diff -Nru apache2-2.4.33/build/installwinconf.awk apache2-2.4.34/build/installwinconf.awk --- apache2-2.4.33/build/installwinconf.awk 2018-02-19 11:18:12.000000000 +0000 +++ apache2-2.4.34/build/installwinconf.awk 2018-06-24 15:41:59.000000000 +0000 @@ -156,8 +156,8 @@ print "#LoadModule log_debug_module modules/mod_log_debug.so" > dstfl; print "#LoadModule log_forensic_module modules/mod_log_forensic.so" > dstfl; print "#LoadModule lua_module modules/mod_lua.so" > dstfl; - print "#LoadModule md_module modules/mod_md.so" > dstfl; print "#LoadModule macro_module modules/mod_macro.so" > dstfl; + print "#LoadModule md_module modules/mod_md.so" > dstfl; print "LoadModule mime_module modules/mod_mime.so" > dstfl; print "#LoadModule mime_magic_module modules/mod_mime_magic.so" > dstfl; print "LoadModule negotiation_module modules/mod_negotiation.so" > dstfl; @@ -205,15 +205,19 @@ print "#LoadModule xml2enc_module modules/mod_xml2enc.so" > dstfl; continue; } - gsub( /@@ServerRoot@@/, serverroot ); - gsub( /@exp_cgidir@/, serverroot "/cgi-bin" ); - gsub( /@exp_sysconfdir@/, serverroot "/conf" ); - gsub( /@exp_errordir@/, serverroot "/error" ); - gsub( /@exp_htdocsdir@/, serverroot "/htdocs" ); - gsub( /@exp_iconsdir@/, serverroot "/icons" ); - gsub( /@exp_manualdir@/, serverroot "/manual" ); - gsub( /@exp_runtimedir@/, serverroot "/logs" ); - if ( gsub( /@exp_logfiledir@/, serverroot "/logs" ) || + if ( /^ServerRoot / ) { + print "Define SRVROOT \"" serverroot "\"" > dstfl; + print "" > dstfl; + } + gsub( /@@ServerRoot@@/, "\${SRVROOT}" ); + gsub( /@exp_cgidir@/, "\${SRVROOT}" "/cgi-bin" ); + gsub( /@exp_sysconfdir@/, "\${SRVROOT}" "/conf" ); + gsub( /@exp_errordir@/, "\${SRVROOT}" "/error" ); + gsub( /@exp_htdocsdir@/, "\${SRVROOT}" "/htdocs" ); + gsub( /@exp_iconsdir@/, "\${SRVROOT}" "/icons" ); + gsub( /@exp_manualdir@/, "\${SRVROOT}" "/manual" ); + gsub( /@exp_runtimedir@/, "\${SRVROOT}" "/logs" ); + if ( gsub( /@exp_logfiledir@/, "\${SRVROOT}" "/logs" ) || gsub( /@rel_logfiledir@/, "logs" ) ) { gsub( /_log"/, ".log\"" ) } diff -Nru apache2-2.4.33/build/ltmain.sh apache2-2.4.34/build/ltmain.sh --- apache2-2.4.33/build/ltmain.sh 2018-03-17 23:41:52.000000000 +0000 +++ apache2-2.4.34/build/ltmain.sh 2018-07-10 13:55:12.000000000 +0000 @@ -1,9 +1,12 @@ +#! /bin/sh +## DO NOT EDIT - This file generated from ./build-aux/ltmain.in +## by inline-source v2014-01-03.01 -# libtool (GNU libtool) 2.4.2 +# libtool (GNU libtool) 2.4.6 +# Provide generalized library-building support services. # Written by Gordon Matzigkeit , 1996 -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. +# Copyright (C) 1996-2015 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -23,881 +26,2112 @@ # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, -# or obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# along with this program. If not, see . -# Usage: $progname [OPTION]... [MODE-ARG]... -# -# Provide generalized library-building support services. -# -# --config show all configuration variables -# --debug enable verbose shell tracing -# -n, --dry-run display commands without modifying any files -# --features display basic configuration information and exit -# --mode=MODE use operation mode MODE -# --preserve-dup-deps don't remove duplicate dependency libraries -# --quiet, --silent don't print informational messages -# --no-quiet, --no-silent -# print informational messages (default) -# --no-warn don't display warning messages -# --tag=TAG use configuration variables from tag TAG -# -v, --verbose print more informational messages than default -# --no-verbose don't print the extra informational messages -# --version print version information -# -h, --help, --help-all print short, long, or detailed help message -# -# MODE must be one of the following: -# -# clean remove files from the build directory -# compile compile a source file into a libtool object -# execute automatically set library path, then run a program -# finish complete the installation of libtool libraries -# install install libraries or executables -# link create a library or an executable -# uninstall remove libraries from an installed directory -# -# MODE-ARGS vary depending on the MODE. When passed as first option, -# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that. -# Try `$progname --help --mode=MODE' for a more detailed description of MODE. -# -# When reporting a bug, please describe a test case to reproduce it and -# include the following information: -# -# host-triplet: $host -# shell: $SHELL -# compiler: $LTCC -# compiler flags: $LTCFLAGS -# linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.11 -# automake: $automake_version -# autoconf: $autoconf_version -# -# Report bugs to . -# GNU libtool home page: . -# General help using GNU software: . PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.2 Debian-2.4.2-1.11" -TIMESTAMP="" -package_revision=1.3337 +VERSION=2.4.6 +package_revision=2.4.6 -# Be Bourne compatible -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + +## ------ ## +## Usage. ## +## ------ ## + +# Run './libtool --help' for help with using this script from the +# command line. + + +## ------------------------------- ## +## User overridable command paths. ## +## ------------------------------- ## + +# After configure completes, it has a better idea of some of the +# shell tools we need than the defaults used by the functions shared +# with bootstrap, so set those here where they can still be over- +# ridden by the user, but otherwise take precedence. + +: ${AUTOCONF="autoconf"} +: ${AUTOMAKE="automake"} + + +## -------------------------- ## +## Source external libraries. ## +## -------------------------- ## + +# Much of our low-level functionality needs to be sourced from external +# libraries, which are installed to $pkgauxdir. + +# Set a version string for this script. +scriptversion=2015-01-20.17; # UTC + +# General shell script boiler plate, and helper functions. +# Written by Gary V. Vaughan, 2004 + +# Copyright (C) 2004-2015 Free Software Foundation, Inc. +# This is free software; see the source for copying conditions. There is NO +# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. + +# As a special exception to the GNU General Public License, if you distribute +# this file as part of a program or library that is built using GNU Libtool, +# you may include this file under the same distribution terms that you use +# for the rest of that program. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNES FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Please report bugs or propose patches to gary@gnu.org. + + +## ------ ## +## Usage. ## +## ------ ## + +# Evaluate this file near the top of your script to gain access to +# the functions and variables defined here: +# +# . `echo "$0" | ${SED-sed} 's|[^/]*$||'`/build-aux/funclib.sh +# +# If you need to override any of the default environment variable +# settings, do that before evaluating this file. + + +## -------------------- ## +## Shell normalisation. ## +## -------------------- ## + +# Some shells need a little help to be as Bourne compatible as possible. +# Before doing anything else, make sure all that help has been provided! + +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in *posix*) set -o posix ;; esac fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' -} -# NLS nuisances: We save the old values to restore during execute mode. -lt_user_locale= -lt_safe_locale= -for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES +# NLS nuisances: We save the old values in case they are required later. +_G_user_locale= +_G_safe_locale= +for _G_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES do - eval "if test \"\${$lt_var+set}\" = set; then - save_$lt_var=\$$lt_var - $lt_var=C - export $lt_var - lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\" - lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\" + eval "if test set = \"\${$_G_var+set}\"; then + save_$_G_var=\$$_G_var + $_G_var=C + export $_G_var + _G_user_locale=\"$_G_var=\\\$save_\$_G_var; \$_G_user_locale\" + _G_safe_locale=\"$_G_var=C; \$_G_safe_locale\" fi" done -LC_ALL=C -LANGUAGE=C -export LANGUAGE LC_ALL -$lt_unset CDPATH +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +# Make sure IFS has a sensible default +sp=' ' +nl=' +' +IFS="$sp $nl" +# There are apparently some retarded systems that use ';' as a PATH separator! +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi -# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh -# is ksh but when the shell is invoked as "sh" and the current value of -# the _XPG environment variable is not equal to 1 (one), the special -# positional parameter $0, within a function call, is the name of the -# function. -progpath="$0" +## ------------------------- ## +## Locate command utilities. ## +## ------------------------- ## + + +# func_executable_p FILE +# ---------------------- +# Check that FILE is an executable regular file. +func_executable_p () +{ + test -f "$1" && test -x "$1" +} + + +# func_path_progs PROGS_LIST CHECK_FUNC [PATH] +# -------------------------------------------- +# Search for either a program that responds to --version with output +# containing "GNU", or else returned by CHECK_FUNC otherwise, by +# trying all the directories in PATH with each of the elements of +# PROGS_LIST. +# +# CHECK_FUNC should accept the path to a candidate program, and +# set $func_check_prog_result if it truncates its output less than +# $_G_path_prog_max characters. +func_path_progs () +{ + _G_progs_list=$1 + _G_check_func=$2 + _G_PATH=${3-"$PATH"} + + _G_path_prog_max=0 + _G_path_prog_found=false + _G_save_IFS=$IFS; IFS=${PATH_SEPARATOR-:} + for _G_dir in $_G_PATH; do + IFS=$_G_save_IFS + test -z "$_G_dir" && _G_dir=. + for _G_prog_name in $_G_progs_list; do + for _exeext in '' .EXE; do + _G_path_prog=$_G_dir/$_G_prog_name$_exeext + func_executable_p "$_G_path_prog" || continue + case `"$_G_path_prog" --version 2>&1` in + *GNU*) func_path_progs_result=$_G_path_prog _G_path_prog_found=: ;; + *) $_G_check_func $_G_path_prog + func_path_progs_result=$func_check_prog_result + ;; + esac + $_G_path_prog_found && break 3 + done + done + done + IFS=$_G_save_IFS + test -z "$func_path_progs_result" && { + echo "no acceptable sed could be found in \$PATH" >&2 + exit 1 + } +} + + +# We want to be able to use the functions in this file before configure +# has figured out where the best binaries are kept, which means we have +# to search for them ourselves - except when the results are already set +# where we skip the searches. + +# Unless the user overrides by setting SED, search the path for either GNU +# sed, or the sed that truncates its output the least. +test -z "$SED" && { + _G_sed_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for _G_i in 1 2 3 4 5 6 7; do + _G_sed_script=$_G_sed_script$nl$_G_sed_script + done + echo "$_G_sed_script" 2>/dev/null | sed 99q >conftest.sed + _G_sed_script= + + func_check_prog_sed () + { + _G_path_prog=$1 + + _G_count=0 + printf 0123456789 >conftest.in + while : + do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo '' >> conftest.nl + "$_G_path_prog" -f conftest.sed conftest.out 2>/dev/null || break + diff conftest.out conftest.nl >/dev/null 2>&1 || break + _G_count=`expr $_G_count + 1` + if test "$_G_count" -gt "$_G_path_prog_max"; then + # Best one so far, save it but keep looking for a better one + func_check_prog_result=$_G_path_prog + _G_path_prog_max=$_G_count + fi + # 10*(2^10) chars as input seems more than enough + test 10 -lt "$_G_count" && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out + } + + func_path_progs "sed gsed" func_check_prog_sed $PATH:/usr/xpg4/bin + rm -f conftest.sed + SED=$func_path_progs_result +} + + +# Unless the user overrides by setting GREP, search the path for either GNU +# grep, or the grep that truncates its output the least. +test -z "$GREP" && { + func_check_prog_grep () + { + _G_path_prog=$1 + + _G_count=0 + _G_path_prog_max=0 + printf 0123456789 >conftest.in + while : + do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo 'GREP' >> conftest.nl + "$_G_path_prog" -e 'GREP$' -e '-(cannot match)-' conftest.out 2>/dev/null || break + diff conftest.out conftest.nl >/dev/null 2>&1 || break + _G_count=`expr $_G_count + 1` + if test "$_G_count" -gt "$_G_path_prog_max"; then + # Best one so far, save it but keep looking for a better one + func_check_prog_result=$_G_path_prog + _G_path_prog_max=$_G_count + fi + # 10*(2^10) chars as input seems more than enough + test 10 -lt "$_G_count" && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out + } + + func_path_progs "grep ggrep" func_check_prog_grep $PATH:/usr/xpg4/bin + GREP=$func_path_progs_result +} + + +## ------------------------------- ## +## User overridable command paths. ## +## ------------------------------- ## + +# All uppercase variable names are used for environment variables. These +# variables can be overridden by the user before calling a script that +# uses them if a suitable command of that name is not already available +# in the command search PATH. : ${CP="cp -f"} -test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} +: ${ECHO="printf %s\n"} +: ${EGREP="$GREP -E"} +: ${FGREP="$GREP -F"} +: ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} -: ${Xsed="$SED -e 1s/^X//"} - -# Global variables: -EXIT_SUCCESS=0 -EXIT_FAILURE=1 -EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. -EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. - -exit_status=$EXIT_SUCCESS - -# Make sure IFS has a sensible default -lt_nl=' -' -IFS=" $lt_nl" -dirname="s,/[^/]*$,," -basename="s,^.*/,," -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi -} # func_dirname may be replaced by extended shell implementation +## -------------------- ## +## Useful sed snippets. ## +## -------------------- ## +sed_dirname='s|/[^/]*$||' +sed_basename='s|^.*/||' -# func_basename file -func_basename () -{ - func_basename_result=`$ECHO "${1}" | $SED "$basename"` -} # func_basename may be replaced by extended shell implementation +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +sed_quote_subst='s|\([`"$\\]\)|\\\1|g' +# Same as above, but do not quote variable references. +sed_double_quote_subst='s/\(["`\\]\)/\\\1/g' -# func_dirname_and_basename file append nondir_replacement -# perform func_basename and func_dirname in a single function -# call: -# dirname: Compute the dirname of FILE. If nonempty, -# add APPEND to the result, otherwise set result -# to NONDIR_REPLACEMENT. -# value returned in "$func_dirname_result" -# basename: Compute filename of FILE. -# value retuned in "$func_basename_result" -# Implementation must be kept synchronized with func_dirname -# and func_basename. For efficiency, we do not delegate to -# those functions but instead duplicate the functionality here. -func_dirname_and_basename () -{ - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi - func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` -} # func_dirname_and_basename may be replaced by extended shell implementation +# Sed substitution that turns a string into a regex matching for the +# string literally. +sed_make_literal_regex='s|[].[^$\\*\/]|\\&|g' +# Sed substitution that converts a w32 file name or path +# that contains forward slashes, into one that contains +# (escaped) backslashes. A very naive implementation. +sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# func_strip_suffix prefix name -func_stripname () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} # func_stripname may be replaced by extended shell implementation +# Re-'\' parameter expansions in output of sed_double_quote_subst that +# were '\'-ed in input to the same. If an odd number of '\' preceded a +# '$' in input to sed_double_quote_subst, that '$' was protected from +# expansion. Since each input '\' is now two '\'s, look for any number +# of runs of four '\'s followed by two '\'s and then a '$'. '\' that '$'. +_G_bs='\\' +_G_bs2='\\\\' +_G_bs4='\\\\\\\\' +_G_dollar='\$' +sed_double_backslash="\ + s/$_G_bs4/&\\ +/g + s/^$_G_bs2$_G_dollar/$_G_bs&/ + s/\\([^$_G_bs]\\)$_G_bs2$_G_dollar/\\1$_G_bs2$_G_bs$_G_dollar/g + s/\n//g" -# These SED scripts presuppose an absolute path with a trailing slash. -pathcar='s,^/\([^/]*\).*$,\1,' -pathcdr='s,^/[^/]*,,' -removedotparts=':dotsl - s@/\./@/@g - t dotsl - s,/\.$,/,' -collapseslashes='s@/\{1,\}@/@g' -finalslash='s,/*$,/,' +## ----------------- ## +## Global variables. ## +## ----------------- ## + +# Except for the global variables explicitly listed below, the following +# functions in the '^func_' namespace, and the '^require_' namespace +# variables initialised in the 'Resource management' section, sourcing +# this file will not pollute your global namespace with anything +# else. There's no portable way to scope variables in Bourne shell +# though, so actually running these functions will sometimes place +# results into a variable named after the function, and often use +# temporary variables in the '^_G_' namespace. If you are careful to +# avoid using those namespaces casually in your sourcing script, things +# should continue to work as you expect. And, of course, you can freely +# overwrite any of the functions or variables defined here before +# calling anything to customize them. -# func_normal_abspath PATH -# Remove doubled-up and trailing slashes, "." path components, -# and cancel out any ".." path components in PATH after making -# it an absolute path. -# value returned in "$func_normal_abspath_result" -func_normal_abspath () -{ - # Start from root dir and reassemble the path. - func_normal_abspath_result= - func_normal_abspath_tpath=$1 - func_normal_abspath_altnamespace= - case $func_normal_abspath_tpath in - "") - # Empty path, that just means $cwd. - func_stripname '' '/' "`pwd`" - func_normal_abspath_result=$func_stripname_result - return - ;; - # The next three entries are used to spot a run of precisely - # two leading slashes without using negated character classes; - # we take advantage of case's first-match behaviour. - ///*) - # Unusual form of absolute path, do nothing. - ;; - //*) - # Not necessarily an ordinary path; POSIX reserves leading '//' - # and for example Cygwin uses it to access remote file shares - # over CIFS/SMB, so we conserve a leading double slash if found. - func_normal_abspath_altnamespace=/ - ;; - /*) - # Absolute path, do nothing. - ;; - *) - # Relative path, prepend $cwd. - func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath - ;; - esac - # Cancel out all the simple stuff to save iterations. We also want - # the path to end with a slash for ease of parsing, so make sure - # there is one (and only one) here. - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"` - while :; do - # Processed it all yet? - if test "$func_normal_abspath_tpath" = / ; then - # If we ascended to the root using ".." the result may be empty now. - if test -z "$func_normal_abspath_result" ; then - func_normal_abspath_result=/ - fi - break - fi - func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcar"` - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcdr"` - # Figure out what to do with it - case $func_normal_abspath_tcomponent in - "") - # Trailing empty path component, ignore it. - ;; - ..) - # Parent dir; strip last assembled component from result. - func_dirname "$func_normal_abspath_result" - func_normal_abspath_result=$func_dirname_result - ;; - *) - # Actual path component, append it. - func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent - ;; - esac - done - # Restore leading double-slash if one was found on entry. - func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result -} +EXIT_SUCCESS=0 +EXIT_FAILURE=1 +EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. +EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. -# func_relative_path SRCDIR DSTDIR -# generates a relative path from SRCDIR to DSTDIR, with a trailing -# slash if non-empty, suitable for immediately appending a filename -# without needing to append a separator. -# value returned in "$func_relative_path_result" -func_relative_path () -{ - func_relative_path_result= - func_normal_abspath "$1" - func_relative_path_tlibdir=$func_normal_abspath_result - func_normal_abspath "$2" - func_relative_path_tbindir=$func_normal_abspath_result - - # Ascend the tree starting from libdir - while :; do - # check if we have found a prefix of bindir - case $func_relative_path_tbindir in - $func_relative_path_tlibdir) - # found an exact match - func_relative_path_tcancelled= - break - ;; - $func_relative_path_tlibdir*) - # found a matching prefix - func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" - func_relative_path_tcancelled=$func_stripname_result - if test -z "$func_relative_path_result"; then - func_relative_path_result=. - fi - break - ;; - *) - func_dirname $func_relative_path_tlibdir - func_relative_path_tlibdir=${func_dirname_result} - if test "x$func_relative_path_tlibdir" = x ; then - # Have to descend all the way to the root! - func_relative_path_result=../$func_relative_path_result - func_relative_path_tcancelled=$func_relative_path_tbindir - break - fi - func_relative_path_result=../$func_relative_path_result - ;; - esac - done +# Allow overriding, eg assuming that you follow the convention of +# putting '$debug_cmd' at the start of all your functions, you can get +# bash to show function call trace with: +# +# debug_cmd='eval echo "${FUNCNAME[0]} $*" >&2' bash your-script-name +debug_cmd=${debug_cmd-":"} +exit_cmd=: - # Now calculate path; take care to avoid doubling-up slashes. - func_stripname '' '/' "$func_relative_path_result" - func_relative_path_result=$func_stripname_result - func_stripname '/' '/' "$func_relative_path_tcancelled" - if test "x$func_stripname_result" != x ; then - func_relative_path_result=${func_relative_path_result}/${func_stripname_result} - fi +# By convention, finish your script with: +# +# exit $exit_status +# +# so that you can set exit_status to non-zero if you want to indicate +# something went wrong during execution without actually bailing out at +# the point of failure. +exit_status=$EXIT_SUCCESS - # Normalisation. If bindir is libdir, return empty string, - # else relative path ending with a slash; either way, target - # file name can be directly appended. - if test ! -z "$func_relative_path_result"; then - func_stripname './' '' "$func_relative_path_result/" - func_relative_path_result=$func_stripname_result - fi -} +# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh +# is ksh but when the shell is invoked as "sh" and the current value of +# the _XPG environment variable is not equal to 1 (one), the special +# positional parameter $0, within a function call, is the name of the +# function. +progpath=$0 -# The name of this program: -func_dirname_and_basename "$progpath" -progname=$func_basename_result +# The name of this program. +progname=`$ECHO "$progpath" |$SED "$sed_basename"` -# Make sure we have an absolute path for reexecution: +# Make sure we have an absolute progpath for reexecution: case $progpath in [\\/]*|[A-Za-z]:\\*) ;; *[\\/]*) - progdir=$func_dirname_result + progdir=`$ECHO "$progpath" |$SED "$sed_dirname"` progdir=`cd "$progdir" && pwd` - progpath="$progdir/$progname" + progpath=$progdir/$progname ;; *) - save_IFS="$IFS" + _G_IFS=$IFS IFS=${PATH_SEPARATOR-:} for progdir in $PATH; do - IFS="$save_IFS" + IFS=$_G_IFS test -x "$progdir/$progname" && break done - IFS="$save_IFS" + IFS=$_G_IFS test -n "$progdir" || progdir=`pwd` - progpath="$progdir/$progname" + progpath=$progdir/$progname ;; esac -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed="${SED}"' -e 1s/^X//' -sed_quote_subst='s/\([`"$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' - -# Sed substitution that turns a string into a regex matching for the -# string literally. -sed_make_literal_regex='s,[].[^$\\*\/],\\&,g' -# Sed substitution that converts a w32 file name or path -# which contains forward slashes, into one that contains -# (escaped) backslashes. A very naive implementation. -lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' - -# Re-`\' parameter expansions in output of double_quote_subst that were -# `\'-ed in input to the same. If an odd number of `\' preceded a '$' -# in input to double_quote_subst, that '$' was protected from expansion. -# Since each input `\' is now two `\'s, look for any number of runs of -# four `\'s followed by two `\'s and then a '$'. `\' that '$'. -bs='\\' -bs2='\\\\' -bs4='\\\\\\\\' -dollar='\$' -sed_double_backslash="\ - s/$bs4/&\\ -/g - s/^$bs2$dollar/$bs&/ - s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g - s/\n//g" +## ----------------- ## +## Standard options. ## +## ----------------- ## + +# The following options affect the operation of the functions defined +# below, and should be set appropriately depending on run-time para- +# meters passed on the command line. -# Standard options: opt_dry_run=false -opt_help=false opt_quiet=false opt_verbose=false -opt_warning=: - -# func_echo arg... -# Echo program name prefixed message, along with the current mode -# name if it has been set yet. -func_echo () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }$*" -} -# func_verbose arg... -# Echo program name prefixed message in verbose mode only. -func_verbose () -{ - $opt_verbose && func_echo ${1+"$@"} +# Categories 'all' and 'none' are always available. Append any others +# you will pass as the first argument to func_warning from your own +# code. +warning_categories= + +# By default, display warnings according to 'opt_warning_types'. Set +# 'warning_func' to ':' to elide all warnings, or func_fatal_error to +# treat the next displayed warning as a fatal error. +warning_func=func_warn_and_continue + +# Set to 'all' to display all warnings, 'none' to suppress all +# warnings, or a space delimited list of some subset of +# 'warning_categories' to display only the listed warnings. +opt_warning_types=all + + +## -------------------- ## +## Resource management. ## +## -------------------- ## + +# This section contains definitions for functions that each ensure a +# particular resource (a file, or a non-empty configuration variable for +# example) is available, and if appropriate to extract default values +# from pertinent package files. Call them using their associated +# 'require_*' variable to ensure that they are executed, at most, once. +# +# It's entirely deliberate that calling these functions can set +# variables that don't obey the namespace limitations obeyed by the rest +# of this file, in order that that they be as useful as possible to +# callers. + + +# require_term_colors +# ------------------- +# Allow display of bold text on terminals that support it. +require_term_colors=func_require_term_colors +func_require_term_colors () +{ + $debug_cmd + + test -t 1 && { + # COLORTERM and USE_ANSI_COLORS environment variables take + # precedence, because most terminfo databases neglect to describe + # whether color sequences are supported. + test -n "${COLORTERM+set}" && : ${USE_ANSI_COLORS="1"} + + if test 1 = "$USE_ANSI_COLORS"; then + # Standard ANSI escape sequences + tc_reset='' + tc_bold=''; tc_standout='' + tc_red=''; tc_green='' + tc_blue=''; tc_cyan='' + else + # Otherwise trust the terminfo database after all. + test -n "`tput sgr0 2>/dev/null`" && { + tc_reset=`tput sgr0` + test -n "`tput bold 2>/dev/null`" && tc_bold=`tput bold` + tc_standout=$tc_bold + test -n "`tput smso 2>/dev/null`" && tc_standout=`tput smso` + test -n "`tput setaf 1 2>/dev/null`" && tc_red=`tput setaf 1` + test -n "`tput setaf 2 2>/dev/null`" && tc_green=`tput setaf 2` + test -n "`tput setaf 4 2>/dev/null`" && tc_blue=`tput setaf 4` + test -n "`tput setaf 5 2>/dev/null`" && tc_cyan=`tput setaf 5` + } + fi + } - # A bug in bash halts the script if the last line of a function - # fails when set -e is in force, so we need another command to - # work around that: - : + require_term_colors=: } -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "$*" -} -# func_error arg... -# Echo program name prefixed message to standard error. -func_error () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2 -} +## ----------------- ## +## Function library. ## +## ----------------- ## -# func_warning arg... -# Echo program name prefixed warning message to standard error. -func_warning () -{ - $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2 +# This section contains a variety of useful functions to call in your +# scripts. Take note of the portable wrappers for features provided by +# some modern shells, which will fall back to slower equivalents on +# less featureful shells. - # bash bug again: - : -} -# func_fatal_error arg... -# Echo program name prefixed message to standard error, and exit. -func_fatal_error () -{ - func_error ${1+"$@"} - exit $EXIT_FAILURE -} +# func_append VAR VALUE +# --------------------- +# Append VALUE onto the existing contents of VAR. -# func_fatal_help arg... -# Echo program name prefixed message to standard error, followed by -# a help hint, and exit. -func_fatal_help () -{ - func_error ${1+"$@"} - func_fatal_error "$help" -} -help="Try \`$progname --help' for more information." ## default + # We should try to minimise forks, especially on Windows where they are + # unreasonably slow, so skip the feature probes when bash or zsh are + # being used: + if test set = "${BASH_VERSION+set}${ZSH_VERSION+set}"; then + : ${_G_HAVE_ARITH_OP="yes"} + : ${_G_HAVE_XSI_OPS="yes"} + # The += operator was introduced in bash 3.1 + case $BASH_VERSION in + [12].* | 3.0 | 3.0*) ;; + *) + : ${_G_HAVE_PLUSEQ_OP="yes"} + ;; + esac + fi + # _G_HAVE_PLUSEQ_OP + # Can be empty, in which case the shell is probed, "yes" if += is + # useable or anything else if it does not work. + test -z "$_G_HAVE_PLUSEQ_OP" \ + && (eval 'x=a; x+=" b"; test "a b" = "$x"') 2>/dev/null \ + && _G_HAVE_PLUSEQ_OP=yes + +if test yes = "$_G_HAVE_PLUSEQ_OP" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_append () + { + $debug_cmd + + eval "$1+=\$2" + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_append () + { + $debug_cmd + + eval "$1=\$$1\$2" + } +fi + + +# func_append_quoted VAR VALUE +# ---------------------------- +# Quote VALUE and append to the end of shell variable VAR, separated +# by a space. +if test yes = "$_G_HAVE_PLUSEQ_OP"; then + eval 'func_append_quoted () + { + $debug_cmd + + func_quote_for_eval "$2" + eval "$1+=\\ \$func_quote_for_eval_result" + }' +else + func_append_quoted () + { + $debug_cmd + + func_quote_for_eval "$2" + eval "$1=\$$1\\ \$func_quote_for_eval_result" + } +fi + + +# func_append_uniq VAR VALUE +# -------------------------- +# Append unique VALUE onto the existing contents of VAR, assuming +# entries are delimited by the first character of VALUE. For example: +# +# func_append_uniq options " --another-option option-argument" +# +# will only append to $options if " --another-option option-argument " +# is not already present somewhere in $options already (note spaces at +# each end implied by leading space in second argument). +func_append_uniq () +{ + $debug_cmd + + eval _G_current_value='`$ECHO $'$1'`' + _G_delim=`expr "$2" : '\(.\)'` + + case $_G_delim$_G_current_value$_G_delim in + *"$2$_G_delim"*) ;; + *) func_append "$@" ;; + esac +} + + +# func_arith TERM... +# ------------------ +# Set func_arith_result to the result of evaluating TERMs. + test -z "$_G_HAVE_ARITH_OP" \ + && (eval 'test 2 = $(( 1 + 1 ))') 2>/dev/null \ + && _G_HAVE_ARITH_OP=yes + +if test yes = "$_G_HAVE_ARITH_OP"; then + eval 'func_arith () + { + $debug_cmd + + func_arith_result=$(( $* )) + }' +else + func_arith () + { + $debug_cmd + + func_arith_result=`expr "$@"` + } +fi + + +# func_basename FILE +# ------------------ +# Set func_basename_result to FILE with everything up to and including +# the last / stripped. +if test yes = "$_G_HAVE_XSI_OPS"; then + # If this shell supports suffix pattern removal, then use it to avoid + # forking. Hide the definitions single quotes in case the shell chokes + # on unsupported syntax... + _b='func_basename_result=${1##*/}' + _d='case $1 in + */*) func_dirname_result=${1%/*}$2 ;; + * ) func_dirname_result=$3 ;; + esac' + +else + # ...otherwise fall back to using sed. + _b='func_basename_result=`$ECHO "$1" |$SED "$sed_basename"`' + _d='func_dirname_result=`$ECHO "$1" |$SED "$sed_dirname"` + if test "X$func_dirname_result" = "X$1"; then + func_dirname_result=$3 + else + func_append func_dirname_result "$2" + fi' +fi + +eval 'func_basename () +{ + $debug_cmd + + '"$_b"' +}' + + +# func_dirname FILE APPEND NONDIR_REPLACEMENT +# ------------------------------------------- +# Compute the dirname of FILE. If nonempty, add APPEND to the result, +# otherwise set result to NONDIR_REPLACEMENT. +eval 'func_dirname () +{ + $debug_cmd + + '"$_d"' +}' + + +# func_dirname_and_basename FILE APPEND NONDIR_REPLACEMENT +# -------------------------------------------------------- +# Perform func_basename and func_dirname in a single function +# call: +# dirname: Compute the dirname of FILE. If nonempty, +# add APPEND to the result, otherwise set result +# to NONDIR_REPLACEMENT. +# value returned in "$func_dirname_result" +# basename: Compute filename of FILE. +# value retuned in "$func_basename_result" +# For efficiency, we do not delegate to the functions above but instead +# duplicate the functionality here. +eval 'func_dirname_and_basename () +{ + $debug_cmd + + '"$_b"' + '"$_d"' +}' + + +# func_echo ARG... +# ---------------- +# Echo program name prefixed message. +func_echo () +{ + $debug_cmd + + _G_message=$* + + func_echo_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_IFS + $ECHO "$progname: $_G_line" + done + IFS=$func_echo_IFS +} + + +# func_echo_all ARG... +# -------------------- +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "$*" +} + + +# func_echo_infix_1 INFIX ARG... +# ------------------------------ +# Echo program name, followed by INFIX on the first line, with any +# additional lines not showing INFIX. +func_echo_infix_1 () +{ + $debug_cmd + + $require_term_colors + + _G_infix=$1; shift + _G_indent=$_G_infix + _G_prefix="$progname: $_G_infix: " + _G_message=$* + + # Strip color escape sequences before counting printable length + for _G_tc in "$tc_reset" "$tc_bold" "$tc_standout" "$tc_red" "$tc_green" "$tc_blue" "$tc_cyan" + do + test -n "$_G_tc" && { + _G_esc_tc=`$ECHO "$_G_tc" | $SED "$sed_make_literal_regex"` + _G_indent=`$ECHO "$_G_indent" | $SED "s|$_G_esc_tc||g"` + } + done + _G_indent="$progname: "`echo "$_G_indent" | $SED 's|.| |g'`" " ## exclude from sc_prohibit_nested_quotes + + func_echo_infix_1_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_infix_1_IFS + $ECHO "$_G_prefix$tc_bold$_G_line$tc_reset" >&2 + _G_prefix=$_G_indent + done + IFS=$func_echo_infix_1_IFS +} + + +# func_error ARG... +# ----------------- +# Echo program name prefixed message to standard error. +func_error () +{ + $debug_cmd + + $require_term_colors -# func_grep expression filename + func_echo_infix_1 " $tc_standout${tc_red}error$tc_reset" "$*" >&2 +} + + +# func_fatal_error ARG... +# ----------------------- +# Echo program name prefixed message to standard error, and exit. +func_fatal_error () +{ + $debug_cmd + + func_error "$*" + exit $EXIT_FAILURE +} + + +# func_grep EXPRESSION FILENAME +# ----------------------------- # Check whether EXPRESSION matches any line of FILENAME, without output. func_grep () { + $debug_cmd + $GREP "$1" "$2" >/dev/null 2>&1 } -# func_mkdir_p directory-path +# func_len STRING +# --------------- +# Set func_len_result to the length of STRING. STRING may not +# start with a hyphen. + test -z "$_G_HAVE_XSI_OPS" \ + && (eval 'x=a/b/c; + test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ + && _G_HAVE_XSI_OPS=yes + +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_len () + { + $debug_cmd + + func_len_result=${#1} + }' +else + func_len () + { + $debug_cmd + + func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len` + } +fi + + +# func_mkdir_p DIRECTORY-PATH +# --------------------------- # Make sure the entire path to DIRECTORY-PATH is available. func_mkdir_p () { - my_directory_path="$1" - my_dir_list= + $debug_cmd + + _G_directory_path=$1 + _G_dir_list= - if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then + if test -n "$_G_directory_path" && test : != "$opt_dry_run"; then - # Protect directory names starting with `-' - case $my_directory_path in - -*) my_directory_path="./$my_directory_path" ;; + # Protect directory names starting with '-' + case $_G_directory_path in + -*) _G_directory_path=./$_G_directory_path ;; esac # While some portion of DIR does not yet exist... - while test ! -d "$my_directory_path"; do + while test ! -d "$_G_directory_path"; do # ...make a list in topmost first order. Use a colon delimited # list incase some portion of path contains whitespace. - my_dir_list="$my_directory_path:$my_dir_list" + _G_dir_list=$_G_directory_path:$_G_dir_list # If the last portion added has no slash in it, the list is done - case $my_directory_path in */*) ;; *) break ;; esac + case $_G_directory_path in */*) ;; *) break ;; esac # ...otherwise throw away the child directory and loop - my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"` + _G_directory_path=`$ECHO "$_G_directory_path" | $SED -e "$sed_dirname"` done - my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'` + _G_dir_list=`$ECHO "$_G_dir_list" | $SED 's|:*$||'` - save_mkdir_p_IFS="$IFS"; IFS=':' - for my_dir in $my_dir_list; do - IFS="$save_mkdir_p_IFS" - # mkdir can fail with a `File exist' error if two processes + func_mkdir_p_IFS=$IFS; IFS=: + for _G_dir in $_G_dir_list; do + IFS=$func_mkdir_p_IFS + # mkdir can fail with a 'File exist' error if two processes # try to create one of the directories concurrently. Don't # stop in that case! - $MKDIR "$my_dir" 2>/dev/null || : + $MKDIR "$_G_dir" 2>/dev/null || : done - IFS="$save_mkdir_p_IFS" + IFS=$func_mkdir_p_IFS # Bail out if we (or some other process) failed to create a directory. - test -d "$my_directory_path" || \ - func_fatal_error "Failed to create \`$1'" + test -d "$_G_directory_path" || \ + func_fatal_error "Failed to create '$1'" fi } -# func_mktempdir [string] +# func_mktempdir [BASENAME] +# ------------------------- # Make a temporary directory that won't clash with other running # libtool processes, and avoids race conditions if possible. If -# given, STRING is the basename for that directory. +# given, BASENAME is the basename for that directory. func_mktempdir () { - my_template="${TMPDIR-/tmp}/${1-$progname}" + $debug_cmd - if test "$opt_dry_run" = ":"; then + _G_template=${TMPDIR-/tmp}/${1-$progname} + + if test : = "$opt_dry_run"; then # Return a directory name, but don't create it in dry-run mode - my_tmpdir="${my_template}-$$" + _G_tmpdir=$_G_template-$$ else # If mktemp works, use that first and foremost - my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` + _G_tmpdir=`mktemp -d "$_G_template-XXXXXXXX" 2>/dev/null` - if test ! -d "$my_tmpdir"; then + if test ! -d "$_G_tmpdir"; then # Failing that, at least try and use $RANDOM to avoid a race - my_tmpdir="${my_template}-${RANDOM-0}$$" + _G_tmpdir=$_G_template-${RANDOM-0}$$ - save_mktempdir_umask=`umask` + func_mktempdir_umask=`umask` umask 0077 - $MKDIR "$my_tmpdir" - umask $save_mktempdir_umask + $MKDIR "$_G_tmpdir" + umask $func_mktempdir_umask fi # If we're not in dry-run mode, bomb out on failure - test -d "$my_tmpdir" || \ - func_fatal_error "cannot create temporary directory \`$my_tmpdir'" + test -d "$_G_tmpdir" || \ + func_fatal_error "cannot create temporary directory '$_G_tmpdir'" fi - $ECHO "$my_tmpdir" + $ECHO "$_G_tmpdir" } -# func_quote_for_eval arg -# Aesthetically quote ARG to be evaled later. -# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT -# is double-quoted, suitable for a subsequent eval, whereas -# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters -# which are still active within double quotes backslashified. +# func_normal_abspath PATH +# ------------------------ +# Remove doubled-up and trailing slashes, "." path components, +# and cancel out any ".." path components in PATH after making +# it an absolute path. +func_normal_abspath () +{ + $debug_cmd + + # These SED scripts presuppose an absolute path with a trailing slash. + _G_pathcar='s|^/\([^/]*\).*$|\1|' + _G_pathcdr='s|^/[^/]*||' + _G_removedotparts=':dotsl + s|/\./|/|g + t dotsl + s|/\.