(const ap_conf_vector_t *sec, core_opts_t *opts) opts->override_opts = this_dir->override_opts; } - if (this_dir->override_list != NULL) { + if (this_dir->override_list != NULL) { opts->override_list = this_dir->override_list; - } - + } } @@ -614,7 +613,7 @@ AP_DECLARE(int) ap_directory_walk(request_rec *r) ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00029) "Module bug? Request filename is missing for URI %s", r->uri); - return OK; + return OK; } /* Canonicalize the file path without resolving filename case or aliases diff --git a/server/util.c b/server/util.c index 464b07f4..916213c3 100644 --- a/server/util.c +++ b/server/util.c @@ -1451,6 +1451,95 @@ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, return find_list_item(p, line, tok, AP_ETAG_WEAK); } +/* Grab a list of tokens of the format 1#token (from RFC7230) */ +AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p, + const char *str_in, + apr_array_header_t **tokens, + int skip_invalid) +{ + int in_leading_space = 1; + int in_trailing_space = 0; + int string_end = 0; + const char *tok_begin; + const char *cur; + + if (!str_in) { + return NULL; + } + + tok_begin = cur = str_in; + + while (!string_end) { + const unsigned char c = (unsigned char)*cur; + + if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP) && c != '\0') { + /* Non-separator character; we are finished with leading + * whitespace. We must never have encountered any trailing + * whitespace before the delimiter (comma) */ + in_leading_space = 0; + if (in_trailing_space) { + return "Encountered illegal whitespace in token"; + } + } + else if (c == ' ' || c == '\t') { + /* "Linear whitespace" only includes ASCII CRLF, space, and tab; + * we can't get a CRLF since headers are split on them already, + * so only look for a space or a tab */ + if (in_leading_space) { + /* We're still in leading whitespace */ + ++tok_begin; + } + else { + /* We must be in trailing whitespace */ + ++in_trailing_space; + } + } + else if (c == ',' || c == '\0') { + if (!in_leading_space) { + /* If we're out of the leading space, we know we've read some + * characters of a token */ + if (*tokens == NULL) { + *tokens = apr_array_make(p, 4, sizeof(char *)); + } + APR_ARRAY_PUSH(*tokens, char *) = + apr_pstrmemdup((*tokens)->pool, tok_begin, + (cur - tok_begin) - in_trailing_space); + } + /* We're allowed to have null elements, just don't add them to the + * array */ + + tok_begin = cur + 1; + in_leading_space = 1; + in_trailing_space = 0; + string_end = (c == '\0'); + } + else { + /* Encountered illegal separator char */ + if (skip_invalid) { + /* Skip to the next separator */ + const char *temp; + temp = ap_strchr_c(cur, ','); + if(!temp) { + temp = ap_strchr_c(cur, '\0'); + } + + /* Act like we haven't seen a token so we reset */ + cur = temp - 1; + in_leading_space = 1; + in_trailing_space = 0; + } + else { + return apr_psprintf(p, "Encountered illegal separator " + "'\\x%.2x'", (unsigned int)c); + } + } + + ++cur; + } + + return NULL; +} + /* Retrieve a token, spacing over it and returning a pointer to * the first non-white byte afterwards. Note that these tokens * are delimited by semis and commas; and can also be delimited @@ -3005,3 +3094,28 @@ AP_DECLARE(char *) ap_get_exec_line(apr_pool_t *p, return apr_pstrndup(p, buf, k); } + +AP_DECLARE(int) ap_array_str_index(const apr_array_header_t *array, + const char *s, + int start) +{ + if (start >= 0) { + int i; + + for (i = start; i < array->nelts; i++) { + const char *p = APR_ARRAY_IDX(array, i, const char *); + if (!strcmp(p, s)) { + return i; + } + } + } + + return -1; +} + +AP_DECLARE(int) ap_array_str_contains(const apr_array_header_t *array, + const char *s) +{ + return (ap_array_str_index(array, s, 0) >= 0); +} + diff --git a/server/util_script.c b/server/util_script.c index a8d9ebc4..14991cd0 100644 --- a/server/util_script.c +++ b/server/util_script.c @@ -282,12 +282,25 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r) /* Apache custom error responses. If we have redirected set two new vars */ if (r->prev) { + /* PR#57785: reconstruct full URL here */ + apr_uri_t *uri = &r->prev->parsed_uri; + if (!uri->scheme) { + uri->scheme = (char*)ap_http_scheme(r->prev); + } + if (!uri->port) { + uri->port = ap_get_server_port(r->prev); + uri->port_str = apr_psprintf(r->pool, "%u", uri->port); + } + if (!uri->hostname) { + uri->hostname = (char*)ap_get_server_name_for_url(r->prev); + } add_unless_null(e, "REDIRECT_QUERY_STRING", r->prev->args); - add_unless_null(e, "REDIRECT_URL", r->prev->uri); + add_unless_null(e, "REDIRECT_URL", + apr_uri_unparse(r->pool, uri, 0)); } if (e != r->subprocess_env) { - apr_table_overlap(r->subprocess_env, e, APR_OVERLAP_TABLES_SET); + apr_table_overlap(r->subprocess_env, e, APR_OVERLAP_TABLES_SET); } } diff --git a/support/ab.c b/support/ab.c index 5ba5d67c..46fa3b86 100644 --- a/support/ab.c +++ b/support/ab.c @@ -1222,7 +1222,7 @@ static void start_connect(struct connection * c) apr_status_t rv; if (!(started < requests)) - return; + return; c->read = 0; c->bread = 0; @@ -1890,14 +1890,14 @@ static void test(void) static void copyright(void) { if (!use_html) { - printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1663405 $>"); + printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1706008 $>"); printf("Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); printf("Licensed to The Apache Software Foundation, http://www.apache.org/\n"); printf("\n"); } else { printf("

    \n"); - printf(" This is ApacheBench, Version %s <%s>
    \n", AP_AB_BASEREVISION, "$Revision: 1663405 $"); + printf(" This is ApacheBench, Version %s <%s>
    \n", AP_AB_BASEREVISION, "$Revision: 1706008 $"); printf(" Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
    \n"); printf(" Licensed to The Apache Software Foundation, http://www.apache.org/
    \n"); printf("

    \n

    \n"); @@ -1961,6 +1961,12 @@ static void usage(const char *progname) #define SSL2_HELP_MSG "" #endif +#ifndef OPENSSL_NO_SSL3 +#define SSL3_HELP_MSG "SSL3, " +#else +#define SSL3_HELP_MSG "" +#endif + #ifdef HAVE_TLSV1_X #define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2" #else @@ -1969,7 +1975,7 @@ static void usage(const char *progname) fprintf(stderr, " -Z ciphersuite Specify SSL/TLS cipher suite (See openssl ciphers)\n"); fprintf(stderr, " -f protocol Specify SSL/TLS protocol\n"); - fprintf(stderr, " (" SSL2_HELP_MSG "SSL3, TLS1" TLS1_X_HELP_MSG " or ALL)\n"); + fprintf(stderr, " (" SSL2_HELP_MSG SSL3_HELP_MSG "TLS1" TLS1_X_HELP_MSG " or ALL)\n"); #endif exit(EINVAL); } @@ -2314,8 +2320,10 @@ int main(int argc, const char * const argv[]) } else if (strncasecmp(opt_arg, "SSL2", 4) == 0) { meth = SSLv2_client_method(); #endif +#ifndef OPENSSL_NO_SSL3 } else if (strncasecmp(opt_arg, "SSL3", 4) == 0) { meth = SSLv3_client_method(); +#endif #ifdef HAVE_TLSV1_X } else if (strncasecmp(opt_arg, "TLS1.1", 6) == 0) { meth = TLSv1_1_client_method(); diff --git a/support/htdbm.c b/support/htdbm.c index 1cd0591f..40a3d232 100644 --- a/support/htdbm.c +++ b/support/htdbm.c @@ -345,7 +345,7 @@ int main(int argc, const char * const argv[]) case 'n': need_file = 0; cmd = HTDBM_NOFILE; - args_left--; + args_left--; break; case 'l': need_pwd = 0; diff --git a/support/logresolve.c b/support/logresolve.c index b0ba6ec1..71dca452 100644 --- a/support/logresolve.c +++ b/support/logresolve.c @@ -122,7 +122,7 @@ static void usage(void) "Options:" NL " -s Record statistics to STATFILE when finished." NL NL - " -c Perform double lookups when resolving IP addresses." NL, + " -c Perform double lookups when resolving IP addresses." NL, shortname, shortname); exit(1); } @@ -200,7 +200,7 @@ int main(int argc, const char * const argv[]) apr_file_buffer_set(outfile, outbuffer, WRITE_BUF_SIZE); cache = apr_hash_make(pool); - if(apr_pool_create(&pline, pool) != APR_SUCCESS){ + if (apr_pool_create(&pline, pool) != APR_SUCCESS) { return 1; } @@ -220,7 +220,7 @@ int main(int argc, const char * const argv[]) /* Check if this could even be an IP address */ if (!apr_isxdigit(line[0]) && line[0] != ':') { - withname++; + withname++; apr_file_puts(line, outfile); continue; } @@ -315,7 +315,7 @@ int main(int argc, const char * const argv[]) if (stats) { apr_file_t *statsfile; if (apr_file_open(&statsfile, stats, - APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_TRUNCATE, + APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_TRUNCATE, APR_OS_DEFAULT, pool) != APR_SUCCESS) { apr_file_printf(errfile, "%s: Could not open %s for writing.", shortname, stats); diff --git a/support/passwd_common.c b/support/passwd_common.c index 343fa790..113236c3 100644 --- a/support/passwd_common.c +++ b/support/passwd_common.c @@ -99,9 +99,9 @@ static int generate_salt(char *s, size_t size, const char **errstr, size--; val >>= 6; bits -= 6; - } - *s = '\0'; - return 0; + } + *s = '\0'; + return 0; } void putline(apr_file_t *f, const char *l) -- cgit v1.2.3 From d5ffc4eb85d71c901c85119cf873e343349e97e2 Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Tue, 5 Jul 2016 23:20:42 +0200 Subject: Imported Upstream version 2.4.23 --- Apache-apr2.dsw | 24 + Apache.dsw | 27 + CHANGES | 220 +- CMakeLists.txt | 16 +- INSTALL | 2 +- Makefile.win | 19 +- acinclude.m4 | 53 +- build/installwinconf.awk | 1 + configure | 6235 +++++++++++++------- docs/manual/bind.html.de | 2 +- docs/manual/bind.html.en | 2 +- docs/manual/bind.html.fr | 2 +- docs/manual/bind.html.ja.utf8 | 2 +- docs/manual/bind.html.ko.euc-kr | 2 +- docs/manual/bind.html.tr.utf8 | 2 +- docs/manual/caching.html.en | 2 +- docs/manual/caching.html.fr | 2 +- docs/manual/caching.html.tr.utf8 | 2 +- docs/manual/configuring.html.de | 2 +- docs/manual/configuring.html.en | 2 +- docs/manual/configuring.html.fr | 2 +- docs/manual/configuring.html.ja.utf8 | 2 +- docs/manual/configuring.html.ko.euc-kr | 2 +- docs/manual/configuring.html.tr.utf8 | 2 +- docs/manual/content-negotiation.html.en | 2 +- docs/manual/content-negotiation.html.fr | 2 +- docs/manual/content-negotiation.html.ja.utf8 | 2 +- docs/manual/content-negotiation.html.ko.euc-kr | 2 +- docs/manual/content-negotiation.html.tr.utf8 | 2 +- docs/manual/convenience.map | 7 +- docs/manual/custom-error.html.en | 18 +- docs/manual/custom-error.html.es | 10 +- docs/manual/custom-error.html.fr | 16 +- docs/manual/custom-error.html.ja.utf8 | 2 +- docs/manual/custom-error.html.ko.euc-kr | 2 +- docs/manual/custom-error.html.tr.utf8 | 3 +- docs/manual/developer/API.html.en | 2 +- docs/manual/developer/filters.html.en | 2 +- docs/manual/developer/hooks.html.en | 14 +- docs/manual/developer/modguide.html.en | 2 +- docs/manual/developer/modules.html.en | 2 +- docs/manual/developer/modules.html.ja.utf8 | 2 +- docs/manual/developer/new_api_2_4.html.en | 2 +- docs/manual/developer/output-filters.html.en | 55 +- docs/manual/developer/request.html.en | 2 +- docs/manual/developer/thread_safety.html.en | 2 +- docs/manual/dns-caveats.html.en | 2 +- docs/manual/dns-caveats.html.fr | 2 +- docs/manual/dns-caveats.html.ja.utf8 | 2 +- docs/manual/dns-caveats.html.ko.euc-kr | 2 +- docs/manual/dns-caveats.html.tr.utf8 | 2 +- docs/manual/dso.html.en | 2 +- docs/manual/dso.html.fr | 2 +- docs/manual/dso.html.ja.utf8 | 2 +- docs/manual/dso.html.ko.euc-kr | 2 +- docs/manual/dso.html.tr.utf8 | 2 +- docs/manual/env.html.en | 2 +- docs/manual/env.html.fr | 2 +- docs/manual/env.html.ja.utf8 | 2 +- docs/manual/env.html.ko.euc-kr | 2 +- docs/manual/env.html.tr.utf8 | 2 +- docs/manual/expr.html.en | 12 +- docs/manual/expr.html.fr | 12 +- docs/manual/faq/index.html | 4 + docs/manual/faq/index.html.en | 2 + docs/manual/faq/index.html.es | 50 + docs/manual/faq/index.html.fr | 2 + docs/manual/faq/index.html.tr.utf8 | 2 + docs/manual/faq/index.html.zh-cn.utf8 | 2 + docs/manual/filter.html.en | 2 +- docs/manual/filter.html.es | 8 +- docs/manual/filter.html.fr | 2 +- docs/manual/filter.html.tr.utf8 | 2 +- docs/manual/getting-started.html.en | 2 +- docs/manual/getting-started.html.fr | 2 +- docs/manual/glossary.html.es | 8 +- docs/manual/handler.html.en | 2 +- docs/manual/handler.html.es | 10 +- docs/manual/handler.html.fr | 2 +- docs/manual/handler.html.ja.utf8 | 2 +- docs/manual/handler.html.ko.euc-kr | 2 +- docs/manual/handler.html.tr.utf8 | 2 +- docs/manual/handler.html.zh-cn.utf8 | 2 +- docs/manual/howto/access.html.en | 2 +- docs/manual/howto/access.html.fr | 2 +- docs/manual/howto/auth.html.en | 14 +- docs/manual/howto/auth.html.fr | 14 +- docs/manual/howto/auth.html.ja.utf8 | 2 +- docs/manual/howto/auth.html.ko.euc-kr | 2 +- docs/manual/howto/auth.html.tr.utf8 | 3 +- docs/manual/howto/cgi.html.en | 2 +- docs/manual/howto/cgi.html.fr | 2 +- docs/manual/howto/cgi.html.ja.utf8 | 2 +- docs/manual/howto/cgi.html.ko.euc-kr | 2 +- docs/manual/howto/htaccess.html.en | 4 +- docs/manual/howto/htaccess.html.fr | 4 +- docs/manual/howto/htaccess.html.ja.utf8 | 2 +- docs/manual/howto/htaccess.html.ko.euc-kr | 2 +- docs/manual/howto/htaccess.html.pt-br | 2 +- docs/manual/howto/http2.html | 5 + docs/manual/howto/http2.html.en | 277 + docs/manual/howto/index.html.en | 14 + docs/manual/howto/index.html.fr | 15 + docs/manual/howto/public_html.html.en | 16 +- docs/manual/howto/public_html.html.fr | 16 +- docs/manual/howto/public_html.html.ja.utf8 | 2 +- docs/manual/howto/public_html.html.ko.euc-kr | 2 +- docs/manual/howto/public_html.html.tr.utf8 | 3 +- docs/manual/howto/reverse_proxy.html.en | 6 +- docs/manual/howto/ssi.html.en | 6 +- docs/manual/howto/ssi.html.fr | 6 +- docs/manual/howto/ssi.html.ja.utf8 | 2 +- docs/manual/howto/ssi.html.ko.euc-kr | 2 +- docs/manual/index.html.es | 54 +- docs/manual/install.html.de | 2 +- docs/manual/install.html.en | 2 +- docs/manual/install.html.es | 10 +- docs/manual/install.html.fr | 2 +- docs/manual/install.html.ja.utf8 | 2 +- docs/manual/install.html.ko.euc-kr | 2 +- docs/manual/install.html.tr.utf8 | 2 +- docs/manual/invoking.html.de | 2 +- docs/manual/invoking.html.en | 2 +- docs/manual/invoking.html.es | 10 +- docs/manual/invoking.html.fr | 2 +- docs/manual/invoking.html.ja.utf8 | 6 +- docs/manual/invoking.html.ko.euc-kr | 2 +- docs/manual/invoking.html.tr.utf8 | 2 +- docs/manual/logs.html.en | 14 +- docs/manual/logs.html.fr | 9 +- docs/manual/logs.html.ja.utf8 | 7 +- docs/manual/logs.html.ko.euc-kr | 5 +- docs/manual/logs.html.tr.utf8 | 5 +- docs/manual/misc/password_encryptions.html.en | 2 +- docs/manual/misc/password_encryptions.html.fr | 2 +- docs/manual/misc/perf-tuning.html.en | 2 +- docs/manual/misc/perf-tuning.html.fr | 2 +- docs/manual/misc/perf-tuning.html.ko.euc-kr | 2 +- docs/manual/misc/perf-tuning.html.tr.utf8 | 2 +- docs/manual/misc/relevant_standards.html.en | 2 +- docs/manual/misc/relevant_standards.html.fr | 2 +- docs/manual/misc/relevant_standards.html.ko.euc-kr | 2 +- docs/manual/misc/security_tips.html.en | 2 +- docs/manual/misc/security_tips.html.fr | 2 +- docs/manual/misc/security_tips.html.ko.euc-kr | 2 +- docs/manual/misc/security_tips.html.tr.utf8 | 2 +- docs/manual/mod/core.html.de | 20 +- docs/manual/mod/core.html.en | 94 +- docs/manual/mod/core.html.es | 208 +- docs/manual/mod/core.html.fr | 50 +- docs/manual/mod/core.html.ja.utf8 | 20 +- docs/manual/mod/core.html.tr.utf8 | 17 +- docs/manual/mod/directive-dict.html.en | 2 +- docs/manual/mod/directive-dict.html.fr | 2 +- docs/manual/mod/directive-dict.html.ja.utf8 | 2 +- docs/manual/mod/directive-dict.html.ko.euc-kr | 2 +- docs/manual/mod/directive-dict.html.tr.utf8 | 2 +- docs/manual/mod/directives.html.de | 7 +- docs/manual/mod/directives.html.en | 7 +- docs/manual/mod/directives.html.es | 15 +- docs/manual/mod/directives.html.fr | 7 +- docs/manual/mod/directives.html.ja.utf8 | 7 +- docs/manual/mod/directives.html.ko.euc-kr | 7 +- docs/manual/mod/directives.html.tr.utf8 | 7 +- docs/manual/mod/directives.html.zh-cn.utf8 | 7 +- docs/manual/mod/event.html.en | 65 +- docs/manual/mod/event.html.fr | 10 +- docs/manual/mod/index.html.de | 4 + docs/manual/mod/index.html.en | 4 + docs/manual/mod/index.html.es | 16 +- docs/manual/mod/index.html.fr | 4 + docs/manual/mod/index.html.ja.utf8 | 4 + docs/manual/mod/index.html.ko.euc-kr | 4 + docs/manual/mod/index.html.tr.utf8 | 4 + docs/manual/mod/index.html.zh-cn.utf8 | 4 + docs/manual/mod/mod_access_compat.html.en | 16 +- docs/manual/mod/mod_access_compat.html.fr | 13 +- docs/manual/mod/mod_access_compat.html.ja.utf8 | 4 +- docs/manual/mod/mod_actions.html.de | 4 +- docs/manual/mod/mod_actions.html.en | 4 +- docs/manual/mod/mod_actions.html.fr | 4 +- docs/manual/mod/mod_actions.html.ja.utf8 | 4 +- docs/manual/mod/mod_actions.html.ko.euc-kr | 4 +- docs/manual/mod/mod_alias.html.en | 4 +- docs/manual/mod/mod_alias.html.fr | 4 +- docs/manual/mod/mod_alias.html.ja.utf8 | 4 +- docs/manual/mod/mod_alias.html.ko.euc-kr | 4 +- docs/manual/mod/mod_alias.html.tr.utf8 | 4 +- docs/manual/mod/mod_allowmethods.html.en | 4 +- docs/manual/mod/mod_allowmethods.html.fr | 4 +- docs/manual/mod/mod_asis.html.en | 4 +- docs/manual/mod/mod_asis.html.fr | 4 +- docs/manual/mod/mod_asis.html.ja.utf8 | 4 +- docs/manual/mod/mod_asis.html.ko.euc-kr | 4 +- docs/manual/mod/mod_auth_basic.html.en | 4 +- docs/manual/mod/mod_auth_basic.html.fr | 4 +- docs/manual/mod/mod_auth_basic.html.ja.utf8 | 4 +- docs/manual/mod/mod_auth_basic.html.ko.euc-kr | 4 +- docs/manual/mod/mod_auth_digest.html.en | 25 +- docs/manual/mod/mod_auth_digest.html.fr | 4 +- docs/manual/mod/mod_auth_digest.html.ko.euc-kr | 4 +- docs/manual/mod/mod_auth_form.html.en | 50 +- docs/manual/mod/mod_auth_form.html.fr | 46 +- docs/manual/mod/mod_authn_anon.html.en | 4 +- docs/manual/mod/mod_authn_anon.html.fr | 4 +- docs/manual/mod/mod_authn_anon.html.ja.utf8 | 4 +- docs/manual/mod/mod_authn_anon.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authn_core.html.en | 4 +- docs/manual/mod/mod_authn_core.html.fr | 4 +- docs/manual/mod/mod_authn_dbd.html.en | 4 +- docs/manual/mod/mod_authn_dbd.html.fr | 4 +- docs/manual/mod/mod_authn_dbm.html.en | 15 +- docs/manual/mod/mod_authn_dbm.html.fr | 12 +- docs/manual/mod/mod_authn_dbm.html.ja.utf8 | 4 +- docs/manual/mod/mod_authn_dbm.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authn_file.html.en | 4 +- docs/manual/mod/mod_authn_file.html.fr | 4 +- docs/manual/mod/mod_authn_file.html.ja.utf8 | 4 +- docs/manual/mod/mod_authn_file.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authn_socache.html.en | 4 +- docs/manual/mod/mod_authn_socache.html.fr | 4 +- docs/manual/mod/mod_authnz_fcgi.html.en | 4 +- docs/manual/mod/mod_authnz_ldap.html.en | 4 +- docs/manual/mod/mod_authnz_ldap.html.fr | 4 +- docs/manual/mod/mod_authz_core.html.en | 4 +- docs/manual/mod/mod_authz_core.html.fr | 4 +- docs/manual/mod/mod_authz_dbd.html.en | 4 +- docs/manual/mod/mod_authz_dbd.html.fr | 4 +- docs/manual/mod/mod_authz_dbm.html.en | 4 +- docs/manual/mod/mod_authz_dbm.html.fr | 4 +- docs/manual/mod/mod_authz_dbm.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authz_groupfile.html.en | 11 +- docs/manual/mod/mod_authz_groupfile.html.fr | 10 +- docs/manual/mod/mod_authz_groupfile.html.ja.utf8 | 4 +- docs/manual/mod/mod_authz_groupfile.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authz_host.html.en | 4 +- docs/manual/mod/mod_authz_host.html.fr | 4 +- docs/manual/mod/mod_authz_owner.html.en | 4 +- docs/manual/mod/mod_authz_owner.html.fr | 4 +- docs/manual/mod/mod_authz_owner.html.ja.utf8 | 4 +- docs/manual/mod/mod_authz_owner.html.ko.euc-kr | 4 +- docs/manual/mod/mod_authz_user.html.en | 4 +- docs/manual/mod/mod_authz_user.html.fr | 4 +- docs/manual/mod/mod_authz_user.html.ja.utf8 | 4 +- docs/manual/mod/mod_authz_user.html.ko.euc-kr | 4 +- docs/manual/mod/mod_autoindex.html.en | 6 +- docs/manual/mod/mod_autoindex.html.fr | 6 +- docs/manual/mod/mod_autoindex.html.ja.utf8 | 4 +- docs/manual/mod/mod_autoindex.html.ko.euc-kr | 4 +- docs/manual/mod/mod_autoindex.html.tr.utf8 | 5 +- docs/manual/mod/mod_buffer.html.en | 4 +- docs/manual/mod/mod_buffer.html.fr | 4 +- docs/manual/mod/mod_cache.html.en | 4 +- docs/manual/mod/mod_cache.html.fr | 4 +- docs/manual/mod/mod_cache.html.ja.utf8 | 4 +- docs/manual/mod/mod_cache.html.ko.euc-kr | 4 +- docs/manual/mod/mod_cache_disk.html.en | 4 +- docs/manual/mod/mod_cache_disk.html.fr | 4 +- docs/manual/mod/mod_cache_disk.html.ja.utf8 | 4 +- docs/manual/mod/mod_cache_disk.html.ko.euc-kr | 4 +- docs/manual/mod/mod_cache_socache.html.en | 4 +- docs/manual/mod/mod_cache_socache.html.fr | 4 +- docs/manual/mod/mod_cern_meta.html.en | 4 +- docs/manual/mod/mod_cern_meta.html.fr | 4 +- docs/manual/mod/mod_cern_meta.html.ko.euc-kr | 4 +- docs/manual/mod/mod_cgi.html.en | 4 +- docs/manual/mod/mod_cgi.html.fr | 4 +- docs/manual/mod/mod_cgi.html.ja.utf8 | 4 +- docs/manual/mod/mod_cgi.html.ko.euc-kr | 4 +- docs/manual/mod/mod_cgid.html.en | 4 +- docs/manual/mod/mod_cgid.html.fr | 4 +- docs/manual/mod/mod_cgid.html.ja.utf8 | 4 +- docs/manual/mod/mod_cgid.html.ko.euc-kr | 4 +- docs/manual/mod/mod_charset_lite.html.en | 4 +- docs/manual/mod/mod_charset_lite.html.fr | 4 +- docs/manual/mod/mod_charset_lite.html.ko.euc-kr | 4 +- docs/manual/mod/mod_data.html.en | 4 +- docs/manual/mod/mod_data.html.fr | 4 +- docs/manual/mod/mod_dav.html.en | 4 +- docs/manual/mod/mod_dav.html.fr | 4 +- docs/manual/mod/mod_dav.html.ja.utf8 | 4 +- docs/manual/mod/mod_dav.html.ko.euc-kr | 4 +- docs/manual/mod/mod_dav_fs.html.en | 4 +- docs/manual/mod/mod_dav_fs.html.fr | 4 +- docs/manual/mod/mod_dav_fs.html.ja.utf8 | 4 +- docs/manual/mod/mod_dav_fs.html.ko.euc-kr | 4 +- docs/manual/mod/mod_dav_lock.html.en | 4 +- docs/manual/mod/mod_dav_lock.html.fr | 4 +- docs/manual/mod/mod_dav_lock.html.ja.utf8 | 4 +- docs/manual/mod/mod_dbd.html.en | 4 +- docs/manual/mod/mod_dbd.html.fr | 4 +- docs/manual/mod/mod_deflate.html.en | 4 +- docs/manual/mod/mod_deflate.html.fr | 4 +- docs/manual/mod/mod_deflate.html.ja.utf8 | 4 +- docs/manual/mod/mod_deflate.html.ko.euc-kr | 4 +- docs/manual/mod/mod_dialup.html.en | 4 +- docs/manual/mod/mod_dialup.html.fr | 4 +- docs/manual/mod/mod_dir.html.en | 4 +- docs/manual/mod/mod_dir.html.fr | 4 +- docs/manual/mod/mod_dir.html.ja.utf8 | 4 +- docs/manual/mod/mod_dir.html.ko.euc-kr | 4 +- docs/manual/mod/mod_dir.html.tr.utf8 | 4 +- docs/manual/mod/mod_dumpio.html.en | 4 +- docs/manual/mod/mod_dumpio.html.fr | 4 +- docs/manual/mod/mod_dumpio.html.ja.utf8 | 4 +- docs/manual/mod/mod_echo.html.en | 4 +- docs/manual/mod/mod_echo.html.fr | 4 +- docs/manual/mod/mod_echo.html.ja.utf8 | 4 +- docs/manual/mod/mod_echo.html.ko.euc-kr | 4 +- docs/manual/mod/mod_env.html.en | 4 +- docs/manual/mod/mod_env.html.fr | 4 +- docs/manual/mod/mod_env.html.ja.utf8 | 4 +- docs/manual/mod/mod_env.html.ko.euc-kr | 4 +- docs/manual/mod/mod_env.html.tr.utf8 | 4 +- docs/manual/mod/mod_example_hooks.html.en | 4 +- docs/manual/mod/mod_example_hooks.html.fr | 4 +- docs/manual/mod/mod_example_hooks.html.ko.euc-kr | 4 +- docs/manual/mod/mod_expires.html.en | 4 +- docs/manual/mod/mod_expires.html.fr | 4 +- docs/manual/mod/mod_expires.html.ja.utf8 | 4 +- docs/manual/mod/mod_expires.html.ko.euc-kr | 4 +- docs/manual/mod/mod_ext_filter.html.en | 4 +- docs/manual/mod/mod_ext_filter.html.fr | 4 +- docs/manual/mod/mod_ext_filter.html.ja.utf8 | 4 +- docs/manual/mod/mod_ext_filter.html.ko.euc-kr | 4 +- docs/manual/mod/mod_file_cache.html.en | 4 +- docs/manual/mod/mod_file_cache.html.fr | 4 +- docs/manual/mod/mod_file_cache.html.ko.euc-kr | 4 +- docs/manual/mod/mod_filter.html.en | 4 +- docs/manual/mod/mod_filter.html.fr | 4 +- docs/manual/mod/mod_headers.html.en | 4 +- docs/manual/mod/mod_headers.html.fr | 4 +- docs/manual/mod/mod_headers.html.ja.utf8 | 4 +- docs/manual/mod/mod_headers.html.ko.euc-kr | 4 +- docs/manual/mod/mod_heartbeat.html.en | 4 +- docs/manual/mod/mod_heartbeat.html.fr | 4 +- docs/manual/mod/mod_heartmonitor.html.en | 4 +- docs/manual/mod/mod_heartmonitor.html.fr | 4 +- docs/manual/mod/mod_http2.html.en | 292 +- docs/manual/mod/mod_ident.html.en | 4 +- docs/manual/mod/mod_ident.html.fr | 4 +- docs/manual/mod/mod_ident.html.ja.utf8 | 4 +- docs/manual/mod/mod_ident.html.ko.euc-kr | 4 +- docs/manual/mod/mod_imagemap.html.en | 4 +- docs/manual/mod/mod_imagemap.html.fr | 4 +- docs/manual/mod/mod_imagemap.html.ko.euc-kr | 4 +- docs/manual/mod/mod_include.html.en | 32 +- docs/manual/mod/mod_include.html.fr | 26 +- docs/manual/mod/mod_include.html.ja.utf8 | 4 +- docs/manual/mod/mod_info.html.en | 4 +- docs/manual/mod/mod_info.html.fr | 4 +- docs/manual/mod/mod_info.html.ja.utf8 | 4 +- docs/manual/mod/mod_info.html.ko.euc-kr | 4 +- docs/manual/mod/mod_isapi.html.en | 4 +- docs/manual/mod/mod_isapi.html.fr | 4 +- docs/manual/mod/mod_isapi.html.ko.euc-kr | 4 +- docs/manual/mod/mod_lbmethod_bybusyness.html.en | 4 +- docs/manual/mod/mod_lbmethod_bybusyness.html.fr | 4 +- docs/manual/mod/mod_lbmethod_byrequests.html.en | 4 +- docs/manual/mod/mod_lbmethod_byrequests.html.fr | 4 +- docs/manual/mod/mod_lbmethod_bytraffic.html.en | 4 +- docs/manual/mod/mod_lbmethod_bytraffic.html.fr | 4 +- docs/manual/mod/mod_lbmethod_heartbeat.html.en | 4 +- docs/manual/mod/mod_lbmethod_heartbeat.html.fr | 4 +- docs/manual/mod/mod_ldap.html.en | 10 +- docs/manual/mod/mod_ldap.html.fr | 4 +- docs/manual/mod/mod_log_config.html.en | 6 +- docs/manual/mod/mod_log_config.html.fr | 6 +- docs/manual/mod/mod_log_config.html.ja.utf8 | 6 +- docs/manual/mod/mod_log_config.html.ko.euc-kr | 6 +- docs/manual/mod/mod_log_config.html.tr.utf8 | 5 +- docs/manual/mod/mod_log_debug.html.en | 4 +- docs/manual/mod/mod_log_debug.html.fr | 4 +- docs/manual/mod/mod_log_forensic.html.en | 4 +- docs/manual/mod/mod_log_forensic.html.fr | 4 +- docs/manual/mod/mod_log_forensic.html.ja.utf8 | 4 +- docs/manual/mod/mod_log_forensic.html.tr.utf8 | 4 +- docs/manual/mod/mod_logio.html.en | 4 +- docs/manual/mod/mod_logio.html.fr | 4 +- docs/manual/mod/mod_logio.html.ja.utf8 | 4 +- docs/manual/mod/mod_logio.html.ko.euc-kr | 4 +- docs/manual/mod/mod_logio.html.tr.utf8 | 4 +- docs/manual/mod/mod_lua.html.en | 25 +- docs/manual/mod/mod_lua.html.fr | 23 +- docs/manual/mod/mod_macro.html.en | 4 +- docs/manual/mod/mod_macro.html.fr | 4 +- docs/manual/mod/mod_mime.html.en | 4 +- docs/manual/mod/mod_mime.html.fr | 4 +- docs/manual/mod/mod_mime.html.ja.utf8 | 4 +- docs/manual/mod/mod_mime_magic.html.en | 4 +- docs/manual/mod/mod_mime_magic.html.fr | 4 +- docs/manual/mod/mod_negotiation.html.en | 6 +- docs/manual/mod/mod_negotiation.html.fr | 6 +- docs/manual/mod/mod_negotiation.html.ja.utf8 | 4 +- docs/manual/mod/mod_nw_ssl.html.en | 4 +- docs/manual/mod/mod_nw_ssl.html.fr | 4 +- docs/manual/mod/mod_privileges.html.en | 6 +- docs/manual/mod/mod_privileges.html.fr | 6 +- docs/manual/mod/mod_proxy.html.en | 22 +- docs/manual/mod/mod_proxy.html.fr | 12 +- docs/manual/mod/mod_proxy.html.ja.utf8 | 4 +- docs/manual/mod/mod_proxy_ajp.html.en | 4 +- docs/manual/mod/mod_proxy_ajp.html.fr | 6 +- docs/manual/mod/mod_proxy_ajp.html.ja.utf8 | 4 +- docs/manual/mod/mod_proxy_balancer.html.en | 4 +- docs/manual/mod/mod_proxy_balancer.html.fr | 4 +- docs/manual/mod/mod_proxy_balancer.html.ja.utf8 | 4 +- docs/manual/mod/mod_proxy_connect.html.en | 4 +- docs/manual/mod/mod_proxy_connect.html.fr | 4 +- docs/manual/mod/mod_proxy_connect.html.ja.utf8 | 4 +- docs/manual/mod/mod_proxy_express.html.en | 4 +- docs/manual/mod/mod_proxy_express.html.fr | 4 +- docs/manual/mod/mod_proxy_fcgi.html.en | 43 +- docs/manual/mod/mod_proxy_fcgi.html.fr | 4 +- docs/manual/mod/mod_proxy_fdpass.html.en | 4 +- docs/manual/mod/mod_proxy_fdpass.html.fr | 4 +- docs/manual/mod/mod_proxy_ftp.html.en | 4 +- docs/manual/mod/mod_proxy_ftp.html.fr | 4 +- docs/manual/mod/mod_proxy_hcheck.html | 5 + docs/manual/mod/mod_proxy_hcheck.html.en | 256 + docs/manual/mod/mod_proxy_html.html.en | 4 +- docs/manual/mod/mod_proxy_html.html.fr | 4 +- docs/manual/mod/mod_proxy_http.html.en | 4 +- docs/manual/mod/mod_proxy_http.html.fr | 4 +- docs/manual/mod/mod_proxy_http2.html | 5 + docs/manual/mod/mod_proxy_http2.html.en | 122 + docs/manual/mod/mod_proxy_scgi.html.en | 4 +- docs/manual/mod/mod_proxy_scgi.html.fr | 4 +- docs/manual/mod/mod_proxy_wstunnel.html.en | 4 +- docs/manual/mod/mod_ratelimit.html.en | 4 +- docs/manual/mod/mod_ratelimit.html.fr | 4 +- docs/manual/mod/mod_reflector.html.en | 4 +- docs/manual/mod/mod_reflector.html.fr | 4 +- docs/manual/mod/mod_remoteip.html.en | 4 +- docs/manual/mod/mod_remoteip.html.fr | 4 +- docs/manual/mod/mod_reqtimeout.html.en | 4 +- docs/manual/mod/mod_reqtimeout.html.fr | 4 +- docs/manual/mod/mod_request.html.en | 4 +- docs/manual/mod/mod_request.html.fr | 4 +- docs/manual/mod/mod_request.html.tr.utf8 | 4 +- docs/manual/mod/mod_rewrite.html.en | 96 +- docs/manual/mod/mod_rewrite.html.fr | 39 +- docs/manual/mod/mod_sed.html.en | 4 +- docs/manual/mod/mod_sed.html.fr | 4 +- docs/manual/mod/mod_session.html.en | 4 +- docs/manual/mod/mod_session.html.fr | 4 +- docs/manual/mod/mod_session_cookie.html.en | 4 +- docs/manual/mod/mod_session_cookie.html.fr | 4 +- docs/manual/mod/mod_session_crypto.html.en | 4 +- docs/manual/mod/mod_session_crypto.html.fr | 4 +- docs/manual/mod/mod_session_dbd.html.en | 4 +- docs/manual/mod/mod_session_dbd.html.fr | 4 +- docs/manual/mod/mod_setenvif.html.en | 4 +- docs/manual/mod/mod_setenvif.html.fr | 4 +- docs/manual/mod/mod_setenvif.html.ja.utf8 | 4 +- docs/manual/mod/mod_setenvif.html.ko.euc-kr | 4 +- docs/manual/mod/mod_setenvif.html.tr.utf8 | 4 +- docs/manual/mod/mod_slotmem_plain.html.en | 4 +- docs/manual/mod/mod_slotmem_plain.html.fr | 4 +- docs/manual/mod/mod_slotmem_shm.html.en | 4 +- docs/manual/mod/mod_slotmem_shm.html.fr | 4 +- docs/manual/mod/mod_so.html.en | 4 +- docs/manual/mod/mod_so.html.fr | 4 +- docs/manual/mod/mod_so.html.ja.utf8 | 4 +- docs/manual/mod/mod_so.html.ko.euc-kr | 4 +- docs/manual/mod/mod_so.html.tr.utf8 | 4 +- docs/manual/mod/mod_socache_dbm.html.en | 4 +- docs/manual/mod/mod_socache_dbm.html.fr | 4 +- docs/manual/mod/mod_socache_dc.html.en | 8 +- docs/manual/mod/mod_socache_dc.html.fr | 8 +- docs/manual/mod/mod_socache_memcache.html.en | 4 +- docs/manual/mod/mod_socache_memcache.html.fr | 4 +- docs/manual/mod/mod_socache_shmcb.html.en | 4 +- docs/manual/mod/mod_socache_shmcb.html.fr | 4 +- docs/manual/mod/mod_speling.html.en | 4 +- docs/manual/mod/mod_speling.html.fr | 4 +- docs/manual/mod/mod_speling.html.ja.utf8 | 4 +- docs/manual/mod/mod_speling.html.ko.euc-kr | 4 +- docs/manual/mod/mod_ssl.html.en | 114 +- docs/manual/mod/mod_ssl.html.fr | 108 +- docs/manual/mod/mod_status.html.en | 4 +- docs/manual/mod/mod_status.html.fr | 4 +- docs/manual/mod/mod_status.html.ja.utf8 | 4 +- docs/manual/mod/mod_status.html.ko.euc-kr | 4 +- docs/manual/mod/mod_status.html.tr.utf8 | 4 +- docs/manual/mod/mod_substitute.html.en | 18 +- docs/manual/mod/mod_substitute.html.fr | 18 +- docs/manual/mod/mod_suexec.html.en | 4 +- docs/manual/mod/mod_suexec.html.fr | 4 +- docs/manual/mod/mod_suexec.html.ja.utf8 | 4 +- docs/manual/mod/mod_suexec.html.ko.euc-kr | 4 +- docs/manual/mod/mod_suexec.html.tr.utf8 | 4 +- docs/manual/mod/mod_unique_id.html.en | 4 +- docs/manual/mod/mod_unique_id.html.fr | 4 +- docs/manual/mod/mod_unique_id.html.ja.utf8 | 4 +- docs/manual/mod/mod_unique_id.html.ko.euc-kr | 4 +- docs/manual/mod/mod_unixd.html.en | 4 +- docs/manual/mod/mod_unixd.html.fr | 4 +- docs/manual/mod/mod_unixd.html.tr.utf8 | 4 +- docs/manual/mod/mod_userdir.html.en | 10 +- docs/manual/mod/mod_userdir.html.fr | 10 +- docs/manual/mod/mod_userdir.html.ja.utf8 | 4 +- docs/manual/mod/mod_userdir.html.ko.euc-kr | 4 +- docs/manual/mod/mod_userdir.html.tr.utf8 | 5 +- docs/manual/mod/mod_usertrack.html.en | 4 +- docs/manual/mod/mod_usertrack.html.fr | 4 +- docs/manual/mod/mod_version.html.en | 4 +- docs/manual/mod/mod_version.html.ja.utf8 | 4 +- docs/manual/mod/mod_version.html.ko.euc-kr | 4 +- docs/manual/mod/mod_vhost_alias.html.en | 4 +- docs/manual/mod/mod_vhost_alias.html.fr | 4 +- docs/manual/mod/mod_vhost_alias.html.tr.utf8 | 4 +- docs/manual/mod/mod_watchdog.html.en | 4 +- docs/manual/mod/mod_xml2enc.html.en | 4 +- docs/manual/mod/mod_xml2enc.html.fr | 4 +- docs/manual/mod/module-dict.html.en | 2 +- docs/manual/mod/module-dict.html.fr | 2 +- docs/manual/mod/module-dict.html.ja.utf8 | 2 +- docs/manual/mod/module-dict.html.ko.euc-kr | 2 +- docs/manual/mod/module-dict.html.tr.utf8 | 2 +- docs/manual/mod/mpm_common.html.de | 4 +- docs/manual/mod/mpm_common.html.en | 16 +- docs/manual/mod/mpm_common.html.fr | 18 +- docs/manual/mod/mpm_common.html.ja.utf8 | 4 +- docs/manual/mod/mpm_common.html.tr.utf8 | 5 +- docs/manual/mod/mpm_netware.html.en | 4 +- docs/manual/mod/mpm_netware.html.fr | 4 +- docs/manual/mod/mpm_winnt.html.de | 4 +- docs/manual/mod/mpm_winnt.html.en | 4 +- docs/manual/mod/mpm_winnt.html.fr | 4 +- docs/manual/mod/mpm_winnt.html.ja.utf8 | 4 +- docs/manual/mod/mpmt_os2.html.en | 4 +- docs/manual/mod/mpmt_os2.html.fr | 4 +- docs/manual/mod/prefork.html.de | 4 +- docs/manual/mod/prefork.html.en | 4 +- docs/manual/mod/prefork.html.fr | 4 +- docs/manual/mod/prefork.html.ja.utf8 | 4 +- docs/manual/mod/prefork.html.tr.utf8 | 4 +- docs/manual/mod/quickreference.html.de | 748 +-- docs/manual/mod/quickreference.html.en | 748 +-- docs/manual/mod/quickreference.html.es | 758 +-- docs/manual/mod/quickreference.html.fr | 752 +-- docs/manual/mod/quickreference.html.ja.utf8 | 730 +-- docs/manual/mod/quickreference.html.ko.euc-kr | 744 +-- docs/manual/mod/quickreference.html.tr.utf8 | 748 +-- docs/manual/mod/quickreference.html.zh-cn.utf8 | 748 +-- docs/manual/mod/worker.html.de | 4 +- docs/manual/mod/worker.html.en | 4 +- docs/manual/mod/worker.html.fr | 4 +- docs/manual/mod/worker.html.ja.utf8 | 4 +- docs/manual/mod/worker.html.tr.utf8 | 4 +- docs/manual/mpm.html.de | 2 +- docs/manual/mpm.html.en | 2 +- docs/manual/mpm.html.es | 10 +- docs/manual/mpm.html.fr | 2 +- docs/manual/mpm.html.ja.utf8 | 2 +- docs/manual/mpm.html.ko.euc-kr | 2 +- docs/manual/mpm.html.tr.utf8 | 2 +- docs/manual/mpm.html.zh-cn.utf8 | 2 +- docs/manual/new_features_2_0.html.de | 2 +- docs/manual/new_features_2_0.html.en | 2 +- docs/manual/new_features_2_0.html.fr | 2 +- docs/manual/new_features_2_0.html.ja.utf8 | 2 +- docs/manual/new_features_2_0.html.ko.euc-kr | 2 +- docs/manual/new_features_2_0.html.pt-br | 2 +- docs/manual/new_features_2_0.html.ru.koi8-r | 2 +- docs/manual/new_features_2_0.html.tr.utf8 | 2 +- docs/manual/new_features_2_2.html.en | 2 +- docs/manual/new_features_2_2.html.fr | 2 +- docs/manual/new_features_2_2.html.ko.euc-kr | 2 +- docs/manual/new_features_2_2.html.pt-br | 2 +- docs/manual/new_features_2_2.html.tr.utf8 | 2 +- docs/manual/new_features_2_4.html.en | 2 +- docs/manual/new_features_2_4.html.fr | 2 +- docs/manual/new_features_2_4.html.tr.utf8 | 2 +- docs/manual/platform/ebcdic.html.en | 4 +- docs/manual/platform/ebcdic.html.ko.euc-kr | 4 +- docs/manual/platform/netware.html.en | 2 +- docs/manual/platform/netware.html.fr | 2 +- docs/manual/platform/netware.html.ko.euc-kr | 2 +- docs/manual/platform/rpm.html.en | 2 +- docs/manual/platform/win_compiling.html.en | 2 +- docs/manual/platform/win_compiling.html.fr | 2 +- docs/manual/platform/win_compiling.html.ko.euc-kr | 2 +- docs/manual/platform/windows.html.en | 2 +- docs/manual/platform/windows.html.fr | 2 +- docs/manual/platform/windows.html.ko.euc-kr | 2 +- docs/manual/programs/ab.html.en | 2 +- docs/manual/programs/ab.html.fr | 2 +- docs/manual/programs/ab.html.ko.euc-kr | 2 +- docs/manual/programs/ab.html.tr.utf8 | 2 +- docs/manual/programs/apachectl.html.en | 2 +- docs/manual/programs/apachectl.html.fr | 2 +- docs/manual/programs/apachectl.html.ko.euc-kr | 2 +- docs/manual/programs/apachectl.html.tr.utf8 | 2 +- docs/manual/programs/apxs.html.en | 2 +- docs/manual/programs/apxs.html.fr | 2 +- docs/manual/programs/apxs.html.ko.euc-kr | 2 +- docs/manual/programs/apxs.html.tr.utf8 | 2 +- docs/manual/programs/configure.html.en | 12 +- docs/manual/programs/configure.html.fr | 4 +- docs/manual/programs/configure.html.ko.euc-kr | 2 +- docs/manual/programs/configure.html.tr.utf8 | 3 +- docs/manual/programs/dbmmanage.html.en | 2 +- docs/manual/programs/dbmmanage.html.fr | 2 +- docs/manual/programs/dbmmanage.html.ko.euc-kr | 2 +- docs/manual/programs/dbmmanage.html.tr.utf8 | 2 +- docs/manual/programs/fcgistarter.html.en | 2 +- docs/manual/programs/fcgistarter.html.fr | 2 +- docs/manual/programs/fcgistarter.html.tr.utf8 | 2 +- docs/manual/programs/htcacheclean.html.en | 2 +- docs/manual/programs/htcacheclean.html.fr | 2 +- docs/manual/programs/htcacheclean.html.ko.euc-kr | 2 +- docs/manual/programs/htcacheclean.html.tr.utf8 | 2 +- docs/manual/programs/htdbm.html.en | 2 +- docs/manual/programs/htdbm.html.fr | 2 +- docs/manual/programs/htdbm.html.tr.utf8 | 2 +- docs/manual/programs/htdigest.html.en | 2 +- docs/manual/programs/htdigest.html.fr | 2 +- docs/manual/programs/htdigest.html.ko.euc-kr | 2 +- docs/manual/programs/htdigest.html.tr.utf8 | 2 +- docs/manual/programs/htpasswd.html.en | 2 +- docs/manual/programs/htpasswd.html.fr | 2 +- docs/manual/programs/htpasswd.html.ko.euc-kr | 2 +- docs/manual/programs/htpasswd.html.tr.utf8 | 2 +- docs/manual/programs/httpd.html.en | 2 +- docs/manual/programs/httpd.html.fr | 2 +- docs/manual/programs/httpd.html.ko.euc-kr | 2 +- docs/manual/programs/httpd.html.tr.utf8 | 2 +- docs/manual/programs/httxt2dbm.html.en | 2 +- docs/manual/programs/httxt2dbm.html.fr | 2 +- docs/manual/programs/httxt2dbm.html.tr.utf8 | 2 +- docs/manual/programs/index.html.es | 73 +- docs/manual/programs/logresolve.html.en | 2 +- docs/manual/programs/logresolve.html.fr | 2 +- docs/manual/programs/logresolve.html.ko.euc-kr | 2 +- docs/manual/programs/logresolve.html.tr.utf8 | 2 +- docs/manual/programs/other.html.ko.euc-kr | 2 +- docs/manual/programs/rotatelogs.html.en | 2 +- docs/manual/programs/rotatelogs.html.fr | 2 +- docs/manual/programs/rotatelogs.html.ko.euc-kr | 2 +- docs/manual/programs/rotatelogs.html.tr.utf8 | 2 +- docs/manual/programs/suexec.html.en | 2 +- docs/manual/programs/suexec.html.ko.euc-kr | 2 +- docs/manual/programs/suexec.html.tr.utf8 | 2 +- docs/manual/rewrite/access.html.en | 14 +- docs/manual/rewrite/access.html.fr | 16 +- docs/manual/rewrite/advanced.html.en | 2 +- docs/manual/rewrite/advanced.html.fr | 2 +- docs/manual/rewrite/avoid.html.en | 2 +- docs/manual/rewrite/avoid.html.fr | 2 +- docs/manual/rewrite/flags.html.en | 2 +- docs/manual/rewrite/flags.html.fr | 2 +- docs/manual/rewrite/htaccess.html.en | 2 +- docs/manual/rewrite/htaccess.html.fr | 2 +- docs/manual/rewrite/intro.html.en | 2 +- docs/manual/rewrite/intro.html.fr | 2 +- docs/manual/rewrite/proxy.html.en | 2 +- docs/manual/rewrite/proxy.html.fr | 2 +- docs/manual/rewrite/remapping.html.en | 2 +- docs/manual/rewrite/remapping.html.fr | 2 +- docs/manual/rewrite/rewritemap.html.en | 175 +- docs/manual/rewrite/rewritemap.html.fr | 134 +- docs/manual/rewrite/tech.html.en | 2 +- docs/manual/rewrite/tech.html.fr | 2 +- docs/manual/rewrite/vhosts.html.en | 2 +- docs/manual/rewrite/vhosts.html.fr | 2 +- docs/manual/sections.html.en | 2 +- docs/manual/sections.html.fr | 2 +- docs/manual/sections.html.ja.utf8 | 2 +- docs/manual/sections.html.ko.euc-kr | 2 +- docs/manual/sections.html.tr.utf8 | 2 +- docs/manual/server-wide.html.en | 2 +- docs/manual/server-wide.html.fr | 2 +- docs/manual/server-wide.html.ja.utf8 | 2 +- docs/manual/server-wide.html.ko.euc-kr | 2 +- docs/manual/server-wide.html.tr.utf8 | 2 +- docs/manual/sitemap.html.de | 2 + docs/manual/sitemap.html.en | 2 + docs/manual/sitemap.html.es | 10 +- docs/manual/sitemap.html.fr | 2 + docs/manual/sitemap.html.ja.utf8 | 2 + docs/manual/sitemap.html.ko.euc-kr | 2 + docs/manual/sitemap.html.tr.utf8 | 2 + docs/manual/sitemap.html.zh-cn.utf8 | 2 + docs/manual/socache.html.en | 2 +- docs/manual/socache.html.fr | 2 +- docs/manual/ssl/ssl_compat.html.en | 2 +- docs/manual/ssl/ssl_compat.html.fr | 2 +- docs/manual/ssl/ssl_faq.html.en | 2 +- docs/manual/ssl/ssl_faq.html.fr | 2 +- docs/manual/ssl/ssl_howto.html.en | 2 +- docs/manual/ssl/ssl_howto.html.fr | 2 +- docs/manual/ssl/ssl_intro.html.en | 2 +- docs/manual/ssl/ssl_intro.html.fr | 2 +- docs/manual/ssl/ssl_intro.html.ja.utf8 | 2 +- docs/manual/stopping.html.de | 2 +- docs/manual/stopping.html.en | 2 +- docs/manual/stopping.html.es | 10 +- docs/manual/stopping.html.fr | 8 +- docs/manual/stopping.html.ja.utf8 | 2 +- docs/manual/stopping.html.ko.euc-kr | 2 +- docs/manual/stopping.html.tr.utf8 | 2 +- docs/manual/style/version.ent | 2 +- docs/manual/suexec.html.en | 2 +- docs/manual/suexec.html.fr | 2 +- docs/manual/suexec.html.ja.utf8 | 2 +- docs/manual/suexec.html.ko.euc-kr | 2 +- docs/manual/suexec.html.tr.utf8 | 2 +- docs/manual/upgrading.html.en | 58 +- docs/manual/upgrading.html.fr | 75 +- docs/manual/urlmapping.html.en | 8 +- docs/manual/urlmapping.html.fr | 8 +- docs/manual/urlmapping.html.ja.utf8 | 2 +- docs/manual/urlmapping.html.ko.euc-kr | 2 +- docs/manual/urlmapping.html.tr.utf8 | 3 +- docs/manual/vhosts/details.html.en | 2 +- docs/manual/vhosts/details.html.fr | 2 +- docs/manual/vhosts/details.html.ko.euc-kr | 2 +- docs/manual/vhosts/details.html.tr.utf8 | 2 +- docs/manual/vhosts/examples.html.en | 48 +- docs/manual/vhosts/examples.html.fr | 40 +- docs/manual/vhosts/examples.html.ja.utf8 | 2 +- docs/manual/vhosts/examples.html.ko.euc-kr | 2 +- docs/manual/vhosts/examples.html.tr.utf8 | 3 +- docs/manual/vhosts/ip-based.html.en | 2 +- docs/manual/vhosts/ip-based.html.fr | 2 +- docs/manual/vhosts/ip-based.html.ja.utf8 | 2 +- docs/manual/vhosts/ip-based.html.ko.euc-kr | 2 +- docs/manual/vhosts/ip-based.html.tr.utf8 | 2 +- docs/manual/vhosts/mass.html.en | 2 +- docs/manual/vhosts/mass.html.fr | 2 +- docs/manual/vhosts/mass.html.ko.euc-kr | 2 +- docs/manual/vhosts/mass.html.tr.utf8 | 2 +- docs/manual/vhosts/name-based.html.de | 2 +- docs/manual/vhosts/name-based.html.en | 2 +- docs/manual/vhosts/name-based.html.fr | 2 +- docs/manual/vhosts/name-based.html.ja.utf8 | 2 +- docs/manual/vhosts/name-based.html.ko.euc-kr | 2 +- docs/manual/vhosts/name-based.html.tr.utf8 | 2 +- httpd.spec | 2 +- include/ap_listen.h | 2 +- include/ap_mmn.h | 21 +- include/ap_release.h | 2 +- include/http_core.h | 3 + include/httpd.h | 50 +- modules/aaa/mod_access_compat.mak | 4 +- modules/aaa/mod_allowmethods.mak | 4 +- modules/aaa/mod_auth_basic.mak | 4 +- modules/aaa/mod_auth_digest.mak | 4 +- modules/aaa/mod_auth_form.mak | 4 +- modules/aaa/mod_authn_anon.mak | 4 +- modules/aaa/mod_authn_core.mak | 4 +- modules/aaa/mod_authn_dbd.mak | 4 +- modules/aaa/mod_authn_dbm.mak | 4 +- modules/aaa/mod_authn_file.mak | 4 +- modules/aaa/mod_authn_socache.mak | 4 +- modules/aaa/mod_authnz_fcgi.mak | 4 +- modules/aaa/mod_authnz_ldap.mak | 4 +- modules/aaa/mod_authz_core.mak | 4 +- modules/aaa/mod_authz_dbd.mak | 4 +- modules/aaa/mod_authz_dbm.mak | 4 +- modules/aaa/mod_authz_groupfile.mak | 4 +- modules/aaa/mod_authz_host.c | 1 + modules/aaa/mod_authz_host.mak | 4 +- modules/aaa/mod_authz_owner.mak | 4 +- modules/aaa/mod_authz_user.mak | 4 +- modules/arch/win32/mod_isapi.mak | 4 +- modules/cache/cache_util.c | 35 +- modules/cache/mod_cache.mak | 4 +- modules/cache/mod_cache_disk.mak | 4 +- modules/cache/mod_cache_socache.mak | 4 +- modules/cache/mod_file_cache.mak | 4 +- modules/cache/mod_socache_dbm.mak | 4 +- modules/cache/mod_socache_dc.mak | 4 +- modules/cache/mod_socache_memcache.mak | 4 +- modules/cache/mod_socache_shmcb.mak | 4 +- modules/cluster/mod_heartbeat.mak | 4 +- modules/cluster/mod_heartmonitor.mak | 4 +- modules/core/config.m4 | 2 +- modules/core/mod_macro.mak | 4 +- modules/core/mod_watchdog.mak | 4 +- modules/database/mod_dbd.mak | 4 +- modules/dav/fs/mod_dav_fs.mak | 4 +- modules/dav/lock/mod_dav_lock.mak | 4 +- modules/dav/main/mod_dav.c | 6 + modules/dav/main/mod_dav.h | 1 + modules/dav/main/mod_dav.mak | 4 +- modules/debugging/mod_bucketeer.mak | 4 +- modules/debugging/mod_dumpio.mak | 4 +- modules/echo/mod_echo.mak | 4 +- modules/examples/mod_case_filter.mak | 4 +- modules/examples/mod_case_filter_in.mak | 4 +- modules/examples/mod_example_hooks.mak | 4 +- modules/examples/mod_example_ipc.mak | 4 +- modules/filters/mod_buffer.mak | 4 +- modules/filters/mod_charset_lite.mak | 4 +- modules/filters/mod_data.mak | 4 +- modules/filters/mod_deflate.mak | 4 +- modules/filters/mod_ext_filter.mak | 4 +- modules/filters/mod_filter.mak | 4 +- modules/filters/mod_include.c | 10 + modules/filters/mod_include.mak | 4 +- modules/filters/mod_proxy_html.mak | 4 +- modules/filters/mod_ratelimit.mak | 4 +- modules/filters/mod_reflector.mak | 4 +- modules/filters/mod_reqtimeout.mak | 4 +- modules/filters/mod_request.mak | 4 +- modules/filters/mod_sed.mak | 4 +- modules/filters/mod_substitute.mak | 4 +- modules/filters/mod_xml2enc.mak | 4 +- modules/filters/sed0.c | 4 +- modules/filters/sed1.c | 1 + modules/generators/mod_asis.mak | 4 +- modules/generators/mod_autoindex.mak | 4 +- modules/generators/mod_cgi.mak | 4 +- modules/generators/mod_info.mak | 4 +- modules/generators/mod_status.mak | 4 +- modules/http/http_core.c | 4 +- modules/http/http_protocol.c | 28 +- modules/http/mod_mime.mak | 4 +- modules/http2/NWGNUmakefile | 2 +- modules/http2/NWGNUmod_http2 | 15 +- modules/http2/NWGNUproxyht2 | 287 + modules/http2/config2.m4 | 34 +- modules/http2/h2.h | 3 + modules/http2/h2_bucket_beam.c | 1015 ++++ modules/http2/h2_bucket_beam.h | 363 ++ modules/http2/h2_bucket_eoc.c | 1 + modules/http2/h2_bucket_eos.c | 14 +- modules/http2/h2_conn.c | 1 + modules/http2/h2_conn_io.c | 333 +- modules/http2/h2_conn_io.h | 27 +- modules/http2/h2_ctx.c | 1 - modules/http2/h2_filter.c | 72 +- modules/http2/h2_filter.h | 28 +- modules/http2/h2_from_h1.c | 28 +- modules/http2/h2_from_h1.h | 3 + modules/http2/h2_h2.c | 9 +- modules/http2/h2_int_queue.c | 187 - modules/http2/h2_int_queue.h | 108 - modules/http2/h2_io.c | 453 -- modules/http2/h2_io.h | 175 - modules/http2/h2_io_set.c | 159 - modules/http2/h2_io_set.h | 53 - modules/http2/h2_mplx.c | 1432 +++-- modules/http2/h2_mplx.h | 121 +- modules/http2/h2_ngn_shed.c | 32 +- modules/http2/h2_proxy_session.c | 1368 +++++ modules/http2/h2_proxy_session.h | 111 + modules/http2/h2_proxy_util.c | 705 +++ modules/http2/h2_proxy_util.h | 181 + modules/http2/h2_push.c | 6 +- modules/http2/h2_push.h | 2 +- modules/http2/h2_request.c | 170 +- modules/http2/h2_request.h | 17 +- modules/http2/h2_response.c | 3 +- modules/http2/h2_session.c | 899 +-- modules/http2/h2_session.h | 21 +- modules/http2/h2_stream.c | 507 +- modules/http2/h2_stream.h | 69 +- modules/http2/h2_task.c | 568 +- modules/http2/h2_task.h | 63 +- modules/http2/h2_task_input.c | 228 - modules/http2/h2_task_input.h | 46 - modules/http2/h2_task_output.c | 176 - modules/http2/h2_task_output.h | 50 - modules/http2/h2_task_queue.c | 177 - modules/http2/h2_task_queue.h | 97 - modules/http2/h2_util.c | 865 +-- modules/http2/h2_util.h | 209 +- modules/http2/h2_version.h | 4 +- modules/http2/h2_worker.c | 47 +- modules/http2/h2_worker.h | 12 +- modules/http2/h2_workers.c | 6 +- modules/http2/mod_h2.h | 19 - modules/http2/mod_http2.c | 23 +- modules/http2/mod_http2.dep | 33 +- modules/http2/mod_http2.dsp | 24 +- modules/http2/mod_http2.mak | 58 +- modules/http2/mod_proxy_http2.c | 650 ++ modules/http2/mod_proxy_http2.dep | 208 + modules/http2/mod_proxy_http2.dsp | 119 + modules/http2/mod_proxy_http2.h | 20 + modules/http2/mod_proxy_http2.mak | 427 ++ modules/ldap/mod_ldap.mak | 4 +- modules/loggers/mod_log_config.mak | 4 +- modules/loggers/mod_log_debug.mak | 4 +- modules/loggers/mod_log_forensic.mak | 4 +- modules/loggers/mod_logio.mak | 4 +- modules/lua/mod_lua.mak | 4 +- modules/mappers/mod_actions.mak | 4 +- modules/mappers/mod_alias.mak | 4 +- modules/mappers/mod_dir.mak | 4 +- modules/mappers/mod_imagemap.mak | 4 +- modules/mappers/mod_negotiation.mak | 4 +- modules/mappers/mod_rewrite.c | 8 + modules/mappers/mod_rewrite.mak | 4 +- modules/mappers/mod_speling.mak | 4 +- modules/mappers/mod_userdir.c | 8 +- modules/mappers/mod_userdir.mak | 4 +- modules/mappers/mod_vhost_alias.mak | 4 +- modules/metadata/mod_cern_meta.mak | 4 +- modules/metadata/mod_env.mak | 4 +- modules/metadata/mod_expires.mak | 4 +- modules/metadata/mod_headers.mak | 4 +- modules/metadata/mod_ident.mak | 4 +- modules/metadata/mod_mime_magic.mak | 4 +- modules/metadata/mod_remoteip.mak | 4 +- modules/metadata/mod_setenvif.mak | 4 +- modules/metadata/mod_unique_id.mak | 4 +- modules/metadata/mod_usertrack.mak | 4 +- modules/metadata/mod_version.mak | 4 +- modules/proxy/NWGNUmakefile | 1 + modules/proxy/balancers/config2.m4 | 8 +- .../proxy/balancers/mod_lbmethod_bybusyness.mak | 4 +- .../proxy/balancers/mod_lbmethod_byrequests.mak | 4 +- modules/proxy/balancers/mod_lbmethod_bytraffic.mak | 4 +- modules/proxy/balancers/mod_lbmethod_heartbeat.mak | 4 +- modules/proxy/config.m4 | 46 +- modules/proxy/mod_proxy.c | 60 +- modules/proxy/mod_proxy.h | 79 +- modules/proxy/mod_proxy.mak | 4 +- modules/proxy/mod_proxy_ajp.mak | 4 +- modules/proxy/mod_proxy_balancer.c | 196 +- modules/proxy/mod_proxy_balancer.mak | 4 +- modules/proxy/mod_proxy_connect.mak | 4 +- modules/proxy/mod_proxy_express.mak | 4 +- modules/proxy/mod_proxy_fcgi.c | 25 +- modules/proxy/mod_proxy_fcgi.mak | 4 +- modules/proxy/mod_proxy_ftp.mak | 4 +- modules/proxy/mod_proxy_hcheck.c | 1175 ++++ modules/proxy/mod_proxy_http.mak | 4 +- modules/proxy/mod_proxy_scgi.c | 5 +- modules/proxy/mod_proxy_scgi.mak | 4 +- modules/proxy/mod_proxy_wstunnel.mak | 4 +- modules/proxy/proxy_util.c | 78 +- modules/session/mod_session.mak | 4 +- modules/session/mod_session_cookie.mak | 4 +- modules/session/mod_session_crypto.mak | 4 +- modules/session/mod_session_dbd.mak | 4 +- modules/slotmem/mod_slotmem_plain.mak | 4 +- modules/slotmem/mod_slotmem_shm.mak | 4 +- modules/ssl/mod_ssl.c | 4 +- modules/ssl/mod_ssl.mak | 4 +- modules/ssl/ssl_engine_config.c | 39 +- modules/ssl/ssl_engine_init.c | 12 +- modules/ssl/ssl_engine_io.c | 42 +- modules/ssl/ssl_engine_kernel.c | 22 +- modules/ssl/ssl_private.h | 14 +- os/win32/BaseAddr.ref | 1 + server/config.c | 76 +- server/core.c | 69 +- server/main.c | 5 + server/mpm/event/event.c | 37 +- server/mpm/winnt/child.c | 11 +- server/mpm/worker/worker.c | 39 +- server/protocol.c | 2 +- server/scoreboard.c | 92 +- server/util.c | 180 +- server/util_script.c | 15 +- support/ab.c | 68 +- support/ab.mak | 4 +- support/abs.mak | 4 +- support/fcgistarter.mak | 4 +- support/htcacheclean.mak | 4 +- support/htdbm.mak | 4 +- support/htdigest.mak | 4 +- support/htpasswd.mak | 4 +- support/httxt2dbm.mak | 4 +- support/logresolve.mak | 4 +- support/rotatelogs.mak | 4 +- support/win32/ApacheMonitor.c | 2 + support/win32/wintty.mak | 4 +- 974 files changed, 22003 insertions(+), 12287 deletions(-) create mode 100644 docs/manual/faq/index.html.es create mode 100644 docs/manual/howto/http2.html create mode 100644 docs/manual/howto/http2.html.en create mode 100644 docs/manual/mod/mod_proxy_hcheck.html create mode 100644 docs/manual/mod/mod_proxy_hcheck.html.en create mode 100644 docs/manual/mod/mod_proxy_http2.html create mode 100644 docs/manual/mod/mod_proxy_http2.html.en create mode 100644 modules/http2/NWGNUproxyht2 create mode 100644 modules/http2/h2_bucket_beam.c create mode 100644 modules/http2/h2_bucket_beam.h delete mode 100644 modules/http2/h2_int_queue.c delete mode 100644 modules/http2/h2_int_queue.h delete mode 100644 modules/http2/h2_io.c delete mode 100644 modules/http2/h2_io.h delete mode 100644 modules/http2/h2_io_set.c delete mode 100644 modules/http2/h2_io_set.h create mode 100644 modules/http2/h2_proxy_session.c create mode 100644 modules/http2/h2_proxy_session.h create mode 100644 modules/http2/h2_proxy_util.c create mode 100644 modules/http2/h2_proxy_util.h delete mode 100644 modules/http2/h2_task_input.c delete mode 100644 modules/http2/h2_task_input.h delete mode 100644 modules/http2/h2_task_output.c delete mode 100644 modules/http2/h2_task_output.h delete mode 100644 modules/http2/h2_task_queue.c delete mode 100644 modules/http2/h2_task_queue.h delete mode 100644 modules/http2/mod_h2.h create mode 100644 modules/http2/mod_proxy_http2.c create mode 100644 modules/http2/mod_proxy_http2.dep create mode 100644 modules/http2/mod_proxy_http2.dsp create mode 100644 modules/http2/mod_proxy_http2.h create mode 100644 modules/http2/mod_proxy_http2.mak create mode 100644 modules/proxy/mod_proxy_hcheck.c (limited to 'support/ab.c') diff --git a/Apache-apr2.dsw b/Apache-apr2.dsw index 3fbc62d2..2b659793 100644 --- a/Apache-apr2.dsw +++ b/Apache-apr2.dsw @@ -2348,6 +2348,30 @@ Package=<4> ############################################################################### +Project: "mod_proxy_http2"=.\modules\http2\mod_proxy_http2.dsp - Package Owner=<4> + +Package=<5> +{{{ +}}} + +Package=<4> +{{{ + Begin Project Dependency + Project_Dep_Name libapr + End Project Dependency + Begin Project Dependency + Project_Dep_Name libhttpd + End Project Dependency + Begin Project Dependency + Project_Dep_Name mod_http2 + End Project Dependency + Begin Project Dependency + Project_Dep_Name mod_proxy + End Project Dependency +}}} + +############################################################################### + Project: "mod_proxy_scgi"=.\modules\proxy\mod_proxy_scgi.dsp - Package Owner=<4> Package=<5> diff --git a/Apache.dsw b/Apache.dsw index a77b870a..20259d25 100644 --- a/Apache.dsw +++ b/Apache.dsw @@ -2759,6 +2759,33 @@ Package=<4> ############################################################################### +Project: "mod_proxy_http2"=.\modules\http2\mod_proxy_http2.dsp - Package Owner=<4> + +Package=<5> +{{{ +}}} + +Package=<4> +{{{ + Begin Project Dependency + Project_Dep_Name libapr + End Project Dependency + Begin Project Dependency + Project_Dep_Name libaprutil + End Project Dependency + Begin Project Dependency + Project_Dep_Name libhttpd + End Project Dependency + Begin Project Dependency + Project_Dep_Name mod_http2 + End Project Dependency + Begin Project Dependency + Project_Dep_Name mod_proxy + End Project Dependency +}}} + +############################################################################### + Project: "mod_proxy_scgi"=.\modules\proxy\mod_proxy_scgi.dsp - Package Owner=<4> Package=<5> diff --git a/CHANGES b/CHANGES index 65c8b54a..cc2f3405 100644 --- a/CHANGES +++ b/CHANGES @@ -1,7 +1,160 @@ -*- coding: utf-8 -*- +Changes with Apache 2.4.23 + + *) mod_ssl: reset client-verify state of ssl when aborting renegotiations. + [Erki Aring , Stefan Eissing] + + *) mod_sed: Fix 'x' command processing. [Christophe Jaillet] + + *) configure: Fix ./configure edge-case failures around dependencies + of mod_proxy_hcheck. [William Rowe, Ruediger Pluem, Jeff Trawick] + +Changes with Apache 2.4.22 + + *) mod_http2: fix for request abort when connections drops, introduced in + 1.5.8 + +Changes with Apache 2.4.21 + + *) mod_http2: more rigid error handling in DATA frame assembly, leading + to deterministic connection errors if assembly fails. + [Stefan Eissing, Pal Nilsen ] + + *) abs: Include OPENSSL_Applink when compiling on Windows, to resolve + failures under Visual Studio 2015 and other mismatched MSVCRT flavors. + PR59630 [Jan Ehrhardt ] + + *) mod_ssl: Add "no_crl_for_cert_ok" flag to SSLCARevocationCheck directive + to opt-in previous behaviour (2.2) with CRLs verification when checking + certificate(s) with no corresponding CRL. [Yann Ylavic] + + *) mpm_event, mpm_worker: Fix computation of MinSpareThreads' lower bound + according the number of listeners buckets. [Yann Ylavic] + + *) Add ap_cstr_casecmp[n]() - placeholder of apr_cstr_casecmp[n] functions + for case-insensitive C/POSIX-locale token comparison. + [Jim Jagielski, William Rowe, Yann Ylavic, Branko Čibej] + + *) mod_userdir: Constify and save a few bytes in the conf pool when + parsing the "UserDir" directive. [Christophe Jaillet] + + *) mod_cache: Fix (max-stale with no '=') and enforce (check + integers after '=') Cache-Control header parsing. + [Christophe Jaillet] + + *) core: Add -DDUMP_INCLUDES configtest option to show the tree + of Included configuration files. + [Jacob Champion ] + + *) mod_proxy_fcgi: Avoid passing a filename of proxy:fcgi:// as + SCRIPT_FILENAME to a FastCGI server. PR59618. + [Jacob Champion ] + + *) mod_dav: Add dav_get_provider_name() function to obtain the name + of the provider from mod_dav. + [Jari Urpalainen ] + + *) mod_proxy_http2: properly care for HTTP2 flow control of the frontend + connection is HTTP/1.1. [Patch supplied by Evgeny Kotkov] + + *) mod_http2: improved cleanup of connection/streams/tasks to always + have deterministic order regardless of event initiating it. Addresses + reported crashes due to memory read after free issues. + [Stefan Eissing] + + *) mod_ssl: Correct the interaction between SSLProxyCheckPeerCN and newer + SSLProxyCheckPeerName directives since release 2.4.5, such that disabling + either disables both, and that enabling either triggers the new, more + comprehensive SSLProxyCheckPeerName behavior. Only a single configuration + remains to enable the legacy behavior, which is to explicitly disable + SSLProxyCheckPeerName, and enable SSLProxyCheckPeerCN. [William Rowe] + + *) mod_include: add the -Respuestas de error personalizadas - Servidor HTTP Apache Versin 2.4 +Respuestas de error personalizadas - Servidor Apache HTTP Versin 2.4 @@ -16,7 +16,7 @@

    -

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa de este sitio web

    +

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa del sitio web

    Versin 2.4 del Servidor HTTP Apache

    <-
    @@ -50,7 +50,7 @@ +

    Consulte tambin

    top

    Comportamiento

    @@ -244,8 +244,8 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/custom-error.html'; } })(window, document); //-->
    + + +
    +

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa del sitio web

    +

    Versin 2.4 del Servidor HTTP Apache

    +
    +
    <-
    +

    Preguntas Frecuentes

    +
    +

    Idiomas disponibles:  en  | + es  | + fr  | + tr  | + zh-cn 

    +
    + + +

    Las preguntas frecuentes se han movido a la Wiki de HTTP Server (en Ingls).

    +
    +
    +
    +

    Idiomas disponibles:  en  | + es  | + fr  | + tr  | + zh-cn 

    +
    + \ No newline at end of file diff --git a/docs/manual/faq/index.html.fr b/docs/manual/faq/index.html.fr index a27f3f65..fc5c375e 100644 --- a/docs/manual/faq/index.html.fr +++ b/docs/manual/faq/index.html.fr @@ -24,6 +24,7 @@ Apache > Serveur HTTP > Documentation > Version 2.4

    Foire aux questions

    Langues Disponibles:  en  | + es  |  fr  |  tr  |  zh-cn 

    @@ -35,6 +36,7 @@

    Langues Disponibles:  en  | + es  |  fr  |  tr  |  zh-cn 

    diff --git a/docs/manual/faq/index.html.tr.utf8 b/docs/manual/faq/index.html.tr.utf8 index 4c8a7cca..2ea8f9e7 100644 --- a/docs/manual/faq/index.html.tr.utf8 +++ b/docs/manual/faq/index.html.tr.utf8 @@ -24,6 +24,7 @@ Apache > HTTP Sunucusu > Belgeleme > Sürüm 2.4

    Sıkça Sorulan Sorular

    Mevcut Diller:  en  | + es  |  fr  |  tr  |  zh-cn 

    @@ -35,6 +36,7 @@

    Mevcut Diller:  en  | + es  |  fr  |  tr  |  zh-cn 

    diff --git a/docs/manual/faq/index.html.zh-cn.utf8 b/docs/manual/faq/index.html.zh-cn.utf8 index 91ab6038..ba7aaf40 100644 --- a/docs/manual/faq/index.html.zh-cn.utf8 +++ b/docs/manual/faq/index.html.zh-cn.utf8 @@ -24,6 +24,7 @@ Apache > HTTP 服务器 > 文档 > 版本 2.4

    常见问题

    可用语言:  en  | + es  |  fr  |  tr  |  zh-cn 

    @@ -34,6 +35,7 @@

    可用语言:  en  | + es  |  fr  |  tr  |  zh-cn 

    diff --git a/docs/manual/filter.html.en b/docs/manual/filter.html.en index 6a29fe87..a8004487 100644 --- a/docs/manual/filter.html.en +++ b/docs/manual/filter.html.en @@ -37,7 +37,7 @@
  • Smart Filtering
  • Exposing Filters as an HTTP Service
  • Using Filters
    • -
    +

    See also

    top

    Filtering in Apache 2

    diff --git a/docs/manual/filter.html.es b/docs/manual/filter.html.es index 6b26c115..4cb38dc7 100644 --- a/docs/manual/filter.html.es +++ b/docs/manual/filter.html.es @@ -7,7 +7,7 @@ This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> -Filtros - Servidor HTTP Apache Versin 2.4 +Filtros - Servidor Apache HTTP Versin 2.4 @@ -16,7 +16,7 @@
    -

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa de este sitio web

    +

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa del sitio web

    Versin 2.4 del Servidor HTTP Apache

    <-
    @@ -100,8 +100,8 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/filter.html'; } })(window, document); //-->
    + + +
    +

    Modules | Directives | FAQ | Glossary | Sitemap

    +

    Apache HTTP Server Version 2.4

    +
    +
    <-
    +

    HTTP/2 guide

    +
    +

    Available Languages:  en  | + fr  | + ja  | + ko  | + tr 

    +
    + +

    This is the howto guide for the HTTP/2 implementation in Apache httpd. This + feature is experimental and you may expect interfaces and directives to + change between releases. +

    +
    + +
    top
    +
    +

    The HTTP/2 protocol

    + +

    HTTP/2 is the evolution of the world's most successful application layer protocol, HTTP. + It focuses on making more efficient use of network resources. It does not change the fundamentals + of HTTP, the semantics. There are still request and responses and headers and all that. So, if + you already know HTTP/1, you know 95% about HTTP/2 as well.

    +

    There has been a lot written about HTTP/2 and how it works. The most normative is, of course, + its RFC 7540 + (also available in more readable formatting, YMMV). + So, there you'll find the nuts and bolts.

    +

    But, as RFC do, it's not really a good thing to read first. It's better to first understand + what a thing wants to do and then read the RFC about how it is done. A much + better document to start with is http2 explained + by Daniel Stenberg, the author of curl. It is available in + an ever growing list of languages, too!

    +

    Too Long, Didn't read: there are some new terms and gotchas that need to be kept in mind while reading this document:

    +
      +
    • HTTP/2 is a binary protocol, as opposed to HTTP 1.1 that is plain text. The latter is meant to be human readable (for example sniffing network traffic) meanwhile the former is not. More info in the official FAQ question.
      • +
    • h2 is HTTP/2 over TLS (protocol negotiation via ALPN).
      • +
    • h2c is HTTP/2 over TCP.
      • +
    • A frame is the smallest unit of communication within an HTTP/2 connection, consisting of a header and a variable-length sequence of octets structured according to the frame type. More info in the official documentation section.
      • +
    • A stream is a bidirectional flow of frames within the HTTP/2 connection. The correspondent concept in HTTP 1.1 is a request/response message exchange. More info in the official documentation section.
      • +
    • HTTP/2 is able to run multiple streams of data over the same TCP connection, avoiding the classic HTTP 1.1 head of blocking slow request and avoiding to re-instantiate TCP connections for each request/response (KeepAlive patched the problem in HTTP 1.1 but did not fully solve it).
      • +
    +
    top
    +
    +

    HTTP/2 in Apache httpd

    + +

    The HTTP/2 protocol is implemented by its own httpd module, aptly named + mod_http2. It implements the complete set + of features described by RFC 7540 and supports HTTP/2 over cleartext (http:), as + well as secure (https:) connections. The cleartext variant is named 'h2c', + the secure one 'h2'. For h2c it allows the direct + mode and the Upgrade: via an initial HTTP/1 request.

    +

    One feature of HTTP/2 that offers new capabilities for web developers is + Server Push. See that section on how your web application + can make use of it.

    +
    top
    +
    +

    Build httpd with HTTP/2 support

    + +

    mod_http2 uses the library of nghttp2 + as its implementation base. In order to build mod_http2 you need at least version 1.2.1 of + libnghttp2 installed on your system.

    +

    When you ./configure you Apache httpd source tree, you need to give it + '--enable-http2' as additional argument to trigger the build of the module. + Should your libnghttp2 reside in an unusual place (whatever that is on your + operating system), you may announce its location with '--with-nghttp2=<path>' + to configure.

    +

    While that should do the trick for most, they are people who might prefer a statically + linked nghttp2 in this module. For those, the option --enable-nghttp2-staticlib-deps + exists. It works quite similar to how one statically links openssl to mod_ssl.

    +

    Speaking of SSL, you need to be aware that most browsers will speak HTTP/2 only on https: + URLs, so you need a server with SSL support. But not only that, you will need a SSL library + that supports the ALPN extension. If OpenSSL is the library you use, you need + at least version 1.0.2.

    +
    top
    +
    +

    Basic Configuration

    + + +

    When you have a httpd built with mod_http2 you need some + basic configuration for it becoming active. The first thing, as with every Apache module, + is that you need to load it:

    + 
    LoadModule http2_module modules/mod_http2.so
    + + +

    The second directive you need to add to your server configuration is

    + 
    Protocols h2 http/1.1
    + +

    This allows h2, the secure variant, to be the preferred protocol on your server + connections. When you want to enable all HTTP/2 variants, you simply write:

    + 
    Protocols h2 h2c http/1.1
    + +

    Depending on where you put this directive, it affects all connections or just + the ones to a certain virtual host. You can nest it, as in:

    + 
    Protocols http/1.1
+<VirtualHost ...>
+    ServerName test.example.org
+    Protocols h2 http/1.1
+</VirtualHost>
    + + +

    This allows only HTTP/1 on connections, except SSL connections to test.example.org + which offer HTTP/2.

    +

    Choose a strong SSLCipherSuite

    +

    The SSLCipherSuite needs to be configured with a strong TLS cipher suite. The current version of mod_http2 does not enforce any cipher but most clients do so. Pointing a browser to a h2 enabled server with a inappropriate cipher suite will force it to simply refuse and fall back to HTTP 1.1. This is a common mistake that is done while configuring httpd for HTTP/2 the first time, so please keep it in mind to avoid long debugging sessions! If you want to be sure about the cipher suite to choose please avoid the ones listed in the HTTP/2 TLS blacklist.

    +
    +

    The order of protocols mentioned is also relevant. By default, the first one is the + most preferred protocol. When a client offers multiple choices, the one most to the + left is selected. In

    + 
    Protocols http/1.1 h2
    + +

    the most preferred protocol is HTTP/1 and it will always be selected unless a + client only supports h2. Since we want to talk HTTP/2 to clients that + support it, the better order is

    + 
    Protocols h2 h2c http/1.1
    + + +

    There is one more thing to ordering: the client has its own preferences, too. If + you want, you can configure your server to select the protocol most preferred by + the client:

    + 
    ProtocolsHonorOrder Off
    + +

    makes the order you wrote the Protocols irrelevant and only the client's + ordering will decide.

    +

    A last thing: the protocols you configure are not checked for correctness + or spelling. You can mention protocols that do not exist, so there is no need + to guard Protocols with any IfModule checks.

    +

    For more advanced tips on configuration, see the + modules section about dimensioning and + how to manage multiple hosts with the same certificate.

    +
    top
    +
    +

    Clients

    + +

    Almost all modern browsers support HTTP/2, but only over SSL connections: Firefox (v43), + Chrome (v45), Safari (since v9), iOS Safari (v9), Opera (v35), Chrome for Android (v49) + and Internet Explorer (v11 on Windows10) (source).

    +

    Other clients, as well as servers, are listed + on the Implementations wiki, + among them implementations for c, c++, common lisp, dart, erlang, haskell, java, nodejs, php, + python, perl, ruby, rust, scala and swift.

    +

    Several of the non-browser client implementations support HTTP/2 over cleartext, h2c. The + most versatile being curl.

    +
    top
    +
    +

    Useful tools to debug HTTP/2

    + +

    The first tool to mention is of course curl. Please make sure that + your version supports HTTP/2 checking its Features:

    + 
        $ curl -V
+    curl 7.45.0 (x86_64-apple-darwin15.0.0) libcurl/7.45.0 OpenSSL/1.0.2d zlib/1.2.8 nghttp2/1.3.4
+    Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 [...] 
+    Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2
+
    + +

    Mac OS homebrew notes

    + brew install curl --with-openssl --with-nghttp2 +
    +

    And for really deep inspection wireshark.

    +

    The nghttp2 package also includes clients, such as:

    +
      +
    • nghttp - useful to visualize the HTTP/2 frames and get a better idea of the protocol.
      • +
    • h2load - useful to stress-test your server.
      • +
    +

    Chrome offers detailed HTTP/2 logs on its connections via the + special net-internals page. There is also an interesting extension for Chrome and Firefox to visualize when your browser is using HTTP/2.

    +
    top
    +
    +

    Server Push

    + +

    The HTTP/2 protocol allows the server to PUSH responses to a client it never + asked for. The tone of the conversation is: "here is a request that you + never sent and the response to it will arrive soon..."

    +

    But there are restrictions: the client can disable this feature and the + server may only ever PUSH on a request that came from the client.

    +

    The intention is to allow the server to send resources to the client that + it will most likely need: a css or javascript resource that belongs to a html + page the client requested. A set of images that is referenced by a css, etc.

    +

    The advantage for the client is that it saves the time to send the request which + may range from a few milliseconds to half a second, depending on where on the + globe both are located. The disadvantage is that the client may get sent + things it already has in its cache. Sure, HTTP/2 allows for the early cancellation + of such requests, but still there are resources wasted.

    +

    To summarize: there is no one good strategy on how to make best use of this + feature of HTTP/2 and everyone is still experimenting. So, how do you experiment + with it in Apache httpd?

    +

    mod_http2 inspect response header for Link headers + in a certain format:

    + 
    Link </xxx.css>;rel=preload, </xxx.js>; rel=preload
    + +

    If the connection supports PUSH, these two resources will be sent to the + client. As a web developer, you may set these headers either directly in + your application response or you configure the server via

    + 
    <Location /xxx.html>
+    Header add Link "</xxx.css>;rel=preload"
+    Header add Link "</xxx.js>;rel=preload"
+</Location>
    + +

    If you want to use preload links without triggering a PUSH, you + can use the nopush parameter, as in

    + 
    Link </xxx.css>;rel=preload;nopush
    + +

    or you may disable PUSHes for your server entirely with the directive

    + 
    H2Push Off
    + +

    And there is more:

    +

    The module will keep a diary of what has been PUSHed for each connection + (hashes of URLs, basically) and will not PUSH the same resource twice. When + the connection closes, this information is discarded.

    +

    There are people thinking about how a client can tell a server what it + already has, so PUSHes for those things can be avoided, but this is all + highly experimental right now.

    +

    Another experimental draft that has been implemented in mod_http2 + is the + Accept-Push-Policy Header Field where a client can, for each request, define + what kind of PUSHes it accepts.

    +
    +
    +

    Available Languages:  en  | + fr  | + ja  | + ko  | + tr 

    +
    top

    Comments

    Notice:
    This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
    +
    + \ No newline at end of file diff --git a/docs/manual/howto/index.html.en b/docs/manual/howto/index.html.en index 71f33a6f..5ca462ab 100644 --- a/docs/manual/howto/index.html.en +++ b/docs/manual/howto/index.html.en @@ -87,6 +87,20 @@ +
    +
    HTTP/2 with httpd
    +
    +

    HTTP/2 is the evolution of the world's most successful application layer protocol, HTTP. + It focuses on making more efficient use of network resources without changing the semantics of HTTP. + This guide explains how HTTP/2 is implemented in httpd, showing basic configurations tips and + best practices. +

    + +

    See: HTTP/2 guide

    +
    +
    + +
    Introduction to Server Side Includes
    diff --git a/docs/manual/howto/index.html.fr b/docs/manual/howto/index.html.fr index f55266c3..d7ecd7a9 100644 --- a/docs/manual/howto/index.html.fr +++ b/docs/manual/howto/index.html.fr @@ -90,6 +90,21 @@
    +
    +
    HTTP/2 avec httpd
    +
    +

    HTTP/2 est une volution du protocole de la couche application le plus + connu au monde, HTTP. Les efforts se sont concentrs sur une amlioration + de l'efficacit de l'utilisation des ressources rseau sans modifier la + smantique de HTTP. Ce guide explique la manire dont HTTP/2 est + implment dans httpd, donne des conseils pour une configuration de base + ainsi qu'une liste de recommandations. +

    + +

    Voir le guide HTTP/2

    +
    +
    +
    Introduction au Inclusions ct Serveur (Server Side Includes ou SSI)
    diff --git a/docs/manual/howto/public_html.html.en b/docs/manual/howto/public_html.html.en index 3ca97fdd..0ca1067c 100644 --- a/docs/manual/howto/public_html.html.en +++ b/docs/manual/howto/public_html.html.en @@ -36,13 +36,13 @@ out of the home directory of the user "username", out of the subdirectory specified by the UserDir directive.

    Note that, by default, access to these directories is not - enabled. You can enable access when using UserDir by uncommenting the line

    -

    - #Include conf/extra/httpd-userdir.conf -

    + enabled. You can enable access when using UserDir by uncommenting the line:

    + 
    #Include conf/extra/httpd-userdir.conf
    +

    in the default config file conf/httpd.conf, and adapting the httpd-userdir.conf file as necessary, or by including the appropriate directives in a - Directory block within the main config file.

    + <Directory> block + within the main config file.

    +

    See also

    top

    Per-user web directories

    @@ -139,8 +139,8 @@ You can, likewise, disable the feature for all but a few users by using a configuration like the following:

    - 
          UserDir disabled
    
-      UserDir enabled rbowen krietz
    + 
    UserDir disabled
+UserDir enabled rbowen krietz

    See UserDir diff --git a/docs/manual/howto/public_html.html.fr b/docs/manual/howto/public_html.html.fr index 8f4cb852..82acfb9a 100644 --- a/docs/manual/howto/public_html.html.fr +++ b/docs/manual/howto/public_html.html.fr @@ -40,15 +40,15 @@ la directive U

    Notez que par dfaut, l'accs ces rpertoires n'est pas permis. Vous pouvez en permettre l'accs l'aide de la directive UserDir en -dcommentant la ligne

    -

    - #Include conf/extra/httpd-userdir.conf -

    +dcommentant la ligne :

    + 
    #Include conf/extra/httpd-userdir.conf
    +

    dans le fichier de configuration par dfaut conf/httpd.conf, et en adaptant le fichier httpd-userdir.conf selon vos besoins, ou en incluant les directives appropries dans une section - Directory du fichier de configuration principal.

    + <Directory> du fichier de + configuration principal.

    +avec le systme de fichiers
  • Commentaires
    • top

    Rpertoires web utilisateurs

    @@ -153,8 +153,8 @@ avec le syst utilisateurs sauf certains d'entre eux en utilisant une configuration du style :

    - 
          UserDir disabled
    
-      UserDir enabled rbowen krietz
    + 
    UserDir disabled
+UserDir enabled rbowen krietz

    Vous trouverez d'autres exemples dans la documentation de diff --git a/docs/manual/howto/public_html.html.ja.utf8 b/docs/manual/howto/public_html.html.ja.utf8 index 5dd97e16..75d3b90d 100644 --- a/docs/manual/howto/public_html.html.ja.utf8 +++ b/docs/manual/howto/public_html.html.ja.utf8 @@ -61,7 +61,7 @@

  • この機能を使用できるユーザを制限する
  • ユーザ毎の CGI ディレクトリ
  • ユーザによる設定変更を許可
    • -

    参照

    +

    参照

    top

    ユーザ毎のウェブディレクトリ

    diff --git a/docs/manual/howto/public_html.html.ko.euc-kr b/docs/manual/howto/public_html.html.ko.euc-kr index c74e6a49..bdd80af7 100644 --- a/docs/manual/howto/public_html.html.ko.euc-kr +++ b/docs/manual/howto/public_html.html.ko.euc-kr @@ -44,7 +44,7 @@
  • ̿ ϱ
  • ں cgi 丮 ϱ
  • ڰ ֵ
    • -

    +

    top

    ں 丮

    diff --git a/docs/manual/howto/public_html.html.tr.utf8 b/docs/manual/howto/public_html.html.tr.utf8 index e333e8e1..cc9b8e91 100644 --- a/docs/manual/howto/public_html.html.tr.utf8 +++ b/docs/manual/howto/public_html.html.tr.utf8 @@ -29,6 +29,7 @@  ko  |  tr 

    +
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Çok kullanıcılı sistemlerde, UserDir yönergesi ile her kullanıcının kendi ev dizininde bir sitesi olması sağlanabilir. @@ -57,7 +58,7 @@

  • Her kullanıcıya bir CGI dizini tahsis etmek
  • Kullanıcıların yapılandırmayı değiştirmesine izin vermek

    • Ayrıca bakınız:

    + Eşleştirilmesi
  • Yorum
    • top

    Kullanıcı sayfaları dizinleri

    diff --git a/docs/manual/howto/reverse_proxy.html.en b/docs/manual/howto/reverse_proxy.html.en index 12d1593f..ea76471f 100644 --- a/docs/manual/howto/reverse_proxy.html.en +++ b/docs/manual/howto/reverse_proxy.html.en @@ -63,7 +63,7 @@
  • Balancer Manager
  • Dynamic Health Checks
  • BalancerMember status flags
    • -
    +

    See also

    top

    Reverse Proxy

    @@ -119,7 +119,7 @@ ProxyPassReverse "/images" "http://www.example.com/" requests and for the reverse proxy to load balance and failover among them. This group is sometimes called a cluster but Apache httpd's term is a balancer. One defines a balancer by leveraging the - Proxy and + <Proxy> and BalancerMember directives as shown:

    @@ -235,7 +235,7 @@ ProxyPassReverse "/images/" "balancer://myset/"

    Warning

    -

    Do not enable the balancer-manager until you have secured your server. In +

    Do not enable the balancer-manager until you have secured your server. In particular, ensure that access to the URL is tightly restricted.

    diff --git a/docs/manual/howto/ssi.html.en b/docs/manual/howto/ssi.html.en index fddc7c68..9327ed66 100644 --- a/docs/manual/howto/ssi.html.en +++ b/docs/manual/howto/ssi.html.en @@ -41,7 +41,7 @@ existing HTML documents.

  • Executing commands
  • Advanced SSI techniques
  • Conclusion
    • -
    +

    See also

    top

    Introduction

    @@ -109,8 +109,8 @@ existing HTML documents.

    do this. You can tell Apache to parse any file with a particular file extension, such as .shtml, with the following directives:

    -
            AddType text/html .shtml
    
-        AddOutputFilter INCLUDES .shtml
    +
    AddType text/html .shtml
+AddOutputFilter INCLUDES .shtml

    One disadvantage to this approach is that if you wanted to diff --git a/docs/manual/howto/ssi.html.fr b/docs/manual/howto/ssi.html.fr index a2670983..a53b8bad 100644 --- a/docs/manual/howto/ssi.html.fr +++ b/docs/manual/howto/ssi.html.fr @@ -43,7 +43,7 @@ HTML pr

  • Excution de commandes
  • Techniques SSI avances
  • Conclusion
    • -
    +

    Voir aussi

    top

    Introduction

    @@ -117,8 +117,8 @@ HTML pr directives SSI. Vous devez indiquer Apache quels fichiers seront concerns. Vous pouvez y parvenir en indiquant une extension, comme .shtml, l'aide des directives suivantes :

    -
            AddType text/html .shtml
    
-        AddOutputFilter INCLUDES .shtml
    +
    AddType text/html .shtml
+AddOutputFilter INCLUDES .shtml

    Un des dsavantages de cette approche rside dans le fait que si diff --git a/docs/manual/howto/ssi.html.ja.utf8 b/docs/manual/howto/ssi.html.ja.utf8 index dc10ddcd..326f1332 100644 --- a/docs/manual/howto/ssi.html.ja.utf8 +++ b/docs/manual/howto/ssi.html.ja.utf8 @@ -45,7 +45,7 @@

  • コマンドの実行
  • 高度な SSI テクニック
  • 終わりに
    • -
    +

    参照

    top

    はじめに

    diff --git a/docs/manual/howto/ssi.html.ko.euc-kr b/docs/manual/howto/ssi.html.ko.euc-kr index ed04e795..1f720e94 100644 --- a/docs/manual/howto/ssi.html.ko.euc-kr +++ b/docs/manual/howto/ssi.html.ko.euc-kr @@ -43,7 +43,7 @@
  • ɾ ϱ
  • SSI
    • -
    +

    top

    Ұ

    diff --git a/docs/manual/index.html.es b/docs/manual/index.html.es index 2b5b8ab5..617ed865 100644 --- a/docs/manual/index.html.es +++ b/docs/manual/index.html.es @@ -7,7 +7,7 @@ This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> -Versin 2.4 de la documentacin del Servidor de HTTP Apache - Servidor HTTP Apache Versin 2.4 +Versin 2.4 de la documentacin del Servidor de HTTP Apache - Servidor Apache HTTP Versin 2.4 @@ -17,7 +17,7 @@
    -

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa de este sitio web

    +

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa del sitio web

    Versin 2.4 del Servidor HTTP Apache

    <-
    @@ -36,14 +36,11 @@  tr  |  zh-cn 

    -
    Esta traduccin podra estar - obsoleta. Consulte la versin en ingls de la - documentacin para comprobar si se han producido cambios - recientemente.