$|/|' + _G_collapseslashes='s|/\{1,\}|/|g' + _G_finalslash='s|/*$|/|' + + # Start from root dir and reassemble the path. + func_normal_abspath_result= + func_normal_abspath_tpath=$1 + func_normal_abspath_altnamespace= + case $func_normal_abspath_tpath in + "") + # Empty path, that just means $cwd. + func_stripname '' '/' "`pwd`" + func_normal_abspath_result=$func_stripname_result + return + ;; + # The next three entries are used to spot a run of precisely + # two leading slashes without using negated character classes; + # we take advantage of case's first-match behaviour. + ///*) + # Unusual form of absolute path, do nothing. + ;; + //*) + # Not necessarily an ordinary path; POSIX reserves leading '//' + # and for example Cygwin uses it to access remote file shares + # over CIFS/SMB, so we conserve a leading double slash if found. + func_normal_abspath_altnamespace=/ + ;; + /*) + # Absolute path, do nothing. + ;; + *) + # Relative path, prepend $cwd. + func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath + ;; + esac + + # Cancel out all the simple stuff to save iterations. We also want + # the path to end with a slash for ease of parsing, so make sure + # there is one (and only one) here. + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_removedotparts" -e "$_G_collapseslashes" -e "$_G_finalslash"` + while :; do + # Processed it all yet? + if test / = "$func_normal_abspath_tpath"; then + # If we ascended to the root using ".." the result may be empty now. + if test -z "$func_normal_abspath_result"; then + func_normal_abspath_result=/ + fi + break + fi + func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_pathcar"` + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$_G_pathcdr"` + # Figure out what to do with it + case $func_normal_abspath_tcomponent in + "") + # Trailing empty path component, ignore it. + ;; + ..) + # Parent dir; strip last assembled component from result. + func_dirname "$func_normal_abspath_result" + func_normal_abspath_result=$func_dirname_result + ;; + *) + # Actual path component, append it. + func_append func_normal_abspath_result "/$func_normal_abspath_tcomponent" + ;; + esac + done + # Restore leading double-slash if one was found on entry. + func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result +} + + +# func_notquiet ARG... +# -------------------- +# Echo program name prefixed message only when not in quiet mode. +func_notquiet () +{ + $debug_cmd + + $opt_quiet || func_echo ${1+"$@"} + + # A bug in bash halts the script if the last line of a function + # fails when set -e is in force, so we need another command to + # work around that: + : +} + + +# func_relative_path SRCDIR DSTDIR +# -------------------------------- +# Set func_relative_path_result to the relative path from SRCDIR to DSTDIR. +func_relative_path () +{ + $debug_cmd + + func_relative_path_result= + func_normal_abspath "$1" + func_relative_path_tlibdir=$func_normal_abspath_result + func_normal_abspath "$2" + func_relative_path_tbindir=$func_normal_abspath_result + + # Ascend the tree starting from libdir + while :; do + # check if we have found a prefix of bindir + case $func_relative_path_tbindir in + $func_relative_path_tlibdir) + # found an exact match + func_relative_path_tcancelled= + break + ;; + $func_relative_path_tlibdir*) + # found a matching prefix + func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" + func_relative_path_tcancelled=$func_stripname_result + if test -z "$func_relative_path_result"; then + func_relative_path_result=. + fi + break + ;; + *) + func_dirname $func_relative_path_tlibdir + func_relative_path_tlibdir=$func_dirname_result + if test -z "$func_relative_path_tlibdir"; then + # Have to descend all the way to the root! + func_relative_path_result=../$func_relative_path_result + func_relative_path_tcancelled=$func_relative_path_tbindir + break + fi + func_relative_path_result=../$func_relative_path_result + ;; + esac + done + + # Now calculate path; take care to avoid doubling-up slashes. + func_stripname '' '/' "$func_relative_path_result" + func_relative_path_result=$func_stripname_result + func_stripname '/' '/' "$func_relative_path_tcancelled" + if test -n "$func_stripname_result"; then + func_append func_relative_path_result "/$func_stripname_result" + fi + + # Normalisation. If bindir is libdir, return '.' else relative path. + if test -n "$func_relative_path_result"; then + func_stripname './' '' "$func_relative_path_result" + func_relative_path_result=$func_stripname_result + fi + + test -n "$func_relative_path_result" || func_relative_path_result=. + + : +} + + +# func_quote_for_eval ARG... +# -------------------------- +# Aesthetically quote ARGs to be evaled later. +# This function returns two values: +# i) func_quote_for_eval_result +# double-quoted, suitable for a subsequent eval +# ii) func_quote_for_eval_unquoted_result +# has all characters that are still active within double +# quotes backslashified. func_quote_for_eval () { + $debug_cmd + + func_quote_for_eval_unquoted_result= + func_quote_for_eval_result= + while test 0 -lt $#; do + case $1 in + *[\\\`\"\$]*) + _G_unquoted_arg=`printf '%s\n' "$1" |$SED "$sed_quote_subst"` ;; + *) + _G_unquoted_arg=$1 ;; + esac + if test -n "$func_quote_for_eval_unquoted_result"; then + func_append func_quote_for_eval_unquoted_result " $_G_unquoted_arg" + else + func_append func_quote_for_eval_unquoted_result "$_G_unquoted_arg" + fi + + case $_G_unquoted_arg in + # Double-quote args containing shell metacharacters to delay + # word splitting, command substitution and variable expansion + # for a subsequent eval. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + _G_quoted_arg=\"$_G_unquoted_arg\" + ;; + *) + _G_quoted_arg=$_G_unquoted_arg + ;; + esac + + if test -n "$func_quote_for_eval_result"; then + func_append func_quote_for_eval_result " $_G_quoted_arg" + else + func_append func_quote_for_eval_result "$_G_quoted_arg" + fi + shift + done +} + + +# func_quote_for_expand ARG +# ------------------------- +# Aesthetically quote ARG to be evaled later; same as above, +# but do not quote variable references. +func_quote_for_expand () +{ + $debug_cmd + case $1 in - *[\\\`\"\$]*) - func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;; + *[\\\`\"]*) + _G_arg=`$ECHO "$1" | $SED \ + -e "$sed_double_quote_subst" -e "$sed_double_backslash"` ;; *) - func_quote_for_eval_unquoted_result="$1" ;; + _G_arg=$1 ;; esac - case $func_quote_for_eval_unquoted_result in + case $_G_arg in # Double-quote args containing shell metacharacters to delay - # word splitting, command substitution and and variable - # expansion for a subsequent eval. + # word splitting and command substitution for a subsequent eval. # Many Bourne shells cannot handle close brackets correctly # in scan sets, so we specify it separately. *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\"" + _G_arg=\"$_G_arg\" ;; - *) - func_quote_for_eval_result="$func_quote_for_eval_unquoted_result" esac + + func_quote_for_expand_result=$_G_arg } -# func_quote_for_expand arg -# Aesthetically quote ARG to be evaled later; same as above, -# but do not quote variable references. -func_quote_for_expand () +# func_stripname PREFIX SUFFIX NAME +# --------------------------------- +# strip PREFIX and SUFFIX from NAME, and store in func_stripname_result. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_stripname () + { + $debug_cmd + + # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are + # positional parameters, so assign one to ordinary variable first. + func_stripname_result=$3 + func_stripname_result=${func_stripname_result#"$1"} + func_stripname_result=${func_stripname_result%"$2"} + }' +else + func_stripname () + { + $debug_cmd + + case $2 in + .*) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%\\\\$2\$%%"`;; + *) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%$2\$%%"`;; + esac + } +fi + + +# func_show_eval CMD [FAIL_EXP] +# ----------------------------- +# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. +func_show_eval () +{ + $debug_cmd + + _G_cmd=$1 + _G_fail_exp=${2-':'} + + func_quote_for_expand "$_G_cmd" + eval "func_notquiet $func_quote_for_expand_result" + + $opt_dry_run || { + eval "$_G_cmd" + _G_status=$? + if test 0 -ne "$_G_status"; then + eval "(exit $_G_status); $_G_fail_exp" + fi + } +} + + +# func_show_eval_locale CMD [FAIL_EXP] +# ------------------------------------ +# Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. Use the saved locale for evaluation. +func_show_eval_locale () { + $debug_cmd + + _G_cmd=$1 + _G_fail_exp=${2-':'} + + $opt_quiet || { + func_quote_for_expand "$_G_cmd" + eval "func_echo $func_quote_for_expand_result" + } + + $opt_dry_run || { + eval "$_G_user_locale + $_G_cmd" + _G_status=$? + eval "$_G_safe_locale" + if test 0 -ne "$_G_status"; then + eval "(exit $_G_status); $_G_fail_exp" + fi + } +} + + +# func_tr_sh +# ---------- +# Turn $1 into a string suitable for a shell variable name. +# Result is stored in $func_tr_sh_result. All characters +# not in the set a-zA-Z0-9_ are replaced with '_'. Further, +# if $1 begins with a digit, a '_' is prepended as well. +func_tr_sh () +{ + $debug_cmd + case $1 in - *[\\\`\"]*) - my_arg=`$ECHO "$1" | $SED \ - -e "$double_quote_subst" -e "$sed_double_backslash"` ;; - *) - my_arg="$1" ;; + [0-9]* | *[!a-zA-Z0-9_]*) + func_tr_sh_result=`$ECHO "$1" | $SED -e 's/^\([0-9]\)/_\1/' -e 's/[^a-zA-Z0-9_]/_/g'` + ;; + * ) + func_tr_sh_result=$1 + ;; esac +} + + +# func_verbose ARG... +# ------------------- +# Echo program name prefixed message in verbose mode only. +func_verbose () +{ + $debug_cmd + + $opt_verbose && func_echo "$*" + + : +} + + +# func_warn_and_continue ARG... +# ----------------------------- +# Echo program name prefixed warning message to standard error. +func_warn_and_continue () +{ + $debug_cmd + + $require_term_colors + + func_echo_infix_1 "${tc_red}warning$tc_reset" "$*" >&2 +} + + +# func_warning CATEGORY ARG... +# ---------------------------- +# Echo program name prefixed warning message to standard error. Warning +# messages can be filtered according to CATEGORY, where this function +# elides messages where CATEGORY is not listed in the global variable +# 'opt_warning_types'. +func_warning () +{ + $debug_cmd + + # CATEGORY must be in the warning_categories list! + case " $warning_categories " in + *" $1 "*) ;; + *) func_internal_error "invalid warning category '$1'" ;; + esac + + _G_category=$1 + shift + + case " $opt_warning_types " in + *" $_G_category "*) $warning_func ${1+"$@"} ;; + esac +} + + +# func_sort_ver VER1 VER2 +# ----------------------- +# 'sort -V' is not generally available. +# Note this deviates from the version comparison in automake +# in that it treats 1.5 < 1.5.0, and treats 1.4.4a < 1.4-p3a +# but this should suffice as we won't be specifying old +# version formats or redundant trailing .0 in bootstrap.conf. +# If we did want full compatibility then we should probably +# use m4_version_compare from autoconf. +func_sort_ver () +{ + $debug_cmd + + printf '%s\n%s\n' "$1" "$2" \ + | sort -t. -k 1,1n -k 2,2n -k 3,3n -k 4,4n -k 5,5n -k 6,6n -k 7,7n -k 8,8n -k 9,9n +} + +# func_lt_ver PREV CURR +# --------------------- +# Return true if PREV and CURR are in the correct order according to +# func_sort_ver, otherwise false. Use it like this: +# +# func_lt_ver "$prev_ver" "$proposed_ver" || func_fatal_error "..." +func_lt_ver () +{ + $debug_cmd + + test "x$1" = x`func_sort_ver "$1" "$2" | $SED 1q` +} + + +# Local variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'before-save-hook 'time-stamp) +# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" +# time-stamp-time-zone: "UTC" +# End: +#! /bin/sh + +# Set a version string for this script. +scriptversion=2014-01-07.03; # UTC + +# A portable, pluggable option parser for Bourne shell. +# Written by Gary V. Vaughan, 2010 + +# Copyright (C) 2010-2015 Free Software Foundation, Inc. +# This is free software; see the source for copying conditions. There is NO +# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Please report bugs or propose patches to gary@gnu.org. + + +## ------ ## +## Usage. ## +## ------ ## + +# This file is a library for parsing options in your shell scripts along +# with assorted other useful supporting features that you can make use +# of too. +# +# For the simplest scripts you might need only: +# +# #!/bin/sh +# . relative/path/to/funclib.sh +# . relative/path/to/options-parser +# scriptversion=1.0 +# func_options ${1+"$@"} +# eval set dummy "$func_options_result"; shift +# ...rest of your script... +# +# In order for the '--version' option to work, you will need to have a +# suitably formatted comment like the one at the top of this file +# starting with '# Written by ' and ending with '# warranty; '. +# +# For '-h' and '--help' to work, you will also need a one line +# description of your script's purpose in a comment directly above the +# '# Written by ' line, like the one at the top of this file. +# +# The default options also support '--debug', which will turn on shell +# execution tracing (see the comment above debug_cmd below for another +# use), and '--verbose' and the func_verbose function to allow your script +# to display verbose messages only when your user has specified +# '--verbose'. +# +# After sourcing this file, you can plug processing for additional +# options by amending the variables from the 'Configuration' section +# below, and following the instructions in the 'Option parsing' +# section further down. + +## -------------- ## +## Configuration. ## +## -------------- ## + +# You should override these variables in your script after sourcing this +# file so that they reflect the customisations you have added to the +# option parser. + +# The usage line for option parsing errors and the start of '-h' and +# '--help' output messages. You can embed shell variables for delayed +# expansion at the time the message is displayed, but you will need to +# quote other shell meta-characters carefully to prevent them being +# expanded when the contents are evaled. +usage='$progpath [OPTION]...' + +# Short help message in response to '-h' and '--help'. Add to this or +# override it after sourcing this library to reflect the full set of +# options your script accepts. +usage_message="\ + --debug enable verbose shell tracing + -W, --warnings=CATEGORY + report the warnings falling in CATEGORY [all] + -v, --verbose verbosely report processing + --version print version information and exit + -h, --help print short or long help message and exit +" + +# Additional text appended to 'usage_message' in response to '--help'. +long_help_message=" +Warning categories include: + 'all' show all warnings + 'none' turn off all the warnings + 'error' warnings are treated as fatal errors" + +# Help message printed before fatal option parsing errors. +fatal_help="Try '\$progname --help' for more information." + + + +## ------------------------- ## +## Hook function management. ## +## ------------------------- ## + +# This section contains functions for adding, removing, and running hooks +# to the main code. A hook is just a named list of of function, that can +# be run in order later on. + +# func_hookable FUNC_NAME +# ----------------------- +# Declare that FUNC_NAME will run hooks added with +# 'func_add_hook FUNC_NAME ...'. +func_hookable () +{ + $debug_cmd + + func_append hookable_fns " $1" +} + + +# func_add_hook FUNC_NAME HOOK_FUNC +# --------------------------------- +# Request that FUNC_NAME call HOOK_FUNC before it returns. FUNC_NAME must +# first have been declared "hookable" by a call to 'func_hookable'. +func_add_hook () +{ + $debug_cmd + + case " $hookable_fns " in + *" $1 "*) ;; + *) func_fatal_error "'$1' does not accept hook functions." ;; + esac + + eval func_append ${1}_hooks '" $2"' +} + + +# func_remove_hook FUNC_NAME HOOK_FUNC +# ------------------------------------ +# Remove HOOK_FUNC from the list of functions called by FUNC_NAME. +func_remove_hook () +{ + $debug_cmd + + eval ${1}_hooks='`$ECHO "\$'$1'_hooks" |$SED "s| '$2'||"`' +} + + +# func_run_hooks FUNC_NAME [ARG]... +# --------------------------------- +# Run all hook functions registered to FUNC_NAME. +# It is assumed that the list of hook functions contains nothing more +# than a whitespace-delimited list of legal shell function names, and +# no effort is wasted trying to catch shell meta-characters or preserve +# whitespace. +func_run_hooks () +{ + $debug_cmd + + case " $hookable_fns " in + *" $1 "*) ;; + *) func_fatal_error "'$1' does not support hook funcions.n" ;; + esac + + eval _G_hook_fns=\$$1_hooks; shift + + for _G_hook in $_G_hook_fns; do + eval $_G_hook '"$@"' + + # store returned options list back into positional + # parameters for next 'cmd' execution. + eval _G_hook_result=\$${_G_hook}_result + eval set dummy "$_G_hook_result"; shift + done + + func_quote_for_eval ${1+"$@"} + func_run_hooks_result=$func_quote_for_eval_result +} + + + +## --------------- ## +## Option parsing. ## +## --------------- ## + +# In order to add your own option parsing hooks, you must accept the +# full positional parameter list in your hook function, remove any +# options that you action, and then pass back the remaining unprocessed +# options in '_result', escaped suitably for +# 'eval'. Like this: +# +# my_options_prep () +# { +# $debug_cmd +# +# # Extend the existing usage message. +# usage_message=$usage_message' +# -s, --silent don'\''t print informational messages +# ' +# +# func_quote_for_eval ${1+"$@"} +# my_options_prep_result=$func_quote_for_eval_result +# } +# func_add_hook func_options_prep my_options_prep +# +# +# my_silent_option () +# { +# $debug_cmd +# +# # Note that for efficiency, we parse as many options as we can +# # recognise in a loop before passing the remainder back to the +# # caller on the first unrecognised argument we encounter. +# while test $# -gt 0; do +# opt=$1; shift +# case $opt in +# --silent|-s) opt_silent=: ;; +# # Separate non-argument short options: +# -s*) func_split_short_opt "$_G_opt" +# set dummy "$func_split_short_opt_name" \ +# "-$func_split_short_opt_arg" ${1+"$@"} +# shift +# ;; +# *) set dummy "$_G_opt" "$*"; shift; break ;; +# esac +# done +# +# func_quote_for_eval ${1+"$@"} +# my_silent_option_result=$func_quote_for_eval_result +# } +# func_add_hook func_parse_options my_silent_option +# +# +# my_option_validation () +# { +# $debug_cmd +# +# $opt_silent && $opt_verbose && func_fatal_help "\ +# '--silent' and '--verbose' options are mutually exclusive." +# +# func_quote_for_eval ${1+"$@"} +# my_option_validation_result=$func_quote_for_eval_result +# } +# func_add_hook func_validate_options my_option_validation +# +# You'll alse need to manually amend $usage_message to reflect the extra +# options you parse. It's preferable to append if you can, so that +# multiple option parsing hooks can be added safely. + - case $my_arg in - # Double-quote args containing shell metacharacters to delay - # word splitting and command substitution for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - my_arg="\"$my_arg\"" - ;; - esac +# func_options [ARG]... +# --------------------- +# All the functions called inside func_options are hookable. See the +# individual implementations for details. +func_hookable func_options +func_options () +{ + $debug_cmd - func_quote_for_expand_result="$my_arg" + func_options_prep ${1+"$@"} + eval func_parse_options \ + ${func_options_prep_result+"$func_options_prep_result"} + eval func_validate_options \ + ${func_parse_options_result+"$func_parse_options_result"} + + eval func_run_hooks func_options \ + ${func_validate_options_result+"$func_validate_options_result"} + + # save modified positional parameters for caller + func_options_result=$func_run_hooks_result } -# func_show_eval cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. -func_show_eval () +# func_options_prep [ARG]... +# -------------------------- +# All initialisations required before starting the option parse loop. +# Note that when calling hook functions, we pass through the list of +# positional parameters. If a hook function modifies that list, and +# needs to propogate that back to rest of this script, then the complete +# modified list must be put in 'func_run_hooks_result' before +# returning. +func_hookable func_options_prep +func_options_prep () { - my_cmd="$1" - my_fail_exp="${2-:}" + $debug_cmd - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } + # Option defaults: + opt_verbose=false + opt_warning_types= - if ${opt_dry_run-false}; then :; else - eval "$my_cmd" - my_status=$? - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi + func_run_hooks func_options_prep ${1+"$@"} + + # save modified positional parameters for caller + func_options_prep_result=$func_run_hooks_result } -# func_show_eval_locale cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. Use the saved locale for evaluation. -func_show_eval_locale () +# func_parse_options [ARG]... +# --------------------------- +# The main option parsing loop. +func_hookable func_parse_options +func_parse_options () { - my_cmd="$1" - my_fail_exp="${2-:}" + $debug_cmd - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } + func_parse_options_result= - if ${opt_dry_run-false}; then :; else - eval "$lt_user_locale - $my_cmd" - my_status=$? - eval "$lt_safe_locale" - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi -} + # this just eases exit handling + while test $# -gt 0; do + # Defer to hook functions for initial option parsing, so they + # get priority in the event of reusing an option name. + func_run_hooks func_parse_options ${1+"$@"} -# func_tr_sh -# Turn $1 into a string suitable for a shell variable name. -# Result is stored in $func_tr_sh_result. All characters -# not in the set a-zA-Z0-9_ are replaced with '_'. Further, -# if $1 begins with a digit, a '_' is prepended as well. -func_tr_sh () -{ - case $1 in - [0-9]* | *[!a-zA-Z0-9_]*) - func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'` - ;; - * ) - func_tr_sh_result=$1 - ;; - esac + # Adjust func_parse_options positional parameters to match + eval set dummy "$func_run_hooks_result"; shift + + # Break out of the loop if we already parsed every option. + test $# -gt 0 || break + + _G_opt=$1 + shift + case $_G_opt in + --debug|-x) debug_cmd='set -x' + func_echo "enabling shell trace mode" + $debug_cmd + ;; + + --no-warnings|--no-warning|--no-warn) + set dummy --warnings none ${1+"$@"} + shift + ;; + + --warnings|--warning|-W) + test $# = 0 && func_missing_arg $_G_opt && break + case " $warning_categories $1" in + *" $1 "*) + # trailing space prevents matching last $1 above + func_append_uniq opt_warning_types " $1" + ;; + *all) + opt_warning_types=$warning_categories + ;; + *none) + opt_warning_types=none + warning_func=: + ;; + *error) + opt_warning_types=$warning_categories + warning_func=func_fatal_error + ;; + *) + func_fatal_error \ + "unsupported warning category: '$1'" + ;; + esac + shift + ;; + + --verbose|-v) opt_verbose=: ;; + --version) func_version ;; + -\?|-h) func_usage ;; + --help) func_help ;; + + # Separate optargs to long options (plugins may need this): + --*=*) func_split_equals "$_G_opt" + set dummy "$func_split_equals_lhs" \ + "$func_split_equals_rhs" ${1+"$@"} + shift + ;; + + # Separate optargs to short options: + -W*) + func_split_short_opt "$_G_opt" + set dummy "$func_split_short_opt_name" \ + "$func_split_short_opt_arg" ${1+"$@"} + shift + ;; + + # Separate non-argument short options: + -\?*|-h*|-v*|-x*) + func_split_short_opt "$_G_opt" + set dummy "$func_split_short_opt_name" \ + "-$func_split_short_opt_arg" ${1+"$@"} + shift + ;; + + --) break ;; + -*) func_fatal_help "unrecognised option: '$_G_opt'" ;; + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; + esac + done + + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + func_parse_options_result=$func_quote_for_eval_result } -# func_version -# Echo version message to standard output and exit. -func_version () +# func_validate_options [ARG]... +# ------------------------------ +# Perform any sanity checks on option settings and/or unconsumed +# arguments. +func_hookable func_validate_options +func_validate_options () { - $opt_debug + $debug_cmd - $SED -n '/(C)/!b go - :more - /\./!{ - N - s/\n# / / - b more - } - :go - /^# '$PROGRAM' (GNU /,/# warranty; / { - s/^# // - s/^# *$// - s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/ - p - }' < "$progpath" - exit $? + # Display all warnings if -W was not given. + test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" + + func_run_hooks func_validate_options ${1+"$@"} + + # Bail if the options were screwed! + $exit_cmd $EXIT_FAILURE + + # save modified positional parameters for caller + func_validate_options_result=$func_run_hooks_result } -# func_usage -# Echo short help message to standard output and exit. -func_usage () + + +## ----------------- ## +## Helper functions. ## +## ----------------- ## + +# This section contains the helper functions used by the rest of the +# hookable option parser framework in ascii-betical order. + + +# func_fatal_help ARG... +# ---------------------- +# Echo program name prefixed message to standard error, followed by +# a help hint, and exit. +func_fatal_help () { - $opt_debug + $debug_cmd - $SED -n '/^# Usage:/,/^# *.*--help/ { - s/^# // - s/^# *$// - s/\$progname/'$progname'/ - p - }' < "$progpath" - echo - $ECHO "run \`$progname --help | more' for full usage" - exit $? + eval \$ECHO \""Usage: $usage"\" + eval \$ECHO \""$fatal_help"\" + func_error ${1+"$@"} + exit $EXIT_FAILURE } -# func_help [NOEXIT] -# Echo long help message to standard output and exit, -# unless 'noexit' is passed as argument. + +# func_help +# --------- +# Echo long help message to standard output and exit. func_help () { - $opt_debug + $debug_cmd - $SED -n '/^# Usage:/,/# Report bugs to/ { - :print - s/^# // - s/^# *$// - s*\$progname*'$progname'* - s*\$host*'"$host"'* - s*\$SHELL*'"$SHELL"'* - s*\$LTCC*'"$LTCC"'* - s*\$LTCFLAGS*'"$LTCFLAGS"'* - s*\$LD*'"$LD"'* - s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ - p - d - } - /^# .* home page:/b print - /^# General help using/b print - ' < "$progpath" - ret=$? - if test -z "$1"; then - exit $ret - fi + func_usage_message + $ECHO "$long_help_message" + exit 0 } -# func_missing_arg argname + +# func_missing_arg ARGNAME +# ------------------------ # Echo program name prefixed message to standard error and set global # exit_cmd. func_missing_arg () { - $opt_debug + $debug_cmd - func_error "missing argument for $1." + func_error "Missing argument for '$1'." exit_cmd=exit } -# func_split_short_opt shortopt +# func_split_equals STRING +# ------------------------ +# Set func_split_equals_lhs and func_split_equals_rhs shell variables after +# splitting STRING at the '=' sign. +test -z "$_G_HAVE_XSI_OPS" \ + && (eval 'x=a/b/c; + test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ + && _G_HAVE_XSI_OPS=yes + +if test yes = "$_G_HAVE_XSI_OPS" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_split_equals () + { + $debug_cmd + + func_split_equals_lhs=${1%%=*} + func_split_equals_rhs=${1#*=} + test "x$func_split_equals_lhs" = "x$1" \ + && func_split_equals_rhs= + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_split_equals () + { + $debug_cmd + + func_split_equals_lhs=`expr "x$1" : 'x\([^=]*\)'` + func_split_equals_rhs= + test "x$func_split_equals_lhs" = "x$1" \ + || func_split_equals_rhs=`expr "x$1" : 'x[^=]*=\(.*\)$'` + } +fi #func_split_equals + + +# func_split_short_opt SHORTOPT +# ----------------------------- # Set func_split_short_opt_name and func_split_short_opt_arg shell # variables after splitting SHORTOPT after the 2nd character. -func_split_short_opt () +if test yes = "$_G_HAVE_XSI_OPS" +then + # This is an XSI compatible shell, allowing a faster implementation... + eval 'func_split_short_opt () + { + $debug_cmd + + func_split_short_opt_arg=${1#??} + func_split_short_opt_name=${1%"$func_split_short_opt_arg"} + }' +else + # ...otherwise fall back to using expr, which is often a shell builtin. + func_split_short_opt () + { + $debug_cmd + + func_split_short_opt_name=`expr "x$1" : 'x-\(.\)'` + func_split_short_opt_arg=`expr "x$1" : 'x-.\(.*\)$'` + } +fi #func_split_short_opt + + +# func_usage +# ---------- +# Echo short help message to standard output and exit. +func_usage () { - my_sed_short_opt='1s/^\(..\).*$/\1/;q' - my_sed_short_rest='1s/^..\(.*\)$/\1/;q' + $debug_cmd - func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"` - func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"` -} # func_split_short_opt may be replaced by extended shell implementation + func_usage_message + $ECHO "Run '$progname --help |${PAGER-more}' for full usage" + exit 0 +} -# func_split_long_opt longopt -# Set func_split_long_opt_name and func_split_long_opt_arg shell -# variables after splitting LONGOPT at the `=' sign. -func_split_long_opt () +# func_usage_message +# ------------------ +# Echo short help message to standard output. +func_usage_message () { - my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q' - my_sed_long_arg='1s/^--[^=]*=//' + $debug_cmd - func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"` - func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"` -} # func_split_long_opt may be replaced by extended shell implementation + eval \$ECHO \""Usage: $usage"\" + echo + $SED -n 's|^# || + /^Written by/{ + x;p;x + } + h + /^Written by/q' < "$progpath" + echo + eval \$ECHO \""$usage_message"\" +} -exit_cmd=: +# func_version +# ------------ +# Echo version message to standard output and exit. +func_version () +{ + $debug_cmd + printf '%s\n' "$progname $scriptversion" + $SED -n ' + /(C)/!b go + :more + /\./!{ + N + s|\n# | | + b more + } + :go + /^# Written by /,/# warranty; / { + s|^# || + s|^# *$|| + s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2| + p + } + /^# Written by / { + s|^# || + p + } + /^warranty; /q' < "$progpath" + exit $? +} -magic="%%%MAGIC variable%%%" -magic_exe="%%%MAGIC EXE variable%%%" +# Local variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'before-save-hook 'time-stamp) +# time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" +# time-stamp-time-zone: "UTC" +# End: -# Global variables. -nonopt= -preserve_args= -lo2o="s/\\.lo\$/.${objext}/" -o2lo="s/\\.${objext}\$/.lo/" -extracted_archives= -extracted_serial=0 +# Set a version string. +scriptversion='(GNU libtool) 2.4.6' -# If this variable is set in any of the actions, the command in it -# will be execed at the end. This prevents here-documents from being -# left over by shells. -exec_cmd= -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () +# func_echo ARG... +# ---------------- +# Libtool also displays the current mode in messages, so override +# funclib.sh func_echo with this custom definition. +func_echo () { - eval "${1}=\$${1}\${2}" -} # func_append may be replaced by extended shell implementation + $debug_cmd -# func_append_quoted var value -# Quote VALUE and append to the end of shell variable VAR, separated -# by a space. -func_append_quoted () -{ - func_quote_for_eval "${2}" - eval "${1}=\$${1}\\ \$func_quote_for_eval_result" -} # func_append_quoted may be replaced by extended shell implementation + _G_message=$* + + func_echo_IFS=$IFS + IFS=$nl + for _G_line in $_G_message; do + IFS=$func_echo_IFS + $ECHO "$progname${opt_mode+: $opt_mode}: $_G_line" + done + IFS=$func_echo_IFS +} -# func_arith arithmetic-term... -func_arith () +# func_warning ARG... +# ------------------- +# Libtool warnings are not categorized, so override funclib.sh +# func_warning with this simpler definition. +func_warning () { - func_arith_result=`expr "${@}"` -} # func_arith may be replaced by extended shell implementation + $debug_cmd + $warning_func ${1+"$@"} +} -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len` -} # func_len may be replaced by extended shell implementation +## ---------------- ## +## Options parsing. ## +## ---------------- ## + +# Hook in the functions to make sure our own options are parsed during +# the option parsing loop. + +usage='$progpath [OPTION]... [MODE-ARG]...' + +# Short help message in response to '-h'. +usage_message="Options: + --config show all configuration variables + --debug enable verbose shell tracing + -n, --dry-run display commands without modifying any files + --features display basic configuration information and exit + --mode=MODE use operation mode MODE + --no-warnings equivalent to '-Wnone' + --preserve-dup-deps don't remove duplicate dependency libraries + --quiet, --silent don't print informational messages + --tag=TAG use configuration variables from tag TAG + -v, --verbose print more informational messages than default + --version print version information + -W, --warnings=CATEGORY report the warnings falling in CATEGORY [all] + -h, --help, --help-all print short, long, or detailed help message +" -# func_lo2o object -func_lo2o () +# Additional text appended to 'usage_message' in response to '--help'. +func_help () { - func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` -} # func_lo2o may be replaced by extended shell implementation + $debug_cmd + func_usage_message + $ECHO "$long_help_message -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` -} # func_xform may be replaced by extended shell implementation +MODE must be one of the following: + + clean remove files from the build directory + compile compile a source file into a libtool object + execute automatically set library path, then run a program + finish complete the installation of libtool libraries + install install libraries or executables + link create a library or an executable + uninstall remove libraries from an installed directory + +MODE-ARGS vary depending on the MODE. When passed as first option, +'--mode=MODE' may be abbreviated as 'MODE' or a unique abbreviation of that. +Try '$progname --help --mode=MODE' for a more detailed description of MODE. + +When reporting a bug, please describe a test case to reproduce it and +include the following information: + + host-triplet: $host + shell: $SHELL + compiler: $LTCC + compiler flags: $LTCFLAGS + linker: $LD (gnu? $with_gnu_ld) + version: $progname (GNU libtool) 2.4.6 + automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` + autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` + +Report bugs to . +GNU libtool home page: . +General help using GNU software: ." + exit 0 +} -# func_fatal_configuration arg... +# func_lo2o OBJECT-NAME +# --------------------- +# Transform OBJECT-NAME from a '.lo' suffix to the platform specific +# object suffix. + +lo2o=s/\\.lo\$/.$objext/ +o2lo=s/\\.$objext\$/.lo/ + +if test yes = "$_G_HAVE_XSI_OPS"; then + eval 'func_lo2o () + { + case $1 in + *.lo) func_lo2o_result=${1%.lo}.$objext ;; + * ) func_lo2o_result=$1 ;; + esac + }' + + # func_xform LIBOBJ-OR-SOURCE + # --------------------------- + # Transform LIBOBJ-OR-SOURCE from a '.o' or '.c' (or otherwise) + # suffix to a '.lo' libtool-object suffix. + eval 'func_xform () + { + func_xform_result=${1%.*}.lo + }' +else + # ...otherwise fall back to using sed. + func_lo2o () + { + func_lo2o_result=`$ECHO "$1" | $SED "$lo2o"` + } + + func_xform () + { + func_xform_result=`$ECHO "$1" | $SED 's|\.[^.]*$|.lo|'` + } +fi + + +# func_fatal_configuration ARG... +# ------------------------------- # Echo program name prefixed message to standard error, followed by # a configuration failure hint, and exit. func_fatal_configuration () { - func_error ${1+"$@"} - func_error "See the $PACKAGE documentation for more information." - func_fatal_error "Fatal configuration error." + func__fatal_error ${1+"$@"} \ + "See the $PACKAGE documentation for more information." \ + "Fatal configuration error." } # func_config +# ----------- # Display the configuration for all the tags in this script. func_config () { @@ -915,17 +2149,19 @@ exit $? } + # func_features +# ------------- # Display the features supported by this script. func_features () { echo "host: $host" - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then echo "enable shared libraries" else echo "disable shared libraries" fi - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then echo "enable static libraries" else echo "disable static libraries" @@ -934,314 +2170,350 @@ exit $? } -# func_enable_tag tagname + +# func_enable_tag TAGNAME +# ----------------------- # Verify that TAGNAME is valid, and either flag an error and exit, or # enable the TAGNAME tag. We also add TAGNAME to the global $taglist # variable here. func_enable_tag () { - # Global variable: - tagname="$1" + # Global variable: + tagname=$1 - re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" - re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" - sed_extractcf="/$re_begincf/,/$re_endcf/p" - - # Validate tagname. - case $tagname in - *[!-_A-Za-z0-9,/]*) - func_fatal_error "invalid tag name: $tagname" - ;; - esac + re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" + re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" + sed_extractcf=/$re_begincf/,/$re_endcf/p + + # Validate tagname. + case $tagname in + *[!-_A-Za-z0-9,/]*) + func_fatal_error "invalid tag name: $tagname" + ;; + esac - # Don't test for the "default" C tag, as we know it's - # there but not specially marked. - case $tagname in - CC) ;; + # Don't test for the "default" C tag, as we know it's + # there but not specially marked. + case $tagname in + CC) ;; *) - if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then - taglist="$taglist $tagname" + if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then + taglist="$taglist $tagname" - # Evaluate the configuration. Be careful to quote the path - # and the sed script, to avoid splitting on whitespace, but - # also don't use non-portable quotes within backquotes within - # quotes we have to do it in 2 steps: - extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` - eval "$extractedcf" - else - func_error "ignoring unknown tag $tagname" - fi - ;; - esac + # Evaluate the configuration. Be careful to quote the path + # and the sed script, to avoid splitting on whitespace, but + # also don't use non-portable quotes within backquotes within + # quotes we have to do it in 2 steps: + extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` + eval "$extractedcf" + else + func_error "ignoring unknown tag $tagname" + fi + ;; + esac } + # func_check_version_match +# ------------------------ # Ensure that we are using m4 macros, and libtool script from the same # release of libtool. func_check_version_match () { - if test "$package_revision" != "$macro_revision"; then - if test "$VERSION" != "$macro_version"; then - if test -z "$macro_version"; then - cat >&2 <<_LT_EOF + if test "$package_revision" != "$macro_revision"; then + if test "$VERSION" != "$macro_version"; then + if test -z "$macro_version"; then + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from an older release. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF - else - cat >&2 <<_LT_EOF + else + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from $PACKAGE $macro_version. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF - fi - else - cat >&2 <<_LT_EOF + fi + else + cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, $progname: but the definition of this LT_INIT comes from revision $macro_revision. $progname: You should recreate aclocal.m4 with macros from revision $package_revision $progname: of $PACKAGE $VERSION and run autoconf again. _LT_EOF - fi + fi - exit $EXIT_MISMATCH - fi + exit $EXIT_MISMATCH + fi } -# Shorthand for --mode=foo, only valid as the first argument -case $1 in -clean|clea|cle|cl) - shift; set dummy --mode clean ${1+"$@"}; shift - ;; -compile|compil|compi|comp|com|co|c) - shift; set dummy --mode compile ${1+"$@"}; shift - ;; -execute|execut|execu|exec|exe|ex|e) - shift; set dummy --mode execute ${1+"$@"}; shift - ;; -finish|finis|fini|fin|fi|f) - shift; set dummy --mode finish ${1+"$@"}; shift - ;; -install|instal|insta|inst|ins|in|i) - shift; set dummy --mode install ${1+"$@"}; shift - ;; -link|lin|li|l) - shift; set dummy --mode link ${1+"$@"}; shift - ;; -uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) - shift; set dummy --mode uninstall ${1+"$@"}; shift - ;; -esac +# libtool_options_prep [ARG]... +# ----------------------------- +# Preparation for options parsed by libtool. +libtool_options_prep () +{ + $debug_mode + # Option defaults: + opt_config=false + opt_dlopen= + opt_dry_run=false + opt_help=false + opt_mode= + opt_preserve_dup_deps=false + opt_quiet=false + nonopt= + preserve_args= -# Option defaults: -opt_debug=: -opt_dry_run=false -opt_config=false -opt_preserve_dup_deps=false -opt_features=false -opt_finish=false -opt_help=false -opt_help_all=false -opt_silent=: -opt_warning=: -opt_verbose=: -opt_silent=false -opt_verbose=false + # Shorthand for --mode=foo, only valid as the first argument + case $1 in + clean|clea|cle|cl) + shift; set dummy --mode clean ${1+"$@"}; shift + ;; + compile|compil|compi|comp|com|co|c) + shift; set dummy --mode compile ${1+"$@"}; shift + ;; + execute|execut|execu|exec|exe|ex|e) + shift; set dummy --mode execute ${1+"$@"}; shift + ;; + finish|finis|fini|fin|fi|f) + shift; set dummy --mode finish ${1+"$@"}; shift + ;; + install|instal|insta|inst|ins|in|i) + shift; set dummy --mode install ${1+"$@"}; shift + ;; + link|lin|li|l) + shift; set dummy --mode link ${1+"$@"}; shift + ;; + uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) + shift; set dummy --mode uninstall ${1+"$@"}; shift + ;; + esac + # Pass back the list of options. + func_quote_for_eval ${1+"$@"} + libtool_options_prep_result=$func_quote_for_eval_result +} +func_add_hook func_options_prep libtool_options_prep -# Parse options once, thoroughly. This comes as soon as possible in the -# script to make things like `--version' happen as quickly as we can. -{ - # this just eases exit handling - while test $# -gt 0; do - opt="$1" - shift - case $opt in - --debug|-x) opt_debug='set -x' - func_echo "enabling shell trace mode" - $opt_debug - ;; - --dry-run|--dryrun|-n) - opt_dry_run=: - ;; - --config) - opt_config=: -func_config - ;; - --dlopen|-dlopen) - optarg="$1" - opt_dlopen="${opt_dlopen+$opt_dlopen -}$optarg" - shift - ;; - --preserve-dup-deps) - opt_preserve_dup_deps=: - ;; - --features) - opt_features=: -func_features - ;; - --finish) - opt_finish=: -set dummy --mode finish ${1+"$@"}; shift - ;; - --help) - opt_help=: - ;; - --help-all) - opt_help_all=: -opt_help=': help-all' - ;; - --mode) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_mode="$optarg" -case $optarg in - # Valid mode arguments: - clean|compile|execute|finish|install|link|relink|uninstall) ;; - - # Catch anything else as an error - *) func_error "invalid argument for $opt" - exit_cmd=exit - break - ;; -esac - shift - ;; - --no-silent|--no-quiet) - opt_silent=false -func_append preserve_args " $opt" - ;; - --no-warning|--no-warn) - opt_warning=false -func_append preserve_args " $opt" - ;; - --no-verbose) - opt_verbose=false -func_append preserve_args " $opt" - ;; - --silent|--quiet) - opt_silent=: -func_append preserve_args " $opt" - opt_verbose=false - ;; - --verbose|-v) - opt_verbose=: -func_append preserve_args " $opt" -opt_silent=false - ;; - --tag) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_tag="$optarg" -func_append preserve_args " $opt $optarg" -func_enable_tag "$optarg" - shift - ;; - - -\?|-h) func_usage ;; - --help) func_help ;; - --version) func_version ;; - - # Separate optargs to long options: - --*=*) - func_split_long_opt "$opt" - set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"} - shift - ;; - - # Separate non-argument short options: - -\?*|-h*|-n*|-v*) - func_split_short_opt "$opt" - set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"} - shift - ;; - - --) break ;; - -*) func_fatal_help "unrecognized option \`$opt'" ;; - *) set dummy "$opt" ${1+"$@"}; shift; break ;; - esac - done - # Validate options: +# libtool_parse_options [ARG]... +# --------------------------------- +# Provide handling for libtool specific options. +libtool_parse_options () +{ + $debug_cmd - # save first non-option argument - if test "$#" -gt 0; then - nonopt="$opt" - shift - fi + # Perform our own loop to consume as many options as possible in + # each iteration. + while test $# -gt 0; do + _G_opt=$1 + shift + case $_G_opt in + --dry-run|--dryrun|-n) + opt_dry_run=: + ;; + + --config) func_config ;; + + --dlopen|-dlopen) + opt_dlopen="${opt_dlopen+$opt_dlopen +}$1" + shift + ;; + + --preserve-dup-deps) + opt_preserve_dup_deps=: ;; + + --features) func_features ;; + + --finish) set dummy --mode finish ${1+"$@"}; shift ;; + + --help) opt_help=: ;; + + --help-all) opt_help=': help-all' ;; + + --mode) test $# = 0 && func_missing_arg $_G_opt && break + opt_mode=$1 + case $1 in + # Valid mode arguments: + clean|compile|execute|finish|install|link|relink|uninstall) ;; + + # Catch anything else as an error + *) func_error "invalid argument for $_G_opt" + exit_cmd=exit + break + ;; + esac + shift + ;; + + --no-silent|--no-quiet) + opt_quiet=false + func_append preserve_args " $_G_opt" + ;; + + --no-warnings|--no-warning|--no-warn) + opt_warning=false + func_append preserve_args " $_G_opt" + ;; + + --no-verbose) + opt_verbose=false + func_append preserve_args " $_G_opt" + ;; + + --silent|--quiet) + opt_quiet=: + opt_verbose=false + func_append preserve_args " $_G_opt" + ;; + + --tag) test $# = 0 && func_missing_arg $_G_opt && break + opt_tag=$1 + func_append preserve_args " $_G_opt $1" + func_enable_tag "$1" + shift + ;; + + --verbose|-v) opt_quiet=false + opt_verbose=: + func_append preserve_args " $_G_opt" + ;; - # preserve --debug - test "$opt_debug" = : || func_append preserve_args " --debug" + # An option not handled by this hook function: + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; + esac + done - case $host in - *cygwin* | *mingw* | *pw32* | *cegcc*) - # don't eliminate duplications in $postdeps and $predeps - opt_duplicate_compiler_generated_deps=: - ;; - *) - opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps - ;; - esac - $opt_help || { - # Sanity checks first: - func_check_version_match + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + libtool_parse_options_result=$func_quote_for_eval_result +} +func_add_hook func_parse_options libtool_parse_options - if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then - func_fatal_configuration "not configured to build any kind of library" - fi - # Darwin sucks - eval std_shrext=\"$shrext_cmds\" - # Only execute mode is allowed to have -dlopen flags. - if test -n "$opt_dlopen" && test "$opt_mode" != execute; then - func_error "unrecognized option \`-dlopen'" - $ECHO "$help" 1>&2 - exit $EXIT_FAILURE +# libtool_validate_options [ARG]... +# --------------------------------- +# Perform any sanity checks on option settings and/or unconsumed +# arguments. +libtool_validate_options () +{ + # save first non-option argument + if test 0 -lt $#; then + nonopt=$1 + shift fi - # Change the help message to a mode-specific one. - generic_help="$help" - help="Try \`$progname --help --mode=$opt_mode' for more information." - } + # preserve --debug + test : = "$debug_cmd" || func_append preserve_args " --debug" + + case $host in + # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452 + # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788 + *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*) + # don't eliminate duplications in $postdeps and $predeps + opt_duplicate_compiler_generated_deps=: + ;; + *) + opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps + ;; + esac + $opt_help || { + # Sanity checks first: + func_check_version_match + + test yes != "$build_libtool_libs" \ + && test yes != "$build_old_libs" \ + && func_fatal_configuration "not configured to build any kind of library" + + # Darwin sucks + eval std_shrext=\"$shrext_cmds\" + + # Only execute mode is allowed to have -dlopen flags. + if test -n "$opt_dlopen" && test execute != "$opt_mode"; then + func_error "unrecognized option '-dlopen'" + $ECHO "$help" 1>&2 + exit $EXIT_FAILURE + fi + + # Change the help message to a mode-specific one. + generic_help=$help + help="Try '$progname --help --mode=$opt_mode' for more information." + } - # Bail if the options were screwed - $exit_cmd $EXIT_FAILURE + # Pass back the unparsed argument list + func_quote_for_eval ${1+"$@"} + libtool_validate_options_result=$func_quote_for_eval_result } +func_add_hook func_validate_options libtool_validate_options +# Process options as early as possible so that --help and --version +# can return quickly. +func_options ${1+"$@"} +eval set dummy "$func_options_result"; shift + ## ----------- ## ## Main. ## ## ----------- ## +magic='%%%MAGIC variable%%%' +magic_exe='%%%MAGIC EXE variable%%%' + +# Global variables. +extracted_archives= +extracted_serial=0 + +# If this variable is set in any of the actions, the command in it +# will be execed at the end. This prevents here-documents from being +# left over by shells. +exec_cmd= + + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' +} + +# func_generated_by_libtool +# True iff stdin has been generated by Libtool. This function is only +# a basic sanity check; it will hardly flush out determined imposters. +func_generated_by_libtool_p () +{ + $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 +} + # func_lalib_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. +# True iff FILE is a libtool '.la' library or '.lo' object file. # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_lalib_p () { test -f "$1" && - $SED -e 4q "$1" 2>/dev/null \ - | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 + $SED -e 4q "$1" 2>/dev/null | func_generated_by_libtool_p } # func_lalib_unsafe_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. +# True iff FILE is a libtool '.la' library or '.lo' object file. # This function implements the same check as func_lalib_p without # resorting to external programs. To this end, it redirects stdin and # closes it afterwards, without saving the original file descriptor. # As a safety measure, use it only where a negative result would be -# fatal anyway. Works if `file' does not exist. +# fatal anyway. Works if 'file' does not exist. func_lalib_unsafe_p () { lalib_p=no @@ -1249,13 +2521,13 @@ for lalib_p_l in 1 2 3 4 do read lalib_p_line - case "$lalib_p_line" in + case $lalib_p_line in \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;; esac done exec 0<&5 5<&- fi - test "$lalib_p" = yes + test yes = "$lalib_p" } # func_ltwrapper_script_p file @@ -1264,7 +2536,8 @@ # determined imposters. func_ltwrapper_script_p () { - func_lalib_p "$1" + test -f "$1" && + $lt_truncate_bin < "$1" 2>/dev/null | func_generated_by_libtool_p } # func_ltwrapper_executable_p file @@ -1289,7 +2562,7 @@ { func_dirname_and_basename "$1" "" "." func_stripname '' '.exe' "$func_basename_result" - func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" + func_ltwrapper_scriptname_result=$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper } # func_ltwrapper_p file @@ -1308,11 +2581,13 @@ # FAIL_CMD may read-access the current command in variable CMD! func_execute_cmds () { - $opt_debug + $debug_cmd + save_ifs=$IFS; IFS='~' for cmd in $1; do - IFS=$save_ifs + IFS=$sp$nl eval cmd=\"$cmd\" + IFS=$save_ifs func_show_eval "$cmd" "${2-:}" done IFS=$save_ifs @@ -1324,10 +2599,11 @@ # Note that it is not necessary on cygwin/mingw to append a dot to # FILE even if both FILE and FILE.exe exist: automatic-append-.exe # behavior happens only for exec(3), not for open(2)! Also, sourcing -# `FILE.' does not work on cygwin managed mounts. +# 'FILE.' does not work on cygwin managed mounts. func_source () { - $opt_debug + $debug_cmd + case $1 in */* | *\\*) . "$1" ;; *) . "./$1" ;; @@ -1354,10 +2630,10 @@ # store the result into func_replace_sysroot_result. func_replace_sysroot () { - case "$lt_sysroot:$1" in + case $lt_sysroot:$1 in ?*:"$lt_sysroot"*) func_stripname "$lt_sysroot" '' "$1" - func_replace_sysroot_result="=$func_stripname_result" + func_replace_sysroot_result='='$func_stripname_result ;; *) # Including no sysroot. @@ -1374,7 +2650,8 @@ # arg is usually of the form 'gcc ...' func_infer_tag () { - $opt_debug + $debug_cmd + if test -n "$available_tags" && test -z "$tagname"; then CC_quoted= for arg in $CC; do @@ -1393,7 +2670,7 @@ for z in $available_tags; do if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" + eval "`$SED -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" CC_quoted= for arg in $CC; do # Double-quote args containing other shell metacharacters. @@ -1418,7 +2695,7 @@ # line option must be used. if test -z "$tagname"; then func_echo "unable to infer tagged configuration" - func_fatal_error "specify a tag with \`--tag'" + func_fatal_error "specify a tag with '--tag'" # else # func_verbose "using $tagname tagged configuration" fi @@ -1434,15 +2711,15 @@ # but don't create it if we're doing a dry run. func_write_libtool_object () { - write_libobj=${1} - if test "$build_libtool_libs" = yes; then - write_lobj=\'${2}\' + write_libobj=$1 + if test yes = "$build_libtool_libs"; then + write_lobj=\'$2\' else write_lobj=none fi - if test "$build_old_libs" = yes; then - write_oldobj=\'${3}\' + if test yes = "$build_old_libs"; then + write_oldobj=\'$3\' else write_oldobj=none fi @@ -1450,7 +2727,7 @@ $opt_dry_run || { cat >${write_libobj}T </dev/null` - if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then + if test "$?" -eq 0 && test -n "$func_convert_core_file_wine_to_w32_tmp"; then func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | - $SED -e "$lt_sed_naive_backslashify"` + $SED -e "$sed_naive_backslashify"` else func_convert_core_file_wine_to_w32_result= fi @@ -1514,18 +2792,19 @@ # are convertible, then the result may be empty. func_convert_core_path_wine_to_w32 () { - $opt_debug + $debug_cmd + # unfortunately, winepath doesn't convert paths, only file names - func_convert_core_path_wine_to_w32_result="" + func_convert_core_path_wine_to_w32_result= if test -n "$1"; then oldIFS=$IFS IFS=: for func_convert_core_path_wine_to_w32_f in $1; do IFS=$oldIFS func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" - if test -n "$func_convert_core_file_wine_to_w32_result" ; then + if test -n "$func_convert_core_file_wine_to_w32_result"; then if test -z "$func_convert_core_path_wine_to_w32_result"; then - func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result" + func_convert_core_path_wine_to_w32_result=$func_convert_core_file_wine_to_w32_result else func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" fi @@ -1554,7 +2833,8 @@ # environment variable; do not put it in $PATH. func_cygpath () { - $opt_debug + $debug_cmd + if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` if test "$?" -ne 0; then @@ -1563,7 +2843,7 @@ fi else func_cygpath_result= - func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'" + func_error "LT_CYGPATH is empty or specifies non-existent file: '$LT_CYGPATH'" fi } #end: func_cygpath @@ -1574,10 +2854,11 @@ # result in func_convert_core_msys_to_w32_result. func_convert_core_msys_to_w32 () { - $opt_debug + $debug_cmd + # awkward: cmd appends spaces to result func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | - $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` + $SED -e 's/[ ]*$//' -e "$sed_naive_backslashify"` } #end: func_convert_core_msys_to_w32 @@ -1588,13 +2869,14 @@ # func_to_host_file_result to ARG1). func_convert_file_check () { - $opt_debug - if test -z "$2" && test -n "$1" ; then + $debug_cmd + + if test -z "$2" && test -n "$1"; then func_error "Could not determine host file name corresponding to" - func_error " \`$1'" + func_error " '$1'" func_error "Continuing, but uninstalled executables may not work." # Fallback: - func_to_host_file_result="$1" + func_to_host_file_result=$1 fi } # end func_convert_file_check @@ -1606,10 +2888,11 @@ # func_to_host_file_result to a simplistic fallback value (see below). func_convert_path_check () { - $opt_debug + $debug_cmd + if test -z "$4" && test -n "$3"; then func_error "Could not determine the host path corresponding to" - func_error " \`$3'" + func_error " '$3'" func_error "Continuing, but uninstalled executables may not work." # Fallback. This is a deliberately simplistic "conversion" and # should not be "improved". See libtool.info. @@ -1618,7 +2901,7 @@ func_to_host_path_result=`echo "$3" | $SED -e "$lt_replace_pathsep_chars"` else - func_to_host_path_result="$3" + func_to_host_path_result=$3 fi fi } @@ -1630,9 +2913,10 @@ # and appending REPL if ORIG matches BACKPAT. func_convert_path_front_back_pathsep () { - $opt_debug + $debug_cmd + case $4 in - $1 ) func_to_host_path_result="$3$func_to_host_path_result" + $1 ) func_to_host_path_result=$3$func_to_host_path_result ;; esac case $4 in @@ -1646,7 +2930,7 @@ ################################################## # $build to $host FILE NAME CONVERSION FUNCTIONS # ################################################## -# invoked via `$to_host_file_cmd ARG' +# invoked via '$to_host_file_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # Result will be available in $func_to_host_file_result. @@ -1657,7 +2941,8 @@ # in func_to_host_file_result. func_to_host_file () { - $opt_debug + $debug_cmd + $to_host_file_cmd "$1" } # end func_to_host_file @@ -1669,7 +2954,8 @@ # in (the comma separated) LAZY, no conversion takes place. func_to_tool_file () { - $opt_debug + $debug_cmd + case ,$2, in *,"$to_tool_file_cmd",*) func_to_tool_file_result=$1 @@ -1687,7 +2973,7 @@ # Copy ARG to func_to_host_file_result. func_convert_file_noop () { - func_to_host_file_result="$1" + func_to_host_file_result=$1 } # end func_convert_file_noop @@ -1698,11 +2984,12 @@ # func_to_host_file_result. func_convert_file_msys_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" - func_to_host_file_result="$func_convert_core_msys_to_w32_result" + func_to_host_file_result=$func_convert_core_msys_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1714,8 +3001,9 @@ # func_to_host_file_result. func_convert_file_cygwin_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then # because $build is cygwin, we call "the" cygpath in $PATH; no need to use # LT_CYGPATH in this case. @@ -1731,11 +3019,12 @@ # and a working winepath. Returns result in func_to_host_file_result. func_convert_file_nix_to_w32 () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_file_wine_to_w32 "$1" - func_to_host_file_result="$func_convert_core_file_wine_to_w32_result" + func_to_host_file_result=$func_convert_core_file_wine_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1747,12 +3036,13 @@ # Returns result in func_to_host_file_result. func_convert_file_msys_to_cygwin () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" func_cygpath -u "$func_convert_core_msys_to_w32_result" - func_to_host_file_result="$func_cygpath_result" + func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1765,13 +3055,14 @@ # in func_to_host_file_result. func_convert_file_nix_to_cygwin () { - $opt_debug - func_to_host_file_result="$1" + $debug_cmd + + func_to_host_file_result=$1 if test -n "$1"; then # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. func_convert_core_file_wine_to_w32 "$1" func_cygpath -u "$func_convert_core_file_wine_to_w32_result" - func_to_host_file_result="$func_cygpath_result" + func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } @@ -1781,7 +3072,7 @@ ############################################# # $build to $host PATH CONVERSION FUNCTIONS # ############################################# -# invoked via `$to_host_path_cmd ARG' +# invoked via '$to_host_path_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # The result will be available in $func_to_host_path_result. @@ -1805,10 +3096,11 @@ to_host_path_cmd= func_init_to_host_path_cmd () { - $opt_debug + $debug_cmd + if test -z "$to_host_path_cmd"; then func_stripname 'func_convert_file_' '' "$to_host_file_cmd" - to_host_path_cmd="func_convert_path_${func_stripname_result}" + to_host_path_cmd=func_convert_path_$func_stripname_result fi } @@ -1818,7 +3110,8 @@ # in func_to_host_path_result. func_to_host_path () { - $opt_debug + $debug_cmd + func_init_to_host_path_cmd $to_host_path_cmd "$1" } @@ -1829,7 +3122,7 @@ # Copy ARG to func_to_host_path_result. func_convert_path_noop () { - func_to_host_path_result="$1" + func_to_host_path_result=$1 } # end func_convert_path_noop @@ -1840,8 +3133,9 @@ # func_to_host_path_result. func_convert_path_msys_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from ARG. MSYS # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; @@ -1849,7 +3143,7 @@ func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_msys_to_w32_result" + func_to_host_path_result=$func_convert_core_msys_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" @@ -1863,8 +3157,9 @@ # func_to_host_file_result. func_convert_path_cygwin_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" @@ -1883,14 +3178,15 @@ # a working winepath. Returns result in func_to_host_file_result. func_convert_path_nix_to_w32 () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_path_wine_to_w32_result" + func_to_host_path_result=$func_convert_core_path_wine_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" @@ -1904,15 +3200,16 @@ # Returns result in func_to_host_file_result. func_convert_path_msys_to_cygwin () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_msys_to_w32_result" - func_to_host_path_result="$func_cygpath_result" + func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" @@ -1927,8 +3224,9 @@ # func_to_host_file_result. func_convert_path_nix_to_cygwin () { - $opt_debug - func_to_host_path_result="$1" + $debug_cmd + + func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from # ARG. msys behavior is inconsistent here, cygpath turns them @@ -1937,7 +3235,7 @@ func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result" - func_to_host_path_result="$func_cygpath_result" + func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" @@ -1946,13 +3244,31 @@ # end func_convert_path_nix_to_cygwin +# func_dll_def_p FILE +# True iff FILE is a Windows DLL '.def' file. +# Keep in sync with _LT_DLL_DEF_P in libtool.m4 +func_dll_def_p () +{ + $debug_cmd + + func_dll_def_p_tmp=`$SED -n \ + -e 's/^[ ]*//' \ + -e '/^\(;.*\)*$/d' \ + -e 's/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p' \ + -e q \ + "$1"` + test DEF = "$func_dll_def_p_tmp" +} + + # func_mode_compile arg... func_mode_compile () { - $opt_debug + $debug_cmd + # Get the compilation command and the source file. base_compile= - srcfile="$nonopt" # always keep a non-empty value in "srcfile" + srcfile=$nonopt # always keep a non-empty value in "srcfile" suppress_opt=yes suppress_output= arg_mode=normal @@ -1965,12 +3281,12 @@ case $arg_mode in arg ) # do not "continue". Instead, add this to base_compile - lastarg="$arg" + lastarg=$arg arg_mode=normal ;; target ) - libobj="$arg" + libobj=$arg arg_mode=normal continue ;; @@ -1980,7 +3296,7 @@ case $arg in -o) test -n "$libobj" && \ - func_fatal_error "you cannot specify \`-o' more than once" + func_fatal_error "you cannot specify '-o' more than once" arg_mode=target continue ;; @@ -2009,12 +3325,12 @@ func_stripname '-Wc,' '' "$arg" args=$func_stripname_result lastarg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for arg in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_append_quoted lastarg "$arg" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$lastarg" lastarg=$func_stripname_result @@ -2027,8 +3343,8 @@ # Accept the current argument as the source file. # The previous "srcfile" becomes the current argument. # - lastarg="$srcfile" - srcfile="$arg" + lastarg=$srcfile + srcfile=$arg ;; esac # case $arg ;; @@ -2043,13 +3359,13 @@ func_fatal_error "you must specify an argument for -Xcompile" ;; target) - func_fatal_error "you must specify a target with \`-o'" + func_fatal_error "you must specify a target with '-o'" ;; *) # Get the name of the library object. test -z "$libobj" && { func_basename "$srcfile" - libobj="$func_basename_result" + libobj=$func_basename_result } ;; esac @@ -2069,7 +3385,7 @@ case $libobj in *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;; *) - func_fatal_error "cannot determine name of library object from \`$libobj'" + func_fatal_error "cannot determine name of library object from '$libobj'" ;; esac @@ -2078,8 +3394,8 @@ for arg in $later; do case $arg in -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" + test yes = "$build_libtool_libs" \ + || func_fatal_configuration "cannot build a shared library" build_old_libs=no continue ;; @@ -2105,17 +3421,17 @@ func_quote_for_eval "$libobj" test "X$libobj" != "X$func_quote_for_eval_result" \ && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ - && func_warning "libobj name \`$libobj' may not contain shell special characters." + && func_warning "libobj name '$libobj' may not contain shell special characters." func_dirname_and_basename "$obj" "/" "" - objname="$func_basename_result" - xdir="$func_dirname_result" - lobj=${xdir}$objdir/$objname + objname=$func_basename_result + xdir=$func_dirname_result + lobj=$xdir$objdir/$objname test -z "$base_compile" && \ func_fatal_help "you must specify a compilation command" # Delete any leftover library objects. - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then removelist="$obj $lobj $libobj ${libobj}T" else removelist="$lobj $libobj ${libobj}T" @@ -2127,16 +3443,16 @@ pic_mode=default ;; esac - if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then + if test no = "$pic_mode" && test pass_all != "$deplibs_check_method"; then # non-PIC code in shared libraries is not supported pic_mode=default fi # Calculate the filename of the output object if compiler does # not support -o with -c - if test "$compiler_c_o" = no; then - output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext} - lockfile="$output_obj.lock" + if test no = "$compiler_c_o"; then + output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.$objext + lockfile=$output_obj.lock else output_obj= need_locks=no @@ -2145,12 +3461,12 @@ # Lock this critical section if it is needed # We use this script file to make the link, it avoids creating a new file - if test "$need_locks" = yes; then + if test yes = "$need_locks"; then until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" sleep 2 done - elif test "$need_locks" = warn; then + elif test warn = "$need_locks"; then if test -f "$lockfile"; then $ECHO "\ *** ERROR, $lockfile exists and contains: @@ -2158,7 +3474,7 @@ This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2180,11 +3496,11 @@ qsrcfile=$func_quote_for_eval_result # Only build a PIC object if we are building libtool libraries. - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then # Without this assignment, base_compile gets emptied. fbsd_hideous_sh_bug=$base_compile - if test "$pic_mode" != no; then + if test no != "$pic_mode"; then command="$base_compile $qsrcfile $pic_flag" else # Don't build PIC code @@ -2201,7 +3517,7 @@ func_show_eval_locale "$command" \ 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE' - if test "$need_locks" = warn && + if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: @@ -2212,7 +3528,7 @@ This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2228,20 +3544,20 @@ fi # Allow error messages only from the first compilation. - if test "$suppress_opt" = yes; then + if test yes = "$suppress_opt"; then suppress_output=' >/dev/null 2>&1' fi fi # Only build a position-dependent object if we build old libraries. - if test "$build_old_libs" = yes; then - if test "$pic_mode" != yes; then + if test yes = "$build_old_libs"; then + if test yes != "$pic_mode"; then # Don't build PIC code command="$base_compile $qsrcfile$pie_flag" else command="$base_compile $qsrcfile $pic_flag" fi - if test "$compiler_c_o" = yes; then + if test yes = "$compiler_c_o"; then func_append command " -o $obj" fi @@ -2250,7 +3566,7 @@ func_show_eval_locale "$command" \ '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' - if test "$need_locks" = warn && + if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: @@ -2261,7 +3577,7 @@ This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you +your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." @@ -2281,7 +3597,7 @@ func_write_libtool_object "$libobj" "$objdir/$objname" "$objname" # Unlock the critical section if it was locked - if test "$need_locks" != no; then + if test no != "$need_locks"; then removelist=$lockfile $RM "$lockfile" fi @@ -2291,7 +3607,7 @@ } $opt_help || { - test "$opt_mode" = compile && func_mode_compile ${1+"$@"} + test compile = "$opt_mode" && func_mode_compile ${1+"$@"} } func_mode_help () @@ -2311,7 +3627,7 @@ Remove files from the build directory. RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, object or program, all the files associated @@ -2330,16 +3646,16 @@ -no-suppress do not suppress compiler output for multiple passes -prefer-pic try to build PIC objects only -prefer-non-pic try to build non-PIC objects only - -shared do not build a \`.o' file suitable for static linking - -static only build a \`.o' file suitable for static linking + -shared do not build a '.o' file suitable for static linking + -static only build a '.o' file suitable for static linking -Wc,FLAG pass FLAG directly to the compiler -COMPILE-COMMAND is a command to be used in creating a \`standard' object file +COMPILE-COMMAND is a command to be used in creating a 'standard' object file from the given SOURCEFILE. The output file name is determined by removing the directory component from -SOURCEFILE, then substituting the C source code suffix \`.c' with the -library object suffix, \`.lo'." +SOURCEFILE, then substituting the C source code suffix '.c' with the +library object suffix, '.lo'." ;; execute) @@ -2352,7 +3668,7 @@ -dlopen FILE add the directory containing FILE to the library path -This mode sets the library path environment variable according to \`-dlopen' +This mode sets the library path environment variable according to '-dlopen' flags. If any of the ARGS are libtool executable wrappers, then they are translated @@ -2371,7 +3687,7 @@ Each LIBDIR is a directory that contains libtool libraries. The commands that this mode executes may require superuser privileges. Use -the \`--dry-run' option if you just want to see what would be executed." +the '--dry-run' option if you just want to see what would be executed." ;; install) @@ -2381,7 +3697,7 @@ Install executables or libraries. INSTALL-COMMAND is the installation command. The first component should be -either the \`install' or \`cp' program. +either the 'install' or 'cp' program. The following components of INSTALL-COMMAND are treated specially: @@ -2407,7 +3723,7 @@ -avoid-version do not add a version suffix if possible -bindir BINDIR specify path to binaries directory (for systems where libraries must be found in the PATH setting at runtime) - -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime + -dlopen FILE '-dlpreopen' FILE if it cannot be dlopened at runtime -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) -export-symbols SYMFILE @@ -2421,7 +3737,8 @@ -no-install link a not-installable executable -no-undefined declare that a library does not refer to external symbols -o OUTPUT-FILE create OUTPUT-FILE from the specified objects - -objectlist FILE Use a list of object files found in FILE to specify objects + -objectlist FILE use a list of object files found in FILE to specify objects + -os2dllname NAME force a short DLL name on OS/2 (no effect on other OSes) -precious-files-regex REGEX don't remove output files matching REGEX -release RELEASE specify package release information @@ -2441,20 +3758,20 @@ -Xlinker FLAG pass linker-specific FLAG directly to the linker -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) -All other options (arguments beginning with \`-') are ignored. +All other options (arguments beginning with '-') are ignored. -Every other argument is treated as a filename. Files ending in \`.la' are +Every other argument is treated as a filename. Files ending in '.la' are treated as uninstalled libtool libraries, other files are standard or library object files. -If the OUTPUT-FILE ends in \`.la', then a libtool library is created, -only library objects (\`.lo' files) may be specified, and \`-rpath' is +If the OUTPUT-FILE ends in '.la', then a libtool library is created, +only library objects ('.lo' files) may be specified, and '-rpath' is required, except when creating a convenience library. -If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created -using \`ar' and \`ranlib', or on Windows using \`lib'. +If OUTPUT-FILE ends in '.a' or '.lib', then a standard library is created +using 'ar' and 'ranlib', or on Windows using 'lib'. -If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file +If OUTPUT-FILE ends in '.lo' or '.$objext', then a reloadable object file is created, otherwise an executable program is created." ;; @@ -2465,7 +3782,7 @@ Remove libraries from an installation directory. RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +(typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, all the files associated with it are deleted. @@ -2473,17 +3790,17 @@ ;; *) - func_fatal_help "invalid operation mode \`$opt_mode'" + func_fatal_help "invalid operation mode '$opt_mode'" ;; esac echo - $ECHO "Try \`$progname --help' for more information about other modes." + $ECHO "Try '$progname --help' for more information about other modes." } # Now that we've collected a possible --mode arg, show help if necessary if $opt_help; then - if test "$opt_help" = :; then + if test : = "$opt_help"; then func_mode_help else { @@ -2491,7 +3808,7 @@ for opt_mode in compile link execute install finish uninstall clean; do func_mode_help done - } | sed -n '1p; 2,$s/^Usage:/ or: /p' + } | $SED -n '1p; 2,$s/^Usage:/ or: /p' { func_help noexit for opt_mode in compile link execute install finish uninstall clean; do @@ -2499,7 +3816,7 @@ func_mode_help done } | - sed '1d + $SED '1d /^When reporting/,/^Report/{ H d @@ -2516,16 +3833,17 @@ # func_mode_execute arg... func_mode_execute () { - $opt_debug + $debug_cmd + # The first argument is the command name. - cmd="$nonopt" + cmd=$nonopt test -z "$cmd" && \ func_fatal_help "you must specify a COMMAND" # Handle -dlopen flags immediately. for file in $opt_dlopen; do test -f "$file" \ - || func_fatal_help "\`$file' is not a file" + || func_fatal_help "'$file' is not a file" dir= case $file in @@ -2535,7 +3853,7 @@ # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$lib' is not a valid libtool archive" + || func_fatal_help "'$lib' is not a valid libtool archive" # Read the libtool library. dlname= @@ -2546,18 +3864,18 @@ if test -z "$dlname"; then # Warn if it was a shared library. test -n "$library_names" && \ - func_warning "\`$file' was not linked with \`-export-dynamic'" + func_warning "'$file' was not linked with '-export-dynamic'" continue fi func_dirname "$file" "" "." - dir="$func_dirname_result" + dir=$func_dirname_result if test -f "$dir/$objdir/$dlname"; then func_append dir "/$objdir" else if test ! -f "$dir/$dlname"; then - func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" + func_fatal_error "cannot find '$dlname' in '$dir' or '$dir/$objdir'" fi fi ;; @@ -2565,18 +3883,18 @@ *.lo) # Just add the directory containing the .lo file. func_dirname "$file" "" "." - dir="$func_dirname_result" + dir=$func_dirname_result ;; *) - func_warning "\`-dlopen' is ignored for non-libtool libraries and objects" + func_warning "'-dlopen' is ignored for non-libtool libraries and objects" continue ;; esac # Get the absolute pathname. absdir=`cd "$dir" && pwd` - test -n "$absdir" && dir="$absdir" + test -n "$absdir" && dir=$absdir # Now add the directory to shlibpath_var. if eval "test -z \"\$$shlibpath_var\""; then @@ -2588,7 +3906,7 @@ # This variable tells wrapper scripts just to set shlibpath_var # rather than running their programs. - libtool_execute_magic="$magic" + libtool_execute_magic=$magic # Check if any of the arguments is a wrapper script. args= @@ -2601,12 +3919,12 @@ if func_ltwrapper_script_p "$file"; then func_source "$file" # Transform arg to wrapped name. - file="$progdir/$program" + file=$progdir/$program elif func_ltwrapper_executable_p "$file"; then func_ltwrapper_scriptname "$file" func_source "$func_ltwrapper_scriptname_result" # Transform arg to wrapped name. - file="$progdir/$program" + file=$progdir/$program fi ;; esac @@ -2614,7 +3932,15 @@ func_append_quoted args "$file" done - if test "X$opt_dry_run" = Xfalse; then + if $opt_dry_run; then + # Display what would be done. + if test -n "$shlibpath_var"; then + eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" + echo "export $shlibpath_var" + fi + $ECHO "$cmd$args" + exit $EXIT_SUCCESS + else if test -n "$shlibpath_var"; then # Export the shlibpath_var. eval "export $shlibpath_var" @@ -2631,25 +3957,18 @@ done # Now prepare to actually exec the command. - exec_cmd="\$cmd$args" - else - # Display what would be done. - if test -n "$shlibpath_var"; then - eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" - echo "export $shlibpath_var" - fi - $ECHO "$cmd$args" - exit $EXIT_SUCCESS + exec_cmd=\$cmd$args fi } -test "$opt_mode" = execute && func_mode_execute ${1+"$@"} +test execute = "$opt_mode" && func_mode_execute ${1+"$@"} # func_mode_finish arg... func_mode_finish () { - $opt_debug + $debug_cmd + libs= libdirs= admincmds= @@ -2663,11 +3982,11 @@ if func_lalib_unsafe_p "$opt"; then func_append libs " $opt" else - func_warning "\`$opt' is not a valid libtool archive" + func_warning "'$opt' is not a valid libtool archive" fi else - func_fatal_error "invalid argument \`$opt'" + func_fatal_error "invalid argument '$opt'" fi done @@ -2682,12 +4001,12 @@ # Remove sysroot references if $opt_dry_run; then for lib in $libs; do - echo "removing references to $lt_sysroot and \`=' prefixes from $lib" + echo "removing references to $lt_sysroot and '=' prefixes from $lib" done else tmpdir=`func_mktempdir` for lib in $libs; do - sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ + $SED -e "$sysroot_cmd s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ > $tmpdir/tmp-la mv -f $tmpdir/tmp-la $lib done @@ -2712,7 +4031,7 @@ fi # Exit here if they wanted silent mode. - $opt_silent && exit $EXIT_SUCCESS + $opt_quiet && exit $EXIT_SUCCESS if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then echo "----------------------------------------------------------------------" @@ -2723,27 +4042,27 @@ echo echo "If you ever happen to want to link against installed libraries" echo "in a given directory, LIBDIR, you must either use libtool, and" - echo "specify the full pathname of the library, or use the \`-LLIBDIR'" + echo "specify the full pathname of the library, or use the '-LLIBDIR'" echo "flag during linking and do at least one of the following:" if test -n "$shlibpath_var"; then - echo " - add LIBDIR to the \`$shlibpath_var' environment variable" + echo " - add LIBDIR to the '$shlibpath_var' environment variable" echo " during execution" fi if test -n "$runpath_var"; then - echo " - add LIBDIR to the \`$runpath_var' environment variable" + echo " - add LIBDIR to the '$runpath_var' environment variable" echo " during linking" fi if test -n "$hardcode_libdir_flag_spec"; then libdir=LIBDIR eval flag=\"$hardcode_libdir_flag_spec\" - $ECHO " - use the \`$flag' linker flag" + $ECHO " - use the '$flag' linker flag" fi if test -n "$admincmds"; then $ECHO " - have your system administrator run these commands:$admincmds" fi if test -f /etc/ld.so.conf; then - echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" + echo " - have your system administrator add LIBDIR to '/etc/ld.so.conf'" fi echo @@ -2762,18 +4081,20 @@ exit $EXIT_SUCCESS } -test "$opt_mode" = finish && func_mode_finish ${1+"$@"} +test finish = "$opt_mode" && func_mode_finish ${1+"$@"} # func_mode_install arg... func_mode_install () { - $opt_debug + $debug_cmd + # There may be an optional sh(1) argument at the beginning of # install_prog (especially on Windows NT). - if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || + if test "$SHELL" = "$nonopt" || test /bin/sh = "$nonopt" || # Allow the use of GNU shtool's install command. - case $nonopt in *shtool*) :;; *) false;; esac; then + case $nonopt in *shtool*) :;; *) false;; esac + then # Aesthetically quote it. func_quote_for_eval "$nonopt" install_prog="$func_quote_for_eval_result " @@ -2800,7 +4121,7 @@ opts= prev= install_type= - isdir=no + isdir=false stripme= no_mode=: for arg @@ -2813,7 +4134,7 @@ fi case $arg in - -d) isdir=yes ;; + -d) isdir=: ;; -f) if $install_cp; then :; else prev=$arg @@ -2831,7 +4152,7 @@ *) # If the previous option needed an argument, then skip it. if test -n "$prev"; then - if test "x$prev" = x-m && test -n "$install_override_mode"; then + if test X-m = "X$prev" && test -n "$install_override_mode"; then arg2=$install_override_mode no_mode=false fi @@ -2856,7 +4177,7 @@ func_fatal_help "you must specify an install program" test -n "$prev" && \ - func_fatal_help "the \`$prev' option requires an argument" + func_fatal_help "the '$prev' option requires an argument" if test -n "$install_override_mode" && $no_mode; then if $install_cp; then :; else @@ -2878,19 +4199,19 @@ dest=$func_stripname_result # Check to see that the destination is a directory. - test -d "$dest" && isdir=yes - if test "$isdir" = yes; then - destdir="$dest" + test -d "$dest" && isdir=: + if $isdir; then + destdir=$dest destname= else func_dirname_and_basename "$dest" "" "." - destdir="$func_dirname_result" - destname="$func_basename_result" + destdir=$func_dirname_result + destname=$func_basename_result # Not a directory, so check to see that there is only one file specified. set dummy $files; shift test "$#" -gt 1 && \ - func_fatal_help "\`$dest' is not a directory" + func_fatal_help "'$dest' is not a directory" fi case $destdir in [\\/]* | [A-Za-z]:[\\/]*) ;; @@ -2899,7 +4220,7 @@ case $file in *.lo) ;; *) - func_fatal_help "\`$destdir' must be an absolute directory name" + func_fatal_help "'$destdir' must be an absolute directory name" ;; esac done @@ -2908,7 +4229,7 @@ # This variable tells wrapper scripts just to set variables rather # than running their programs. - libtool_install_magic="$magic" + libtool_install_magic=$magic staticlibs= future_libdirs= @@ -2928,7 +4249,7 @@ # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$file' is not a valid libtool archive" + || func_fatal_help "'$file' is not a valid libtool archive" library_names= old_library= @@ -2950,7 +4271,7 @@ fi func_dirname "$file" "/" "" - dir="$func_dirname_result" + dir=$func_dirname_result func_append dir "$objdir" if test -n "$relink_command"; then @@ -2964,7 +4285,7 @@ # are installed into $libdir/../bin (currently, that works fine) # but it's something to keep an eye on. test "$inst_prefix_dir" = "$destdir" && \ - func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir" + func_fatal_error "error: cannot install '$file' to a directory not ending in $libdir" if test -n "$inst_prefix_dir"; then # Stick the inst_prefix_dir data into the link command. @@ -2973,29 +4294,36 @@ relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"` fi - func_warning "relinking \`$file'" + func_warning "relinking '$file'" func_show_eval "$relink_command" \ - 'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"' + 'func_fatal_error "error: relink '\''$file'\'' with the above command before installing it"' fi # See the names of the shared library. set dummy $library_names; shift if test -n "$1"; then - realname="$1" + realname=$1 shift - srcname="$realname" - test -n "$relink_command" && srcname="$realname"T + srcname=$realname + test -n "$relink_command" && srcname=${realname}T # Install the shared library and build the symlinks. func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \ 'exit $?' - tstripme="$stripme" + tstripme=$stripme case $host_os in cygwin* | mingw* | pw32* | cegcc*) case $realname in *.dll.a) - tstripme="" + tstripme= + ;; + esac + ;; + os2*) + case $realname in + *_dll.a) + tstripme= ;; esac ;; @@ -3006,7 +4334,7 @@ if test "$#" -gt 0; then # Delete the old symlinks, and create new ones. - # Try `ln -sf' first, because the `ln' binary might depend on + # Try 'ln -sf' first, because the 'ln' binary might depend on # the symlink we replace! Solaris /bin/ln does not understand -f, # so we also need to try rm && ln -s. for linkname @@ -3017,14 +4345,14 @@ fi # Do each command in the postinstall commands. - lib="$destdir/$realname" + lib=$destdir/$realname func_execute_cmds "$postinstall_cmds" 'exit $?' fi # Install the pseudo-library for information purposes. func_basename "$file" - name="$func_basename_result" - instname="$dir/$name"i + name=$func_basename_result + instname=$dir/${name}i func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' # Maybe install the static library, too. @@ -3036,11 +4364,11 @@ # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then - destfile="$destdir/$destname" + destfile=$destdir/$destname else func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" + destfile=$func_basename_result + destfile=$destdir/$destfile fi # Deduce the name of the destination old-style object file. @@ -3050,11 +4378,11 @@ staticdest=$func_lo2o_result ;; *.