    AddType type-mdium extension [extension] ...svdhB
    Associe les extensions de noms de fichiers au type de contenu spcifi
    Alias [chemin URL] +
    Alias chemin URL chemin fichier|chemin rpertoiresvB
    Met en correspondance des URLs avec des chemins du systme de fichiers
    AliasMatch regex @@ -577,152 +577,163 @@ gmon.out.
    Group groupe unix #-1 sB
    Groupe sous lequel le serveur va traiter les requtes
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +
    H2Direct on|off on (for non TLS) svE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 svE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2SerializeHeaders on|off off svE
    Serialize Request/Resoonse Processing Switch
    H2SessionExtraFiles n 5 svE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 svE
    Maximum amount of output data buffered per stream.
    H2WindowSize bytes 65536 svE
    Size of Stream Window for upstream data.
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note en-tte [[expr=]valeur [remplacement] [early|env=[!]variable|expr=expression]] -svdhE
    Configure les en-ttes d'une rponse HTTP
    HeaderName nom fichiersvdhB
    Nom du fichier qui sera insr au dbut de la page +svdhE
    Configure les en-ttes d'une rponse HTTP
    HeaderName nom fichiersvdhB
    Nom du fichier qui sera insr au dbut de la page contenant l'index
    HeartbeatAddress addr:portsX
    Adresse multicast laquelle envoyer les requtes +
    HeartbeatAddress addr:portsX
    Adresse multicast laquelle envoyer les requtes heartbeat
    HeartbeatListenaddr:portsX
    Adresse multicast d'coute des requtes entrantes heartbeat
    HeartbeatMaxServers nombre-de-serveurs 10 sX
    Spcifie le nombre maximal de serveurs qui pourront envoyer +
    HeartbeatListenaddr:portsX
    Adresse multicast d'coute des requtes entrantes heartbeat
    HeartbeatMaxServers nombre-de-serveurs 10 sX
    Spcifie le nombre maximal de serveurs qui pourront envoyer des requtes heartbeat ce serveur.
    HeartbeatStorage chemin fichier logs/hb.dat sX
    Chemin vers le stockage des donnes heartbeat
    HeartbeatStorage chemin-fichier logs/hb.dat sX
    Indique le chemin permettant de lire les donnes +
    HeartbeatStorage chemin fichier logs/hb.dat sX
    Chemin vers le stockage des donnes heartbeat
    HeartbeatStorage chemin-fichier logs/hb.dat sX
    Indique le chemin permettant de lire les donnes heartbeat
    HostnameLookups On|Off|Double Off svdC
    Active la recherche DNS sur les adresses IP des +
    HostnameLookups On|Off|Double Off svdC
    Active la recherche DNS sur les adresses IP des clients
    IdentityCheck On|Off Off svdE
    Active la journalisation de l'identit RFC 1413 de +
    IdentityCheck On|Off Off svdE
    Active la journalisation de l'identit RFC 1413 de l'utilisateur distant
    IdentityCheckTimeout secondes 30 svdE
    Dtermine le dlai d'attente pour les requtes +
    IdentityCheckTimeout secondes 30 svdE
    Dtermine le dlai d'attente pour les requtes ident
    <If expression> ... </If>svdhC
    Contient des directives qui ne s'appliquent que si une +
    <If expression> ... </If>svdhC
    Contient des directives qui ne s'appliquent que si une condition est satisfaite au cours du traitement d'une requte
    <IfDefine [!]paramtre> ... - </IfDefine>svdhC
    Contient des directives qui ne s'appliqueront que si un +
    <IfDefine [!]paramtre> ... + </IfDefine>svdhC
    Contient des directives qui ne s'appliqueront que si un test retourne "vrai" au dmarrage du serveur
    <IfModule [!]fichier module|identificateur -module> ... </IfModule>svdhC
    Contient des directives qui ne s'appliquent qu'en fonction +
    <IfModule [!]fichier module|identificateur +module> ... </IfModule>svdhC
    Contient des directives qui ne s'appliquent qu'en fonction de la prsence ou de l'absence d'un module spcifique
    <IfVersion [[!]operator] version> ... -</IfVersion>svdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://nom_serveur/ +svdhB
    Valeur par dfaut de la directive base des +
    <IfVersion [[!]operator] version> ... +</IfVersion>svdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://nom_serveur/ +svdhB
    Valeur par dfaut de la directive base des fichiers imagemap
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Action entreprendre par dfaut lorsqu'un fichier imagemap +
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Action entreprendre par dfaut lorsqu'un fichier imagemap est invoqu avec des coordonnes qui ne correspondent aucune cible
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action entreprendre si aucune coordonne n'est fournie +
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action entreprendre si aucune coordonne n'est fournie lorsqu'on invoque un fichier imagemap
    Include chemin-fichier|chemin-rpertoire|wildcardsvdC
    Inclut d'autres fichiers de configuration dans un des +
    Include chemin-fichier|chemin-rpertoire|wildcardsvdC
    Inclut d'autres fichiers de configuration dans un des fichiers de configuration du serveur
    IncludeOptional -chemin-fichier|chemin-rpertoire|wildcardsvdC
    Inclusion de fichiers dans le fichier de configuration
    IndexHeadInsert "marque ..."svdhB
    Insre du texte dans la section HEAD de la page +
    IncludeOptional +chemin-fichier|chemin-rpertoire|wildcardsvdC
    Inclusion de fichiers dans le fichier de configuration
    IndexHeadInsert "marque ..."svdhB
    Insre du texte dans la section HEAD de la page d'index.
    IndexIgnore fichier [fichier] ... "." svdhB
    Ajouts la liste des fichiers cacher lors de l'affichage +
    IndexIgnore fichier [fichier] ... "." svdhB
    Ajouts la liste des fichiers cacher lors de l'affichage de l'index d'un rpertoire
    IndexIgnoreReset ON|OFFsvdhB
    Vide la liste des fichiers cacher lors de l'affichage du +
    IndexIgnoreReset ON|OFFsvdhB
    Vide la liste des fichiers cacher lors de l'affichage du contenu d'un rpertoire
    IndexOptions [+|-]option [[+|-]option] -...svdhB
    Diverses options de configuration pour l'indexation d'un +
    IndexOptions [+|-]option [[+|-]option] +...svdhB
    Diverses options de configuration pour l'indexation d'un rpertoire
    IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhB
    Dfinit l'ordre d'affichage par dfaut d'un index de +
    IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhB
    Dfinit l'ordre d'affichage par dfaut d'un index de rpertoire
    IndexStyleSheet chemin-urlsvdhB
    Ajoute une feuille de style CSS l'index du +
    IndexStyleSheet chemin-urlsvdhB
    Ajoute une feuille de style CSS l'index du rpertoire
    InputSed commande-seddh
    Commande sed excuter pour le filtrage des donnes d'une +
    InputSed commande-seddh
    Commande sed excuter pour le filtrage des donnes d'une requte (en gnral des donnes POST)
    ISAPIAppendLogToErrors on|off off svdhB
    Enregistrement des requtes +
    ISAPIAppendLogToErrors on|off off svdhB
    Enregistrement des requtes HSE_APPEND_LOG_PARAMETER de la part des extensions ISAPI dans le journal des erreurs
    ISAPIAppendLogToQuery on|off on svdhB
    Enregistre les requtes +
    ISAPIAppendLogToQuery on|off on svdhB
    Enregistre les requtes HSE_APPEND_LOG_PARAMETER de la part des extensions ISAPI dans la partie arguments de la requte
    ISAPICacheFile chemin-fichier +
    ISAPICacheFile chemin-fichier [chemin-fichier] -...svB
    Fichiers .dll ISAPI devant tre chargs au +...svB
    Fichiers .dll ISAPI devant tre chargs au dmarrage
    ISAPIFakeAsync on|off off svdhB
    Emulation du support des entres/sorties asynchrones pour +
    ISAPIFakeAsync on|off off svdhB
    Emulation du support des entres/sorties asynchrones pour les appels ISAPI
    ISAPILogNotSupported on|off off svdhB
    Journalisation des demandes de fonctionnalits non +
    ISAPILogNotSupported on|off off svdhB
    Journalisation des demandes de fonctionnalits non supportes de la part des extensions ISAPI
    ISAPIReadAheadBuffer taille 49152 svdhB
    Taille du tampon de lecture anticipe envoy aux extensions +
    ISAPIReadAheadBuffer taille 49152 svdhB
    Taille du tampon de lecture anticipe envoy aux extensions ISAPI
    KeepAlive On|Off On svC
    Active les connexions HTTP persistantes
    KeepAliveTimeout nombre[ms] 5 svC
    Dure pendant laquelle le serveur va attendre une requte +
    KeepAlive On|Off On svC
    Active les connexions HTTP persistantes
    KeepAliveTimeout nombre[ms] 5 svC
    Dure pendant laquelle le serveur va attendre une requte avant de fermer une connexion persistante
    KeptBodySize taille maximale en octets 0 dB
    Conserve le corps de la requte concurrence de la taille +
    KeptBodySize taille maximale en octets 0 dB
    Conserve le corps de la requte concurrence de la taille maximale spcifie, pour une utilisation ventuelle par des filtres comme mod_include.
    LanguagePriority langage-MIME [langage-MIME] -...svdhB
    L'ordre de priorit des variantes de langages pour les +
    LanguagePriority langage-MIME [langage-MIME] +...svdhB
    L'ordre de priorit des variantes de langages pour les cas o le client n'a pas formul de prfrences
    LDAPCacheEntries nombre 1024 sE
    Nombre maximum d'entres dans le cache LDAP +
    LDAPCacheEntries nombre 1024 sE
    Nombre maximum d'entres dans le cache LDAP primaire
    LDAPCacheTTL secondes 600 sE
    Dure pendant laquelle les entres du cache restent +
    LDAPCacheTTL secondes 600 sE
    Dure pendant laquelle les entres du cache restent valides.
    LDAPConnectionPoolTTL n -1 svE
    Dsactive les connexions d'arrire-plan qui sont restes +
    LDAPConnectionPoolTTL n -1 svE
    Dsactive les connexions d'arrire-plan qui sont restes inactives trop longtemps au sein du jeu de connexions.
    LDAPConnectionTimeout secondessE
    Spcifie le dlai d'attente en secondes de la socket de +
    LDAPConnectionTimeout secondessE
    Spcifie le dlai d'attente en secondes de la socket de connexion
    LDAPLibraryDebug 7sE
    Active le dbogage dans le SDK LDAP
    LDAPOpCacheEntries nombre 1024 sE
    Nombre d'entres utilises pour mettre en cache les +
    LDAPLibraryDebug 7sE
    Active le dbogage dans le SDK LDAP
    LDAPOpCacheEntries nombre 1024 sE
    Nombre d'entres utilises pour mettre en cache les oprations de comparaison LDAP
    LDAPOpCacheTTL secondes 600 sE
    Dure pendant laquelle les entres du cache d'oprations +
    LDAPOpCacheTTL secondes 600 sE
    Dure pendant laquelle les entres du cache d'oprations restent valides
    LDAPReferralHopLimit nombredhE
    Le nombre maximum de redirections vers des serveurs +
    LDAPReferralHopLimit nombredhE
    Le nombre maximum de redirections vers des serveurs alternatifs (referrals) avant l'abandon de la requte LDAP.
    LDAPReferrals On|Off|default On dhE
    Active la redirection vers des serveurs alternatifs au +
    LDAPReferrals On|Off|default On dhE
    Active la redirection vers des serveurs alternatifs au cours des requtes vers le serveur LDAP.
    LDAPRetries nombre d'essais 3 sE
    Dfinit le nombre maximum de tentatives de connexions au +
    LDAPRetries nombre d'essais 3 sE
    Dfinit le nombre maximum de tentatives de connexions au serveur LDAP.
    LDAPRetryDelay secondes 0 sE
    Dfinit le temps d'attente avant un autre essai de connexion au +
    LDAPRetryDelay secondes 0 sE
    Dfinit le temps d'attente avant un autre essai de connexion au serveur LDAP.
    LDAPSharedCacheFile chemin/fichiersE
    Dfinit le fichier du cache en mmoire +
    LDAPSharedCacheFile chemin/fichiersE
    Dfinit le fichier du cache en mmoire partage
    LDAPSharedCacheSize octets 500000 sE
    Taille en octets du cache en mmoire partage
    LDAPTimeout secondes 60 sE
    Spcifie le dlai d'attente pour les oprations de +
    LDAPSharedCacheSize octets 500000 sE
    Taille en octets du cache en mmoire partage
    LDAPTimeout secondes 60 sE
    Spcifie le dlai d'attente pour les oprations de recherche et d'identification LDAP en secondes
    LDAPTrustedClientCert type -chemin/nom-fichier/alias [mot de passe]svdhE
    Dfinit le nom de fichier contenant un certificat client ou +
    LDAPTrustedClientCert type +chemin/nom-fichier/alias [mot de passe]svdhE
    Dfinit le nom de fichier contenant un certificat client ou un alias renvoyant vers un certificat client spcifique une connexion. Tous les SDK LDAP ne supportent pas les certificats clients par connexion.
    LDAPTrustedGlobalCert type -chemin/nom-fichier [mot de passe]sE
    Dfinit le nom de fichier ou la base de donnes contenant +
    LDAPTrustedGlobalCert type +chemin/nom-fichier [mot de passe]sE
    Dfinit le nom de fichier ou la base de donnes contenant les Autorits de Certification de confiance globales ou les certificats clients globaux
    LDAPTrustedMode typesvE
    Spcifie le mode (SSL ou TLS) utiliser lors de la +
    LDAPTrustedMode typesvE
    Spcifie le mode (SSL ou TLS) utiliser lors de la connexion un serveur LDAP.
    LDAPVerifyServerCert On|Off On sE
    Force la vrification du certificat du +
    LDAPVerifyServerCert On|Off On sE
    Force la vrification du certificat du serveur
    <Limit mthode [mthode] ... > ... - </Limit>dhC
    Limite les contrles d'accs que la section contient +
    <Limit mthode [mthode] ... > ... + </Limit>dhC
    Limite les contrles d'accs que la section contient certaines mthodes HTTP
    <LimitExcept mthode [mthode] ... > ... - </LimitExcept>dhC
    Applique les contrles d'accs toutes les mthodes HTTP, +
    <LimitExcept mthode [mthode] ... > ... + </LimitExcept>dhC
    Applique les contrles d'accs toutes les mthodes HTTP, sauf celles qui sont spcifies
    LimitInternalRecursion nombre [nombre] 10 svC
    Dtermine le nombre maximal de redirections internes et de +
    LimitInternalRecursion nombre [nombre] 10 svC
    Dtermine le nombre maximal de redirections internes et de sous-requtes imbriques
    LimitRequestBody octets 0 svdhC
    limite la taille maximale du corps de la requte HTTP +
    LimitRequestBody octets 0 svdhC
    limite la taille maximale du corps de la requte HTTP envoye par le client
    LimitRequestFields nombre 100 svC
    Limite le nombre de champs d'en-tte autoriss dans une +
    LimitRequestFields nombre 100 svC
    Limite le nombre de champs d'en-tte autoriss dans une requte HTTP
    LimitRequestFieldSize octets 8190 svC
    Ddinit la taille maximale autorise d'un en-tte de +
    LimitRequestFieldSize octets 8190 svC
    Ddinit la taille maximale autorise d'un en-tte de requte HTTP
    LimitRequestLine octets 8190 svC
    Dfinit la taille maximale d'une ligne de requte +
    LimitRequestLine octets 8190 svC
    Dfinit la taille maximale d'une ligne de requte HTTP
    LimitXMLRequestBody octets 1000000 svdhC
    Dfinit la taille maximale du corps d'une requte au format +
    LimitXMLRequestBody octets 1000000 svdhC
    Dfinit la taille maximale du corps d'une requte au format XML
    Listen [adresse IP:]numro port -[protocole]sM
    Les adresses IP et ports sur lesquels le serveur coute
    ListenBacklog backlogsM
    Longueur maximale de la liste d'attente des +
    Listen [adresse IP:]numro port +[protocole]sM
    Les adresses IP et ports sur lesquels le serveur coute
    ListenBacklog backlogsM
    Longueur maximale de la liste d'attente des connexions
    ListenCoresBucketsRatio ratio 0 (disabled) sM
    Rapport entre le nombre de coeurs de processeur activs et +le nombre de segments d'coute
    LoadFile nom-fichier [nom-fichier] ...svE
    Liaison du fichier objet ou de la bibliothque spcifi
    LoadModule module nom-fichiersvE
    Liaison avec le serveur du fichier objet ou de la @@ -805,495 +816,500 @@ simultan inactifs
    MaxSpareThreads nombresM
    Nombre maximum de threads inactifs
    MaxThreads nombre 2048 sM
    Dfinit le nombre maximum de threads esclaves
    MergeTrailers [on|off] off svC
    Dtermine si les donnes supplmentaires (trailers) sont +
    MemcacheConnTTL num[units] 15s svE
    Dure de conservation des connexions inactives
    MergeTrailers [on|off] off svC
    Dtermine si les donnes supplmentaires (trailers) sont fusionnes avec les en-ttes
    MetaDir rpertoire .web svdhE
    Le nom du rpertoire o trouver les fichiers de +
    MetaDir rpertoire .web svdhE
    Le nom du rpertoire o trouver les fichiers de mtainformations dans le style du CERN
    MetaFiles on|off off svdhE
    Active le traitement des mtafichiers du CERN
    MetaSuffix suffixe .meta svdhE
    Suffixe du fichier contenant les mtainformations dans le +
    MetaFiles on|off off svdhE
    Active le traitement des mtafichiers du CERN
    MetaSuffix suffixe .meta svdhE
    Suffixe du fichier contenant les mtainformations dans le style du CERN
    MimeMagicFile chemin-fichiersvE
    Active la dtermination du type MIME en se basant sur le +
    MimeMagicFile chemin-fichiersvE
    Active la dtermination du type MIME en se basant sur le contenu du fichier et en utilisant le fichier magique spcifi
    MinSpareServers nombre 5 sM
    Nombre minimum de processus serveurs enfants +
    MinSpareServers nombre 5 sM
    Nombre minimum de processus serveurs enfants inactifs
    MinSpareThreads nombresM
    Nombre minimum de threads inactifs qui seront disponibles +
    MinSpareThreads nombresM
    Nombre minimum de threads inactifs qui seront disponibles pour pouvoir traiter les pics de requtes
    MMapFile chemin fichier [chemin fichier] ...sX
    Charge au dmarrage une liste de fichiers en mmoire
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Standard de modem simuler
    ModMimeUsePathInfo On|Off Off dB
    Indique mod_mime de traiter les lments +
    MMapFile chemin fichier [chemin fichier] ...sX
    Charge au dmarrage une liste de fichiers en mmoire
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Standard de modem simuler
    ModMimeUsePathInfo On|Off Off dB
    Indique mod_mime de traiter les lments de path_info en tant que parties du nom de fichier
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhB
    Les types de fichiers qui seront inclus lors d'une +
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhB
    Les types de fichiers qui seront inclus lors d'une recherche de correspondance de fichier avec les vues multiples (MultiViews)
    Mutex mcanisme [default|nom-mutex] ... [OmitPID] default sC
    Dfinit les mcanismes de mutex et le repertoire du fichier +
    Mutex mcanisme [default|nom-mutex] ... [OmitPID] default sC
    Dfinit les mcanismes de mutex et le repertoire du fichier verrou pour tous les mutex ou seulement les mutex spcifis
    NameVirtualHost adresse[:port]sC
    OBSOLETE : Dfinit une adresse IP pour les serveurs virtuels base de +
    NameVirtualHost adresse[:port]sC
    OBSOLETE : Dfinit une adresse IP pour les serveurs virtuels base de nom
    NoProxy domaine [domaine] ...svE
    Serveurs, domaines ou rseaux auquels on se connectera +
    NoProxy domaine [domaine] ...svE
    Serveurs, domaines ou rseaux auquels on se connectera directement
    NWSSLTrustedCerts nom-fichier -[nom-fichier] ...sB
    Liste de certificats clients supplmentaires
    NWSSLUpgradeable [adresse-IP:]num-portsB
    Permet de promouvoir une connexion non SSL au statut de +
    NWSSLTrustedCerts nom-fichier +[nom-fichier] ...sB
    Liste de certificats clients supplmentaires
    NWSSLUpgradeable [adresse-IP:]num-portsB
    Permet de promouvoir une connexion non SSL au statut de connexion SSL la demande
    Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Dfinit les fonctionnalits disponibles pour un rpertoire +
    Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Dfinit les fonctionnalits disponibles pour un rpertoire particulier
    Order ordre Deny,Allow dhE
    Dfinit le statut d'accs par dfaut et l'ordre dans lequel +
    Order ordre Deny,Allow dhE
    Dfinit le statut d'accs par dfaut et l'ordre dans lequel les directives Allow et Deny sont values.
    OutputSed commande-seddh
    Commande sed pour le filtrage des contenus de type +
    OutputSed commande-seddh
    Commande sed pour le filtrage des contenus de type rponse
    PassEnv var-env [var-env] -...svdhB
    Transmet des variables d'environnement depuis le +
    PassEnv var-env [var-env] +...svdhB
    Transmet des variables d'environnement depuis le shell
    PidFile nom fichier logs/httpd.pid sM
    Ficher dans lequel le serveur enregistre l'identificateur +
    PidFile nom fichier logs/httpd.pid sM
    Ficher dans lequel le serveur enregistre l'identificateur de processus du dmon
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Fait un compromis entre d'une part l'efficacit et la +
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Fait un compromis entre d'une part l'efficacit et la vitesse de traitement et d'autre part la scurit l'encontre des codes malicieux supportant les privilges.
    Protocol protocolesvC
    Protocole pour une socket d'coute
    ProtocolEcho On|Off Off svX
    Active ou dsactive le serveur d'cho
    <Proxy url-avec-jokers> ...</Proxy>svE
    Conteneur de directives s'appliquant des ressources +
    Protocol protocolesvC
    Protocole pour une socket d'coute
    ProtocolEcho On|Off Off svX
    Active ou dsactive le serveur d'cho
    Protocols protocole ... http/1.1 svC
    Protocoles disponibles pour un serveur virtuel ou non
    ProtocolsHonorOrder On|Off On svC
    Dtermine qui du client ou du serveur dtermine l'ordre + des protocoles au cours de la ngociation de la connexion
    <Proxy url-avec-jokers> ...</Proxy>svE
    Conteneur de directives s'appliquant des ressources mandates
    ProxyAddHeaders Off|On On svdE
    Ajoute des informations propos du mandataire aux +
    ProxyAddHeaders Off|On On svdE
    Ajoute des informations propos du mandataire aux en-ttes X-Forwarded-*
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Dtermine la manire de traiter les lignes d'en-tte +
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Dtermine la manire de traiter les lignes d'en-tte incorrectes d'une rponse
    ProxyBlock *|terme|serveur|domaine -[terme|serveur|domaine] ...svE
    Termes, serveurs ou domaines bloqus par le +
    ProxyBlock *|terme|serveur|domaine +[terme|serveur|domaine] ...svE
    Termes, serveurs ou domaines bloqus par le mandataire
    ProxyDomain DomainesvE
    Nom de domaine par dfaut pour les requtes +
    ProxyDomain DomainesvE
    Nom de domaine par dfaut pour les requtes mandates
    ProxyErrorOverride On|Off Off svdE
    Outrepasser les pages d'erreur pour les contenus +
    ProxyErrorOverride On|Off Off svdE
    Outrepasser les pages d'erreur pour les contenus mandats
    ProxyExpressDBMFile <chemin>svE
    Chemin du fichier DBM.
    ProxyExpressDBMFile <type>svE
    Type de fichier DBM.
    ProxyExpressEnable [on|off]svE
    Active la fonctionnalit du module.
    ProxyFtpDirCharset jeu-caractres ISO-8859-1 svdE
    Dfinit le jeu de caractres des listings FTP +
    ProxyExpressDBMFile <chemin>svE
    Chemin du fichier DBM.
    ProxyExpressDBMFile <type>svE
    Type de fichier DBM.
    ProxyExpressEnable [on|off]svE
    Active la fonctionnalit du module.
    ProxyFtpDirCharset jeu-caractres ISO-8859-1 svdE
    Dfinit le jeu de caractres des listings FTP mandats
    ProxyFtpEscapeWildcards [on|off]svdE
    Les caractres gnriques dans les noms de fichiers +
    ProxyFtpEscapeWildcards [on|off]svdE
    Les caractres gnriques dans les noms de fichiers doivent-ils tre chapps lorsqu'ils sont envoys au serveur FTP ?
    ProxyFtpListOnWildcard [on|off]svdE
    Les caractres gnriques dans les noms de fichiers +
    ProxyFtpListOnWildcard [on|off]svdE
    Les caractres gnriques dans les noms de fichiers demands doivent-ils dclencher l'affichage d'un listing ?
    ProxyHTMLBufSize nb-octetssvdB
    Dfinit l'incrment de la taille du tampon, ainsi que sa +
    ProxyHTMLBufSize nb-octetssvdB
    Dfinit l'incrment de la taille du tampon, ainsi que sa taille initiale, pour la mise en tampon des scripts en ligne et des feuilles de style.
    ProxyHTMLCharsetOut jeu-de-caractres | *svdB
    Spcifie un jeu de caractres pour la sortie de +
    ProxyHTMLCharsetOut jeu-de-caractres | *svdB
    Spcifie un jeu de caractres pour la sortie de mod_proxy_html.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OU -
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Dfinit une dclaration de type de document HTML ou XHTML.
    ProxyHTMLEnable On|Off Off svdB
    Permet d'activer/dsactiver le filtre proxy_html.
    ProxyHTMLEvents attribut [attribut ...]svdB
    Spcifie les attributs traiter comme des vnements de +
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OU +
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Dfinit une dclaration de type de document HTML ou XHTML.
    ProxyHTMLEnable On|Off Off svdB
    Permet d'activer/dsactiver le filtre proxy_html.
    ProxyHTMLEvents attribut [attribut ...]svdB
    Spcifie les attributs traiter comme des vnements de type scripting.
    ProxyHTMLExtended On|Off Off svdB
    Dtermine si l'on doit corriger les liens dans les scripts +
    ProxyHTMLExtended On|Off Off svdB
    Dtermine si l'on doit corriger les liens dans les scripts en ligne, les feuilles de style et les vnements de type scripting.
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Corrige les erreurs HTML simples.
    ProxyHTMLInterp On|Off Off svdB
    Active la rinterprtation des rgles +
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Corrige les erreurs HTML simples.
    ProxyHTMLInterp On|Off Off svdB
    Active la rinterprtation des rgles ProxyHTMLURLMap pour chaque requte.
    ProxyHTMLLinks lment attribut [attribut2 ...]svdB
    Spcifie les lments HTML dont les attributs d'URL doivent +
    ProxyHTMLLinks lment attribut [attribut2 ...]svdB
    Spcifie les lments HTML dont les attributs d'URL doivent tre rcrits.
    ProxyHTMLMeta On|Off Off svdB
    Active ou dsactive une printerprtation supplmentaire +
    ProxyHTMLMeta On|Off Off svdB
    Active ou dsactive une printerprtation supplmentaire des mtadonnes dans les sections HTML <head>.
    ProxyHTMLStripComments On|Off Off svdB
    Dtermine si les commentaires HTML doivent tre supprims.
    ProxyHTMLURLMap modle-source modle-cible [drapeaux] [cond]svdB
    Dfinit une rgle de rcriture des liens HTML
    ProxyIOBufferSize octets 8192 svE
    Dtermine la taille du tampon interne de transfert de +
    ProxyHTMLStripComments On|Off Off svdB
    Dtermine si les commentaires HTML doivent tre supprims.
    ProxyHTMLURLMap modle-source modle-cible [drapeaux] [cond]svdB
    Dfinit une rgle de rcriture des liens HTML
    ProxyIOBufferSize octets 8192 svE
    Dtermine la taille du tampon interne de transfert de donnes
    <ProxyMatch regex> ...</ProxyMatch>svE
    Conteneur de directives s'appliquant des ressources +
    <ProxyMatch regex> ...</ProxyMatch>svE
    Conteneur de directives s'appliquant des ressources mandates correspondant une expression rationnelle
    ProxyMaxForwards nombre -1 svE
    Nombre maximum de mandataires travers lesquelles une +
    ProxyMaxForwards nombre -1 svE
    Nombre maximum de mandataires travers lesquelles une requte peut tre redirige
    ProxyPass [chemin] !|url [cl=valeur - [cl=valeur ...]] [nocanon] [interpolate] [noquery]svdE
    Rfrencer des serveurs distants depuis +
    ProxyPass [chemin] !|url [cl=valeur + [cl=valeur ...]] [nocanon] [interpolate] [noquery]svdE
    Rfrencer des serveurs distants depuis l'espace d'URLs du serveur local
    ProxyPassInherit On|Off On svE
    Hritage des directives ProxyPass dfinies au niveau du +
    ProxyPassInherit On|Off On svE
    Hritage des directives ProxyPass dfinies au niveau du serveur principal
    ProxyPassInterpolateEnv On|Off Off svdE
    Active l'interpolation des variables d'environnement dans +
    ProxyPassInterpolateEnv On|Off Off svdE
    Active l'interpolation des variables d'environnement dans les configurations de mandataires inverses
    ProxyPassMatch [regex] !|url +
    ProxyPassMatch [regex] !|url [cl=valeur - [cl=valeur ...]]svdE
    Fait correspondre des serveurs distants dans l'espace d'URL + [cl=valeur ...]]svdE
    Fait correspondre des serveurs distants dans l'espace d'URL du serveur local en utilisant des expressions rationnelles
    ProxyPassReverse [chemin] url -[interpolate]svdE
    Ajuste l'URL dans les en-ttes de la rponse HTTP envoye +
    ProxyPassReverse [chemin] url +[interpolate]svdE
    Ajuste l'URL dans les en-ttes de la rponse HTTP envoye par un serveur mandat en inverse
    ProxyPassReverseCookieDomain domaine-interne -domaine-public [interpolate]svdE
    Ajuste la chane correspondant au domaine dans les en-ttes +
    ProxyPassReverseCookieDomain domaine-interne +domaine-public [interpolate]svdE
    Ajuste la chane correspondant au domaine dans les en-ttes Set-Cookie en provenance d'un serveur mandat
    ProxyPassReverseCookiePath chemin-interne -chemin-public [interpolate]svdE
    Ajuste la chane correspondant au chemin dans les en-ttes +
    ProxyPassReverseCookiePath chemin-interne +chemin-public [interpolate]svdE
    Ajuste la chane correspondant au chemin dans les en-ttes Set-Cookie en provenance d'un serveur mandat
    ProxyPreserveHost On|Off Off svdE
    Utilise l'en-tte de requte entrante Host pour la requte +
    ProxyPreserveHost On|Off Off svdE
    Utilise l'en-tte de requte entrante Host pour la requte du mandataire
    ProxyReceiveBufferSize octets 0 svE
    Taille du tampon rseau pour les connexions mandates HTTP +
    ProxyReceiveBufferSize octets 0 svE
    Taille du tampon rseau pour les connexions mandates HTTP et FTP
    ProxyRemote comparaison serveur-distantsvE
    Mandataire distant utiliser pour traiter certaines +
    ProxyRemote comparaison serveur-distantsvE
    Mandataire distant utiliser pour traiter certaines requtes
    ProxyRemoteMatch regex serveur-distantsvE
    Le mandataire distant utiliser pour traiter les requtes +
    ProxyRemoteMatch regex serveur-distantsvE
    Le mandataire distant utiliser pour traiter les requtes correspondant une expression rationnelle
    ProxyRequests On|Off Off svE
    Active la fonctionnalit (standard) de mandataire +
    ProxyRequests On|Off Off svE
    Active la fonctionnalit (standard) de mandataire direct
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Active ou dsactive les rponses de redirection interne en +
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Active ou dsactive les rponses de redirection interne en provenance du serveur cible.
    ProxySCGISendfile On|Off|nom-en-tte Off svdE
    Active l'valuation du pseudo en-tte de rponse +
    ProxySCGISendfile On|Off|nom-en-tte Off svdE
    Active l'valuation du pseudo en-tte de rponse X-Sendfile
    ProxySet url cl=valeur [cl=valeur ...]dE
    Dfinit diffrents paramtres relatifs la rpartition de +
    ProxySet url cl=valeur [cl=valeur ...]dE
    Dfinit diffrents paramtres relatifs la rpartition de charge des mandataires et aux membres des groupes de rpartition de charge
    ProxySourceAddress adressesvE
    Dfinit l'adresse IP locale pour les connexions mandates +
    ProxySourceAddress adressesvE
    Dfinit l'adresse IP locale pour les connexions mandates sortantes
    ProxyStatus Off|On|Full Off svE
    Affiche l'tat du rpartiteur de charge du mandataire dans +
    ProxyStatus Off|On|Full Off svE
    Affiche l'tat du rpartiteur de charge du mandataire dans mod_status
    ProxyTimeout secondessvE
    Dlai d'attente rseau pour les requtes +
    ProxyTimeout secondessvE
    Dlai d'attente rseau pour les requtes mandates
    ProxyVia On|Off|Full|Block Off svE
    Information fournie dans l'en-tte de rponse HTTP +
    ProxyVia On|Off|Full|Block Off svE
    Information fournie dans l'en-tte de rponse HTTP Via pour les requtes mandates
    ReadmeName nom-fichiersvdhB
    Nom du fichier dont le contenu sera insr la fin de +
    ReadmeName nom-fichiersvdhB
    Nom du fichier dont le contenu sera insr la fin de l'index
    ReceiveBufferSize octets 0 sM
    Taille du tampon TCP en entre
    Redirect [tat] [chemin URL] -URLsvdhB
    Envoie une redirection externe demandant au client +
    ReceiveBufferSize octets 0 sM
    Taille du tampon TCP en entre
    Redirect [tat] chemin URL +URLsvdhB
    Envoie une redirection externe demandant au client d'effectuer une autre requte avec une URL diffrente
    RedirectMatch [tat] regex -URLsvdhB
    Envoie une redirection externe faisant appel aux +
    RedirectMatch [tat] regex +URLsvdhB
    Envoie une redirection externe faisant appel aux expressions rationnelles pour la mise en correspondance de l'URL courante
    RedirectPermanent chemin URL URLsvdhB
    Envoie une redirection externe permanente demandant au +
    RedirectPermanent chemin URL URLsvdhB
    Envoie une redirection externe permanente demandant au client d'effectuer une nouvelle requte avec une URL diffrente
    RedirectTemp chemin URL URLsvdhB
    Envoie une redirection externe temporaire demandant au +
    RedirectTemp chemin URL URLsvdhB
    Envoie une redirection externe temporaire demandant au client d'effectuer une nouvelle requte avec une URL diffrente
    ReflectorHeader en-tte-entre [en-tte-sortie]svdhB
    Rflchit un en-tte d'entre dans les en-ttes de sortie
    RemoteIPHeader en-ttesvB
    Dfinit le champ d'en-tte qui contiendra les adresses IP +
    ReflectorHeader en-tte-entre [en-tte-sortie]svdhB
    Rflchit un en-tte d'entre dans les en-ttes de sortie
    RemoteIPHeader en-ttesvB
    Dfinit le champ d'en-tte qui contiendra les adresses IP du client
    RemoteIPInternalProxy -ip-mandataire|ip-mandataire/sous-rseau|nom-hte ...svB
    Dclare les adresses IP intranet clients comme dignes de +
    RemoteIPInternalProxy +ip-mandataire|ip-mandataire/sous-rseau|nom-hte ...svB
    Dclare les adresses IP intranet clients comme dignes de confiance pour prsenter la valeur RemoteIPHeader
    RemoteIPInternalProxyList nom-fichiersvB
    Dclare les adresses IP intranet clients comme dignes de +
    RemoteIPInternalProxyList nom-fichiersvB
    Dclare les adresses IP intranet clients comme dignes de confiance pour prsenter la valeur RemoteIPHeader
    RemoteIPProxiesHeader Nom_en-ttesvB
    Dclare le champ d'en-tte qui contiendra toutes les +
    RemoteIPProxiesHeader Nom_en-ttesvB
    Dclare le champ d'en-tte qui contiendra toutes les adresses IP intermdiaires
    RemoteIPTrustedProxy -ip-mandataire|ip-mandataire/sous-rseau|nom-hte ...svB
    Dclare les adresses IP intranet clients comme dignes de +
    RemoteIPTrustedProxy +ip-mandataire|ip-mandataire/sous-rseau|nom-hte ...svB
    Dclare les adresses IP intranet clients comme dignes de confiance pour prsenter la valeur RemoteIPHeader
    RemoteIPTrustedProxyList nom-fichiersvB
    Dclare les adresses IP intranet clients comme dignes de +
    RemoteIPTrustedProxyList nom-fichiersvB
    Dclare les adresses IP intranet clients comme dignes de confiance pour prsenter la valeur RemoteIPHeader
    RemoveCharset extension [extension] -...vdhB
    Supprime toute association de jeu de caractres pour un +
    RemoveCharset extension [extension] +...vdhB
    Supprime toute association de jeu de caractres pour un ensemble d'extensions de noms de fichiers
    RemoveEncoding extension [extension] -...vdhB
    Supprime toute association de codage de contenu pour un +
    RemoveEncoding extension [extension] +...vdhB
    Supprime toute association de codage de contenu pour un ensemble d'extensions de noms de fichiers
    RemoveHandler extension [extension] -...vdhB
    Supprime toute association de gestionnaire un ensemble +
    RemoveHandler extension [extension] +...vdhB
    Supprime toute association de gestionnaire un ensemble d'extensions de noms de fichiers
    RemoveInputFilter extension [extension] -...vdhB
    Supprime toute association de filtre en entre un +
    RemoveInputFilter extension [extension] +...vdhB
    Supprime toute association de filtre en entre un ensemble d'extensions de noms de fichiers
    RemoveLanguage extension [extension] -...vdhB
    Supprime toute association de langue un ensemble +
    RemoveLanguage extension [extension] +...vdhB
    Supprime toute association de langue un ensemble d'extensions de noms de fichiers
    RemoveOutputFilter extension [extension] -...vdhB
    Supprime toute association de filtre en sortie un +
    RemoveOutputFilter extension [extension] +...vdhB
    Supprime toute association de filtre en sortie un ensemble d'extensions de noms de fichiers
    RemoveType extension [extension] -...vdhB
    Supprime toute association de type de contenu un ensemble +
    RemoveType extension [extension] +...vdhB
    Supprime toute association de type de contenu un ensemble d'extensions de noms de fichiers
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset en-tte [[expr=]valeur [remplacement] [early|env=[!]variable|expr=expression]] -svdhE
    Configure les en-ttes d'une requte HTTP
    RequestReadTimeout +svdhE
    Configure les en-ttes d'une requte HTTP
    RequestReadTimeout [header=dlai[-dlai-maxi][,MinRate=taux-mini] [body=dlai[-dlai-maxi][,MinRate=taux-mini] -svE
    Dfinit des dlais maximums pour la rception des en-ttes +svE
    Dfinit des dlais maximums pour la rception des en-ttes et corps des requtes en provenance du client.
    Require [not] nom-entit [nom-entit] -...dhB
    Vrifie si un utilisateur authentifi a une +
    Require [not] nom-entit [nom-entit] +...dhB
    Vrifie si un utilisateur authentifi a une autorisation d'accs accorde par un fournisseur d'autorisation.
    <RequireAll> ... </RequireAll>dhB
    Regroupe plusieurs directives d'autorisation dont aucune ne +
    <RequireAll> ... </RequireAll>dhB
    Regroupe plusieurs directives d'autorisation dont aucune ne doit chouer et dont au moins une doit retourner un rsultat positif pour que la directive globale retourne elle-mme un rsultat positif.
    <RequireAny> ... </RequireAny>dhB
    Regroupe des directives d'autorisation dont au moins une +
    <RequireAny> ... </RequireAny>dhB
    Regroupe des directives d'autorisation dont au moins une doit retourner un rsultat positif pour que la directive globale retourne elle-mme un rsultat positif.
    <RequireNone> ... </RequireNone>dhB
    Regroupe des directives d'autorisation dont aucune ne doit +
    <RequireNone> ... </RequireNone>dhB
    Regroupe des directives d'autorisation dont aucune ne doit retourner un rsultat positif pour que la directive globale n'choue pas.
    RewriteBase chemin_URLdhE
    Dfinit l'URL de base pour les rcritures au niveau +
    RewriteBase chemin_URLdhE
    Dfinit l'URL de base pour les rcritures au niveau rpertoire
    RewriteCond - chane_de_test expression_de_comparaisonsvdhE
    Dfinit une condition qui devra tre satisfaite pour que +
    RewriteCond + chane_de_test expression_de_comparaisonsvdhE
    Dfinit une condition qui devra tre satisfaite pour que la rcriture soit effectue
    RewriteEngine on|off off svdhE
    Active ou dsactive l'excution du +
    RewriteEngine on|off off svdhE
    Active ou dsactive l'excution du moteur de rcriture
    RewriteMap nom_de_la_correspondance type_de_correspondance:source_de_la_correspondance -svE
    Dfinit une fonction de mise en correspondance pour la +
    RewriteMap nom_de_la_correspondance type_de_correspondance:source_de_la_correspondance +svE
    Dfinit une fonction de mise en correspondance pour la recherche de mots-cls
    RewriteOptions OptionssvdhE
    Configure certaines options spciales +
    RewriteOptions OptionssvdhE
    Configure certaines options spciales pour le moteur de rcriture
    RewriteRule - Modle Substitution [drapeaux]svdhE
    Dfinit les rgles pour le moteur de rcriture
    RLimitCPU secondes|max [secondes|max]svdhC
    Limite le temps CPU allou aux processus initis par les +
    RewriteRule + Modle Substitution [drapeaux]svdhE
    Dfinit les rgles pour le moteur de rcriture
    RLimitCPU secondes|max [secondes|max]svdhC
    Limite le temps CPU allou aux processus initis par les processus enfants d'Apache httpd
    RLimitMEM octets|max [octets|max]svdhC
    Limite la mmoire alloue aux processus initis par les +
    RLimitMEM octets|max [octets|max]svdhC
    Limite la mmoire alloue aux processus initis par les processus enfants d'Apache httpd
    RLimitNPROC nombre|max [nombre|max]svdhC
    Limite le nombre de processus qui peuvent tre initis par +
    RLimitNPROC nombre|max [nombre|max]svdhC
    Limite le nombre de processus qui peuvent tre initis par les processus initis par les processus enfants d'Apache httpd
    Satisfy Any|All All dhE
    Interaction entre le contrle d'accs en fonction de l'hte +
    Satisfy Any|All All dhE
    Interaction entre le contrle d'accs en fonction de l'hte et l'authentification utilisateur
    ScoreBoardFile chemin fichier logs/apache_runtime +sM
    Chemin du fichier o sont stockes les donnes concernant +
    ScoreBoardFile chemin fichier logs/apache_runtime +sM
    Chemin du fichier o sont stockes les donnes concernant la coordination des processus enfants
    Script mthode script cgisvdB
    Active un script CGI dans le cas d'une mthode de requte +
    Script mthode script cgisvdB
    Active un script CGI dans le cas d'une mthode de requte particulire.
    ScriptAlias [chemin URL] -chemin fichier|chemin rpertoiresvdB
    Fait correspondre une URL une zone du systme de fichiers -et dsigne la cible comme script CGI
    ScriptAliasMatch regex +
    ScriptAlias chemin URL chemin fichier|chemin rpertoiresvB
    Fait correspondre une URL une zone du systme de fichiers +et dsigne la cible comme script CGI
    ScriptAliasMatch regex +chemin fichier|chemin rpertoiresvB
    Fait correspondre une URL une zone du systme de fichiers en faisant appel aux expressions rationnelles et en dsignant la cible comme un script CGI
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Permet de localiser l'interprteur des scripts +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Permet de localiser l'interprteur des scripts CGI
    ScriptLog chemin fichiersvB
    Chemin du fichier journal des erreurs du script +
    ScriptLog chemin fichiersvB
    Chemin du fichier journal des erreurs du script CGI
    ScriptLogBuffer octets 1024 svB
    Taille maximale des requtes PUT ou POST qui seront +
    ScriptLogBuffer octets 1024 svB
    Taille maximale des requtes PUT ou POST qui seront enregistres dans le journal du script
    ScriptLogLength octets 10385760 svB
    Taille maximale du fichier journal des scripts +
    ScriptLogLength octets 10385760 svB
    Taille maximale du fichier journal des scripts CGI
    ScriptSock chemin fichier cgisock sB
    Le prfixe du nom de fichier du socket utiliser pour +
    ScriptSock chemin fichier cgisock sB
    Le prfixe du nom de fichier du socket utiliser pour communiquer avec le dmon CGI
    SecureListen [adresse-IP:]num-port -nom-certificat [MUTUAL]sB
    Active le chiffrement SSL pour le port +
    SecureListen [adresse-IP:]num-port +nom-certificat [MUTUAL]sB
    Active le chiffrement SSL pour le port spcifi
    SeeRequestTail On|Off Off sC
    Dtermine si mod_status affiche les 63 premiers caractres +
    SeeRequestTail On|Off Off sC
    Dtermine si mod_status affiche les 63 premiers caractres d'une requte ou les 63 derniers, en supposant que la requte elle-mme possde plus de 63 caractres.
    SendBufferSize octets 0 sM
    Taille du tampon TCP en sortie
    ServerAdmin adresse lectronique|URLsvC
    L'adresse lectronique que le serveur inclut dans les +
    SendBufferSize octets 0 sM
    Taille du tampon TCP en sortie
    ServerAdmin adresse lectronique|URLsvC
    L'adresse lectronique que le serveur inclut dans les messages d'erreur envoys au client
    ServerAlias nom serveur [nom serveur] -...vC
    Autres noms d'un serveur utilisables pour atteindre des +
    ServerAlias nom serveur [nom serveur] +...vC
    Autres noms d'un serveur utilisables pour atteindre des serveurs virtuels base de nom
    ServerLimit nombresM
    Limite suprieure de la dfinition du nombre de +
    ServerLimit nombresM
    Limite suprieure de la dfinition du nombre de processus
    ServerName [protocole://]nom de domaine -entirement qualifi[:port]svC
    Nom d'hte et port que le serveur utilise pour +
    ServerName [protocole://]nom de domaine +entirement qualifi[:port]svC
    Nom d'hte et port que le serveur utilise pour s'authentifier lui-mme
    ServerPath chemin d'URLvC
    Nom de chemin d'URL hrit pour un serveur virtuel base +
    ServerPath chemin d'URLvC
    Nom de chemin d'URL hrit pour un serveur virtuel base de nom accd par un navigateur incompatible
    ServerRoot chemin de rpertoire /usr/local/apache sC
    Racine du rpertoire d'installation du +
    ServerRoot chemin de rpertoire /usr/local/apache sC
    Racine du rpertoire d'installation du serveur
    ServerSignature On|Off|EMail Off svdhC
    Dfinit un pied de page pour les documents gnrs par le +
    ServerSignature On|Off|EMail Off svdhC
    Dfinit un pied de page pour les documents gnrs par le serveur
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configure l'en-tte Server de la rponse +
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configure l'en-tte Server de la rponse HTTP
    Session On|Off Off svdhE
    Ouvre une session pour le contexte courant
    SessionCookieName nom attributssvdhE
    Nom et attributs du cookie RFC2109 dans lequel la session +
    Session On|Off Off svdhE
    Ouvre une session pour le contexte courant
    SessionCookieName nom attributssvdhE
    Nom et attributs du cookie RFC2109 dans lequel la session est stocke
    SessionCookieName2 nom attributssvdhE
    Nom et attributs pour le cookie RFC2965 dans lequel est +
    SessionCookieName2 nom attributssvdhE
    Nom et attributs pour le cookie RFC2965 dans lequel est stocke la session
    SessionCookieRemove On|Off Off svdhE
    Dtermine si les cookies de session doivent tre supprims +
    SessionCookieRemove On|Off Off svdhE
    Dtermine si les cookies de session doivent tre supprims des en-ttes HTTP entrants
    SessionCryptoCipher algorithmesvdhX
    L'algorithme utiliser pour le chiffrement de la session
    SessionCryptoDriver nom [param[=valeur]]sX
    Le pilote de chiffrement utiliser pour chiffrer les +
    SessionCryptoCipher algorithmesvdhX
    L'algorithme utiliser pour le chiffrement de la session
    SessionCryptoDriver nom [param[=valeur]]sX
    Le pilote de chiffrement utiliser pour chiffrer les sessions
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    La cl utilise pour chiffrer la session
    SessionCryptoPassphraseFile nom-fichiersvdX
    Le fichier contenant les cls utilises pour chiffrer la +
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    La cl utilise pour chiffrer la session
    SessionCryptoPassphraseFile nom-fichiersvdX
    Le fichier contenant les cls utilises pour chiffrer la session
    SessionDBDCookieName nom attributssvdhE
    Nom et attributs du cookie RFC2109 qui contient +
    SessionDBDCookieName nom attributssvdhE
    Nom et attributs du cookie RFC2109 qui contient l'identifiant de session
    SessionDBDCookieName2 nom attributssvdhE
    Nom et attributs du cookie RFC2965 qui contient +
    SessionDBDCookieName2 nom attributssvdhE
    Nom et attributs du cookie RFC2965 qui contient l'identifiant de session
    SessionDBDCookieRemove On|Off On svdhE
    Dtermine si les cookies de session doivent tre supprims +
    SessionDBDCookieRemove On|Off On svdhE
    Dtermine si les cookies de session doivent tre supprims des en-ttes HTTP entrants
    SessionDBDDeleteLabel tiquette deletesession svdhE
    La requte SQL utiliser pour supprimer des sessions de la +
    SessionDBDDeleteLabel tiquette deletesession svdhE
    La requte SQL utiliser pour supprimer des sessions de la base de donnes
    SessionDBDInsertLabel tiquette insertsession svdhE
    La requte SQL utiliser pour insrer des sessions dans la +
    SessionDBDInsertLabel tiquette insertsession svdhE
    La requte SQL utiliser pour insrer des sessions dans la base de donnes
    SessionDBDPerUser On|Off Off svdhE
    Active une session propre un utilisateur
    SessionDBDSelectLabel tiquette selectsession svdhE
    La requte SQL utiliser pour slectionner des sessions +
    SessionDBDPerUser On|Off Off svdhE
    Active une session propre un utilisateur
    SessionDBDSelectLabel tiquette selectsession svdhE
    La requte SQL utiliser pour slectionner des sessions dans la base de donnes
    SessionDBDUpdateLabel tiquette updatesession svdhE
    La requte SQL utiliser pour mettre jour des sessions +
    SessionDBDUpdateLabel tiquette updatesession svdhE
    La requte SQL utiliser pour mettre jour des sessions prexistantes dans la base de donnes
    SessionEnv On|Off Off svdhE
    Dfinit si le contenu de la session doit tre enregistr +
    SessionEnv On|Off Off svdhE
    Dfinit si le contenu de la session doit tre enregistr dans la variable d'environnement HTTP_SESSION
    SessionExclude cheminsvdhE
    Dfinit les prfixes d'URLs pour lesquels une session sera +
    SessionExclude cheminsvdhE
    Dfinit les prfixes d'URLs pour lesquels une session sera ignore
    SessionHeader en-ttesvdhE
    Importation des mises jour de session depuis l'en-tte de +
    SessionHeader en-ttesvdhE
    Importation des mises jour de session depuis l'en-tte de rponse HTTP spcifi
    SessionInclude cheminsvdhE
    Dfinit les prfixes d'URL pour lesquels une session est +
    SessionInclude cheminsvdhE
    Dfinit les prfixes d'URL pour lesquels une session est valide
    SessionMaxAge dure de vie maximale 0 svdhE
    Dfinit une dure de vie maximale pour la session en +
    SessionMaxAge dure de vie maximale 0 svdhE
    Dfinit une dure de vie maximale pour la session en secondes
    SetEnv var-env [valeur]svdhB
    Dfinit des variables d'environnement
    SetEnvIf attribut +
    SetEnv var-env [valeur]svdhB
    Dfinit des variables d'environnement
    SetEnvIf attribut regex [!]env-variable[=valeur] - [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction des + [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction des attributs de la requte
    SetEnvIfExpr expr +
    SetEnvIfExpr expr [!]env-variable[=valeur] - [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction d'une expression ap_expr
    SetEnvIfNoCase attribut regex + [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction d'une expression ap_expr
    SetEnvIfNoCase attribut regex [!]env-variable[=valeur] - [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction des + [[!]env-variable[=valeur]] ...svdhB
    Dfinit des variables d'environnement en fonction des attributs de la requte sans tenir compte de la casse
    SetHandler nom gestionnaire|NonesvdhC
    Force le traitement des fichiers spcifis par un +
    SetHandler nom gestionnaire|NonesvdhC
    Force le traitement des fichiers spcifis par un gestionnaire particulier
    SetInputFilter filtre[;filtre...]svdhC
    Dfinit les filtres par lesquels vont passer les requtes +
    SetInputFilter filtre[;filtre...]svdhC
    Dfinit les filtres par lesquels vont passer les requtes client et les donnes POST
    SetOutputFilter filtre[;filtre...]svdhC
    Dfinit les filtres par lesquels vont passer les rponses +
    SetOutputFilter filtre[;filtre...]svdhC
    Dfinit les filtres par lesquels vont passer les rponses du serveur
    SSIEndTag tag "-->" svB
    Chane qui termine l'lment include
    SSIErrorMsg message "[an error occurred +svdhB
    Message d'erreur affich lorsqu'une erreur SSI +
    SSIEndTag tag "-->" svB
    Chane qui termine l'lment include
    SSIErrorMsg message "[an error occurred +svdhB
    Message d'erreur affich lorsqu'une erreur SSI survient
    SSIETag on|off off dhB
    Dfinit si des en-ttes ETags sont gnrs par le serveur.
    SSILastModified on|off off dhB
    Dfinit si des en-ttes Last-Modified sont +
    SSIETag on|off off dhB
    Dfinit si des en-ttes ETags sont gnrs par le serveur.
    SSILastModified on|off off dhB
    Dfinit si des en-ttes Last-Modified sont gnrs par le serveur.
    SSILegacyExprParser on|off off dhB
    Active le mode de compatibilit pour les expressions +
    SSILegacyExprParser on|off off dhB
    Active le mode de compatibilit pour les expressions conditionnelles.
    SSIStartTag tag "<!--#" svB
    Chane qui marque le dbut d'un lment +
    SSIStartTag tag "<!--#" svB
    Chane qui marque le dbut d'un lment include
    SSITimeFormat chane de formatage "%A, %d-%b-%Y %H:%M +svdhB
    Configuration du format d'affichage des dates
    SSIUndefinedEcho chane "(none)" svdhB
    Chane afficher lorsqu'on tente d'extraire le contenu +
    SSITimeFormat chane de formatage "%A, %d-%b-%Y %H:%M +svdhB
    Configuration du format d'affichage des dates
    SSIUndefinedEcho chane "(none)" svdhB
    Chane afficher lorsqu'on tente d'extraire le contenu d'une variable non dfinie
    SSLCACertificateFile chemin-fichiersvE
    Fichier contenant une concatnation des certificats de CA +
    SSLCACertificateFile chemin-fichiersvE
    Fichier contenant une concatnation des certificats de CA cods en PEM pour l'authentification des clients
    SSLCACertificatePath chemin-rpertoiresvE
    Rpertoire des certificats de CA cods en PEM pour +
    SSLCACertificatePath chemin-rpertoiresvE
    Rpertoire des certificats de CA cods en PEM pour l'authentification des clients
    SSLCADNRequestFile chemin-fichiersvE
    Fichier contenant la concatnation des certificats de CA +
    SSLCADNRequestFile chemin-fichiersvE
    Fichier contenant la concatnation des certificats de CA cods en PEM pour la dfinition de noms de CA acceptables
    SSLCADNRequestPath chemin-rpertoiresvE
    Rpertoire contenant des fichiers de certificats de CA +
    SSLCADNRequestPath chemin-rpertoiresvE
    Rpertoire contenant des fichiers de certificats de CA cods en PEM pour la dfinition de noms de CA acceptables
    SSLCARevocationCheck chain|leaf|none none svE
    Active la vrification des rvocations base sur les CRL
    SSLCARevocationFile chemin-fichiersvE
    Fichier contenant la concatnation des CRLs des CA cods en +
    SSLCARevocationCheck chain|leaf|none none svE
    Active la vrification des rvocations base sur les CRL
    SSLCARevocationFile chemin-fichiersvE
    Fichier contenant la concatnation des CRLs des CA cods en PEM pour l'authentification des clients
    SSLCARevocationPath chemin-rpertoiresvE
    Rpertoire des CRLs de CA cods en PEM pour +
    SSLCARevocationPath chemin-rpertoiresvE
    Rpertoire des CRLs de CA cods en PEM pour l'authentification des clients
    SSLCertificateChainFile chemin-fichiersvE
    Fichier contenant les certificats de CA du serveur cods en +
    SSLCertificateChainFile chemin-fichiersvE
    Fichier contenant les certificats de CA du serveur cods en PEM
    SSLCertificateFile chemin-fichiersvE
    Fichier de donnes contenant le certificat X.509 du serveur cod en +
    SSLCertificateFile chemin-fichiersvE
    Fichier de donnes contenant le certificat X.509 du serveur cod en PEM
    SSLCertificateKeyFile chemin-fichiersvE
    Fichier contenant la cl prive du serveur code en +
    SSLCertificateKeyFile chemin-fichiersvE
    Fichier contenant la cl prive du serveur code en PEM
    SSLCipherSuite algorithmes DEFAULT (dpend de +svdhE
    Algorithmes de chiffrement disponibles pour la ngociation +
    SSLCipherSuite algorithmes DEFAULT (dpend de +svdhE
    Algorithmes de chiffrement disponibles pour la ngociation au cours de l'initialisation de la connexion SSL
    SSLCompression on|off off svE
    Permet d'activer la compression au niveau SSL
    SSLCryptoDevice moteur builtin sE
    Active l'utilisation d'un acclrateur matriel de +
    SSLCompression on|off off svE
    Permet d'activer la compression au niveau SSL
    SSLCryptoDevice moteur builtin sE
    Active l'utilisation d'un acclrateur matriel de chiffrement
    SSLEngine on|off|optional off svE
    Interrupteur marche/arrt du moteur SSL
    SSLFIPS on|off off sE
    Coimmutateur du mode SSL FIPS
    SSLHonorCipherOrder on|off off svE
    Option permettant de classer les algorithmes de chiffrement +
    SSLEngine on|off|optional off svE
    Interrupteur marche/arrt du moteur SSL
    SSLFIPS on|off off sE
    Coimmutateur du mode SSL FIPS
    SSLHonorCipherOrder on|off off svE
    Option permettant de classer les algorithmes de chiffrement du serveur par ordre de prfrence
    SSLInsecureRenegotiation on|off off svE
    Option permettant d'activer le support de la rengociation +
    SSLInsecureRenegotiation on|off off svE
    Option permettant d'activer le support de la rengociation non scurise
    SSLOCSDefaultResponder urisvE
    Dfinit l'URI du rpondeur par dfaut pour la validation +
    SSLOCSDefaultResponder urisvE
    Dfinit l'URI du rpondeur par dfaut pour la validation OCSP
    SSLOCSPEnable on|off off svE
    Active la validation OCSP de la chane de certificats du +
    SSLOCSPEnable on|off off svE
    Active la validation OCSP de la chane de certificats du client
    SSLOCSPOverrideResponder on|off off svE
    Force l'utilisation de l'URI du rpondeur par dfaut pour +
    SSLOCSPOverrideResponder on|off off svE
    Force l'utilisation de l'URI du rpondeur par dfaut pour la validation OCSP
    SSLOCSPResponderTimeout secondes 10 svE
    Dlai d'attente pour les requtes OCSP
    SSLOCSPResponseMaxAge secondes -1 svE
    Age maximum autoris pour les rponses OCSP
    SSLOCSPResponseTimeSkew secondes 300 svE
    Drive temporelle maximale autorise pour la validation des +
    SSLOCSPResponderTimeout secondes 10 svE
    Dlai d'attente pour les requtes OCSP
    SSLOCSPResponseMaxAge secondes -1 svE
    Age maximum autoris pour les rponses OCSP
    SSLOCSPResponseTimeSkew secondes 300 svE
    Drive temporelle maximale autorise pour la validation des rponses OCSP
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd commande valeursvE
    Configuration des paramtres d'OpenSSL via son API SSL_CONF
    SSLOptions [+|-]option ...svdhE
    Configure diffrentes options d'excution du moteur SSL
    SSLPassPhraseDialog type builtin sE
    Mthode utilise pour entrer le mot de passe pour les cls +
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd commande valeursvE
    Configuration des paramtres d'OpenSSL via son API SSL_CONF
    SSLOptions [+|-]option ...svdhE
    Configure diffrentes options d'excution du moteur SSL
    SSLPassPhraseDialog type builtin sE
    Mthode utilise pour entrer le mot de passe pour les cls prives chiffres
    SSLProtocol [+|-]protocole ... all svE
    Indique les versions du protocole SSL/TLS +
    SSLProtocol [+|-]protocole ... all -SSLv3 (jusqu' +svE
    Indique les versions du protocole SSL/TLS disponibles
    SSLProxyCACertificateFile file-pathsvE
    Fichier contenant la concatnation des certificats de CA +
    SSLProxyCACertificateFile file-pathsvE
    Fichier contenant la concatnation des certificats de CA cods en PEM pour l'authentification des serveurs distants
    SSLProxyCACertificatePath chemin-rpertoiresvE
    Rpertoire des certificats de CA cods en PEM pour +
    SSLProxyCACertificatePath chemin-rpertoiresvE
    Rpertoire des certificats de CA cods en PEM pour l'authentification des serveurs distants
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Active la vrification des rvocations base sur les CRLs +
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Active la vrification des rvocations base sur les CRLs pour l'authentification du serveur distant
    SSLProxyCARevocationFile chemin-fichiersvE
    Fichier contenant la concatnation des CRLs de CA cods en +
    SSLProxyCARevocationFile chemin-fichiersvE
    Fichier contenant la concatnation des CRLs de CA cods en PEM pour l'authentification des serveurs distants
    SSLProxyCARevocationPath chemin-rpertoiresvE
    Rpertoire des CRLs de CA cods en PEM pour +
    SSLProxyCARevocationPath chemin-rpertoiresvE
    Rpertoire des CRLs de CA cods en PEM pour l'authentification des serveurs distants
    SSLProxyCheckPeerCN on|off on svE
    Configuration de la vrification du champ CN du certificat +
    SSLProxyCheckPeerCN on|off on svE
    Configuration de la vrification du champ CN du certificat du serveur distant
    SSLProxyCheckPeerExpire on|off on svE
    Configuration de la vrification de l'expiration du +
    SSLProxyCheckPeerExpire on|off on svE
    Configuration de la vrification de l'expiration du certificat du serveur distant
    SSLProxyCheckPeerName on|off on svE
    Configure la vrification du nom d'hte dans les +
    SSLProxyCheckPeerName on|off on svE
    Configure la vrification du nom d'hte dans les certificats serveur distants
    SSLProxyCipherSuite algorithmes ALL:!ADH:RC4+RSA:+H +svdhE
    Algorithmes de chiffrement disponibles pour la ngociation +
    SSLProxyCipherSuite algorithmes ALL:!ADH:RC4+RSA:+H +svdhE
    Algorithmes de chiffrement disponibles pour la ngociation lors de l'initialisation d'une connexion SSL de mandataire
    SSLProxyEngine on|off off svE
    Interrupteur marche/arrt du moteur de mandataire +
    SSLProxyEngine on|off off svE
    Interrupteur marche/arrt du moteur de mandataire SSL
    SSLProxyMachineCertificateChainFile nom-fichiersE
    Fichier de certificats de CA encods PEM concatns permettant au +
    SSLProxyMachineCertificateChainFile nom-fichiersE
    Fichier de certificats de CA encods PEM concatns permettant au mandataire de choisir un certificat
    SSLProxyMachineCertificateFile chemin-fichiersE
    Fichier contenant la concatnation des cls et certificats +
    SSLProxyMachineCertificateFile chemin-fichiersE
    Fichier contenant la concatnation des cls et certificats clients cods en PEM que le mandataire doit utiliser
    SSLProxyMachineCertificatePath chemin-rpertoiresE
    Rpertoire des cls et certificats clients cods en PEM que +
    SSLProxyMachineCertificatePath chemin-rpertoiresE
    Rpertoire des cls et certificats clients cods en PEM que le mandataire doit utiliser
    SSLProxyProtocol [+|-]protocole ... all svE
    Dfinit les protocoles SSL disponibles pour la fonction de +
    SSLProxyProtocol [+|-]protocole ... all -SSLv3 (jusqu' +svE
    Dfinit les protocoles SSL disponibles pour la fonction de mandataire
    SSLProxyVerify niveau none svE
    Niveau de vrification du certificat du serveur +
    SSLProxyVerify niveau none svE
    Niveau de vrification du certificat du serveur distant
    SSLProxyVerifyDepth niveau 1 svE
    Niveau de profondeur maximum dans les certificats de CA +
    SSLProxyVerifyDepth niveau 1 svE
    Niveau de profondeur maximum dans les certificats de CA lors de la vrification du certificat du serveur distant
    SSLRandomSeed contexte source -[nombre]sE
    Source de dclenchement du Gnrateur de Nombres +
    SSLRandomSeed contexte source +[nombre]sE
    Source de dclenchement du Gnrateur de Nombres Pseudo-Alatoires (PRNG)
    SSLRenegBufferSize taille 131072 dhE
    Dfinit la taille du tampon de rengociation +
    SSLRenegBufferSize taille 131072 dhE
    Dfinit la taille du tampon de rengociation SSL
    SSLRequire expressiondhE
    N'autorise l'accs que lorsqu'une expression boolenne +
    SSLRequire expressiondhE
    N'autorise l'accs que lorsqu'une expression boolenne complexe et arbitraire est vraie
    SSLRequireSSLdhE
    Interdit l'accs lorsque la requte HTTP n'utilise pas +
    SSLRequireSSLdhE
    Interdit l'accs lorsque la requte HTTP n'utilise pas SSL
    SSLSessionCache type none sE
    Type du cache de session SSL global et +
    SSLSessionCache type none sE
    Type du cache de session SSL global et inter-processus
    SSLSessionCacheTimeout secondes 300 svE
    Nombre de secondes avant l'expiration d'une session SSL +
    SSLSessionCacheTimeout secondes 300 svE
    Nombre de secondes avant l'expiration d'une session SSL dans le cache de sessions
    SSLSessionTicketKeyFile chemin-fichiersvE
    Cl de chiffrement/dchiffrement permanente pour les +
    SSLSessionTicketKeyFile chemin-fichiersvE
    Cl de chiffrement/dchiffrement permanente pour les tickets de session TLS
    SSLSessionTickets on|off on svE
    Active ou dsactive les tickets de session TLS
    SSLSRPUnknownUserSeed secret-stringsvE
    Source d'ala pour utilisateur SRP inconnu
    SSLSRPVerifierFile file-pathsvE
    Chemin du fichier de vrification SRP
    SSLStaplingCache typesE
    Configuration du cache pour l'agrafage OCSP
    SSLStaplingErrorCacheTimeout secondes 600 svE
    Dure de vie des rponses invalides dans le cache pour +
    SSLSessionTickets on|off on svE
    Active ou dsactive les tickets de session TLS
    SSLSRPUnknownUserSeed secret-stringsvE
    Source d'ala pour utilisateur SRP inconnu
    SSLSRPVerifierFile file-pathsvE
    Chemin du fichier de vrification SRP
    SSLStaplingCache typesE
    Configuration du cache pour l'agrafage OCSP
    SSLStaplingErrorCacheTimeout secondes 600 svE
    Dure de vie des rponses invalides dans le cache pour agrafage OCSP
    SSLStaplingFakeTryLater on|off on svE
    Gnre une rponse "tryLater" pour les requtes OCSP choues
    SSLStaplingForceURL urisvE
    Remplace l'URI du serveur OCSP spcifi dans l'extension +
    SSLStaplingFakeTryLater on|off on svE
    Gnre une rponse "tryLater" pour les requtes OCSP choues
    SSLStaplingForceURL urisvE
    Remplace l'URI du serveur OCSP spcifi dans l'extension AIA du certificat
    SSLStaplingResponderTimeout secondes 10 svE
    Temps d'attente maximum pour les requtes vers les serveurs +
    SSLStaplingResponderTimeout secondes 10 svE
    Temps d'attente maximum pour les requtes vers les serveurs OCSP
    SSLStaplingResponseMaxAge secondes -1 svE
    Age maximum autoris des rponses OCSP incluses dans la +
    SSLStaplingResponseMaxAge secondes -1 svE
    Age maximum autoris des rponses OCSP incluses dans la ngociation TLS
    SSLStaplingResponseTimeSkew secondes 300 svE
    Dure de vie maximale autorise des rponses OCSP incluses dans la +
    SSLStaplingResponseTimeSkew secondes 300 svE
    Dure de vie maximale autorise des rponses OCSP incluses dans la ngociation TLS
    SSLStaplingReturnResponderErrors on|off on svE
    Transmet au client les erreurs survenues lors des requtes +
    SSLStaplingReturnResponderErrors on|off on svE
    Transmet au client les erreurs survenues lors des requtes OCSP
    SSLStaplingStandardCacheTimeout secondes 3600 svE
    Dure de vie des rponses OCSP dans le cache
    SSLStrictSNIVHostCheck on|off off svE
    Contrle de l'accs des clients non-SNI un serveur virtuel +
    SSLStaplingStandardCacheTimeout secondes 3600 svE
    Dure de vie des rponses OCSP dans le cache
    SSLStrictSNIVHostCheck on|off off svE
    Contrle de l'accs des clients non-SNI un serveur virtuel base de nom.
    SSLUserName nom-varsdhE
    Nom de la variable servant dterminer le nom de +
    SSLUserName nom-varsdhE
    Nom de la variable servant dterminer le nom de l'utilisateur
    SSLUseStapling on|off off svE
    Active l'ajout des rponses OCSP la ngociation TLS
    SSLVerifyClient niveau none svdhE
    Niveau de vrification du certificat client
    SSLVerifyDepth nombre 1 svdhE
    Profondeur maximale des certificats de CA pour la +
    SSLUseStapling on|off off svE
    Active l'ajout des rponses OCSP la ngociation TLS
    SSLVerifyClient niveau none svdhE
    Niveau de vrification du certificat client
    SSLVerifyDepth nombre 1 svdhE
    Profondeur maximale des certificats de CA pour la vrification des certificats clients
    StartServers nombresM
    Nombre de processus enfants du serveur crs au +
    StartServers nombresM
    Nombre de processus enfants du serveur crs au dmarrage
    StartThreads nombresM
    Nombre de threads crs au dmarrage
    Substitute s/modle/substitution/[infq]dhE
    Modle de substition dans le contenu de la +
    StartThreads nombresM
    Nombre de threads crs au dmarrage
    Substitute s/modle/substitution/[infq]dhE
    Modle de substition dans le contenu de la rponse
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength octets(b|B|k|K|m|M|g|G) 1m dhE
    Dfinit la longueur de ligne maximale
    Suexec On|OffsB
    Active ou dsactive la fonctionnalit suEXEC
    SuexecUserGroup Utilisateur GroupesvE
    L'utilisateur et le groupe sous lesquels les programmes CGI diff --git a/docs/manual/mod/quickreference.html.ja.utf8 b/docs/manual/mod/quickreference.html.ja.utf8 index 8cf8dd0f..0deece93 100644 --- a/docs/manual/mod/quickreference.html.ja.utf8 +++ b/docs/manual/mod/quickreference.html.ja.utf8 @@ -443,110 +443,121 @@ request
    GracefulShutDownTimeout secondssM
    穏やかな停止をかけた後、終了するまで待つ時間
    Group unix-group #-1 sB
    Group under which the server will answer requests
    Header [condition] set|append|add|unset|echo -header [value] [early|env=[!]variable]svdhE
    HTTP 応答ヘッダの設定
    HeaderName filenamesvdhB
    +
    H2Direct on|off on (for non TLS) svE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 svE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2SerializeHeaders on|off off svE
    Serialize Request/Resoonse Processing Switch
    H2SessionExtraFiles n 5 svE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 svE
    Maximum amount of output data buffered per stream.
    H2WindowSize bytes 65536 svE
    Size of Stream Window for upstream data.
    Header [condition] set|append|add|unset|echo +header [value] [early|env=[!]variable]svdhE
    HTTP 応答ヘッダの設定
    HeaderName filenamesvdhB
    インデックス一覧の先頭に挿入されるファイルの名前
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending +
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending heartbeat requests to this server
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    クライアントの IP アドレスの DNS ルックアップを +
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    クライアントの IP アドレスの DNS ルックアップを 有効にする
    IdentityCheck On|Off Off svdE
    リモートユーザの RFC 1413 によるアイデンティティのロギングを +
    IdentityCheck On|Off Off svdE
    リモートユーザの RFC 1413 によるアイデンティティのロギングを 有効にする
    IdentityCheckTimeout seconds 30 svdE
    Ident リクエストがタイムアウトするまでの期間を決める
    <If expression> ... </If>svdhC
    実行時、リクエストが条件を満たした場合にのみ適用される +
    IdentityCheckTimeout seconds 30 svdE
    Ident リクエストがタイムアウトするまでの期間を決める
    <If expression> ... </If>svdhC
    実行時、リクエストが条件を満たした場合にのみ適用される ディレクティブを包含する
    <IfDefine [!]parameter-name> ... - </IfDefine>svdhC
    起動時にテストが真であるときのみに処理されるディレクティブを +
    <IfDefine [!]parameter-name> ... + </IfDefine>svdhC
    起動時にテストが真であるときのみに処理されるディレクティブを 囲む
    <IfModule [!]module-file|module-identifier> ... - </IfModule>svdhC
    モジュールの存在するかしないかに応じて処理される +
    <IfModule [!]module-file|module-identifier> ... + </IfModule>svdhC
    モジュールの存在するかしないかに応じて処理される ディレクティブを囲む
    <IfVersion [[!]operator] version> ... -</IfVersion>svdhE
    バージョン依存の設定を入れる
    ImapBase map|referer|URL http://servername/ svdhB
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Default action when an imagemap is called with coordinates +
    <IfVersion [[!]operator] version> ... +</IfVersion>svdhE
    バージョン依存の設定を入れる
    ImapBase map|referer|URL http://servername/ svdhB
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Default action when an imagemap is called with coordinates that are not explicitly mapped
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action if no coordinates are given when calling +
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action if no coordinates are given when calling an imagemap
    Include file-path|directory-pathsvdC
    サーバ設定ファイル中から他の設定ファイルを取り込む
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within +
    Include file-path|directory-pathsvdC
    サーバ設定ファイル中から他の設定ファイルを取り込む
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within the server configuration files
    IndexHeadInsert "markup ..."svdhB
    インデックスページの HEAD セクションにテキストを挿入する
    IndexIgnore file [file] ...svdhB
    ディレクトリ一覧を行なう際に無視すべき +
    IndexHeadInsert "markup ..."svdhB
    インデックスページの HEAD セクションにテキストを挿入する
    IndexIgnore file [file] ...svdhB
    ディレクトリ一覧を行なう際に無視すべき ファイルリストに追加
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing +
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing a directory
    IndexOptions [+|-]option [[+|-]option] ...svdhB
    ディレクトリインデックスの様々な設定項目 +
    IndexOptions [+|-]option [[+|-]option] ...svdhB
    ディレクトリインデックスの様々な設定項目
    IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhB
    +
    IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhB
    ディレクトリインデックスの標準の順番付けを設定
    IndexStyleSheet url-pathsvdhB
    ディレクトリインデックスに CSS スタイルシートを追加する
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from +
    IndexStyleSheet url-pathsvdhB
    ディレクトリインデックスに CSS スタイルシートを追加する
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
    ISAPIAppendLogToQuery on|off on svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from +
    ISAPIAppendLogToQuery on|off on svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
    ISAPICacheFile file-path [file-path] -...svB
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off svdhB
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off svdhB
    Log unsupported feature requests from ISAPI +
    ISAPICacheFile file-path [file-path] +...svB
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off svdhB
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off svdhB
    Log unsupported feature requests from ISAPI extensions
    ISAPIReadAheadBuffer size 49152 svdhB
    Size of the Read Ahead Buffer sent to ISAPI +
    ISAPIReadAheadBuffer size 49152 svdhB
    Size of the Read Ahead Buffer sent to ISAPI extensions
    KeepAlive On|Off On svC
    HTTP の持続的な接続を有効にする
    KeepAliveTimeout seconds 5 svC
    持続的な接続で次のリクエストが来るまでサーバが待つ時間
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to +
    KeepAlive On|Off On svC
    HTTP の持続的な接続を有効にする
    KeepAliveTimeout seconds 5 svC
    持続的な接続で次のリクエストが来るまでサーバが待つ時間
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
    LanguagePriority MIME-lang [MIME-lang] -...svdhB
    クライアントが優先度を示さなかったときの言語の variant の優先度を +
    LanguagePriority MIME-lang [MIME-lang] +...svdhB
    クライアントが優先度を示さなかったときの言語の variant の優先度を 指定
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare +
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare operations
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain +
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain valid
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per +
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted +
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted Certificate Authority or global client certificates
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... - </Limit>svdhC
    囲いの中にあるアクセス制御の適用を特定の HTTP メソッドのみに +
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... + </Limit>svdhC
    囲いの中にあるアクセス制御の適用を特定の HTTP メソッドのみに 制限する
    <LimitExcept method [method] ... > ... - </LimitExcept>svdhC
    指定されたもの以外の HTTP メソッドにアクセス制御を +
    <LimitExcept method [method] ... > ... + </LimitExcept>svdhC
    指定されたもの以外の HTTP メソッドにアクセス制御を 制限する
    LimitInternalRecursion number [number] 10 svC
    内部リダイレクトと入れ子になったサブリクエストの最大数を決定する
    LimitRequestBody bytes 0 svdhC
    クライアントから送られる HTTP リクエストのボディの +
    LimitInternalRecursion number [number] 10 svC
    内部リダイレクトと入れ子になったサブリクエストの最大数を決定する
    LimitRequestBody bytes 0 svdhC
    クライアントから送られる HTTP リクエストのボディの 総量を制限する
    LimitRequestFields number 100 sC
    クライアントからの HTTP リクエストのヘッダフィールドの数を +
    LimitRequestFields number 100 sC
    クライアントからの HTTP リクエストのヘッダフィールドの数を 制限する
    LimitRequestFieldSize bytes 8190 sC
    クライアントからの HTTP リクエストのヘッダの +
    LimitRequestFieldSize bytes 8190 sC
    クライアントからの HTTP リクエストのヘッダの サイズを制限する
    LimitRequestLine bytes 8190 sC
    クライアントからの HTTP リクエスト行のサイズを制限する
    LimitXMLRequestBody bytes 1000000 svdhC
    XML 形式のリクエストのボディのサイズを制限する
    Listen [IP-address:]portnumber [protocol]sM
    サーバが listen するIP アドレスとポート番号
    ListenBacklog backlogsM
    保留状態のコネクションのキューの最大長
    LimitRequestLine bytes 8190 sC
    クライアントからの HTTP リクエスト行のサイズを制限する
    LimitXMLRequestBody bytes 1000000 svdhC
    XML 形式のリクエストのボディのサイズを制限する
    Listen [IP-address:]portnumber [protocol]sM
    サーバが listen するIP アドレスとポート番号
    ListenBacklog backlogsM
    保留状態のコネクションのキューの最大長
    ListenCoresBucketsRatio ratio 0 (disabled) sM
    Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    LoadFile filename [filename] ...svE
    指定されたオブジェクトファイルやライブラリをリンクする
    LoadModule module filenamesvE
    オブジェクトファイルやライブラリをリンクし、使用モジュールの リストに追加する
    MaxSpareServers number 10 sM
    アイドルな子サーバプロセスの最大個数
    MaxSpareThreads numbersM
    アイドルスレッドの最大数
    MaxThreads number 2048 sM
    Set the maximum number of worker threads
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    Name of the directory to find CERN-style meta information +
    MemcacheConnTTL num[units] 15s svE
    Keepalive time for idle connections
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    Name of the directory to find CERN-style meta information files
    MetaFiles on|off off svdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta svdhE
    File name suffix for the file containing CERN-style +
    MetaFiles on|off off svdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta svdhE
    File name suffix for the file containing CERN-style meta information
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents +
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents using the specified magic file
    MinSpareServers number 5 sM
    アイドルな子サーバプロセスの最小個数
    MinSpareThreads numbersM
    リクエストに応答することのできる +
    MinSpareServers number 5 sM
    アイドルな子サーバプロセスの最小個数
    MinSpareThreads numbersM
    リクエストに応答することのできる アイドルスレッド数の最小数
    MMapFile file-path [file-path] ...sX
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off d
    path_info コンポーネントをファイル名の一部として扱うように +
    MMapFile file-path [file-path] ...sX
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off d
    path_info コンポーネントをファイル名の一部として扱うように mod_mime に通知する
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdh
    MultiViews でのマッチングの検索に含ませる +
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdh
    MultiViews でのマッチングの検索に含ませる ファイルのタイプを指定する
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all +
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all or specified mutexes
    NameVirtualHost addr[:port]sC
    名前ベースのバーチャルホストのための IP アドレスを指定
    NoProxy host [host] ...svE
    直接接続する ホスト、ドメイン、ネットワーク
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options - [+|-]option [[+|-]option] ... All svdhC
    ディレクトリに対して使用可能な機能を設定する
    Order ordering Deny,Allow dhE
    デフォルトのアクセス可能な状態と、Allow と +
    NameVirtualHost addr[:port]sC
    名前ベースのバーチャルホストのための IP アドレスを指定
    NoProxy host [host] ...svE
    直接接続する ホスト、ドメイン、ネットワーク
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options + [+|-]option [[+|-]option] ... All svdhC
    ディレクトリに対して使用可能な機能を設定する
    Order ordering Deny,Allow dhE
    デフォルトのアクセス可能な状態と、AllowDeny が評価される順番を制御する
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] -...svdhB
    シェルからの環境変数を渡す
    PidFile filename logs/httpd.pid sM
    デーモンのプロセス ID +
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] +...svdhB
    シェルからの環境変数を渡す
    PidFile filename logs/httpd.pid sM
    デーモンのプロセス ID をサーバが記録するためのファイル
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against +
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against malicious privileges-aware code.
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|Off Off svX
    エコーサーバの有効無効を設定します。
    <Proxy wildcard-url> ...</Proxy>svE
    プロキシされるリソースに適用されるコンテナ
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    応答におかしなヘッダがある場合の扱い方を決める
    ProxyBlock *|word|host|domain -[word|host|domain] ...svE
    プロキシ接続を禁止する語句、ホスト名、ドメインを指定する
    ProxyDomain DomainsvE
    プロキシされたリクエストのデフォルトのドメイン名
    ProxyErrorOverride On|Off Off svE
    プロキシされたコンテンツのエラーページを上書きする
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and +
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|Off Off svX
    エコーサーバの有効無効を設定します。
    Protocols protocol ... http/1.1 svC
    Protocols available for a server/virtual host
    ProtocolsHonorOrder On|Off On svC
    Determines if order of Protocols determines precedence during negotiation
    <Proxy wildcard-url> ...</Proxy>svE
    プロキシされるリソースに適用されるコンテナ
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    応答におかしなヘッダがある場合の扱い方を決める
    ProxyBlock *|word|host|domain +[word|host|domain] ...svE
    プロキシ接続を禁止する語句、ホスト名、ドメインを指定する
    ProxyDomain DomainsvE
    プロキシされたリクエストのデフォルトのドメイン名
    ProxyErrorOverride On|Off Off svE
    プロキシされたコンテンツのエラーページを上書きする
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and stylesheets.
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, +
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, and scripting events.
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of +
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of ProxyHTMLURLMap rules.
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML +
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML <head> sections.
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    内部データスループットバッファのサイズを決定する
    <ProxyMatch regex> ...</ProxyMatch>svE
    正規表現でのマッチによるプロキシリソース用のディレクティブコンテナ
    ProxyMaxForwards number 10 svE
    リクエストがフォワードされるプロキシの最大数
    ProxyPass [path] !|url [key=value key=value ...]]svdE
    リモートサーバをローカルサーバの URL 空間にマップする
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] urlsvdE
    リバースプロキシされたサーバから送られた HTTP 応答ヘッダの +
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    内部データスループットバッファのサイズを決定する
    <ProxyMatch regex> ...</ProxyMatch>svE
    正規表現でのマッチによるプロキシリソース用のディレクティブコンテナ
    ProxyMaxForwards number 10 svE
    リクエストがフォワードされるプロキシの最大数
    ProxyPass [path] !|url [key=value key=value ...]]svdE
    リモートサーバをローカルサーバの URL 空間にマップする
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] urlsvdE
    リバースプロキシされたサーバから送られた HTTP 応答ヘッダの URL を調整する
    ProxyPassReverseCookieDomain internal-domain public-domainsvdE
    リバースプロキシサーバからの Set-Cookie ヘッダの Domain 文字列を +
    ProxyPassReverseCookieDomain internal-domain public-domainsvdE
    リバースプロキシサーバからの Set-Cookie ヘッダの Domain 文字列を 調整する
    ProxyPassReverseCookiePath internal-path public-pathsvdE
    Reverse プロキシサーバからの Set-Cookie ヘッダの Path 文字列を +
    ProxyPassReverseCookiePath internal-path public-pathsvdE
    Reverse プロキシサーバからの Set-Cookie ヘッダの Path 文字列を 調整する
    ProxyPreserveHost On|Off Off svE
    プロキシリクエストに、受け付けた Host HTTP ヘッダを使う
    ProxyReceiveBufferSize bytes 0 svE
    プロキシされる HTTP と FTP 接続のためのネットワークバッファサイズ
    ProxyRemote match remote-serversvE
    特定のリクエストを扱う時に使われるリモートプロキシを指定する
    ProxyRemoteMatch regex remote-serversvE
    正規表現でのマッチによるリクエストを扱うリモートプロキシの指定
    ProxyRequests On|Off Off svE
    フォワード (標準の) プロキシリクエストを有効にする
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the +
    ProxyPreserveHost On|Off Off svE
    プロキシリクエストに、受け付けた Host HTTP ヘッダを使う
    ProxyReceiveBufferSize bytes 0 svE
    プロキシされる HTTP と FTP 接続のためのネットワークバッファサイズ
    ProxyRemote match remote-serversvE
    特定のリクエストを扱う時に使われるリモートプロキシを指定する
    ProxyRemoteMatch regex remote-serversvE
    正規表現でのマッチによるリクエストを扱うリモートプロキシの指定
    ProxyRequests On|Off Off svE
    フォワード (標準の) プロキシリクエストを有効にする
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the backend
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response +
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response header
    dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout seconds 300 svE
    プロキシされたリクエストのネットワークタイムアウト
    ProxyVia On|Off|Full|Block Off svE
    プロキシされたリクエストの Via HTTP 応答ヘッダ +
    dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout seconds 300 svE
    プロキシされたリクエストのネットワークタイムアウト
    ProxyVia On|Off|Full|Block Off svE
    プロキシされたリクエストの Via HTTP 応答ヘッダ により提供される情報
    ReadmeName filenamesvdhB
    インデックス一覧の最後に挿入されるファイルの名前
    ReceiveBufferSize bytes 0 sM
    TCP 受信バッファサイズ
    Redirect [status] URL-path -URLsvdhB
    クライアントが違う URL を取得するように外部へのリダイレクトを +
    ReadmeName filenamesvdhB
    インデックス一覧の最後に挿入されるファイルの名前
    ReceiveBufferSize bytes 0 sM
    TCP 受信バッファサイズ
    Redirect [status] URL-path +URLsvdhB
    クライアントが違う URL を取得するように外部へのリダイレクトを 送る
    RedirectMatch [status] regex -URLsvdhB
    現在の URL への正規表現のマッチにより +
    RedirectMatch [status] regex +URLsvdhB
    現在の URL への正規表現のマッチにより 外部へのリダイレクトを送る
    RedirectPermanent URL-path URLsvdhB
    クライアントが違う URL を取得するように外部への永久的な +
    RedirectPermanent URL-path URLsvdhB
    クライアントが違う URL を取得するように外部への永久的な リダイレクトを送る
    RedirectTemp URL-path URLsvdhB
    クライアントが違う URL を取得するように外部への一時的な +
    RedirectTemp URL-path URLsvdhB
    クライアントが違う URL を取得するように外部への一時的な リダイレクトを送る
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] -...vdh
    ファイルの拡張子に関連付けられたすべての文字セット +
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] +...vdh
    ファイルの拡張子に関連付けられたすべての文字セット を解除する
    RemoveEncoding extension [extension] -...vdh
    ファイルの拡張子に関連付けられたすべてのコンテントエンコーディング +
    RemoveEncoding extension [extension] +...vdh
    ファイルの拡張子に関連付けられたすべてのコンテントエンコーディング を解除する
    RemoveHandler extension [extension] -...vdh
    ファイルの拡張子に関連付けられたすべてのハンドラを +
    RemoveHandler extension [extension] +...vdh
    ファイルの拡張子に関連付けられたすべてのハンドラを 解除する
    RemoveInputFilter extension [extension] -...vdh
    ファイル拡張子に関連付けられた入力フィルタを解除する
    RemoveLanguage extension [extension] -...vdh
    ファイル拡張子に関連付けられた言語を解除する
    RemoveOutputFilter extension [extension] -...vdh
    ファイル拡張子に関連付けられた出力フィルタを解除する
    RemoveType extension [extension] -...vdh
    ファイルの拡張子と関連付けられたコンテントタイプを +
    RemoveInputFilter extension [extension] +...vdh
    ファイル拡張子に関連付けられた入力フィルタを解除する
    RemoveLanguage extension [extension] +...vdh
    ファイル拡張子に関連付けられた言語を解除する
    RemoveOutputFilter extension [extension] +...vdh
    ファイル拡張子に関連付けられた出力フィルタを解除する
    RemoveType extension [extension] +...vdh
    ファイルの拡張子と関連付けられたコンテントタイプを 解除する
    RequestHeader set|append|add|unset header -[value] [early|env=[!]variable]svdhE
    HTTP リクエストヘッダの設定
    RequestReadTimeout +
    RequestHeader set|append|add|unset header +[value] [early|env=[!]variable]svdhE
    HTTP リクエストヘッダの設定
    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svE
    Set timeout values for receiving request headers and body from client. +svE
    Set timeout values for receiving request headers and body from client.
    Require [not] entity-name - [entity-name] ...dhB
    Tests whether an authenticated user is authorized by +
    Require [not] entity-name + [entity-name] ...dhB
    Tests whether an authenticated user is authorized by an authorization provider.
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none +
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one +
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none +
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond - TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place +
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond + TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource -svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule - Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Apache の子プロセスから起動されたプロセスの CPU 消費量を +
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource +svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule + Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Apache の子プロセスから起動されたプロセスの CPU 消費量を 制限する
    RLimitMEM bytes|max [bytes|max]svdhC
    Apache の子プロセスから起動されたプロセスのメモリ消費量を +
    RLimitMEM bytes|max [bytes|max]svdhC
    Apache の子プロセスから起動されたプロセスのメモリ消費量を 制限する
    RLimitNPROC number|max [number|max]svdhC
    Apache の子プロセスから起動されたプロセスが起動するプロセスの +
    RLimitNPROC number|max [number|max]svdhC
    Apache の子プロセスから起動されたプロセスが起動するプロセスの 数を制限する
    Satisfy Any|All All dhE
    ホストレベルのアクセス制御とユーザ認証との相互作用を指定
    ScoreBoardFile file-path logs/apache_status sM
    子プロセスと連携するためのデータを保存する +
    Satisfy Any|All All dhE
    ホストレベルのアクセス制御とユーザ認証との相互作用を指定
    ScoreBoardFile file-path logs/apache_status sM
    子プロセスと連携するためのデータを保存する ファイルの位置
    Script method cgi-scriptsvdB
    特定のリクエストメソッドに対して CGI スクリプトを +
    Script method cgi-scriptsvdB
    特定のリクエストメソッドに対して CGI スクリプトを 実行するように設定
    ScriptAlias URL-path -file-path|directory-pathsvB
    URL をファイルシステムの位置へマップし、マップ先を +
    ScriptAlias URL-path +file-path|directory-pathsvB
    URL をファイルシステムの位置へマップし、マップ先を CGI スクリプトに指定
    ScriptAliasMatch regex -file-path|directory-pathsvB
    URL を正規表現を使ってファイルシステムの位置へマップし、マップ先を +
    ScriptAliasMatch regex +file-path|directory-pathsvB
    URL を正規表現を使ってファイルシステムの位置へマップし、マップ先を CGI スクリプトに指定
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    CGI スクリプトのインタープリタの位置を調べるための手法
    ScriptLog file-pathsvB
    CGI スクリプトのエラーログファイルの場所
    ScriptLogBuffer bytes 1024 svB
    スクリプトログに記録される PUT や POST リクエストの内容の上限
    ScriptLogLength bytes 10385760 svB
    CGI スクリプトのログファイルの大きさの上限
    ScriptSock file-path logs/cgisock sB
    CGI デーモンとの通信に使われるソケットのファイル名の接頭辞
    SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    CGI スクリプトのインタープリタの位置を調べるための手法
    ScriptLog file-pathsvB
    CGI スクリプトのエラーログファイルの場所
    ScriptLogBuffer bytes 1024 svB
    スクリプトログに記録される PUT や POST リクエストの内容の上限
    ScriptLogLength bytes 10385760 svB
    CGI スクリプトのログファイルの大きさの上限
    ScriptSock file-path logs/cgisock sB
    CGI デーモンとの通信に使われるソケットのファイル名の接頭辞
    SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
    SendBufferSize bytes 0 sM
    TCP バッファサイズ
    ServerAdmin email-address|URLsvC
    サーバがクライアントに送るエラーメッセージに含める電子メールの +
    SendBufferSize bytes 0 sM
    TCP バッファサイズ
    ServerAdmin email-address|URLsvC
    サーバがクライアントに送るエラーメッセージに含める電子メールの アドレス
    ServerAlias hostname [hostname] ...vC
    リクエストを名前ベースのバーチャルホストにマッチさせているときに +
    ServerAlias hostname [hostname] ...vC
    リクエストを名前ベースのバーチャルホストにマッチさせているときに 使用されるホストの別名
    ServerLimit numbersM
    設定可能なサーバプロセス数の上限
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    サーバが自分自身を示すときに使うホスト名とポート
    ServerPath URL-pathvC
    非互換のブラウザが名前ベースのバーチャルホストにアクセスしたときの +
    ServerLimit numbersM
    設定可能なサーバプロセス数の上限
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    サーバが自分自身を示すときに使うホスト名とポート
    ServerPath URL-pathvC
    非互換のブラウザが名前ベースのバーチャルホストにアクセスしたときの ための互換用 URL パス名
    ServerRoot directory-path /usr/local/apache sC
    インストールされたサーバのベースディレクトリ
    ServerSignature On|Off|EMail Off svdhC
    サーバが生成するドキュメントのフッタを設定
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Server HTTP 応答ヘッダを設定する
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the +
    ServerRoot directory-path /usr/local/apache sC
    インストールされたサーバのベースディレクトリ
    ServerSignature On|Off|EMail Off svdhC
    サーバが生成するドキュメントのフッタを設定
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Server HTTP 応答ヘッダを設定する
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the HTTP_SESSION environment variable
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable valuesvdhB
    環境変数を設定する
    SetEnvIf attribute +
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable valuesvdhB
    環境変数を設定する
    SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    リクエストの属性に基づいて環境変数を設定する + [[!]env-variable[=value]] ...svdhB
    リクエストの属性に基づいて環境変数を設定する
    svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex +
    svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    リクエストの属性に基づいて大文字小文字を区別せずに環境変数を設定する
    SetHandler handler-name|NonesvdhC
    マッチするファイルがハンドラで処理されるようにする
    SetInputFilter filter[;filter...]svdhC
    クライアントのリクエストや POST の入力を処理するフィルタを設定する
    SetOutputFilter filter[;filter...]svdhC
    サーバの応答を処理するフィルタを設定する
    SSIEndTag tag "-->" svB
    include 要素を終了させる文字列
    SSIErrorMsg message "[an error occurred +svdhB
    SSI のエラーがあったときに表示されるエラーメッセージ
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the + [[!]env-variable[=value]] ...svdhB
    リクエストの属性に基づいて大文字小文字を区別せずに環境変数を設定する
    SetHandler handler-name|NonesvdhC
    マッチするファイルがハンドラで処理されるようにする
    SetInputFilter filter[;filter...]svdhC
    クライアントのリクエストや POST の入力を処理するフィルタを設定する
    SetOutputFilter filter[;filter...]svdhC
    サーバの応答を処理するフィルタを設定する
    SSIEndTag tag "-->" svB
    include 要素を終了させる文字列
    SSIErrorMsg message "[an error occurred +svdhB
    SSI のエラーがあったときに表示されるエラーメッセージ
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the server.
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    include 要素を開始する文字列
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    日付けを現す文字列の書式を設定する
    SSIUndefinedEcho string "(none)" svdhB
    未定義の変数が echo されたときに表示される文字列
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    include 要素を開始する文字列
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    日付けを現す文字列の書式を設定する
    SSIUndefinedEcho string "(none)" svdhB
    未定義の変数が echo されたときに表示される文字列
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Client Auth
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Client Auth
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for defining acceptable CA names
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Client Auth
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Client Auth
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL handshake
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private +
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private keys
    SSLProtocol [+|-]protocol ... all svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field +
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired +
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates +
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL proxy handshake
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server +
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server Certificate verification
    SSLRandomSeed context source -[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding +
    SSLRandomSeed context source +[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding source
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex +
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex boolean expression is true
    SSLRequireSSLdhE
    Deny access when SSL is not used for the +
    SSLRequireSSLdhE
    Deny access when SSL is not used for the HTTP request
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session +
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session Cache
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires +
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires in the Session Cache
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual +
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual host.
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client +
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client Certificate verification
    StartServers numbersM
    起動時に生成される子サーバプロセスの数
    StartThreads numbersM
    起動時に生成されるスレッドの数
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    StartServers numbersM
    起動時に生成される子サーバプロセスの数
    StartThreads numbersM
    起動時に生成されるスレッドの数
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsB
    Enable or disable the suEXEC feature
    SuexecUserGroup User GroupsvE
    CGI プログラムのユーザパーミッション、グループパーミッション
    Group unix-group #-1 sB
    Group under which the server will answer requests
    Header [condition] set|append|add|unset|echo -header [value] [early|env=[!]variable]svdhE
    HTTP Ѵ
    HeaderName filenamesvdhB
    ϸ ̸
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending +
    H2Direct on|off on (for non TLS) svE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 svE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2SerializeHeaders on|off off svE
    Serialize Request/Resoonse Processing Switch
    H2SessionExtraFiles n 5 svE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 svE
    Maximum amount of output data buffered per stream.
    H2WindowSize bytes 65536 svE
    Size of Stream Window for upstream data.
    Header [condition] set|append|add|unset|echo +header [value] [early|env=[!]variable]svdhE
    HTTP Ѵ
    HeaderName filenamesvdhB
    ϸ ̸
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending heartbeat requests to this server
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    Enables DNS lookups on client IP addresses
    IdentityCheck On|Off Off svdE
    RFC 1413 ſ α׿ Ѵ
    IdentityCheckTimeout seconds 30 svdE
    ident û ð Ѵ
    <If expression> ... </If>svdhC
    Contains directives that apply only if a condition is +
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    Enables DNS lookups on client IP addresses
    IdentityCheck On|Off Off svdE
    RFC 1413 ſ α׿ Ѵ
    IdentityCheckTimeout seconds 30 svdE
    ident û ð Ѵ
    <If expression> ... </If>svdhC
    Contains directives that apply only if a condition is satisfied by a request at runtime
    <IfDefine [!]parameter-name> ... - </IfDefine>svdhC
    Encloses directives that will be processed only +
    <IfDefine [!]parameter-name> ... + </IfDefine>svdhC
    Encloses directives that will be processed only if a test is true at startup
    <IfModule [!]module-file|module-identifier> ... - </IfModule>svdhC
    Encloses directives that are processed conditional on the +
    <IfModule [!]module-file|module-identifier> ... + </IfModule>svdhC
    Encloses directives that are processed conditional on the presence or absence of a specific module
    <IfVersion [[!]operator] version> ... -</IfVersion>svdhE
    ´
    ImapBase map|referer|URL http://servername/ svdhB
    ̹ Ͽ base
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    ̹ʿ ش ʴ ǥ +
    <IfVersion [[!]operator] version> ... +</IfVersion>svdhE
    ´
    ImapBase map|referer|URL http://servername/ svdhB
    ̹ Ͽ base
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    ̹ʿ ش ʴ ǥ ⺻ ൿ
    ImapMenu none|formatted|semiformatted|unformattedsvdhB
    ǥ ̹ û ൿ
    Include file-path|directory-path|wildcardsvdC
    Includes other configuration files from within +
    ImapMenu none|formatted|semiformatted|unformattedsvdhB
    ǥ ̹ û ൿ
    Include file-path|directory-path|wildcardsvdC
    Includes other configuration files from within the server configuration files
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within +
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within the server configuration files
    svdhB
    Inserts text in the HEAD section of an index page.
    IndexIgnore file [file] ...svdhB
    丮 Ͽ ϸ ߰Ѵ
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing +
    svdhB
    Inserts text in the HEAD section of an index page.
    IndexIgnore file [file] ...svdhB
    丮 Ͽ ϸ ߰Ѵ
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing a directory
    IndexOptions [+|-]option [[+|-]option] -...svdhB
    IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhB
    丮 ⺻ Ѵ
    IndexStyleSheet url-pathsvdhB
    丮 Ͽ CSS ŸϽƮ ߰Ѵ
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    ISAPI exntension HSE_APPEND_LOG_PARAMETER +
    IndexOptions [+|-]option [[+|-]option] +...svdhB
    IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhB
    丮 ⺻ Ѵ
    IndexStyleSheet url-pathsvdhB
    丮 Ͽ CSS ŸϽƮ ߰Ѵ
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    ISAPI exntension HSE_APPEND_LOG_PARAMETER û α׿ Ѵ
    ISAPIAppendLogToQuery on|off on svdhB
    ISAPI exntension HSE_APPEND_LOG_PARAMETER +
    ISAPIAppendLogToQuery on|off on svdhB
    ISAPI exntension HSE_APPEND_LOG_PARAMETER û ǹڿ Ѵ
    ISAPICacheFile file-path [file-path] -...svB
    Ҷ ޸𸮷 о ISAPI .dll ϵ
    ISAPIFakeAsync on|off off svdhB
    񵿱 ISAPI ݹ ϴ ôѴ
    ISAPILogNotSupported on|off off svdhB
    ISAPI extension ʴ ûϸ +
    ISAPICacheFile file-path [file-path] +...svB
    Ҷ ޸𸮷 о ISAPI .dll ϵ
    ISAPIFakeAsync on|off off svdhB
    񵿱 ISAPI ݹ ϴ ôѴ
    ISAPILogNotSupported on|off off svdhB
    ISAPI extension ʴ ûϸ α׿ Ѵ
    ISAPIReadAheadBuffer size 49152 svdhB
    ISAPI extension ̸б(read ahead buffer) +
    ISAPIReadAheadBuffer size 49152 svdhB
    ISAPI extension ̸б(read ahead buffer) ũ
    KeepAlive On|Off On svC
    Enables HTTP persistent connections
    KeepAliveTimeout num[ms] 5 svC
    Amount of time the server will wait for subsequent +
    KeepAlive On|Off On svC
    Enables HTTP persistent connections
    KeepAliveTimeout num[ms] 5 svC
    Amount of time the server will wait for subsequent requests on a persistent connection
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to +
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
    LanguagePriority MIME-lang [MIME-lang] -...svdhB
    The precendence of language variants for cases where +
    LanguagePriority MIME-lang [MIME-lang] +...svdhB
    The precendence of language variants for cases where the client does not express a preference
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare +
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare operations
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain +
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain valid
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per +
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted +
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted Certificate Authority or global client certificates
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... - </Limit>dhC
    Restrict enclosed access controls to only certain HTTP +
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... + </Limit>dhC
    Restrict enclosed access controls to only certain HTTP methods
    <LimitExcept method [method] ... > ... - </LimitExcept>dhC
    Restrict access controls to all HTTP methods +
    <LimitExcept method [method] ... > ... + </LimitExcept>dhC
    Restrict access controls to all HTTP methods except the named ones
    LimitInternalRecursion number [number] 10 svC
    Determine maximum number of internal redirects and nested +
    LimitInternalRecursion number [number] 10 svC
    Determine maximum number of internal redirects and nested subrequests
    LimitRequestBody bytes 0 svdhC
    Restricts the total size of the HTTP request body sent +
    LimitRequestBody bytes 0 svdhC
    Restricts the total size of the HTTP request body sent from the client
    LimitRequestFields number 100 svC
    Limits the number of HTTP request header fields that +
    LimitRequestFields number 100 svC
    Limits the number of HTTP request header fields that will be accepted from the client
    LimitRequestFieldSize bytes 8190 svC
    Limits the size of the HTTP request header allowed from the +
    LimitRequestFieldSize bytes 8190 svC
    Limits the size of the HTTP request header allowed from the client
    LimitRequestLine bytes 8190 svC
    Limit the size of the HTTP request line that will be accepted +
    LimitRequestLine bytes 8190 svC
    Limit the size of the HTTP request line that will be accepted from the client
    LimitXMLRequestBody bytes 1000000 svdhC
    Limits the size of an XML-based request body
    Listen [IP-address:]portnumber [protocol]sM
    IP addresses and ports that the server +
    LimitXMLRequestBody bytes 1000000 svdhC
    Limits the size of an XML-based request body
    Listen [IP-address:]portnumber [protocol]sM
    IP addresses and ports that the server listens to
    ListenBacklog backlogsM
    Maximum length of the queue of pending connections
    ListenBacklog backlogsM
    Maximum length of the queue of pending connections
    ListenCoresBucketsRatio ratio 0 (disabled) sM
    Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    LoadFile filename [filename] ...sE
    ̳ ̺귯 оδ
    LoadModule module filenamesE
    ̳ ̺귯 о̰, 밡 Ͽ ߰Ѵ
    MaxSpareServers number 10 sM
    Maximum number of idle child server processes
    MaxSpareThreads numbersM
    Maximum number of idle threads
    MaxThreads number 2048 sM
    Set the maximum number of worker threads
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    CERN Ÿ ã 丮 ̸
    MetaFiles on|off off svdhE
    CERN Ÿ óѴ
    MetaSuffix suffix .meta svdhE
    CERN Ÿ ϴ ̻
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents +
    MemcacheConnTTL num[units] 15s svE
    Keepalive time for idle connections
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    CERN Ÿ ã 丮 ̸
    MetaFiles on|off off svdhE
    CERN Ÿ óѴ
    MetaSuffix suffix .meta svdhE
    CERN Ÿ ϴ ̻
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents using the specified magic file
    MinSpareServers number 5 sM
    Minimum number of idle child server processes
    MinSpareThreads numbersM
    Minimum number of idle threads available to handle request +
    MinSpareServers number 5 sM
    Minimum number of idle child server processes
    MinSpareThreads numbersM
    Minimum number of idle threads available to handle request spikes
    MMapFile file-path [file-path] ...sX
    ۽ ޸𸮿 Ѵ
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dB
    Tells mod_mime to treat path_info +
    MMapFile file-path [file-path] ...sX
    ۽ ޸𸮿 Ѵ
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dB
    Tells mod_mime to treat path_info components as part of the filename
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhB
    The types of files that will be included when searching for +
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhB
    The types of files that will be included when searching for a matching file with MultiViews
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all +
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all or specified mutexes
    NameVirtualHost addr[:port]sC
    DEPRECATED: Designates an IP address for name-virtual +
    NameVirtualHost addr[:port]sC
    DEPRECATED: Designates an IP address for name-virtual hosting
    NoProxy host [host] ...svE
    Hosts, domains, or networks that will be connected to +
    NoProxy host [host] ...svE
    Hosts, domains, or networks that will be connected to directly
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Configures what features are available in a particular +
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Configures what features are available in a particular directory
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which +
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which Allow and Deny are evaluated.
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] -...svdhB
    ȯ溯 ´
    PidFile filename logs/httpd.pid sM
    File where the server records the process ID +
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] +...svdhB
    ȯ溯 ´
    PidFile filename logs/httpd.pid sM
    File where the server records the process ID of the daemon
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against +
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against malicious privileges-aware code.
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|OffsvX
    echo Ű
    <Proxy wildcard-url> ...</Proxy>svE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Determines how to handle bad header lines in a +
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|OffsvX
    echo Ű
    Protocols protocol ... http/1.1 svC
    Protocols available for a server/virtual host
    ProtocolsHonorOrder On|Off On svC
    Determines if order of Protocols determines precedence during negotiation
    <Proxy wildcard-url> ...</Proxy>svE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Determines how to handle bad header lines in a response
    ProxyBlock *|word|host|domain -[word|host|domain] ...svE
    Words, hosts, or domains that are banned from being +
    ProxyBlock *|word|host|domain +[word|host|domain] ...svE
    Words, hosts, or domains that are banned from being proxied
    ProxyDomain DomainsvE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off svdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and +
    ProxyDomain DomainsvE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off svdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and stylesheets.
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, +
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, and scripting events.
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of +
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of ProxyHTMLURLMap rules.
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML +
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML <head> sections.
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched +
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched proxied resources
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded +
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded through
    ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url -[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse +
    ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url +[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse proxied server
    ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
    ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy +
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy request
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP +
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP connections
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular +
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular expressions
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the +
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the backend
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response +
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response header
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response +
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response header for proxied requests
    ReadmeName filenamesvdhB
    ϸ ̸
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] URL-path -URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ +
    ReadmeName filenamesvdhB
    ϸ ̸
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] URL-path +URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ ̷
    RedirectMatch [status] regex -URLsvdhB
    URL ǥĿ شϸ ܺ ̷ +
    RedirectMatch [status] regex +URLsvdhB
    URL ǥĿ شϸ ܺ ̷
    RedirectPermanent URL-path URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ +
    RedirectPermanent URL-path URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ ̷
    RedirectTemp URL-path URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ +
    RedirectTemp URL-path URLsvdhB
    Ŭ̾Ʈ ٸ URL ϵ ûϴ ܺ ӽ ̷
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] -...vdhB
    Removes any character set associations for a set of file +
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] +...vdhB
    Removes any character set associations for a set of file extensions
    RemoveEncoding extension [extension] -...vdhB
    Removes any content encoding associations for a set of file +
    RemoveEncoding extension [extension] +...vdhB
    Removes any content encoding associations for a set of file extensions
    RemoveHandler extension [extension] -...vdhB
    Removes any handler associations for a set of file +
    RemoveHandler extension [extension] +...vdhB
    Removes any handler associations for a set of file extensions
    RemoveInputFilter extension [extension] -...vdhB
    Removes any input filter associations for a set of file +
    RemoveInputFilter extension [extension] +...vdhB
    Removes any input filter associations for a set of file extensions
    RemoveLanguage extension [extension] -...vdhB
    Removes any language associations for a set of file +
    RemoveLanguage extension [extension] +...vdhB
    Removes any language associations for a set of file extensions
    RemoveOutputFilter extension [extension] -...vdhB
    Removes any output filter associations for a set of file +
    RemoveOutputFilter extension [extension] +...vdhB
    Removes any output filter associations for a set of file extensions
    RemoveType extension [extension] -...vdhB
    Removes any content type associations for a set of file +
    RemoveType extension [extension] +...vdhB
    Removes any content type associations for a set of file extensions
    RequestHeader set|append|add|unset header -[value] [early|env=[!]variable]svdhE
    HTTP û Ѵ
    RequestReadTimeout +
    RequestHeader set|append|add|unset header +[value] [early|env=[!]variable]svdhE
    HTTP û Ѵ
    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svE
    Set timeout values for receiving request headers and body from client. +svE
    Set timeout values for receiving request headers and body from client.
    Require [not] entity-name - [entity-name] ...dhB
    Tests whether an authenticated user is authorized by +
    Require [not] entity-name + [entity-name] ...dhB
    Tests whether an authenticated user is authorized by an authorization provider.
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none +
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one +
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none +
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond - TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place +
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond + TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource -svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule - Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched +
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource +svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule + Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched by Apache httpd children
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched +
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched by Apache httpd children
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by +
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by processes launched by Apache httpd children
    Satisfy Any|All All dhE
    Interaction between host-level access control and +
    Satisfy Any|All All dhE
    Interaction between host-level access control and user authentication
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for +
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for the child processes
    Script method cgi-scriptsvdB
    Ư û޼忡 CGI ũƮ +
    Script method cgi-scriptsvdB
    Ư û޼忡 CGI ũƮ Ѵ.
    ScriptAlias URL-path -file-path|directory-pathsvB
    URL Ư Ͻý ҷ ϰ CGI +
    ScriptAlias URL-path +file-path|directory-pathsvB
    URL Ư Ͻý ҷ ϰ CGI ũƮ ˸
    ScriptAliasMatch regex -file-path|directory-pathsvB
    ǥ Ͽ URL Ư Ͻý ҷ +
    ScriptAliasMatch regex +file-path|directory-pathsvB
    ǥ Ͽ URL Ư Ͻý ҷ ϰ CGI ũƮ ˸
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI scripts
    ScriptLog file-pathsvB
    CGI ũƮ α ġ
    ScriptLogBuffer bytes 1024 svB
    ũƮ α׿ PUT Ȥ POST û ִ뷮
    ScriptLogLength bytes 10385760 svB
    CGI ũƮ α ũ
    ScriptSock file-path logs/cgisock svB
    cgi ̸
    SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters +
    ScriptLog file-pathsvB
    CGI ũƮ α ġ
    ScriptLogBuffer bytes 1024 svB
    ũƮ α׿ PUT Ȥ POST û ִ뷮
    ScriptLogLength bytes 10385760 svB
    CGI ũƮ α ũ
    ScriptSock file-path logs/cgisock svB
    cgi ̸
    SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error +
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error messages sent to the client
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests +
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests to name-virtual hosts
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify +
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify itself
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that +
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response +
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response header
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the +
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the HTTP_SESSION environment variable
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable valuesvdhB
    ȯ溯 Ѵ
    SetEnvIf attribute +
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable valuesvdhB
    ȯ溯 Ѵ
    SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    û ȯ溯 Ѵ
    svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhB
    û ȯ溯 Ѵ
    svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    ҹڸ ʰ û ȯ溯 + [[!]env-variable[=value]] ...svdhB
    ҹڸ ʰ û ȯ溯 Ѵ
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a +
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a handler
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST +
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST input
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the +
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the server
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI +
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI error
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the +
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the server.
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are +
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Client Auth
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Client Auth
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for defining acceptable CA names
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Client Auth
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Client Auth
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL handshake
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private +
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private keys
    SSLProtocol [+|-]protocol ... all svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field +
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired +
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates +
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL proxy handshake
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server +
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server Certificate verification
    SSLRandomSeed context source -[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding +
    SSLRandomSeed context source +[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding source
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex +
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex boolean expression is true
    SSLRequireSSLdhE
    Deny access when SSL is not used for the +
    SSLRequireSSLdhE
    Deny access when SSL is not used for the HTTP request
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session +
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session Cache
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires +
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires in the Session Cache
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual +
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual host.
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client +
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client Certificate verification
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsB
    Enable or disable the suEXEC feature
    SuexecUserGroup User GroupsvE
    CGI α׷ ڿ ׷
    AddType media-type extension [extension] ...skdhT
    Maps the given filename extensions onto the specified content type
    Alias [URL-yolu] dosya-yolu | -dizin-yoluskdT
    URL’leri dosya sistemi konumlarıyla eşler.
    Alias URL-yolu dosya-yolu | +dizin-yoluskT
    URL’leri dosya sistemi konumlarıyla eşler.
    AliasMatch "düzenli-ifade" "dosya-yolu|dizin-yolu"skT
    URL’leri dosya sistemi konumlarıyla düzenli ifadeleri kullanarak eşler.
    GracefulShutdownTimeout saniye 0 sM
    Sunucunun nazikçe kapatılmasının ardından ana süreç çıkana kadar geçecek süre için bir zaman aşımı belirler.
    Group unix-grubu #-1 sT
    İsteklere yanıt verecek sunucunun ait olacağı grubu belirler.
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +
    H2Direct on|off on (for non TLS) skE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 skE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2SerializeHeaders on|off off skE
    Serialize Request/Resoonse Processing Switch
    H2SessionExtraFiles n 5 skE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 skE
    Maximum amount of output data buffered per stream.
    H2WindowSize bytes 65536 skE
    Size of Stream Window for upstream data.
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -skdhE
    Configure HTTP response headers
    HeaderName dosya-ismiskdhT
    Dizin listesinin tepesine yerleştirilecek dosyanın ismini +skdhE
    Configure HTTP response headers
    HeaderName dosya-ismiskdhT
    Dizin listesinin tepesine yerleştirilecek dosyanın ismini belirler.
    HeartbeatAddress addr:portsD
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsD
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sD
    Specifies the maximum number of servers that will be sending +
    HeartbeatAddress addr:portsD
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsD
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sD
    Specifies the maximum number of servers that will be sending heartbeat requests to this server
    HeartbeatStorage file-path logs/hb.dat sD
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sD
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off skdÇ
    İstemci IP adresleri üzerinde DNS sorgularını etkin kılar. +
    HeartbeatStorage file-path logs/hb.dat sD
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sD
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off skdÇ
    İstemci IP adresleri üzerinde DNS sorgularını etkin kılar.
    IdentityCheck On|Off Off skdE
    Enables logging of the RFC 1413 identity of the remote +
    IdentityCheck On|Off Off skdE
    Enables logging of the RFC 1413 identity of the remote user
    IdentityCheckTimeout seconds 30 skdE
    Determines the timeout duration for ident requests
    <If ifade> ... </If>skdhÇ
    Çalışma anında bir koşul bir istek tarafından yerine getirildiği +
    IdentityCheckTimeout seconds 30 skdE
    Determines the timeout duration for ident requests
    <If ifade> ... </If>skdhÇ
    Çalışma anında bir koşul bir istek tarafından yerine getirildiği takdirde uygulanacak yönergeleri barındırır.
    <IfDefine [!]parametre-adı> ... - </IfDefine>skdhÇ
    Başlatma sırasında bir doğruluk sınamasından sonra işleme +
    <IfDefine [!]parametre-adı> ... + </IfDefine>skdhÇ
    Başlatma sırasında bir doğruluk sınamasından sonra işleme sokulacak yönergeleri sarmalar.
    <IfModule [!]modül-dosyası|modül-betimleyici> ... - </IfModule>skdhÇ
    Belli bir modülün varlığına veya yokluğuna göre işleme sokulacak +
    <IfModule [!]modül-dosyası|modül-betimleyici> ... + </IfModule>skdhÇ
    Belli bir modülün varlığına veya yokluğuna göre işleme sokulacak yönergeleri sarmalar.
    <IfVersion [[!]operator] version> ... -</IfVersion>skdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://servername/ skdhT
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent skdhT
    Default action when an imagemap is called with coordinates +
    <IfVersion [[!]operator] version> ... +</IfVersion>skdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://servername/ skdhT
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent skdhT
    Default action when an imagemap is called with coordinates that are not explicitly mapped
    ImapMenu none|formatted|semiformatted|unformatted formatted skdhT
    Action if no coordinates are given when calling +
    ImapMenu none|formatted|semiformatted|unformatted formatted skdhT
    Action if no coordinates are given when calling an imagemap
    Include dosya-yolu|dizin-yolu|jokerskdÇ
    Sunucu yapılandırma dosyalarının başka dosyaları içermesini sağlar. +
    Include dosya-yolu|dizin-yolu|jokerskdÇ
    Sunucu yapılandırma dosyalarının başka dosyaları içermesini sağlar.
    IncludeOptional dosya-yolu|dizin-yolu|jokerskdÇ
    Diğer yapılandırma dosyalarının sunucu yapılandırma dosyasına dahil edilmesini sağlar
    IndexHeadInsert "imlenim ..."skdhT
    Bir dizin sayfasının HEAD bölümüne metin yerleştirir.
    IndexIgnore dosya [dosya] ... "." skdhT
    Dizin içerik listesinden gizlenecek dosyaların listesi belirtilir. +
    IncludeOptional dosya-yolu|dizin-yolu|jokerskdÇ
    Diğer yapılandırma dosyalarının sunucu yapılandırma dosyasına dahil edilmesini sağlar
    IndexHeadInsert "imlenim ..."skdhT
    Bir dizin sayfasının HEAD bölümüne metin yerleştirir.
    IndexIgnore dosya [dosya] ... "." skdhT
    Dizin içerik listesinden gizlenecek dosyaların listesi belirtilir.
    IndexIgnoreReset ON|OFFskdhT
    Bir dizini listelerken gizlenecek dosyalar listesini boşaltır +
    IndexIgnoreReset ON|OFFskdhT
    Bir dizini listelerken gizlenecek dosyalar listesini boşaltır
    IndexOptions [+|-]seçenek [[+|-]seçenek] -...skdhT
    Dizin içerik listesini yapılandıracak seçenekler belirtilir. +
    IndexOptions [+|-]seçenek [[+|-]seçenek] +...skdhT
    Dizin içerik listesini yapılandıracak seçenekler belirtilir.
    IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name skdhT
    Dizin içerik listesinin öntanımlı sıralamasını belirler. +
    IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name skdhT
    Dizin içerik listesinin öntanımlı sıralamasını belirler.
    IndexStyleSheet url-yoluskdhT
    Dizin listesine bir biçembent ekler.
    InputSed sed-commanddhD
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off skdhT
    Record HSE_APPEND_LOG_PARAMETER requests from +
    IndexStyleSheet url-yoluskdhT
    Dizin listesine bir biçembent ekler.
    InputSed sed-commanddhD
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off skdhT
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
    ISAPIAppendLogToQuery on|off on skdhT
    Record HSE_APPEND_LOG_PARAMETER requests from +
    ISAPIAppendLogToQuery on|off on skdhT
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
    ISAPICacheFile file-path [file-path] -...skT
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off skdhT
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off skdhT
    Log unsupported feature requests from ISAPI +
    ISAPICacheFile file-path [file-path] +...skT
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off skdhT
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off skdhT
    Log unsupported feature requests from ISAPI extensions
    ISAPIReadAheadBuffer size 49152 skdhT
    Size of the Read Ahead Buffer sent to ISAPI +
    ISAPIReadAheadBuffer size 49152 skdhT
    Size of the Read Ahead Buffer sent to ISAPI extensions
    KeepAlive On|Off On skÇ
    HTTP kalıcı bağlantılarını etkin kılar
    KeepAliveTimeout sayı[ms] 5 skÇ
    Bir kalıcı bağlantıda sunucunun bir sonraki isteği bekleme süresi +
    KeepAlive On|Off On skÇ
    HTTP kalıcı bağlantılarını etkin kılar
    KeepAliveTimeout sayı[ms] 5 skÇ
    Bir kalıcı bağlantıda sunucunun bir sonraki isteği bekleme süresi
    KeptBodySize azami_bayt_sayısı 0 dT
    mod_include gibi süzgeçler tarafından kullanılma olasılığına karşı +
    KeptBodySize azami_bayt_sayısı 0 dT
    mod_include gibi süzgeçler tarafından kullanılma olasılığına karşı istek gövdesi iptal edilmek yerine belirtilen azami boyutta tutulur.
    LanguagePriority MIME-lang [MIME-lang] -...skdhT
    The precendence of language variants for cases where +
    LanguagePriority MIME-lang [MIME-lang] +...skdhT
    The precendence of language variants for cases where the client does not express a preference
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 skE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare +
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 skE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare operations
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain +
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain valid
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per +
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted +
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted Certificate Authority or global client certificates
    LDAPTrustedMode typeskE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit yöntem [yöntem] ... > ... - </Limit>dhÇ
    Erişimi sınırlanacak HTTP yöntemleri için erişim sınırlayıcıları +
    LDAPTrustedMode typeskE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit yöntem [yöntem] ... > ... + </Limit>dhÇ
    Erişimi sınırlanacak HTTP yöntemleri için erişim sınırlayıcıları sarmalar.
    <LimitExcept yöntem [yöntem] ... > ... - </LimitExcept>dhÇ
    İsimleri belirtilenler dışında kalan HTTP yöntemleri için +
    <LimitExcept yöntem [yöntem] ... > ... + </LimitExcept>dhÇ
    İsimleri belirtilenler dışında kalan HTTP yöntemleri için kullanılacak erişim sınırlayıcıları sarmalar.
    LimitInternalRecursion sayı [sayı] 10 skÇ
    Dahili yönlendirmelerin ve istek içi isteklerin azami sayısını +
    LimitInternalRecursion sayı [sayı] 10 skÇ
    Dahili yönlendirmelerin ve istek içi isteklerin azami sayısını belirler.
    LimitRequestBody bayt-sayısı 0 skdhÇ
    İstemci tarafından gönderilen HTTP istek gövdesinin toplam +
    LimitRequestBody bayt-sayısı 0 skdhÇ
    İstemci tarafından gönderilen HTTP istek gövdesinin toplam uzunluğunu sınırlar.
    LimitRequestFields sayı 100 skÇ
    İstemciden kabul edilecek HTTP isteği başlık alanlarının sayısını +
    LimitRequestFields sayı 100 skÇ
    İstemciden kabul edilecek HTTP isteği başlık alanlarının sayısını sınırlar.
    LimitRequestFieldSize bayt-sayısı 8190 skÇ
    İstemciden kabul edilecek HTTP isteği başlık uzunluğunu sınırlar. +
    LimitRequestFieldSize bayt-sayısı 8190 skÇ
    İstemciden kabul edilecek HTTP isteği başlık uzunluğunu sınırlar.
    LimitRequestLine bayt-sayısı 8190 skÇ
    İstemciden kabul edilecek HTTP istek satırının uzunluğunu sınırlar. +
    LimitRequestLine bayt-sayısı 8190 skÇ
    İstemciden kabul edilecek HTTP istek satırının uzunluğunu sınırlar.
    LimitXMLRequestBody bayt-sayısı 1000000 skdhÇ
    Bir XML temelli istek gövdesinin uzunluğunu sınırlar.
    Listen [IP-adresi:]port-numarası - [protokol]sM
    Sunucunun dinleyeceği IP adresini ve portu belirler.
    ListenBacklog kuyruk-uzunluğusM
    Bekleyen bağlantılar kuyruğunun azami uzunluğunu +
    LimitXMLRequestBody bayt-sayısı 1000000 skdhÇ
    Bir XML temelli istek gövdesinin uzunluğunu sınırlar.
    Listen [IP-adresi:]port-numarası + [protokol]sM
    Sunucunun dinleyeceği IP adresini ve portu belirler.
    ListenBacklog kuyruk-uzunluğusM
    Bekleyen bağlantılar kuyruğunun azami uzunluğunu belirler
    ListenCoresBucketsRatio oran 0 (iptal) sM
    İşlemci çekirdek sayısının dinleyenlerin buket sayısına oranı
    LoadFile dosya-ismi [dosya-ismi] ...skE
    Belirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler.
    LoadModule modül dosya-ismiskE
    Belirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler @@ -590,7 +600,7 @@ uygulanır.
    LogFormat biçem|takma-ad [takma-ad] "%h %l %u %t \"%r\" +skT
    Bir günlük dosyasında kullanılmak üzere girdi biçemi tanımlar.
    LogIOTrackTTFB ON|OFF OFF skdhE
    Enable tracking of time to first byte (TTFB)
    LogIOTrackTTFB ON|OFF OFF skdhE
    İlk baytın yazılmasına kadar geçen süreyi izler
    LogLevel [modül:]seviye [modül:seviye] ... warn skdÇ
    Hata günlüklerinin ayrıntı seviyesini belirler.
    MaxSpareServers sayı 10 sM
    Boştaki çocuk süreçlerin azami sayısı
    MaxSpareThreads numbersM
    Boştaki azami evre sayısını belirler
    MaxThreads number 2048 sM
    Set the maximum number of worker threads
    MergeTrailers [on|off] off skÇ
    Trailer alanlarının başlığa dahil edilip edilmeyeceğini belirler
    MetaDir directory .web skdhE
    Name of the directory to find CERN-style meta information +
    MemcacheConnTTL num[units] 15s skE
    Keepalive time for idle connections
    MergeTrailers [on|off] off skÇ
    Trailer alanlarının başlığa dahil edilip edilmeyeceğini belirler
    MetaDir directory .web skdhE
    Name of the directory to find CERN-style meta information files
    MetaFiles on|off off skdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta skdhE
    File name suffix for the file containing CERN-style +
    MetaFiles on|off off skdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta skdhE
    File name suffix for the file containing CERN-style meta information
    MimeMagicFile file-pathskE
    Enable MIME-type determination based on file contents +
    MimeMagicFile file-pathskE
    Enable MIME-type determination based on file contents using the specified magic file
    MinSpareServers sayı 5 sM
    Boştaki çocuk süreçlerin asgari sayısı
    MinSpareThreads sayısM
    İsteklerin ani artışında devreye girecek boştaki evrelerin asgari +
    MinSpareServers sayı 5 sM
    Boştaki çocuk süreçlerin asgari sayısı
    MinSpareThreads sayısM
    İsteklerin ani artışında devreye girecek boştaki evrelerin asgari sayısını belirler.
    MMapFile file-path [file-path] ...sD
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dD
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dT
    Tells mod_mime to treat path_info +
    MMapFile file-path [file-path] ...sD
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dD
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dT
    Tells mod_mime to treat path_info components as part of the filename
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly skdhT
    The types of files that will be included when searching for +
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly skdhT
    The types of files that will be included when searching for a matching file with MultiViews
    Mutex mekanizma [default|muteks-ismi] ... [OmitPID] default sÇ
    Muteks mekanizmasını ve kilit dosyası dizinini tüm muteksler veya belirtilenler için yapılandırır
    NameVirtualHost adres[:port]sÇ
    ÖNERİLMİYOR: İsme dayalı sanal konaklar için IP adresi belirtir
    NoProxy host [host] ...skE
    Hosts, domains, or networks that will be connected to +
    Mutex mekanizma [default|muteks-ismi] ... [OmitPID] default sÇ
    Muteks mekanizmasını ve kilit dosyası dizinini tüm muteksler veya belirtilenler için yapılandırır
    NameVirtualHost adres[:port]sÇ
    ÖNERİLMİYOR: İsme dayalı sanal konaklar için IP adresi belirtir
    NoProxy host [host] ...skE
    Hosts, domains, or networks that will be connected to directly
    NWSSLTrustedCerts filename [filename] ...sT
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersT
    Allows a connection to be upgraded to an SSL connection upon request
    Options - [+|-]seçenek [[+|-]seçenek] ... FollowSymlinks skdhÇ
    Belli bir dizinde geçerli olacak özellikleri yapılandırır. +
    NWSSLTrustedCerts filename [filename] ...sT
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersT
    Allows a connection to be upgraded to an SSL connection upon request
    Options + [+|-]seçenek [[+|-]seçenek] ... FollowSymlinks skdhÇ
    Belli bir dizinde geçerli olacak özellikleri yapılandırır.
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which +
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which Allow and Deny are evaluated.
    OutputSed sed-commanddhD
    Sed command for filtering response content
    PassEnv ortam-değişkeni [ortam-değişkeni] -...skdhT
    Ortam değişkenlerini kabuktan aktarır.
    PidFile dosya logs/httpd.pid sM
    Ana sürecin süreç kimliğinin (PID) kaydedileceği dosyayı belirler.
    PrivilegesMode FAST|SECURE|SELECTIVE FAST skdD
    Trade off processing speed and efficiency vs security against +
    OutputSed sed-commanddhD
    Sed command for filtering response content
    PassEnv ortam-değişkeni [ortam-değişkeni] +...skdhT
    Ortam değişkenlerini kabuktan aktarır.
    PidFile dosya logs/httpd.pid sM
    Ana sürecin süreç kimliğinin (PID) kaydedileceği dosyayı belirler.
    PrivilegesMode FAST|SECURE|SELECTIVE FAST skdD
    Trade off processing speed and efficiency vs security against malicious privileges-aware code.
    Protocol protokolskÇ
    Dinlenen bir soket için protokol
    ProtocolEcho On|Off Off skD
    Turn the echo server on or off
    <Proxy wildcard-url> ...</Proxy>skE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On skdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError skE
    Determines how to handle bad header lines in a +
    Protocol protokolskÇ
    Dinlenen bir soket için protokol
    ProtocolEcho On|Off Off skD
    Turn the echo server on or off
    Protocols protokol ... http/1.1 skÇ
    Sunucu/sanal konak için kullanılabilecek protokoller
    ProtocolsHonorOrder On|Off On skÇ
    Uzlaşma sırasında protokollerin öncelik sırasını belirler
    <Proxy wildcard-url> ...</Proxy>skE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On skdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError skE
    Determines how to handle bad header lines in a response
    ProxyBlock *|word|host|domain -[word|host|domain] ...skE
    Words, hosts, or domains that are banned from being +
    ProxyBlock *|word|host|domain +[word|host|domain] ...skE
    Words, hosts, or domains that are banned from being proxied
    ProxyDomain DomainskE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off skdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>skE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>skE
    DBM type of file.
    ProxyExpressEnable [on|off]skE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 skdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]skdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]skdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytesskdT
    Sets the buffer size increment for buffering inline scripts and +
    ProxyDomain DomainskE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off skdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>skE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>skE
    DBM type of file.
    ProxyExpressEnable [on|off]skE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 skdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]skdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]skdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytesskdT
    Sets the buffer size increment for buffering inline scripts and stylesheets.
    ProxyHTMLCharsetOut Charset | *skdT
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    		skdT
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off skdT
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]skdT
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off skdT
    Determines whether to fix links in inline scripts, stylesheets, +
    ProxyHTMLCharsetOut Charset | *skdT
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    		skdT
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off skdT
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]skdT
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off skdT
    Determines whether to fix links in inline scripts, stylesheets, and scripting events.
    ProxyHTMLFixups [lowercase] [dospath] [reset]skdT
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off skdT
    Enables per-request interpolation of +
    ProxyHTMLFixups [lowercase] [dospath] [reset]skdT
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off skdT
    Enables per-request interpolation of ProxyHTMLURLMap rules.
    ProxyHTMLLinks element attribute [attribute2 ...]skdT
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off skdT
    Turns on or off extra pre-parsing of metadata in HTML +
    ProxyHTMLLinks element attribute [attribute2 ...]skdT
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off skdT
    Turns on or off extra pre-parsing of metadata in HTML <head> sections.
    ProxyHTMLStripComments On|Off Off skdT
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]skdT
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 skE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>skE
    Container for directives applied to regular-expression-matched +
    ProxyHTMLStripComments On|Off Off skdT
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]skdT
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 skE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>skE
    Container for directives applied to regular-expression-matched proxied resources
    ProxyMaxForwards number -1 skE
    Maximium number of proxies that a request can be forwarded +
    ProxyMaxForwards number -1 skE
    Maximium number of proxies that a request can be forwarded through
    ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]skdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On skE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off skdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value - [key=value ...]]skdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url -[interpolate]skdE
    Adjusts the URL in HTTP response headers sent from a reverse +
    ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]skdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On skE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off skdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value + [key=value ...]]skdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url +[interpolate]skdE
    Adjusts the URL in HTTP response headers sent from a reverse proxied server
    ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]skdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]skdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
    ProxyPassReverseCookiePath internal-path -public-path [interpolate]skdE
    Adjusts the Path string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookiePath internal-path +public-path [interpolate]skdE
    Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
    ProxyPreserveHost On|Off Off skdE
    Use incoming Host HTTP request header for proxy +
    ProxyPreserveHost On|Off Off skdE
    Use incoming Host HTTP request header for proxy request
    ProxyReceiveBufferSize bytes 0 skE
    Network buffer size for proxied HTTP and FTP +
    ProxyReceiveBufferSize bytes 0 skE
    Network buffer size for proxied HTTP and FTP connections
    ProxyRemote match remote-serverskE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serverskE
    Remote proxy used to handle requests matched by regular +
    ProxyRemote match remote-serverskE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serverskE
    Remote proxy used to handle requests matched by regular expressions
    ProxyRequests On|Off Off skE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On skdE
    Enable or disable internal redirect responses from the +
    ProxyRequests On|Off Off skE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On skdE
    Enable or disable internal redirect responses from the backend
    ProxySCGISendfile On|Off|Headername Off skdE
    Enable evaluation of X-Sendfile pseudo response +
    ProxySCGISendfile On|Off|Headername Off skdE
    Enable evaluation of X-Sendfile pseudo response header
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addressskE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off skE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondsskE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off skE
    Information provided in the Via HTTP response +
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addressskE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off skE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondsskE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off skE
    Information provided in the Via HTTP response header for proxied requests
    ReadmeName dosya-ismiskdhT
    Dizin listesinin sonuna yerleştirilecek dosyanın ismini +
    ReadmeName dosya-ismiskdhT
    Dizin listesinin sonuna yerleştirilecek dosyanın ismini belirler.
    ReceiveBufferSize bayt-sayısı 0 sM
    TCP alım tamponu boyu
    Redirect [durum] [URL-yolu] -URLskdhT
    İstemciyi, bir yönlendirme isteği döndürerek farklı bir URL’ye +
    ReceiveBufferSize bayt-sayısı 0 sM
    TCP alım tamponu boyu
    Redirect [durum] URL-yolu +URLskdhT
    İstemciyi, bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir.
    RedirectMatch [durum] düzenli-ifade -URLskdhT
    Geçerli URL ile eşleşen bir düzenli ifadeye dayanarak bir harici +
    RedirectMatch [durum] düzenli-ifade +URLskdhT
    Geçerli URL ile eşleşen bir düzenli ifadeye dayanarak bir harici yönlendirme gönderir.
    RedirectPermanent URL-yolu URLskdhT
    İstemciyi, kalıcı bir yönlendirme isteği döndürerek farklı bir +
    RedirectPermanent URL-yolu URLskdhT
    İstemciyi, kalıcı bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir.
    RedirectTemp URL-yolu URLskdhT
    İstemciyi, geçici bir yönlendirme isteği döndürerek farklı bir +
    RedirectTemp URL-yolu URLskdhT
    İstemciyi, geçici bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir.
    ReflectorHeader inputheader [outputheader]skdhT
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldskT
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...skT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenameskT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNameskT
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...skT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenameskT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] -...kdhT
    Removes any character set associations for a set of file +
    ReflectorHeader inputheader [outputheader]skdhT
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldskT
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...skT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenameskT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNameskT
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...skT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenameskT
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] +...kdhT
    Removes any character set associations for a set of file extensions
    RemoveEncoding extension [extension] -...kdhT
    Removes any content encoding associations for a set of file +
    RemoveEncoding extension [extension] +...kdhT
    Removes any content encoding associations for a set of file extensions
    RemoveHandler extension [extension] -...kdhT
    Removes any handler associations for a set of file +
    RemoveHandler extension [extension] +...kdhT
    Removes any handler associations for a set of file extensions
    RemoveInputFilter extension [extension] -...kdhT
    Removes any input filter associations for a set of file +
    RemoveInputFilter extension [extension] +...kdhT
    Removes any input filter associations for a set of file extensions
    RemoveLanguage extension [extension] -...kdhT
    Removes any language associations for a set of file +
    RemoveLanguage extension [extension] +...kdhT
    Removes any language associations for a set of file extensions
    RemoveOutputFilter extension [extension] -...kdhT
    Removes any output filter associations for a set of file +
    RemoveOutputFilter extension [extension] +...kdhT
    Removes any output filter associations for a set of file extensions
    RemoveType extension [extension] -...kdhT
    Removes any content type associations for a set of file +
    RemoveType extension [extension] +...kdhT
    Removes any content type associations for a set of file extensions
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -skdhE
    Configure HTTP request headers
    RequestReadTimeout +skdhE
    Configure HTTP request headers
    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -skE
    Set timeout values for receiving request headers and body from client. +skE
    Set timeout values for receiving request headers and body from client.
    Require [not] entity-name - [entity-name] ...dhT
    Tests whether an authenticated user is authorized by +
    Require [not] entity-name + [entity-name] ...dhT
    Tests whether an authenticated user is authorized by an authorization provider.
    <RequireAll> ... </RequireAll>dhT
    Enclose a group of authorization directives of which none +
    <RequireAll> ... </RequireAll>dhT
    Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
    <RequireAny> ... </RequireAny>dhT
    Enclose a group of authorization directives of which one +
    <RequireAny> ... </RequireAny>dhT
    Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
    <RequireNone> ... </RequireNone>dhT
    Enclose a group of authorization directives of which none +
    <RequireNone> ... </RequireNone>dhT
    Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond - TestString CondPatternskdhE
    Defines a condition under which rewriting will take place +
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond + TestString CondPatternskdhE
    Defines a condition under which rewriting will take place
    RewriteEngine on|off off skdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource -skE
    Defines a mapping function for key-lookup
    RewriteOptions OptionsskdhE
    Sets some special options for the rewrite engine
    RewriteRule - Pattern Substitution [flags]skdhE
    Defines rules for the rewriting engine
    RLimitCPU saniye|max [saniye|max]skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin +
    RewriteEngine on|off off skdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource +skE
    Defines a mapping function for key-lookup
    RewriteOptions OptionsskdhE
    Sets some special options for the rewrite engine
    RewriteRule + Pattern Substitution [flags]skdhE
    Defines rules for the rewriting engine
    RLimitCPU saniye|max [saniye|max]skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin işlemci tüketimine sınırlama getirir.
    RLimitMEM bayt-sayısı|max [bayt-sayısı|max] -skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin +
    RLimitMEM bayt-sayısı|max [bayt-sayısı|max] +skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin bellek tüketimine sınırlama getirir.
    RLimitNPROC sayı|max [sayı|max]skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılabilecek süreç +
    RLimitNPROC sayı|max [sayı|max]skdhÇ
    Apache httpd alt süreçleri tarafından çalıştırılabilecek süreç sayısına sınırlama getirir.
    Satisfy Any|All All dhE
    Interaction between host-level access control and +
    Satisfy Any|All All dhE
    Interaction between host-level access control and user authentication
    ScoreBoardFile dosya-yolu logs/apache_runtime +sM
    Çocuk süreçler için eşgüdüm verisini saklamakta kullanılan +
    ScoreBoardFile dosya-yolu logs/apache_runtime +sM
    Çocuk süreçler için eşgüdüm verisini saklamakta kullanılan dosyanın yerini belirler.
    Script method cgi-scriptskdT
    Activates a CGI script for a particular request +
    Script method cgi-scriptskdT
    Activates a CGI script for a particular request method.
    ScriptAlias [URL-yolu] -dosya-yolu|dizin-yoluskdT
    Bir URL’yi dosya sistemindeki bir yere eşler ve hedefi bir CGI betiği olarak çalıştırır.
    ScriptAliasMatch düzenli-ifade -dosya-yolu|dizin-yoluskT
    Bir URL’yi dosya sistemindeki bir yere düzenli ifade kullanarak +
    ScriptAlias URL-yolu +dosya-yolu|dizin-yoluskT
    Bir URL’yi dosya sistemindeki bir yere eşler ve hedefi bir CGI betiği olarak çalıştırır.
    ScriptAliasMatch düzenli-ifade +dosya-yolu|dizin-yoluskT
    Bir URL’yi dosya sistemindeki bir yere düzenli ifade kullanarak eşler ve hedefi bir CGI betiği olarak çalıştırır.
    ScriptInterpreterSource Registry|Registry-Strict|Script Script skdhÇ
    CGI betikleri için yorumlayıcı belirleme tekniği
    ScriptLog file-pathskT
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 skT
    Maximum amount of PUT or POST requests that will be recorded +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script skdhÇ
    CGI betikleri için yorumlayıcı belirleme tekniği
    ScriptLog file-pathskT
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 skT
    Maximum amount of PUT or POST requests that will be recorded in the scriptlog
    ScriptLogLength bytes 10385760 skT
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sT
    The filename prefix of the socket to use for communication with +
    ScriptLogLength bytes 10385760 skT
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sT
    The filename prefix of the socket to use for communication with the cgi daemon
    SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sT
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sÇ
    İsteğin 63 karakterden büyük olduğu varsayımıyla, mod_status'un +
    SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sT
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sÇ
    İsteğin 63 karakterden büyük olduğu varsayımıyla, mod_status'un ilk 63 karakteri mi yoksa son 63 karakteri mi göstereceğini belirler.
    SendBufferSize bayt-sayısı 0 sM
    TCP tamponu boyu
    ServerAdmin eposta-adresi|URLskÇ
    Sunucunun hata iletilerinde istemciye göstereceği eposta adresi +
    SendBufferSize bayt-sayısı 0 sM
    TCP tamponu boyu
    ServerAdmin eposta-adresi|URLskÇ
    Sunucunun hata iletilerinde istemciye göstereceği eposta adresi
    ServerAlias konakadı [konakadı] ...kÇ
    İstekleri isme dayalı sanal konaklarla eşleştirilirken +
    ServerAlias konakadı [konakadı] ...kÇ
    İstekleri isme dayalı sanal konaklarla eşleştirilirken kullanılacak konak adları için başka isimler belirtebilmeyi sağlar.
    ServerLimit sayısM
    Ayarlanabilir süreç sayısının üst sınırını belirler.
    ServerName [şema://]tam-nitelenmiş-alan-adı[:port] -skÇ
    Sunucunun özdeşleşeceği konak ismi ve port.
    ServerPath URL-yolukÇ
    Uyumsuz bir tarayıcı tarafından erişilmesi için bir isme dayalı sanal konak için meşru URL yolu
    ServerRoot dizin-yolu /usr/local/apache sÇ
    Sunucu yapılandırması için kök dizin
    ServerSignature On|Off|EMail Off skdhÇ
    Sunucu tarafından üretilen belgelerin dipnotunu ayarlar. +
    ServerLimit sayısM
    Ayarlanabilir süreç sayısının üst sınırını belirler.
    ServerName [şema://]tam-nitelenmiş-alan-adı[:port] +skÇ
    Sunucunun özdeşleşeceği konak ismi ve port.
    ServerPath URL-yolukÇ
    Uyumsuz bir tarayıcı tarafından erişilmesi için bir isme dayalı sanal konak için meşru URL yolu
    ServerRoot dizin-yolu /usr/local/apache sÇ
    Sunucu yapılandırması için kök dizin
    ServerSignature On|Off|EMail Off skdhÇ
    Sunucu tarafından üretilen belgelerin dipnotunu ayarlar.
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sÇ
    Server HTTP yanıt başlığını yapılandırır. +
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sÇ
    Server HTTP yanıt başlığını yapılandırır.
    Session On|Off Off skdhE
    Enables a session for the current directory or location
    SessionCookieName name attributesskdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributesskdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off skdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher nameskdhD
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sD
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] skdhD
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenameskdD
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributesskdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributesskdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On skdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession skdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession skdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off skdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession skdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession skdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off skdhE
    Control whether the contents of the session are written to the +
    Session On|Off Off skdhE
    Enables a session for the current directory or location
    SessionCookieName name attributesskdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributesskdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off skdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher nameskdhD
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sD
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] skdhD
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenameskdD
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributesskdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributesskdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On skdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession skdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession skdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off skdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession skdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession skdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off skdhE
    Control whether the contents of the session are written to the HTTP_SESSION environment variable
    SessionExclude pathskdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headerskdhE
    Import session updates from a given HTTP response header
    SessionInclude pathskdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 skdhE
    Define a maximum age in seconds for a session
    SetEnv ortam-değişkeni [değer]skdhT
    Ortam değişkenlerini tanımlar.
    SetEnvIf öznitelik +
    SessionExclude pathskdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headerskdhE
    Import session updates from a given HTTP response header
    SessionInclude pathskdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 skdhE
    Define a maximum age in seconds for a session
    SetEnv ortam-değişkeni [değer]skdhT
    Ortam değişkenlerini tanımlar.
    SetEnvIf öznitelik düzifd [!]ort-değişkeni[=değer] - [[!]ort-değişkeni[=değer]] ...skdhT
    Ortam değişkenlerini isteğin özniteliklerine göre atar. + [[!]ort-değişkeni[=değer]] ...skdhT
    Ortam değişkenlerini isteğin özniteliklerine göre atar.
    SetEnvIfExpr ifade +
    SetEnvIfExpr ifade [!]ort-değişkeni[=değer] - [[!]ort-değişkeni[=değer]] ...skdhT
    Bir ap_expr ifadesine dayanarak ortam değişkenlerine değer atar
    SetEnvIfNoCase öznitelik + [[!]ort-değişkeni[=değer]] ...skdhT
    Bir ap_expr ifadesine dayanarak ortam değişkenlerine değer atar
    SetEnvIfNoCase öznitelik düzifd [!]ort-değişkeni[=değer] - [[!]ort-değişkeni[=değer]] ...skdhT
    Ortam değişkenlerini isteğin özniteliklerinde harf büyüklüğüne + [[!]ort-değişkeni[=değer]] ...skdhT
    Ortam değişkenlerini isteğin özniteliklerinde harf büyüklüğüne bağlı olmaksızın yapılmış tanımlara göre atar.
    SetHandler eylemci-ismi|NoneskdhÇ
    Eşleşen tüm dosyaların belli bir eylemci tarafından işlenmesine +
    SetHandler eylemci-ismi|NoneskdhÇ
    Eşleşen tüm dosyaların belli bir eylemci tarafından işlenmesine sebep olur.
    SetInputFilter süzgeç[;süzgeç...]skdhÇ
    POST girdilerini ve istemci isteklerini işleyecek süzgeçleri +
    SetInputFilter süzgeç[;süzgeç...]skdhÇ
    POST girdilerini ve istemci isteklerini işleyecek süzgeçleri belirler.
    SetOutputFilter süzgeç[;süzgeç...]skdhÇ
    Sunucunun yanıtlarını işleyecek süzgeçleri belirler.
    SSIEndTag tag "-->" skT
    String that ends an include element
    SSIErrorMsg message "[an error occurred +skdhT
    Error message displayed when there is an SSI +
    SetOutputFilter süzgeç[;süzgeç...]skdhÇ
    Sunucunun yanıtlarını işleyecek süzgeçleri belirler.
    SSIEndTag tag "-->" skT
    String that ends an include element
    SSIErrorMsg message "[an error occurred +skdhT
    Error message displayed when there is an SSI error
    SSIETag on|off off dhT
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhT
    Controls whether Last-Modified headers are generated by the +
    SSIETag on|off off dhT
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhT
    Controls whether Last-Modified headers are generated by the server.
    SSILegacyExprParser on|off off dhT
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" skT
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +skdhT
    Configures the format in which date strings are +
    SSILegacyExprParser on|off off dhT
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" skT
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +skdhT
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" skdhT
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathskE
    File of concatenated PEM-encoded CA Certificates +
    SSIUndefinedEcho string "(none)" skdhT
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathskE
    File of concatenated PEM-encoded CA Certificates for Client Auth
    SSLCACertificatePath directory-pathskE
    Directory of PEM-encoded CA Certificates for +
    SSLCACertificatePath directory-pathskE
    Directory of PEM-encoded CA Certificates for Client Auth
    SSLCADNRequestFile file-pathskE
    File of concatenated PEM-encoded CA Certificates +
    SSLCADNRequestFile file-pathskE
    File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
    SSLCADNRequestPath directory-pathskE
    Directory of PEM-encoded CA Certificates for +
    SSLCADNRequestPath directory-pathskE
    Directory of PEM-encoded CA Certificates for defining acceptable CA names
    SSLCARevocationCheck chain|leaf|none none skE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathskE
    File of concatenated PEM-encoded CA CRLs for +
    SSLCARevocationCheck chain|leaf|none none skE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathskE
    File of concatenated PEM-encoded CA CRLs for Client Auth
    SSLCARevocationPath directory-pathskE
    Directory of PEM-encoded CA CRLs for +
    SSLCARevocationPath directory-pathskE
    Directory of PEM-encoded CA CRLs for Client Auth
    SSLCertificateChainFile file-pathskE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathskE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathskE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +skdhE
    Cipher Suite available for negotiation in SSL +
    SSLCertificateChainFile file-pathskE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathskE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathskE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +skdhE
    Cipher Suite available for negotiation in SSL handshake
    SSLCompression on|off off skE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off skE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off skE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off skE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder uriskE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off skE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off skE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 skE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 skE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 skE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on skE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valueskE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...skdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private +
    SSLCompression on|off off skE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off skE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off skE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off skE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder uriskE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off skE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off skE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 skE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 skE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 skE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on skE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valueskE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...skdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private keys
    SSLProtocol [+|-]protocol ... all skE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathskE
    File of concatenated PEM-encoded CA Certificates +
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +skE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathskE
    File of concatenated PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCACertificatePath directory-pathskE
    Directory of PEM-encoded CA Certificates for +
    SSLProxyCACertificatePath directory-pathskE
    Directory of PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCARevocationCheck chain|leaf|none none skE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathskE
    File of concatenated PEM-encoded CA CRLs for +
    SSLProxyCARevocationCheck chain|leaf|none none skE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathskE
    File of concatenated PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCARevocationPath directory-pathskE
    Directory of PEM-encoded CA CRLs for +
    SSLProxyCARevocationPath directory-pathskE
    Directory of PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCheckPeerCN on|off on skE
    Whether to check the remote server certificate's CN field +
    SSLProxyCheckPeerCN on|off on skE
    Whether to check the remote server certificate's CN field
    SSLProxyCheckPeerExpire on|off on skE
    Whether to check if remote server certificate is expired +
    SSLProxyCheckPeerExpire on|off on skE
    Whether to check if remote server certificate is expired
    SSLProxyCheckPeerName on|off on skE
    Configure host name checking for remote server certificates +
    SSLProxyCheckPeerName on|off on skE
    Configure host name checking for remote server certificates
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +skdhE
    Cipher Suite available for negotiation in SSL +
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +skdhE
    Cipher Suite available for negotiation in SSL proxy handshake
    SSLProxyEngine on|off off skE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all skE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none skE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 skE
    Maximum depth of CA Certificates in Remote Server +
    SSLProxyEngine on|off off skE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +skE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none skE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 skE
    Maximum depth of CA Certificates in Remote Server Certificate verification
    SSLRandomSeed context source -[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding +
    SSLRandomSeed context source +[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding source
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex +
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex boolean expression is true
    SSLRequireSSLdhE
    Deny access when SSL is not used for the +
    SSLRequireSSLdhE
    Deny access when SSL is not used for the HTTP request
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session +
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session Cache
    SSLSessionCacheTimeout seconds 300 skE
    Number of seconds before an SSL session expires +
    SSLSessionCacheTimeout seconds 300 skE
    Number of seconds before an SSL session expires in the Session Cache
    SSLSessionTicketKeyFile file-pathskE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on skE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringskE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathskE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 skE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on skE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL uriskE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 skE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 skE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 skE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on skE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 skE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off skE
    Whether to allow non-SNI clients to access a name-based virtual +
    SSLSessionTicketKeyFile file-pathskE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on skE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringskE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathskE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 skE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on skE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL uriskE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 skE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 skE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 skE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on skE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 skE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off skE
    Whether to allow non-SNI clients to access a name-based virtual host.
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off skE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none skdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 skdhE
    Maximum depth of CA Certificates in Client +
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off skE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none skdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 skdhE
    Maximum depth of CA Certificates in Client Certificate verification
    StartServers sayısM
    Sunucunun başlatılması sırasında oluşturulan çocuk süreçlerin +
    StartServers sayısM
    Sunucunun başlatılması sırasında oluşturulan çocuk süreçlerin sayısını belirler.
    StartThreads sayısM
    Sunucunun başlatılması sırasında oluşturulan evrelerin sayısını +
    StartThreads sayısM
    Sunucunun başlatılması sırasında oluşturulan evrelerin sayısını belirler.
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsT
    suEXEC özelliğini etkin veya etkisiz yapar
    SuexecUserGroup Kullanıcı GrupskE
    CGI betiklerini çalıştıracak kullanıcı ve grup belirtilir. diff --git a/docs/manual/mod/quickreference.html.zh-cn.utf8 b/docs/manual/mod/quickreference.html.zh-cn.utf8 index 265b2b1b..62843b5f 100644 --- a/docs/manual/mod/quickreference.html.zh-cn.utf8 +++ b/docs/manual/mod/quickreference.html.zh-cn.utf8 @@ -462,116 +462,127 @@ media type in the HTTP Content-Type header field
    Group unix-group #-1 sB
    Group under which the server will answer requests
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note +
    H2Direct on|off on (for non TLS) svE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 svE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2SerializeHeaders on|off off svE
    Serialize Request/Resoonse Processing Switch
    H2SessionExtraFiles n 5 svE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 svE
    Maximum amount of output data buffered per stream.
    H2WindowSize bytes 65536 svE
    Size of Stream Window for upstream data.
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhE
    Configure HTTP response headers
    HeaderName filenamesvdhB
    Name of the file that will be inserted at the top +svdhE
    Configure HTTP response headers
    HeaderName filenamesvdhB
    Name of the file that will be inserted at the top of the index listing
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending +
    HeartbeatAddress addr:portsX
    Multicast address for heartbeat packets
    HeartbeatListenaddr:portsX
    multicast address to listen for incoming heartbeat requests
    HeartbeatMaxServers number-of-servers 10 sX
    Specifies the maximum number of servers that will be sending heartbeat requests to this server
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    Enables DNS lookups on client IP addresses
    IdentityCheck On|Off Off svdE
    Enables logging of the RFC 1413 identity of the remote +
    HeartbeatStorage file-path logs/hb.dat sX
    Path to store heartbeat data
    HeartbeatStorage file-path logs/hb.dat sX
    Path to read heartbeat data
    HostnameLookups On|Off|Double Off svdC
    Enables DNS lookups on client IP addresses
    IdentityCheck On|Off Off svdE
    Enables logging of the RFC 1413 identity of the remote user
    IdentityCheckTimeout seconds 30 svdE
    Determines the timeout duration for ident requests
    <If expression> ... </If>svdhC
    Contains directives that apply only if a condition is +
    IdentityCheckTimeout seconds 30 svdE
    Determines the timeout duration for ident requests
    <If expression> ... </If>svdhC
    Contains directives that apply only if a condition is satisfied by a request at runtime
    <IfDefine [!]parameter-name> ... - </IfDefine>svdhC
    Encloses directives that will be processed only +
    <IfDefine [!]parameter-name> ... + </IfDefine>svdhC
    Encloses directives that will be processed only if a test is true at startup
    <IfModule [!]module-file|module-identifier> ... - </IfModule>svdhC
    Encloses directives that are processed conditional on the +
    <IfModule [!]module-file|module-identifier> ... + </IfModule>svdhC
    Encloses directives that are processed conditional on the presence or absence of a specific module
    <IfVersion [[!]operator] version> ... -</IfVersion>svdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://servername/ svdhB
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Default action when an imagemap is called with coordinates +
    <IfVersion [[!]operator] version> ... +</IfVersion>svdhE
    contains version dependent configuration
    ImapBase map|referer|URL http://servername/ svdhB
    Default base for imagemap files
    ImapDefault error|nocontent|map|referer|URL nocontent svdhB
    Default action when an imagemap is called with coordinates that are not explicitly mapped
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action if no coordinates are given when calling +
    ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
    Action if no coordinates are given when calling an imagemap
    Include file-path|directory-path|wildcardsvdC
    Includes other configuration files from within +
    Include file-path|directory-path|wildcardsvdC
    Includes other configuration files from within the server configuration files
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within +
    IncludeOptional file-path|directory-path|wildcardsvdC
    Includes other configuration files from within the server configuration files
    IndexHeadInsert "markup ..."svdhB
    Inserts text in the HEAD section of an index page.
    IndexIgnore file [file] ... "." svdhB
    Adds to the list of files to hide when listing +
    IndexHeadInsert "markup ..."svdhB
    Inserts text in the HEAD section of an index page.
    IndexIgnore file [file] ... "." svdhB
    Adds to the list of files to hide when listing a directory
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing +
    IndexIgnoreReset ON|OFFsvdhB
    Empties the list of files to hide when listing a directory
    IndexOptions [+|-]option [[+|-]option] -...svdhB
    Various configuration settings for directory +
    IndexOptions [+|-]option [[+|-]option] +...svdhB
    Various configuration settings for directory indexing
    IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhB
    Sets the default ordering of the directory index
    IndexStyleSheet url-pathsvdhB
    Adds a CSS stylesheet to the directory index
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from +
    IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhB
    Sets the default ordering of the directory index
    IndexStyleSheet url-pathsvdhB
    Adds a CSS stylesheet to the directory index
    InputSed sed-commanddhX
    Sed command to filter request data (typically POST data)
    ISAPIAppendLogToErrors on|off off svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
    ISAPIAppendLogToQuery on|off on svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from +
    ISAPIAppendLogToQuery on|off on svdhB
    Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
    ISAPICacheFile file-path [file-path] -...svB
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off svdhB
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off svdhB
    Log unsupported feature requests from ISAPI +
    ISAPICacheFile file-path [file-path] +...svB
    ISAPI .dll files to be loaded at startup
    ISAPIFakeAsync on|off off svdhB
    Fake asynchronous support for ISAPI callbacks
    ISAPILogNotSupported on|off off svdhB
    Log unsupported feature requests from ISAPI extensions
    ISAPIReadAheadBuffer size 49152 svdhB
    Size of the Read Ahead Buffer sent to ISAPI +
    ISAPIReadAheadBuffer size 49152 svdhB
    Size of the Read Ahead Buffer sent to ISAPI extensions
    KeepAlive On|Off On svC
    Enables HTTP persistent connections
    KeepAliveTimeout num[ms] 5 svC
    Amount of time the server will wait for subsequent +
    KeepAlive On|Off On svC
    Enables HTTP persistent connections
    KeepAliveTimeout num[ms] 5 svC
    Amount of time the server will wait for subsequent requests on a persistent connection
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to +
    KeptBodySize maximum size in bytes 0 dB
    Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
    LanguagePriority MIME-lang [MIME-lang] -...svdhB
    The precendence of language variants for cases where +
    LanguagePriority MIME-lang [MIME-lang] +...svdhB
    The precendence of language variants for cases where the client does not express a preference
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare +
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    LDAPConnectionPoolTTL n -1 svE
    Discard backend connections that have been sitting in the connection pool too long
    LDAPConnectionTimeout secondssE
    Specifies the socket connection timeout in seconds
    LDAPLibraryDebug 7sE
    Enable debugging in the LDAP SDK
    LDAPOpCacheEntries number 1024 sE
    Number of entries used to cache LDAP compare operations
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain +
    LDAPOpCacheTTL seconds 600 sE
    Time that entries in the operation cache remain valid
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per +
    LDAPReferralHopLimit numberdhE
    The maximum number of referral hops to chase before terminating an LDAP query.
    LDAPReferrals On|Off|default On dhE
    Enable referral chasing during queries to the LDAP server.
    LDAPRetries number-of-retries 3 sE
    Configures the number of LDAP server retries.
    LDAPRetryDelay seconds 0 sE
    Configures the delay between LDAP server retries.
    LDAPSharedCacheFile directory-path/filenamesE
    Sets the shared memory cache file
    LDAPSharedCacheSize bytes 500000 sE
    Size in bytes of the shared-memory cache
    LDAPTimeout seconds 60 sE
    Specifies the timeout for LDAP search and bind operations, in seconds
    LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
    Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted +
    LDAPTrustedGlobalCert type directory-path/filename [password]sE
    Sets the file or database containing global trusted Certificate Authority or global client certificates
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... - </Limit>dhC
    Restrict enclosed access controls to only certain HTTP +
    LDAPTrustedMode typesvE
    Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
    LDAPVerifyServerCert On|Off On sE
    Force server certificate verification
    <Limit method [method] ... > ... + </Limit>dhC
    Restrict enclosed access controls to only certain HTTP methods
    <LimitExcept method [method] ... > ... - </LimitExcept>dhC
    Restrict access controls to all HTTP methods +
    <LimitExcept method [method] ... > ... + </LimitExcept>dhC
    Restrict access controls to all HTTP methods except the named ones
    LimitInternalRecursion number [number] 10 svC
    Determine maximum number of internal redirects and nested +
    LimitInternalRecursion number [number] 10 svC
    Determine maximum number of internal redirects and nested subrequests
    LimitRequestBody bytes 0 svdhC
    Restricts the total size of the HTTP request body sent +
    LimitRequestBody bytes 0 svdhC
    Restricts the total size of the HTTP request body sent from the client
    LimitRequestFields number 100 svC
    Limits the number of HTTP request header fields that +
    LimitRequestFields number 100 svC
    Limits the number of HTTP request header fields that will be accepted from the client
    LimitRequestFieldSize bytes 8190 svC
    Limits the size of the HTTP request header allowed from the +
    LimitRequestFieldSize bytes 8190 svC
    Limits the size of the HTTP request header allowed from the client
    LimitRequestLine bytes 8190 svC
    Limit the size of the HTTP request line that will be accepted +
    LimitRequestLine bytes 8190 svC
    Limit the size of the HTTP request line that will be accepted from the client
    LimitXMLRequestBody bytes 1000000 svdhC
    Limits the size of an XML-based request body
    Listen [IP-address:]portnumber [protocol]sM
    IP addresses and ports that the server +
    LimitXMLRequestBody bytes 1000000 svdhC
    Limits the size of an XML-based request body
    Listen [IP-address:]portnumber [protocol]sM
    IP addresses and ports that the server listens to
    ListenBacklog backlogsM
    Maximum length of the queue of pending connections
    ListenBacklog backlogsM
    Maximum length of the queue of pending connections
    ListenCoresBucketsRatio ratio 0 (disabled) sM
    Ratio between the number of CPU cores (online) and the number of +listeners' buckets
    LoadFile filename [filename] ...svE
    Link in the named object file or library
    LoadModule module filenamesvE
    Links in the object file or library, and adds to the list of active modules
    MaxSpareServers number 10 sM
    Maximum number of idle child server processes
    MaxSpareThreads numbersM
    Maximum number of idle threads
    MaxThreads number 2048 sM
    Set the maximum number of worker threads
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    Name of the directory to find CERN-style meta information +
    MemcacheConnTTL num[units] 15s svE
    Keepalive time for idle connections
    MergeTrailers [on|off] off svC
    Determines whether trailers are merged into headers
    MetaDir directory .web svdhE
    Name of the directory to find CERN-style meta information files
    MetaFiles on|off off svdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta svdhE
    File name suffix for the file containing CERN-style +
    MetaFiles on|off off svdhE
    Activates CERN meta-file processing
    MetaSuffix suffix .meta svdhE
    File name suffix for the file containing CERN-style meta information
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents +
    MimeMagicFile file-pathsvE
    Enable MIME-type determination based on file contents using the specified magic file
    MinSpareServers number 5 sM
    Minimum number of idle child server processes
    MinSpareThreads numbersM
    Minimum number of idle threads available to handle request +
    MinSpareServers number 5 sM
    Minimum number of idle child server processes
    MinSpareThreads numbersM
    Minimum number of idle threads available to handle request spikes
    MMapFile file-path [file-path] ...sX
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dB
    Tells mod_mime to treat path_info +
    MMapFile file-path [file-path] ...sX
    Map a list of files into memory at startup time
    ModemStandard V.21|V.26bis|V.32|V.92dX
    Modem standard to simulate
    ModMimeUsePathInfo On|Off Off dB
    Tells mod_mime to treat path_info components as part of the filename
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhB
    The types of files that will be included when searching for +
    MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhB
    The types of files that will be included when searching for a matching file with MultiViews
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all +
    Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
    Configures mutex mechanism and lock file directory for all or specified mutexes
    NameVirtualHost addr[:port]sC
    DEPRECATED: Designates an IP address for name-virtual +
    NameVirtualHost addr[:port]sC
    DEPRECATED: Designates an IP address for name-virtual hosting
    NoProxy host [host] ...svE
    Hosts, domains, or networks that will be connected to +
    NoProxy host [host] ...svE
    Hosts, domains, or networks that will be connected to directly
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Configures what features are available in a particular +
    NWSSLTrustedCerts filename [filename] ...sB
    List of additional client certificates
    NWSSLUpgradeable [IP-address:]portnumbersB
    Allows a connection to be upgraded to an SSL connection upon request
    Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhC
    Configures what features are available in a particular directory
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which +
    Order ordering Deny,Allow dhE
    Controls the default access state and the order in which Allow and Deny are evaluated.
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] -...svdhB
    Passes environment variables from the shell
    PidFile filename logs/httpd.pid sM
    File where the server records the process ID +
    OutputSed sed-commanddhX
    Sed command for filtering response content
    PassEnv env-variable [env-variable] +...svdhB
    Passes environment variables from the shell
    PidFile filename logs/httpd.pid sM
    File where the server records the process ID of the daemon
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against +
    PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
    Trade off processing speed and efficiency vs security against malicious privileges-aware code.
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|Off Off svX
    Turn the echo server on or off
    <Proxy wildcard-url> ...</Proxy>svE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Determines how to handle bad header lines in a +
    Protocol protocolsvC
    Protocol for a listening socket
    ProtocolEcho On|Off Off svX
    Turn the echo server on or off
    Protocols protocol ... http/1.1 svC
    Protocols available for a server/virtual host
    ProtocolsHonorOrder On|Off On svC
    Determines if order of Protocols determines precedence during negotiation
    <Proxy wildcard-url> ...</Proxy>svE
    Container for directives applied to proxied resources
    ProxyAddHeaders Off|On On svdE
    Add proxy information in X-Forwarded-* headers
    ProxyBadHeader IsError|Ignore|StartBody IsError svE
    Determines how to handle bad header lines in a response
    ProxyBlock *|word|host|domain -[word|host|domain] ...svE
    Words, hosts, or domains that are banned from being +
    ProxyBlock *|word|host|domain +[word|host|domain] ...svE
    Words, hosts, or domains that are banned from being proxied
    ProxyDomain DomainsvE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off svdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and +
    ProxyDomain DomainsvE
    Default domain name for proxied requests
    ProxyErrorOverride On|Off Off svdE
    Override error pages for proxied content
    ProxyExpressDBMFile <pathname>svE
    Pathname to DBM file.
    ProxyExpressDBMFile <type>svE
    DBM type of file.
    ProxyExpressEnable [on|off]svE
    Enable the module functionality.
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and stylesheets.
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, +
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, and scripting events.
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of +
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of ProxyHTMLURLMap rules.
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML +
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML <head> sections.
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched +
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched proxied resources
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded +
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded through
    ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url -[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse +
    ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url +[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse proxied server
    ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
    ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy +
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy request
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP +
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP connections
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular +
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular expressions
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the +
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the backend
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response +
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response header
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response +
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response header for proxied requests
    ReadmeName filenamesvdhB
    Name of the file that will be inserted at the end +
    ReadmeName filenamesvdhB
    Name of the file that will be inserted at the end of the index listing
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] URL-path -URLsvdhB
    Sends an external redirect asking the client to fetch +
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] URL-path +URLsvdhB
    Sends an external redirect asking the client to fetch a different URL
    RedirectMatch [status] regex -URLsvdhB
    Sends an external redirect based on a regular expression match +
    RedirectMatch [status] regex +URLsvdhB
    Sends an external redirect based on a regular expression match of the current URL
    RedirectPermanent URL-path URLsvdhB
    Sends an external permanent redirect asking the client to fetch +
    RedirectPermanent URL-path URLsvdhB
    Sends an external permanent redirect asking the client to fetch a different URL
    RedirectTemp URL-path URLsvdhB
    Sends an external temporary redirect asking the client to fetch +
    RedirectTemp URL-path URLsvdhB
    Sends an external temporary redirect asking the client to fetch a different URL
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] -...vdhB
    Removes any character set associations for a set of file +
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] +...vdhB
    Removes any character set associations for a set of file extensions
    RemoveEncoding extension [extension] -...vdhB
    Removes any content encoding associations for a set of file +
    RemoveEncoding extension [extension] +...vdhB
    Removes any content encoding associations for a set of file extensions
    RemoveHandler extension [extension] -...vdhB
    Removes any handler associations for a set of file +
    RemoveHandler extension [extension] +...vdhB
    Removes any handler associations for a set of file extensions
    RemoveInputFilter extension [extension] -...vdhB
    Removes any input filter associations for a set of file +
    RemoveInputFilter extension [extension] +...vdhB
    Removes any input filter associations for a set of file extensions
    RemoveLanguage extension [extension] -...vdhB
    Removes any language associations for a set of file +
    RemoveLanguage extension [extension] +...vdhB
    Removes any language associations for a set of file extensions
    RemoveOutputFilter extension [extension] -...vdhB
    Removes any output filter associations for a set of file +
    RemoveOutputFilter extension [extension] +...vdhB
    Removes any output filter associations for a set of file extensions
    RemoveType extension [extension] -...vdhB
    Removes any content type associations for a set of file +
    RemoveType extension [extension] +...vdhB
    Removes any content type associations for a set of file extensions
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhE
    Configure HTTP request headers
    RequestReadTimeout +svdhE
    Configure HTTP request headers
    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svE
    Set timeout values for receiving request headers and body from client. +svE
    Set timeout values for receiving request headers and body from client.
    Require [not] entity-name - [entity-name] ...dhB
    Tests whether an authenticated user is authorized by +
    Require [not] entity-name + [entity-name] ...dhB
    Tests whether an authenticated user is authorized by an authorization provider.
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none +
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one +
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none +
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond - TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place +
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond + TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource -svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule - Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched +
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource +svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule + Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched by Apache httpd children
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched +
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched by Apache httpd children
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by +
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by processes launched by Apache httpd children
    Satisfy Any|All All dhE
    Interaction between host-level access control and +
    Satisfy Any|All All dhE
    Interaction between host-level access control and user authentication
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for +
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for the child processes
    Script method cgi-scriptsvdB
    Activates a CGI script for a particular request +
    Script method cgi-scriptsvdB
    Activates a CGI script for a particular request method.
    ScriptAlias URL-path -file-path|directory-pathsvB
    Maps a URL to a filesystem location and designates the +
    ScriptAlias URL-path +file-path|directory-pathsvB
    Maps a URL to a filesystem location and designates the target as a CGI script
    ScriptAliasMatch regex -file-path|directory-pathsvB
    Maps a URL to a filesystem location using a regular expression +
    ScriptAliasMatch regex +file-path|directory-pathsvB
    Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI scripts
    ScriptLog file-pathsvB
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 svB
    Maximum amount of PUT or POST requests that will be recorded +
    ScriptLog file-pathsvB
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 svB
    Maximum amount of PUT or POST requests that will be recorded in the scriptlog
    ScriptLogLength bytes 10385760 svB
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sB
    The filename prefix of the socket to use for communication with +
    ScriptLogLength bytes 10385760 svB
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sB
    The filename prefix of the socket to use for communication with the cgi daemon
    SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters +
    SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error +
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error messages sent to the client
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests +
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests to name-virtual hosts
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify +
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify itself
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that +
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response +
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response header
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the +
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the HTTP_SESSION environment variable
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable [value]svdhB
    Sets environment variables
    SetEnvIf attribute +
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable [value]svdhB
    Sets environment variables
    SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request
    SetEnvIfExpr expr +
    SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request without respect to case
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a +
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a handler
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST +
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST input
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the +
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the server
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI +
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI error
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the +
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the server.
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are +
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Client Auth
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Client Auth
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for defining acceptable CA names
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Client Auth
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Client Auth
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL handshake
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private +
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private keys
    SSLProtocol [+|-]protocol ... all svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field +
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired +
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates +
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL proxy handshake
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server +
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server Certificate verification
    SSLRandomSeed context source -[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding +
    SSLRandomSeed context source +[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding source
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex +
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex boolean expression is true
    SSLRequireSSLdhE
    Deny access when SSL is not used for the +
    SSLRequireSSLdhE
    Deny access when SSL is not used for the HTTP request
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session +
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session Cache
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires +
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires in the Session Cache
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual +
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual host.
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client +
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client Certificate verification
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsB
    Enable or disable the suEXEC feature
    SuexecUserGroup User GroupsvE
    User and group for CGI programs to run as
    %s", r); - if (balancer->s->vhost && *(balancer->s->vhost)) { + if (*balancer->s->vhost) { ap_rvputs(r, balancer->s->vhost, " -> ", NULL); } ap_rvputs(r, balancer->s->vpath, "