$objext) - staticdest="$destfile" + staticdest=$destfile destfile= ;; *) - func_fatal_help "cannot copy a libtool object to \`$destfile'" + func_fatal_help "cannot copy a libtool object to '$destfile'" ;; esac @@ -3063,7 +4391,7 @@ func_show_eval "$install_prog $file $destfile" 'exit $?' # Install the old object if enabled. - if test "$build_old_libs" = yes; then + if test yes = "$build_old_libs"; then # Deduce the name of the old-style object file. func_lo2o "$file" staticobj=$func_lo2o_result @@ -3075,23 +4403,23 @@ *) # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then - destfile="$destdir/$destname" + destfile=$destdir/$destname else func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" + destfile=$func_basename_result + destfile=$destdir/$destfile fi # If the file is missing, and there is a .exe on the end, strip it # because it is most likely a libtool script we actually want to # install - stripped_ext="" + stripped_ext= case $file in *.exe) if test ! -f "$file"; then func_stripname '' '.exe' "$file" file=$func_stripname_result - stripped_ext=".exe" + stripped_ext=.exe fi ;; esac @@ -3119,19 +4447,19 @@ # Check the variables that should have been set. test -z "$generated_by_libtool_version" && \ - func_fatal_error "invalid libtool wrapper script \`$wrapper'" + func_fatal_error "invalid libtool wrapper script '$wrapper'" - finalize=yes + finalize=: for lib in $notinst_deplibs; do # Check to see that each library is installed. libdir= if test -f "$lib"; then func_source "$lib" fi - libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test + libfile=$libdir/`$ECHO "$lib" | $SED 's%^.*/%%g'` if test -n "$libdir" && test ! -f "$libfile"; then - func_warning "\`$lib' has not been installed in \`$libdir'" - finalize=no + func_warning "'$lib' has not been installed in '$libdir'" + finalize=false fi done @@ -3139,29 +4467,29 @@ func_source "$wrapper" outputname= - if test "$fast_install" = no && test -n "$relink_command"; then + if test no = "$fast_install" && test -n "$relink_command"; then $opt_dry_run || { - if test "$finalize" = yes; then + if $finalize; then tmpdir=`func_mktempdir` func_basename "$file$stripped_ext" - file="$func_basename_result" - outputname="$tmpdir/$file" + file=$func_basename_result + outputname=$tmpdir/$file # Replace the output file specification. relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` - $opt_silent || { + $opt_quiet || { func_quote_for_expand "$relink_command" eval "func_echo $func_quote_for_expand_result" } if eval "$relink_command"; then : else - func_error "error: relink \`$file' with the above command before installing it" + func_error "error: relink '$file' with the above command before installing it" $opt_dry_run || ${RM}r "$tmpdir" continue fi - file="$outputname" + file=$outputname else - func_warning "cannot relink \`$file'" + func_warning "cannot relink '$file'" fi } else @@ -3198,10 +4526,10 @@ for file in $staticlibs; do func_basename "$file" - name="$func_basename_result" + name=$func_basename_result # Set up the ranlib parameters. - oldlib="$destdir/$name" + oldlib=$destdir/$name func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 tool_oldlib=$func_to_tool_file_result @@ -3216,18 +4544,18 @@ done test -n "$future_libdirs" && \ - func_warning "remember to run \`$progname --finish$future_libdirs'" + func_warning "remember to run '$progname --finish$future_libdirs'" if test -n "$current_libdirs"; then # Maybe just do a dry run. $opt_dry_run && current_libdirs=" -n$current_libdirs" - exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' + exec_cmd='$SHELL "$progpath" $preserve_args --finish$current_libdirs' else exit $EXIT_SUCCESS fi } -test "$opt_mode" = install && func_mode_install ${1+"$@"} +test install = "$opt_mode" && func_mode_install ${1+"$@"} # func_generate_dlsyms outputname originator pic_p @@ -3235,16 +4563,17 @@ # a dlpreopen symbol table. func_generate_dlsyms () { - $opt_debug - my_outputname="$1" - my_originator="$2" - my_pic_p="${3-no}" - my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'` + $debug_cmd + + my_outputname=$1 + my_originator=$2 + my_pic_p=${3-false} + my_prefix=`$ECHO "$my_originator" | $SED 's%[^a-zA-Z0-9]%_%g'` my_dlsyms= - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then if test -n "$NM" && test -n "$global_symbol_pipe"; then - my_dlsyms="${my_outputname}S.c" + my_dlsyms=${my_outputname}S.c else func_error "not configured to extract global symbols from dlpreopened files" fi @@ -3255,7 +4584,7 @@ "") ;; *.c) # Discover the nlist of each of the dlfiles. - nlist="$output_objdir/${my_outputname}.nm" + nlist=$output_objdir/$my_outputname.nm func_show_eval "$RM $nlist ${nlist}S ${nlist}T" @@ -3263,34 +4592,36 @@ func_verbose "creating $output_objdir/$my_dlsyms" $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\ -/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */ -/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */ +/* $my_dlsyms - symbol resolution table for '$my_outputname' dlsym emulation. */ +/* Generated by $PROGRAM (GNU $PACKAGE) $VERSION */ #ifdef __cplusplus extern \"C\" { #endif -#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) +#if defined __GNUC__ && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) #pragma GCC diagnostic ignored \"-Wstrict-prototypes\" #endif /* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ -#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) -/* DATA imports from DLLs on WIN32 con't be const, because runtime +#if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE +/* DATA imports from DLLs on WIN32 can't be const, because runtime relocations are performed -- see ld's documentation on pseudo-relocs. */ # define LT_DLSYM_CONST -#elif defined(__osf__) +#elif defined __osf__ /* This system does not cope well with relocations in const data. */ # define LT_DLSYM_CONST #else # define LT_DLSYM_CONST const #endif +#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) + /* External symbol declarations for the compiler. */\ " - if test "$dlself" = yes; then - func_verbose "generating symbol list for \`$output'" + if test yes = "$dlself"; then + func_verbose "generating symbol list for '$output'" $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist" @@ -3298,7 +4629,7 @@ progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` for progfile in $progfiles; do func_to_tool_file "$progfile" func_convert_file_msys_to_w32 - func_verbose "extracting global C symbols from \`$func_to_tool_file_result'" + func_verbose "extracting global C symbols from '$func_to_tool_file_result'" $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" done @@ -3318,10 +4649,10 @@ # Prepare the list of exported symbols if test -z "$export_symbols"; then - export_symbols="$output_objdir/$outputname.exp" + export_symbols=$output_objdir/$outputname.exp $opt_dry_run || { $RM $export_symbols - eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' + eval "$SED -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' case $host in *cygwin* | *mingw* | *cegcc* ) eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' @@ -3331,7 +4662,7 @@ } else $opt_dry_run || { - eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' + eval "$SED -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' eval '$MV "$nlist"T "$nlist"' case $host in @@ -3345,22 +4676,22 @@ fi for dlprefile in $dlprefiles; do - func_verbose "extracting global C symbols from \`$dlprefile'" + func_verbose "extracting global C symbols from '$dlprefile'" func_basename "$dlprefile" - name="$func_basename_result" + name=$func_basename_result case $host in *cygwin* | *mingw* | *cegcc* ) # if an import library, we need to obtain dlname if func_win32_import_lib_p "$dlprefile"; then func_tr_sh "$dlprefile" eval "curr_lafile=\$libfile_$func_tr_sh_result" - dlprefile_dlbasename="" + dlprefile_dlbasename= if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then # Use subshell, to avoid clobbering current variable values dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` - if test -n "$dlprefile_dlname" ; then + if test -n "$dlprefile_dlname"; then func_basename "$dlprefile_dlname" - dlprefile_dlbasename="$func_basename_result" + dlprefile_dlbasename=$func_basename_result else # no lafile. user explicitly requested -dlpreopen . $sharedlib_from_linklib_cmd "$dlprefile" @@ -3368,7 +4699,7 @@ fi fi $opt_dry_run || { - if test -n "$dlprefile_dlbasename" ; then + if test -n "$dlprefile_dlbasename"; then eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' else func_warning "Could not compute DLL name from $name" @@ -3424,6 +4755,11 @@ echo '/* NONE */' >> "$output_objdir/$my_dlsyms" fi + func_show_eval '$RM "${nlist}I"' + if test -n "$global_symbol_to_import"; then + eval "$global_symbol_to_import"' < "$nlist"S > "$nlist"I' + fi + echo >> "$output_objdir/$my_dlsyms" "\ /* The mapping between symbol names and symbols. */ @@ -3432,11 +4768,30 @@ void *address; } lt_dlsymlist; extern LT_DLSYM_CONST lt_dlsymlist -lt_${my_prefix}_LTX_preloaded_symbols[]; +lt_${my_prefix}_LTX_preloaded_symbols[];\ +" + + if test -s "$nlist"I; then + echo >> "$output_objdir/$my_dlsyms" "\ +static void lt_syminit(void) +{ + LT_DLSYM_CONST lt_dlsymlist *symbol = lt_${my_prefix}_LTX_preloaded_symbols; + for (; symbol->name; ++symbol) + {" + $SED 's/.*/ if (STREQ (symbol->name, \"&\")) symbol->address = (void *) \&&;/' < "$nlist"I >> "$output_objdir/$my_dlsyms" + echo >> "$output_objdir/$my_dlsyms" "\ + } +}" + fi + echo >> "$output_objdir/$my_dlsyms" "\ LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[] = -{\ - { \"$my_originator\", (void *) 0 }," +{ {\"$my_originator\", (void *) 0}," + + if test -s "$nlist"I; then + echo >> "$output_objdir/$my_dlsyms" "\ + {\"@INIT@\", (void *) <_syminit}," + fi case $need_lib_prefix in no) @@ -3478,9 +4833,7 @@ *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; *) - if test "X$my_pic_p" != Xno; then - pic_flag_for_symtable=" $pic_flag" - fi + $my_pic_p && pic_flag_for_symtable=" $pic_flag" ;; esac ;; @@ -3497,10 +4850,10 @@ func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?' # Clean up the generated files. - func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"' + func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T" "${nlist}I"' # Transform the symbol file into the correct name. - symfileobj="$output_objdir/${my_outputname}S.$objext" + symfileobj=$output_objdir/${my_outputname}S.$objext case $host in *cygwin* | *mingw* | *cegcc* ) if test -f "$output_objdir/$my_outputname.def"; then @@ -3518,7 +4871,7 @@ esac ;; *) - func_fatal_error "unknown suffix for \`$my_dlsyms'" + func_fatal_error "unknown suffix for '$my_dlsyms'" ;; esac else @@ -3532,6 +4885,32 @@ fi } +# func_cygming_gnu_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is a GNU/binutils-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_gnu_implib_p () +{ + $debug_cmd + + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` + test -n "$func_cygming_gnu_implib_tmp" +} + +# func_cygming_ms_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is an MS-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_ms_implib_p () +{ + $debug_cmd + + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` + test -n "$func_cygming_ms_implib_tmp" +} + # func_win32_libid arg # return the library type of file 'arg' # @@ -3541,8 +4920,9 @@ # Despite the name, also deal with 64 bit binaries. func_win32_libid () { - $opt_debug - win32_libid_type="unknown" + $debug_cmd + + win32_libid_type=unknown win32_fileres=`file -L $1 2>/dev/null` case $win32_fileres in *ar\ archive\ import\ library*) # definitely import @@ -3552,16 +4932,29 @@ # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then - func_to_tool_file "$1" func_convert_file_msys_to_w32 - win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | - $SED -n -e ' + case $nm_interface in + "MS dumpbin") + if func_cygming_ms_implib_p "$1" || + func_cygming_gnu_implib_p "$1" + then + win32_nmres=import + else + win32_nmres= + fi + ;; + *) + func_to_tool_file "$1" func_convert_file_msys_to_w32 + win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | + $SED -n -e ' 1,100{ / I /{ - s,.*,import, + s|.*|import| p q } }'` + ;; + esac case $win32_nmres in import*) win32_libid_type="x86 archive import";; *) win32_libid_type="x86 archive static";; @@ -3593,7 +4986,8 @@ # $sharedlib_from_linklib_result func_cygming_dll_for_implib () { - $opt_debug + $debug_cmd + sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` } @@ -3610,7 +5004,8 @@ # specified import library. func_cygming_dll_for_implib_fallback_core () { - $opt_debug + $debug_cmd + match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` $OBJDUMP -s --section "$1" "$2" 2>/dev/null | $SED '/^Contents of section '"$match_literal"':/{ @@ -3646,8 +5041,8 @@ /./p' | # we now have a list, one entry per line, of the stringified # contents of the appropriate section of all members of the - # archive which possess that section. Heuristic: eliminate - # all those which have a first or second character that is + # archive that possess that section. Heuristic: eliminate + # all those that have a first or second character that is # a '.' (that is, objdump's representation of an unprintable # character.) This should work for all archives with less than # 0x302f exports -- but will fail for DLLs whose name actually @@ -3658,30 +5053,6 @@ $SED -e '/^\./d;/^.\./d;q' } -# func_cygming_gnu_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is a GNU/binutils-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_gnu_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` - test -n "$func_cygming_gnu_implib_tmp" -} - -# func_cygming_ms_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is an MS-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_ms_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` - test -n "$func_cygming_ms_implib_tmp" -} - # func_cygming_dll_for_implib_fallback ARG # Platform-specific function to extract the # name of the DLL associated with the specified @@ -3695,16 +5066,17 @@ # $sharedlib_from_linklib_result func_cygming_dll_for_implib_fallback () { - $opt_debug - if func_cygming_gnu_implib_p "$1" ; then + $debug_cmd + + if func_cygming_gnu_implib_p "$1"; then # binutils import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` - elif func_cygming_ms_implib_p "$1" ; then + elif func_cygming_ms_implib_p "$1"; then # ms-generated import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` else # unknown - sharedlib_from_linklib_result="" + sharedlib_from_linklib_result= fi } @@ -3712,10 +5084,11 @@ # func_extract_an_archive dir oldlib func_extract_an_archive () { - $opt_debug - f_ex_an_ar_dir="$1"; shift - f_ex_an_ar_oldlib="$1" - if test "$lock_old_archive_extraction" = yes; then + $debug_cmd + + f_ex_an_ar_dir=$1; shift + f_ex_an_ar_oldlib=$1 + if test yes = "$lock_old_archive_extraction"; then lockfile=$f_ex_an_ar_oldlib.lock until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" @@ -3724,7 +5097,7 @@ fi func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \ 'stat=$?; rm -f "$lockfile"; exit $stat' - if test "$lock_old_archive_extraction" = yes; then + if test yes = "$lock_old_archive_extraction"; then $opt_dry_run || rm -f "$lockfile" fi if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then @@ -3738,22 +5111,23 @@ # func_extract_archives gentop oldlib ... func_extract_archives () { - $opt_debug - my_gentop="$1"; shift + $debug_cmd + + my_gentop=$1; shift my_oldlibs=${1+"$@"} - my_oldobjs="" - my_xlib="" - my_xabs="" - my_xdir="" + my_oldobjs= + my_xlib= + my_xabs= + my_xdir= for my_xlib in $my_oldlibs; do # Extract the objects. case $my_xlib in - [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; + [\\/]* | [A-Za-z]:[\\/]*) my_xabs=$my_xlib ;; *) my_xabs=`pwd`"/$my_xlib" ;; esac func_basename "$my_xlib" - my_xlib="$func_basename_result" + my_xlib=$func_basename_result my_xlib_u=$my_xlib while :; do case " $extracted_archives " in @@ -3765,7 +5139,7 @@ esac done extracted_archives="$extracted_archives $my_xlib_u" - my_xdir="$my_gentop/$my_xlib_u" + my_xdir=$my_gentop/$my_xlib_u func_mkdir_p "$my_xdir" @@ -3778,22 +5152,23 @@ cd $my_xdir || exit $? darwin_archive=$my_xabs darwin_curdir=`pwd` - darwin_base_archive=`basename "$darwin_archive"` + func_basename "$darwin_archive" + darwin_base_archive=$func_basename_result darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true` if test -n "$darwin_arches"; then darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'` darwin_arch= func_verbose "$darwin_base_archive has multiple architectures $darwin_arches" - for darwin_arch in $darwin_arches ; do - func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}" - $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" - cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" - func_extract_an_archive "`pwd`" "${darwin_base_archive}" + for darwin_arch in $darwin_arches; do + func_mkdir_p "unfat-$$/$darwin_base_archive-$darwin_arch" + $LIPO -thin $darwin_arch -output "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" "$darwin_archive" + cd "unfat-$$/$darwin_base_archive-$darwin_arch" + func_extract_an_archive "`pwd`" "$darwin_base_archive" cd "$darwin_curdir" - $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" + $RM "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" done # $darwin_arches ## Okay now we've a bunch of thin objects, gotta fatten them up :) - darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u` + darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$sed_basename" | sort -u` darwin_file= darwin_files= for darwin_file in $darwin_filelist; do @@ -3815,7 +5190,7 @@ my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP` done - func_extract_archives_result="$my_oldobjs" + func_extract_archives_result=$my_oldobjs } @@ -3830,7 +5205,7 @@ # # ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR # variable will take. If 'yes', then the emitted script -# will assume that the directory in which it is stored is +# will assume that the directory where it is stored is # the $objdir directory. This is a cygwin/mingw-specific # behavior. func_emit_wrapper () @@ -3841,7 +5216,7 @@ #! $SHELL # $output - temporary wrapper script for $objdir/$outputname -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # The $output program cannot be directly executed until all the libtool # libraries that it depends on are installed. @@ -3898,9 +5273,9 @@ # Very basic option parsing. These options are (a) specific to # the libtool wrapper, (b) are identical between the wrapper -# /script/ and the wrapper /executable/ which is used only on +# /script/ and the wrapper /executable/ that is used only on # windows platforms, and (c) all begin with the string "--lt-" -# (application programs are unlikely to have options which match +# (application programs are unlikely to have options that match # this pattern). # # There are only two supported options: --lt-debug and @@ -3933,7 +5308,7 @@ # Print the debug banner immediately: if test -n \"\$lt_option_debug\"; then - echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2 + echo \"$outputname:$output:\$LINENO: libtool wrapper (GNU $PACKAGE) $VERSION\" 1>&2 fi } @@ -3944,7 +5319,7 @@ lt_dump_args_N=1; for lt_arg do - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\" + \$ECHO \"$outputname:$output:\$LINENO: newargv[\$lt_dump_args_N]: \$lt_arg\" lt_dump_args_N=\`expr \$lt_dump_args_N + 1\` done } @@ -3958,7 +5333,7 @@ *-*-mingw | *-*-os2* | *-cegcc*) $ECHO "\ if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2 + \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir\\\\\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} @@ -3968,7 +5343,7 @@ *) $ECHO "\ if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2 + \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir/\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir/\$program\" \${1+\"\$@\"} @@ -4043,13 +5418,13 @@ test -n \"\$absdir\" && thisdir=\"\$absdir\" " - if test "$fast_install" = yes; then + if test yes = "$fast_install"; then $ECHO "\ program=lt-'$outputname'$exeext progdir=\"\$thisdir/$objdir\" if test ! -f \"\$progdir/\$program\" || - { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\ + { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | $SED 1q\`; \\ test \"X\$file\" != \"X\$progdir/\$program\"; }; then file=\"\$\$-\$program\" @@ -4066,7 +5441,7 @@ if test -n \"\$relink_command\"; then if relink_command_output=\`eval \$relink_command 2>&1\`; then : else - $ECHO \"\$relink_command_output\" >&2 + \$ECHO \"\$relink_command_output\" >&2 $RM \"\$progdir/\$file\" exit 1 fi @@ -4101,7 +5476,7 @@ fi # Export our shlibpath_var if we have one. - if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then + if test yes = "$shlibpath_overrides_runpath" && test -n "$shlibpath_var" && test -n "$temp_rpath"; then $ECHO "\ # Add our own library path to $shlibpath_var $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" @@ -4121,7 +5496,7 @@ fi else # The program doesn't exist. - \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2 + \$ECHO \"\$0: error: '\$progdir/\$program' does not exist\" 1>&2 \$ECHO \"This script is just a wrapper for \$program.\" 1>&2 \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2 exit 1 @@ -4140,7 +5515,7 @@ cat < #include +#define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) + /* declarations of non-ANSI functions */ -#if defined(__MINGW32__) +#if defined __MINGW32__ # ifdef __STRICT_ANSI__ int _putenv (const char *); # endif -#elif defined(__CYGWIN__) +#elif defined __CYGWIN__ # ifdef __STRICT_ANSI__ char *realpath (const char *, char *); int putenv (char *); int setenv (const char *, const char *, int); # endif -/* #elif defined (other platforms) ... */ +/* #elif defined other_platform || defined ... */ #endif /* portability defines, excluding path handling macros */ -#if defined(_MSC_VER) +#if defined _MSC_VER # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv # define S_IXUSR _S_IEXEC -# ifndef _INTPTR_T_DEFINED -# define _INTPTR_T_DEFINED -# define intptr_t int -# endif -#elif defined(__MINGW32__) +#elif defined __MINGW32__ # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv -#elif defined(__CYGWIN__) +#elif defined __CYGWIN__ # define HAVE_SETENV # define FOPEN_WB "wb" -/* #elif defined (other platforms) ... */ +/* #elif defined other platforms ... */ #endif -#if defined(PATH_MAX) +#if defined PATH_MAX # define LT_PATHMAX PATH_MAX -#elif defined(MAXPATHLEN) +#elif defined MAXPATHLEN # define LT_PATHMAX MAXPATHLEN #else # define LT_PATHMAX 1024 @@ -4234,8 +5607,8 @@ # define PATH_SEPARATOR ':' #endif -#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ - defined (__OS2__) +#if defined _WIN32 || defined __MSDOS__ || defined __DJGPP__ || \ + defined __OS2__ # define HAVE_DOS_BASED_FILE_SYSTEM # define FOPEN_WB "wb" # ifndef DIR_SEPARATOR_2 @@ -4268,10 +5641,10 @@ #define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) #define XFREE(stale) do { \ - if (stale) { free ((void *) stale); stale = 0; } \ + if (stale) { free (stale); stale = 0; } \ } while (0) -#if defined(LT_DEBUGWRAPPER) +#if defined LT_DEBUGWRAPPER static int lt_debug = 1; #else static int lt_debug = 0; @@ -4300,11 +5673,16 @@ EOF cat < 0) && IS_PATH_SEPARATOR (new_value[len-1])) + size_t len = strlen (new_value); + while ((len > 0) && IS_PATH_SEPARATOR (new_value[len-1])) { - new_value[len-1] = '\0'; + new_value[--len] = '\0'; } lt_setenv (name, new_value); XFREE (new_value); @@ -5082,27 +6460,47 @@ # True if ARG is an import lib, as indicated by $file_magic_cmd func_win32_import_lib_p () { - $opt_debug + $debug_cmd + case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in *import*) : ;; *) false ;; esac } +# func_suncc_cstd_abi +# !!ONLY CALL THIS FOR SUN CC AFTER $compile_command IS FULLY EXPANDED!! +# Several compiler flags select an ABI that is incompatible with the +# Cstd library. Avoid specifying it if any are in CXXFLAGS. +func_suncc_cstd_abi () +{ + $debug_cmd + + case " $compile_command " in + *" -compat=g "*|*\ -std=c++[0-9][0-9]\ *|*" -library=stdcxx4 "*|*" -library=stlport4 "*) + suncc_use_cstd_abi=no + ;; + *) + suncc_use_cstd_abi=yes + ;; + esac +} + # func_mode_link arg... func_mode_link () { - $opt_debug + $debug_cmd + case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) # It is impossible to link a dll without this setting, and # we shouldn't force the makefile maintainer to figure out - # which system we are compiling for in order to pass an extra + # what system we are compiling for in order to pass an extra # flag for every libtool invocation. # allow_undefined=no # FIXME: Unfortunately, there are problems with the above when trying - # to make a dll which has undefined symbols, in which case not + # to make a dll that has undefined symbols, in which case not # even a static library is built. For now, we need to specify # -no-undefined on the libtool link line when we can be certain # that all symbols are satisfied, otherwise we get a static library. @@ -5146,10 +6544,11 @@ module=no no_install=no objs= + os2dllname= non_pic_objects= precious_files_regex= prefer_static_libs=no - preload=no + preload=false prev= prevarg= release= @@ -5161,7 +6560,7 @@ vinfo= vinfo_number=no weak_libs= - single_module="${wl}-single_module" + single_module=$wl-single_module func_infer_tag $base_compile # We need to know -static, to get the right output filenames. @@ -5169,15 +6568,15 @@ do case $arg in -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" + test yes != "$build_libtool_libs" \ + && func_fatal_configuration "cannot build a shared library" build_old_libs=no break ;; -all-static | -static | -static-libtool-libs) case $arg in -all-static) - if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then + if test yes = "$build_libtool_libs" && test -z "$link_static_flag"; then func_warning "complete static linking is impossible in this configuration" fi if test -n "$link_static_flag"; then @@ -5210,7 +6609,7 @@ # Go through the arguments, transforming them on the way. while test "$#" -gt 0; do - arg="$1" + arg=$1 shift func_quote_for_eval "$arg" qarg=$func_quote_for_eval_unquoted_result @@ -5227,21 +6626,21 @@ case $prev in bindir) - bindir="$arg" + bindir=$arg prev= continue ;; dlfiles|dlprefiles) - if test "$preload" = no; then + $preload || { # Add the symbol object into the linking commands. func_append compile_command " @SYMFILE@" func_append finalize_command " @SYMFILE@" - preload=yes - fi + preload=: + } case $arg in *.la | *.lo) ;; # We handle these cases below. force) - if test "$dlself" = no; then + if test no = "$dlself"; then dlself=needless export_dynamic=yes fi @@ -5249,9 +6648,9 @@ continue ;; self) - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then dlself=yes - elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then + elif test dlfiles = "$prev" && test yes != "$dlopen_self"; then dlself=yes else dlself=needless @@ -5261,7 +6660,7 @@ continue ;; *) - if test "$prev" = dlfiles; then + if test dlfiles = "$prev"; then func_append dlfiles " $arg" else func_append dlprefiles " $arg" @@ -5272,14 +6671,14 @@ esac ;; expsyms) - export_symbols="$arg" + export_symbols=$arg test -f "$arg" \ - || func_fatal_error "symbol file \`$arg' does not exist" + || func_fatal_error "symbol file '$arg' does not exist" prev= continue ;; expsyms_regex) - export_symbols_regex="$arg" + export_symbols_regex=$arg prev= continue ;; @@ -5297,7 +6696,13 @@ continue ;; inst_prefix) - inst_prefix_dir="$arg" + inst_prefix_dir=$arg + prev= + continue + ;; + mllvm) + # Clang does not use LLVM to link, so we can simply discard any + # '-mllvm $arg' options when doing the link step. prev= continue ;; @@ -5321,21 +6726,21 @@ if test -z "$pic_object" || test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" + test none = "$pic_object" && + test none = "$non_pic_object"; then + func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result - if test "$pic_object" != none; then + if test none != "$pic_object"; then # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" + pic_object=$xdir$pic_object - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + if test dlfiles = "$prev"; then + if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue @@ -5346,7 +6751,7 @@ fi # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= @@ -5354,23 +6759,23 @@ # A PIC object. func_append libobjs " $pic_object" - arg="$pic_object" + arg=$pic_object fi # Non-PIC object. - if test "$non_pic_object" != none; then + if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" + non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" + if test -z "$pic_object" || test none = "$pic_object"; then + arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" + non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else @@ -5378,7 +6783,7 @@ if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result @@ -5386,24 +6791,29 @@ func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else - func_fatal_error "\`$arg' is not a valid libtool object" + func_fatal_error "'$arg' is not a valid libtool object" fi fi done else - func_fatal_error "link input file \`$arg' does not exist" + func_fatal_error "link input file '$arg' does not exist" fi arg=$save_arg prev= continue ;; + os2dllname) + os2dllname=$arg + prev= + continue + ;; precious_regex) - precious_files_regex="$arg" + precious_files_regex=$arg prev= continue ;; release) - release="-$arg" + release=-$arg prev= continue ;; @@ -5415,7 +6825,7 @@ func_fatal_error "only absolute run-paths are allowed" ;; esac - if test "$prev" = rpath; then + if test rpath = "$prev"; then case "$rpath " in *" $arg "*) ;; *) func_append rpath " $arg" ;; @@ -5430,7 +6840,7 @@ continue ;; shrext) - shrext_cmds="$arg" + shrext_cmds=$arg prev= continue ;; @@ -5470,7 +6880,7 @@ esac fi # test -n "$prev" - prevarg="$arg" + prevarg=$arg case $arg in -all-static) @@ -5484,7 +6894,7 @@ -allow-undefined) # FIXME: remove this flag sometime in the future. - func_fatal_error "\`-allow-undefined' must not be used because it is the default" + func_fatal_error "'-allow-undefined' must not be used because it is the default" ;; -avoid-version) @@ -5516,7 +6926,7 @@ if test -n "$export_symbols" || test -n "$export_symbols_regex"; then func_fatal_error "more than one -exported-symbols argument is not allowed" fi - if test "X$arg" = "X-export-symbols"; then + if test X-export-symbols = "X$arg"; then prev=expsyms else prev=expsyms_regex @@ -5550,9 +6960,9 @@ func_stripname "-L" '' "$arg" if test -z "$func_stripname_result"; then if test "$#" -gt 0; then - func_fatal_error "require no space between \`-L' and \`$1'" + func_fatal_error "require no space between '-L' and '$1'" else - func_fatal_error "need path for \`-L' option" + func_fatal_error "need path for '-L' option" fi fi func_resolve_sysroot "$func_stripname_result" @@ -5563,8 +6973,8 @@ *) absdir=`cd "$dir" && pwd` test -z "$absdir" && \ - func_fatal_error "cannot determine absolute directory name of \`$dir'" - dir="$absdir" + func_fatal_error "cannot determine absolute directory name of '$dir'" + dir=$absdir ;; esac case "$deplibs " in @@ -5599,7 +7009,7 @@ ;; -l*) - if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then + if test X-lc = "X$arg" || test X-lm = "X$arg"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*) # These systems don't actually have a C or math library (as such) @@ -5607,11 +7017,11 @@ ;; *-*-os2*) # These systems don't actually have a C library (as such) - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc due to us having libc/libc_r. - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; *-*-rhapsody* | *-*-darwin1.[012]) # Rhapsody C and math libraries are in the System framework @@ -5620,16 +7030,16 @@ ;; *-*-sco3.2v5* | *-*-sco5v6*) # Causes problems with __ctype - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) # Compiler inserts libc in the correct place for threads to work - test "X$arg" = "X-lc" && continue + test X-lc = "X$arg" && continue ;; esac - elif test "X$arg" = "X-lc_r"; then + elif test X-lc_r = "X$arg"; then case $host in - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc_r directly, use -pthread flag. continue ;; @@ -5639,6 +7049,11 @@ continue ;; + -mllvm) + prev=mllvm + continue + ;; + -module) module=yes continue @@ -5668,7 +7083,7 @@ ;; -multi_module) - single_module="${wl}-multi_module" + single_module=$wl-multi_module continue ;; @@ -5682,8 +7097,8 @@ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) # The PATH hackery in wrapper scripts is required on Windows # and Darwin in order for the loader to find any dlls it needs. - func_warning "\`-no-install' is ignored for $host" - func_warning "assuming \`-no-fast-install' instead" + func_warning "'-no-install' is ignored for $host" + func_warning "assuming '-no-fast-install' instead" fast_install=no ;; *) no_install=yes ;; @@ -5701,6 +7116,11 @@ continue ;; + -os2dllname) + prev=os2dllname + continue + ;; + -o) prev=output ;; -precious-files-regex) @@ -5788,14 +7208,14 @@ func_stripname '-Wc,' '' "$arg" args=$func_stripname_result arg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for flag in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $func_quote_for_eval_result" func_append compiler_flags " $func_quote_for_eval_result" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; @@ -5804,15 +7224,15 @@ func_stripname '-Wl,' '' "$arg" args=$func_stripname_result arg= - save_ifs="$IFS"; IFS=',' + save_ifs=$IFS; IFS=, for flag in $args; do - IFS="$save_ifs" + IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $wl$func_quote_for_eval_result" func_append compiler_flags " $wl$func_quote_for_eval_result" func_append linker_flags " $func_quote_for_eval_result" done - IFS="$save_ifs" + IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; @@ -5835,7 +7255,7 @@ # -msg_* for osf cc -msg_*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; # Flags to be passed through unchanged, with rationale: @@ -5847,25 +7267,48 @@ # -m*, -t[45]*, -txscale* architecture-specific flags for GCC # -F/path path to uninstalled frameworks, gcc on darwin # -p, -pg, --coverage, -fprofile-* profiling flags for GCC + # -fstack-protector* stack protector flags for GCC # @file GCC response files # -tp=* Portland pgcc target processor selection # --sysroot=* for sysroot support - # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -stdlib=* select c++ std lib with clang + # -fsanitize=* Clang memory and address sanitizer -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ - -O*|-flto*|-fwhopr*|-fuse-linker-plugin) + -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \ + -fsanitize=*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result func_append compile_command " $arg" func_append finalize_command " $arg" func_append compiler_flags " $arg" continue ;; + -Z*) + if test os2 = "`expr $host : '.*\(os2\)'`"; then + # OS/2 uses -Zxxx to specify OS/2-specific options + compiler_flags="$compiler_flags $arg" + func_append compile_command " $arg" + func_append finalize_command " $arg" + case $arg in + -Zlinker | -Zstack) + prev=xcompiler + ;; + esac + continue + else + # Otherwise treat like 'Some other compiler flag' below + func_quote_for_eval "$arg" + arg=$func_quote_for_eval_result + fi + ;; + # Some other compiler flag. -* | +*) func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; *.