    Notas de la Versin

    -

    Gua del Usuario

    -

    How-To / Tutoriales

    -

    Notas especficas sobre plataformas

    -

    Documentacin adicional

    -

    Otros Temas

    +
    @@ -114,8 +118,8 @@ ejecuci  tr  |  zh-cn 

    + + + +
    +

    Modules | Directives | FAQ | Glossary | Sitemap

    +

    Apache HTTP Server Version 2.4

    +
    +
    <-
    + +
    +

    Apache Module mod_proxy_hcheck

    +
    +

    Available Languages:  en 

    +
    + + + + +
    Description:Dynamic health check of Balancer members (workers) for +mod_proxy
    Status:Extension
    ModuleIdentifier:proxy_hcheck_module
    SourceFile:mod_proxy_hcheck.c
    Compatibility:Available in Apache 2.4.21 and later
    +

    Summary

    + +

    This module provides for dynamic health checking of balancer + members (workers). This can be enabled on a worker-by-worker + basis. The health check is done independently of the + actual reverse proxy requests.

    + +

    This module requires the service of mod_watchdog.

    + +

    Parameters

    +

    The health check mechanism is enabled via the use of additional + BalancerMember parameters, which are configured in the standard + way via ProxyPass:

    + +

    A new BalancerMember status state (flag) is defined via this module: "C". + When the worker is taken offline due to failures as determined by the health + check module, this flag is set, and can be seen (and modified) via the + balancer-manager.

    + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterDefaultDescription
    hcmethodNoneNo dynamic health check performed. Choices are: + + + + + + + + + + +
    MethodDescriptionNote
    NoneNo dynamic health checking done
    TCPCheck that a socket to the backend can be created: e.g. "are you up"
    OPTIONSSend an HTTP OPTIONS request to the backend*
    HEADSend an HTTP HEAD request to the backend*
    GETSend an HTTP GET request to the backend*
    *: Unless hcexpr is used, a 2xx or 3xx HTTP status will be interpreted as passing the health check
    +
    hcpasses1Number of successful health check tests before worker is re-enabled
    hcfails1Number of failed health check tests before worker is disabled
    hcinterval30Period of health checks in seconds (e.g. performed every 30 seconds)
    hcuri Additional URI to be appended to the worker URL for the health check.
    hctemplate Name of template, created via ProxyHCTemplate to use for setting health check parameters for this worker
    hcexpr Name of expression, created via ProxyHCExpr, used to check response headers for health.
    + If not used, 2xx thru 3xx status codes imply success
    +
    + +
    + +
    top
    +
    +

    Usage examples

    + + +

    The following example shows how one might configured health checking + for various backend servers:

    + + + 
    ProxyHCExpr ok234 {%{REQUEST_STATUS} =~ /^[234]/}
+ProxyHCExpr gdown {%{REQUEST_STATUS} =~ /^[5]/}
+ProxyHCExpr in_maint {hc('body') !~ /Under maintenance/}
+
+<Proxy balancer://foo>
+  BalancerMember http://www.example.com/  hcmethod=GET hcexpr=in_maint hcuri=/status.php
+  BalancerMember http://www2.example.com/  hcmethod=HEAD hcexpr=ok234 hcinterval=10
+  BalancerMember http://www3.example.com/ hcmethod=TCP hcinterval=5 hcpasses=2 hcfails=3
+  BalancerMember http://www4.example.com/
+</Proxy>
+
+ProxyPass "/" "balancer://foo"
+ProxyPassReverse "/" "balancer://foo"
    + + +

    In this scenario, http://www.example.com/ is health checked by sending a GET /status.php +request to that server and seeing that the returned page does not include the string Under maintenance. If +it does, that server is put in health-check fail mode, and disabled. This dynamic check is performed +every 30 seconds, which is the default.

    + +

    http://www2.example.com/ is checked by sending a simple HEAD request every +10 seconds and making sure that the response status is 2xx, 3xx or 4xx. http://www3.example.com/ is checked +every 5 seconds by simply ensuring that the socket to that server is up. If the backend is marked as +"down" and it passes 2 health check, it will be re-enabled and added back into the load balancer. +It takes 3 back-to-back health check failures to disable the server and move it out +of rotation. Finally, http://www4.example.com/ is +not dynamically checked at all.

    + +
    +
    top
    +

    ProxyHCExpr Directive

    + + + + + + +
    Description:Creates a named condition expression to use to determine health of the backend based on its response.
    Syntax:ProxyHCExpr name {ap_expr expression}
    Context:server config, virtual host
    Status:Extension
    Module:mod_proxy_hcheck
    +

    The ProxyHCExpr directive allows + for creating a named condition expression that checks the response + headers of the backend server to determine its health. This named + condition can then be assigned to balancer members via the hcexpr + parameter

    + +

    ProxyHCExpr: Allow for 2xx/3xx/4xx as passing

    ProxyHCExpr ok234 {%{REQUEST_STATUS} =~ /^[234]/}
+ProxyPass "/apps"     "http://backend.example.com/" hcexpr=ok234
    +
    + +
    + The expression can use curly-parens ("{}") as + quoting deliminators in addition to normal quotes. +
    + +

    If using a health check method (eg: GET) which results in a response + body, that body itself can be checked via ap_expr using the hc() + expression function, which is unique to this module.

    + +

    In the following example, we send the backend a GET request + and if the response body contains the phrase Under maintenance, + we want to disable the backend.

    + +

    ProxyHCExpr: Checking response body

    ProxyHCExpr in_maint {hc('body') !~ /Under maintenance/}
+ProxyPass "/apps"     "http://backend.example.com/" hcexpr=in_maint hcmethod=get hcuri=/status.php
    +
    + +

    NOTE: Since response body can quite large, it is best if used against specific status pages.

    + +
    +
    top
    +

    ProxyHCTemplate Directive

    + + + + + + +
    Description:Creates a named template for setting various health check parameters
    Syntax:ProxyHCTemplate name parameter=setting <...>
    Context:server config, virtual host
    Status:Extension
    Module:mod_proxy_hcheck
    +

    The ProxyHCTemplate directive allows + for creating a named set (template) of health check parameters + that can then be assigned to balancer members via the hctemplate + parameter

    + +

    ProxyHCTemplate

    ProxyHCTemplate tcp5 hcmethod=tcp hcinterval=5
+ProxyPass "/apps"     "http://backend.example.com/" hctemplate=tcp5
    +
    + + +
    +
    top
    +

    ProxyHCTPsize Directive

    + + + + + + +
    Description:Sets the size of the threadpool used for the health check workers.
    Syntax:ProxyHCTPsize <size>
    Context:server config, virtual host
    Status:Extension
    Module:mod_proxy_hcheck
    +

    If Apache httpd and APR are built with thread support, the health check + module will offload the work of the actual checking to a threadpool + associated with the Watchdog process, allowing for parallel checks. + The ProxyHCTPsize directive + determines the size of this threadpool. If set to 0, no threadpool + is used at all, resulting in serialized health checks. The default size is 16.

    + +

    ProxyHCTPsize

    ProxyHCTPsize 32
    +
    + + +
    +
    +
    +

    Available Languages:  en 

    +
    top

    Comments

    Notice:
    This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
    +
    + \ No newline at end of file diff --git a/docs/manual/mod/mod_proxy_html.html.en b/docs/manual/mod/mod_proxy_html.html.en index 37d30c56..298c4394 100644 --- a/docs/manual/mod/mod_proxy_html.html.en +++ b/docs/manual/mod/mod_proxy_html.html.en @@ -72,7 +72,9 @@ extensive documentation
  • ProxyHTMLStripComments
  • ProxyHTMLURLMap
    • - +

    Bugfix checklist

    See also

    +
    top

    ProxyHTMLBufSize Directive

    diff --git a/docs/manual/mod/mod_proxy_html.html.fr b/docs/manual/mod/mod_proxy_html.html.fr index 3a50fc2c..dba7c675 100644 --- a/docs/manual/mod/mod_proxy_html.html.fr +++ b/docs/manual/mod/mod_proxy_html.html.fr @@ -78,7 +78,9 @@ d
  • ProxyHTMLStripComments
  • ProxyHTMLURLMap
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Directive ProxyHTMLBufSize

    diff --git a/docs/manual/mod/mod_proxy_http.html.en b/docs/manual/mod/mod_proxy_http.html.en index 54b7c635..385fcb08 100644 --- a/docs/manual/mod/mod_proxy_http.html.en +++ b/docs/manual/mod/mod_proxy_http.html.en @@ -60,11 +60,11 @@

    Directives

    This module provides no directives.

    -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Environment Variables

    diff --git a/docs/manual/mod/mod_proxy_http.html.fr b/docs/manual/mod/mod_proxy_http.html.fr index ea6f6893..b4604924 100644 --- a/docs/manual/mod/mod_proxy_http.html.fr +++ b/docs/manual/mod/mod_proxy_http.html.fr @@ -61,11 +61,11 @@
  • Informations sur les requtes

    • Directives

    Ce module ne fournit aucune directive.

    -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Variables d'environnement

    diff --git a/docs/manual/mod/mod_proxy_http2.html b/docs/manual/mod/mod_proxy_http2.html new file mode 100644 index 00000000..8144eefd --- /dev/null +++ b/docs/manual/mod/mod_proxy_http2.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: mod_proxy_http2.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/docs/manual/mod/mod_proxy_http2.html.en b/docs/manual/mod/mod_proxy_http2.html.en new file mode 100644 index 00000000..8a87a109 --- /dev/null +++ b/docs/manual/mod/mod_proxy_http2.html.en @@ -0,0 +1,122 @@ + + + + + +mod_proxy_http2 - Apache HTTP Server Version 2.4 + + + + + + + +
    +

    Modules | Directives | FAQ | Glossary | Sitemap

    +

    Apache HTTP Server Version 2.4

    +
    +
    <-
    + +
    +

    Apache Module mod_proxy_http2

    +
    +

    Available Languages:  en 

    +
    + + + +
    Description:HTTP/2 support module for +mod_proxy
    Status:Extension
    ModuleIdentifier:proxy_http2_module
    SourceFile:mod_proxy_http2.c
    +

    Summary

    + +

    This module requires the service of mod_proxy. It provides the features used for + proxying HTTP/2 requests. mod_proxy_http2 + supports HTTP/2 only. It does not + provide any downgrades to HTTP/1.1.

    + +

    Thus, in order to get the ability of handling HTTP/2 proxy requests, + mod_proxy and mod_proxy_http2 + have to be present in the server.

    + +

    mod_proxy_http2 works with incoming requests + over HTTP/1.1 and HTTP/2 requests. If mod_http2 + handles the frontend connection, requests against the same HTTP/2 + backend are sent over a single connection, whenever possible.

    + +

    This module relies on libnghttp2 + to provide the core http/2 engine.

    + +

    Warning

    +

    This module is experimental. Its behaviors, directives, and + defaults are subject to more change from release to + release relative to other standard modules. Users are encouraged to + consult the "CHANGES" file for potential updates.

    +
    + +

    Warning

    +

    Do not enable proxying until you have secured your server. Open proxy + servers are dangerous both to your network and to the Internet at + large.

    +
    +
    +

    Topics

    +

    Directives

    +

    This module provides no + directives.

    +

    Bugfix checklist

    See also

    +
    +
    top
    +
    +

    Request notes

    +

    mod_proxy_http creates the following request notes for + logging using the %{VARNAME}n format in + LogFormat or + ErrorLogFormat: +

    +
    +
    proxy-source-port
    +
    The local port used for the connection to the backend server.
    +
    proxy-status
    +
    The HTTP/2 status received from the backend server.
    +
    +
    +
    +
    +

    Available Languages:  en 

    +
    top

    Comments

    Notice:
    This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
    +
    + \ No newline at end of file diff --git a/docs/manual/mod/mod_proxy_scgi.html.en b/docs/manual/mod/mod_proxy_scgi.html.en index 1fb9efeb..cb62d58d 100644 --- a/docs/manual/mod/mod_proxy_scgi.html.en +++ b/docs/manual/mod/mod_proxy_scgi.html.en @@ -59,11 +59,11 @@
  • ProxySCGIInternalRedirect
  • ProxySCGISendfile
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Examples

    diff --git a/docs/manual/mod/mod_proxy_scgi.html.fr b/docs/manual/mod/mod_proxy_scgi.html.fr index ae46734c..538ae8a3 100644 --- a/docs/manual/mod/mod_proxy_scgi.html.fr +++ b/docs/manual/mod/mod_proxy_scgi.html.fr @@ -61,11 +61,11 @@
  • ProxySCGIInternalRedirect
  • ProxySCGISendfile
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Exemples

    diff --git a/docs/manual/mod/mod_proxy_wstunnel.html.en b/docs/manual/mod/mod_proxy_wstunnel.html.en index a3f6f4f1..266e56de 100644 --- a/docs/manual/mod/mod_proxy_wstunnel.html.en +++ b/docs/manual/mod/mod_proxy_wstunnel.html.en @@ -55,10 +55,10 @@ ProxyPass "/wss2/" "wss://echo.websocket.org/"

    Directives

    This module provides no directives.

    -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • diff --git a/docs/manual/mod/mod_ratelimit.html.en b/docs/manual/mod/mod_ratelimit.html.en index fbc1b72c..a2b4f298 100644 --- a/docs/manual/mod/mod_ratelimit.html.en +++ b/docs/manual/mod/mod_ratelimit.html.en @@ -50,7 +50,9 @@ variable rate-limit.