$objext) @@ -5886,21 +7329,21 @@ if test -z "$pic_object" || test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" + test none = "$pic_object" && + test none = "$non_pic_object"; then + func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result - if test "$pic_object" != none; then + test none = "$pic_object" || { # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" + pic_object=$xdir$pic_object - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + if test dlfiles = "$prev"; then + if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue @@ -5911,7 +7354,7 @@ fi # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then + if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= @@ -5919,23 +7362,23 @@ # A PIC object. func_append libobjs " $pic_object" - arg="$pic_object" - fi + arg=$pic_object + } # Non-PIC object. - if test "$non_pic_object" != none; then + if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" + non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" + if test -z "$pic_object" || test none = "$pic_object"; then + arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" + non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else @@ -5943,7 +7386,7 @@ if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" - xdir="$func_dirname_result" + xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result @@ -5951,7 +7394,7 @@ func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else - func_fatal_error "\`$arg' is not a valid libtool object" + func_fatal_error "'$arg' is not a valid libtool object" fi fi ;; @@ -5967,11 +7410,11 @@ # A libtool-controlled library. func_resolve_sysroot "$arg" - if test "$prev" = dlfiles; then + if test dlfiles = "$prev"; then # This library was specified with -dlopen. func_append dlfiles " $func_resolve_sysroot_result" prev= - elif test "$prev" = dlprefiles; then + elif test dlprefiles = "$prev"; then # The library was specified with -dlpreopen. func_append dlprefiles " $func_resolve_sysroot_result" prev= @@ -5986,7 +7429,7 @@ # Unknown arguments in both finalize_command and compile_command need # to be aesthetically quoted because they are evaled later. func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" + arg=$func_quote_for_eval_result ;; esac # arg @@ -5998,9 +7441,9 @@ done # argument parsing loop test -n "$prev" && \ - func_fatal_help "the \`$prevarg' option requires an argument" + func_fatal_help "the '$prevarg' option requires an argument" - if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then + if test yes = "$export_dynamic" && test -n "$export_dynamic_flag_spec"; then eval arg=\"$export_dynamic_flag_spec\" func_append compile_command " $arg" func_append finalize_command " $arg" @@ -6009,20 +7452,23 @@ oldlibs= # calculate the name of the file, without its directory func_basename "$output" - outputname="$func_basename_result" - libobjs_save="$libobjs" + outputname=$func_basename_result + libobjs_save=$libobjs if test -n "$shlibpath_var"; then # get the directories listed in $shlibpath_var - eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\` + eval shlib_search_path=\`\$ECHO \"\$$shlibpath_var\" \| \$SED \'s/:/ /g\'\` else shlib_search_path= fi eval sys_lib_search_path=\"$sys_lib_search_path_spec\" eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" + # Definition is injected by LT_CONFIG during libtool generation. + func_munge_path_list sys_lib_dlsearch_path "$LT_SYS_LIBRARY_PATH" + func_dirname "$output" "/" "" - output_objdir="$func_dirname_result$objdir" + output_objdir=$func_dirname_result$objdir func_to_tool_file "$output_objdir/" tool_output_objdir=$func_to_tool_file_result # Create the object directory. @@ -6045,7 +7491,7 @@ # Find all interdependent deplibs by searching for libraries # that are linked more than once (e.g. -la -lb -la) for deplib in $deplibs; do - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac @@ -6053,7 +7499,7 @@ func_append libs " $deplib" done - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then libs="$predeps $libs $compiler_lib_search_path $postdeps" # Compute libraries that are listed more than once in $predeps @@ -6085,7 +7531,7 @@ case $file in *.la) ;; *) - func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file" + func_fatal_help "libraries can '-dlopen' only libtool libraries: $file" ;; esac done @@ -6093,7 +7539,7 @@ prog) compile_deplibs= finalize_deplibs= - alldeplibs=no + alldeplibs=false newdlfiles= newdlprefiles= passes="conv scan dlopen dlpreopen link" @@ -6105,32 +7551,29 @@ for pass in $passes; do # The preopen pass in lib mode reverses $deplibs; put it back here # so that -L comes before libs that need it for instance... - if test "$linkmode,$pass" = "lib,link"; then + if test lib,link = "$linkmode,$pass"; then ## FIXME: Find the place where the list is rebuilt in the wrong ## order, and fix it there properly tmp_deplibs= for deplib in $deplibs; do tmp_deplibs="$deplib $tmp_deplibs" done - deplibs="$tmp_deplibs" + deplibs=$tmp_deplibs fi - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan"; then - libs="$deplibs" + if test lib,link = "$linkmode,$pass" || + test prog,scan = "$linkmode,$pass"; then + libs=$deplibs deplibs= fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then case $pass in - dlopen) libs="$dlfiles" ;; - dlpreopen) libs="$dlprefiles" ;; - link) - libs="$deplibs %DEPLIBS%" - test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs" - ;; + dlopen) libs=$dlfiles ;; + dlpreopen) libs=$dlprefiles ;; + link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; esac fi - if test "$linkmode,$pass" = "lib,dlpreopen"; then + if test lib,dlpreopen = "$linkmode,$pass"; then # Collect and forward deplibs of preopened libtool libs for lib in $dlprefiles; do # Ignore non-libtool-libs @@ -6151,26 +7594,26 @@ esac done done - libs="$dlprefiles" + libs=$dlprefiles fi - if test "$pass" = dlopen; then + if test dlopen = "$pass"; then # Collect dlpreopened libraries - save_deplibs="$deplibs" + save_deplibs=$deplibs deplibs= fi for deplib in $libs; do lib= - found=no + found=false case $deplib in -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else func_append compiler_flags " $deplib" - if test "$linkmode" = lib ; then + if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; @@ -6180,13 +7623,13 @@ continue ;; -l*) - if test "$linkmode" != lib && test "$linkmode" != prog; then - func_warning "\`-l' is ignored for archives/objects" + if test lib != "$linkmode" && test prog != "$linkmode"; then + func_warning "'-l' is ignored for archives/objects" continue fi func_stripname '-l' '' "$deplib" name=$func_stripname_result - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path" else searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path" @@ -6194,31 +7637,22 @@ for searchdir in $searchdirs; do for search_ext in .la $std_shrext .so .a; do # Search the libtool library - lib="$searchdir/lib${name}${search_ext}" + lib=$searchdir/lib$name$search_ext if test -f "$lib"; then - if test "$search_ext" = ".la"; then - found=yes + if test .la = "$search_ext"; then + found=: else - found=no + found=false fi break 2 fi done done - if test "$found" != yes; then - # deplib doesn't seem to be a libtool library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - else # deplib is a libtool library + if $found; then + # deplib is a libtool library # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, # We need to do some special things here, and not later. - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $deplib "*) if func_lalib_p "$lib"; then @@ -6226,19 +7660,19 @@ old_library= func_source "$lib" for l in $old_library $library_names; do - ll="$l" + ll=$l done - if test "X$ll" = "X$old_library" ; then # only static version available - found=no + if test "X$ll" = "X$old_library"; then # only static version available + found=false func_dirname "$lib" "" "." - ladir="$func_dirname_result" + ladir=$func_dirname_result lib=$ladir/$old_library - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" + test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" fi continue fi @@ -6247,15 +7681,25 @@ *) ;; esac fi + else + # deplib doesn't seem to be a libtool library + if test prog,link = "$linkmode,$pass"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" + fi + continue fi ;; # -l *.ltframework) - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" - if test "$linkmode" = lib ; then + if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; @@ -6268,18 +7712,18 @@ case $linkmode in lib) deplibs="$deplib $deplibs" - test "$pass" = conv && continue + test conv = "$pass" && continue newdependency_libs="$deplib $newdependency_libs" func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result" func_append newlib_search_path " $func_resolve_sysroot_result" ;; prog) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi - if test "$pass" = scan; then + if test scan = "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" @@ -6290,13 +7734,13 @@ func_append newlib_search_path " $func_resolve_sysroot_result" ;; *) - func_warning "\`-L' is ignored for archives/objects" + func_warning "'-L' is ignored for archives/objects" ;; esac # linkmode continue ;; # -L -R*) - if test "$pass" = link; then + if test link = "$pass"; then func_stripname '-R' '' "$deplib" func_resolve_sysroot "$func_stripname_result" dir=$func_resolve_sysroot_result @@ -6314,7 +7758,7 @@ lib=$func_resolve_sysroot_result ;; *.$libext) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi @@ -6325,21 +7769,26 @@ case " $dlpreconveniencelibs " in *" $deplib "*) ;; *) - valid_a_lib=no + valid_a_lib=false case $deplibs_check_method in match_pattern*) set dummy $deplibs_check_method; shift match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \ | $EGREP "$match_pattern_regex" > /dev/null; then - valid_a_lib=yes + valid_a_lib=: fi ;; pass_all) - valid_a_lib=yes + valid_a_lib=: ;; esac - if test "$valid_a_lib" != yes; then + if $valid_a_lib; then + echo + $ECHO "*** Warning: Linking the shared library $output against the" + $ECHO "*** static library $deplib is not portable!" + deplibs="$deplib $deplibs" + else echo $ECHO "*** Warning: Trying to link with static lib archive $deplib." echo "*** I have the capability to make that library automatically link in when" @@ -6347,18 +7796,13 @@ echo "*** shared version of the library, which you do not appear to have" echo "*** because the file extensions .$libext of this argument makes me believe" echo "*** that it is just a static archive that I should not use here." - else - echo - $ECHO "*** Warning: Linking the shared library $output against the" - $ECHO "*** static library $deplib is not portable!" - deplibs="$deplib $deplibs" fi ;; esac continue ;; prog) - if test "$pass" != link; then + if test link != "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" @@ -6369,10 +7813,10 @@ esac # linkmode ;; # *.$libext *.lo | *.$objext) - if test "$pass" = conv; then + if test conv = "$pass"; then deplibs="$deplib $deplibs" - elif test "$linkmode" = prog; then - if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + elif test prog = "$linkmode"; then + if test dlpreopen = "$pass" || test yes != "$dlopen_support" || test no = "$build_libtool_libs"; then # If there is no dlopen support or we're linking statically, # we need to preload. func_append newdlprefiles " $deplib" @@ -6385,22 +7829,20 @@ continue ;; %DEPLIBS%) - alldeplibs=yes + alldeplibs=: continue ;; esac # case $deplib - if test "$found" = yes || test -f "$lib"; then : - else - func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'" - fi + $found || test -f "$lib" \ + || func_fatal_error "cannot find the library '$lib' or unhandled argument '$deplib'" # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$lib" \ - || func_fatal_error "\`$lib' is not a valid libtool archive" + || func_fatal_error "'$lib' is not a valid libtool archive" func_dirname "$lib" "" "." - ladir="$func_dirname_result" + ladir=$func_dirname_result dlname= dlopen= @@ -6430,36 +7872,36 @@ done fi dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan" || - { test "$linkmode" != prog && test "$linkmode" != lib; }; then + if test lib,link = "$linkmode,$pass" || + test prog,scan = "$linkmode,$pass" || + { test prog != "$linkmode" && test lib != "$linkmode"; }; then test -n "$dlopen" && func_append dlfiles " $dlopen" test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen" fi - if test "$pass" = conv; then + if test conv = "$pass"; then # Only check for convenience libraries deplibs="$lib $deplibs" if test -z "$libdir"; then if test -z "$old_library"; then - func_fatal_error "cannot find name of link library for \`$lib'" + func_fatal_error "cannot find name of link library for '$lib'" fi # It is a libtool convenience library, so add in its objects. func_append convenience " $ladir/$objdir/$old_library" func_append old_convenience " $ladir/$objdir/$old_library" - tmp_libs= - for deplib in $dependency_libs; do - deplibs="$deplib $deplibs" - if $opt_preserve_dup_deps ; then - case "$tmp_libs " in - *" $deplib "*) func_append specialdeplibs " $deplib" ;; - esac - fi - func_append tmp_libs " $deplib" - done - elif test "$linkmode" != prog && test "$linkmode" != lib; then - func_fatal_error "\`$lib' is not a convenience library" + elif test prog != "$linkmode" && test lib != "$linkmode"; then + func_fatal_error "'$lib' is not a convenience library" fi + tmp_libs= + for deplib in $dependency_libs; do + deplibs="$deplib $deplibs" + if $opt_preserve_dup_deps; then + case "$tmp_libs " in + *" $deplib "*) func_append specialdeplibs " $deplib" ;; + esac + fi + func_append tmp_libs " $deplib" + done continue fi # $pass = conv @@ -6467,26 +7909,26 @@ # Get the name of the library we link against. linklib= if test -n "$old_library" && - { test "$prefer_static_libs" = yes || - test "$prefer_static_libs,$installed" = "built,no"; }; then + { test yes = "$prefer_static_libs" || + test built,no = "$prefer_static_libs,$installed"; }; then linklib=$old_library else for l in $old_library $library_names; do - linklib="$l" + linklib=$l done fi if test -z "$linklib"; then - func_fatal_error "cannot find name of link library for \`$lib'" + func_fatal_error "cannot find name of link library for '$lib'" fi # This library was specified with -dlopen. - if test "$pass" = dlopen; then - if test -z "$libdir"; then - func_fatal_error "cannot -dlopen a convenience library: \`$lib'" - fi + if test dlopen = "$pass"; then + test -z "$libdir" \ + && func_fatal_error "cannot -dlopen a convenience library: '$lib'" if test -z "$dlname" || - test "$dlopen_support" != yes || - test "$build_libtool_libs" = no; then + test yes != "$dlopen_support" || + test no = "$build_libtool_libs" + then # If there is no dlname, no dlopen support or we're linking # statically, we need to preload. We also need to preload any # dependent libraries so libltdl's deplib preloader doesn't @@ -6500,40 +7942,40 @@ # We need an absolute path. case $ladir in - [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs_ladir=$ladir ;; *) abs_ladir=`cd "$ladir" && pwd` if test -z "$abs_ladir"; then - func_warning "cannot determine absolute directory name of \`$ladir'" + func_warning "cannot determine absolute directory name of '$ladir'" func_warning "passing it literally to the linker, although it might fail" - abs_ladir="$ladir" + abs_ladir=$ladir fi ;; esac func_basename "$lib" - laname="$func_basename_result" + laname=$func_basename_result # Find the relevant object directory and library name. - if test "X$installed" = Xyes; then + if test yes = "$installed"; then if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then - func_warning "library \`$lib' was moved." - dir="$ladir" - absdir="$abs_ladir" - libdir="$abs_ladir" + func_warning "library '$lib' was moved." + dir=$ladir + absdir=$abs_ladir + libdir=$abs_ladir else - dir="$lt_sysroot$libdir" - absdir="$lt_sysroot$libdir" + dir=$lt_sysroot$libdir + absdir=$lt_sysroot$libdir fi - test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes + test yes = "$hardcode_automatic" && avoidtemprpath=yes else if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then - dir="$ladir" - absdir="$abs_ladir" + dir=$ladir + absdir=$abs_ladir # Remove this search path later func_append notinst_path " $abs_ladir" else - dir="$ladir/$objdir" - absdir="$abs_ladir/$objdir" + dir=$ladir/$objdir + absdir=$abs_ladir/$objdir # Remove this search path later func_append notinst_path " $abs_ladir" fi @@ -6542,11 +7984,11 @@ name=$func_stripname_result # This library was specified with -dlpreopen. - if test "$pass" = dlpreopen; then - if test -z "$libdir" && test "$linkmode" = prog; then - func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'" + if test dlpreopen = "$pass"; then + if test -z "$libdir" && test prog = "$linkmode"; then + func_fatal_error "only libraries may -dlpreopen a convenience library: '$lib'" fi - case "$host" in + case $host in # special handling for platforms with PE-DLLs. *cygwin* | *mingw* | *cegcc* ) # Linker will automatically link against shared library if both @@ -6590,9 +8032,9 @@ if test -z "$libdir"; then # Link the convenience library - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then deplibs="$dir/$old_library $deplibs" - elif test "$linkmode,$pass" = "prog,link"; then + elif test prog,link = "$linkmode,$pass"; then compile_deplibs="$dir/$old_library $compile_deplibs" finalize_deplibs="$dir/$old_library $finalize_deplibs" else @@ -6602,14 +8044,14 @@ fi - if test "$linkmode" = prog && test "$pass" != link; then + if test prog = "$linkmode" && test link != "$pass"; then func_append newlib_search_path " $ladir" deplibs="$lib $deplibs" - linkalldeplibs=no - if test "$link_all_deplibs" != no || test -z "$library_names" || - test "$build_libtool_libs" = no; then - linkalldeplibs=yes + linkalldeplibs=false + if test no != "$link_all_deplibs" || test -z "$library_names" || + test no = "$build_libtool_libs"; then + linkalldeplibs=: fi tmp_libs= @@ -6621,14 +8063,14 @@ ;; esac # Need to link against all dependency_libs? - if test "$linkalldeplibs" = yes; then + if $linkalldeplibs; then deplibs="$deplib $deplibs" else # Need to hardcode shared library paths # or/and link against static libraries newdependency_libs="$deplib $newdependency_libs" fi - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac @@ -6638,15 +8080,15 @@ continue fi # $linkmode = prog... - if test "$linkmode,$pass" = "prog,link"; then + if test prog,link = "$linkmode,$pass"; then if test -n "$library_names" && - { { test "$prefer_static_libs" = no || - test "$prefer_static_libs,$installed" = "built,yes"; } || + { { test no = "$prefer_static_libs" || + test built,yes = "$prefer_static_libs,$installed"; } || test -z "$old_library"; }; then # We need to hardcode the library path - if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then + if test -n "$shlibpath_var" && test -z "$avoidtemprpath"; then # Make sure the rpath contains only unique directories. - case "$temp_rpath:" in + case $temp_rpath: in *"$absdir:"*) ;; *) func_append temp_rpath "$absdir:" ;; esac @@ -6675,9 +8117,9 @@ esac fi # $linkmode,$pass = prog,link... - if test "$alldeplibs" = yes && - { test "$deplibs_check_method" = pass_all || - { test "$build_libtool_libs" = yes && + if $alldeplibs && + { test pass_all = "$deplibs_check_method" || + { test yes = "$build_libtool_libs" && test -n "$library_names"; }; }; then # We only need to search for static libraries continue @@ -6686,19 +8128,19 @@ link_static=no # Whether the deplib will be linked statically use_static_libs=$prefer_static_libs - if test "$use_static_libs" = built && test "$installed" = yes; then + if test built = "$use_static_libs" && test yes = "$installed"; then use_static_libs=no fi if test -n "$library_names" && - { test "$use_static_libs" = no || test -z "$old_library"; }; then + { test no = "$use_static_libs" || test -z "$old_library"; }; then case $host in - *cygwin* | *mingw* | *cegcc*) + *cygwin* | *mingw* | *cegcc* | *os2*) # No point in relinking DLLs because paths are not encoded func_append notinst_deplibs " $lib" need_relink=no ;; *) - if test "$installed" = no; then + if test no = "$installed"; then func_append notinst_deplibs " $lib" need_relink=yes fi @@ -6708,24 +8150,24 @@ # Warn about portability, can't link against -module's on some # systems (darwin). Don't bleat about dlopened modules though! - dlopenmodule="" + dlopenmodule= for dlpremoduletest in $dlprefiles; do if test "X$dlpremoduletest" = "X$lib"; then - dlopenmodule="$dlpremoduletest" + dlopenmodule=$dlpremoduletest break fi done - if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then + if test -z "$dlopenmodule" && test yes = "$shouldnotlink" && test link = "$pass"; then echo - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then $ECHO "*** Warning: Linking the executable $output against the loadable module" else $ECHO "*** Warning: Linking the shared library $output against the loadable module" fi $ECHO "*** $linklib is not portable!" fi - if test "$linkmode" = lib && - test "$hardcode_into_libs" = yes; then + if test lib = "$linkmode" && + test yes = "$hardcode_into_libs"; then # Hardcode the library path. # Skip directories that are in the system default run-time # search path. @@ -6753,43 +8195,43 @@ # figure out the soname set dummy $library_names shift - realname="$1" + realname=$1 shift libname=`eval "\\$ECHO \"$libname_spec\""` # use dlname if we got it. it's perfectly good, no? if test -n "$dlname"; then - soname="$dlname" + soname=$dlname elif test -n "$soname_spec"; then # bleh windows case $host in - *cygwin* | mingw* | *cegcc*) + *cygwin* | mingw* | *cegcc* | *os2*) func_arith $current - $age major=$func_arith_result - versuffix="-$major" + versuffix=-$major ;; esac eval soname=\"$soname_spec\" else - soname="$realname" + soname=$realname fi # Make a new name for the extract_expsyms_cmds to use - soroot="$soname" + soroot=$soname func_basename "$soroot" - soname="$func_basename_result" + soname=$func_basename_result func_stripname 'lib' '.dll' "$soname" newlib=libimp-$func_stripname_result.a # If the library has no export list, then create one now if test -f "$output_objdir/$soname-def"; then : else - func_verbose "extracting exported symbol list from \`$soname'" + func_verbose "extracting exported symbol list from '$soname'" func_execute_cmds "$extract_expsyms_cmds" 'exit $?' fi # Create $newlib if test -f "$output_objdir/$newlib"; then :; else - func_verbose "generating import library for \`$soname'" + func_verbose "generating import library for '$soname'" func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?' fi # make sure the library variables are pointing to the new library @@ -6797,58 +8239,58 @@ linklib=$newlib fi # test -n "$old_archive_from_expsyms_cmds" - if test "$linkmode" = prog || test "$opt_mode" != relink; then + if test prog = "$linkmode" || test relink != "$opt_mode"; then add_shlibpath= add_dir= add= lib_linked=yes case $hardcode_action in immediate | unsupported) - if test "$hardcode_direct" = no; then - add="$dir/$linklib" + if test no = "$hardcode_direct"; then + add=$dir/$linklib case $host in - *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; - *-*-sysv4*uw2*) add_dir="-L$dir" ;; + *-*-sco3.2v5.0.[024]*) add_dir=-L$dir ;; + *-*-sysv4*uw2*) add_dir=-L$dir ;; *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ - *-*-unixware7*) add_dir="-L$dir" ;; + *-*-unixware7*) add_dir=-L$dir ;; *-*-darwin* ) - # if the lib is a (non-dlopened) module then we can not + # if the lib is a (non-dlopened) module then we cannot # link against it, someone is ignoring the earlier warnings if /usr/bin/file -L $add 2> /dev/null | - $GREP ": [^:]* bundle" >/dev/null ; then + $GREP ": [^:]* bundle" >/dev/null; then if test "X$dlopenmodule" != "X$lib"; then $ECHO "*** Warning: lib $linklib is a module, not a shared library" - if test -z "$old_library" ; then + if test -z "$old_library"; then echo echo "*** And there doesn't seem to be a static archive available" echo "*** The link will probably fail, sorry" else - add="$dir/$old_library" + add=$dir/$old_library fi elif test -n "$old_library"; then - add="$dir/$old_library" + add=$dir/$old_library fi fi esac - elif test "$hardcode_minus_L" = no; then + elif test no = "$hardcode_minus_L"; then case $host in - *-*-sunos*) add_shlibpath="$dir" ;; + *-*-sunos*) add_shlibpath=$dir ;; esac - add_dir="-L$dir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = no; then - add_shlibpath="$dir" - add="-l$name" + add_dir=-L$dir + add=-l$name + elif test no = "$hardcode_shlibpath_var"; then + add_shlibpath=$dir + add=-l$name else lib_linked=no fi ;; relink) - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$dir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$absdir" + if test yes = "$hardcode_direct" && + test no = "$hardcode_direct_absolute"; then + add=$dir/$linklib + elif test yes = "$hardcode_minus_L"; then + add_dir=-L$absdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -6857,10 +8299,10 @@ ;; esac fi - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - add_shlibpath="$dir" - add="-l$name" + add=-l$name + elif test yes = "$hardcode_shlibpath_var"; then + add_shlibpath=$dir + add=-l$name else lib_linked=no fi @@ -6868,7 +8310,7 @@ *) lib_linked=no ;; esac - if test "$lib_linked" != yes; then + if test yes != "$lib_linked"; then func_fatal_configuration "unsupported hardcode properties" fi @@ -6878,15 +8320,15 @@ *) func_append compile_shlibpath "$add_shlibpath:" ;; esac fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" test -n "$add" && compile_deplibs="$add $compile_deplibs" else test -n "$add_dir" && deplibs="$add_dir $deplibs" test -n "$add" && deplibs="$add $deplibs" - if test "$hardcode_direct" != yes && - test "$hardcode_minus_L" != yes && - test "$hardcode_shlibpath_var" = yes; then + if test yes != "$hardcode_direct" && + test yes != "$hardcode_minus_L" && + test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; @@ -6895,33 +8337,33 @@ fi fi - if test "$linkmode" = prog || test "$opt_mode" = relink; then + if test prog = "$linkmode" || test relink = "$opt_mode"; then add_shlibpath= add_dir= add= # Finalize command for both is simple: just hardcode it. - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$libdir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$libdir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then + if test yes = "$hardcode_direct" && + test no = "$hardcode_direct_absolute"; then + add=$libdir/$linklib + elif test yes = "$hardcode_minus_L"; then + add_dir=-L$libdir + add=-l$name + elif test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; esac - add="-l$name" - elif test "$hardcode_automatic" = yes; then + add=-l$name + elif test yes = "$hardcode_automatic"; then if test -n "$inst_prefix_dir" && - test -f "$inst_prefix_dir$libdir/$linklib" ; then - add="$inst_prefix_dir$libdir/$linklib" + test -f "$inst_prefix_dir$libdir/$linklib"; then + add=$inst_prefix_dir$libdir/$linklib else - add="$libdir/$linklib" + add=$libdir/$linklib fi else # We cannot seem to hardcode it, guess we'll fake it. - add_dir="-L$libdir" + add_dir=-L$libdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -6930,10 +8372,10 @@ ;; esac fi - add="-l$name" + add=-l$name fi - if test "$linkmode" = prog; then + if test prog = "$linkmode"; then test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" test -n "$add" && finalize_deplibs="$add $finalize_deplibs" else @@ -6941,43 +8383,43 @@ test -n "$add" && deplibs="$add $deplibs" fi fi - elif test "$linkmode" = prog; then + elif test prog = "$linkmode"; then # Here we assume that one of hardcode_direct or hardcode_minus_L # is not unsupported. This is valid on all known static and # shared platforms. - if test "$hardcode_direct" != unsupported; then - test -n "$old_library" && linklib="$old_library" + if test unsupported != "$hardcode_direct"; then + test -n "$old_library" && linklib=$old_library compile_deplibs="$dir/$linklib $compile_deplibs" finalize_deplibs="$dir/$linklib $finalize_deplibs" else compile_deplibs="-l$name -L$dir $compile_deplibs" finalize_deplibs="-l$name -L$dir $finalize_deplibs" fi - elif test "$build_libtool_libs" = yes; then + elif test yes = "$build_libtool_libs"; then # Not a shared library - if test "$deplibs_check_method" != pass_all; then + if test pass_all != "$deplibs_check_method"; then # We're trying link a shared library against a static one # but the system doesn't support it. # Just print a warning and add the library to dependency_libs so # that the program can be linked against the static library. echo - $ECHO "*** Warning: This system can not link to static lib archive $lib." + $ECHO "*** Warning: This system cannot link to static lib archive $lib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have." - if test "$module" = yes; then + if test yes = "$module"; then echo "*** But as you try to build a module library, libtool will still create " echo "*** a static module, that should work as long as the dlopening application" echo "*** is linked with the -dlopen flag to resolve symbols at runtime." if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." + echo "*** 'nm' from GNU binutils and a full rebuild may help." fi - if test "$build_old_libs" = no; then + if test no = "$build_old_libs"; then build_libtool_libs=module build_old_libs=yes else @@ -6990,11 +8432,11 @@ fi fi # link shared/static library? - if test "$linkmode" = lib; then + if test lib = "$linkmode"; then if test -n "$dependency_libs" && - { test "$hardcode_into_libs" != yes || - test "$build_old_libs" = yes || - test "$link_static" = yes; }; then + { test yes != "$hardcode_into_libs" || + test yes = "$build_old_libs" || + test yes = "$link_static"; }; then # Extract -R from dependency_libs temp_deplibs= for libdir in $dependency_libs; do @@ -7008,12 +8450,12 @@ *) func_append temp_deplibs " $libdir";; esac done - dependency_libs="$temp_deplibs" + dependency_libs=$temp_deplibs fi func_append newlib_search_path " $absdir" # Link against this library - test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" + test no = "$link_static" && newdependency_libs="$abs_ladir/$laname $newdependency_libs" # ... and its dependency_libs tmp_libs= for deplib in $dependency_libs; do @@ -7023,7 +8465,7 @@ func_resolve_sysroot "$func_stripname_result";; *) func_resolve_sysroot "$deplib" ;; esac - if $opt_preserve_dup_deps ; then + if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $func_resolve_sysroot_result "*) func_append specialdeplibs " $func_resolve_sysroot_result" ;; @@ -7032,12 +8474,12 @@ func_append tmp_libs " $func_resolve_sysroot_result" done - if test "$link_all_deplibs" != no; then + if test no != "$link_all_deplibs"; then # Add the search paths of all dependency libraries for deplib in $dependency_libs; do path= case $deplib in - -L*) path="$deplib" ;; + -L*) path=$deplib ;; *.la) func_resolve_sysroot "$deplib" deplib=$func_resolve_sysroot_result @@ -7045,12 +8487,12 @@ dir=$func_dirname_result # We need an absolute path. case $dir in - [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; + [\\/]* | [A-Za-z]:[\\/]*) absdir=$dir ;; *) absdir=`cd "$dir" && pwd` if test -z "$absdir"; then - func_warning "cannot determine absolute directory name of \`$dir'" - absdir="$dir" + func_warning "cannot determine absolute directory name of '$dir'" + absdir=$dir fi ;; esac @@ -7058,35 +8500,35 @@ case $host in *-*-darwin*) depdepl= - eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` - if test -n "$deplibrary_names" ; then - for tmp in $deplibrary_names ; do + eval deplibrary_names=`$SED -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` + if test -n "$deplibrary_names"; then + for tmp in $deplibrary_names; do depdepl=$tmp done - if test -f "$absdir/$objdir/$depdepl" ; then - depdepl="$absdir/$objdir/$depdepl" - darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + if test -f "$absdir/$objdir/$depdepl"; then + depdepl=$absdir/$objdir/$depdepl + darwin_install_name=`$OTOOL -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` if test -z "$darwin_install_name"; then - darwin_install_name=`${OTOOL64} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + darwin_install_name=`$OTOOL64 -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` fi - func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}" - func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}" + func_append compiler_flags " $wl-dylib_file $wl$darwin_install_name:$depdepl" + func_append linker_flags " -dylib_file $darwin_install_name:$depdepl" path= fi fi ;; *) - path="-L$absdir/$objdir" + path=-L$absdir/$objdir ;; esac else - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" + func_fatal_error "'$deplib' is not a valid libtool archive" test "$absdir" != "$libdir" && \ - func_warning "\`$deplib' seems to be moved" + func_warning "'$deplib' seems to be moved" - path="-L$absdir" + path=-L$absdir fi ;; esac @@ -7098,23 +8540,23 @@ fi # link_all_deplibs != no fi # linkmode = lib done # for deplib in $libs - if test "$pass" = link; then - if test "$linkmode" = "prog"; then + if test link = "$pass"; then + if test prog = "$linkmode"; then compile_deplibs="$new_inherited_linker_flags $compile_deplibs" finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs" else compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` fi fi - dependency_libs="$newdependency_libs" - if test "$pass" = dlpreopen; then + dependency_libs=$newdependency_libs + if test dlpreopen = "$pass"; then # Link the dlpreopened libraries before other libraries for deplib in $save_deplibs; do deplibs="$deplib $deplibs" done fi - if test "$pass" != dlopen; then - if test "$pass" != conv; then + if test dlopen != "$pass"; then + test conv = "$pass" || { # Make sure lib_search_path contains only unique directories. lib_search_path= for dir in $newlib_search_path; do @@ -7124,12 +8566,12 @@ esac done newlib_search_path= - fi + } - if test "$linkmode,$pass" != "prog,link"; then - vars="deplibs" - else + if test prog,link = "$linkmode,$pass"; then vars="compile_deplibs finalize_deplibs" + else + vars=deplibs fi for var in $vars dependency_libs; do # Add libraries to $var in reverse order @@ -7187,62 +8629,93 @@ eval $var=\"$tmp_libs\" done # for var fi + + # Add Sun CC postdeps if required: + test CXX = "$tagname" && { + case $host_os in + linux*) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) # Sun C++ 5.9 + func_suncc_cstd_abi + + if test no != "$suncc_use_cstd_abi"; then + func_append postdeps ' -library=Cstd -library=Crun' + fi + ;; + esac + ;; + + solaris*) + func_cc_basename "$CC" + case $func_cc_basename_result in + CC* | sunCC*) + func_suncc_cstd_abi + + if test no != "$suncc_use_cstd_abi"; then + func_append postdeps ' -library=Cstd -library=Crun' + fi + ;; + esac + ;; + esac + } + # Last step: remove runtime libs from dependency_libs # (they stay in deplibs) tmp_libs= - for i in $dependency_libs ; do + for i in $dependency_libs; do case " $predeps $postdeps $compiler_lib_search_path " in *" $i "*) - i="" + i= ;; esac - if test -n "$i" ; then + if test -n "$i"; then func_append tmp_libs " $i" fi done dependency_libs=$tmp_libs done # for pass - if test "$linkmode" = prog; then - dlfiles="$newdlfiles" + if test prog = "$linkmode"; then + dlfiles=$newdlfiles fi - if test "$linkmode" = prog || test "$linkmode" = lib; then - dlprefiles="$newdlprefiles" + if test prog = "$linkmode" || test lib = "$linkmode"; then + dlprefiles=$newdlprefiles fi case $linkmode in oldlib) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for archives" + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then + func_warning "'-dlopen' is ignored for archives" fi case " $deplibs" in *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for archives" ;; + func_warning "'-l' and '-L' are ignored for archives" ;; esac test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for archives" + func_warning "'-rpath' is ignored for archives" test -n "$xrpath" && \ - func_warning "\`-R' is ignored for archives" + func_warning "'-R' is ignored for archives" test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for archives" + func_warning "'-version-info/-version-number' is ignored for archives" test -n "$release" && \ - func_warning "\`-release' is ignored for archives" + func_warning "'-release' is ignored for archives" test -n "$export_symbols$export_symbols_regex" && \ - func_warning "\`-export-symbols' is ignored for archives" + func_warning "'-export-symbols' is ignored for archives" # Now set the variables for building old libraries. build_libtool_libs=no - oldlibs="$output" + oldlibs=$output func_append objs "$old_deplibs" ;; lib) - # Make sure we only generate libraries of the form `libNAME.la'. + # Make sure we only generate libraries of the form 'libNAME.la'. case $outputname in lib*) func_stripname 'lib' '.la' "$outputname" @@ -7251,10 +8724,10 @@ eval libname=\"$libname_spec\" ;; *) - test "$module" = no && \ - func_fatal_help "libtool library \`$output' must begin with \`lib'" + test no = "$module" \ + && func_fatal_help "libtool library '$output' must begin with 'lib'" - if test "$need_lib_prefix" != no; then + if test no != "$need_lib_prefix"; then # Add the "lib" prefix for modules if required func_stripname '' '.la' "$outputname" name=$func_stripname_result @@ -7268,8 +8741,8 @@ esac if test -n "$objs"; then - if test "$deplibs_check_method" != pass_all; then - func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs" + if test pass_all != "$deplibs_check_method"; then + func_fatal_error "cannot build libtool library '$output' from non-libtool objects on this host:$objs" else echo $ECHO "*** Warning: Linking the shared library $output against the non-libtool" @@ -7278,21 +8751,21 @@ fi fi - test "$dlself" != no && \ - func_warning "\`-dlopen self' is ignored for libtool libraries" + test no = "$dlself" \ + || func_warning "'-dlopen self' is ignored for libtool libraries" set dummy $rpath shift - test "$#" -gt 1 && \ - func_warning "ignoring multiple \`-rpath's for a libtool library" + test 1 -lt "$#" \ + && func_warning "ignoring multiple '-rpath's for a libtool library" - install_libdir="$1" + install_libdir=$1 oldlibs= if test -z "$rpath"; then - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then # Building a libtool convenience library. - # Some compilers have problems with a `.al' extension so + # Some compilers have problems with a '.al' extension so # convenience libraries should have the same extension an # archive normally would. oldlibs="$output_objdir/$libname.$libext $oldlibs" @@ -7301,20 +8774,20 @@ fi test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for convenience libraries" + func_warning "'-version-info/-version-number' is ignored for convenience libraries" test -n "$release" && \ - func_warning "\`-release' is ignored for convenience libraries" + func_warning "'-release' is ignored for convenience libraries" else # Parse the version information argument. - save_ifs="$IFS"; IFS=':' + save_ifs=$IFS; IFS=: set dummy $vinfo 0 0 0 shift - IFS="$save_ifs" + IFS=$save_ifs test -n "$7" && \ - func_fatal_help "too many parameters to \`-version-info'" + func_fatal_help "too many parameters to '-version-info'" # convert absolute version numbers to libtool ages # this retains compatibility with .la files and attempts @@ -7322,45 +8795,42 @@ case $vinfo_number in yes) - number_major="$1" - number_minor="$2" - number_revision="$3" + number_major=$1 + number_minor=$2 + number_revision=$3 # # There are really only two kinds -- those that # use the current revision as the major version # and those that subtract age and use age as # a minor version. But, then there is irix - # which has an extra 1 added just for fun + # that has an extra 1 added just for fun # case $version_type in # correct linux to gnu/linux during the next big refactor - darwin|linux|osf|windows|none) + darwin|freebsd-elf|linux|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result - age="$number_minor" - revision="$number_revision" + age=$number_minor + revision=$number_revision ;; - freebsd-aout|freebsd-elf|qnx|sunos) - current="$number_major" - revision="$number_minor" - age="0" + freebsd-aout|qnx|sunos) + current=$number_major + revision=$number_minor + age=0 ;; irix|nonstopux) func_arith $number_major + $number_minor current=$func_arith_result - age="$number_minor" - revision="$number_minor" + age=$number_minor + revision=$number_minor lt_irix_increment=no ;; - *) - func_fatal_configuration "$modename: unknown library version type \`$version_type'" - ;; esac ;; no) - current="$1" - revision="$2" - age="$3" + current=$1 + revision=$2 + age=$3 ;; esac @@ -7368,30 +8838,30 @@ case $current in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "CURRENT \`$current' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "CURRENT '$current' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac case $revision in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "REVISION \`$revision' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "REVISION '$revision' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac case $age in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) - func_error "AGE \`$age' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "AGE '$age' must be a nonnegative integer" + func_fatal_error "'$vinfo' is not valid version information" ;; esac if test "$age" -gt "$current"; then - func_error "AGE \`$age' is greater than the current interface number \`$current'" - func_fatal_error "\`$vinfo' is not valid version information" + func_error "AGE '$age' is greater than the current interface number '$current'" + func_fatal_error "'$vinfo' is not valid version information" fi # Calculate the version variables. @@ -7406,26 +8876,36 @@ # verstring for coding it into the library header func_arith $current - $age major=.$func_arith_result - versuffix="$major.$age.$revision" + versuffix=$major.$age.$revision # Darwin ld doesn't like 0 for these options... func_arith $current + 1 minor_current=$func_arith_result - xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" + xlcverstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + # On Darwin other compilers + case $CC in + nagfor*) + verstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" + ;; + *) + verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + ;; + esac ;; freebsd-aout) - major=".$current" - versuffix=".$current.$revision"; + major=.$current + versuffix=.$current.$revision ;; freebsd-elf) - major=".$current" - versuffix=".$current" + func_arith $current - $age + major=.$func_arith_result + versuffix=$major.$age.$revision ;; irix | nonstopux) - if test "X$lt_irix_increment" = "Xno"; then + if test no = "$lt_irix_increment"; then func_arith $current - $age else func_arith $current - $age + 1 @@ -7436,69 +8916,74 @@ nonstopux) verstring_prefix=nonstopux ;; *) verstring_prefix=sgi ;; esac - verstring="$verstring_prefix$major.