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_ratelimit.html.fr b/docs/manual/mod/mod_ratelimit.html.fr index df13ec08..c6ade19c 100644 --- a/docs/manual/mod/mod_ratelimit.html.fr +++ b/docs/manual/mod/mod_ratelimit.html.fr @@ -50,7 +50,9 @@ connexion

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_reflector.html.en b/docs/manual/mod/mod_reflector.html.en index cef9e7eb..095f7898 100644 --- a/docs/manual/mod/mod_reflector.html.en +++ b/docs/manual/mod/mod_reflector.html.en @@ -49,7 +49,9 @@ -
    +

    Bugfix checklist

    See also

    +
    top

    Examples

    diff --git a/docs/manual/mod/mod_reflector.html.fr b/docs/manual/mod/mod_reflector.html.fr index c6bc1e32..2b7195bb 100644 --- a/docs/manual/mod/mod_reflector.html.fr +++ b/docs/manual/mod/mod_reflector.html.fr @@ -50,7 +50,9 @@ filtres en sortie. -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Exemples

    diff --git a/docs/manual/mod/mod_remoteip.html.en b/docs/manual/mod/mod_remoteip.html.en index fef04df3..532de924 100644 --- a/docs/manual/mod/mod_remoteip.html.en +++ b/docs/manual/mod/mod_remoteip.html.en @@ -72,12 +72,12 @@ via the request headers.
  • RemoteIPTrustedProxy
  • RemoteIPTrustedProxyList
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Remote IP Processing

    diff --git a/docs/manual/mod/mod_remoteip.html.fr b/docs/manual/mod/mod_remoteip.html.fr index 3ac9a17c..a41befd1 100644 --- a/docs/manual/mod/mod_remoteip.html.fr +++ b/docs/manual/mod/mod_remoteip.html.fr @@ -76,12 +76,12 @@ r
  • RemoteIPTrustedProxy
  • RemoteIPTrustedProxyList
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Traitement des adresses distantes

    diff --git a/docs/manual/mod/mod_reqtimeout.html.en b/docs/manual/mod/mod_reqtimeout.html.en index d9062aae..a69980bf 100644 --- a/docs/manual/mod/mod_reqtimeout.html.en +++ b/docs/manual/mod/mod_reqtimeout.html.en @@ -43,7 +43,9 @@ -
    +

    Bugfix checklist

    See also

    +
    top

    Examples

    diff --git a/docs/manual/mod/mod_reqtimeout.html.fr b/docs/manual/mod/mod_reqtimeout.html.fr index 3288ea9d..f64b9377 100644 --- a/docs/manual/mod/mod_reqtimeout.html.fr +++ b/docs/manual/mod/mod_reqtimeout.html.fr @@ -44,7 +44,9 @@ donn -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Exemples

    diff --git a/docs/manual/mod/mod_request.html.en b/docs/manual/mod/mod_request.html.en index 08de629e..6111a5b7 100644 --- a/docs/manual/mod/mod_request.html.en +++ b/docs/manual/mod/mod_request.html.en @@ -40,7 +40,9 @@ -
    +

    Bugfix checklist

    See also

    +
    top

    KeptBodySize Directive

    diff --git a/docs/manual/mod/mod_request.html.fr b/docs/manual/mod/mod_request.html.fr index 5ccef078..ca4edb67 100644 --- a/docs/manual/mod/mod_request.html.fr +++ b/docs/manual/mod/mod_request.html.fr @@ -41,7 +41,9 @@ les corps de requ -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Directive KeptBodySize

    diff --git a/docs/manual/mod/mod_request.html.tr.utf8 b/docs/manual/mod/mod_request.html.tr.utf8 index 925ad44f..615afebd 100644 --- a/docs/manual/mod/mod_request.html.tr.utf8 +++ b/docs/manual/mod/mod_request.html.tr.utf8 @@ -40,7 +40,9 @@ -
    +

    Bugfix checklist

    Ayrıca bakınız:

    +
    top

    KeptBodySize Yönergesi

    diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en index e49c08b3..d8595823 100644 --- a/docs/manual/mod/mod_rewrite.html.en +++ b/docs/manual/mod/mod_rewrite.html.en @@ -68,7 +68,9 @@ URLs on the fly
  • RewriteOptions
  • RewriteRule
    • -
    +

    Bugfix checklist

    See also

    +
    top

    Logging

    @@ -117,30 +119,31 @@ URLs on the fly Module:mod_rewrite

    The RewriteBase directive specifies the - URL prefix to be used for per-directory (htaccess) - RewriteRule directives that substitute a relative - path.

    + URL prefix to be used for per-directory (htaccess) + RewriteRule directives that + substitute a relative path.

    This directive is required when you use a relative path in a substitution in per-directory (htaccess) context unless either of the following conditions are true:

      -
    • The original request, and the substitution, are underneath the +
    • The original request, and the substitution, are underneath the DocumentRoot - (as opposed to reachable by other means, such as + (as opposed to reachable by other means, such as Alias).
    • The filesystem path to the directory containing the - RewriteRule, suffixed by the relative - substitution is also valid as a URL path on the server + RewriteRule, + suffixed by the relative + substitution is also valid as a URL path on the server (this is rare).
      • -
    • In Apache HTTP Server 2.4.11 and later, this directive may be - omitted when the request is mapped via +
    • In Apache HTTP Server 2.4.16 and later, this directive may be + omitted when the request is mapped via Alias or mod_userdir.

    In the example below, RewriteBase is necessary to avoid rewriting to http://example.com/opt/myapp-1.2.3/welcome.html - since the resource was not relative to the document root. This + since the resource was not relative to the document root. This misconfiguration would normally cause the server to look for an "opt" directory under the document root.

    DocumentRoot "/var/www/example.com"
@@ -344,9 +347,9 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
                   been determined by the server at the time
                   REQUEST_FILENAME is referenced. Otherwise,
                   such as when used in virtual host context, the same
-                  value as REQUEST_URI.  Depending on the value of 
+                  value as REQUEST_URI.  Depending on the value of
                   AcceptPathInfo, the
-                  server may have only used some leading components of the 
+                  server may have only used some leading components of the
                   REQUEST_URI to map the request to a file.
                   
 
@@ -441,7 +444,7 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
         so that certain conditions might not be evaluated at all.
    
 
         
  • 
-        %{LA-U:variable} 
+        %{LA-U:variable}
         can be used for look-aheads which perform
         an internal (URL-based) sub-request to determine the final
         value of variable. This can be used to access
@@ -572,6 +575,13 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
             -l by using the -L or
             -h variant.
 
+            
    -ne
    
+            
    Is numerically not equal to
    
+            The TestString is treated as an integer, and is
+            numerically compared to the CondPattern. True if
+            the two are numerically different. This is equivalent to
+            !-eq.
    
+
    • @@ -581,14 +591,14 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
    -d
    - +
    Is directory.
    Treats the TestString as a pathname and tests whether or not it exists, and is a directory.
    -f
    - +
    Is regular file.
    Treats the TestString as a pathname and tests @@ -605,13 +615,13 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3" it can impact your server's performance!
    -
    -H
    +
    -h
    Is symbolic link, bash convention.
    See -l.
    -l
    - +
    Is symbolic link.
    Treats the TestString as a pathname and tests whether or not it exists, and is a symbolic link. May also @@ -640,8 +650,8 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3" it can impact your server's performance!

    This flag only returns information about things like access control, authentication, and authorization. This flag - does not return information about the status code the - configured handler (static file, CGI, proxy, etc.) would have + does not return information about the status code the + configured handler (static file, CGI, proxy, etc.) would have returned.

    -x
    @@ -661,7 +671,7 @@ RewriteRule ^(.+) /other/archive/$1 [R] -
  • +

  • If the TestString has the special value expr, the CondPattern will be treated as an ap_expr.

    @@ -672,7 +682,7 @@ RewriteRule ^(.+) /other/archive/$1 [R] to block unwanted hotlinking.

    - 
    RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
    
+           
    RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
 RewriteRule "^/images" "-" [F]
    • @@ -732,7 +742,7 @@ RewriteRule ...some special stuff for any of these hosts... 
    RewriteCond  "%{HTTP_USER_AGENT}"  "(iPhone|Blackberry|Android)"
 RewriteRule  "^/$"                 "/homepage.mobile.html"  [L]
 
-RewriteRule  "^/$"                 "/homepage.std.html"  [L]
    +RewriteRule "^/$" "/homepage.std.html" [L]

    Explanation: If you use a browser which identifies itself @@ -769,9 +779,10 @@ RewriteRule "^/$" "/homepage.std.html" [L] RewriteEngine on directive for each virtual host in which you wish to use rewrite rules.

    -

    RewriteMap directives of the type prg +

    RewriteMap directives + of the type prg are not started during server initialization if they're defined in a - context that does not have RewriteEngine set to + context that does not have RewriteEngine set to on

    @@ -780,7 +791,6 @@ RewriteRule "^/$" "/homepage.std.html" [L] @@ -826,11 +836,6 @@ RewriteRule "^/$" "/homepage.std.html" [L]
    RewriteRule "^/ex/(.*)" "${examplemap:$1}"
    -

    The meaning of the MapTypeOptions argument depends on - particular MapType. See the - Using RewriteMap for - more information.

    -

    The following combinations for MapType and MapSource can be used:

    @@ -950,7 +955,7 @@ RewriteRule "^/$" "/homepage.std.html" [L] directory on disk but lack a trailing slash, in the expectation that the mod_dir module will issue the client with a redirect to the canonical URL with a trailing slash.

    - +

    When the DirectorySlash directive is set to off, the AllowNoSlash option can be enabled to ensure that rewrite rules are no longer ignored. This option makes it possible to @@ -977,7 +982,7 @@ RewriteRule "^/$" "/homepage.std.html" [L] Available in Apache HTTP Server 2.4.3 and later.

    -

    Security Warning

    +

    Security Warning

    Enabling this option will make the server vulnerable to security issues if used with rewrite rules which are not @@ -1004,10 +1009,10 @@ RewriteRule "^/$" "/homepage.std.html" [L]

    When a relative substitution is made in directory (htaccess) context and RewriteBase has not been set, this module uses some - extended URL and filesystem context information to change the - relative substitution back into a URL. Modules such as + extended URL and filesystem context information to change the + relative substitution back into a URL. Modules such as mod_userdir and mod_alias - supply this extended context info.

    + supply this extended context info. Available in 2.4.16 and later.

    @@ -1038,7 +1043,6 @@ RewriteRule "^/$" "/homepage.std.html" [L] path relative to that per-directory context. Subsequent patterns are matched against the output of the last matching RewriteRule.

    -

    What is matched?

    In VirtualHost context, The Pattern will initially be matched against the part of the @@ -1087,7 +1091,7 @@ relative substitutions.

  • If you wish to match against the full URL-path in a per-directory (htaccess) RewriteRule, use the %{REQUEST_URI} variable in -a RewriteCond.
    • +a RewriteCond.
  • The removed prefix always ends with a slash, meaning the matching occurs against a string which never has a leading slash. Therefore, a Pattern with ^/ never @@ -1132,7 +1136,7 @@ cannot use $N in the substitution string!
    Designates the location on the file-system of the resource to be delivered to the client. Substitutions are only - treated as a file-system path when the rule is configured in + treated as a file-system path when the rule is configured in server (virtualhost) context and the first component of the path in the substitution exists in the file-system
    @@ -1146,7 +1150,7 @@ cannot use $N in the substitution string! you specify a Substitution string of /www/file.html, then this will be treated as a URL-path unless a directory named www - exists at the root or your file-system (or, in the case of + exists at the root or your file-system (or, in the case of using rewrites in a .htaccess file, relative to your document root), in which case it will be treated as a file-system path. If you wish other @@ -1194,9 +1198,11 @@ cannot use $N in the substitution string! (N=0..9), which will be replaced by the contents of the Nth group of the matched Pattern. The server-variables are the same - as for the TestString of a RewriteCond + as for the TestString of a + RewriteCond directive. The mapping-functions come from the - RewriteMap directive and are explained there. + RewriteMap + directive and are explained there. These three types of variables are expanded in the order above.

    Rewrite rules are applied to the results of previous rewrite @@ -1223,7 +1229,7 @@ cannot use $N in the substitution string!

    Additionally you can set special actions to be performed by appending [flags] - as the third argument to the RewriteRule + as the third argument to the RewriteRule directive. Flags is a comma-separated list, surround by square brackets, of any of the flags in the following table. More details, and examples, for each flag, are available in the Rewrite Flags document.

    @@ -1330,7 +1336,7 @@ cannot use $N in the substitution string!
    • - @@ -1342,7 +1348,7 @@ cannot use $N in the substitution string! diff --git a/docs/manual/mod/mod_rewrite.html.fr b/docs/manual/mod/mod_rewrite.html.fr index c4ddafb2..c0a68d40 100644 --- a/docs/manual/mod/mod_rewrite.html.fr +++ b/docs/manual/mod/mod_rewrite.html.fr @@ -75,7 +75,9 @@ r
  • RewriteOptions
  • RewriteRule
    • - +

    Traitement des bugs

    Voir aussi

    +
    top

    Journalisation

    @@ -131,7 +133,7 @@ r

    La directive RewriteBase permet de spcifier le prfixe d'URL utiliser dans un contexte de rpertoire (htaccess) pour les directives - RewriteRule qui rcrivent vers un chemin + RewriteRule qui rcrivent vers un chemin relatif.

    Cette directive est obligatoire si vous utilisez un chemin relatif dans une substitution, et dans un contexte de @@ -143,10 +145,10 @@ r dire que pour y accder, il n'est pas ncessaire d'utiliser une directive telle qu'Alias).

  • Le chemin du systme de fichiers vers le rpertoire - contenant la RewriteRule, suffix par + contenant la RewriteRule, suffix par la substitution relative est aussi valide en tant qu'URL sur le serveur (ce qui est rare).
    • -
  • A partir de la version 2.4.11 du serveur HTTP Apache, +
  • A partir de la version 2.4.16 du serveur HTTP Apache, cette directive peut tre omise lorsque la requte est transforme via une directive Alias ou le module mod_userdir.
    • @@ -613,6 +615,13 @@ la r en utilisant la variante the -L ou -h. +
    -ne
    +
    Est numriquement non gal
    + La Chane de test est considre comme un entier et est + numriquement compare l'expression de comparaison. Vrai + si les deux lments compars sont numriquement diffrents. + Equivalent !-eq.
    + @@ -639,7 +648,7 @@ la r utiliser avec prcautions car les performances du serveur peuvent s'en trouver affectes ! -
    -H
    +
    -h
    est un lien symbolique, selon la convention bash
    Voir -l.
    @@ -705,7 +714,7 @@ RewriteRule ^(.+) /other/archive/$1 [R] non dsir.

    - 
               RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
    
+           
               RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
            RewriteRule "^/images" "-" [F]
    
 
         
@@ -809,7 +818,7 @@ moteur de r
       hte virtuel pour lequel vous souhaitez utiliser des rgles
       de rcriture.
    
 
-      
    Les directives RewriteMap du type
+      
    Les directives RewriteMap du type
       prg ne sont pas prises en compte au cours de
       l'initialisation du serveur si elle ont t dfinies dans un
       contexte o la directive RewriteEngine n'a
@@ -823,7 +832,6 @@ moteur de r
    @@ -874,10 +882,6 @@ recherche de mots-cl 
    RewriteRule "^/ex/(.*)" "${map-exemple:$1}"
    -

    La signification de l'argument MapTypeOptions dpend du - MapType. Voir le document Utiliser RewriteMap pour plus de - dtails.

    -

    Les combinaisons suivantes pour type de correspondance et source de la correspondance peuvent tre utilises :

    @@ -1069,7 +1073,8 @@ pour le moteur de r d'URL et du contexte du systme de fichiers pour transformer la sustitution relative en URL. Par exemple, les modules mod_userdir et mod_alias - utilisent ces informations de contexte tendu..

    + utilisent ces informations de contexte tendu. Disponible partir de la + version 2.4.16 du serveur HTTP Apache.

    @@ -1167,7 +1172,7 @@ relatives. l'intgralit du chemin de l'URL dans un contexte de rpertoire (htaccess), vous devez utiliser la variable %{REQUEST_URI} dans la directive -RewriteCond. +RewriteCond.
  • Le prefixe supprim se termine toujours par un slash, ce qui signifie que la comparaison s'effectue avec une chane qui ne comporte @@ -1287,8 +1292,8 @@ substitution ! seront remplacs par le contenu du Nme groupe du Modle qui correspondait. Les variables du serveur sont les mmes que dans la Chane de test d'une - directive RewriteCond. Les fonctions de comparaison - sont issues de la directive RewriteMap dans la + directive RewriteCond. Les + fonctions de comparaison sont issues de la directive RewriteMap dans la section de laquelle elles sont dcrites. Ces trois types de variables sont values dans l'ordre ci-dessus.

    @@ -1323,7 +1328,7 @@ substitution ! des [drapeaux] comme troisime argument de la directive - RewriteRule. Spars par des virgules au sein d'une + RewriteRule. Spars par des virgules au sein d'une liste encadre par des crochets, les drapeaux peuvent tre choisis dans la table suivante. Vous trouverez plus de dtails, et des exemples pour chaque drapeau dans le document propos des drapeaux de diff --git a/docs/manual/mod/mod_sed.html.en b/docs/manual/mod/mod_sed.html.en index b395b7f1..1d77741a 100644 --- a/docs/manual/mod/mod_sed.html.en +++ b/docs/manual/mod/mod_sed.html.en @@ -73,7 +73,9 @@ the author's blog.

  • InputSed
  • OutputSed
    • - +

    Bugfix checklist

    See also

    +
    top

    Sample Configuration

    diff --git a/docs/manual/mod/mod_sed.html.fr b/docs/manual/mod/mod_sed.html.fr index bf233ca5..4f360609 100644 --- a/docs/manual/mod/mod_sed.html.fr +++ b/docs/manual/mod/mod_sed.html.fr @@ -83,7 +83,9 @@ recherche/remplacement de cha
  • InputSed
  • OutputSed
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Exemple de configuration

    diff --git a/docs/manual/mod/mod_session.html.en b/docs/manual/mod/mod_session.html.en index 8f0ad2ae..19c359e3 100644 --- a/docs/manual/mod/mod_session.html.en +++ b/docs/manual/mod/mod_session.html.en @@ -83,12 +83,12 @@
  • SessionInclude
  • SessionMaxAge
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    What is a session?

    diff --git a/docs/manual/mod/mod_session.html.fr b/docs/manual/mod/mod_session.html.fr index bdb3c88c..73ed7d14 100644 --- a/docs/manual/mod/mod_session.html.fr +++ b/docs/manual/mod/mod_session.html.fr @@ -92,12 +92,12 @@
  • SessionInclude
  • SessionMaxAge
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Qu'est-ce qu'une session ?

    diff --git a/docs/manual/mod/mod_session_cookie.html.en b/docs/manual/mod/mod_session_cookie.html.en index 84ab4c7a..610fb125 100644 --- a/docs/manual/mod/mod_session_cookie.html.en +++ b/docs/manual/mod/mod_session_cookie.html.en @@ -69,12 +69,12 @@
  • SessionCookieName2
  • SessionCookieRemove
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Basic Examples

    diff --git a/docs/manual/mod/mod_session_cookie.html.fr b/docs/manual/mod/mod_session_cookie.html.fr index 16fd0d3b..4c5a5fc8 100644 --- a/docs/manual/mod/mod_session_cookie.html.fr +++ b/docs/manual/mod/mod_session_cookie.html.fr @@ -74,12 +74,12 @@
  • SessionCookieName2
  • SessionCookieRemove
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Exemples simples

    diff --git a/docs/manual/mod/mod_session_crypto.html.en b/docs/manual/mod/mod_session_crypto.html.en index 66bf7158..5bde011a 100644 --- a/docs/manual/mod/mod_session_crypto.html.en +++ b/docs/manual/mod/mod_session_crypto.html.en @@ -66,12 +66,12 @@
  • SessionCryptoPassphrase
  • SessionCryptoPassphraseFile
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Basic Usage

    diff --git a/docs/manual/mod/mod_session_crypto.html.fr b/docs/manual/mod/mod_session_crypto.html.fr index 7c68537e..145374f9 100644 --- a/docs/manual/mod/mod_session_crypto.html.fr +++ b/docs/manual/mod/mod_session_crypto.html.fr @@ -69,12 +69,12 @@
  • SessionCryptoPassphrase
  • SessionCryptoPassphraseFile
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Utilisation de base

    diff --git a/docs/manual/mod/mod_session_dbd.html.en b/docs/manual/mod/mod_session_dbd.html.en index 0529f473..f9a2d99b 100644 --- a/docs/manual/mod/mod_session_dbd.html.en +++ b/docs/manual/mod/mod_session_dbd.html.en @@ -80,13 +80,13 @@
  • SessionDBDSelectLabel
  • SessionDBDUpdateLabel
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    DBD Configuration

    diff --git a/docs/manual/mod/mod_session_dbd.html.fr b/docs/manual/mod/mod_session_dbd.html.fr index 928945e6..5d81913a 100644 --- a/docs/manual/mod/mod_session_dbd.html.fr +++ b/docs/manual/mod/mod_session_dbd.html.fr @@ -86,13 +86,13 @@
  • SessionDBDSelectLabel
  • SessionDBDUpdateLabel
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Configuration de DBD

    diff --git a/docs/manual/mod/mod_setenvif.html.en b/docs/manual/mod/mod_setenvif.html.en index 8b66eb4a..151ba1a2 100644 --- a/docs/manual/mod/mod_setenvif.html.en +++ b/docs/manual/mod/mod_setenvif.html.en @@ -75,10 +75,10 @@ BrowserMatch MSIE !netscape
  • SetEnvIfExpr
  • SetEnvIfNoCase
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    BrowserMatch Directive

    diff --git a/docs/manual/mod/mod_setenvif.html.fr b/docs/manual/mod/mod_setenvif.html.fr index 98ecbe20..81279e54 100644 --- a/docs/manual/mod/mod_setenvif.html.fr +++ b/docs/manual/mod/mod_setenvif.html.fr @@ -75,11 +75,11 @@ BrowserMatch MSIE !netscape
  • SetEnvIfExpr
  • SetEnvIfNoCase
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Directive BrowserMatch

    diff --git a/docs/manual/mod/mod_setenvif.html.ja.utf8 b/docs/manual/mod/mod_setenvif.html.ja.utf8 index a00c9ad7..cf0b4f7b 100644 --- a/docs/manual/mod/mod_setenvif.html.ja.utf8 +++ b/docs/manual/mod/mod_setenvif.html.ja.utf8 @@ -67,10 +67,10 @@
  • SetEnvIfExpr
  • SetEnvIfNoCase
    • -

    参照

    +

    Bugfix checklist

    参照

    +
  • コメント
    • top

    BrowserMatch ディレクティブ

    diff --git a/docs/manual/mod/mod_setenvif.html.ko.euc-kr b/docs/manual/mod/mod_setenvif.html.ko.euc-kr index b6901df4..7699bb48 100644 --- a/docs/manual/mod/mod_setenvif.html.ko.euc-kr +++ b/docs/manual/mod/mod_setenvif.html.ko.euc-kr @@ -62,10 +62,10 @@
  • SetEnvIfExpr
  • SetEnvIfNoCase
    • -

    +

    Bugfix checklist

    +
  • Comments
    • top

    BrowserMatch þ

    diff --git a/docs/manual/mod/mod_setenvif.html.tr.utf8 b/docs/manual/mod/mod_setenvif.html.tr.utf8 index 640decc0..629055df 100644 --- a/docs/manual/mod/mod_setenvif.html.tr.utf8 +++ b/docs/manual/mod/mod_setenvif.html.tr.utf8 @@ -73,10 +73,10 @@ BrowserMatch MSIE !netscape
  • SetEnvIfExpr
  • SetEnvIfNoCase
    • -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    BrowserMatch Yönergesi

    diff --git a/docs/manual/mod/mod_slotmem_plain.html.en b/docs/manual/mod/mod_slotmem_plain.html.en index 32addd5d..545a9bfa 100644 --- a/docs/manual/mod/mod_slotmem_plain.html.en +++ b/docs/manual/mod/mod_slotmem_plain.html.en @@ -87,7 +87,9 @@

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_slotmem_plain.html.fr b/docs/manual/mod/mod_slotmem_plain.html.fr index 294bb128..48416899 100644 --- a/docs/manual/mod/mod_slotmem_plain.html.fr +++ b/docs/manual/mod/mod_slotmem_plain.html.fr @@ -93,7 +93,9 @@ slots.

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_slotmem_shm.html.en b/docs/manual/mod/mod_slotmem_shm.html.en index 5b1832cf..e15305d6 100644 --- a/docs/manual/mod/mod_slotmem_shm.html.en +++ b/docs/manual/mod/mod_slotmem_shm.html.en @@ -100,7 +100,9 @@

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_slotmem_shm.html.fr b/docs/manual/mod/mod_slotmem_shm.html.fr index 34b9e1a3..0741c48c 100644 --- a/docs/manual/mod/mod_slotmem_shm.html.fr +++ b/docs/manual/mod/mod_slotmem_shm.html.fr @@ -111,7 +111,9 @@ slots.

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_so.html.en b/docs/manual/mod/mod_so.html.en index 9ae0592b..1b9360c4 100644 --- a/docs/manual/mod/mod_so.html.en +++ b/docs/manual/mod/mod_so.html.en @@ -67,7 +67,9 @@ Windows
    Description:Defines a mapping function for key-lookup
    Syntax:RewriteMap MapName MapType:MapSource - MapTypeOptions
    Context:server config, virtual host
    Status:Extension
    qsappend|QSAAppends any query string from the original request URL to + Appends any query string from the original request URL to any query string created in the rewrite target.details ...
    qslast|QSL Interpret the last (right-most) question mark as the query string - delimeter, instead of the first (left-most) as normally used. + delimeter, instead of the first (left-most) as normally used. Available in 2.4.19 and later. details ...
    Description:Dfinit une fonction de mise en correspondance pour la recherche de mots-cls
    Syntaxe:RewriteMap MapName MapType:MapSource - MapTypeOptions
    Contexte:configuration du serveur, serveur virtuel
    Statut:Extension
  • LoadFile
  • LoadModule
    • - +

    Bugfix checklist

    See also

    +
    top

    Creating Loadable Modules for Windows

    diff --git a/docs/manual/mod/mod_so.html.fr b/docs/manual/mod/mod_so.html.fr index db7b6768..c23b3887 100644 --- a/docs/manual/mod/mod_so.html.fr +++ b/docs/manual/mod/mod_so.html.fr @@ -71,7 +71,9 @@ Windows
  • LoadFile
  • LoadModule
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Cration de modules chargeables pour diff --git a/docs/manual/mod/mod_so.html.ja.utf8 b/docs/manual/mod/mod_so.html.ja.utf8 index bf42a2d1..99f6fd68 100644 --- a/docs/manual/mod/mod_so.html.ja.utf8 +++ b/docs/manual/mod/mod_so.html.ja.utf8 @@ -72,7 +72,9 @@
  • LoadFile
  • LoadModule
    • -

    +

    Bugfix checklist

    参照

    +
    top

    Windows 用のロード可能なモジュールを作成する

    diff --git a/docs/manual/mod/mod_so.html.ko.euc-kr b/docs/manual/mod/mod_so.html.ko.euc-kr index 35bff0d8..216a4cc6 100644 --- a/docs/manual/mod/mod_so.html.ko.euc-kr +++ b/docs/manual/mod/mod_so.html.ko.euc-kr @@ -65,7 +65,9 @@
  • LoadFile
  • LoadModule
    • -
    +

    Bugfix checklist

    +
    top

     о

    diff --git a/docs/manual/mod/mod_so.html.tr.utf8 b/docs/manual/mod/mod_so.html.tr.utf8 index dfc85cd3..377b186a 100644 --- a/docs/manual/mod/mod_so.html.tr.utf8 +++ b/docs/manual/mod/mod_so.html.tr.utf8 @@ -64,7 +64,9 @@ yeniden başlatılması sırasında yüklenmesini sağlar.
  • LoadFile
  • LoadModule
    • -
    +

    Bugfix checklist

    Ayrıca bakınız:

    +
    top

    Yüklenebilir Modüllerin Windows için Oluşturulması

    diff --git a/docs/manual/mod/mod_socache_dbm.html.en b/docs/manual/mod/mod_socache_dbm.html.en index 4631edae..3fc655c4 100644 --- a/docs/manual/mod/mod_socache_dbm.html.en +++ b/docs/manual/mod/mod_socache_dbm.html.en @@ -52,7 +52,9 @@

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_socache_dbm.html.fr b/docs/manual/mod/mod_socache_dbm.html.fr index bdecf0bb..7ab22f2a 100644 --- a/docs/manual/mod/mod_socache_dbm.html.fr +++ b/docs/manual/mod/mod_socache_dbm.html.fr @@ -51,7 +51,9 @@

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_socache_dc.html.en b/docs/manual/mod/mod_socache_dc.html.en index ade973f2..c270628b 100644 --- a/docs/manual/mod/mod_socache_dc.html.en +++ b/docs/manual/mod/mod_socache_dc.html.en @@ -35,9 +35,9 @@ SourceFile:mod_socache_dc.c

    Summary

    -

    mod_socache_dc is a shared object cache provider +

    mod_socache_dc is a shared object cache provider which provides for creation and access to a cache backed by the - distcache + distcache distributed session caching libraries.

    @@ -49,7 +49,9 @@

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_socache_dc.html.fr b/docs/manual/mod/mod_socache_dc.html.fr index 899ed292..8a0a69f7 100644 --- a/docs/manual/mod/mod_socache_dc.html.fr +++ b/docs/manual/mod/mod_socache_dc.html.fr @@ -35,10 +35,10 @@ FichierSource:mod_socache_dc.c

    Sommaire

    -

    Le module mod_socache_dc est un fournisseur de cache +

    Le module mod_socache_dc est un fournisseur de cache d'objets partags qui permet la cration et l'accs un cache maintenu par les bibliothques de mise en cache de sessions - distribues distcache. + distribues distcache.

    Vous trouverez des dtails propos des autres fournisseurs de @@ -48,7 +48,9 @@

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_socache_memcache.html.en b/docs/manual/mod/mod_socache_memcache.html.en index bafa848f..a8506e7c 100644 --- a/docs/manual/mod/mod_socache_memcache.html.en +++ b/docs/manual/mod/mod_socache_memcache.html.en @@ -60,7 +60,9 @@ -
    +

    Bugfix checklist

    See also

    +
    top

    MemcacheConnTTL Directive

    diff --git a/docs/manual/mod/mod_socache_memcache.html.fr b/docs/manual/mod/mod_socache_memcache.html.fr index 3c231474..6ab1d7f1 100644 --- a/docs/manual/mod/mod_socache_memcache.html.fr +++ b/docs/manual/mod/mod_socache_memcache.html.fr @@ -61,7 +61,9 @@ -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Directive MemcacheConnTTL

    diff --git a/docs/manual/mod/mod_socache_shmcb.html.en b/docs/manual/mod/mod_socache_shmcb.html.en index a93e1b72..92956ce3 100644 --- a/docs/manual/mod/mod_socache_shmcb.html.en +++ b/docs/manual/mod/mod_socache_shmcb.html.en @@ -52,7 +52,9 @@

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    diff --git a/docs/manual/mod/mod_socache_shmcb.html.fr b/docs/manual/mod/mod_socache_shmcb.html.fr index 1027a841..ca0a5bb1 100644 --- a/docs/manual/mod/mod_socache_shmcb.html.fr +++ b/docs/manual/mod/mod_socache_shmcb.html.fr @@ -52,7 +52,9 @@

    Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    diff --git a/docs/manual/mod/mod_speling.html.en b/docs/manual/mod/mod_speling.html.en index a7d27ce8..8239ba00 100644 --- a/docs/manual/mod/mod_speling.html.en +++ b/docs/manual/mod/mod_speling.html.en @@ -73,7 +73,9 @@ misspellings.
  • CheckCaseOnly
  • CheckSpelling
    • -
    +

    Bugfix checklist

    See also

    +
    top

    CheckCaseOnly Directive

    diff --git a/docs/manual/mod/mod_speling.html.fr b/docs/manual/mod/mod_speling.html.fr index c71d2b73..01aed490 100644 --- a/docs/manual/mod/mod_speling.html.fr +++ b/docs/manual/mod/mod_speling.html.fr @@ -72,7 +72,9 @@ fautes de frappe mineures.
  • CheckCaseOnly
  • CheckSpelling
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Directive CheckCaseOnly

    diff --git a/docs/manual/mod/mod_speling.html.ja.utf8 b/docs/manual/mod/mod_speling.html.ja.utf8 index c1ce900b..8402e078 100644 --- a/docs/manual/mod/mod_speling.html.ja.utf8 +++ b/docs/manual/mod/mod_speling.html.ja.utf8 @@ -77,7 +77,9 @@
  • CheckCaseOnly
  • CheckSpelling
    • -
    +

    Bugfix checklist

    参照

    +
    top

    CheckCaseOnly ディレクティブ

    diff --git a/docs/manual/mod/mod_speling.html.ko.euc-kr b/docs/manual/mod/mod_speling.html.ko.euc-kr index 080c6df9..27482068 100644 --- a/docs/manual/mod/mod_speling.html.ko.euc-kr +++ b/docs/manual/mod/mod_speling.html.ko.euc-kr @@ -68,7 +68,9 @@
  • CheckCaseOnly
  • CheckSpelling
    • -
    +

    Bugfix checklist

    +
    top

    CheckCaseOnly þ

    diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en index 58807995..706ffbce 100644 --- a/docs/manual/mod/mod_ssl.html.en +++ b/docs/manual/mod/mod_ssl.html.en @@ -124,7 +124,9 @@ to provide the cryptography engine.

  • SSLVerifyClient
  • SSLVerifyDepth
    • -
    +

    Bugfix checklist

    See also

    +
    top

    Environment Variables

    @@ -343,8 +345,8 @@ directive.

    The following example grants access if the user is authenticated either with a client certificate or by username and password.

    - 
          Require ssl-verify-client
    
-      Require valid-user
    + 
    Require ssl-verify-client
+Require valid-user
    @@ -462,11 +464,13 @@ this directory contains the appropriate symbolic links.

    SSLCARevocationCheck Directive

    - + +
    Description:Enable CRL-based revocation checking
    Syntax:SSLCARevocationCheck chain|leaf|none
    Syntax:SSLCARevocationCheck chain|leaf|none flags
    Default:SSLCARevocationCheck none
    Context:server config, virtual host
    Status:Extension
    Module:mod_ssl
    Compatibility:Optional flags available in httpd 2.5-dev or +later

    Enables certificate revocation list (CRL) checking. At least one of @@ -476,22 +480,32 @@ configured. When set to chain (recommended setting), CRL checks are applied to all certificates in the chain, while setting it to leaf limits the checks to the end-entity cert.

    -
    -

    When set to chain or leaf, -CRLs must be available for successful validation

    -

    -Prior to version 2.3.15, CRL checking in mod_ssl also succeeded when -no CRL(s) were found in any of the locations configured with -SSLCARevocationFile -or SSLCARevocationPath. -With the introduction of this directive, the behavior has been changed: -when checking is enabled, CRLs must be present for the validation -to succeed - otherwise it will fail with an -"unable to get certificate CRL" error. -

    -
    +

    The available flags are:

    +
      +
    • no_crl_for_cert_ok +

      + Prior to version 2.3.15, CRL checking in mod_ssl also succeeded when + no CRL(s) for the checked certificate(s) were found in any of the locations + configured with SSLCARevocationFile + or SSLCARevocationPath. +

      +

      + With the introduction of SSLCARevocationFile, + the behavior has been changed: by default with chain or + leaf, CRLs must be present for the + validation to succeed - otherwise it will fail with an + "unable to get certificate CRL" error. +

      +

      + The flag no_crl_for_cert_ok allows to restore + previous behaviour. +

      +
      • +

    Example

    SSLCARevocationCheck chain
    +

    Compatibility with versions 2.2

    SSLCARevocationCheck chain no_crl_for_cert_ok
    +
    top
    @@ -1591,15 +1605,30 @@ contains the appropriate symbolic links.

    This directive sets whether the remote server certificate's CN field is compared against the hostname of the request URL. If both are not equal -a 502 status code (Bad Gateway) is sent. +a 502 status code (Bad Gateway) is sent. SSLProxyCheckPeerCN is +superseded by SSLProxyCheckPeerName +in release 2.4.5 and later.

    -In 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by -SSLProxyCheckPeerName, and its -setting is only taken into account when -SSLProxyCheckPeerName off is specified at the same time. +In all releases 2.4.5 through 2.4.20, setting +SSLProxyCheckPeerName off was sufficient to enable this behavior +(as the SSLProxyCheckPeerCN default was on.) In +these releases, both directives must be set to off to completely +avoid remote server certificate name validation. Many users reported this +to be very confusing.

    -

    Example

    SSLProxyCheckPeerCN on
    +

    +As of release 2.4.21, all configurations which enable either one of the +SSLProxyCheckPeerName or SSLProxyCheckPeerCN options +will use the new SSLProxyCheckPeerName +behavior, and all configurations which disable either one of the +SSLProxyCheckPeerName or SSLProxyCheckPeerCN options +will supress all remote server certificate name validation. Only the following +configuration will trigger the legacy certificate CN comparison in 2.4.21 and +later releases; +

    +

    Example

    SSLProxyCheckPeerCN on
+SSLProxyCheckPeerName off
    @@ -1636,21 +1665,30 @@ sent. Compatibility:Apache HTTP Server 2.4.5 and later

    -This directive configures host name checking for server certificates -when mod_ssl is acting as an SSL client. The check will -succeed if the host name from the request URI is found in -either the subjectAltName extension or (one of) the CN attribute(s) -in the certificate's subject. If the check fails, the SSL request -is aborted and a 502 status code (Bad Gateway) is returned. -The directive supersedes SSLProxyCheckPeerCN, -which only checks for the expected host name in the first CN attribute. +This directive configures host name checking for server certificates when +mod_ssl is acting as an SSL client. The check will succeed if the host name +from the request URI matches one of the CN attribute(s) of the certificate's +subject, or matches the subjectAltName extension. If the check fails, the SSL +request is aborted and a 502 status code (Bad Gateway) is returned. +

    +

    +Wildcard matching is supported for specific cases: an subjectAltName entry +of type dNSName, or CN attributes starting with *. will match +with any host name of the same number of name elements and the same suffix. +E.g. *.example.org will match foo.example.org, +but will not match foo.bar.example.org, because the number of +elements in the respective host names differs.

    -Wildcard matching is supported in one specific flavor: subjectAltName entries -of type dNSName or CN attributes starting with *. will match -for any DNS name with the same number of labels and the same suffix -(i.e., *.example.org matches for foo.example.org, -but not for foo.bar.example.org). +This feature was introduced in 2.4.5 and superseded the behavior of the +SSLProxyCheckPeerCN directive, which +only tested the exact value in the first CN attribute against the host name. +However, many users were confused by the behavior of using these directives +individually, so the mutual behavior of SSLProxyCheckPeerName +and SSLProxyCheckPeerCN directives were improved in release +2.4.21. See the SSLProxyCheckPeerCN +directive description for the original behavior and details of these +improvements.

    @@ -2186,7 +2224,7 @@ The following five storage types are currently supported:

  • dc:UNIX:/path/to/socket -

    This makes use of the distcache distributed session +

    This makes use of the distcache distributed session caching libraries. The argument should specify the location of the server or proxy to be used using the distcache address syntax; for example, UNIX:/path/to/socket specifies a UNIX diff --git a/docs/manual/mod/mod_ssl.html.fr b/docs/manual/mod/mod_ssl.html.fr index 7ae438d0..c9d5ea90 100644 --- a/docs/manual/mod/mod_ssl.html.fr +++ b/docs/manual/mod/mod_ssl.html.fr @@ -126,7 +126,9 @@ disponibles avec Require

  • SSLVerifyClient
  • SSLVerifyDepth
    • - +

    Traitement des bugs

    Voir aussi

    +
    top

    Variables d'environnement

    @@ -418,8 +420,8 @@ disponibles avec Require authentifi via un certificat client ou par nom d'utilisateur/mot de passe :

    - 
          Require ssl-verify-client
    
-      Require valid-user
    + 
    Require ssl-verify-client
+Require valid-user
    @@ -542,11 +544,13 @@ assurer que ce r

    Directive SSLCARevocationCheck

    - + +
    Description:Active la vrification des rvocations base sur les CRL
    Syntaxe:SSLCARevocationCheck chain|leaf|none
    Syntaxe:SSLCARevocationCheck chain|leaf|none flags
    Dfaut:SSLCARevocationCheck none
    Contexte:configuration du serveur, serveur virtuel
    Statut:Extension
    Module:mod_ssl
    Compatibilit:Le drapeau optionnel flags est disponible partir de la +version 2.5-dev du serveur HTTP Apache

    Active la vrification des rvocations base sur les Listes de @@ -556,22 +560,27 @@ recommand certificats de la chane, alors que la valeur leaf limite la vrification au certificat hors chane (la feuille).

    -
    -

    Lorsque la directive est dfinie chain ou -leaf, les CRLs doivent tre disponibles pour que la -validation russisse

    +

    flags peut prendre comme valeurs

    +
      +
    • no_crl_for_cert_ok

      Avant la version 2.3.15, les vrifications CRL dans mod_ssl russissaient mme si aucune CRL n'tait trouve dans les chemins -dfinis par les directives SSLCARevocationFile ou SSLCARevocationPath. Le comportement a -chang avec l'introduction de cette directive : lorsque la vrification -est active, les CRLs doivent tre prsentes pour que la +dfinis par les directives SSLCARevocationFile ou SSLCARevocationPath.

      +

      Le comportement a +chang avec l'introduction de la directive +SSLCARevocationFile : par dfaut avec +chain ou leaf, les CRLs doivent tre prsentes pour que la validation russisse ; dans le cas contraire, elle chouera avec une -erreur "CRL introuvable". -

      -
    +erreur "unable to get certificate CRL".

    +

    La valeur no_crl_for_cert_ok du drapeau flag permet de +retrouver le comportement prcdent.

    + +

    Exemple

    SSLCARevocationCheck chain
    +

    Compatibilit avec la branche 2.2

    SSLCARevocationCheck chain no_crl_for_cert_ok
    +
    top
    @@ -1788,17 +1797,32 @@ du serveur distant Module:mod_ssl

    -Cette directive permet de dfinir si le champ CN du certificat -du serveur distant doit tre compar au nom de serveur de l'URL de la -requte. S'ils ne correspondent pas, un -code d'tat 502 (Bad Gateway) est envoy. +Cette directive permet de dfinir si le champ CN du certificat du serveur +distant doit tre compar au nom de serveur de l'URL de la requte. S'ils ne +correspondent pas, un code d'tat 502 (Bad Gateway) est envoy. A partir de la +version 2.4.5, SSLProxyCheckPeerCN a t remplac par SSLProxyCheckPeerName.

    -A partir de la version 2.4.5, SSLProxyCheckPeerCN a t remplac par SSLProxyCheckPeerName, et sa dfinition -n'est prise en compte que si SSLProxyCheckPeerName off a -t spcifi. +De la version 2.4.5 la version 2.4.20, spcifier SSLProxyCheckPeerName +off tait suffisant pour obtenir ce comportement (car la valeur par +dfaut de SSLProxyCheckPeerCN tait on). Avec ces +versions, les deux directives doivent tre dfinies off pour +viter toute validation du nom de certificat du serveur distant, et de +nombreux utilisateurs ont signal ce comportement comme trs perturbant.

    -

    Exemple

    SSLProxyCheckPeerCN on
    +

    +A partir de la version 2.4.21, toutes les configurations qui activent au moins +une des deux directives SSLProxyCheckPeerName ou +SSLProxyCheckPeerCN adopteront le nouveau comportement de la +directive SSLProxyCheckPeerName, et +toutes les configurations qui dsactivent une des deux directives +SSLProxyCheckPeerName ou SSLProxyCheckPeerCN +viteront toute validation du nom de certificat du serveur distant. Seule la +configuration suivante permettra de retrouver la comparaison de CN +traditionnelle pour les versions 2.4.21 et suprieures : +

    +

    Exemple

    SSLProxyCheckPeerCN on
+SSLProxyCheckPeerName off
    @@ -1838,23 +1862,31 @@ certificats serveur distants Apache

    -Cette directive permet de configurer la vrification du nom d'hte dans -les certificats de serveur lorsque mod_ssl agit en tant que client SSL. -La vrification est concluante si le nom d'hte de l'URI de la requte -correspond soit l'extension subjectAltName, soit l'un des attributs -CN dans le sujet du certificat. Si la vrification choue, la requte -SSL est annule et un code d'erreur 502 (Bad Gateway) est renvoy. Cette -directive remplace la directive SSLProxyCheckPeerCN qui ne prenait en -compte que le premier attribut CN pour la vrification du nom d'hte. +Cette directive permet de configurer la vrification du nom d'hte pour +les certificats serveur lorsque mod_ssl agit en tant que client SSL. La +vrification russit si le nom d'hte de l'URI de la requte correspond un +des attributs CN du sujet du certificat, ou l'extension subjectAltName. Si la +vrification choue, la requte SSL +avorte, et un code d'erreur 502 (Bad Gateway) est renvoy. +

    +

    +Les caractres gnriques sont supports dans certains cas bien spcifiques : +une entre subjectAltName de type dNSName ou les attributs CN +commenant par *. correspondront tout nom d'hte comportant +le mme nombre de champs et le mme suffixe ; par exemple, +*.example.org correspondra foo.example.org, +mais pas foo.bar.example.org car le nombre d'lments dans les +nom est diffrent.

    -La vrification du nom d'hte avec caractres gnrique est supporte de -la manire suivante : les entres subjectAltName de type dNSName ou les -attributs CN commenant par *. correspondront tout nom -DNS comportant le mme nombre d'lments et le mme suffixe (par -exemple, *.example.org correspondra -foo.example.org, mais pas -foo.bar.example.org). +Cette fonctionnalit a t introduite avec la version 2.4.5 et l'emporte sur la +directive SSLProxyCheckPeerCN qui ne +comparait que la valeur exacte du premier attribut CN avec le nom d'hte. +Cependant, de nombreux utilisateurs taient dconcerts par le comportement +induit par l'utilisation de ces deux directives individuellement, si bien que ce +comportement a t amlior avec la version 2.4.21. Voir la description de la +directive SSLProxyCheckPeerCN pour le +comportement original et des dtails propos de ces amliorations.

    @@ -2445,7 +2477,7 @@ support
  • dc:UNIX:/chemin/vers/socket

    Cette valeur utilise les bibliothques de mise en cache de - sessions distribue sur cache distant "distcache". + sessions distribue sur distcache. L'argument doit spcifier le serveur ou mandataire utiliser en utilisant la syntaxe d'adressage distcache ; par exemple, UNIX:/chemin/vers/socket spcifie une socket de domaine diff --git a/docs/manual/mod/mod_status.html.en b/docs/manual/mod/mod_status.html.en index 707f5f41..472fb79d 100644 --- a/docs/manual/mod/mod_status.html.en +++ b/docs/manual/mod/mod_status.html.en @@ -87,7 +87,9 @@ performance

    Directives

    This module provides no directives.

    - +

    Bugfix checklist

    See also

    +
    top

    Enabling Status Support

    diff --git a/docs/manual/mod/mod_status.html.fr b/docs/manual/mod/mod_status.html.fr index b1164ded..3cde055e 100644 --- a/docs/manual/mod/mod_status.html.fr +++ b/docs/manual/mod/mod_status.html.fr @@ -89,7 +89,9 @@ du serveur fonctionnement

    • Directives

    Ce module ne fournit aucune directive.

    - +

    Traitement des bugs

    Voir aussi

    +
    top

    Activation du rapport d'tat

    diff --git a/docs/manual/mod/mod_status.html.ja.utf8 b/docs/manual/mod/mod_status.html.ja.utf8 index 9cf5c46e..521f5bc7 100644 --- a/docs/manual/mod/mod_status.html.ja.utf8 +++ b/docs/manual/mod/mod_status.html.ja.utf8 @@ -83,7 +83,9 @@
  • 機械読み取り可能なステータスファイル

    • ディレクティブ

    このモジュールにディレクティブはありません。

    -
    +

    Bugfix checklist

    参照

    +
    top

    Status を使用可能にする

    diff --git a/docs/manual/mod/mod_status.html.ko.euc-kr b/docs/manual/mod/mod_status.html.ko.euc-kr index 20e928de..a613c482 100644 --- a/docs/manual/mod/mod_status.html.ko.euc-kr +++ b/docs/manual/mod/mod_status.html.ko.euc-kr @@ -78,7 +78,9 @@
  • ǻͰ ִ Status

    • þ

    ⿡ þ ϴ.

    -
    +

    Bugfix checklist

    +
    top

    Status ϱ

    diff --git a/docs/manual/mod/mod_status.html.tr.utf8 b/docs/manual/mod/mod_status.html.tr.utf8 index 3129cb10..e3c26f39 100644 --- a/docs/manual/mod/mod_status.html.tr.utf8 +++ b/docs/manual/mod/mod_status.html.tr.utf8 @@ -82,7 +82,9 @@
  • Sorun gidermek için server-status kullanımı

    • Yönergeler

    Bu modül yönerge içermez.

    -
    +

    Bugfix checklist

    Ayrıca bakınız:

    +
    top

    Durum Bilgisi Desteğinin Etkinleştirilmesi

    diff --git a/docs/manual/mod/mod_substitute.html.en b/docs/manual/mod/mod_substitute.html.en index 93854e10..b51f2f76 100644 --- a/docs/manual/mod/mod_substitute.html.en +++ b/docs/manual/mod/mod_substitute.html.en @@ -46,7 +46,9 @@
  • SubstituteInheritBefore
  • SubstituteMaxLineLength
    • -
    +

    Bugfix checklist

    See also

    +
    top

    Substitute Directive

    @@ -72,11 +74,11 @@ Using the n flag forces the pattern to be treated as a fixed string.
    f
    -
    The f flag causes mod_substitute to flatten the +
    The f flag causes mod_substitute to flatten the result of a substitution allowing for later substitutions to take place on the boundary of this one. This is the default.
    q
    -
    The q flag causes mod_substitute to not +
    The q flag causes mod_substitute to not flatten the buckets after each substitution. This can result in much faster response and a decrease in memory utilization, but should only be used if there is no possibility @@ -103,7 +105,7 @@ when regular expressions are used, as illustrated in the following example:

    Example of using backreferences and captures

    <Location "/">
     AddOutputFilterByType SUBSTITUTE text/html
-    # "foo=k,bar=k" -> "foo/bar=k" 
+    # "foo=k,bar=k" -> "foo/bar=k"
     Substitute "s|foo=(\w+),bar=\1|foo/bar=$1"
 </Location>
    @@ -114,10 +116,10 @@ to the back-end server. These URLs don't work for the end-user, since the back-end server is unreachable.

    -

    In this case, mod_substutite can be used to rewrite +

    In this case, mod_substitute can be used to rewrite those URLs into something that will work from the front end:

    -

    Rewriting URLs embedded in proxied content

    ProxyPass "/blog/" "http://internal.blog.example.com"
+    
    Rewriting URLs embedded in proxied content
    ProxyPass        "/blog/" "http://internal.blog.example.com"
 ProxyPassReverse "/blog/" "http://internal.blog.example.com/"
 
 Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"
    
@@ -126,7 +128,7 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
     
    ProxyPassReverse
     modifies any Location (redirect) headers that are sent
     by the back-end server, and, in this example,
-    Substitute takes care of the rest of the problem by
+    Substitute takes care of the rest of the problem by
     fixing up the HTML response as well.
    
 
 
@@ -143,7 +145,7 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
 Module:mod_substitute
 Compatibility:Available in httpd 2.4.17 and later
 
-    
    Whether to apply the inherited Substitute
+    
    Whether to apply the inherited Substitute
     patterns first (on), or after the ones of the current
     context (off).
     SubstituteInheritBefore is itself inherited,
diff --git a/docs/manual/mod/mod_substitute.html.fr b/docs/manual/mod/mod_substitute.html.fr
index d813cd66..73812245 100644
--- a/docs/manual/mod/mod_substitute.html.fr
+++ b/docs/manual/mod/mod_substitute.html.fr
@@ -48,7 +48,9 @@ du serveur HTTP Apache
 
  •  SubstituteInheritBefore
    • 
 
  •  SubstituteMaxLineLength
    • 
 
-
    
+
    Traitement des bugs
    Voir aussi
    
+
    top

    Directive Substitute

    @@ -77,14 +79,14 @@ r modle en tant que chane fixe.
    f
    -
    Avec le drapeau f, mod_substitute met plat le +
    Avec le drapeau f, mod_substitute met plat le rsultat d'une substitution (les conteneurs ou buckets ne sont pas dissocis), ce qui permet d'ventuelles substitutions ultrieures de s'effectuer sur cette dernire. C'est le comportement par dfaut.
    q
    -
    Avec le drapeau q, mod_substitute dissocie les +
    Avec le drapeau q, mod_substitute dissocie les conteneurs (ou buckets) aprs chaque substitution. Ceci peut amliorer la rapidit de la rponse et diminuer la quantit de mmoire utilise, mais ne doit tre utilis que s'il n'existe @@ -126,11 +128,11 @@ r d'arrire-plan. Ces URLs ne fonctionnent pas pour l'utilisateur final car le serveur d'arrire-plan est hors d'atteinte.

    -

    On peut, dans ce cas, utiliser mod_substutite pour +

    On peut, dans ce cas, utiliser mod_substitute pour rcrire ces URLs afin qu'elles soit utilisables dans la partie situe derrire le mandataire :

    -

    Rcriture des URLs intgres un contenu mandat

    ProxyPass "/blog/" "http://internal.blog.example.com"
+    
    Rcriture des URLs intgres  un contenu mandat
    ProxyPass        "/blog/" "http://internal.blog.example.com"
 ProxyPassReverse "/blog/" "http://internal.blog.example.com/"
 
 Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"
    
@@ -139,7 +141,7 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
     
    La directive ProxyPassReverse modifie tout en-tte
     Location (redirection) envoy par le serveur
     d'arrire-plan et, dans cet exemple, la directive
-    Substitute se charge  son tour de la modification de
+    Substitute se charge  son tour de la modification de
     la rponse HTML.
    
 
 
@@ -158,8 +160,8 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
 Apache
 
     
    Cette directive permet de dfinir si l'on applique les modles
-Substitute hrits en premier (valeur
-on), ou aprs ceux du
+Substitute hrits en premier
+(valeur on), ou aprs ceux du
 contexte courant (valeur off). Sa valeur est maintenant
 dfinie par dfaut  on ; il est cependant possible de
 restaurer le comportement des versions 2.4 et antrieures du serveur qui
diff --git a/docs/manual/mod/mod_suexec.html.en b/docs/manual/mod/mod_suexec.html.en
index 31d33bc2..393ae114 100644
--- a/docs/manual/mod/mod_suexec.html.en
+++ b/docs/manual/mod/mod_suexec.html.en
@@ -46,10 +46,10 @@ and Group
 
    
-
    See also
    
+
    Bugfix checklist
    See also
    
 
    
+
  • Comments
    • top

    SuexecUserGroup Directive

    diff --git a/docs/manual/mod/mod_suexec.html.fr b/docs/manual/mod/mod_suexec.html.fr index c26e0201..6baf07a5 100644 --- a/docs/manual/mod/mod_suexec.html.fr +++ b/docs/manual/mod/mod_suexec.html.fr @@ -47,10 +47,10 @@ le groupe sp -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Directive SuexecUserGroup

    diff --git a/docs/manual/mod/mod_suexec.html.ja.utf8 b/docs/manual/mod/mod_suexec.html.ja.utf8 index 2b32aaa0..f564b8ad 100644 --- a/docs/manual/mod/mod_suexec.html.ja.utf8 +++ b/docs/manual/mod/mod_suexec.html.ja.utf8 @@ -51,10 +51,10 @@ -

    参照

    +

    Bugfix checklist

    参照

    +
  • コメント
    • top

    SuexecUserGroup ディレクティブ

    diff --git a/docs/manual/mod/mod_suexec.html.ko.euc-kr b/docs/manual/mod/mod_suexec.html.ko.euc-kr index b9e24ff3..6ec62d3d 100644 --- a/docs/manual/mod/mod_suexec.html.ko.euc-kr +++ b/docs/manual/mod/mod_suexec.html.ko.euc-kr @@ -49,10 +49,10 @@ -

    +

    Bugfix checklist

    +
  • Comments
    • top

    SuexecUserGroup þ

    diff --git a/docs/manual/mod/mod_suexec.html.tr.utf8 b/docs/manual/mod/mod_suexec.html.tr.utf8 index 58ef7db4..8b417332 100644 --- a/docs/manual/mod/mod_suexec.html.tr.utf8 +++ b/docs/manual/mod/mod_suexec.html.tr.utf8 @@ -47,10 +47,10 @@ -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    SuexecUserGroup Yönergesi

    diff --git a/docs/manual/mod/mod_unique_id.html.en b/docs/manual/mod/mod_unique_id.html.en index 8aac8166..13a8ec35 100644 --- a/docs/manual/mod/mod_unique_id.html.en +++ b/docs/manual/mod/mod_unique_id.html.en @@ -54,7 +54,9 @@ identifier for each request

    Directives

    This module provides no directives.

    -
    +

    Bugfix checklist

    See also

    +
    top

    Theory

    diff --git a/docs/manual/mod/mod_unique_id.html.fr b/docs/manual/mod/mod_unique_id.html.fr index f06b3772..f5b3cf7a 100644 --- a/docs/manual/mod/mod_unique_id.html.fr +++ b/docs/manual/mod/mod_unique_id.html.fr @@ -53,7 +53,9 @@ identifiant unique pour chaque requ
  • Thorie

    • Directives

    Ce module ne fournit aucune directive.

    -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Thorie

    diff --git a/docs/manual/mod/mod_unique_id.html.ja.utf8 b/docs/manual/mod/mod_unique_id.html.ja.utf8 index 8dfc3165..d6fafe83 100644 --- a/docs/manual/mod/mod_unique_id.html.ja.utf8 +++ b/docs/manual/mod/mod_unique_id.html.ja.utf8 @@ -57,7 +57,9 @@
  • 理論

    • ディレクティブ

    このモジュールにディレクティブはありません。

    -
    +

    Bugfix checklist

    参照

    +
    top

    理論

    diff --git a/docs/manual/mod/mod_unique_id.html.ko.euc-kr b/docs/manual/mod/mod_unique_id.html.ko.euc-kr index 87ce737e..75ad6671 100644 --- a/docs/manual/mod/mod_unique_id.html.ko.euc-kr +++ b/docs/manual/mod/mod_unique_id.html.ko.euc-kr @@ -53,7 +53,9 @@
  • ̷

    • þ

    ⿡ þ ϴ.

    -
    +

    Bugfix checklist

    +
    top

    ̷

    diff --git a/docs/manual/mod/mod_unixd.html.en b/docs/manual/mod/mod_unixd.html.en index b9c08e9d..d284d93f 100644 --- a/docs/manual/mod/mod_unixd.html.en +++ b/docs/manual/mod/mod_unixd.html.en @@ -42,10 +42,10 @@
  • Suexec
  • User
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    ChrootDir Directive

    diff --git a/docs/manual/mod/mod_unixd.html.fr b/docs/manual/mod/mod_unixd.html.fr index ea67a87a..5c0f5ffc 100644 --- a/docs/manual/mod/mod_unixd.html.fr +++ b/docs/manual/mod/mod_unixd.html.fr @@ -43,10 +43,10 @@ famille Unix.
  • Suexec
  • User
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Directive ChrootDir

    diff --git a/docs/manual/mod/mod_unixd.html.tr.utf8 b/docs/manual/mod/mod_unixd.html.tr.utf8 index 5ffcea3f..42647250 100644 --- a/docs/manual/mod/mod_unixd.html.tr.utf8 +++ b/docs/manual/mod/mod_unixd.html.tr.utf8 @@ -42,10 +42,10 @@
  • Suexec
  • User
    • -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    ChrootDir Yönergesi

    diff --git a/docs/manual/mod/mod_userdir.html.en b/docs/manual/mod/mod_userdir.html.en index 38334a31..8944ef40 100644 --- a/docs/manual/mod/mod_userdir.html.en +++ b/docs/manual/mod/mod_userdir.html.en @@ -45,13 +45,13 @@ -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    UserDir Directive

    @@ -93,7 +93,7 @@ tutorial

    If neither the enabled nor the disabled keywords appear in the - Userdir directive, the argument is treated as a + Userdir directive, the argument is treated as a filename pattern, and is used to turn the name into a directory specification. A request for http://www.example.com/~bob/one/two.html will be @@ -150,7 +150,7 @@ UserDir enabled user1 user2 user3

    It is also possible to specify alternative user directories. If you use a command like:

    - 
    UserDir public_html /usr/web http://www.example.com/
    + 
    UserDir "public_html" "/usr/web" "http://www.example.com/"

    With a request for @@ -166,7 +166,7 @@ UserDir enabled user1 user2 user3

    User directory substitution is not active by default in versions 2.1.4 and later. In earlier versions, UserDir public_html - was assumed if no UserDir + was assumed if no UserDir directive was present.

    Merging details

    diff --git a/docs/manual/mod/mod_userdir.html.fr b/docs/manual/mod/mod_userdir.html.fr index 67fb7d27..265ecb12 100644 --- a/docs/manual/mod/mod_userdir.html.fr +++ b/docs/manual/mod/mod_userdir.html.fr @@ -45,13 +45,13 @@ utilisant la syntaxe http://example.com/~utilisateur/.

    -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Directive UserDir

    @@ -95,7 +95,7 @@ utilisateur

    Si aucun mot-cl enabled ou disabled - n'apparait dans la directive Userdir, l'argument est + n'apparait dans la directive Userdir, l'argument est trait en tant que modle de fichier, et utilis pour traduire le nom d'utilisateur en une spcification de rpertoire. Une requte pour http://www.example.com/~bob/un/deux.html sera @@ -156,7 +156,7 @@ UserDir enabled user1 user2 user3

    Il est aussi possible de spcifier des rpertoires utilisateurs alternatifs. Si vous utilisez une commande comme :

    - 
    UserDir public_html /usr/web http://www.example.com/
    + 
    UserDir "public_html" "/usr/web" "http://www.example.com/"

    Avec une requte pour @@ -175,7 +175,7 @@ UserDir enabled user1 user2 user3

    La substitution de rpertoire utilisateur n'est pas active par dfaut depuis la version 2.1.4. Dans les versions prcdentes, UserDir public_html tait sous-entendu si aucune - directive UserDir + directive UserDir n'tait prsente.

    Dtails propos de la fusion

    diff --git a/docs/manual/mod/mod_userdir.html.ja.utf8 b/docs/manual/mod/mod_userdir.html.ja.utf8 index 6e3b53f3..8e678b7d 100644 --- a/docs/manual/mod/mod_userdir.html.ja.utf8 +++ b/docs/manual/mod/mod_userdir.html.ja.utf8 @@ -51,13 +51,13 @@ -

    参照

    +

    Bugfix checklist

    参照

    +
  • コメント
    • top

    UserDir ディレクティブ

    diff --git a/docs/manual/mod/mod_userdir.html.ko.euc-kr b/docs/manual/mod/mod_userdir.html.ko.euc-kr index 8f2946f9..77bad789 100644 --- a/docs/manual/mod/mod_userdir.html.ko.euc-kr +++ b/docs/manual/mod/mod_userdir.html.ko.euc-kr @@ -47,12 +47,12 @@ -

    +

    Bugfix checklist

    +
  • Comments
    • top

    UserDir þ

    diff --git a/docs/manual/mod/mod_userdir.html.tr.utf8 b/docs/manual/mod/mod_userdir.html.tr.utf8 index a581e085..b6e204a9 100644 --- a/docs/manual/mod/mod_userdir.html.tr.utf8 +++ b/docs/manual/mod/mod_userdir.html.tr.utf8 @@ -32,6 +32,7 @@  ko  |  tr 

    +
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    @@ -46,7 +47,7 @@ -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    UserDir Yönergesi

    diff --git a/docs/manual/mod/mod_usertrack.html.en b/docs/manual/mod/mod_usertrack.html.en index 0f84d085..b6fff495 100644 --- a/docs/manual/mod/mod_usertrack.html.en +++ b/docs/manual/mod/mod_usertrack.html.en @@ -51,7 +51,9 @@
  • CookieStyle
  • CookieTracking
    • -
    +

    Bugfix checklist

    See also

    +
    top

    Logging

    diff --git a/docs/manual/mod/mod_usertrack.html.fr b/docs/manual/mod/mod_usertrack.html.fr index fb6363bd..80276d80 100644 --- a/docs/manual/mod/mod_usertrack.html.fr +++ b/docs/manual/mod/mod_usertrack.html.fr @@ -52,7 +52,9 @@ utilisateur sur un site
  • CookieStyle
  • CookieTracking
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Journalisation

    diff --git a/docs/manual/mod/mod_version.html.en b/docs/manual/mod/mod_version.html.en index 51be07bc..a9ca11cd 100644 --- a/docs/manual/mod/mod_version.html.en +++ b/docs/manual/mod/mod_version.html.en @@ -57,7 +57,9 @@ -
    +

    Bugfix checklist

    See also

    +
    top

    <IfVersion> Directive

    diff --git a/docs/manual/mod/mod_version.html.ja.utf8 b/docs/manual/mod/mod_version.html.ja.utf8 index 8e756b73..2f81d933 100644 --- a/docs/manual/mod/mod_version.html.ja.utf8 +++ b/docs/manual/mod/mod_version.html.ja.utf8 @@ -57,7 +57,9 @@ -
    +

    Bugfix checklist

    参照

    +
    top

    <IfVersion> ディレクティブ

    diff --git a/docs/manual/mod/mod_version.html.ko.euc-kr b/docs/manual/mod/mod_version.html.ko.euc-kr index 69a8c01d..29be0731 100644 --- a/docs/manual/mod/mod_version.html.ko.euc-kr +++ b/docs/manual/mod/mod_version.html.ko.euc-kr @@ -65,7 +65,9 @@ -
    +

    Bugfix checklist

    +
    top

    <IfVersion> þ

    diff --git a/docs/manual/mod/mod_vhost_alias.html.en b/docs/manual/mod/mod_vhost_alias.html.en index 53aa3c53..1cd080c5 100644 --- a/docs/manual/mod/mod_vhost_alias.html.en +++ b/docs/manual/mod/mod_vhost_alias.html.en @@ -67,12 +67,12 @@ VirtualScriptAlias "/never/found/%0/cgi-bin/"
  • VirtualScriptAlias
  • VirtualScriptAliasIP
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    Directory Name Interpolation

    diff --git a/docs/manual/mod/mod_vhost_alias.html.fr b/docs/manual/mod/mod_vhost_alias.html.fr index 0167d17e..8749db13 100644 --- a/docs/manual/mod/mod_vhost_alias.html.fr +++ b/docs/manual/mod/mod_vhost_alias.html.fr @@ -69,12 +69,12 @@ VirtualScriptAlias "/never/found/%0/cgi-bin/"
  • VirtualScriptAlias
  • VirtualScriptAliasIP
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Interpolation du nom de rpertoire

    diff --git a/docs/manual/mod/mod_vhost_alias.html.tr.utf8 b/docs/manual/mod/mod_vhost_alias.html.tr.utf8 index 177928cb..3dceef68 100644 --- a/docs/manual/mod/mod_vhost_alias.html.tr.utf8 +++ b/docs/manual/mod/mod_vhost_alias.html.tr.utf8 @@ -66,12 +66,12 @@ VirtualScriptAlias "/nerede/bilinmiyor/%0/cgi-bin/"
  • VirtualScriptAlias
  • VirtualScriptAliasIP
    • -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    Dizin İsimlerinin Elde Edilmesi

    diff --git a/docs/manual/mod/mod_watchdog.html.en b/docs/manual/mod/mod_watchdog.html.en index 2f473990..e8e23aa6 100644 --- a/docs/manual/mod/mod_watchdog.html.en +++ b/docs/manual/mod/mod_watchdog.html.en @@ -54,7 +54,9 @@ core or, if a dynamic module, be loaded before the calling module. -
    +

    Bugfix checklist

    See also

    +
    top

    WatchdogInterval Directive

    diff --git a/docs/manual/mod/mod_xml2enc.html.en b/docs/manual/mod/mod_xml2enc.html.en index feed0be3..a248d9a4 100644 --- a/docs/manual/mod/mod_xml2enc.html.en +++ b/docs/manual/mod/mod_xml2enc.html.en @@ -59,7 +59,9 @@ for 2.2.x versions
    Açıklama:Kullanıcılara özel dizinler
    Durum:Temel
    Modül Betimleyici:userdir_module
  • xml2EncDefault
  • xml2StartParse
    • - +

    Bugfix checklist

    See also

    +
    top

    Usage

    diff --git a/docs/manual/mod/mod_xml2enc.html.fr b/docs/manual/mod/mod_xml2enc.html.fr index 35929214..0cf02ad2 100644 --- a/docs/manual/mod/mod_xml2enc.html.fr +++ b/docs/manual/mod/mod_xml2enc.html.fr @@ -61,7 +61,9 @@ Disponible en tant que module tiers dans les versions 2.2.x
  • xml2EncDefault
  • xml2StartParse
    • -
    +

    Traitement des bugs

    Voir aussi

    +
    top

    Utilisation

    diff --git a/docs/manual/mod/module-dict.html.en b/docs/manual/mod/module-dict.html.en index 8dd8e9a2..0ad3b1a5 100644 --- a/docs/manual/mod/module-dict.html.en +++ b/docs/manual/mod/module-dict.html.en @@ -38,7 +38,7 @@
  • Source File
  • Module Identifier
  • Compatibility
    • -
    +

    See also

    top

    Description

    diff --git a/docs/manual/mod/module-dict.html.fr b/docs/manual/mod/module-dict.html.fr index a620890c..77f92f96 100644 --- a/docs/manual/mod/module-dict.html.fr +++ b/docs/manual/mod/module-dict.html.fr @@ -37,7 +37,7 @@
  • Fichier source
  • Identificateur de module
  • Compatibilit
    • -
    +

    Voir aussi

    top

    Description

    diff --git a/docs/manual/mod/module-dict.html.ja.utf8 b/docs/manual/mod/module-dict.html.ja.utf8 index 7541c07f..9ac82006 100644 --- a/docs/manual/mod/module-dict.html.ja.utf8 +++ b/docs/manual/mod/module-dict.html.ja.utf8 @@ -38,7 +38,7 @@
  • ソースファイル
  • モジュール識別子
  • 互換性
    • -
    +

    参照

    top

    説明

    diff --git a/docs/manual/mod/module-dict.html.ko.euc-kr b/docs/manual/mod/module-dict.html.ko.euc-kr index 5ecf5ef4..bedfe23a 100644 --- a/docs/manual/mod/module-dict.html.ko.euc-kr +++ b/docs/manual/mod/module-dict.html.ko.euc-kr @@ -38,7 +38,7 @@
  • ҽ
    • -
    +

    top

    diff --git a/docs/manual/mod/module-dict.html.tr.utf8 b/docs/manual/mod/module-dict.html.tr.utf8 index 3f32a95e..962fe396 100644 --- a/docs/manual/mod/module-dict.html.tr.utf8 +++ b/docs/manual/mod/module-dict.html.tr.utf8 @@ -37,7 +37,7 @@
  • Kaynak Dosyası
  • Modül Betimleyici
  • Uyumluluk
    • -
    +

    Ayrıca bakınız:

    top

    Açıklama

    diff --git a/docs/manual/mod/mpm_common.html.de b/docs/manual/mod/mpm_common.html.de index 2d2147e0..5c7d0c90 100644 --- a/docs/manual/mod/mpm_common.html.de +++ b/docs/manual/mod/mpm_common.html.de @@ -63,7 +63,9 @@
  • ThreadsPerChild
  • ThreadStackSize
    • -
    +

    Bugfix checklist

    Siehe auch

    +
    top

    CoreDumpDirectory-Direktive

    diff --git a/docs/manual/mod/mpm_common.html.en b/docs/manual/mod/mpm_common.html.en index 7730cc8d..a92386d6 100644 --- a/docs/manual/mod/mpm_common.html.en +++ b/docs/manual/mod/mpm_common.html.en @@ -60,7 +60,9 @@ more than one multi-processing module (MPM)
  • ThreadsPerChild
  • ThreadStackSize
    • -
    +

    Bugfix checklist

    See also

    +
    top

    CoreDumpDirectory Directive

    @@ -277,6 +279,13 @@ in *BSDs. then make each child handle a single bucket (with round-robin distribution of the buckets at children creation time).

    +

    Meaning of "online" CPU core

    +

    On Linux (and also BSD) a CPU core can be turned on/off if + Hotplug + is configured, therefore ListenCoresBucketsRatio needs to + take this parameter into account while calculating the number of buckets to create.

    +
    +

    ListenCoresBucketsRatio can improve the scalability when accepting new connections is/becomes the bottleneck. On systems with a large number of CPU cores, enabling this feature has @@ -286,7 +295,10 @@ in *BSDs.

    There must be at least twice the number of CPU cores than the configured ratio for this to be active. The recommended ratio is 8, hence at least 16 - cores should be available at runtime when this value is used.

    + cores should be available at runtime when this value is used. + The right ratio to obtain maximum performance needs to be calculated + for each target system, testing multiple values and observing the variations in your + key performance metrics.

    top
    diff --git a/docs/manual/mod/mpm_common.html.fr b/docs/manual/mod/mpm_common.html.fr index 97319d63..a567006d 100644 --- a/docs/manual/mod/mpm_common.html.fr +++ b/docs/manual/mod/mpm_common.html.fr @@ -60,7 +60,9 @@ modules multi-processus (MPM)
  • ThreadsPerChild
  • ThreadStackSize
    • - +

    Traitement des bugs

    Voir aussi

    +
    top

    Directive CoreDumpDirectory

    @@ -300,7 +302,7 @@ plateformes de type BSD.

    Vous pouvez utiliser la directive ListenCoresBucketsRatio pour spcifier un ratio entre le nombre de coeurs de CPU activs et le - nombre de segments d'coute (listeners' buckets) souhaits ; le + nombre de segments d'coute (listeners' buckets) souhaits ; le serveur HTTP Apache va alors crernum_cpu_cores / ratio segments d'coute, chacun contenant son propre socket d'coute Listen sur le ou les mmes ports ; chaque @@ -308,6 +310,13 @@ plateformes de type BSD. distribution de type round-robin des segments la cration des processus enfants).

    +

    Dfinition du terme coeur de CPU activ ("online")

    +

    Sous Linux et BSD, un coeur de CPU peut tre activ ou dsactiv si Hotplug + a t configur ; la directive + ListenCoresBucketsRatio doit donc tenir compte de ce + paramtre pour calculer le nombre de segments d'coute crer.

    +
    +

    La directive ListenCoresBucketsRatio peut amliorer le support de la monte en charge lorsque l'arrive de nouvelles connexions est/devient un goulot d'tranglement. Le test @@ -319,7 +328,10 @@ plateformes de type BSD. de CPU doit tre gal au moins au double du ratio spcifi. Si vous spcifiez la valeur recommande pour ratio, savoir 8, le nombre minimum de - coeurs de processeurs disponibles sera alors de 16.

    + coeurs de processeurs disponibles sera alors de 16. La valeur + optimale de ratio permettant d'obtenir des performances maximales + doit tre calcule pour chaque systme cible, en testant plusieurs valeurs + et en observant les rsultats.

    top
    diff --git a/docs/manual/mod/mpm_common.html.ja.utf8 b/docs/manual/mod/mpm_common.html.ja.utf8 index 506094c7..d865efa9 100644 --- a/docs/manual/mod/mpm_common.html.ja.utf8 +++ b/docs/manual/mod/mpm_common.html.ja.utf8 @@ -64,7 +64,9 @@
  • ThreadsPerChild
  • ThreadStackSize
    • - +

    Bugfix checklist

    参照

    +
    top

    CoreDumpDirectory ディレクティブ

    diff --git a/docs/manual/mod/mpm_common.html.tr.utf8 b/docs/manual/mod/mpm_common.html.tr.utf8 index 14380cd1..3f05bc1f 100644 --- a/docs/manual/mod/mpm_common.html.tr.utf8 +++ b/docs/manual/mod/mpm_common.html.tr.utf8 @@ -32,6 +32,7 @@  ja  |  tr 

    +
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    Açıklama:Birden fazla Çok Süreçlilik Modülü (MPM) tarafından gerçeklenmiş yönergeler bütünü.
    Durum:MPM
    @@ -60,7 +61,9 @@
  • ThreadsPerChild
  • ThreadStackSize
    • - +

    Bugfix checklist

    Ayrıca bakınız:

    +
    top

    CoreDumpDirectory Yönergesi

    diff --git a/docs/manual/mod/mpm_netware.html.en b/docs/manual/mod/mpm_netware.html.en index a537fe15..261995fe 100644 --- a/docs/manual/mod/mpm_netware.html.en +++ b/docs/manual/mod/mpm_netware.html.en @@ -80,12 +80,12 @@
  • StartThreads
  • ThreadStackSize
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    MaxThreads Directive

    diff --git a/docs/manual/mod/mpm_netware.html.fr b/docs/manual/mod/mpm_netware.html.fr index 502e85ce..a67d4242 100644 --- a/docs/manual/mod/mpm_netware.html.fr +++ b/docs/manual/mod/mpm_netware.html.fr @@ -81,12 +81,12 @@ NetWare
  • StartThreads
  • ThreadStackSize
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Directive MaxThreads

    diff --git a/docs/manual/mod/mpm_winnt.html.de b/docs/manual/mod/mpm_winnt.html.de index dab7e911..8f52ebc5 100644 --- a/docs/manual/mod/mpm_winnt.html.de +++ b/docs/manual/mod/mpm_winnt.html.de @@ -62,7 +62,9 @@
  • ThreadsPerChild
  • ThreadStackSize
    • -
    +

    Bugfix checklist

    Siehe auch

    +
    diff --git a/docs/manual/mod/mpm_winnt.html.en b/docs/manual/mod/mpm_winnt.html.en index 55b65471..53ace45e 100644 --- a/docs/manual/mod/mpm_winnt.html.en +++ b/docs/manual/mod/mpm_winnt.html.en @@ -119,10 +119,10 @@ AcceptFilter https none
  • ThreadsPerChild
  • ThreadStackSize
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • diff --git a/docs/manual/mod/mpm_winnt.html.fr b/docs/manual/mod/mpm_winnt.html.fr index 68a733c3..05522f3c 100644 --- a/docs/manual/mod/mpm_winnt.html.fr +++ b/docs/manual/mod/mpm_winnt.html.fr @@ -124,11 +124,11 @@ AcceptFilter https none
  • ThreadsPerChild
  • ThreadStackSize
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • diff --git a/docs/manual/mod/mpm_winnt.html.ja.utf8 b/docs/manual/mod/mpm_winnt.html.ja.utf8 index 1ae6b468..998462c6 100644 --- a/docs/manual/mod/mpm_winnt.html.ja.utf8 +++ b/docs/manual/mod/mpm_winnt.html.ja.utf8 @@ -64,7 +64,9 @@
  • ThreadsPerChild
  • ThreadStackSize
    • -
    +

    Bugfix checklist

    参照

    +
    diff --git a/docs/manual/mod/mpmt_os2.html.en b/docs/manual/mod/mpmt_os2.html.en index 0a0db8c8..2a1fe435 100644 --- a/docs/manual/mod/mpmt_os2.html.en +++ b/docs/manual/mod/mpmt_os2.html.en @@ -64,11 +64,11 @@
  • StartServers
  • User
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • diff --git a/docs/manual/mod/mpmt_os2.html.fr b/docs/manual/mod/mpmt_os2.html.fr index abb80d52..2eda66a4 100644 --- a/docs/manual/mod/mpmt_os2.html.fr +++ b/docs/manual/mod/mpmt_os2.html.fr @@ -65,11 +65,11 @@ OS/2
  • StartServers
  • User
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • diff --git a/docs/manual/mod/prefork.html.de b/docs/manual/mod/prefork.html.de index 030a0945..80cde7fb 100644 --- a/docs/manual/mod/prefork.html.de +++ b/docs/manual/mod/prefork.html.de @@ -81,11 +81,11 @@
  • StartServers
  • User
    • -

    Siehe auch

    +

    Bugfix checklist

    Siehe auch

    +
  • Kommentare
    • top

    Arbeitsweise

    diff --git a/docs/manual/mod/prefork.html.en b/docs/manual/mod/prefork.html.en index bf95a5a8..4d54ad44 100644 --- a/docs/manual/mod/prefork.html.en +++ b/docs/manual/mod/prefork.html.en @@ -76,11 +76,11 @@
  • StartServers
  • User
    • -

    See also

    +

    Bugfix checklist

    See also

    +
  • Comments
    • top

    How it Works

    diff --git a/docs/manual/mod/prefork.html.fr b/docs/manual/mod/prefork.html.fr index 065c3333..19b35d9a 100644 --- a/docs/manual/mod/prefork.html.fr +++ b/docs/manual/mod/prefork.html.fr @@ -79,11 +79,11 @@ processus, sans thread
  • StartServers
  • User
    • -

    Voir aussi

    +

    Traitement des bugs

    Voir aussi

    +
  • Commentaires
    • top

    Comment a marche

    diff --git a/docs/manual/mod/prefork.html.ja.utf8 b/docs/manual/mod/prefork.html.ja.utf8 index c114aafd..69d60809 100644 --- a/docs/manual/mod/prefork.html.ja.utf8 +++ b/docs/manual/mod/prefork.html.ja.utf8 @@ -83,11 +83,11 @@
  • StartServers
  • User
    • -

    参照

    +

    Bugfix checklist

    参照

    +
  • コメント
    • top

    動作方法

    diff --git a/docs/manual/mod/prefork.html.tr.utf8 b/docs/manual/mod/prefork.html.tr.utf8 index 26b2ffb2..e8f8a43b 100644 --- a/docs/manual/mod/prefork.html.tr.utf8 +++ b/docs/manual/mod/prefork.html.tr.utf8 @@ -76,11 +76,11 @@
  • StartServers
  • User
    • -

    Ayrıca bakınız:

    +

    Bugfix checklist

    Ayrıca bakınız:

    +
  • Yorum
    • top

    Nasıl çalışır?

    diff --git a/docs/manual/mod/quickreference.html.de b/docs/manual/mod/quickreference.html.de index 345b6c34..59b4d28d 100644 --- a/docs/manual/mod/quickreference.html.de +++ b/docs/manual/mod/quickreference.html.de @@ -335,164 +335,162 @@ CGI program CGI-Skripte CGIPassAuth On|Off Off dhCEnables passing HTTP authorization headers to scripts as CGI variables -CharsetDefault charsetsvdhECharset to translate into -CharsetOptions option [option] ... ImplicitAdd svdhEConfigures charset translation behavior -CharsetSourceEnc charsetsvdhESource charset of files -CheckCaseOnly on|off Off svdhELimits the action of the speling module to case corrections -CheckSpelling on|off Off svdhEEnables the spelling +CGIVar variable ruledhCControls how some CGI variables are set +CharsetDefault charsetsvdhECharset to translate into +CharsetOptions option [option] ... ImplicitAdd svdhEConfigures charset translation behavior +CharsetSourceEnc charsetsvdhESource charset of files +CheckCaseOnly on|off Off svdhELimits the action of the speling module to case corrections +CheckSpelling on|off Off svdhEEnables the spelling module -ChrootDir /path/to/directorysBDirectory for apache to run chroot(8) after startup. -ContentDigest On|Off Off svdhCAktiviert die Generierung von Content-MD5 +ChrootDir /path/to/directorysBDirectory for apache to run chroot(8) after startup. +ContentDigest On|Off Off svdhCAktiviert die Generierung von Content-MD5 HTTP-Response-Headern -CookieDomain domainsvdhEThe domain to which the tracking cookie applies -CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie -CookieName token Apache svdhEName of the tracking cookie -CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field -CookieTracking on|off off svdhEEnables tracking cookie -CoreDumpDirectory VerzeichnissMVerzeichnis, in das der Apache zu wechseln versucht, bevor er +CookieDomain domainsvdhEThe domain to which the tracking cookie applies +CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie +CookieName token Apache svdhEName of the tracking cookie +CookieStyle + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field +CookieTracking on|off off svdhEEnables tracking cookie +CoreDumpDirectory VerzeichnissMVerzeichnis, in das der Apache zu wechseln versucht, bevor er einen Hauptspeicherauszug erstellt -CustomLog file|pipe +CustomLog file|pipe format|nickname [env=[!]environment-variable| -expr=expression]svBSets filename and format of log file -Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods -DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests -DavGenericLockDB file-pathsvdELocation of the DAV lock database -DavLockDB file-pathsvELocation of the DAV lock database -DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on +expr=expression]svBSets filename and format of log file +Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods +DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests +DavGenericLockDB file-pathsvdELocation of the DAV lock database +DavLockDB file-pathsvELocation of the DAV lock database +DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on a DAV resource -DBDExptime time-in-seconds 300 svEKeepalive time for idle connections -DBDInitSQL "SQL statement"svEExecute an SQL statement after connecting to a database -DBDKeep number 2 svEMaximum sustained number of connections -DBDMax number 10 svEMaximum number of connections -DBDMin number 1 svEMinimum number of connections -DBDParams -param1=value1[,param2=value2]svEParameters for database connection -DBDPersist On|OffsvEWhether to use persistent connections -DBDPrepareSQL "SQL statement" labelsvEDefine an SQL prepared statement -DBDriver namesvESpecify an SQL driver -DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is +DBDExptime time-in-seconds 300 svEKeepalive time for idle connections +DBDInitSQL "SQL statement"svEExecute an SQL statement after connecting to a database +DBDKeep number 2 svEMaximum sustained number of connections +DBDMax number 10 svEMaximum number of connections +DBDMin number 1 svEMinimum number of connections +DBDParams +param1=value1[,param2=value2]svEParameters for database connection +DBDPersist On|OffsvEWhether to use persistent connections +DBDPrepareSQL "SQL statement" labelsvEDefine an SQL prepared statement +DBDriver namesvESpecify an SQL driver +DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is configured -DefaultLanguage language-tagsvdhBDefines a default language-tag to be sent in the Content-Language +DefaultLanguage language-tagsvdhBDefines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means. -DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sCBase directory for the server run-time files -DefaultType MIME-Type text/plain svdhCMIME-Content-Type, der gesendet wird, wenn der Server den Typ +DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sCBase directory for the server run-time files +DefaultType MIME-Type text/plain svdhCMIME-Content-Type, der gesendet wird, wenn der Server den Typ nicht auf andere Weise ermitteln kann. -Define ParameternamesCDefine the existence of a variable -DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib -DeflateCompressionLevel valuesvEHow much compression do we apply to the output -DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging -DeflateInflateLimitRequestBodyvaluesvdhEMaximum size of inflated request bodies -DeflateInflateRatioBurst valuesvdhEMaximum number of times the inflation ratio for request bodies +Define ParameternamesCDefine the existence of a variable +DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib +DeflateCompressionLevel valuesvEHow much compression do we apply to the output +DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging +DeflateInflateLimitRequestBodyvaluesvdhEMaximum size of inflated request bodies +DeflateInflateRatioBurst valuesvdhEMaximum number of times the inflation ratio for request bodies can be crossed -DeflateInflateRatioLimit valuesvdhEMaximum inflation ratio for request bodies -DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression -DeflateWindowSize value 15 svEZlib compression window size - Deny from all|host|env=[!]env-variable -[host|env=[!]env-variable] ...dhEControls which hosts are denied access to the +DeflateInflateRatioLimit valuesvdhEMaximum inflation ratio for request bodies +DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression +DeflateWindowSize value 15 svEZlib compression window size + Deny from all|host|env=[!]env-variable +[host|env=[!]env-variable] ...dhEControls which hosts are denied access to the server -<Directory Verzeichnispfad> -... </Directory>svCUmschliet eine Gruppe von Direktiven, die nur auf +<Directory Verzeichnispfad> +... </Directory>svCUmschliet eine Gruppe von Direktiven, die nur auf das genannte Verzeichnis des Dateisystems und Unterverzeichnisse angewendet werden -DirectoryCheckHandler On|Off Off svdhBToggle how this module responds when another handler is configured -DirectoryIndex - disabled | local-url [local-url] ... index.html svdhBList of resources to look for when the client requests +DirectoryCheckHandler On|Off Off svdhBToggle how this module responds when another handler is configured +DirectoryIndex + disabled | local-url [local-url] ... index.html svdhBList of resources to look for when the client requests a directory -DirectoryIndexRedirect on | off | permanent | temp | seeother | +DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code - off svdhBConfigures an external redirect for directory indexes. + off svdhBConfigures an external redirect for directory indexes. -<DirectoryMatch regex> -... </DirectoryMatch>svCUmschliet eine Gruppe von Direktiven, die auf +<DirectoryMatch regex> +... </DirectoryMatch>svCUmschliet eine Gruppe von Direktiven, die auf Verzeichnisse des Dateisystems und ihre Unterverzeichnisse abgebildet werden, welche auf einen regulren Ausdruck passen -DirectorySlash On|Off On svdhBToggle trailing slash redirects on or off -DocumentRoot Verzeichnis /usr/local/apache/h +svCVerzeichnis, welches den Haupt-Dokumentenbaum bildet, der im +DirectorySlash On|Off On svdhBToggle trailing slash redirects on or off +DocumentRoot Verzeichnis /usr/local/apache/h +svCVerzeichnis, welches den Haupt-Dokumentenbaum bildet, der im Web sichtbar ist. -DTracePrivileges On|Off Off sXDetermines whether the privileges required by dtrace are enabled. -DumpIOInput On|Off Off sEDump all input data to the error log -DumpIOOutput On|Off Off sEDump all output data to the error log -<Else> ... </Else>svdhCContains directives that apply only if the condition of a +DTracePrivileges On|Off Off sXDetermines whether the privileges required by dtrace are enabled. +DumpIOInput On|Off Off sEDump all input data to the error log +DumpIOOutput On|Off Off sEDump all output data to the error log +<Else> ... </Else>svdhCContains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime -<ElseIf expression> ... </ElseIf>svdhCContains directives that apply only if a condition is satisfied +<ElseIf expression> ... </ElseIf>svdhCContains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied -EnableExceptionHook On|Off Off sMAktiviert einen Hook, der nach einem Absturz noch +EnableExceptionHook On|Off Off sMAktiviert einen Hook, der nach einem Absturz noch Ausnahmefehler behandeln lassen kann -EnableMMAP On|Off On svdhCVerwende Memory-Mapping, um Dateien whrend der +EnableMMAP On|Off On svdhCVerwende Memory-Mapping, um Dateien whrend der Auslieferung zu lesen -EnableSendfile On|Off On svdhCVerwende die sendfile-Untersttzung des Kernels, um +EnableSendfile On|Off On svdhCVerwende die sendfile-Untersttzung des Kernels, um Dateien an den Client auszuliefern -Error messagesvdhCAbort configuration parsing with a custom error message -ErrorDocument Fehlercode DokumentsvdhCDas, was der Server im Fehlerfall an den Client +Error messagesvdhCAbort configuration parsing with a custom error message +ErrorDocument Fehlercode DokumentsvdhCDas, was der Server im Fehlerfall an den Client zurckgibt - ErrorLog Dateiname|syslog[:facility] logs/error_log (Uni +svCAblageort, an dem der Server Fehler protokolliert - ErrorLogFormat [connection|request] formatsvCFormat specification for error log entries -ExamplesvdhXDemonstration directive to illustrate the Apache module + ErrorLog Dateiname|syslog[:facility] logs/error_log (Uni +svCAblageort, an dem der Server Fehler protokolliert + ErrorLogFormat [connection|request] formatsvCFormat specification for error log entries +ExamplesvdhXDemonstration directive to illustrate the Apache module API -ExpiresActive On|Off Off svdhEEnables generation of Expires +ExpiresActive On|Off Off svdhEEnables generation of Expires headers -ExpiresByType MIME-type -<code>secondssvdhEValue of the Expires header configured +ExpiresByType MIME-type +<code>secondssvdhEValue of the Expires header configured by MIME type -ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time -ExtendedStatus On|Off Off[*] sCKeep track of extended status information for each +ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time +ExtendedStatus On|Off Off[*] sCKeep track of extended status information for each request -ExtFilterDefine filtername parameterssEDefine an external filter -ExtFilterOptions option [option] ... NoLogStderr dEConfigure mod_ext_filter options -FallbackResource disabled | local-urlsvdhBDefine a default URL for requests that don't map to a file -FileETag Komponente ... INode MTime Size svdhCDateiattribute, die zur Erstellung des HTTP-Response-Headers +ExtFilterDefine filtername parameterssEDefine an external filter +ExtFilterOptions option [option] ... NoLogStderr dEConfigure mod_ext_filter options +FallbackResource disabled | local-urlsvdhBDefine a default URL for requests that don't map to a file +FileETag Komponente ... INode MTime Size svdhCDateiattribute, die zur Erstellung des HTTP-Response-Headers ETag verwendet werden -<Files Dateiname> ... </Files>svdhCEnthlt Direktiven, die sich nur auf passende Dateinamen +<Files Dateiname> ... </Files>svdhCEnthlt Direktiven, die sich nur auf passende Dateinamen beziehen -<FilesMatch regex> ... </FilesMatch>svdhCEnthlt Direktiven, die fr Dateinamen gelten, die +<FilesMatch regex> ... </FilesMatch>svdhCEnthlt Direktiven, die fr Dateinamen gelten, die auf einen regulren Ausdruck passen -FilterChain [+=-@!]filter-name ...svdhBConfigure the filter chain -FilterDeclare filter-name [type]svdhBDeclare a smart filter -FilterProtocol filter-name [provider-name] - proto-flagssvdhBDeal with correct HTTP protocol handling -FilterProvider filter-name provider-name - expressionsvdhBRegister a content filter -FilterTrace filter-name levelsvdBGet debug/diagnostic information from +FilterChain [+=-@!]filter-name ...svdhBConfigure the filter chain +FilterDeclare filter-name [type]svdhBDeclare a smart filter +FilterProtocol filter-name [provider-name] + proto-flagssvdhBDeal with correct HTTP protocol handling +FilterProvider filter-name provider-name + expressionsvdhBRegister a content filter +FilterTrace filter-name levelsvdBGet debug/diagnostic information from mod_filter -ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not +ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not found -ForceType MIME-Type|NonedhCErzwingt die Auslieferung aller passendenden Dateien mit dem +ForceType MIME-Type|NonedhCErzwingt die Auslieferung aller passendenden Dateien mit dem angegebenen MIME-Content-Type -ForensicLog filename|pipesvESets filename of the forensic log -GlobalLog file|pipe|provider +ForensicLog filename|pipesvESets filename of the forensic log +GlobalLogfile|pipe format|nickname [env=[!]environment-variable| -expr=expression]sBSets filename and format of log file -GprofDir /tmp/gprof/|/tmp/gprof/%svCDirectory to write gmon.out profiling data to. -GracefulShutdownTimeout seconds 0 sMSpecify a timeout after which a gracefully shutdown server +expr=expression]sBSets filename and format of log file +GprofDir /tmp/gprof/|/tmp/gprof/%svCDirectory to write gmon.out profiling data to. +GracefulShutdownTimeout seconds 0 sMSpecify a timeout after which a gracefully shutdown server will exit. -Group unix-group #-1 sBGroup under which the server will answer +Group unix-group #-1 sBGroup under which the server will answer requests -H2Direct on|off on for h2c, off for +svEH2 Direct Protocol Switch -H2KeepAliveTimeout secondssvETimeout (in seconds) for idle HTTP/2 connections +H2Direct on|off on for h2c, off for +svEH2 Direct Protocol Switch H2MaxSessionStreams n 100 svEMaximum number of active streams per HTTP/2 session. H2MaxWorkerIdleSeconds n 600 sEMaximum number of seconds h2 workers remain idle until shut down. H2MaxWorkers nsEMaximum number of worker threads to use per child process. H2MinWorkers nsEMinimal number of worker threads to use per child process. H2ModernTLSOnly on|off on svERequire HTTP/2 connections to be "modern TLS" only H2Push on|off on svEH2 Server Push Switch -H2PushDiarySize n 256 svEH2 Server Push Diary Size -H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svEH2 Server Push Priority +H2PushDiarySize n 256 svEH2 Server Push Diary Size +H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svEH2 Server Push Priority H2SerializeHeaders on|off off svESerialize Request/Response Processing Switch H2SessionExtraFiles nsvENumber of Extra File Handles H2StreamMaxMemSize bytes 65536 svEMaximum amount of output data buffered per stream. -H2StreamTimeout seconds 0 svETimeout (in seconds) for idle HTTP/2 connections -H2Timeout seconds 5 svETimeout (in seconds) for HTTP/2 connections -H2TLSCoolDownSecs seconds 1 svE- -H2TLSWarmUpSize amount 1048576 svE- +H2TLSCoolDownSecs seconds 1 svE- +H2TLSWarmUpSize amount 1048576 svE- H2Upgrade on|off on for h2c, off for +svEH2 Upgrade Protocol Switch H2WindowSize bytes 65535 svESize of Stream Window for upstream data. Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note @@ -561,7 +559,7 @@ auf nachfolgende Anfragen wartet the specified maximum size, for potential use by filters such as mod_include. LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +...svdhBThe precedence of language variants for cases where the client does not express a preference LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache LDAPCacheTTL seconds 600 sETime that cached items remain valid @@ -731,390 +729,392 @@ proxied ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. +ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters +ProxyHCTPsize <size>svESets the size of the threadpool used for the health check workers. +ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is -fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is + fully qualified +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP request headers -RequestReadTimeout +svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource - MapTypeOptions -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU Sekunden|max [Sekunden|max]svdhCBegrenzt den CPU-Verbrauch von Prozessen, die von +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU Sekunden|max [Sekunden|max]svdhCBegrenzt den CPU-Verbrauch von Prozessen, die von Apache-Kindprozessen gestartet wurden -RLimitMEM Bytes|max [Bytes|max]svdhCBegrenzt den Speicherverbrauch von Prozessen, die von +RLimitMEM Bytes|max [Bytes|max]svdhCBegrenzt den Speicherverbrauch von Prozessen, die von Apache-Kindprozessen gestartet wurden -RLimitNPROC Zahl|max [Zahl|max]svdhCBegrenzt die Anzahl der Prozesse, die von Prozessen gestartet +RLimitNPROC Zahl|max [Zahl|max]svdhCBegrenzt die Anzahl der Prozesse, die von Prozessen gestartet werden knnen, der ihrerseits von Apache-Kinprozessen gestartet wurden -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile Dateipfad logs/apache_status sMAblageort der Datei, die zur Speicherung von Daten zur +ScoreBoardFile Dateipfad logs/apache_status sMAblageort der Datei, die zur Speicherung von Daten zur Koordinierung der Kindprozesse verwendet wird -Script Methode CGI-SkriptsvdBAktiviert ein CGI-Skript fr eine bestimmte +Script Methode CGI-SkriptsvdBAktiviert ein CGI-Skript fr eine bestimmte Anfragemethode. -ScriptAlias [URL-path] -file-path|directory-pathsvdBMaps a URL to a filesystem location and designates the +ScriptAlias [URL-path] +file-path|directory-pathsvdBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCMethode zur Ermittlung des Interpreters von +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCMethode zur Ermittlung des Interpreters von CGI-Skripten -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize Bytes 0 sMGre des TCP-Puffers -ServerAdmin E-Mail-Adresse|URLsvCE-Mail-Adresse, die der Server in Fehlermeldungen einfgt, +SendBufferSize Bytes 0 sMGre des TCP-Puffers +ServerAdmin E-Mail-Adresse|URLsvCE-Mail-Adresse, die der Server in Fehlermeldungen einfgt, welche an den Client gesendet werden -ServerAlias Hostname [Hostname] ...vCAlternativer Name fr einen Host, der verwendet wird, wenn +ServerAlias Hostname [Hostname] ...vCAlternativer Name fr einen Host, der verwendet wird, wenn Anfragen einem namensbasierten virtuellen Host zugeordnet werden -ServerLimit AnzahlsMObergrenze fr die konfigurierbare Anzahl von +ServerLimit AnzahlsMObergrenze fr die konfigurierbare Anzahl von Prozessen -ServerName -voll-qualifizierter-Domainname[:port]svCRechnername und Port, die der Server dazu verwendet, sich +ServerName +voll-qualifizierter-Domainname[:port]svCRechnername und Port, die der Server dazu verwendet, sich selbst zu identifizieren -ServerPath URL-PfadvCVeralteter URL-Pfad fr einen namensbasierten +ServerPath URL-PfadvCVeralteter URL-Pfad fr einen namensbasierten virtuellen Host, auf den von einem inkompatiblen Browser zugegriffen wird -ServerRoot Verzeichnis /usr/local/apache sCBasisverzeichnis der Serverinstallation -ServerSignature On|Off|EMail Off svdhCKonfiguriert die Fuzeile von servergenerierten +ServerRoot Verzeichnis /usr/local/apache sCBasisverzeichnis der Serverinstallation +ServerSignature On|Off|EMail Off svdhCKonfiguriert die Fuzeile von servergenerierten Dokumenten -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCKonfiguriert den HTTP-Response-Header +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCKonfiguriert den HTTP-Response-Header Server -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable [value]svdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable [value]svdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler Handlername|NonesvdhCErzwingt die Verarbeitung aller passenden Dateien durch +SetHandler Handlername|NonesvdhCErzwingt die Verarbeitung aller passenden Dateien durch einen Handler -SetInputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Client-Anfragen und POST-Eingaben +SetInputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Client-Anfragen und POST-Eingaben verarbeiten -SetOutputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Antworten des Servers verarbeiten -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SetOutputFilter Filter[;Filter...]svdhCBestimmt die Filter, die Antworten des Servers verarbeiten +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none flags none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCompression on|off off svEEnable compression on the SSL level -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation -SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries -SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCompression on|off off svEEnable compression on the SSL level +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation +SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries +SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates +SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets -SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed -SSLSRPVerifierFile file-pathsvEPath to SRP verifier file -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets +SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed +SSLSRPVerifierFile file-pathsvEPath to SRP verifier file +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses +SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation +SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client +SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache +SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual host. -SSLUserName varnamesdhEVariable name to determine user name -SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLUserName varnamesdhEVariable name to determine user name +SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers AnzahlsMAnzahl der Kindprozesse des Servers, die beim Start erstellt +StartServers AnzahlsMAnzahl der Kindprozesse des Servers, die beim Start erstellt werden -StartThreads AnzahlsMAnzahl der Threads, die beim Start erstellt werden -Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content -SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns -SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size -Suexec On|OffsBEnable or disable the suEXEC feature -SuexecUserGroup User GroupsvEUser and group for CGI programs to run as -ThreadLimit AnzahlsMBestimmt die Obergrenze der konfigurierbaren Anzahl von Threads +StartThreads AnzahlsMAnzahl der Threads, die beim Start erstellt werden +Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns +SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size +Suexec On|OffsBEnable or disable the suEXEC feature +SuexecUserGroup User GroupsvEUser and group for CGI programs to run as +ThreadLimit AnzahlsMBestimmt die Obergrenze der konfigurierbaren Anzahl von Threads pro Kindprozess -ThreadsPerChild AnzahlsMAnzahl der Threads, die mit jedem Kindprozess gestartet +ThreadsPerChild AnzahlsMAnzahl der Threads, die mit jedem Kindprozess gestartet werden -ThreadStackSize sizesMDie Gre des Stacks in Bytes, der von Threads +ThreadStackSize sizesMDie Gre des Stacks in Bytes, der von Threads verwendet wird, die Client-Verbindungen bearbeiten. -TimeOut Sekunden 60 sCZeitspanne, die der Server auf verschiedene Ereignisse wartet, +TimeOut Sekunden 60 sCZeitspanne, die der Server auf verschiedene Ereignisse wartet, bevor er die Anfrage abbricht -TraceEnable [on|off|extended] on sCLegt das Verhalten von TRACE-Anfragen fest -TransferLog file|pipesvBSpecify location of a log file -TypesConfig file-path conf/mime.types sBThe location of the mime.types file -UnDefine parameter-namesCUndefine the existence of a variable -UndefMacro namesvdBUndefine a macro -UnsetEnv env-variable [env-variable] -...svdhBRemoves variables from the environment -Use name [value1 ... valueN] -svdBUse a macro -UseCanonicalName On|Off|DNS Off svdCBestimmt, wie der Server seinen eigenen Namen und Port +TraceEnable [on|off|extended] on sCLegt das Verhalten von TRACE-Anfragen fest +TransferLog file|pipesvBSpecify location of a log file +TypesConfig file-path conf/mime.types sBThe location of the mime.types file +UnDefine parameter-namesCUndefine the existence of a variable +UndefMacro namesvdBUndefine a macro +UnsetEnv env-variable [env-variable] +...svdhBRemoves variables from the environment +Use name [value1 ... valueN] +svdBUse a macro +UseCanonicalName On|Off|DNS Off svdCBestimmt, wie der Server seinen eigenen Namen und Port ermittelt -UseCanonicalPhysicalPort On|Off Off svdCBestimmt, wie der Server seinen eigenen Namen und Port +UseCanonicalPhysicalPort On|Off Off svdCBestimmt, wie der Server seinen eigenen Namen und Port ermittelt -User unix-userid #-1 sBThe userid under which the server will answer +User unix-userid #-1 sBThe userid under which the server will answer requests -UserDir directory-filename [directory-filename] ... -svBLocation of the user-specific directories -VHostCGIMode On|Off|Secure On vXDetermines whether the virtualhost can run +UserDir directory-filename [directory-filename] ... +svBLocation of the user-specific directories +VHostCGIMode On|Off|Secure On vXDetermines whether the virtualhost can run subprocesses, and the privileges available to subprocesses. -VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to subprocesses created +VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to subprocesses created by a virtual host. -VHostGroup unix-groupidvXSets the Group ID under which a virtual host runs. -VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to a virtual host. -VHostSecure On|Off On vXDetermines whether the server runs with enhanced security +VHostGroup unix-groupidvXSets the Group ID under which a virtual host runs. +VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to a virtual host. +VHostSecure On|Off On vXDetermines whether the server runs with enhanced security for the virtualhost. -VHostUser unix-useridvXSets the User ID under which a virtual host runs. -VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root +VHostUser unix-useridvXSets the User ID under which a virtual host runs. +VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root +VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -<VirtualHost +<VirtualHost Adresse[:Port] [Adresse[:Port]] - ...> ... </VirtualHost>sCEnthlt Direktiven, die nur auf bestimmte Hostnamen oder + ...> ... </VirtualHost>sCEnthlt Direktiven, die nur auf bestimmte Hostnamen oder IP-Adressen angewendet werden -VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for +VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for a given virtual host -VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the CGI directory for +VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the CGI directory for a given virtual host -WatchdogInterval number-of-seconds 1 sBWatchdog interval in seconds -XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit +WatchdogInterval number-of-seconds 1 sBWatchdog interval in seconds +XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit set -xml2EncAlias charset alias [alias ...]sBRecognise Aliases for encoding values -xml2EncDefault namesvdhBSets a default encoding to assume when absolutely no information +xml2EncAlias charset alias [alias ...]sBRecognise Aliases for encoding values +xml2EncDefault namesvdhBSets a default encoding to assume when absolutely no information can be automatically detected -xml2StartParse element [element ...]svdhBAdvise the parser to skip leading junk. +xml2StartParse element [element ...]svdhBAdvise the parser to skip leading junk.