$revision" + verstring=$verstring_prefix$major.$revision # Add in all the interfaces that we are compatible with. loop=$revision - while test "$loop" -ne 0; do + while test 0 -ne "$loop"; do func_arith $revision - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result - verstring="$verstring_prefix$major.$iface:$verstring" + verstring=$verstring_prefix$major.$iface:$verstring done - # Before this point, $major must not contain `.'. + # Before this point, $major must not contain '.'. major=.$major - versuffix="$major.$revision" + versuffix=$major.$revision ;; linux) # correct to gnu/linux during the next big refactor func_arith $current - $age major=.$func_arith_result - versuffix="$major.$age.$revision" + versuffix=$major.$age.$revision ;; osf) func_arith $current - $age major=.$func_arith_result - versuffix=".$current.$age.$revision" - verstring="$current.$age.$revision" + versuffix=.$current.$age.$revision + verstring=$current.$age.$revision # Add in all the interfaces that we are compatible with. loop=$age - while test "$loop" -ne 0; do + while test 0 -ne "$loop"; do func_arith $current - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result - verstring="$verstring:${iface}.0" + verstring=$verstring:$iface.0 done # Make executables depend on our current version. - func_append verstring ":${current}.0" + func_append verstring ":$current.0" ;; qnx) - major=".$current" - versuffix=".$current" + major=.$current + versuffix=.$current + ;; + + sco) + major=.$current + versuffix=.$current ;; sunos) - major=".$current" - versuffix=".$current.$revision" + major=.$current + versuffix=.$current.$revision ;; windows) # Use '-' rather than '.', since we only want one - # extension on DOS 8.3 filesystems. + # extension on DOS 8.3 file systems. func_arith $current - $age major=$func_arith_result - versuffix="-$major" + versuffix=-$major ;; *) - func_fatal_configuration "unknown library version type \`$version_type'" + func_fatal_configuration "unknown library version type '$version_type'" ;; esac @@ -7512,42 +8997,45 @@ verstring= ;; *) - verstring="0.0" + verstring=0.0 ;; esac - if test "$need_version" = no; then + if test no = "$need_version"; then versuffix= else - versuffix=".0.0" + versuffix=.0.0 fi fi # Remove version info from name if versioning should be avoided - if test "$avoid_version" = yes && test "$need_version" = no; then + if test yes,no = "$avoid_version,$need_version"; then major= versuffix= - verstring="" + verstring= fi # Check to see if the archive will have undefined symbols. - if test "$allow_undefined" = yes; then - if test "$allow_undefined_flag" = unsupported; then - func_warning "undefined symbols not allowed in $host shared libraries" - build_libtool_libs=no - build_old_libs=yes + if test yes = "$allow_undefined"; then + if test unsupported = "$allow_undefined_flag"; then + if test yes = "$build_old_libs"; then + func_warning "undefined symbols not allowed in $host shared libraries; building static only" + build_libtool_libs=no + else + func_fatal_error "can't build $host shared library unless -no-undefined is specified" + fi fi else # Don't allow undefined symbols. - allow_undefined_flag="$no_undefined_flag" + allow_undefined_flag=$no_undefined_flag fi fi - func_generate_dlsyms "$libname" "$libname" "yes" + func_generate_dlsyms "$libname" "$libname" : func_append libobjs " $symfileobj" - test "X$libobjs" = "X " && libobjs= + test " " = "$libobjs" && libobjs= - if test "$opt_mode" != relink; then + if test relink != "$opt_mode"; then # Remove our outputs, but don't remove object files since they # may have been created when compiling PIC objects. removelist= @@ -7556,8 +9044,8 @@ case $p in *.$objext | *.gcno) ;; - $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) - if test "X$precious_files_regex" != "X"; then + $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/$libname$release.*) + if test -n "$precious_files_regex"; then if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 then continue @@ -7573,11 +9061,11 @@ fi # Now set the variables for building old libraries. - if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then + if test yes = "$build_old_libs" && test convenience != "$build_libtool_libs"; then func_append oldlibs " $output_objdir/$libname.$libext" # Transform .lo files to .o files. - oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP` + oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; $lo2o" | $NL2SP` fi # Eliminate all temporary directories. @@ -7598,13 +9086,13 @@ *) func_append finalize_rpath " $libdir" ;; esac done - if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then + if test yes != "$hardcode_into_libs" || test yes = "$build_old_libs"; then dependency_libs="$temp_xrpath $dependency_libs" fi fi # Make sure dlfiles contains only unique files that won't be dlpreopened - old_dlfiles="$dlfiles" + old_dlfiles=$dlfiles dlfiles= for lib in $old_dlfiles; do case " $dlprefiles $dlfiles " in @@ -7614,7 +9102,7 @@ done # Make sure dlprefiles contains only unique files - old_dlprefiles="$dlprefiles" + old_dlprefiles=$dlprefiles dlprefiles= for lib in $old_dlprefiles; do case "$dlprefiles " in @@ -7623,7 +9111,7 @@ esac done - if test "$build_libtool_libs" = yes; then + if test yes = "$build_libtool_libs"; then if test -n "$rpath"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*) @@ -7647,7 +9135,7 @@ ;; *) # Add libc to deplibs on all other systems if necessary. - if test "$build_libtool_need_lc" = "yes"; then + if test yes = "$build_libtool_need_lc"; then func_append deplibs " -lc" fi ;; @@ -7663,9 +9151,9 @@ # I'm not sure if I'm treating the release correctly. I think # release should show up in the -l (ie -lgmp5) so we don't want to # add it in twice. Is that correct? - release="" - versuffix="" - major="" + release= + versuffix= + major= newdeplibs= droppeddeps=no case $deplibs_check_method in @@ -7694,20 +9182,20 @@ -l*) func_stripname -l '' "$i" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $i "*) func_append newdeplibs " $i" - i="" + i= ;; esac fi - if test -n "$i" ; then + if test -n "$i"; then libname=`eval "\\$ECHO \"$libname_spec\""` deplib_matches=`eval "\\$ECHO \"$library_names_spec\""` set dummy $deplib_matches; shift deplib_match=$1 - if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then func_append newdeplibs " $i" else droppeddeps=yes @@ -7737,20 +9225,20 @@ $opt_dry_run || $RM conftest if $LTCC $LTCFLAGS -o conftest conftest.c $i; then ldd_output=`ldd conftest` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $i "*) func_append newdeplibs " $i" - i="" + i= ;; esac fi - if test -n "$i" ; then + if test -n "$i"; then libname=`eval "\\$ECHO \"$libname_spec\""` deplib_matches=`eval "\\$ECHO \"$library_names_spec\""` set dummy $deplib_matches; shift deplib_match=$1 - if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0; then func_append newdeplibs " $i" else droppeddeps=yes @@ -7787,24 +9275,24 @@ -l*) func_stripname -l '' "$a_deplib" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $a_deplib "*) func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= ;; esac fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then libname=`eval "\\$ECHO \"$libname_spec\""` if test -n "$file_magic_glob"; then libnameglob=`func_echo_all "$libname" | $SED -e $file_magic_glob` else libnameglob=$libname fi - test "$want_nocaseglob" = yes && nocaseglob=`shopt -p nocaseglob` + test yes = "$want_nocaseglob" && nocaseglob=`shopt -p nocaseglob` for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do - if test "$want_nocaseglob" = yes; then + if test yes = "$want_nocaseglob"; then shopt -s nocaseglob potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` $nocaseglob @@ -7822,25 +9310,25 @@ # We might still enter an endless loop, since a link # loop can be closed while we follow links, # but so what? - potlib="$potent_lib" + potlib=$potent_lib while test -h "$potlib" 2>/dev/null; do - potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'` + potliblink=`ls -ld $potlib | $SED 's/.* -> //'` case $potliblink in - [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; - *) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";; + [\\/]* | [A-Za-z]:[\\/]*) potlib=$potliblink;; + *) potlib=`$ECHO "$potlib" | $SED 's|[^/]*$||'`"$potliblink";; esac done if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | $SED -e 10q | $EGREP "$file_magic_regex" > /dev/null; then func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= break 2 fi done done fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." @@ -7848,7 +9336,7 @@ echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then + if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for file magic test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" @@ -7871,30 +9359,30 @@ -l*) func_stripname -l '' "$a_deplib" name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $a_deplib "*) func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= ;; esac fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then libname=`eval "\\$ECHO \"$libname_spec\""` for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do potential_libs=`ls $i/$libname[.-]* 2>/dev/null` for potent_lib in $potential_libs; do - potlib="$potent_lib" # see symlink-check above in file_magic test + potlib=$potent_lib # see symlink-check above in file_magic test if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ $EGREP "$match_pattern_regex" > /dev/null; then func_append newdeplibs " $a_deplib" - a_deplib="" + a_deplib= break 2 fi done done fi - if test -n "$a_deplib" ; then + if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." @@ -7902,7 +9390,7 @@ echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then + if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" @@ -7918,18 +9406,18 @@ done # Gone through all deplibs. ;; none | unknown | *) - newdeplibs="" + newdeplibs= tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - for i in $predeps $postdeps ; do + if test yes = "$allow_libtool_libs_with_static_runtimes"; then + for i in $predeps $postdeps; do # can't use Xsed below, because $i might contain '/' - tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"` + tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s|$i||"` done fi case $tmp_deplibs in *[!\ \ ]*) echo - if test "X$deplibs_check_method" = "Xnone"; then + if test none = "$deplibs_check_method"; then echo "*** Warning: inter-library dependencies are not supported in this platform." else echo "*** Warning: inter-library dependencies are not known to be supported." @@ -7953,8 +9441,8 @@ ;; esac - if test "$droppeddeps" = yes; then - if test "$module" = yes; then + if test yes = "$droppeddeps"; then + if test yes = "$module"; then echo echo "*** Warning: libtool could not satisfy all declared inter-library" $ECHO "*** dependencies of module $libname. Therefore, libtool will create" @@ -7963,12 +9451,12 @@ if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." + echo "*** 'nm' from GNU binutils and a full rebuild may help." fi - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" + if test no = "$build_old_libs"; then + oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else @@ -7979,14 +9467,14 @@ echo "*** automatically added whenever a program is linked with this library" echo "*** or is declared to -dlopen it." - if test "$allow_undefined" = no; then + if test no = "$allow_undefined"; then echo echo "*** Since this library must not contain undefined symbols," echo "*** because either the platform does not support them or" echo "*** it was explicitly requested with -no-undefined," echo "*** libtool will only create a static version of it." - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" + if test no = "$build_old_libs"; then + oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else @@ -8032,7 +9520,7 @@ *) func_append new_libs " $deplib" ;; esac done - deplibs="$new_libs" + deplibs=$new_libs # All the library-specific variables (install_libdir is set above). library_names= @@ -8040,25 +9528,25 @@ dlname= # Test again, we may have decided not to build it any more - if test "$build_libtool_libs" = yes; then - # Remove ${wl} instances when linking with ld. + if test yes = "$build_libtool_libs"; then + # Remove $wl instances when linking with ld. # FIXME: should test the right _cmds variable. case $archive_cmds in *\$LD\ *) wl= ;; esac - if test "$hardcode_into_libs" = yes; then + if test yes = "$hardcode_into_libs"; then # Hardcode the library paths hardcode_libdirs= dep_rpath= - rpath="$finalize_rpath" - test "$opt_mode" != relink && rpath="$compile_rpath$rpath" + rpath=$finalize_rpath + test relink = "$opt_mode" || rpath=$compile_rpath$rpath for libdir in $rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then func_replace_sysroot "$libdir" libdir=$func_replace_sysroot_result if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8083,7 +9571,7 @@ # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" fi if test -n "$runpath_var" && test -n "$perm_rpath"; then @@ -8097,8 +9585,8 @@ test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" fi - shlibpath="$finalize_shlibpath" - test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath" + shlibpath=$finalize_shlibpath + test relink = "$opt_mode" || shlibpath=$compile_shlibpath$shlibpath if test -n "$shlibpath"; then eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" fi @@ -8108,19 +9596,19 @@ eval library_names=\"$library_names_spec\" set dummy $library_names shift - realname="$1" + realname=$1 shift if test -n "$soname_spec"; then eval soname=\"$soname_spec\" else - soname="$realname" + soname=$realname fi if test -z "$dlname"; then dlname=$soname fi - lib="$output_objdir/$realname" + lib=$output_objdir/$realname linknames= for link do @@ -8134,7 +9622,7 @@ delfiles= if test -n "$export_symbols" && test -n "$include_expsyms"; then $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" - export_symbols="$output_objdir/$libname.uexp" + export_symbols=$output_objdir/$libname.uexp func_append delfiles " $export_symbols" fi @@ -8143,31 +9631,31 @@ cygwin* | mingw* | cegcc*) if test -n "$export_symbols" && test -z "$export_symbols_regex"; then # exporting using user supplied symfile - if test "x`$SED 1q $export_symbols`" != xEXPORTS; then + func_dll_def_p "$export_symbols" || { # and it's NOT already a .def file. Must figure out # which of the given symbols are data symbols and tag # them as such. So, trigger use of export_symbols_cmds. # export_symbols gets reassigned inside the "prepare # the list of exported symbols" if statement, so the # include_expsyms logic still works. - orig_export_symbols="$export_symbols" + orig_export_symbols=$export_symbols export_symbols= always_export_symbols=yes - fi + } fi ;; esac # Prepare the list of exported symbols if test -z "$export_symbols"; then - if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" + if test yes = "$always_export_symbols" || test -n "$export_symbols_regex"; then + func_verbose "generating symbol list for '$libname.la'" + export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols cmds=$export_symbols_cmds - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd1 in $cmds; do - IFS="$save_ifs" + IFS=$save_ifs # Take the normal branch if the nm_file_list_spec branch # doesn't work or if tool conversion is not needed. case $nm_file_list_spec~$to_tool_file_cmd in @@ -8181,7 +9669,7 @@ try_normal_branch=no ;; esac - if test "$try_normal_branch" = yes \ + if test yes = "$try_normal_branch" \ && { test "$len" -lt "$max_cmd_len" \ || test "$max_cmd_len" -le -1; } then @@ -8192,7 +9680,7 @@ output_la=$func_basename_result save_libobjs=$libobjs save_output=$output - output=${output_objdir}/${output_la}.nm + output=$output_objdir/$output_la.nm func_to_tool_file "$output" libobjs=$nm_file_list_spec$func_to_tool_file_result func_append delfiles " $output" @@ -8215,8 +9703,8 @@ break fi done - IFS="$save_ifs" - if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then + IFS=$save_ifs + if test -n "$export_symbols_regex" && test : != "$skipped_export"; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' func_show_eval '$MV "${export_symbols}T" "$export_symbols"' fi @@ -8224,16 +9712,16 @@ fi if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + tmp_export_symbols=$export_symbols + test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi - if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then + if test : != "$skipped_export" && test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine + # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. @@ -8252,11 +9740,11 @@ ;; esac done - deplibs="$tmp_deplibs" + deplibs=$tmp_deplibs if test -n "$convenience"; then if test -n "$whole_archive_flag_spec" && - test "$compiler_needs_object" = yes && + test yes = "$compiler_needs_object" && test -z "$libobjs"; then # extract the archives, so we have objects to list. # TODO: could optimize this to just extract one archive. @@ -8267,7 +9755,7 @@ eval libobjs=\"\$libobjs $whole_archive_flag_spec\" test "X$libobjs" = "X " && libobjs= else - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $convenience @@ -8276,18 +9764,18 @@ fi fi - if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then + if test yes = "$thread_safe" && test -n "$thread_safe_flag_spec"; then eval flag=\"$thread_safe_flag_spec\" func_append linker_flags " $flag" fi # Make a backup of the uninstalled library when relinking - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? fi # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then + if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then eval test_cmds=\"$module_expsym_cmds\" cmds=$module_expsym_cmds @@ -8305,7 +9793,7 @@ fi fi - if test "X$skipped_export" != "X:" && + if test : != "$skipped_export" && func_len " $test_cmds" && len=$func_len_result && test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then @@ -8338,8 +9826,8 @@ last_robj= k=1 - if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then - output=${output_objdir}/${output_la}.lnkscript + if test -n "$save_libobjs" && test : != "$skipped_export" && test yes = "$with_gnu_ld"; then + output=$output_objdir/$output_la.lnkscript func_verbose "creating GNU ld script: $output" echo 'INPUT (' > $output for obj in $save_libobjs @@ -8351,14 +9839,14 @@ func_append delfiles " $output" func_to_tool_file "$output" output=$func_to_tool_file_result - elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then - output=${output_objdir}/${output_la}.lnk + elif test -n "$save_libobjs" && test : != "$skipped_export" && test -n "$file_list_spec"; then + output=$output_objdir/$output_la.lnk func_verbose "creating linker input file list: $output" : > $output set x $save_libobjs shift firstobj= - if test "$compiler_needs_object" = yes; then + if test yes = "$compiler_needs_object"; then firstobj="$1 " shift fi @@ -8373,7 +9861,7 @@ else if test -n "$save_libobjs"; then func_verbose "creating reloadable object files..." - output=$output_objdir/$output_la-${k}.$objext + output=$output_objdir/$output_la-$k.$objext eval test_cmds=\"$reload_cmds\" func_len " $test_cmds" len0=$func_len_result @@ -8385,13 +9873,13 @@ func_len " $obj" func_arith $len + $func_len_result len=$func_arith_result - if test "X$objlist" = X || + if test -z "$objlist" || test "$len" -lt "$max_cmd_len"; then func_append objlist " $obj" else # The command $test_cmds is almost too long, add a # command to the queue. - if test "$k" -eq 1 ; then + if test 1 -eq "$k"; then # The first file doesn't have a previous command to add. reload_objs=$objlist eval concat_cmds=\"$reload_cmds\" @@ -8401,10 +9889,10 @@ reload_objs="$objlist $last_robj" eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\" fi - last_robj=$output_objdir/$output_la-${k}.$objext + last_robj=$output_objdir/$output_la-$k.$objext func_arith $k + 1 k=$func_arith_result - output=$output_objdir/$output_la-${k}.$objext + output=$output_objdir/$output_la-$k.$objext objlist=" $obj" func_len " $last_robj" func_arith $len0 + $func_len_result @@ -8416,9 +9904,9 @@ # files will link in the last one created. test -z "$concat_cmds" || concat_cmds=$concat_cmds~ reload_objs="$objlist $last_robj" - eval concat_cmds=\"\${concat_cmds}$reload_cmds\" + eval concat_cmds=\"\$concat_cmds$reload_cmds\" if test -n "$last_robj"; then - eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\" + eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi func_append delfiles " $output" @@ -8426,9 +9914,9 @@ output= fi - if ${skipped_export-false}; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" + ${skipped_export-false} && { + func_verbose "generating symbol list for '$libname.la'" + export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols libobjs=$output # Append the command to create the export file. @@ -8437,16 +9925,16 @@ if test -n "$last_robj"; then eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi - fi + } test -n "$save_libobjs" && func_verbose "creating a temporary reloadable object file: $output" # Loop through the commands generated above and execute them. - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd in $concat_cmds; do - IFS="$save_ifs" - $opt_silent || { + IFS=$save_ifs + $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } @@ -8454,7 +9942,7 @@ lt_exit=$? # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -8463,7 +9951,7 @@ exit $lt_exit } done - IFS="$save_ifs" + IFS=$save_ifs if test -n "$export_symbols_regex" && ${skipped_export-false}; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' @@ -8471,18 +9959,18 @@ fi fi - if ${skipped_export-false}; then + ${skipped_export-false} && { if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + tmp_export_symbols=$export_symbols + test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi if test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine + # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. @@ -8491,7 +9979,7 @@ export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi - fi + } libobjs=$output # Restore the value of output. @@ -8505,7 +9993,7 @@ # value of $libobjs for piecewise linking. # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then + if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then cmds=$module_expsym_cmds else @@ -8527,7 +10015,7 @@ # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles @@ -8535,11 +10023,12 @@ test "X$libobjs" = "X " && libobjs= fi - save_ifs="$IFS"; IFS='~' + save_ifs=$IFS; IFS='~' for cmd in $cmds; do - IFS="$save_ifs" + IFS=$sp$nl eval cmd=\"$cmd\" - $opt_silent || { + IFS=$save_ifs + $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } @@ -8547,7 +10036,7 @@ lt_exit=$? # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -8556,10 +10045,10 @@ exit $lt_exit } done - IFS="$save_ifs" + IFS=$save_ifs # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then + if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? if test -n "$convenience"; then @@ -8579,39 +10068,39 @@ done # If -module or -export-dynamic was specified, set the dlname. - if test "$module" = yes || test "$export_dynamic" = yes; then + if test yes = "$module" || test yes = "$export_dynamic"; then # On all known operating systems, these are identical. - dlname="$soname" + dlname=$soname fi fi ;; obj) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for objects" + if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then + func_warning "'-dlopen' is ignored for objects" fi case " $deplibs" in *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for objects" ;; + func_warning "'-l' and '-L' are ignored for objects" ;; esac test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for objects" + func_warning "'-rpath' is ignored for objects" test -n "$xrpath" && \ - func_warning "\`-R' is ignored for objects" + func_warning "'-R' is ignored for objects" test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for objects" + func_warning "'-version-info' is ignored for objects" test -n "$release" && \ - func_warning "\`-release' is ignored for objects" + func_warning "'-release' is ignored for objects" case $output in *.lo) test -n "$objs$old_deplibs" && \ - func_fatal_error "cannot build library object \`$output' from non-libtool objects" + func_fatal_error "cannot build library object '$output' from non-libtool objects" libobj=$output func_lo2o "$libobj" @@ -8619,7 +10108,7 @@ ;; *) libobj= - obj="$output" + obj=$output ;; esac @@ -8632,17 +10121,19 @@ # the extraction. reload_conv_objs= gentop= - # reload_cmds runs $LD directly, so let us get rid of - # -Wl from whole_archive_flag_spec and hope we can get by with - # turning comma into space.. - wl= - + # if reload_cmds runs $LD directly, get rid of -Wl from + # whole_archive_flag_spec and hope we can get by with turning comma + # into space. + case $reload_cmds in + *\$LD[\ \$]*) wl= ;; + esac if test -n "$convenience"; then if test -n "$whole_archive_flag_spec"; then eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" - reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` + test -n "$wl" || tmp_whole_archive_flags=`$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` + reload_conv_objs=$reload_objs\ $tmp_whole_archive_flags else - gentop="$output_objdir/${obj}x" + gentop=$output_objdir/${obj}x func_append generated " $gentop" func_extract_archives $gentop $convenience @@ -8651,12 +10142,12 @@ fi # If we're not building shared, we need to use non_pic_objs - test "$build_libtool_libs" != yes && libobjs="$non_pic_objects" + test yes = "$build_libtool_libs" || libobjs=$non_pic_objects # Create the old-style object. - reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test + reload_objs=$objs$old_deplibs' '`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; /\.lib$/d; $lo2o" | $NL2SP`' '$reload_conv_objs - output="$obj" + output=$obj func_execute_cmds "$reload_cmds" 'exit $?' # Exit if we aren't doing a library object file. @@ -8668,7 +10159,7 @@ exit $EXIT_SUCCESS fi - if test "$build_libtool_libs" != yes; then + test yes = "$build_libtool_libs" || { if test -n "$gentop"; then func_show_eval '${RM}r "$gentop"' fi @@ -8678,12 +10169,12 @@ # $show "echo timestamp > $libobj" # $opt_dry_run || eval "echo timestamp > $libobj" || exit $? exit $EXIT_SUCCESS - fi + } - if test -n "$pic_flag" || test "$pic_mode" != default; then + if test -n "$pic_flag" || test default != "$pic_mode"; then # Only do commands if we really have different PIC objects. reload_objs="$libobjs $reload_conv_objs" - output="$libobj" + output=$libobj func_execute_cmds "$reload_cmds" 'exit $?' fi @@ -8700,16 +10191,14 @@ output=$func_stripname_result.exe;; esac test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for programs" + func_warning "'-version-info' is ignored for programs" test -n "$release" && \ - func_warning "\`-release' is ignored for programs" + func_warning "'-release' is ignored for programs" - test "$preload" = yes \ - && test "$dlopen_support" = unknown \ - && test "$dlopen_self" = unknown \ - && test "$dlopen_self_static" = unknown && \ - func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support." + $preload \ + && test unknown,unknown,unknown = "$dlopen_support,$dlopen_self,$dlopen_self_static" \ + && func_warning "'LT_INIT([dlopen])' not used. Assuming no dlopen support." case $host in *-*-rhapsody* | *-*-darwin1.[012]) @@ -8723,11 +10212,11 @@ *-*-darwin*) # Don't allow lazy linking, it breaks C++ global constructors # But is supposedly fixed on 10.4 or later (yay!). - if test "$tagname" = CXX ; then + if test CXX = "$tagname"; then case ${MACOSX_DEPLOYMENT_TARGET-10.0} in 10.[0123]) - func_append compile_command " ${wl}-bind_at_load" - func_append finalize_command " ${wl}-bind_at_load" + func_append compile_command " $wl-bind_at_load" + func_append finalize_command " $wl-bind_at_load" ;; esac fi @@ -8763,7 +10252,7 @@ *) func_append new_libs " $deplib" ;; esac done - compile_deplibs="$new_libs" + compile_deplibs=$new_libs func_append compile_command " $compile_deplibs" @@ -8787,7 +10276,7 @@ if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8810,7 +10299,7 @@ fi case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) - testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'` + testbindir=`$ECHO "$libdir" | $SED -e 's*/lib$*/bin*'` case :$dllsearchpath: in *":$libdir:"*) ;; ::) dllsearchpath=$libdir;; @@ -8827,10 +10316,10 @@ # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi - compile_rpath="$rpath" + compile_rpath=$rpath rpath= hardcode_libdirs= @@ -8838,7 +10327,7 @@ if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" + hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in @@ -8863,45 +10352,43 @@ # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" + libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi - finalize_rpath="$rpath" + finalize_rpath=$rpath - if test -n "$libobjs" && test "$build_old_libs" = yes; then + if test -n "$libobjs" && test yes = "$build_old_libs"; then # Transform all the library objects into standard objects. compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP` finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP` fi - func_generate_dlsyms "$outputname" "@PROGRAM@" "no" + func_generate_dlsyms "$outputname" "@PROGRAM@" false # template prelinking step if test -n "$prelink_cmds"; then func_execute_cmds "$prelink_cmds" 'exit $?' fi - wrappers_required=yes + wrappers_required=: case $host in *cegcc* | *mingw32ce*) # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway. - wrappers_required=no + wrappers_required=false ;; *cygwin* | *mingw* ) - if test "$build_libtool_libs" != yes; then - wrappers_required=no - fi + test yes = "$build_libtool_libs" || wrappers_required=false ;; *) - if test "$need_relink" = no || test "$build_libtool_libs" != yes; then - wrappers_required=no + if test no = "$need_relink" || test yes != "$build_libtool_libs"; then + wrappers_required=false fi ;; esac - if test "$wrappers_required" = no; then + $wrappers_required || { # Replace the output file specification. compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'` - link_command="$compile_command$compile_rpath" + link_command=$compile_command$compile_rpath # We have no uninstalled library dependencies, so finalize right now. exit_status=0 @@ -8914,12 +10401,12 @@ fi # Delete the generated files. - if test -f "$output_objdir/${outputname}S.${objext}"; then - func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"' + if test -f "$output_objdir/${outputname}S.$objext"; then + func_show_eval '$RM "$output_objdir/${outputname}S.$objext"' fi exit $exit_status - fi + } if test -n "$compile_shlibpath$finalize_shlibpath"; then compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" @@ -8949,9 +10436,9 @@ fi fi - if test "$no_install" = yes; then + if test yes = "$no_install"; then # We don't need to create a wrapper script. - link_command="$compile_var$compile_command$compile_rpath" + link_command=$compile_var$compile_command$compile_rpath # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'` # Delete the old output file. @@ -8968,27 +10455,28 @@ exit $EXIT_SUCCESS fi - if test "$hardcode_action" = relink; then - # Fast installation is not supported - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - - func_warning "this platform does not like uninstalled shared libraries" - func_warning "\`$output' will be relinked during installation" - else - if test "$fast_install" != no; then - link_command="$finalize_var$compile_command$finalize_rpath" - if test "$fast_install" = yes; then - relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` - else - # fast_install is set to needless - relink_command= - fi - else - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - fi - fi + case $hardcode_action,$fast_install in + relink,*) + # Fast installation is not supported + link_command=$compile_var$compile_command$compile_rpath + relink_command=$finalize_var$finalize_command$finalize_rpath + + func_warning "this platform does not like uninstalled shared libraries" + func_warning "'$output' will be relinked during installation" + ;; + *,yes) + link_command=$finalize_var$compile_command$finalize_rpath + relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` + ;; + *,no) + link_command=$compile_var$compile_command$compile_rpath + relink_command=$finalize_var$finalize_command$finalize_rpath + ;; + *,needless) + link_command=$finalize_var$compile_command$finalize_rpath + relink_command= + ;; + esac # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` @@ -9045,8 +10533,8 @@ func_dirname_and_basename "$output" "" "." output_name=$func_basename_result output_path=$func_dirname_result - cwrappersource="$output_path/$objdir/lt-$output_name.c" - cwrapper="$output_path/$output_name.exe" + cwrappersource=$output_path/$objdir/lt-$output_name.c + cwrapper=$output_path/$output_name.exe $RM $cwrappersource $cwrapper trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 @@ -9067,7 +10555,7 @@ trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15 $opt_dry_run || { # note: this script will not be executed, so do not chmod. - if test "x$build" = "x$host" ; then + if test "x$build" = "x$host"; then $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result else func_emit_wrapper no > $func_ltwrapper_scriptname_result @@ -9090,25 +10578,27 @@ # See if we need to build an old-fashioned archive. for oldlib in $oldlibs; do - if test "$build_libtool_libs" = convenience; then - oldobjs="$libobjs_save $symfileobj" - addlibs="$convenience" - build_libtool_libs=no - else - if test "$build_libtool_libs" = module; then - oldobjs="$libobjs_save" + case $build_libtool_libs in + convenience) + oldobjs="$libobjs_save $symfileobj" + addlibs=$convenience build_libtool_libs=no - else + ;; + module) + oldobjs=$libobjs_save + addlibs=$old_convenience + build_libtool_libs=no + ;; + *) oldobjs="$old_deplibs $non_pic_objects" - if test "$preload" = yes && test -f "$symfileobj"; then - func_append oldobjs " $symfileobj" - fi - fi - addlibs="$old_convenience" - fi + $preload && test -f "$symfileobj" \ + && func_append oldobjs " $symfileobj" + addlibs=$old_convenience + ;; + esac if test -n "$addlibs"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $addlibs @@ -9116,13 +10606,13 @@ fi # Do each command in the archive commands. - if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then + if test -n "$old_archive_from_new_cmds" && test yes = "$build_libtool_libs"; then cmds=$old_archive_from_new_cmds else # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles @@ -9143,7 +10633,7 @@ : else echo "copying selected object files to avoid basename conflicts..." - gentop="$output_objdir/${outputname}x" + gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_mkdir_p "$gentop" save_oldobjs=$oldobjs @@ -9152,7 +10642,7 @@ for obj in $save_oldobjs do func_basename "$obj" - objbase="$func_basename_result" + objbase=$func_basename_result case " $oldobjs " in " ") oldobjs=$obj ;; *[\ /]"$objbase "*) @@ -9221,18 +10711,18 @@ else # the above command should be used before it gets too long oldobjs=$objlist - if test "$obj" = "$last_oldobj" ; then + if test "$obj" = "$last_oldobj"; then RANLIB=$save_RANLIB fi test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" + eval concat_cmds=\"\$concat_cmds$old_archive_cmds\" objlist= len=$len0 fi done RANLIB=$save_RANLIB oldobjs=$objlist - if test "X$oldobjs" = "X" ; then + if test -z "$oldobjs"; then eval cmds=\"\$concat_cmds\" else eval cmds=\"\$concat_cmds~\$old_archive_cmds\" @@ -9249,7 +10739,7 @@ case $output in *.la) old_library= - test "$build_old_libs" = yes && old_library="$libname.$libext" + test yes = "$build_old_libs" && old_library=$libname.$libext func_verbose "creating $output" # Preserve any variables that may affect compiler behavior @@ -9264,31 +10754,31 @@ fi done # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" + relink_command="(cd `pwd`; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` - if test "$hardcode_automatic" = yes ; then + if test yes = "$hardcode_automatic"; then relink_command= fi # Only create the output if not a dry run. $opt_dry_run || { for installed in no yes; do - if test "$installed" = yes; then + if test yes = "$installed"; then if test -z "$install_libdir"; then break fi - output="$output_objdir/$outputname"i + output=$output_objdir/${outputname}i # Replace all uninstalled libtool libraries with the installed ones newdependency_libs= for deplib in $dependency_libs; do case $deplib in *.la) func_basename "$deplib" - name="$func_basename_result" + name=$func_basename_result func_resolve_sysroot "$deplib" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" + func_fatal_error "'$deplib' is not a valid libtool archive" func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" ;; -L*) @@ -9304,23 +10794,23 @@ *) func_append newdependency_libs " $deplib" ;; esac done - dependency_libs="$newdependency_libs" + dependency_libs=$newdependency_libs newdlfiles= for lib in $dlfiles; do case $lib in *.la) func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + name=$func_basename_result + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" + func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" ;; *) func_append newdlfiles " $lib" ;; esac done - dlfiles="$newdlfiles" + dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in @@ -9330,34 +10820,34 @@ # didn't already link the preopened objects directly into # the library: func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + name=$func_basename_result + eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" + func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" ;; esac done - dlprefiles="$newdlprefiles" + dlprefiles=$newdlprefiles else newdlfiles= for lib in $dlfiles; do case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlfiles " $abs" done - dlfiles="$newdlfiles" + dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlprefiles " $abs" done - dlprefiles="$newdlprefiles" + dlprefiles=$newdlprefiles fi $RM $output # place dlname in correct position for cygwin @@ -9373,10 +10863,9 @@ case $host,$output,$installed,$module,$dlname in *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) # If a -bindir argument was supplied, place the dll there. - if test "x$bindir" != x ; - then + if test -n "$bindir"; then func_relative_path "$install_libdir" "$bindir" - tdlname=$func_relative_path_result$dlname + tdlname=$func_relative_path_result/$dlname else # Otherwise fall back on heuristic. tdlname=../bin/$dlname @@ -9385,7 +10874,7 @@ esac $ECHO > $output "\ # $outputname - a libtool library file -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # Please DO NOT delete this file! # It is necessary for linking the library. @@ -9399,7 +10888,7 @@ # The name of the static archive. old_library='$old_library' -# Linker flags that can not go in dependency_libs. +# Linker flags that cannot go in dependency_libs. inherited_linker_flags='$new_inherited_linker_flags' # Libraries that this one depends upon. @@ -9425,7 +10914,7 @@ # Directory that this library needs to be installed in: libdir='$install_libdir'" - if test "$installed" = no && test "$need_relink" = yes; then + if test no,yes = "$installed,$need_relink"; then $ECHO >> $output "\ relink_command=\"$relink_command\"" fi @@ -9440,27 +10929,29 @@ exit $EXIT_SUCCESS } -{ test "$opt_mode" = link || test "$opt_mode" = relink; } && - func_mode_link ${1+"$@"} +if test link = "$opt_mode" || test relink = "$opt_mode"; then + func_mode_link ${1+"$@"} +fi # func_mode_uninstall arg... func_mode_uninstall () { - $opt_debug - RM="$nonopt" + $debug_cmd + + RM=$nonopt files= - rmforce= + rmforce=false exit_status=0 # This variable tells wrapper scripts just to set variables rather # than running their programs. - libtool_install_magic="$magic" + libtool_install_magic=$magic for arg do case $arg in - -f) func_append RM " $arg"; rmforce=yes ;; + -f) func_append RM " $arg"; rmforce=: ;; -*) func_append RM " $arg" ;; *) func_append files " $arg" ;; esac @@ -9473,18 +10964,18 @@ for file in $files; do func_dirname "$file" "" "." - dir="$func_dirname_result" - if test "X$dir" = X.; then - odir="$objdir" + dir=$func_dirname_result + if test . = "$dir"; then + odir=$objdir else - odir="$dir/$objdir" + odir=$dir/$objdir fi func_basename "$file" - name="$func_basename_result" - test "$opt_mode" = uninstall && odir="$dir" + name=$func_basename_result + test uninstall = "$opt_mode" && odir=$dir # Remember odir for removal later, being careful to avoid duplicates - if test "$opt_mode" = clean; then + if test clean = "$opt_mode"; then case " $rmdirs " in *" $odir "*) ;; *) func_append rmdirs " $odir" ;; @@ -9499,11 +10990,11 @@ elif test -d "$file"; then exit_status=1 continue - elif test "$rmforce" = yes; then + elif $rmforce; then continue fi - rmfiles="$file" + rmfiles=$file case $name in *.la) @@ -9517,7 +11008,7 @@ done test -n "$old_library" && func_append rmfiles " $odir/$old_library" - case "$opt_mode" in + case $opt_mode in clean) case " $library_names " in *" $dlname "*) ;; @@ -9528,12 +11019,12 @@ uninstall) if test -n "$library_names"; then # Do each command in the postuninstall commands. - func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + func_execute_cmds "$postuninstall_cmds" '$rmforce || exit_status=1' fi if test -n "$old_library"; then # Do each command in the old_postuninstall commands. - func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + func_execute_cmds "$old_postuninstall_cmds" '$rmforce || exit_status=1' fi # FIXME: should reinstall the best remaining shared library. ;; @@ -9549,21 +11040,19 @@ func_source $dir/$name # Add PIC object to the list of files to remove. - if test -n "$pic_object" && - test "$pic_object" != none; then + if test -n "$pic_object" && test none != "$pic_object"; then func_append rmfiles " $dir/$pic_object" fi # Add non-PIC object to the list of files to remove. - if test -n "$non_pic_object" && - test "$non_pic_object" != none; then + if test -n "$non_pic_object" && test none != "$non_pic_object"; then func_append rmfiles " $dir/$non_pic_object" fi fi ;; *) - if test "$opt_mode" = clean ; then + if test clean = "$opt_mode"; then noexename=$name case $file in *.exe) @@ -9590,12 +11079,12 @@ # note $name still contains .exe if it was in $file originally # as does the version of $file that was added into $rmfiles - func_append rmfiles " $odir/$name $odir/${name}S.