    Verfgbare Sprachen:  de  | diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index 02fa75b9..3ada9358 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -331,163 +331,161 @@ CGI program scripts CGIPassAuth On|Off Off dhCEnables passing HTTP authorization headers to scripts as CGI variables -CharsetDefault charsetsvdhECharset to translate into -CharsetOptions option [option] ... ImplicitAdd svdhEConfigures charset translation behavior -CharsetSourceEnc charsetsvdhESource charset of files -CheckCaseOnly on|off Off svdhELimits the action of the speling module to case corrections -CheckSpelling on|off Off svdhEEnables the spelling +CGIVar variable ruledhCControls how some CGI variables are set +CharsetDefault charsetsvdhECharset to translate into +CharsetOptions option [option] ... ImplicitAdd svdhEConfigures charset translation behavior +CharsetSourceEnc charsetsvdhESource charset of files +CheckCaseOnly on|off Off svdhELimits the action of the speling module to case corrections +CheckSpelling on|off Off svdhEEnables the spelling module -ChrootDir /path/to/directorysBDirectory for apache to run chroot(8) after startup. -ContentDigest On|Off Off svdhCEnables the generation of Content-MD5 HTTP Response +ChrootDir /path/to/directorysBDirectory for apache to run chroot(8) after startup. +ContentDigest On|Off Off svdhCEnables the generation of Content-MD5 HTTP Response headers -CookieDomain domainsvdhEThe domain to which the tracking cookie applies -CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie -CookieName token Apache svdhEName of the tracking cookie -CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field -CookieTracking on|off off svdhEEnables tracking cookie -CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to +CookieDomain domainsvdhEThe domain to which the tracking cookie applies +CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie +CookieName token Apache svdhEName of the tracking cookie +CookieStyle + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field +CookieTracking on|off off svdhEEnables tracking cookie +CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to switch before dumping core -CustomLog file|pipe +CustomLog file|pipe format|nickname [env=[!]environment-variable| -expr=expression]svBSets filename and format of log file -Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods -DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests -DavGenericLockDB file-pathsvdELocation of the DAV lock database -DavLockDB file-pathsvELocation of the DAV lock database -DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on +expr=expression]svBSets filename and format of log file +Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods +DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests +DavGenericLockDB file-pathsvdELocation of the DAV lock database +DavLockDB file-pathsvELocation of the DAV lock database +DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on a DAV resource -DBDExptime time-in-seconds 300 svEKeepalive time for idle connections -DBDInitSQL "SQL statement"svEExecute an SQL statement after connecting to a database -DBDKeep number 2 svEMaximum sustained number of connections -DBDMax number 10 svEMaximum number of connections -DBDMin number 1 svEMinimum number of connections -DBDParams -param1=value1[,param2=value2]svEParameters for database connection -DBDPersist On|OffsvEWhether to use persistent connections -DBDPrepareSQL "SQL statement" labelsvEDefine an SQL prepared statement -DBDriver namesvESpecify an SQL driver -DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is +DBDExptime time-in-seconds 300 svEKeepalive time for idle connections +DBDInitSQL "SQL statement"svEExecute an SQL statement after connecting to a database +DBDKeep number 2 svEMaximum sustained number of connections +DBDMax number 10 svEMaximum number of connections +DBDMin number 1 svEMinimum number of connections +DBDParams +param1=value1[,param2=value2]svEParameters for database connection +DBDPersist On|OffsvEWhether to use persistent connections +DBDPrepareSQL "SQL statement" labelsvEDefine an SQL prepared statement +DBDriver namesvESpecify an SQL driver +DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is configured -DefaultLanguage language-tagsvdhBDefines a default language-tag to be sent in the Content-Language +DefaultLanguage language-tagsvdhBDefines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means. -DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sCBase directory for the server run-time files -DefaultType media-type|none none svdhCThis directive has no effect other than to emit warnings +DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sCBase directory for the server run-time files +DefaultType media-type|none none svdhCThis directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found. -Define parameter-name [parameter-value]svdCDefine a variable -DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib -DeflateCompressionLevel valuesvEHow much compression do we apply to the output -DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging -DeflateInflateLimitRequestBodyvaluesvdhEMaximum size of inflated request bodies -DeflateInflateRatioBurst valuesvdhEMaximum number of times the inflation ratio for request bodies +Define parameter-name [parameter-value]svdCDefine a variable +DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib +DeflateCompressionLevel valuesvEHow much compression do we apply to the output +DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging +DeflateInflateLimitRequestBodyvaluesvdhEMaximum size of inflated request bodies +DeflateInflateRatioBurst valuesvdhEMaximum number of times the inflation ratio for request bodies can be crossed -DeflateInflateRatioLimit valuesvdhEMaximum inflation ratio for request bodies -DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression -DeflateWindowSize value 15 svEZlib compression window size - Deny from all|host|env=[!]env-variable -[host|env=[!]env-variable] ...dhEControls which hosts are denied access to the +DeflateInflateRatioLimit valuesvdhEMaximum inflation ratio for request bodies +DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression +DeflateWindowSize value 15 svEZlib compression window size + Deny from all|host|env=[!]env-variable +[host|env=[!]env-variable] ...dhEControls which hosts are denied access to the server -<Directory "directory-path"> -... </Directory>svCEnclose a group of directives that apply only to the +<Directory directory-path> +... </Directory>svCEnclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents. -DirectoryCheckHandler On|Off Off svdhBToggle how this module responds when another handler is configured -DirectoryIndex - disabled | local-url [local-url] ... index.html svdhBList of resources to look for when the client requests +DirectoryCheckHandler On|Off Off svdhBToggle how this module responds when another handler is configured +DirectoryIndex + disabled | local-url [local-url] ... index.html svdhBList of resources to look for when the client requests a directory -DirectoryIndexRedirect on | off | permanent | temp | seeother | +DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code - off svdhBConfigures an external redirect for directory indexes. + off svdhBConfigures an external redirect for directory indexes. -<DirectoryMatch regex> -... </DirectoryMatch>svCEnclose directives that apply to +<DirectoryMatch regex> +... </DirectoryMatch>svCEnclose directives that apply to the contents of file-system directories matching a regular expression. -DirectorySlash On|Off On svdhBToggle trailing slash redirects on or off -DocumentRoot directory-path "/usr/local/apache/ +svCDirectory that forms the main document tree visible +DirectorySlash On|Off On svdhBToggle trailing slash redirects on or off +DocumentRoot directory-path "/usr/local/apache/ +svCDirectory that forms the main document tree visible from the web -DTracePrivileges On|Off Off sXDetermines whether the privileges required by dtrace are enabled. -DumpIOInput On|Off Off sEDump all input data to the error log -DumpIOOutput On|Off Off sEDump all output data to the error log -<Else> ... </Else>svdhCContains directives that apply only if the condition of a +DTracePrivileges On|Off Off sXDetermines whether the privileges required by dtrace are enabled. +DumpIOInput On|Off Off sEDump all input data to the error log +DumpIOOutput On|Off Off sEDump all output data to the error log +<Else> ... </Else>svdhCContains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime -<ElseIf expression> ... </ElseIf>svdhCContains directives that apply only if a condition is satisfied +<ElseIf expression> ... </ElseIf>svdhCContains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied -EnableExceptionHook On|Off Off sMEnables a hook that runs exception handlers +EnableExceptionHook On|Off Off sMEnables a hook that runs exception handlers after a crash -EnableMMAP On|Off On svdhCUse memory-mapping to read files during delivery -EnableSendfile On|Off Off svdhCUse the kernel sendfile support to deliver files to the client -Error messagesvdhCAbort configuration parsing with a custom error message -ErrorDocument error-code documentsvdhCWhat the server will return to the client +EnableMMAP On|Off On svdhCUse memory-mapping to read files during delivery +EnableSendfile On|Off Off svdhCUse the kernel sendfile support to deliver files to the client +Error messagesvdhCAbort configuration parsing with a custom error message +ErrorDocument error-code documentsvdhCWhat the server will return to the client in case of an error - ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svCLocation where the server will log errors - ErrorLogFormat [connection|request] formatsvCFormat specification for error log entries -ExamplesvdhXDemonstration directive to illustrate the Apache module + ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svCLocation where the server will log errors + ErrorLogFormat [connection|request] formatsvCFormat specification for error log entries +ExamplesvdhXDemonstration directive to illustrate the Apache module API -ExpiresActive On|Off Off svdhEEnables generation of Expires +ExpiresActive On|Off Off svdhEEnables generation of Expires headers -ExpiresByType MIME-type -<code>secondssvdhEValue of the Expires header configured +ExpiresByType MIME-type +<code>secondssvdhEValue of the Expires header configured by MIME type -ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time -ExtendedStatus On|Off Off[*] sCKeep track of extended status information for each +ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time +ExtendedStatus On|Off Off[*] sCKeep track of extended status information for each request -ExtFilterDefine filtername parameterssEDefine an external filter -ExtFilterOptions option [option] ... NoLogStderr dEConfigure mod_ext_filter options -FallbackResource disabled | local-urlsvdhBDefine a default URL for requests that don't map to a file -FileETag component ... MTime Size svdhCFile attributes used to create the ETag +ExtFilterDefine filtername parameterssEDefine an external filter +ExtFilterOptions option [option] ... NoLogStderr dEConfigure mod_ext_filter options +FallbackResource disabled | local-urlsvdhBDefine a default URL for requests that don't map to a file +FileETag component ... MTime Size svdhCFile attributes used to create the ETag HTTP response header for static files -<Files "filename"> ... </Files>svdhCContains directives that apply to matched +<Files filename> ... </Files>svdhCContains directives that apply to matched filenames -<FilesMatch regex> ... </FilesMatch>svdhCContains directives that apply to regular-expression matched +<FilesMatch regex> ... </FilesMatch>svdhCContains directives that apply to regular-expression matched filenames -FilterChain [+=-@!]filter-name ...svdhBConfigure the filter chain -FilterDeclare filter-name [type]svdhBDeclare a smart filter -FilterProtocol filter-name [provider-name] - proto-flagssvdhBDeal with correct HTTP protocol handling -FilterProvider filter-name provider-name - expressionsvdhBRegister a content filter -FilterTrace filter-name levelsvdBGet debug/diagnostic information from +FilterChain [+=-@!]filter-name ...svdhBConfigure the filter chain +FilterDeclare filter-name [type]svdhBDeclare a smart filter +FilterProtocol filter-name [provider-name] + proto-flagssvdhBDeal with correct HTTP protocol handling +FilterProvider filter-name provider-name + expressionsvdhBRegister a content filter +FilterTrace filter-name levelsvdBGet debug/diagnostic information from mod_filter -ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not +ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not found -ForceType media-type|NonedhCForces all matching files to be served with the specified +ForceType media-type|NonedhCForces all matching files to be served with the specified media type in the HTTP Content-Type header field -ForensicLog filename|pipesvESets filename of the forensic log -GlobalLog file|pipe|provider +ForensicLog filename|pipesvESets filename of the forensic log +GlobalLogfile|pipe format|nickname [env=[!]environment-variable| -expr=expression]sBSets filename and format of log file -GprofDir /tmp/gprof/|/tmp/gprof/%svCDirectory to write gmon.out profiling data to. -GracefulShutdownTimeout seconds 0 sMSpecify a timeout after which a gracefully shutdown server +expr=expression]sBSets filename and format of log file +GprofDir /tmp/gprof/|/tmp/gprof/%svCDirectory to write gmon.out profiling data to. +GracefulShutdownTimeout seconds 0 sMSpecify a timeout after which a gracefully shutdown server will exit. -Group unix-group #-1 sBGroup under which the server will answer +Group unix-group #-1 sBGroup under which the server will answer requests -H2Direct on|off on for h2c, off for +svEH2 Direct Protocol Switch -H2KeepAliveTimeout secondssvETimeout (in seconds) for idle HTTP/2 connections +H2Direct on|off on for h2c, off for +svEH2 Direct Protocol Switch H2MaxSessionStreams n 100 svEMaximum number of active streams per HTTP/2 session. H2MaxWorkerIdleSeconds n 600 sEMaximum number of seconds h2 workers remain idle until shut down. H2MaxWorkers nsEMaximum number of worker threads to use per child process. H2MinWorkers nsEMinimal number of worker threads to use per child process. H2ModernTLSOnly on|off on svERequire HTTP/2 connections to be "modern TLS" only H2Push on|off on svEH2 Server Push Switch -H2PushDiarySize n 256 svEH2 Server Push Diary Size -H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svEH2 Server Push Priority +H2PushDiarySize n 256 svEH2 Server Push Diary Size +H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svEH2 Server Push Priority H2SerializeHeaders on|off off svESerialize Request/Response Processing Switch H2SessionExtraFiles nsvENumber of Extra File Handles H2StreamMaxMemSize bytes 65536 svEMaximum amount of output data buffered per stream. -H2StreamTimeout seconds 0 svETimeout (in seconds) for idle HTTP/2 connections -H2Timeout seconds 5 svETimeout (in seconds) for HTTP/2 connections -H2TLSCoolDownSecs seconds 1 svE- -H2TLSWarmUpSize amount 1048576 svE- +H2TLSCoolDownSecs seconds 1 svE- +H2TLSWarmUpSize amount 1048576 svE- H2Upgrade on|off on for h2c, off for +svEH2 Upgrade Protocol Switch H2WindowSize bytes 65535 svESize of Stream Window for upstream data. Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note @@ -555,7 +553,7 @@ requests on a persistent connection the specified maximum size, for potential use by filters such as mod_include. LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +...svdhBThe precedence of language variants for cases where the client does not express a preference LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache LDAPCacheTTL seconds 600 sETime that cached items remain valid @@ -606,7 +604,7 @@ listeners' buckets LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules <Location - "URL-path|URL"> ... </Location>svCApplies the enclosed directives only to matching + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs <LocationMatch regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression @@ -723,383 +721,385 @@ proxied ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. +ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters +ProxyHCTPsize <size>svESets the size of the threadpool used for the health check workers. +ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is -fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is + fully qualified +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhEConfigure HTTP request headers -RequestReadTimeout +svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource - MapTypeOptions -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched by Apache httpd children -RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched +RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched by Apache httpd children -RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by +RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by processes launched by Apache httpd children -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for +ScoreBoardFile file-path logs/apache_runtime +sMLocation of the file used to store coordination data for the child processes -Script method cgi-scriptsvdBActivates a CGI script for a particular request +Script method cgi-scriptsvdBActivates a CGI script for a particular request method. -ScriptAlias [URL-path] -file-path|directory-pathsvdBMaps a URL to a filesystem location and designates the +ScriptAlias [URL-path] +file-path|directory-pathsvdBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI scripts -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize bytes 0 sMTCP buffer size -ServerAdmin email-address|URLsvCEmail address that the server includes in error +SendBufferSize bytes 0 sMTCP buffer size +ServerAdmin email-address|URLsvCEmail address that the server includes in error messages sent to the client -ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests +ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests to name-virtual hosts -ServerLimit numbersMUpper limit on configurable number of processes -ServerName [scheme://]domain-name|ip-address[:port]svCHostname and port that the server uses to identify +ServerLimit numbersMUpper limit on configurable number of processes +ServerName [scheme://]domain-name|ip-address[:port]svCHostname and port that the server uses to identify itself -ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that +ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that is accessed by an incompatible browser -ServerRoot directory-path /usr/local/apache sCBase directory for the server installation -ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response +ServerRoot directory-path /usr/local/apache sCBase directory for the server installation +ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response header -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable [value]svdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable [value]svdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler handler-name|none|expressionsvdhCForces all matching files to be processed by a +SetHandler handler-name|none|expressionsvdhCForces all matching files to be processed by a handler -SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST +SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST input -SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the +SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the server -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none flags none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 certificate data file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded private key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCompression on|off off svEEnable compression on the SSL level -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation -SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries -SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCompression on|off off svEEnable compression on the SSL level +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation +SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOCSPUseRequestNonce on|off on svEUse a nonce within OCSP queries +SSLOpenSSLConfCmd command-name command-valuesvEConfigure OpenSSL parameters through its SSL_CONF API +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificate's CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates +SSLProxyCheckPeerName on|off on svEConfigure host name checking for remote server certificates -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets -SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed -SSLSRPVerifierFile file-pathsvEPath to SRP verifier file -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLSessionTickets on|off on svEEnable or disable use of TLS session tickets +SSLSRPUnknownUserSeed secret-stringsvESRP unknown user seed +SSLSRPVerifierFile file-pathsvEPath to SRP verifier file +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses +SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation +SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client +SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache +SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual host. -SSLUserName varnamesdhEVariable name to determine user name -SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLUserName varnamesdhEVariable name to determine user name +SSLUseStapling on|off off svEEnable stapling of OCSP responses in the TLS handshake +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers numbersMNumber of child server processes created at startup -StartThreads numbersMNumber of threads created on startup -Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content -SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns -SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size -Suexec On|OffsBEnable or disable the suEXEC feature -SuexecUserGroup User GroupsvEUser and group for CGI programs to run as -ThreadLimit numbersMSets the upper limit on the configurable number of threads +StartServers numbersMNumber of child server processes created at startup +StartThreads numbersMNumber of threads created on startup +Substitute s/pattern/substitution/[infq]dhEPattern to filter the response content +SubstituteInheritBefore on|off off dhEChange the merge order of inherited patterns +SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhESet the maximum line size +Suexec On|OffsBEnable or disable the suEXEC feature +SuexecUserGroup User GroupsvEUser and group for CGI programs to run as +ThreadLimit numbersMSets the upper limit on the configurable number of threads per child process -ThreadsPerChild numbersMNumber of threads created by each child process -ThreadStackSize sizesMThe size in bytes of the stack used by threads handling +ThreadsPerChild numbersMNumber of threads created by each child process +ThreadStackSize sizesMThe size in bytes of the stack used by threads handling client connections -TimeOut seconds 60 svCAmount of time the server will wait for +TimeOut seconds 60 svCAmount of time the server will wait for certain events before failing a request -TraceEnable [on|off|extended] on svCDetermines the behavior on TRACE requests -TransferLog file|pipesvBSpecify location of a log file -TypesConfig file-path conf/mime.types sBThe location of the mime.types file -UnDefine parameter-namesCUndefine the existence of a variable -UndefMacro namesvdBUndefine a macro -UnsetEnv env-variable [env-variable] -...svdhBRemoves variables from the environment -Use name [value1 ... valueN] -svdBUse a macro -UseCanonicalName On|Off|DNS Off svdCConfigures how the server determines its own name and +TraceEnable [on|off|extended] on svCDetermines the behavior on TRACE requests +TransferLog file|pipesvBSpecify location of a log file +TypesConfig file-path conf/mime.types sBThe location of the mime.types file +UnDefine parameter-namesCUndefine the existence of a variable +UndefMacro namesvdBUndefine a macro +UnsetEnv env-variable [env-variable] +...svdhBRemoves variables from the environment +Use name [value1 ... valueN] +svdBUse a macro +UseCanonicalName On|Off|DNS Off svdCConfigures how the server determines its own name and port -UseCanonicalPhysicalPort On|Off Off svdCConfigures how the server determines its own port -User unix-userid #-1 sBThe userid under which the server will answer +UseCanonicalPhysicalPort On|Off Off svdCConfigures how the server determines its own port +User unix-userid #-1 sBThe userid under which the server will answer requests -UserDir directory-filename [directory-filename] ... -svBLocation of the user-specific directories -VHostCGIMode On|Off|Secure On vXDetermines whether the virtualhost can run +UserDir directory-filename [directory-filename] ... +svBLocation of the user-specific directories +VHostCGIMode On|Off|Secure On vXDetermines whether the virtualhost can run subprocesses, and the privileges available to subprocesses. -VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to subprocesses created +VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to subprocesses created by a virtual host. -VHostGroup unix-groupidvXSets the Group ID under which a virtual host runs. -VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to a virtual host. -VHostSecure On|Off On vXDetermines whether the server runs with enhanced security +VHostGroup unix-groupidvXSets the Group ID under which a virtual host runs. +VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vXAssign arbitrary privileges to a virtual host. +VHostSecure On|Off On vXDetermines whether the server runs with enhanced security for the virtualhost. -VHostUser unix-useridvXSets the User ID under which a virtual host runs. -VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root +VHostUser unix-useridvXSets the User ID under which a virtual host runs. +VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root +VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -<VirtualHost +<VirtualHost addr[:port] [addr[:port]] - ...> ... </VirtualHost>sCContains directives that apply only to a specific + ...> ... </VirtualHost>sCContains directives that apply only to a specific hostname or IP address -VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for +VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for a given virtual host -VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the CGI directory for +VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the CGI directory for a given virtual host -WatchdogInterval number-of-seconds 1 sBWatchdog interval in seconds -XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit +WatchdogInterval number-of-seconds 1 sBWatchdog interval in seconds +XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit set -xml2EncAlias charset alias [alias ...]sBRecognise Aliases for encoding values -xml2EncDefault namesvdhBSets a default encoding to assume when absolutely no information +xml2EncAlias charset alias [alias ...]sBRecognise Aliases for encoding values +xml2EncDefault namesvdhBSets a default encoding to assume when absolutely no information can be automatically detected -xml2StartParse element [element ...]svdhBAdvise the parser to skip leading junk. +xml2StartParse element [element ...]svdhBAdvise the parser to skip leading junk.

    Available Languages:  de  | diff --git a/docs/manual/mod/quickreference.html.es b/docs/manual/mod/quickreference.html.es index 1d688891..f4434cbc 100644 --- a/docs/manual/mod/quickreference.html.es +++ b/docs/manual/mod/quickreference.html.es @@ -7,7 +7,7 @@ This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> -Gua Rpida de Referencia de Directivas - Servidor HTTP Apache Versin 2.4 +Gua Rpida de Referencia de Directivas - Servidor Apache HTTP Versin 2.4 @@ -17,7 +17,7 @@

    -

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa de este sitio web

    +

    Mdulos | Directivas | Preguntas Frecuentes | Glosario | Mapa del sitio web

    Versin 2.4 del Servidor HTTP Apache

    <-
    @@ -59,7 +59,7 @@  A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  - +
    sserver config
    vvirtual host
    ddirectory
    ddirectorio
    h.htaccess
    @@ -67,7 +67,7 @@ - +
    CCore
    BBase
    EExtensin
    XExperimental
    TExternal
    TExterno
    @@ -338,163 +338,161 @@ CGI program scripts - - - - - + + + + + - - + - - - - - - + + + + + - - - - - - + + + + + - - - - - - - - - - + + + + + + + + + - - - + - - - - - - + + + + + - - - - + + + - - - + - - - - + - - - - + + + - - - - - - + + + - - - + + - - - - + - - - - + + + - - - - - - - + + + + - - - - + - - + + - - - + - - + + - - - - + + the specified maximum size, for potential use by filters such as mod_include. @@ -730,384 +728,386 @@ proxied - + + + - - - - - + + + + - - + - - + - - - - + + + - - - - - - + + + + - - - - - - + - - + - - - - - - + + + + - - + - - + - - - - - - - - - - - + + + + + + + - - - - - - - - + - - - - - - + - - - - - + + + + - - - - - - - - - - + - - + - - + - - + - - - + - - - - + + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - - - - - + + + + + - - + - - - - - + - - + - - - + + - - + - - - - - + - - - - - + + + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + - - + - - - + - - - - - - - - - - - - + + + + + + - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - - - - - - + + + + + + + - - + - - - - - - - - - + + + + + + + - - - - + - - - - + + - - + - - - - - - + - - + - +
    CGIPassAuth On|Off Off dhC
    Enables passing HTTP authorization headers to scripts as CGI variables
    CharsetDefault charsetsvdhE
    Charset to translate into
    CharsetOptions option [option] ... ImplicitAdd svdhE
    Configures charset translation behavior
    CharsetSourceEnc charsetsvdhE
    Source charset of files
    CheckCaseOnly on|off Off svdhE
    Limits the action of the speling module to case corrections
    CheckSpelling on|off Off svdhE
    Enables the spelling +
    CGIVar variable ruledhC
    Controls how some CGI variables are set
    CharsetDefault charsetsvdhE
    Charset to translate into
    CharsetOptions option [option] ... ImplicitAdd svdhE
    Configures charset translation behavior
    CharsetSourceEnc charsetsvdhE
    Source charset of files
    CheckCaseOnly on|off Off svdhE
    Limits the action of the speling module to case corrections
    CheckSpelling on|off Off svdhE
    Enables the spelling module
    ChrootDir /path/to/directorysB
    Directory for apache to run chroot(8) after startup.
    ContentDigest On|Off Off svdhC
    Enables the generation of Content-MD5 HTTP Response +
    ChrootDir /path/to/directorysB
    Directory for apache to run chroot(8) after startup.
    ContentDigest On|Off Off svdhC
    Enables the generation of Content-MD5 HTTP Response headers
    CookieDomain domainsvdhE
    The domain to which the tracking cookie applies
    CookieExpires expiry-periodsvdhE
    Expiry time for the tracking cookie
    CookieName token Apache svdhE
    Name of the tracking cookie
    CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhE
    Format of the cookie header field
    CookieTracking on|off off svdhE
    Enables tracking cookie
    CoreDumpDirectory directorysM
    Directory where Apache HTTP Server attempts to +
    CookieDomain domainsvdhE
    The domain to which the tracking cookie applies
    CookieExpires expiry-periodsvdhE
    Expiry time for the tracking cookie
    CookieName token Apache svdhE
    Name of the tracking cookie
    CookieStyle + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhE
    Format of the cookie header field
    CookieTracking on|off off svdhE
    Enables tracking cookie
    CoreDumpDirectory directorysM
    Directory where Apache HTTP Server attempts to switch before dumping core
    CustomLog file|pipe +
    CustomLog file|pipe format|nickname [env=[!]environment-variable| -expr=expression]svB
    Sets filename and format of log file
    Dav On|Off|provider-name Off dE
    Enable WebDAV HTTP methods
    DavDepthInfinity on|off off svdE
    Allow PROPFIND, Depth: Infinity requests
    DavGenericLockDB file-pathsvdE
    Location of the DAV lock database
    DavLockDB file-pathsvE
    Location of the DAV lock database
    DavMinTimeout seconds 0 svdE
    Minimum amount of time the server holds a lock on +expr=expression]svB
    Sets filename and format of log file
    Dav On|Off|provider-name Off dE
    Enable WebDAV HTTP methods
    DavDepthInfinity on|off off svdE
    Allow PROPFIND, Depth: Infinity requests
    DavGenericLockDB file-pathsvdE
    Location of the DAV lock database
    DavLockDB file-pathsvE
    Location of the DAV lock database
    DavMinTimeout seconds 0 svdE
    Minimum amount of time the server holds a lock on a DAV resource
    DBDExptime time-in-seconds 300 svE
    Keepalive time for idle connections
    DBDInitSQL "SQL statement"svE
    Execute an SQL statement after connecting to a database
    DBDKeep number 2 svE
    Maximum sustained number of connections
    DBDMax number 10 svE
    Maximum number of connections
    DBDMin number 1 svE
    Minimum number of connections
    DBDParams -param1=value1[,param2=value2]svE
    Parameters for database connection
    DBDPersist On|OffsvE
    Whether to use persistent connections
    DBDPrepareSQL "SQL statement" labelsvE
    Define an SQL prepared statement
    DBDriver namesvE
    Specify an SQL driver
    DefaultIcon url-pathsvdhB
    Icon to display for files when no specific icon is +
    DBDExptime time-in-seconds 300 svE
    Keepalive time for idle connections
    DBDInitSQL "SQL statement"svE
    Execute an SQL statement after connecting to a database
    DBDKeep number 2 svE
    Maximum sustained number of connections
    DBDMax number 10 svE
    Maximum number of connections
    DBDMin number 1 svE
    Minimum number of connections
    DBDParams +param1=value1[,param2=value2]svE
    Parameters for database connection
    DBDPersist On|OffsvE
    Whether to use persistent connections
    DBDPrepareSQL "SQL statement" labelsvE
    Define an SQL prepared statement
    DBDriver namesvE
    Specify an SQL driver
    DefaultIcon url-pathsvdhB
    Icon to display for files when no specific icon is configured
    DefaultLanguage language-tagsvdhB
    Defines a default language-tag to be sent in the Content-Language +
    DefaultLanguage language-tagsvdhB
    Defines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means.
    DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sC
    Base directory for the server run-time files
    DefaultType media-type|none none svdhC
    This directive has no effect other than to emit warnings +
    DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sC
    Base directory for the server run-time files
    DefaultType media-type|none none svdhC
    This directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found.
    Define parameter-namesC
    Define the existence of a variable
    DeflateBufferSize value 8096 svE
    Fragment size to be compressed at one time by zlib
    DeflateCompressionLevel valuesvE
    How much compression do we apply to the output
    DeflateFilterNote [type] notenamesvE
    Places the compression ratio in a note for logging
    DeflateInflateLimitRequestBodyvaluesvdhE
    Maximum size of inflated request bodies
    DeflateInflateRatioBurst valuesvdhE
    Maximum number of times the inflation ratio for request bodies +
    Define parameter-namesC
    Define the existence of a variable
    DeflateBufferSize value 8096 svE
    Fragment size to be compressed at one time by zlib
    DeflateCompressionLevel valuesvE
    How much compression do we apply to the output
    DeflateFilterNote [type] notenamesvE
    Places the compression ratio in a note for logging
    DeflateInflateLimitRequestBodyvaluesvdhE
    Maximum size of inflated request bodies
    DeflateInflateRatioBurst valuesvdhE
    Maximum number of times the inflation ratio for request bodies can be crossed
    DeflateInflateRatioLimit valuesvdhE
    Maximum inflation ratio for request bodies
    DeflateMemLevel value 9 svE
    How much memory should be used by zlib for compression
    DeflateWindowSize value 15 svE
    Zlib compression window size
    Deny from all|host|env=[!]env-variable -[host|env=[!]env-variable] ...dhE
    Controls which hosts are denied access to the +
    DeflateInflateRatioLimit valuesvdhE
    Maximum inflation ratio for request bodies
    DeflateMemLevel value 9 svE
    How much memory should be used by zlib for compression
    DeflateWindowSize value 15 svE
    Zlib compression window size
    Deny from all|host|env=[!]env-variable +[host|env=[!]env-variable] ...dhE
    Controls which hosts are denied access to the server
    <Directory directory-path> -... </Directory>svC
    Enclose a group of directives that apply only to the +
    <Directory directory-path> +... </Directory>svC
    Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents.
    DirectoryCheckHandler On|Off Off svdhB
    Toggle how this module responds when another handler is configured
    DirectoryIndex - disabled | local-url [local-url] ... index.html svdhB
    List of resources to look for when the client requests +
    DirectoryCheckHandler On|Off Off svdhB
    Toggle how this module responds when another handler is configured
    DirectoryIndex + disabled | local-url [local-url] ... index.html svdhB
    List of resources to look for when the client requests a directory
    DirectoryIndexRedirect on | off | permanent | temp | seeother | +
    DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code - off svdhB
    Configures an external redirect for directory indexes. + off svdhB
    Configures an external redirect for directory indexes.
    <DirectoryMatch regex> -... </DirectoryMatch>svC
    Enclose directives that apply to +
    <DirectoryMatch regex> +... </DirectoryMatch>svC
    Enclose directives that apply to the contents of file-system directories matching a regular expression.
    DirectorySlash On|Off On svdhB
    Toggle trailing slash redirects on or off
    DocumentRoot directory-path /usr/local/apache/h +svC
    Directory that forms the main document tree visible +
    DirectorySlash On|Off On svdhB
    Toggle trailing slash redirects on or off
    DocumentRoot directory-path /usr/local/apache/h +svC
    Directory that forms the main document tree visible from the web
    DTracePrivileges On|Off Off sX
    Determines whether the privileges required by dtrace are enabled.
    DumpIOInput On|Off Off sE
    Dump all input data to the error log
    DumpIOOutput On|Off Off sE
    Dump all output data to the error log
    <Else> ... </Else>svdhC
    Contains directives that apply only if the condition of a +
    DTracePrivileges On|Off Off sX
    Determines whether the privileges required by dtrace are enabled.
    DumpIOInput On|Off Off sE
    Dump all input data to the error log
    DumpIOOutput On|Off Off sE
    Dump all output data to the error log
    <Else> ... </Else>svdhC
    Contains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime
    <ElseIf expression> ... </ElseIf>svdhC
    Contains directives that apply only if a condition is satisfied +
    <ElseIf expression> ... </ElseIf>svdhC
    Contains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied
    EnableExceptionHook On|Off Off sM
    Enables a hook that runs exception handlers +
    EnableExceptionHook On|Off Off sM
    Enables a hook that runs exception handlers after a crash
    EnableMMAP On|Off On svdhC
    Use memory-mapping to read files during delivery
    EnableSendfile On|Off Off svdhC
    Use the kernel sendfile support to deliver files to the client
    Error messagesvdhC
    Abort configuration parsing with a custom error message
    ErrorDocument error-code documentsvdhC
    What the server will return to the client +
    EnableMMAP On|Off On svdhC
    Use memory-mapping to read files during delivery
    EnableSendfile On|Off Off svdhC
    Use the kernel sendfile support to deliver files to the client
    Error messagesvdhC
    Abort configuration parsing with a custom error message
    ErrorDocument error-code documentsvdhC
    What the server will return to the client in case of an error
    ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svC
    Location where the server will log errors
    ErrorLog [connection|request] formatsvC
    Format specification for error log entries
    ExamplesvdhX
    Demonstration directive to illustrate the Apache module +
    ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svC
    Location where the server will log errors
    ErrorLog [connection|request] formatsvC
    Format specification for error log entries
    ExamplesvdhX
    Demonstration directive to illustrate the Apache module API
    ExpiresActive On|Off Off svdhE
    Enables generation of Expires +
    ExpiresActive On|Off Off svdhE
    Enables generation of Expires headers
    ExpiresByType MIME-type -<code>secondssvdhE
    Value of the Expires header configured +
    ExpiresByType MIME-type +<code>secondssvdhE
    Value of the Expires header configured by MIME type
    ExpiresDefault <code>secondssvdhE
    Default algorithm for calculating expiration time
    ExtendedStatus On|Off Off[*] sC
    Keep track of extended status information for each +
    ExpiresDefault <code>secondssvdhE
    Default algorithm for calculating expiration time
    ExtendedStatus On|Off Off[*] sC
    Keep track of extended status information for each request
    ExtFilterDefine filtername parameterssE
    Define an external filter
    ExtFilterOptions option [option] ... NoLogStderr dE
    Configure mod_ext_filter options
    FallbackResource disabled | local-urlsvdhB
    Define a default URL for requests that don't map to a file
    FileETag component ... INode MTime Size svdhC
    File attributes used to create the ETag +
    ExtFilterDefine filtername parameterssE
    Define an external filter
    ExtFilterOptions option [option] ... NoLogStderr dE
    Configure mod_ext_filter options
    FallbackResource disabled | local-urlsvdhB
    Define a default URL for requests that don't map to a file
    FileETag component ... INode MTime Size svdhC
    File attributes used to create the ETag HTTP response header for static files
    <Files filename> ... </Files>svdhC
    Contains directives that apply to matched +
    <Files filename> ... </Files>svdhC
    Contains directives that apply to matched filenames
    <FilesMatch regex> ... </FilesMatch>svdhC
    Contains directives that apply to regular-expression matched +
    <FilesMatch regex> ... </FilesMatch>svdhC
    Contains directives that apply to regular-expression matched filenames
    FilterChain [+=-@!]filter-name ...svdhB
    Configure the filter chain
    FilterDeclare filter-name [type]svdhB
    Declare a smart filter
    FilterProtocol filter-name [provider-name] - proto-flagssvdhB
    Deal with correct HTTP protocol handling
    FilterProvider filter-name provider-name - expressionsvdhB
    Register a content filter
    FilterTrace filter-name levelsvdB
    Get debug/diagnostic information from +
    FilterChain [+=-@!]filter-name ...svdhB
    Configure the filter chain
    FilterDeclare filter-name [type]svdhB
    Declare a smart filter
    FilterProtocol filter-name [provider-name] + proto-flagssvdhB
    Deal with correct HTTP protocol handling
    FilterProvider filter-name provider-name + expressionsvdhB
    Register a content filter
    FilterTrace filter-name levelsvdB
    Get debug/diagnostic information from mod_filter
    ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhB
    Action to take if a single acceptable document is not +
    ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhB
    Action to take if a single acceptable document is not found
    ForceType media-type|NonedhC
    Forces all matching files to be served with the specified +
    ForceType media-type|NonedhC
    Forces all matching files to be served with the specified media type in the HTTP Content-Type header field
    ForensicLog filename|pipesvE
    Sets filename of the forensic log
    GlobalLog file|pipe|provider +
    ForensicLog filename|pipesvE
    Sets filename of the forensic log
    GlobalLogfile|pipe format|nickname [env=[!]environment-variable| -expr=expression]sB
    Sets filename and format of log file
    GprofDir /tmp/gprof/|/tmp/gprof/%svC
    Directory to write gmon.out profiling data to.
    GracefulShutdownTimeout seconds 0 sM
    Specify a timeout after which a gracefully shutdown server +expr=expression]sB
    Sets filename and format of log file
    GprofDir /tmp/gprof/|/tmp/gprof/%svC
    Directory to write gmon.out profiling data to.
    GracefulShutdownTimeout seconds 0 sM
    Specify a timeout after which a gracefully shutdown server will exit.
    Group unix-group #-1 sB
    Group under which the server will answer +
    Group unix-group #-1 sB
    Group under which the server will answer requests
    H2Direct on|off on for h2c, off for +svE
    H2 Direct Protocol Switch
    H2KeepAliveTimeout secondssvE
    Timeout (in seconds) for idle HTTP/2 connections
    H2Direct on|off on for h2c, off for +svE
    H2 Direct Protocol Switch
    H2MaxSessionStreams n 100 svE
    Maximum number of active streams per HTTP/2 session.
    H2MaxWorkerIdleSeconds n 600 sE
    Maximum number of seconds h2 workers remain idle until shut down.
    H2MaxWorkers nsE
    Maximum number of worker threads to use per child process.
    H2MinWorkers nsE
    Minimal number of worker threads to use per child process.
    H2ModernTLSOnly on|off on svE
    Require HTTP/2 connections to be "modern TLS" only
    H2Push on|off on svE
    H2 Server Push Switch
    H2PushDiarySize n 256 svE
    H2 Server Push Diary Size
    H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svE
    H2 Server Push Priority
    H2PushDiarySize n 256 svE
    H2 Server Push Diary Size
    H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svE
    H2 Server Push Priority
    H2SerializeHeaders on|off off svE
    Serialize Request/Response Processing Switch
    H2SessionExtraFiles nsvE
    Number of Extra File Handles
    H2StreamMaxMemSize bytes 65536 svE
    Maximum amount of output data buffered per stream.
    H2StreamTimeout seconds 0 svE
    Timeout (in seconds) for idle HTTP/2 connections
    H2Timeout seconds 5 svE
    Timeout (in seconds) for HTTP/2 connections
    H2TLSCoolDownSecs seconds 1 svE
    -
    H2TLSWarmUpSize amount 1048576 svE
    -
    H2TLSCoolDownSecs seconds 1 svE
    -
    H2TLSWarmUpSize amount 1048576 svE
    -
    H2Upgrade on|off on for h2c, off for +svE
    H2 Upgrade Protocol Switch
    H2WindowSize bytes 65535 svE
    Size of Stream Window for upstream data.
    Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note @@ -562,7 +560,7 @@ requests on a persistent connection
    LanguagePriority MIME-lang [MIME-lang] -...svdhB
    The precendence of language variants for cases where +...svdhB
    The precedence of language variants for cases where the client does not express a preference
    LDAPCacheEntries number 1024 sE
    Maximum number of entries in the primary LDAP cache
    LDAPCacheTTL seconds 600 sE
    Time that cached items remain valid
    ProxyFtpDirCharset character set ISO-8859-1 svdE
    Define the character set for proxied FTP listings
    ProxyFtpEscapeWildcards [on|off]svdE
    Whether wildcards in requested filenames are escaped when sent to the FTP server
    ProxyFtpListOnWildcard [on|off]svdE
    Whether wildcards in requested filenames trigger a file listing
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and +
    ProxyHCExpr name {ap_expr expression}svE
    Creates a named condition expression to use to determine health of the backend based on its response.
    ProxyHCTemplate name parameter=setting <...>svE
    Creates a named template for setting various health check parameters
    ProxyHCTPsize <size>svE
    Sets the size of the threadpool used for the health check workers.
    ProxyHTMLBufSize bytessvdB
    Sets the buffer size increment for buffering inline scripts and stylesheets.
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, +
    ProxyHTMLCharsetOut Charset | *svdB
    Specify a charset for mod_proxy_html output.
    ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    		svdB
    Sets an HTML or XHTML document type declaration.
    ProxyHTMLEnable On|Off Off svdB
    Turns the proxy_html filter on or off.
    ProxyHTMLEvents attribute [attribute ...]svdB
    Specify attributes to treat as scripting events.
    ProxyHTMLExtended On|Off Off svdB
    Determines whether to fix links in inline scripts, stylesheets, and scripting events.
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of +
    ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
    Fixes for simple HTML errors.
    ProxyHTMLInterp On|Off Off svdB
    Enables per-request interpolation of ProxyHTMLURLMap rules.
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML +
    ProxyHTMLLinks element attribute [attribute2 ...]svdB
    Specify HTML elements that have URL attributes to be rewritten.
    ProxyHTMLMeta On|Off Off svdB
    Turns on or off extra pre-parsing of metadata in HTML <head> sections.
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched +
    ProxyHTMLStripComments On|Off Off svdB
    Determines whether to strip HTML comments.
    ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
    Defines a rule to rewrite HTML links
    ProxyIOBufferSize bytes 8192 svE
    Determine size of internal data throughput buffer
    <ProxyMatch regex> ...</ProxyMatch>svE
    Container for directives applied to regular-expression-matched proxied resources
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded +
    ProxyMaxForwards number -1 svE
    Maximium number of proxies that a request can be forwarded through
    ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url -[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse +
    ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdE
    Maps remote servers into the local server URL-space
    ProxyPassInherit On|Off On svE
    Inherit ProxyPass directives defined from the main server
    ProxyPassInterpolateEnv On|Off Off svdE
    Enable Environment Variable interpolation in Reverse Proxy configurations
    ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdE
    Maps remote servers into the local server URL-space using regular expressions
    ProxyPassReverse [path] url +[interpolate]svdE
    Adjusts the URL in HTTP response headers sent from a reverse proxied server
    ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdE
    Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
    ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- +
    ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdE
    Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy +
    ProxyPreserveHost On|Off Off svdE
    Use incoming Host HTTP request header for proxy request
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP +
    ProxyReceiveBufferSize bytes 0 svE
    Network buffer size for proxied HTTP and FTP connections
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular +
    ProxyRemote match remote-serversvE
    Remote proxy used to handle certain requests
    ProxyRemoteMatch regex remote-serversvE
    Remote proxy used to handle requests matched by regular expressions
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the +
    ProxyRequests On|Off Off svE
    Enables forward (standard) proxy requests
    ProxySCGIInternalRedirect On|Off|Headername On svdE
    Enable or disable internal redirect responses from the backend
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response +
    ProxySCGISendfile On|Off|Headername Off svdE
    Enable evaluation of X-Sendfile pseudo response header
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response +
    ProxySet url key=value [key=value ...]dE
    Set various Proxy balancer or member parameters
    ProxySourceAddress addresssvE
    Set local IP address for outgoing proxy connections
    ProxyStatus Off|On|Full Off svE
    Show Proxy LoadBalancer status in mod_status
    ProxyTimeout secondssvE
    Network timeout for proxied requests
    ProxyVia On|Off|Full|Block Off svE
    Information provided in the Via HTTP response header for proxied requests
    QualifyRedirectURL ON|OFF OFF svdC
    Controls whether the REDIRECT_URL environment variable is -fully qualified
    ReadmeName filenamesvdhB
    Name of the file that will be inserted at the end +
    QualifyRedirectURL ON|OFF OFF svdC
    Controls whether the REDIRECT_URL environment variable is + fully qualified
    ReadmeName filenamesvdhB
    Name of the file that will be inserted at the end of the index listing
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] [URL-path] -URLsvdhB
    Sends an external redirect asking the client to fetch +
    ReceiveBufferSize bytes 0 sM
    TCP receive buffer size
    Redirect [status] [URL-path] +URLsvdhB
    Sends an external redirect asking the client to fetch a different URL
    RedirectMatch [status] regex -URLsvdhB
    Sends an external redirect based on a regular expression match +
    RedirectMatch [status] regex +URLsvdhB
    Sends an external redirect based on a regular expression match of the current URL
    RedirectPermanent URL-path URLsvdhB
    Sends an external permanent redirect asking the client to fetch +
    RedirectPermanent URL-path URLsvdhB
    Sends an external permanent redirect asking the client to fetch a different URL
    RedirectTemp URL-path URLsvdhB
    Sends an external temporary redirect asking the client to fetch +
    RedirectTemp URL-path URLsvdhB
    Sends an external temporary redirect asking the client to fetch a different URL
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] -...vdhB
    Removes any character set associations for a set of file +
    ReflectorHeader inputheader [outputheader]svdhB
    Reflect an input header to the output headers
    RemoteIPHeader header-fieldsvB
    Declare the header field which should be parsed for useragent IP addresses
    RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPInternalProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPProxiesHeader HeaderFieldNamesvB
    Declare the header field which will record all intermediate IP addresses
    RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoteIPTrustedProxyList filenamesvB
    Declare client intranet IP addresses trusted to present the RemoteIPHeader value
    RemoveCharset extension [extension] +...vdhB
    Removes any character set associations for a set of file extensions
    RemoveEncoding extension [extension] -...vdhB
    Removes any content encoding associations for a set of file +
    RemoveEncoding extension [extension] +...vdhB
    Removes any content encoding associations for a set of file extensions
    RemoveHandler extension [extension] -...vdhB
    Removes any handler associations for a set of file +
    RemoveHandler extension [extension] +...vdhB
    Removes any handler associations for a set of file extensions
    RemoveInputFilter extension [extension] -...vdhB
    Removes any input filter associations for a set of file +
    RemoveInputFilter extension [extension] +...vdhB
    Removes any input filter associations for a set of file extensions
    RemoveLanguage extension [extension] -...vdhB
    Removes any language associations for a set of file +
    RemoveLanguage extension [extension] +...vdhB
    Removes any language associations for a set of file extensions
    RemoveOutputFilter extension [extension] -...vdhB
    Removes any output filter associations for a set of file +
    RemoveOutputFilter extension [extension] +...vdhB
    Removes any output filter associations for a set of file extensions
    RemoveType extension [extension] -...vdhB
    Removes any content type associations for a set of file +
    RemoveType extension [extension] +...vdhB
    Removes any content type associations for a set of file extensions
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset +
    RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] -svdhE
    Configure HTTP request headers
    RequestReadTimeout +svdhE
    Configure HTTP request headers
    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svE
    Set timeout values for receiving request headers and body from client. +svE
    Set timeout values for receiving request headers and body from client.
    Require [not] entity-name - [entity-name] ...dhB
    Tests whether an authenticated user is authorized by +
    Require [not] entity-name + [entity-name] ...dhB
    Tests whether an authenticated user is authorized by an authorization provider.
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none +
    <RequireAll> ... </RequireAll>dhB
    Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one +
    <RequireAny> ... </RequireAny>dhB
    Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none +
    <RequireNone> ... </RequireNone>dhB
    Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond - TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place +
    RewriteBase URL-pathdhE
    Sets the base URL for per-directory rewrites
    RewriteCond + TestString CondPatternsvdhE
    Defines a condition under which rewriting will take place
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource - MapTypeOptions -svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule - Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched +
    RewriteEngine on|off off svdhE
    Enables or disables runtime rewriting engine
    RewriteMap MapName MapType:MapSource +svE
    Defines a mapping function for key-lookup
    RewriteOptions OptionssvdhE
    Sets some special options for the rewrite engine
    RewriteRule + Pattern Substitution [flags]svdhE
    Defines rules for the rewriting engine
    RLimitCPU seconds|max [seconds|max]svdhC
    Limits the CPU consumption of processes launched by Apache httpd children
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched +
    RLimitMEM bytes|max [bytes|max]svdhC
    Limits the memory consumption of processes launched by Apache httpd children
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by +
    RLimitNPROC number|max [number|max]svdhC
    Limits the number of processes that can be launched by processes launched by Apache httpd children
    Satisfy Any|All All dhE
    Interaction between host-level access control and +
    Satisfy Any|All All dhE
    Interaction between host-level access control and user authentication
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for +
    ScoreBoardFile file-path logs/apache_runtime +sM
    Location of the file used to store coordination data for the child processes
    Script method cgi-scriptsvdB
    Activates a CGI script for a particular request +
    Script method cgi-scriptsvdB
    Activates a CGI script for a particular request method.
    ScriptAlias [URL-path] -file-path|directory-pathsvdB
    Maps a URL to a filesystem location and designates the +
    ScriptAlias [URL-path] +file-path|directory-pathsvdB
    Maps a URL to a filesystem location and designates the target as a CGI script
    ScriptAliasMatch regex -file-path|directory-pathsvB
    Maps a URL to a filesystem location using a regular expression +
    ScriptAliasMatch regex +file-path|directory-pathsvB
    Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI +
    ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
    Technique for locating the interpreter for CGI scripts
    ScriptLog file-pathsvB
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 svB
    Maximum amount of PUT or POST requests that will be recorded +
    ScriptLog file-pathsvB
    Location of the CGI script error logfile
    ScriptLogBuffer bytes 1024 svB
    Maximum amount of PUT or POST requests that will be recorded in the scriptlog
    ScriptLogLength bytes 10385760 svB
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sB
    The filename prefix of the socket to use for communication with +
    ScriptLogLength bytes 10385760 svB
    Size limit of the CGI script logfile
    ScriptSock file-path cgisock sB
    The filename prefix of the socket to use for communication with the cgi daemon
    SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters +
    SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sB
    Enables SSL encryption for the specified port
    SeeRequestTail On|Off Off sC
    Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error +
    SendBufferSize bytes 0 sM
    TCP buffer size
    ServerAdmin email-address|URLsvC
    Email address that the server includes in error messages sent to the client
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests +
    ServerAlias hostname [hostname] ...vC
    Alternate names for a host used when matching requests to name-virtual hosts
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify +
    ServerLimit numbersM
    Upper limit on configurable number of processes
    ServerName [scheme://]fully-qualified-domain-name[:port]svC
    Hostname and port that the server uses to identify itself
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that +
    ServerPath URL-pathvC
    Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response +
    ServerRoot directory-path /usr/local/apache sC
    Base directory for the server installation
    ServerSignature On|Off|EMail Off svdhC
    Configures the footer on server-generated documents
    ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
    Configures the Server HTTP response header
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the +
    Session On|Off Off svdhE
    Enables a session for the current directory or location
    SessionCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session
    SessionCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session
    SessionCookieRemove On|Off Off svdhE
    Control for whether session cookies should be removed from incoming HTTP headers
    SessionCryptoCipher namesvdhX
    The crypto cipher to be used to encrypt the session
    SessionCryptoDriver name [param[=value]]sX
    The crypto driver to be used to encrypt the session
    SessionCryptoPassphrase secret [ secret ... ] svdhX
    The key used to encrypt the session
    SessionCryptoPassphraseFile filenamesvdX
    File containing keys used to encrypt the session
    SessionDBDCookieName name attributessvdhE
    Name and attributes for the RFC2109 cookie storing the session ID
    SessionDBDCookieName2 name attributessvdhE
    Name and attributes for the RFC2965 cookie storing the session ID
    SessionDBDCookieRemove On|Off On svdhE
    Control for whether session ID cookies should be removed from incoming HTTP headers
    SessionDBDDeleteLabel label deletesession svdhE
    The SQL query to use to remove sessions from the database
    SessionDBDInsertLabel label insertsession svdhE
    The SQL query to use to insert sessions into the database
    SessionDBDPerUser On|Off Off svdhE
    Enable a per user session
    SessionDBDSelectLabel label selectsession svdhE
    The SQL query to use to select sessions from the database
    SessionDBDUpdateLabel label updatesession svdhE
    The SQL query to use to update existing sessions in the database
    SessionEnv On|Off Off svdhE
    Control whether the contents of the session are written to the HTTP_SESSION environment variable
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable [value]svdhB
    Sets environment variables
    SetEnvIf attribute +
    SessionExclude pathsvdhE
    Define URL prefixes for which a session is ignored
    SessionHeader headersvdhE
    Import session updates from a given HTTP response header
    SessionInclude pathsvdhE
    Define URL prefixes for which a session is valid
    SessionMaxAge maxage 0 svdhE
    Define a maximum age in seconds for a session
    SetEnv env-variable [value]svdhB
    Sets environment variables
    SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request
    SetEnvIfExpr expr +
    SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on an ap_expr expression
    SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhB
    Sets environment variables based on attributes of the request without respect to case
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a +
    SetHandler handler-name|NonesvdhC
    Forces all matching files to be processed by a handler
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST +
    SetInputFilter filter[;filter...]svdhC
    Sets the filters that will process client requests and POST input
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the +
    SetOutputFilter filter[;filter...]svdhC
    Sets the filters that will process responses from the server
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI +
    SSIEndTag tag "-->" svB
    String that ends an include element
    SSIErrorMsg message "[an error occurred +svdhB
    Error message displayed when there is an SSI error
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the +
    SSIETag on|off off dhB
    Controls whether ETags are generated by the server.
    SSILastModified on|off off dhB
    Controls whether Last-Modified headers are generated by the server.
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are +
    SSILegacyExprParser on|off off dhB
    Enable compatibility mode for conditional expressions.
    SSIStartTag tag "<!--#" svB
    String that starts an include element
    SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
    Configures the format in which date strings are displayed
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSIUndefinedEcho string "(none)" svdhB
    String displayed when an unset variable is echoed
    SSLCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Client Auth
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Client Auth
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLCADNRequestFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLCADNRequestPath directory-pathsvE
    Directory of PEM-encoded CA Certificates for defining acceptable CA names
    SSLCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLCARevocationCheck chain|leaf|none flags none svE
    Enable CRL-based revocation checking
    SSLCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Client Auth
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Client Auth
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLCertificateChainFile file-pathsvE
    File of PEM-encoded Server CA Certificates
    SSLCertificateFile file-pathsvE
    Server PEM-encoded X.509 certificate data file
    SSLCertificateKeyFile file-pathsvE
    Server PEM-encoded private key file
    SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
    Cipher Suite available for negotiation in SSL handshake
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPProxyURL urlsvE
    Proxy URL to use for OCSP requests
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private +
    SSLCompression on|off off svE
    Enable compression on the SSL level
    SSLCryptoDevice engine builtin sE
    Enable use of a cryptographic hardware accelerator
    SSLEngine on|off|optional off svE
    SSL Engine Operation Switch
    SSLFIPS on|off off sE
    SSL FIPS mode Switch
    SSLHonorCipherOrder on|off off svE
    Option to prefer the server's cipher preference order
    SSLInsecureRenegotiation on|off off svE
    Option to enable support for insecure renegotiation
    SSLOCSDefaultResponder urisvE
    Set the default responder URI for OCSP validation
    SSLOCSPEnable on|off off svE
    Enable OCSP validation of the client certificate chain
    SSLOCSPOverrideResponder on|off off svE
    Force use of the default responder URI for OCSP validation
    SSLOCSPProxyURL urlsvE
    Proxy URL to use for OCSP requests
    SSLOCSPResponderTimeout seconds 10 svE
    Timeout for OCSP queries
    SSLOCSPResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP responses
    SSLOCSPResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP response validation
    SSLOCSPUseRequestNonce on|off on svE
    Use a nonce within OCSP queries
    SSLOpenSSLConfCmd command-name command-valuesvE
    Configure OpenSSL parameters through its SSL_CONF API
    SSLOptions [+|-]option ...svdhE
    Configure various SSL engine run-time options
    SSLPassPhraseDialog type builtin sE
    Type of pass phrase dialog for encrypted private keys
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates +
    SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL/TLS protocol versions
    SSLProxyCACertificateFile file-pathsvE
    File of concatenated PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for +
    SSLProxyCACertificatePath directory-pathsvE
    Directory of PEM-encoded CA Certificates for Remote Server Auth
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for +
    SSLProxyCARevocationCheck chain|leaf|none none svE
    Enable CRL-based revocation checking for Remote Server Auth
    SSLProxyCARevocationFile file-pathsvE
    File of concatenated PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for +
    SSLProxyCARevocationPath directory-pathsvE
    Directory of PEM-encoded CA CRLs for Remote Server Auth
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field +
    SSLProxyCheckPeerCN on|off on svE
    Whether to check the remote server certificate's CN field
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired +
    SSLProxyCheckPeerExpire on|off on svE
    Whether to check if remote server certificate is expired
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates +
    SSLProxyCheckPeerName on|off on svE
    Configure host name checking for remote server certificates
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL +
    SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhE
    Cipher Suite available for negotiation in SSL proxy handshake
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server +
    SSLProxyEngine on|off off svE
    SSL Proxy Engine Operation Switch
    SSLProxyMachineCertificateChainFile filenamesE
    File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
    SSLProxyMachineCertificateFile filenamesE
    File of concatenated PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyMachineCertificatePath directorysE
    Directory of PEM-encoded client certificates and keys to be used by the proxy
    SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
    Configure usable SSL protocol flavors for proxy usage
    SSLProxyVerify level none svE
    Type of remote server Certificate verification
    SSLProxyVerifyDepth number 1 svE
    Maximum depth of CA Certificates in Remote Server Certificate verification
    SSLRandomSeed context source -[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding +
    SSLRandomSeed context source +[bytes]sE
    Pseudo Random Number Generator (PRNG) seeding source
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex +
    SSLRenegBufferSize bytes 131072 dhE
    Set the size for the SSL renegotiation buffer
    SSLRequire expressiondhE
    Allow access only when an arbitrarily complex boolean expression is true
    SSLRequireSSLdhE
    Deny access when SSL is not used for the +
    SSLRequireSSLdhE
    Deny access when SSL is not used for the HTTP request
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session +
    SSLSessionCache type none sE
    Type of the global/inter-process SSL Session Cache
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires +
    SSLSessionCacheTimeout seconds 300 svE
    Number of seconds before an SSL session expires in the Session Cache
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual +
    SSLSessionTicketKeyFile file-pathsvE
    Persistent encryption/decryption key for TLS session tickets
    SSLSessionTickets on|off on svE
    Enable or disable use of TLS session tickets
    SSLSRPUnknownUserSeed secret-stringsvE
    SRP unknown user seed
    SSLSRPVerifierFile file-pathsvE
    Path to SRP verifier file
    SSLStaplingCache typesE
    Configures the OCSP stapling cache
    SSLStaplingErrorCacheTimeout seconds 600 svE
    Number of seconds before expiring invalid responses in the OCSP stapling cache
    SSLStaplingFakeTryLater on|off on svE
    Synthesize "tryLater" responses for failed OCSP stapling queries
    SSLStaplingForceURL urisvE
    Override the OCSP responder URI specified in the certificate's AIA extension
    SSLStaplingResponderTimeout seconds 10 svE
    Timeout for OCSP stapling queries
    SSLStaplingResponseMaxAge seconds -1 svE
    Maximum allowable age for OCSP stapling responses
    SSLStaplingResponseTimeSkew seconds 300 svE
    Maximum allowable time skew for OCSP stapling response validation
    SSLStaplingReturnResponderErrors on|off on svE
    Pass stapling related OCSP errors on to client
    SSLStaplingStandardCacheTimeout seconds 3600 svE
    Number of seconds before expiring responses in the OCSP stapling cache
    SSLStrictSNIVHostCheck on|off off svE
    Whether to allow non-SNI clients to access a name-based virtual host.
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client +
    SSLUserName varnamesdhE
    Variable name to determine user name
    SSLUseStapling on|off off svE
    Enable stapling of OCSP responses in the TLS handshake
    SSLVerifyClient level none svdhE
    Type of Client Certificate verification
    SSLVerifyDepth number 1 svdhE
    Maximum depth of CA Certificates in Client Certificate verification
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsB
    Enable or disable the suEXEC feature
    SuexecUserGroup User GroupsvE
    User and group for CGI programs to run as
    ThreadLimit numbersM
    Sets the upper limit on the configurable number of threads +
    StartServers numbersM
    Number of child server processes created at startup
    StartThreads numbersM
    Number of threads created on startup
    Substitute s/pattern/substitution/[infq]dhE
    Pattern to filter the response content
    SubstituteInheritBefore on|off off dhE
    Change the merge order of inherited patterns
    SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
    Set the maximum line size
    Suexec On|OffsB
    Enable or disable the suEXEC feature
    SuexecUserGroup User GroupsvE
    User and group for CGI programs to run as
    ThreadLimit numbersM
    Sets the upper limit on the configurable number of threads per child process
    ThreadsPerChild numbersM
    Number of threads created by each child process
    ThreadStackSize sizesM
    The size in bytes of the stack used by threads handling +
    ThreadsPerChild numbersM
    Number of threads created by each child process
    ThreadStackSize sizesM
    The size in bytes of the stack used by threads handling client connections
    TimeOut seconds 60 svC
    Amount of time the server will wait for +
    TimeOut seconds 60 svC
    Amount of time the server will wait for certain events before failing a request
    TraceEnable [on|off|extended] on sC
    Determines the behaviour on TRACE requests
    TransferLog file|pipesvB
    Specify location of a log file
    TypesConfig file-path conf/mime.types sB
    The location of the mime.types file
    UnDefine parameter-namesC
    Undefine the existence of a variable
    UndefMacro namesvdB
    Undefine a macro
    UnsetEnv env-variable [env-variable] -...svdhB
    Removes variables from the environment
    Use name [value1 ... valueN] -svdB
    Use a macro
    UseCanonicalName On|Off|DNS Off svdC
    Configures how the server determines its own name and +
    TraceEnable [on|off|extended] on sC
    Determines the behaviour on TRACE requests
    TransferLog file|pipesvB
    Specify location of a log file
    TypesConfig file-path conf/mime.types sB
    The location of the mime.types file
    UnDefine parameter-namesC
    Undefine the existence of a variable
    UndefMacro namesvdB
    Undefine a macro
    UnsetEnv env-variable [env-variable] +...svdhB
    Removes variables from the environment
    Use name [value1 ... valueN] +svdB
    Use a macro
    UseCanonicalName On|Off|DNS Off svdC
    Configures how the server determines its own name and port
    UseCanonicalPhysicalPort On|Off Off svdC
    Configures how the server determines its own name and +
    UseCanonicalPhysicalPort On|Off Off svdC
    Configures how the server determines its own name and port
    User unix-userid #-1 sB
    The userid under which the server will answer +
    User unix-userid #-1 sB
    The userid under which the server will answer requests
    UserDir directory-filename [directory-filename] ... -svB
    Location of the user-specific directories
    VHostCGIMode On|Off|Secure On vX
    Determines whether the virtualhost can run +
    UserDir directory-filename [directory-filename] ... +svB
    Location of the user-specific directories
    VHostCGIMode On|Off|Secure On vX
    Determines whether the virtualhost can run subprocesses, and the privileges available to subprocesses.
    VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
    Assign arbitrary privileges to subprocesses created +
    VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
    Assign arbitrary privileges to subprocesses created by a virtual host.
    VHostGroup unix-groupidvX
    Sets the Group ID under which a virtual host runs.
    VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
    Assign arbitrary privileges to a virtual host.
    VHostSecure On|Off On vX
    Determines whether the server runs with enhanced security +
    VHostGroup unix-groupidvX
    Sets the Group ID under which a virtual host runs.
    VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
    Assign arbitrary privileges to a virtual host.
    VHostSecure On|Off On vX
    Determines whether the server runs with enhanced security for the virtualhost.
    VHostUser unix-useridvX
    Sets the User ID under which a virtual host runs.
    VirtualDocumentRoot interpolated-directory|none none svE
    Dynamically configure the location of the document root +
    VHostUser unix-useridvX
    Sets the User ID under which a virtual host runs.
    VirtualDocumentRoot interpolated-directory|none none svE
    Dynamically configure the location of the document root for a given virtual host
    VirtualDocumentRootIP interpolated-directory|none none svE
    Dynamically configure the location of the document root +
    VirtualDocumentRootIP interpolated-directory|none none svE
    Dynamically configure the location of the document root for a given virtual host
    <VirtualHost +
    <VirtualHost addr[:port] [addr[:port]] - ...> ... </VirtualHost>sC
    Contains directives that apply only to a specific + ...> ... </VirtualHost>sC
    Contains directives that apply only to a specific hostname or IP address
    VirtualScriptAlias interpolated-directory|none none svE
    Dynamically configure the location of the CGI directory for +
    VirtualScriptAlias interpolated-directory|none none svE
    Dynamically configure the location of the CGI directory for a given virtual host
    VirtualScriptAliasIP interpolated-directory|none none svE
    Dynamically configure the location of the CGI directory for +
    VirtualScriptAliasIP interpolated-directory|none none svE
    Dynamically configure the location of the CGI directory for a given virtual host
    WatchdogInterval number-of-seconds 1 sB
    Watchdog interval in seconds
    XBitHack on|off|full off svdhB
    Parse SSI directives in files with the execute bit +
    WatchdogInterval number-of-seconds 1 sB
    Watchdog interval in seconds
    XBitHack on|off|full off svdhB
    Parse SSI directives in files with the execute bit set
    xml2EncAlias charset alias [alias ...]sB
    Recognise Aliases for encoding values
    xml2EncDefault namesvdhB
    Sets a default encoding to assume when absolutely no information +
    xml2EncAlias charset alias [alias ...]sB
    Recognise Aliases for encoding values
    xml2EncDefault namesvdhB
    Sets a default encoding to assume when absolutely no information can be automatically detected
    xml2StartParse element [element ...]svdhB
    Advise the parser to skip leading junk.
    xml2StartParse element [element ...]svdhB
    Advise the parser to skip leading junk.

    Idiomas disponibles:  de  | @@ -1136,8 +1136,8 @@ var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/quickreference.h } })(window, document); //-->