${objext}" - if test "$fast_install" = yes && test -n "$relink_command"; then + func_append rmfiles " $odir/$name $odir/${name}S.$objext" + if test yes = "$fast_install" && test -n "$relink_command"; then func_append rmfiles " $odir/lt-$name" fi - if test "X$noexename" != "X$name" ; then - func_append rmfiles " $odir/lt-${noexename}.c" + if test "X$noexename" != "X$name"; then + func_append rmfiles " $odir/lt-$noexename.c" fi fi fi @@ -9604,7 +11093,7 @@ func_show_eval "$RM $rmfiles" 'exit_status=1' done - # Try to remove the ${objdir}s in the directories where we deleted files + # Try to remove the $objdir's in the directories where we deleted files for dir in $rmdirs; do if test -d "$dir"; then func_show_eval "rmdir $dir >/dev/null 2>&1" @@ -9614,16 +11103,17 @@ exit $exit_status } -{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } && - func_mode_uninstall ${1+"$@"} +if test uninstall = "$opt_mode" || test clean = "$opt_mode"; then + func_mode_uninstall ${1+"$@"} +fi test -z "$opt_mode" && { - help="$generic_help" + help=$generic_help func_fatal_help "you must specify a MODE" } test -z "$exec_cmd" && \ - func_fatal_help "invalid operation mode \`$opt_mode'" + func_fatal_help "invalid operation mode '$opt_mode'" if test -n "$exec_cmd"; then eval exec "$exec_cmd" @@ -9634,7 +11124,7 @@ # The TAGs below are defined such that we never get into a situation -# in which we disable both kinds of libraries. Given conflicting +# where we disable both kinds of libraries. Given conflicting # choices, we go for a static library, that is the most portable, # since we can't tell whether shared libraries were disabled because # the user asked for that or because the platform doesn't support @@ -9657,5 +11147,3 @@ # mode:shell-script # sh-indentation:2 # End: -# vi:sw=2 - diff -Nru apache2-2.4.33/CHANGES apache2-2.4.34/CHANGES --- apache2-2.4.33/CHANGES 2018-03-15 23:19:12.000000000 +0000 +++ apache2-2.4.34/CHANGES 2018-07-06 22:06:17.000000000 +0000 @@ -1,4 +1,147 @@ -*- coding: utf-8 -*- +Changes with Apache 2.4.34 + + *) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error + document translations. [CodeingBoy, popcorner] + + *) event: avoid possible race conditions with modules on the child pool. + [Stefan Fritsch] + + *) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or + ProxyPassReverseCookiePath directive could fail to update correctly + 'domain=' or 'path=' in the 'Set-Cookie' header. PR 61560. + [Christophe Jaillet] + + *) mod_ratelimit: fix behavior when proxing content. PR 62362. + [Luca Toscano, Yann Ylavic] + + *) core: Re-allow '_' (underscore) in hostnames. + [Eric Covener] + + *) mod_authz_core: If several parameters are used in a AuthzProviderAlias + directive, if these parameters are not enclosed in quotation mark, only + the first one is handled. The other ones are silently ignored. + Add a message to warn about such a spurious configuration. + PR 62469 [Hank Ibell , Christophe Jaillet] + + *) mod_md: improvements and bugfixes + - MDNotifyCmd now takes additional parameter that are passed on to the called command. + - ACME challenges have better checks for interference with other modules + - ACME challenges are only handled for domains managed by the module, allowing + other ACME clients to operate for other domains in the server. + - better libressl integration + + *) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'. + PR 62480. [Lubos Uhliarik } + + *) logging: Some early logging-related startup messages could be lost + when using syslog for the global ErrorLog. [Eric Covener] + + *) mod_cache: Handle case of an invalid Expires header value RFC compliant + like the case of an Expires time in the past: allow to overwrite the + non-caching decision using CacheStoreExpired and respect Cache-Control + "max-age" and "s-maxage". [Rainer Jung] + + *) mod_xml2enc: Fix forwarding of error metadata/responses. PR 62180. + [Micha Lenk , Yann Ylavic] + + *) mod_proxy_http: Fix response header thrown away after the previous one + was considered too large and truncated. PR 62196. [Yann Ylavic] + + *) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family + of functions to consume the end of line when the buffer is exhausted. + PR 62198. [Yann Ylavic] + + *) mod_proxy_http: Add new worker parameter 'responsefieldsize' to + allow maximum HTTP response header size to be increased past 8192 + bytes. PR 62199. [Hank Ibell ] + + *) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf + of a certificate chain. PR62112. + [Ricardo Martin Camarero ] + + *) http: Fix small memory leak per request when handling persistent + connections. [Ruediger Pluem, Joe Orton] + + *) mod_proxy_html: Fix variable interpolation and memory allocation failure + in ProxyHTMLURLMap. [Ewald Dieterich ] + + *) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 2.4.30. + PR 62220. [Chritophe Jaillet, Yann Ylavic] + + *) mod_remoteip: When overriding the useragent address from X-Forwarded-For, + zero out what had been initialized as the connection-level port. PR59931. + [Hank Ibell ] + + *) core: In ONE_PROCESS/debug mode, cleanup everything when exiting. + [Yann Ylavic] + + *) mod_proxy_balancer: Add hot spare member type and corresponding flag (R). + Hot spare members are used as drop-in replacements for unusable workers + in the same load balancer set. This differs from hot standbys which are + only used when all workers in a set are unusable. PR 61140. [Jim Riggs] + + *) suexec: Add --enable-suexec-capabilites support on Linux, to use + setuid/setgid capability bits rather than a setuid root binary. + [Joe Orton] + + *) suexec: Add support for logging to syslog as an alternative to + logging to a file; use --without-suexec-logfile --with-suexec-syslog. + [Joe Orton] + + *) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling + which broke some rare but previously-working configs. [Joe Orton] + + *) core, log: improve sanity checks for the ErrorLog's syslog config, and + explicitly allow only lowercase 'syslog' settings. PR 62102 + [Luca Toscano, Jim Riggs, Christophe Jaillet] + + *) mod_http2: accurate reporting of h2 data input/output per request via + mod_logio. Fixes an issue where output sizes where counted n-times on + reused slave connections. [Stefan Eissing] + See github issue: https://github.com/icing/mod_h2/issues/158 + + *) mod_http2: Fix unnecessary timeout waits in case streams are aborted. + [Stefan Eissing] + + *) mod_http2: restoring the v1.10.16 keepalive timeout behaviour of mod_http2. + [Stefan Eissing] + + *) mod_proxy: Do not restrict the maximum pool size for backend connections + any longer by the maximum number of threads per process and use a better + default if mod_http2 is loaded. + [Yann Ylavic, Ruediger Pluem, Stefan Eissing, Gregg Smith] + + *) mod_slotmem_shm: Add generation number to shm filename to fix races + with graceful restarts. PRs 62044 and 62308. [Jim Jagielski, Yann Ylavic] + + *) core: Preserve the original HTTP request method in the '%] + + *) mod_remoteip: make proxy-protocol work on slave connections, e.g. in + HTTP/2 requests. [Stefan Eissing] + See also https://github.com/roadrunner2/mod-proxy-protocol/issues/6 + + *) mod_ssl: Fix merging of proxy SSL context outside sections, + regression introduced in 2.4.30. PR 62232. [Rainer Jung, Yann Ylavic] + + *) mod_md: Fix compilation with OpenSSL before version 1.0.2. [Rainer Jung] + + *) mod_dumpio: do nothing below log level TRACE7. [Yann Ylavic] + + *) mod_remoteip: Restore compatibility with APR 1.4 (apr_sockaddr_is_wildcard). + [Eric Covener] + + *) core: On ECBDIC platforms, some errors related to oversized headers + may be misreported or be logged as ASCII escapes. PR 62200 + [Hank Ibell ] + + *) mod_ssl: Fix cmake-based build. PR 62266. [Rainer Jung] + + *) core: Add , and conditional + section containers. [Eric Covener, Joe Orton] + Changes with Apache 2.4.33 *) core: Fix request timeout logging and possible crash for error_log hooks. @@ -18,7 +161,7 @@ *) ab: LibreSSL doesn't have or require Windows applink.c. [Gregg L. Smith] - *) htpasswd/htdigest: Disable support for bcrypt on EBCDIC platforms. + *) htpasswd/htdigest: Disable support for bcrypt on EBCDIC platforms. apr-util's bcrypt implementation doesn't tolerate EBCDIC. [Eric Covener] *) htpasswd/htdbm: report the right limit when get_password() overflows. @@ -49,7 +192,7 @@ *) ab: Fix https:// connection failures (regression in 2.4.30); fix crash generating CSV output for large -n. [Joe Orton, Jan Kaluza] -Changes with Apache 2.4.31 +Changes with Apache 2.4.31 (not released) *) mod_proxy_fcgi: Add the support for mod_proxy's flushpackets and flushwait parameters. [Luca Toscano, Ruediger Pluem, Yann Ylavic] @@ -63,30 +206,46 @@ *) mpm_queue: Put fdqueue code in common for MPMs event and worker. [Yann Ylavic] -Changes with Apache 2.4.30 +Changes with Apache 2.4.30 (not released) - *) mod_session: Strip Session header when SessionEnv is on. [Yann Ylavic] + *) SECURITY: CVE-2017-15710 (cve.mitre.org) + Out of bound write in mod_authnz_ldap with AuthLDAPCharsetConfig enabled + [Eric Covener, Luca Toscano, Yann Ylavic] + + *) SECURITY: CVE-2018-1283 (cve.mitre.org) + mod_session: CGI-like applications that intend to read from mod_session's + 'SessionEnv ON' could be fooled into reading user-supplied data instead. + [Yann Ylavic] - *) mod_cache_socache: Fix caching of empty headers up to carriage return. + *) SECURITY: CVE-2018-1303 (cve.mitre.org) + mod_cache_socache: Fix request headers parsing to avoid a possible crash + with specially crafted input data. [Ruediger Pluem] + + *) SECURITY: CVE-2018-1301 (cve.mitre.org) + core: Possible crash with excessively long HTTP request headers. + Impractical to exploit with a production build and production LogLevel. [Yann Ylavic] - *) core: For consistency, ensure that read lines are NUL terminated on any - error, not only on buffer full. [Yann Ylavic] + *) SECURITY: CVE-2017-15715 (cve.mitre.org) + core: Configure the regular expression engine to match '$' to the end of + the input string only, excluding matching the end of any embedded + newline characters. Behavior can be changed with new directive + 'RegexDefaultOptions'. [Yann Ylavic] + + *) SECURITY: CVE-2018-1312 (cve.mitre.org) + mod_auth_digest: Fix generation of nonce values to prevent replay + attacks across servers using a common Digest domain. This change + may cause problems if used with round robin load balancers. PR 54637 + [Stefan Fritsch] - *) mod_authnz_ldap: Fix language long names detection as short name. - [Yann Ylavic] + *) SECURITY: CVE-2018-1302 (cve.mitre.org) + mod_http2: Potential crash w/ mod_http2. + [Stefan Eissing] *) mod_proxy: Worker schemes and hostnames which are too large are no longer fatal errors; it is logged and the truncated values are stored. [Jim Jagielski] - *) regex: Allow to configure global/default options for regexes, like - caseless matching or extended format. [Yann Ylavic] - - *) mod_auth_digest: Actually use the secret when generating nonces. This change - may cause problems if used with round robin load balancers. PR 54637 - [Stefan Fritsch] - *) mod_proxy: Allow setting options to globally defined balancer from ProxyPass used in VirtualHost. Balancers are now merged using the new merge_balancers method which merges the balancers options. [Jan Kaluza] @@ -130,10 +289,10 @@ PR 62009. [Armin Abfalterer , Yann Ylavic] *) mod_md: new experimental, module for managing domains across virtual hosts, - implementing the Let's Encrypt ACMEv1 protocol to signup and renew + implementing the Let's Encrypt ACMEv1 protocol to signup and renew certificates. Please read the modules documentation for further instructions on how to use it. [Stefan Eissing] - + *) mod_proxy_html: skip documents shorter than 4 bytes PR 56286 [Micha Lenk ] @@ -143,8 +302,8 @@ *) mpm_event: Update scoreboard status for KeepAlive state. [Yann Ylavic] - *) mod_ldap: Fix a case where a full LDAP cache would continually fail to - purge old entries and log AH01323. PR61891. + *) mod_ldap: Fix a case where a full LDAP cache would continually fail to + purge old entries and log AH01323. PR61891. [Hendrik Harms ] *) mpm_event: close connections not reported as handled by any module to @@ -155,8 +314,8 @@ process. PR 61558. [Yann Ylavic] *) mod_ssl: support for mod_md added. [Stefan Eissing] - - *) mod_proxy_html: process parsed comments immediately. + + *) mod_proxy_html: process parsed comments immediately. Fixes bug (seen in the wild when used with IBM's HTTPD bundle) where parsed comments may be lost. [Nick Kew] @@ -201,7 +360,7 @@ *) mod_http2: v0.10.12, removed optimization for mutex handling in bucket beams that could lead to assertion failure in edge cases. - [Stefan Eissing] + [Stefan Eissing] *) mod_proxy: Fix regression for non decimal loadfactor parameter introduced in 2.4.28. [Jim Jagielski] @@ -234,7 +393,7 @@ PR 38923 [Nick Kew] *) htdigest: prevent a buffer overflow when a string exceeds the allowed max - length in a password file. + length in a password file. PR 61511. [Luca Toscano, Hanno Böck ] *) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25). @@ -260,7 +419,7 @@ PR 60525. [Ben Rubson , Jim Jagielski] *) mod_proxy: Fix ProxyAddHeaders merging. [Joe Orton] - + *) core: Disallow multiple Listen on the same IP:port when listener buckets are configured (ListenCoresBucketsRatio > 0), consistently with the single bucket case (default), thus avoiding the leak of the corresponding socket @@ -303,10 +462,10 @@ *) mod_lua: Improve compatibility with Lua 5.1, 5.2 and 5.3. PR58188, PR60831, PR61245. [Rainer Jung] - + *) mod_http2: Simplify ready queue, less memory and better performance. Update mod_http2 version to 1.10.7. [Stefan Eissing] - + *) Allow single-char field names inadvertently disallowed in 2.4.25. PR 61220. [Yann Ylavic] @@ -350,7 +509,7 @@ fully production ready. *) mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a stream may keep - the session in continuous check for state changes that never happen. + the session in continuous check for state changes that never happen. [Stefan Eissing] *) mod_proxy_wstunnel: Add "upgrade" parameter to allow upgrade to other @@ -360,13 +519,13 @@ a possible crash if a signal is caught during (graceful) restart. PR 60487. [Yann Ylavic] - *) mod_rewrite: When a substitution is a fully qualified URL, and the - scheme/host/port matches the current virtual host, stop interpreting the - path component as a local path just because the first component of the - path exists in the filesystem. Adds RewriteOption "LegacyPrefixDocRoot" + *) mod_rewrite: When a substitution is a fully qualified URL, and the + scheme/host/port matches the current virtual host, stop interpreting the + path component as a local path just because the first component of the + path exists in the filesystem. Adds RewriteOption "LegacyPrefixDocRoot" to revert to previous behavior. PR60009. [Hank Ibell ] - + *) core: ap_parse_form_data() URL-decoding doesn't work on EBCDIC platforms. PR61124. [Hank Ibell ] @@ -383,7 +542,7 @@ *) Evaluate nested If/ElseIf/Else configuration blocks. [Luca Toscano, Jacob Champion] - *) mod_rewrite: Add 'BNP' (backreferences-no-plus) flag to RewriteRule to + *) mod_rewrite: Add 'BNP' (backreferences-no-plus) flag to RewriteRule to allow spaces in backreferences to be encoded as %20 instead of '+'. [Eric Covener] @@ -397,44 +556,44 @@ *) mod_http2: fail requests without ERROR log in case we need to read interim responses and see only garbage. This can happen if proxied servers send data where none should be, e.g. a body for a HEAD request. [Stefan Eissing] - + *) mod_proxy_http2: adding support for Reverse Proxy Request headers. [Stefan Eissing] - - *) mod_http2: fixed possible deadlock that could occur when connections were + + *) mod_http2: fixed possible deadlock that could occur when connections were terminated early with ongoing streams. Fixed possible hanger with timeout - on race when connection considers itself idle. [Stefan Eissing] + on race when connection considers itself idle. [Stefan Eissing] - *) mod_http2: MaxKeepAliveRequests now limits the number of times a + *) mod_http2: MaxKeepAliveRequests now limits the number of times a slave connection gets reused. [Stefan Eissing] *) mod_brotli: Add a new module for dynamic Brotli (RFC 7932) compression. [Evgeny Kotkov] - *) mod_proxy_http2: Fixed bug in re-attempting proxy requests after - connection error. Reliability of reconnect handling improved. + *) mod_proxy_http2: Fixed bug in re-attempting proxy requests after + connection error. Reliability of reconnect handling improved. [Stefan Eissing] - + *) mod_http2: better performance, eliminated need for nested locks and thread privates. Moving request setups from the main connection to the worker threads. Increase number of spare connections kept. [Stefan Eissing] - - *) mod_http2: input buffering and dynamic flow windows for increased + + *) mod_http2: input buffering and dynamic flow windows for increased throughput. Requires nghttp2 >= v1.5.0 features. Announced at startup in mod_http2 INFO log as feature 'DWINS'. [Stefan Eissing] *) mod_http2: h2 workers with improved scalability for better scheduling performance. There are H2MaxWorkers threads created at start and the number is kept constant for now. [Stefan Eissing] - + *) mod_http2: obsoleted option H2SessionExtraFiles, will be ignored and just log a warning. [Stefan Eissing] - + *) mod_autoindex: Add IndexOptions UseOldDateFormat to allow the date format from 2.2 in the Last Modified column. PR60846. [Hank Ibell ] - + *) core: Add %{REMOTE_PORT} to the expression parser. PR59938 [Hank Ibell ] @@ -442,7 +601,7 @@ computing and using the same entity key according to when the cache checks, loads and saves the request. PR 60577. [Yann Ylavic] - + *) mod_proxy_hcheck: Don't validate timed out responses. [Yann Ylavic] *) mod_proxy_hcheck: Ensure thread-safety when concurrent healthchecks are @@ -477,37 +636,37 @@ *) mod_lua: Support for Lua 5.3 *) mod_proxy_http2: support for ProxyPreserverHost directive. [Stefan Eissing] - + *) mod_http2: fix for crash when running out of memory. [Robert Swiecki , Stefan Eissing] - + *) mod_proxy_fcgi: Return HTTP 504 rather than 503 in case of proxy timeout. [Luca Toscano] - *) mod_http2: not counting file buckets again stream max buffer limits. - Effectively transfering static files in one step from slave to master + *) mod_http2: not counting file buckets again stream max buffer limits. + Effectively transfering static files in one step from slave to master connection. [Stefan Eissing] - + *) mod_http2: comforting ap_check_pipeline() on slave connections to facilitate reuse (see https://github.com/icing/mod_h2/issues/128). [Stefan Eissing, reported by Armin Abfalterer] - + *) mod_http2: http/2 streams now with state handling/transitions as defined in RFC7540. Stream cleanup/connection shutdown reworked to become easier - to understand/maintain/debug. Added many asserts on state and cleanup + to understand/maintain/debug. Added many asserts on state and cleanup transitions. [Stefan Eissing] - + *) mod_auth_digest: Use an anonymous shared memory segment by default, preventing startup failure after unclean shutdown. PR 54622. [Jan Kaluza] *) mod_filter: Fix AddOutputFilterByType with non-content-level filters. PR 58856. [Micha Lenk ] - + *) mod_watchdog: Fix semaphore leak over restarts. [Jim Jagielski] - *) mod_http2: regression fix on PR 59348, on graceful restart, ongoing - streams are finished normally before the final GOAWAY is sent. + *) mod_http2: regression fix on PR 59348, on graceful restart, ongoing + streams are finished normally before the final GOAWAY is sent. [Stefan Eissing, ] *) mod_proxy: Allow the per-request environment variable "no-proxy" to @@ -517,31 +676,31 @@ *) mod_http2: fixes PR60599, sending proper response for conditional requests answered by mod_cache. [Jeff Wheelhouse, Stefan Eissing] - + *) mod_http2: rework of stream resource cleanup to avoid a crash in a close of a lingering connection. Prohibit special file bucket beaming for shared buckets. Files sent in stream output now use the stream pool as read buffer, reducing memory footprint of connections. [Yann Ylavic, Stefan Eissing] - + *) mod_proxy_fcgi, mod_fcgid: Fix crashes in ap_fcgi_encoded_env_len() when modules add empty environment variables to the request. PR 60275. [] - *) mod_http2: fix for possible page fault when stream is resumed during + *) mod_http2: fix for possible page fault when stream is resumed during session shutdown. [sidney-j-r-m (github)] - + *) mod_http2: fix for h2 session ignoring new responses while already open streams continue to have data available. [Stefan Eissing] - + *) mod_http2: adding support for MergeTrailers directive. [Stefan Eissing] - - *) mod_http2: limiting DATA frame sizes by TLS record sizes in use on the + + *) mod_http2: limiting DATA frame sizes by TLS record sizes in use on the connection. Flushing outgoing frames earlier. [Stefan Eissing] *) mod_http2: cleanup beamer registry on server reload. PR 60510. [Pavel Mateja , Stefan Eissing] - + *) mod_proxy_{ajp,fcgi}: Fix a possible crash when reusing an established backend connection, happening with LogLevel trace2 or higher configured, or at any log level with compilers not detected as C99 compliant (e.g. @@ -552,8 +711,8 @@ *) mod_http2: fixes https://github.com/icing/mod_h2/issues/126 e.g. beam bucket lifetime handling when data is sent over temporary pools. - [Stefan Eissing] - + [Stefan Eissing] + Changes with Apache 2.4.25 *) Fix some build issues related to various modules. @@ -592,7 +751,7 @@ [Dominic Scheirlinck , Yann Ylavic] *) mod_rewrite: Limit runaway memory use by short circuiting some kinds of - looping RewriteRules when the local path significantly exceeds + looping RewriteRules when the local path significantly exceeds LimitRequestLine. PR 60478. [Jeff Wheelhouse ] *) mod_ratelimit: Allow for initial "burst" amount at full speed before @@ -616,7 +775,7 @@ configured in , like in 2.2. PR 60458. [Eric Covener] - *) mod_lua: Fix default value of LuaInherit directive. It should be + *) mod_lua: Fix default value of LuaInherit directive. It should be 'parent-first' instead of 'none', as per documentation. PR 60419 [Christophe Jaillet] @@ -644,7 +803,7 @@ *) mod_http2: new directive 'H2EarlyHints' to enable sending of HTTP status 103 interim responses. Disabled by default. [Stefan Eissing] - + *) mod_ssl: Fix quick renegotiation (OptRenegotiaton) with no intermediate in the client certificate chain. PR 55786. [Yann Ylavic] @@ -669,27 +828,27 @@ behavior in a routine that sends 's to the output filters. [Evgeny Kotkov] - *) mod_http2: new directive 'H2PushResource' to enable early pushes before - processing of the main request starts. Resources are announced to the - client in Link headers on a 103 early hint response. + *) mod_http2: new directive 'H2PushResource' to enable early pushes before + processing of the main request starts. Resources are announced to the + client in Link headers on a 103 early hint response. All responses with status code <400 are inspected for Link header and trigger pushes accordingly. 304 still does prevent pushes. 'H2PushResource' can mark resources as 'critical' which gives them higher priority than the main resource. This leads to preferred scheduling for processing and, when content is available, will send it first. 'critical' is also recognized on Link headers. [Stefan Eissing] - + *) mod_proxy_http2: uris in Link headers are now mapped back to a suitable local url when available. Relative uris with an absolute path are mapped as well. This makes reverse proxy mapping available for resources - announced in this header. + announced in this header. With 103 interim responses being forwarded to the main client connection, this effectively allows early pushing of resources by a reverse proxied backend server. [Stefan Eissing] - + *) mod_proxy_http2: adding support for newly proposed 103 status code. [Stefan Eissing] - + *) mpm_unix: Apache fails to start if previously crashed then restarted with the same PID (e.g. in container). PR 60261. [Val , Yann Ylavic] @@ -697,15 +856,15 @@ *) mod_http2: unannounced and multiple interim responses (status code < 200) are parsed and forwarded to client until a final response arrives. [Stefan Eissing] - + *) mod_proxy_http2: improved robustness when main connection is closed early by resetting all ongoing streams against the backend. [Stefan Eissing] - + *) mod_http2: allocators from slave connections are released earlier, resulting in less overall memory use on busy, long lived connections. [Stefan Eissing] - + *) mod_remoteip: Pick up where we left off during a subrequest rather than running with the modified XFF but original TCP address. PR 49839/PR 60251 @@ -717,7 +876,7 @@ shutting down ongoing streams, changed log warnings to be less noisy when waiting on long running tasks. [Stefan Eissing] - *) mod_http2: changed all AP_DEBUG_ASSERT to ap_assert to have them + *) mod_http2: changed all AP_DEBUG_ASSERT to ap_assert to have them available also in normal deployments. [Stefan Eissing] *) mod_http2/mod_proxy_http2: 100-continue handling now properly implemented @@ -726,18 +885,18 @@ Requests headers are not delayed by this, since they are repeatable in case of failure. This greatly increases robustness, especially with busy server and/or low keepalive connections. [Stefan Eissing] - + *) mod_proxy_http2: fixed duplicate symbols with mod_http2. [Stefan Eissing] - + *) mod_http2: rewrite of how responses and trailers are transferred between master and slave connection. Reduction of internal states for tasks and streams, stability. Heuristic id generation for slave connections to better keep promise of connection ids unique at given point int time. - Fix for mod_cgid interop in high load situtations. + Fix for mod_cgid interop in high load situtations. Fix for handling of incoming trailers when no request body is sent. [Stefan Eissing] - + *) mod_http2: fix suspended handling for streams. Output could become blocked in rare cases. [Stefan Eissing] @@ -755,10 +914,10 @@ headers will immediately reset the stream with a PROTOCOL error. Feature logged by module on startup as 'INVHD' in info message. [Stefan Eissing] - + *) mod_http2: fixed handling of stream buffers during shutdown. [Stefan Eissing] - + *) mod_reqtimeout: Fix body timeout disabling for CONNECT requests to avoid triggering mod_proxy_connect's AH01018 once the tunnel is established. [Yann Ylavic] @@ -778,10 +937,10 @@ *) mod_http2: h2 status resource follows latest draft, see http://www.ietf.org/id/draft-benfield-http2-debug-state-01.txt [Stefan Eissing] - + *) mod_http2: handling graceful shutdown gracefully, e.g. handling existing streams to the end. [Stefan Eissing] - + *) mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data available before the request is sent. PR 57832. [Yann Ylavic] @@ -798,7 +957,7 @@ *) mod_dav: Add support for childtags to dav_error. [Jari Urpalainen ] - *) mod_proxy_fcgi: Fix 2.4.23 breakage for mod_rewrite per-dir and query + *) mod_proxy_fcgi: Fix 2.4.23 breakage for mod_rewrite per-dir and query string showing up in SCRIPT_FILENAME. PR59815 *) mod_include: Fix a potential memory misuse while evaluating expressions. @@ -807,14 +966,14 @@ *) mod_http2: new H2CopyFiles directive that changes treatment of file handles in responses. Necessary in order to fix broken lifetime handling in modules such as mod_wsgi. - + *) mod_http2: removing timeouts on master connection while requests are being processed. Requests may timeout, but the master only times out when no more requests are active. [Stefan Eissing] - + *) mod_http2: fixes connection flush when answering SETTINGS without any stream open. [Moto Ishizawa <@summerwind>, Stefan Eissing] - + Changes with Apache 2.4.23 *) mod_ssl: reset client-verify state of ssl when aborting renegotiations. @@ -878,12 +1037,12 @@ *) mod_proxy_http2: properly care for HTTP2 flow control of the frontend connection is HTTP/1.1. [Patch supplied by Evgeny Kotkov] - + *) mod_http2: improved cleanup of connection/streams/tasks to always have deterministic order regardless of event initiating it. Addresses - reported crashes due to memory read after free issues. - [Stefan Eissing] - + reported crashes due to memory read after free issues. + [Stefan Eissing] + *) mod_ssl: Correct the interaction between SSLProxyCheckPeerCN and newer SSLProxyCheckPeerName directives since release 2.4.5, such that disabling either disables both, and that enabling either triggers the new, more @@ -895,29 +1054,29 @@ in a SSI file. [Christophe Jaillet based on a suggestion from Rob] *) mod_http2: improved event handling for suspended streams, responses - and window updates. [Stefan Eissing] - + and window updates. [Stefan Eissing] + *) mod_proxy_hcheck: Provide for dynamic background health checks on reverse proxies associated with BalancerMember workers. [Jim Jagielski] *) mod_http2: Fix async write issue that led to selection of wrong timeout vs. keepalive timeout selection for idle sessions. [Stefan Eissing] - - *) mod_http2: checking LimitRequestLine, LimitRequestFields and + + *) mod_http2: checking LimitRequestLine, LimitRequestFields and LimitRequestFieldSize configurated values for incoming streams. Returning HTTP status 431 for too long/many headers fields and 414 for a too long pseudo header. [Stefan Eissing] - + *) mod_http2: tracking conn_rec->current_thread on slave connections, so that mod_lua finds the correct one. Fixes PR 59542. [Stefan Eissing] - + *) mod_proxy_http2: new experimental http2 proxy module for h2: and h2c: proxy urls. Part of the httpd mod_proxy framework, common settings apply. Requests from the same HTTP/2 frontend connection against the same backend are aggregated on a single connection. [Stefan Eissing] - + *) mod_http2: slave connections have conn_rec->aborted flag set when a stream has been reset by the client. [Stefan Eissing] @@ -928,8 +1087,8 @@ Workaround for http: when forwarding partial file buckets to keep the output filter from closing these too early. [Stefan Eissing] - *) mod_http2: elimination of fixed master connection buffer for TLS - connections. New scratch bucket handling optimized for TLS write sizes. + *) mod_http2: elimination of fixed master connection buffer for TLS + connections. New scratch bucket handling optimized for TLS write sizes. File bucket data read directly into scratch buffers, avoiding one copy. Non-TLS connections continue to pass buckets unchanged to the core filters to allow sendfile() usage. [Stefan Eissing] @@ -948,7 +1107,7 @@ [Stefan Eissing] *) mod_http2: scoreboard updates that summarize the h2 session (and replace - the last request information) will only happen when the session is idle or + the last request information) will only happen when the session is idle or in shutdown/done phase. [Stefan Eissing] *) mod_http2: new "bucket beam" technology to transport buckets across @@ -961,7 +1120,7 @@ [Jeff Trawick] *) scoreboard/status: Restore behavior of showing workers' previous Client, - VHost and Request values when idle, like in 2.4.18 and earlier. + VHost and Request values when idle, like in 2.4.18 and earlier. *) mod_http2: r->protocol changed to "HTTP/2.0" (was "HTTP/2") as this will give expected syntax in CGI's SERVER_PROTOCOL is more compatible with @@ -972,9 +1131,9 @@ Changes with Apache 2.4.20 - *) SECURITY: CVE-2016-1546 (cve.mitre.org) + *) SECURITY: CVE-2016-1546 (cve.mitre.org) mod_http2: restricting number of concurrent stream workers per connection - if client is slow. + if client is slow. *) core: Do not read .htaccess if AllowOverride and AllowOverrideList are "None". PR 58528. @@ -989,7 +1148,7 @@ [John ] *) mod_http2: incrementing keepalives on each request started so that logging - %k gives increasing numbers per master http2 connection. + %k gives increasing numbers per master http2 connection. New documented variables in env, usable in custom log formats: H2_PUSH, H2_PUSHED, H2_PUSHED_ON, H2_STREAM_ID and H2_STREAM_TAG. [Stefan Eissing] @@ -1001,10 +1160,13 @@ memory leak on slave connection reuse. [Stefan Eissing] *) mod_http2: Fix build on Windows from dsp files. - [Stefan Eissing] - + [Stefan Eissing] + Changes with Apache 2.4.19 + *) mod_ssl: Add missing Upgrade/Connection headers in case of TRACE or + OPTIONS * requests. PR 58688. [William Rowe] + *) mod_include: Add variable DOCUMENT_ARGS, with the arguments to the request for the SSI document. [Jeff Trawick] @@ -1012,17 +1174,17 @@ reverse DNS lookups. [Fabien] *) mod_proxy_http2: new experimental http2 proxy module for h2: and h2c: proxy - urls. Uses backend connections for concurrent requests if frontend + urls. Uses backend connections for concurrent requests if frontend connection is http2 as well. [Stefan Eissing] - + *) mod_ssl: Add hooks to allow other modules to perform processing at several stages of initialization and connection handling. See mod_ssl_openssl.h. [Jeff Trawick] - *) mod_http2: disabling PUSH when client sends GOAWAY. Slave connections are - reused for several requests, improved performance and better memory use. - [Stefan Eissing] + *) mod_http2: disabling PUSH when client sends GOAWAY. Slave connections are + reused for several requests, improved performance and better memory use. + [Stefan Eissing] *) mod_rewrite: Don't implicitly URL-escape the original query string when no substitution has changed it (like PR50447 but server context) @@ -1051,7 +1213,7 @@ *) event: use pre_connection hook to properly initialize connection state for slave connections. use protocol_switch hook to initialize server config - early based on SNI selected vhost. + early based on SNI selected vhost. [Stefan Eissing] *) hostname: Test and log useragent_host per-request across various modules, @@ -1068,35 +1230,35 @@ 'ed variable was also withdrawn. PR 59019 [Christophe Jaillet] - *) mod_http2: Accept-Encoding is, when present on the initiating request, + *) mod_http2: Accept-Encoding is, when present on the initiating request, added to push promises. This lets compressed content work in pushes. by the client. [Stefan Eissing] *) mod_http2: fixed possible read after free when streams were cancelled early by the client. [Stefan Eissing] - *) mod_http2: fixed possible deadlock during connection shutdown. Thanks to + *) mod_http2: fixed possible deadlock during connection shutdown. Thanks to @FrankStolle for reporting and getting the necessary data. [Stefan Eissing] - *) mod_http2: fixed apr_uint64_t formatting in a log statement to user proper + *) mod_http2: fixed apr_uint64_t formatting in a log statement to user proper APR def, thanks to @Sp1l. - *) mod_http2: number of worker threads allowed to a connection is adjusting - dynamically. Starting with 4, the number is doubled when streams can be + *) mod_http2: number of worker threads allowed to a connection is adjusting + dynamically. Starting with 4, the number is doubled when streams can be served without block on http/2 connection flow. The number is halfed, when - the server has to wait on client flow control grants. - This can happen with a maximum frequency of 5 times per second. - When a connection occupies too many workers, repeatable requests - (GET/HEAD/OPTIONS) are cancelled and placed back in the queue. Should that - not suffice and a stream is busy longer than the server timeout, the + the server has to wait on client flow control grants. + This can happen with a maximum frequency of 5 times per second. + When a connection occupies too many workers, repeatable requests + (GET/HEAD/OPTIONS) are cancelled and placed back in the queue. Should that + not suffice and a stream is busy longer than the server timeout, the connection will be aborted with error code ENHANCE_YOUR_CALM. This does *not* limit the number of streams a client may open, rather the number of server threads a connection might use. [Stefan Eissing] - *) mod_http2: allowing link header to specify multiple "rel" values, - space-separated inside a quoted string. Prohibiting push when Link + *) mod_http2: allowing link header to specify multiple "rel" values, + space-separated inside a quoted string. Prohibiting push when Link parameter "nopush" is present. [Stefan Eissing] @@ -1156,7 +1318,7 @@ a custom error page for status code 400 that uses server side includes. PR 58929 [Ruediger Pluem] - *) mod_ssl: handle TIMEOUT on empty SSL input as non-fatal, returning + *) mod_ssl: handle TIMEOUT on empty SSL input as non-fatal, returning APR_TIMEUP and preserving connection state for later retry. [Stefan Eissing] @@ -1164,9 +1326,9 @@ including the last and subsequent suitable buckets when coalescing. [Yann Ylavic] - *) mod_proxy_fcgi: Suppress HTTP error 503 and message 01075, - "Error dispatching request", when the cause appears to be - due to the client closing the connection. + *) mod_proxy_fcgi: Suppress HTTP error 503 and message 01075, + "Error dispatching request", when the cause appears to be + due to the client closing the connection. PR58118. [Tobias Adolph ] *) mod_cgid: Message AH02550, failure to flush a response to the client, @@ -1190,7 +1352,7 @@ in https://datatracker.ietf.org/doc/draft-kazuho-h2-cache-digest/ Introduced a status handler for HTTP/2 connections, giving various counters and statistics about the current connection, plus its cache digest value - in a JSON record. Not a replacement for more HTTP/2 in the server status. + in a JSON record. Not a replacement for more HTTP/2 in the server status. Configured as SetHandler http2-status @@ -1199,10 +1361,10 @@ *) mod_http2: Fixed flushing of last GOAWAY frame. Previously, that frame did not always reach the client, causing some to fail the next request. - Fixed calculation of last stream id accepted as described in rfc7540. - Reading in KEEPALIVE state now correctly shown in scoreboard. - Fixed possible race in connection shutdown after review by Ylavic. - Fixed segfault on connection shutdown, callback ran into a semi dismantled session. + Fixed calculation of last stream id accepted as described in rfc7540. + Reading in KEEPALIVE state now correctly shown in scoreboard. + Fixed possible race in connection shutdown after review by Ylavic. + Fixed segfault on connection shutdown, callback ran into a semi dismantled session. [Stefan Eissing] *) mod_http2: Added support for experimental accept-push-policy draft @@ -1223,7 +1385,7 @@ chance to use a connection before it goes down. [Stefan Eissing] - *) mod_status/scoreboard: showing connection protocol in new column, new + *) mod_status/scoreboard: showing connection protocol in new column, new ap_update_child_status methods for updating server/description. mod_ssl sets vhost negotiated by servername directly. [Stefan Eissing] @@ -1236,7 +1398,7 @@ *) mod_http2: connection level window for flow control is set to protocol maximum of 2GB-1, preventing window exhaustion when sending data on many - streams with higher cumulative window size. + streams with higher cumulative window size. Reducing write frequency unless push promises need to be flushed. [Stefan Eissing] @@ -1253,7 +1415,7 @@ to only staple responses with certificate status "good". [Kaspar Brand] *) mod_http2: new directive 'H2PushPriority' to allow priority specifications - on server pushed streams according to their content-type. + on server pushed streams according to their content-type. [Stefan Eissing] *) mod_http2: fixes crash on connection abort for a busy connection. @@ -1261,7 +1423,7 @@ [Stefan Eissing] *) mod_http2: trailers are sent after response body if set in request_rec - trailers_out before the end-of-request bucket is sent through the + trailers_out before the end-of-request bucket is sent through the output filters. [Stefan Eissing] *) mod_http2: incoming trailers (headers after request body) are properly @@ -1287,7 +1449,7 @@ requirements of RFC 7540 on TLS connections. [Stefan Eissing] *) core: add ap_get_protocol_upgrades() to retrieve the list of protocols - that a client could possibly upgrade to. Use in first request on a + that a client could possibly upgrade to. Use in first request on a connection to announce protocol choices. [Stefan Eissing] *) mod_http2: reworked deallocation on connection shutdown and worker @@ -1295,11 +1457,11 @@ on planned worker shutdown. [Yann Ylavic, Stefan Eissing] *) mod_ssl: when receiving requests for other virtual hosts than the handshake - server, the SSL parameters are checked for equality. With equal + server, the SSL parameters are checked for equality. With equal configuration, requests are passed for processing. Any change will trigger the old behaviour of "421 Misdirected Request". SSL now remembers the cipher suite that was used for the last handshake. - This is compared against for any vhost/directory cipher specification. + This is compared against for any vhost/directory cipher specification. Detailed examination of renegotiation is only done when these do not match. Renegotiation is 403ed when a master connection is present. Exact reason @@ -1357,7 +1519,7 @@ Kaspar Brand] *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on - an SSL connection. PR 58454. + an SSL connection. PR 58454. [Konstantin J. Chernov ] *) mod_cache: r->err_headers_out is not merged into @@ -1388,10 +1550,10 @@ loaded. [Eric Covener] *) mod_rewrite: Allow cookies set by mod_rewrite to contain ':' by accepting - ';' as an alternate separator. PR47241. + ';' as an alternate separator. PR47241. [, Eric Covener] - *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with + *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with apxs -q. PR58202. [Daniel Shahaf ] *) mod_rewrite: Avoid a crash when lacking correct DB access permissions @@ -1400,7 +1562,7 @@ *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions. PR 57868. [Jose Kahan , Yann Ylavic] - *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how + *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how long to keep idle connections with the memcache server(s). Change default value from 600 usec (!) to 15 sec. PR 58091 [Christophe Jaillet] @@ -1430,10 +1592,10 @@ Changes with Apache 2.4.15 (not released) *) mod_ext_filter, mod_charset_lite: Avoid inadvertent filtering of protocol - data during read of chunked request bodies. PR 58049. + data during read of chunked request bodies. PR 58049. [Edward Lu ] - *) mod_ldap: Stop leaking LDAP connections when 'LDAPConnectionPoolTTL 0' + *) mod_ldap: Stop leaking LDAP connections when 'LDAPConnectionPoolTTL 0' is configured. PR 58037. [Ted Phelps ] *) core: Allow spaces after chunk-size for compatibility with implementations @@ -1458,13 +1620,13 @@ Changes with Apache 2.4.13 (not released) *) SECURITY: CVE-2015-0253 (cve.mitre.org) - core: Fix a crash with ErrorDocument 400 pointing to a local URL-path - with the INCLUDES filter active, introduced in 2.4.11. PR 57531. + core: Fix a crash with ErrorDocument 400 pointing to a local URL-path + with the INCLUDES filter active, introduced in 2.4.11. PR 57531. [Yann Ylavic] *) SECURITY: CVE-2015-0228 (cve.mitre.org) mod_lua: A maliciously crafted websockets PING after a script - calls r:wsupgrade() can cause a child process crash. + calls r:wsupgrade() can cause a child process crash. [Edward Lu ] *) mod_proxy: Don't put the worker in error state for 500 or 503 errors @@ -1531,7 +1693,7 @@ [Ben Reser, Rainer Jung] *) Allow FallbackResource to work when a directory is requested and - there is no autoindex nor DirectoryIndex. + there is no autoindex nor DirectoryIndex. [Jack , Eric Covener] *) mod_proxy_wstunnel: Bypass the handler while the connection is not @@ -1562,11 +1724,11 @@ *) build: Don't load both mod_cgi and mod_cgid in the default configuration if they're both built. [olli hauer ] - *) mod_logio: Add LogIOTrackTTFB and %^FB logformat to log the time + *) mod_logio: Add LogIOTrackTTFB and %^FB logformat to log the time taken to start writing response headers. [Eric Covener] *) mod_ssl: Avoid compilation errors with LibreSSL related to - the use of ENGINE_CTRL_CHIL_SET_FORKCHECK. + the use of ENGINE_CTRL_CHIL_SET_FORKCHECK. [Stuart Henderson ] *) mod_proxy_http: Use the "Connection: close" header for requests to @@ -1581,13 +1743,13 @@ [Jan Kaluza] *) core_filters: Restore/disable TCP_NOPUSH option after non-blocking - sendfile. [Yann Ylavic] + sendfile. PR 53253. [Yann Ylavic] *) mod_buffer: Forward flushed input data immediately and avoid (unlikely) access to freed memory. [Yann Ylavic, Christophe Jaillet] *) core: Add CGIPassAuth directive to control whether HTTP authorization - headers are passed to scripts as CGI variables. PR 56855. [Jeff + headers are passed to scripts as CGI variables. PR 56855. [Jeff Trawick] *) core: Initialize scoreboard's used optional functions on graceful restarts @@ -1600,10 +1762,10 @@ "Second-0". PR55420 [Christophe Jaillet] - *) mod_cgid: Within the first minute of a server start or restart, + *) mod_cgid: Within the first minute of a server start or restart, allow mod_cgid to retry connecting to its daemon process. Previously, 'No such file or directory: unable to connect to cgi daemon...' could - be logged without an actual retry. PR57685. + be logged without an actual retry. PR57685. [Edward Lu ] *) mod_proxy: Use the original (non absolute) form of the request-line's URI @@ -1633,7 +1795,7 @@ PR56226. [Yann Ylavic] *) mod_lua: After a r:wsupgrade(), mod_lua was not properly - responding to a websockets PING but instead invoking the specified + responding to a websockets PING but instead invoking the specified script. PR57524. [Edward Lu ] *) mod_ssl: Add the SSL_CLIENT_CERT_RFC4523_CEA variable, which provides @@ -1644,7 +1806,7 @@ sized 664 byte array per merge to a hash table. [Graham Leggett] *) ab: Add missing longest request (100%) to CSV export. - [Marcin Fabrykowski ] + [Marcin Fabrykowski ] *) mod_macro: Clear macros before initialization to avoid use-after-free on startup or restart when the module is linked statically. PR 57525 @@ -1653,7 +1815,7 @@ *) mod_alias: Introduce expression parser support for Alias, ScriptAlias and Redirect. [Graham Leggett] - *) mod_ssl: 'SSLProtocol ALL' was being ignored in virtual host context. + *) mod_ssl: 'SSLProtocol ALL' was being ignored in virtual host context. PR 57100. [Michael Kaufmann , Yann Ylavic] @@ -1682,7 +1844,7 @@ the database. This is associated to AH01656 and AH01661. [Christophe Jaillet] *) mod_authz_groupfile: Reduce the severity of AH01667 from ERROR to DEBUG, - because it may be evaluated inside . PR55523. [Eric Covener] + because it may be evaluated inside . PR55523. [Eric Covener] *) mod_ssl: Fix small memory leak during initialization when ECDH is used. [Jan Kaluza] @@ -1704,7 +1866,7 @@ Changes with Apache 2.4.11 (not released) *) SECURITY: CVE-2014-3583 (cve.mitre.org) - mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with + mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with response headers' size above 8K. [Yann Ylavic, Jeff Trawick] *) SECURITY: CVE-2014-3581 (cve.mitre.org) @@ -1732,7 +1894,7 @@ tickets without restarting the web server with an appropriate frequency (e.g. daily) compromises perfect forward secrecy. [Rainer Jung] - *) mod_proxy_fcgi: Provide some basic alternate options for specifying + *) mod_proxy_fcgi: Provide some basic alternate options for specifying how PATH_INFO is passed to FastCGI backends by adding significance to the value of proxy-fcgi-pathinfo. PR 55329. [Eric Covener] @@ -1761,7 +1923,7 @@ leading 'e' was written in upper case in statements. [Christophe Jaillet] - *) split-logfile: Fix perl error: 'Can't use string ("example.org:80") + *) split-logfile: Fix perl error: 'Can't use string ("example.org:80") as a symbol ref while "strict refs"'. PR 56329. [Holger Mauermann ] @@ -1769,7 +1931,7 @@ the URL parameter interpolates to an empty string. PR 56603. [] - *) core: Fix -D[efined] or [d] variables lifetime across restarts. + *) core: Fix -D[efined] or [d] variables lifetime across restarts. PR 57328. [Armin Abfalterer , Yann Ylavic]. *) mod_proxy: Preserve original request headers even if they differ @@ -1813,7 +1975,7 @@ *) core: Support custom ErrorDocuments for HTTP 501 and 414 status codes. PR 57167 [Edward Lu ] - *) mod_proxy_connect: Fix ProxyRemote to https:// backends on EBCDIC + *) mod_proxy_connect: Fix ProxyRemote to https:// backends on EBCDIC systems. PR 57092 [Edward Lu ] *) mod_cache: Avoid a 304 response to an unconditional requst when an AH00752 @@ -1874,7 +2036,7 @@ and later. PR 56615. [Chuck Liu , Jeff Trawick] *) mod_ratelimit: Drop severity of AH01455 and AH01457 (ap_pass_brigade - failed) messages from ERROR to TRACE1. Other filters do not bother + failed) messages from ERROR to TRACE1. Other filters do not bother re-reporting failures from lower level filters. PR56832. [Eric Covener] *) core: Avoid useless warning message when parsing a section guarded by @@ -1972,7 +2134,7 @@ *) mod_proxy_fcgi: Fix occasional high CPU when handling request bodies. [Jeff Trawick] - *) event MPM: Fix possible crashes (third-party modules accessing c->sbh) + *) event MPM: Fix possible crashes (third-party modules accessing c->sbh) or occasional missed mod_status updates under load. PR 56639. [Edward Lu ] @@ -2001,13 +2163,13 @@ *) mod_proxy_fcgi: Support iobuffersize parameter. [Jeff Trawick] *) event: Send the SSL close notify alert when the KeepAliveTimeout - expires. PR54998. [Yann Ylavic] + expires. PR54998. [Yann Ylavic] *) mod_ssl: Ensure that the SSL close notify alert is flushed to the client. - PR54998. [Tim Kosse , Yann Ylavic] + PR54998. [Tim Kosse , Yann Ylavic] *) mod_proxy: Shutdown (eg. SSL close notify) the backend connection before - closing. [Yann Ylavic] + closing. [Yann Ylavic] *) mod_auth_form: Add a debug message when the fields on a form are not recognised. [Graham Leggett] @@ -2060,7 +2222,7 @@ *) mod_lua: Enforce the max post size allowed via r:parsebody() [Daniel Gruno] - *) mod_lua: Use binary comparison to find boundaries for multipart + *) mod_lua: Use binary comparison to find boundaries for multipart objects, as to not terminate our search prematurely when hitting a NULL byte. [Daniel Gruno] @@ -2087,7 +2249,7 @@ SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd directives. PR 56353. [Kaspar Brand] - *) mod_headers: Allow the "value" parameter of Header and RequestHeader to + *) mod_headers: Allow the "value" parameter of Header and RequestHeader to contain an ap_expr expression if prefixed with "expr=". [Eric Covener] *) rotatelogs: Avoid creation of zombie processes when -p is used on @@ -2101,7 +2263,7 @@ ProxyPassMatch as URL as they do not follow their syntax. PR 56074. [Ruediger Pluem] - *) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests + *) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests under the Event MPM. PR56216. [Frank Meier ] *) mod_proxy_fcgi: Fix sending of response without some HTTP headers @@ -2118,9 +2280,9 @@ when the thread/connection relationship changes. (Should be implemented for any third-party async MPMs.) [Jeff Trawick] - *) mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine + *) mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine hangups from websockets origin servers. PR 56299 - [Yann Ylavic, Edward Lu , Eric Covener] + [Yann Ylavic, Edward Lu , Eric Covener] *) mod_proxy_wstunnel: Don't pool backend websockets connections, because we need to handshake every time. PR 55890. @@ -2142,11 +2304,11 @@ from causing response splitting. [Daniel Gruno, Felipe Daragon ] - *) mod_lua: Disallow newlines in table values inside the request_rec, + *) mod_lua: Disallow newlines in table values inside the request_rec, to prevent HTTP Response Splitting via tainted headers. [Daniel Gruno, Felipe Daragon ] - *) mod_lua: Remove the non-working early/late arguments for + *) mod_lua: Remove the non-working early/late arguments for LuaHookCheckUserID. [Daniel Gruno] *) mod_lua: Change IVM storage to use shm [Daniel Gruno] @@ -2160,9 +2322,9 @@ would cause a crash in SSL_get_certificate for servers where the certificate hadn't been sent. [Stephen Henson] - *) mod_lua: Add a fixups hook that checks if the original request is intended - for LuaMapHandler. This fixes a bug where FallbackResource invalidates the - LuaMapHandler directive in certain cases by changing the URI before the map + *) mod_lua: Add a fixups hook that checks if the original request is intended + for LuaMapHandler. This fixes a bug where FallbackResource invalidates the + LuaMapHandler directive in certain cases by changing the URI before the map handler code executes [Daniel Gruno, Daniel Ferradal ]. Changes with Apache 2.4.8 (not released) @@ -2189,7 +2351,7 @@ *) core: Detect incomplete request and response bodies, log an error and forward it to the underlying filters. PR 55475 [Yann Ylavic] - *) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping + *) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping execution when a handler is already set. PR53929. [Eric Covener] *) mod_ssl: Do not perform SNI / Host header comparison in case of a @@ -2200,10 +2362,10 @@ future algorithm agility, and deprecate the SSLCertificateChainFile directive (obsoleted by SSLCertificateFile). [Kaspar Brand] - *) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore, + *) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore, and IgnoreInherit to allow RewriteRules to be pushed from parent scopes to child scopes without explicitly configuring each child scope. - PR56153. [Edward Lu ] + PR56153. [Edward Lu ] *) prefork: Fix long delays when doing a graceful restart. PR 54852 [Jim Jagielski, Arkadiusz Miskiewicz ] @@ -2232,14 +2394,14 @@ the Set-Cookie header. PR56105 [Kevin J Walters , Edward Lu ] - *) mod_lua: Allow for database results to be returned as a hash with + *) mod_lua: Allow for database results to be returned as a hash with row-name/value pairs instead of just row-number/value. [Daniel Gruno] *) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to %{REMOTE_ADDR}. PR 56094. [Edward Lu ] *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't - save the socket for reuse by the next worker as if it were an + save the socket for reuse by the next worker as if it were an APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener] *) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL @@ -2262,7 +2424,7 @@ *) build: only search for modules (config*.m4) in known subdirectories, see build/config-stubs. [Stefan Fritsch] - *) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk. + *) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk. PR 55833. [Eric Covener] *) mod_ssl: Add support for OpenSSL configuration commands by introducing @@ -2281,7 +2443,7 @@ *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size previously limited to 64MB. [Jens Låås ] - *) mod_lua: Use binary copy when dealing with uploads through r:parsebody() + *) mod_lua: Use binary copy when dealing with uploads through r:parsebody() to prevent truncating files. [Daniel Gruno] Changes with Apache 2.4.7 @@ -2334,8 +2496,8 @@ *) Add experimental cmake-based build system for Windows. [Jeff Trawick, Tom Donovan] - *) event MPM: Fix possible crashes (third party modules accessing c->sbh) - or occasional missed mod_status updates for some keepalive requests + *) event MPM: Fix possible crashes (third party modules accessing c->sbh) + or occasional missed mod_status updates for some keepalive requests under load. [Eric Covener] *) mod_authn_socache: Support optional initialization arguments for @@ -2383,7 +2545,7 @@ *) worker MPM: Don't forcibly kill worker threads if the child process is exiting gracefully. [Oracle Corporation] - *) core: apachectl -S prints wildcard name-based virtual hosts twice. + *) core: apachectl -S prints wildcard name-based virtual hosts twice. PR54948 [Eric Covener] *) mod_auth_basic: Add AuthBasicUseDigestAlgorithm directive to @@ -2430,8 +2592,8 @@ *) mod_ldap: retry on an LDAP timeout during authn. [Eric Covener] - *) mod_ldap: Change "LDAPReferrals off" to actually set the underlying LDAP - SDK option to OFF, and introduce "LDAPReferrals default" to take the SDK + *) mod_ldap: Change "LDAPReferrals off" to actually set the underlying LDAP + SDK option to OFF, and introduce "LDAPReferrals default" to take the SDK default, sans rebind authentication callback. [Jan Kaluza ] @@ -2447,7 +2609,7 @@ - Avoid some memory allocation and work when TRACE1 is not activated - fix typo in include guard - indent - - No need to lower the string before removing the path, it is just + - No need to lower the string before removing the path, it is just a waste of time... - Save a few cycles [Christophe Jaillet ] @@ -2475,21 +2637,21 @@ with old connections in TIME_WAIT. [Jeff Trawick] *) core: Add open_htaccess hook which, in conjunction with dirwalk_stat - and post_perdir_config (introduced in 2.4.5), allows mpm-itk to be + and post_perdir_config (introduced in 2.4.5), allows mpm-itk to be used without patches to httpd core. [Stefan Fritsch] *) support/htdbm: fix processing of -t command line switch. Regression introduced in 2.4.4 PR 55264 [Jo Rhett ] - *) mod_lua: add websocket support via r:wsupgrade, r:wswrite, r:wsread + *) mod_lua: add websocket support via r:wsupgrade, r:wswrite, r:wsread and r:wsping. [Daniel Gruno] - *) mod_lua: add support for writing/reading cookies via r:getcookie and + *) mod_lua: add support for writing/reading cookies via r:getcookie and r:setcookie. [Daniel Gruno] *) mod_lua: If the first yield() of a LuaOutputFilter returns a string, it should - be prefixed to the response as documented. [Eric Covener] + be prefixed to the response as documented. [Eric Covener] Note: Not present in 2.4.7 CHANGES *) mod_lua: Remove ETAG, Content-Length, and Content-MD5 when a LuaOutputFilter @@ -2527,8 +2689,8 @@ [Takashi Sato, Graham Leggett] *) mod_auth_basic: Add a generic mechanism to fake basic authentication - using the ap_expr parser. AuthBasicFake allows the administrator to - construct their own username and password for basic authentication based + using the ap_expr parser. AuthBasicFake allows the administrator to + construct their own username and password for basic authentication based on their needs. [Graham Leggett] *) mpm_event: Check that AsyncRequestWorkerFactor is not negative. PR 54254. @@ -2744,7 +2906,7 @@ *) mod_lbmethod_heartbeat, mod_heartmonitor: Respect DefaultRuntimeDir/ DEFAULT_REL_RUNTIMEDIR for the heartbeat storage file. [Jeff Trawick] - *) mod_include: Use new ap_expr for 'elif', like 'if', + *) mod_include: Use new ap_expr for 'elif', like 'if', if legacy parser is not specified. PR 54548 [Tom Donovan] *) mod_lua: Add some new functions: r:htpassword(), r:mkdir(), r:mkrdir(), @@ -2903,7 +3065,7 @@ unless new option 'RewriteOptions MergeBase' is configured. PR 53963. [Eric Covener] - *) mod_header: Allow for exposure of loadavg and server load using new + *) mod_header: Allow for exposure of loadavg and server load using new format specifiers %l, %i, %b [Jim Jagielski] *) core: Make ap_regcomp() return AP_REG_ESPACE if out of memory. Make @@ -2916,7 +3078,7 @@ *) mod_dumpio: Correctly log large messages PR 54179 [Marek Wianecki ] - *) core: Don't fail at startup with AH00554 when Include points to + *) core: Don't fail at startup with AH00554 when Include points to a directory without any wildcard character. [Eric Covener] *) core: Fail startup if the argument to ServerTokens is unrecognized. @@ -2936,7 +3098,7 @@ ap_get_loadavg(). [Jim Jagielski, Jan Kaluza , Jeff Trawick] - *) mod_ldap: Fix regression in handling "server unavailable" errors on + *) mod_ldap: Fix regression in handling "server unavailable" errors on Windows. PR 54140. [Eric Covener] *) syslog logging: Remove stray ", referer" at the end of some messages. @@ -2963,7 +3125,7 @@ concat ".../" and "/..." to create "...//..." [Jim Jagielski] *) mod_cache: Wrong content type and character set when - mod_cache serves stale content because of a proxy error. + mod_cache serves stale content because of a proxy error. PR 53539. [Rainer Jung, Ruediger Pluem] *) mod_proxy_ajp: Fix crash in packet dump code when logging @@ -2979,7 +3141,7 @@ *) mod_proxy_balancer: The nonce is only derived from the UUID iff not set via the 'nonce' balancer param. [Jim Jagielski] - *) mod_ssl: Match wildcard SSL certificate names in proxy mode. + *) mod_ssl: Match wildcard SSL certificate names in proxy mode. PR 53006. [Joe Orton] *) Windows: Fix output of -M, -L, and similar command-line options @@ -3005,8 +3167,8 @@ *) mod_lua: Add new directive LuaAuthzProvider to allow implementing an authorization provider in lua. [Stefan Fritsch] - *) core: Be less strict when checking whether Content-Type is set to - "application/x-www-form-urlencoded" when parsing POST data, + *) core: Be less strict when checking whether Content-Type is set to + "application/x-www-form-urlencoded" when parsing POST data, or we risk losing data with an appended charset. PR 53698 [Petter Berntsen ] @@ -3083,7 +3245,7 @@ *) mod_proxy: Check hostname from request URI against ProxyBlock list, not forward proxy, if ProxyRemote* is configured. [Joe Orton] - *) mod_proxy_connect: Avoid DNS lookup on hostname from request URI + *) mod_proxy_connect: Avoid DNS lookup on hostname from request URI if ProxyRemote* is configured. PR 43697. [Joe Orton] *) mpm_event, mpm_worker: Remain active amidst prevalent child process @@ -3134,8 +3296,8 @@ *) mod_ldap: Treat the "server unavailable" condition as a transient error with all LDAP SDKs. [Filip Valder ] - *) core: Fix spurious "not allowed here" error returned when the Options - directive is used in .htaccess and "AllowOverride Options" (with no + *) core: Fix spurious "not allowed here" error returned when the Options + directive is used in .htaccess and "AllowOverride Options" (with no specific options restricted) is configured. PR 53444. [Eric Covener] *) mod_authz_core: Fix parsing of Require arguments in . @@ -3144,12 +3306,12 @@ *) mod_log_config: Fix %{abc}C truncating cookie values at first "=". PR 53104. [Greg Ames] - *) mod_ext_filter: Fix error_log spam when input filters are configured. + *) mod_ext_filter: Fix error_log spam when input filters are configured. [Joe Orton] *) mod_rewrite: Add "AllowAnyURI" option. PR 52774. [Joe Orton] - *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled). + *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled). [Paul Wouters , Joe Orton] *) core: Use a TLS 1.0 close_notify alert for internal dummy connection if @@ -3172,7 +3334,7 @@ standard modules, update for new format of server-status output. PR 45424. [Richard Bowen, Dave Brondsema, and others] - *) mod_sed, mod_log_debug, mod_rewrite: Symbol namespace cleanups. + *) mod_sed, mod_log_debug, mod_rewrite: Symbol namespace cleanups. [Joe Orton, André Malo] *) core: Prevent "httpd -k restart" from killing server in presence of @@ -3273,7 +3435,7 @@ *) SECURITY: CVE-2012-0053 (cve.mitre.org) Fix an issue in error responses that could expose "httpOnly" cookies - when no custom ErrorDocument is specified for status code 400. + when no custom ErrorDocument is specified for status code 400. [Eric Covener] *) mod_proxy_balancer: Fix crash on Windows. PR 52402 [Mladen Turk] @@ -3397,7 +3559,7 @@ *) mod_ssl: drop support for the SSLv2 protocol. [Kaspar Brand] *) mod_lua: Stop losing track of all but the most specific LuaHook* directives - when multiple per-directory config sections are used. Adds LuaInherit + when multiple per-directory config sections are used. Adds LuaInherit directive to control how parent sections are merged. [Eric Covener] *) Server directive display (-L): Include directives of DSOs. @@ -3480,8 +3642,8 @@ LoadModule statements for modules enabled by --enable-mods-shared=most and friends will be commented out. [Stefan Fritsch] - *) mod_lua: Prevent early Lua hooks (LuaHookTranslateName and - LuaHookQuickHandler) from being configured in , , + *) mod_lua: Prevent early Lua hooks (LuaHookTranslateName and + LuaHookQuickHandler) from being configured in , , and htaccess where the configuration would have been ignored. [Eric Covener] @@ -3502,7 +3664,7 @@ *) mod_include: Add support for application/x-www-form-urlencoded encoding and decoding. [Graham Leggett] - *) rotatelogs: Add -c option to force logfile creation in every rotation + *) rotatelogs: Add -c option to force logfile creation in every rotation interval, even if empty. [Jan Kaluža ] *) core: Limit ap_pregsub() to 64K, add ap_pregsub_ex() for longer strings. @@ -3572,7 +3734,7 @@ situations and use them in many places. PR 51568, PR 51569, PR 51571. [Stefan Fritsch] - *) Fix cross-compilation of mod_cgi/mod_cgid when APR_HAVE_STRUCT_RLIMIT is + *) Fix cross-compilation of mod_cgi/mod_cgid when APR_HAVE_STRUCT_RLIMIT is false but RLIMIT_* are defined. PR51371. [Eric Covener] *) core: Correctly obey ServerName / ServerAlias if the Host header from the @@ -5716,4 +5878,3 @@ Changes with Apache 2.0.x and later: *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup - diff -Nru apache2-2.4.33/CMakeLists.txt apache2-2.4.34/CMakeLists.txt --- apache2-2.4.33/CMakeLists.txt 2018-02-27 21:37:19.000000000 +0000 +++ apache2-2.4.34/CMakeLists.txt 2018-06-04 14:51:36.000000000 +0000 @@ -649,6 +649,8 @@ ${CMAKE_CURRENT_SOURCE_DIR}/modules/dav/main ${CMAKE_CURRENT_SOURCE_DIR}/modules/filters ${CMAKE_CURRENT_SOURCE_DIR}/modules/generators + ${CMAKE_CURRENT_SOURCE_DIR}/modules/http2 + ${CMAKE_CURRENT_SOURCE_DIR}/modules/md ${CMAKE_CURRENT_SOURCE_DIR}/modules/proxy ${CMAKE_CURRENT_SOURCE_DIR}/modules/session ${CMAKE_CURRENT_SOURCE_DIR}/modules/ssl @@ -672,6 +674,7 @@ ${CMAKE_CURRENT_SOURCE_DIR}/modules/filters/mod_xml2enc.h ${CMAKE_CURRENT_SOURCE_DIR}/modules/generators/mod_cgi.h ${CMAKE_CURRENT_SOURCE_DIR}/modules/generators/mod_status.h + ${CMAKE_CURRENT_SOURCE_DIR}/modules/http2/mod_http2.h ${CMAKE_CURRENT_SOURCE_DIR}/modules/loggers/mod_log_config.h ${CMAKE_CURRENT_SOURCE_DIR}/modules/mappers/mod_rewrite.h ${CMAKE_CURRENT_SOURCE_DIR}/modules/proxy/mod_proxy.h diff -Nru apache2-2.4.33/configure apache2-2.4.34/configure --- apache2-2.4.33/configure 2018-03-17 23:41:53.000000000 +0000 +++ apache2-2.4.34/configure 2018-07-10 13:55:14.000000000 +0000 @@ -686,6 +686,7 @@ AP_CLEAN_SRCLIB_DIRS AP_BUILD_SRCLIB_DIRS AP_LIBS +INSTALL_SUEXEC shared_build POST_SHARED_CMDS PRE_SHARED_CMDS @@ -1149,8 +1150,10 @@ with_suexec_uidmin with_suexec_gidmin with_suexec_logfile +with_suexec_syslog with_suexec_safepath with_suexec_umask +enable_suexec_capabilities enable_v4_mapped ' ac_precious_vars='build_alias @@ -2011,6 +2014,8 @@ --enable-userdir mapping of requests to user-specific directories --disable-alias mapping of requests to different filesystem parts --enable-rewrite rule based URL manipulation + --enable-suexec-capabilities + Use Linux capability bits not setuid root suexec --enable-v4-mapped Allow IPv6 sockets to handle IPv4 connections Optional Packages: @@ -2048,6 +2053,7 @@ --with-suexec-uidmin Minimal allowed UID --with-suexec-gidmin Minimal allowed GID --with-suexec-logfile Set the logfile + --with-suexec-syslog Use syslog for suexec logging --with-suexec-safepath Set the safepath --with-suexec-umask umask for suexec'd process @@ -25619,10 +25625,10 @@ if test "x$INCLUDES" = "x"; then - test "x$silent" != "xyes" && echo " setting INCLUDES to \"-I\$(top_srcdir)/$modpath_current\"" - INCLUDES="-I\$(top_srcdir)/$modpath_current" + test "x$silent" != "xyes" && echo " setting INCLUDES to \"-I\$(top_srcdir)/$modpath_current -I\$(top_srcdir)/modules/http2\"" + INCLUDES="-I\$(top_srcdir)/$modpath_current -I\$(top_srcdir)/modules/http2" else - apr_addto_bugger="-I\$(top_srcdir)/$modpath_current" + apr_addto_bugger="-I\$(top_srcdir)/$modpath_current -I\$(top_srcdir)/modules/http2" for i in $apr_addto_bugger; do apr_addto_duplicate="0" for j in $INCLUDES; do @@ -38974,15 +38980,53 @@ # Check whether --with-suexec-logfile was given. if test "${with_suexec_logfile+set}" = set; then : withval=$with_suexec_logfile; + if test "x$withval" = "xyes"; then + as_fn_error $? "log filename required for --with-suexec-logfile option" "$LINENO" 5 + elif test "x$withval" != "xno"; then cat >>confdefs.h <<_ACEOF #define AP_LOG_EXEC "$withval" _ACEOF + fi + fi +# Check whether --with-suexec-syslog was given. +if test "${with_suexec_syslog+set}" = set; then : + withval=$with_suexec_syslog; + if test $withval = "yes"; then + if test "x${with_suexec_logfile}" != "xno"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: hint: use \"--without-suexec-logfile --with-suexec-syslog\"" >&5 +$as_echo "$as_me: hint: use \"--without-suexec-logfile --with-suexec-syslog\"" >&6;} + as_fn_error $? "suexec does not support both logging to file and syslog" "$LINENO" 5 + fi + for ac_func in vsyslog +do : + ac_fn_c_check_func "$LINENO" "vsyslog" "ac_cv_func_vsyslog" +if test "x$ac_cv_func_vsyslog" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_VSYSLOG 1 +_ACEOF + +else + + as_fn_error $? "cannot support syslog from suexec without vsyslog()" "$LINENO" 5 +fi +done + + +$as_echo "#define AP_LOG_SYSLOG 1" >>confdefs.h + + fi + +fi + + + + # Check whether --with-suexec-safepath was given. if test "${with_suexec_safepath+set}" = set; then : withval=$with_suexec_safepath; @@ -39006,6 +39050,22 @@ fi +INSTALL_SUEXEC=setuid +# Check whether --enable-suexec-capabilities was given. +if test "${enable_suexec_capabilities+set}" = set; then : + enableval=$enable_suexec_capabilities; +INSTALL_SUEXEC=caps + +$as_echo "#define AP_SUEXEC_CAPABILITIES 1" >>confdefs.h + + +fi + + + APACHE_VAR_SUBST="$APACHE_VAR_SUBST INSTALL_SUEXEC" + + + if test x${apu_found} != xobsolete; then AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool --libs`" fi diff -Nru apache2-2.4.33/configure.in apache2-2.4.34/configure.in --- apache2-2.4.33/configure.in 2017-10-17 18:48:24.000000000 +0000 +++ apache2-2.4.34/configure.in 2018-05-30 19:09:00.000000000 +0000 @@ -744,7 +744,26 @@ AC_ARG_WITH(suexec-logfile, APACHE_HELP_STRING(--with-suexec-logfile,Set the logfile),[ - AC_DEFINE_UNQUOTED(AP_LOG_EXEC, "$withval", [SuExec log file] ) ] ) + if test "x$withval" = "xyes"; then + AC_MSG_ERROR([log filename required for --with-suexec-logfile option]) + elif test "x$withval" != "xno"; then + AC_DEFINE_UNQUOTED(AP_LOG_EXEC, "$withval", [SuExec log file]) + fi +]) + +AC_ARG_WITH(suexec-syslog, +APACHE_HELP_STRING(--with-suexec-syslog,Use syslog for suexec logging),[ + if test $withval = "yes"; then + if test "x${with_suexec_logfile}" != "xno"; then + AC_MSG_NOTICE([hint: use "--without-suexec-logfile --with-suexec-syslog"]) + AC_MSG_ERROR([suexec does not support both logging to file and syslog]) + fi + AC_CHECK_FUNCS([vsyslog], [], [ + AC_MSG_ERROR([cannot support syslog from suexec without vsyslog()])]) + AC_DEFINE(AP_LOG_SYSLOG, 1, [SuExec log to syslog]) + fi +]) + AC_ARG_WITH(suexec-safepath, APACHE_HELP_STRING(--with-suexec-safepath,Set the safepath),[ @@ -754,6 +773,15 @@ APACHE_HELP_STRING(--with-suexec-umask,umask for suexec'd process),[ AC_DEFINE_UNQUOTED(AP_SUEXEC_UMASK, 0$withval, [umask for suexec'd process] ) ] ) +INSTALL_SUEXEC=setuid +AC_ARG_ENABLE([suexec-capabilities], +APACHE_HELP_STRING(--enable-suexec-capabilities,Use Linux capability bits not setuid root suexec), [ +INSTALL_SUEXEC=caps +AC_DEFINE(AP_SUEXEC_CAPABILITIES, 1, + [Enable if suexec is installed with Linux capabilities, not setuid]) +]) +APACHE_SUBST(INSTALL_SUEXEC) + dnl APR should go after the other libs, so the right symbols can be picked up if test x${apu_found} != xobsolete; then AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool --libs`" diff -Nru apache2-2.4.33/debian/changelog apache2-2.4.34/debian/changelog --- apache2-2.4.33/debian/changelog 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/changelog 2018-08-03 20:09:27.000000000 +0000 @@ -1,3 +1,42 @@ +apache2 (2.4.34-1ubuntu1) cosmic; urgency=medium + + * Merge with Debian unstable. Remaining changes: + - debian/{control, apache2.install, apache2-utils.ufw.profile, + apache2.dirs}: Add ufw profiles. + - debian/apache2.py, debian/apache2-bin.install: Add apport hook. + - debian/patches/086_svn_cross_compiles: Backport several cross + fixes from upstream + - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace + Debian with Ubuntu on default page. + + d/source/include-binaries: add Ubuntu icon file + - d/t/control, d/t/check-http2: add basic test for http2 support + - d/control, d/rules, d/config-dir/mods-available/md.load: don't build + libapache2-mod-md, as that makes apache2-bin pull in libcurl4 which + cannot be coinstalled with libcurl3. That situation breaks the + installation of libapache2-mod-shib2. See + https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1770242/comments/1 + for details. + + -- Andreas Hasenack Fri, 03 Aug 2018 17:09:27 -0300 + +apache2 (2.4.34-1) unstable; urgency=medium + + [ OndÅ™ej Surý ] + * New upstream version 2.4.34 + Security fixes: + - CVE-2018-1333: Denial of service in mod_http2. Closes: #904106 + - CVE-2018-8011: Denial of service in mod_md. Closes: #904107 + * Refresh patches for Apache2 2.4.34 release + * Update the suexec-custom.patch for 2.4.34 release + + [ Stefan Fritsch ] + * Remove load order dependency introduced in mod_lbmethod_* in 2.4.34 + * Remove debian/gbp.conf. Closes: #904641 + * Fix typo in apache2_switch_mpm() in apache2-maintscript-helper. + Closes: #904150 + + -- Stefan Fritsch Fri, 27 Jul 2018 21:37:37 +0200 + apache2 (2.4.33-3ubuntu3) cosmic; urgency=medium * d/control, d/rules, d/config-dir/mods-available/proxy_uwsgi.load: diff -Nru apache2-2.4.33/debian/debhelper/apache2-maintscript-helper apache2-2.4.34/debian/debhelper/apache2-maintscript-helper --- apache2-2.4.33/debian/debhelper/apache2-maintscript-helper 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/debhelper/apache2-maintscript-helper 2018-08-03 20:09:27.000000000 +0000 @@ -287,7 +287,7 @@ fi local a2query_ret=0 - a2query -m "$mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$? + a2query -m "mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$? case $a2query_ret in 0) diff -Nru apache2-2.4.33/debian/gbp.conf apache2-2.4.34/debian/gbp.conf --- apache2-2.4.33/debian/gbp.conf 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/gbp.conf 1970-01-01 00:00:00.000000000 +0000 @@ -1,7 +0,0 @@ -[DEFAULT] -pristine-tar = True -builder=dpkg-buildpackage -i\.git -I.git -#cleaner=true -upstream-branch=upstream -debian-branch=master - diff -Nru apache2-2.4.33/debian/patches/build_suexec-custom.patch apache2-2.4.34/debian/patches/build_suexec-custom.patch --- apache2-2.4.33/debian/patches/build_suexec-custom.patch 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/build_suexec-custom.patch 2018-08-03 20:09:27.000000000 +0000 @@ -4,19 +4,33 @@ Last-Update: 2012-02-25 --- apache2.orig/Makefile.in +++ apache2/Makefile.in -@@ -270,14 +270,16 @@ install-man: +@@ -272,23 +272,26 @@ install-man: + install-suexec: install-suexec-binary install-suexec-$(INSTALL_SUEXEC) + + install-suexec-binary: +- @if test -f $(builddir)/support/suexec; then \ +- test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir); \ +- $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \ ++ @if test -f $(builddir)/support/suexec-pristine && test -f $(builddir)/support/suexec-custom; then \ ++ test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir); \ ++ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec-pristine $(DESTDIR)$(sbindir); \ ++ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec-custom $(DESTDIR)$(sbindir); \ fi - install-suexec: + install-suexec-setuid: - @if test -f $(builddir)/support/suexec; then \ +- chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ + @if test -f $(builddir)/support/suexec-pristine && test -f $(builddir)/support/suexec-custom; then \ - test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir); \ -- $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \ -- chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ -+ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec-pristine $(DESTDIR)$(sbindir); \ -+ chmod 4755 $(DESTDIR)$(sbindir)/suexec-pristine; \ -+ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec-custom $(DESTDIR)$(sbindir); \ -+ chmod 4755 $(DESTDIR)$(sbindir)/suexec-custom; \ ++ chmod 4755 $(DESTDIR)$(sbindir)/suexec-pristine; \ ++ chmod 4755 $(DESTDIR)$(sbindir)/suexec-custom; \ + fi + + install-suexec-caps: +- @if test -f $(builddir)/support/suexec; then \ +- setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \ ++ @if test -f $(builddir)/support/suexec-pristine && test -f $(builddir)/support/suexec-custom; then \ ++ setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec-pristine; \ ++ setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec-custom; \ fi suexec: diff -Nru apache2-2.4.33/debian/patches/fhs_compliance.patch apache2-2.4.34/debian/patches/fhs_compliance.patch --- apache2-2.4.33/debian/patches/fhs_compliance.patch 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/fhs_compliance.patch 2018-08-03 20:09:27.000000000 +0000 @@ -4,7 +4,7 @@ Last-Update: 2012-02-25 --- apache2.orig/configure +++ apache2/configure -@@ -37740,17 +37740,17 @@ ap_prefix="${ap_cur}" +@@ -39653,17 +39653,17 @@ ap_prefix="${ap_cur}" cat >>confdefs.h <<_ACEOF @@ -27,7 +27,7 @@ --- apache2.orig/configure.in +++ apache2/configure.in -@@ -843,11 +843,11 @@ rm -f modules.c +@@ -871,11 +871,11 @@ rm -f modules.c echo $MODLIST | $AWK -f $srcdir/build/build-modules-c.awk > modules.c APR_EXPAND_VAR(ap_prefix, $prefix) diff -Nru apache2-2.4.33/debian/patches/mod_http2_mem_usage_32bit.diff apache2-2.4.34/debian/patches/mod_http2_mem_usage_32bit.diff --- apache2-2.4.33/debian/patches/mod_http2_mem_usage_32bit.diff 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/mod_http2_mem_usage_32bit.diff 1970-01-01 00:00:00.000000000 +0000 @@ -1,12 +0,0 @@ -# https://svn.apache.org/r1830419 -# http://bugs.debian.org/897218 ---- apache2.orig/modules/http2/h2_bucket_beam.c -+++ apache2/modules/http2/h2_bucket_beam.c -@@ -924,6 +924,7 @@ apr_status_t h2_beam_send(h2_bucket_beam - while (!APR_BRIGADE_EMPTY(sender_bb) && APR_SUCCESS == rv) { - if (space_left <= 0) { - report_prod_io(beam, force_report, &bl); -+ r_purge_sent(beam); - rv = wait_not_full(beam, block, &space_left, &bl); - if (APR_SUCCESS != rv) { - break; diff -Nru apache2-2.4.33/debian/patches/remove_mod_lbmethod_load_order_dependency.diff apache2-2.4.34/debian/patches/remove_mod_lbmethod_load_order_dependency.diff --- apache2-2.4.33/debian/patches/remove_mod_lbmethod_load_order_dependency.diff 1970-01-01 00:00:00.000000000 +0000 +++ apache2-2.4.34/debian/patches/remove_mod_lbmethod_load_order_dependency.diff 2018-08-03 20:09:27.000000000 +0000 @@ -0,0 +1,317 @@ +# https://svn.apache.org/r1836381 +# https://svn.apache.org/r1836382 +# https://svn.apache.org/r1836383 +# https://svn.apache.org/r1836386 +# https://svn.apache.org/r1836603 + +--- apache2.orig/include/ap_mmn.h ++++ apache2/include/ap_mmn.h +@@ -515,6 +515,8 @@ + * 20120211.77 (2.4.34-dev) Add ap_exists_directive() + * 20120211.78 (2.4.34-dev) Add response_field_size to proxy_worker_shared + * 20120211.79 (2.4.34-dev) Add AP_GETLINE_NOSPC_EOL flag to http_protocol.h ++ * 20180720.2 (2.5.1-dev) Add optional function declaration for ++ * ap_proxy_balancer_get_best_worker to mod_proxy.h. + */ + + #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */ +--- apache2.orig/modules/proxy/balancers/mod_lbmethod_bybusyness.c ++++ apache2/modules/proxy/balancers/mod_lbmethod_bybusyness.c +@@ -22,6 +22,9 @@ + + module AP_MODULE_DECLARE_DATA lbmethod_bybusyness_module; + ++static APR_OPTIONAL_FN_TYPE(proxy_balancer_get_best_worker) ++ *ap_proxy_balancer_get_best_worker_fn = NULL; ++ + static int is_best_bybusyness(proxy_worker *current, proxy_worker *prev_best, void *baton) + { + int *total_factor = (int *)baton; +@@ -44,7 +47,7 @@ static proxy_worker *find_best_bybusynes + { + int total_factor = 0; + proxy_worker *worker = +- ap_proxy_balancer_get_best_worker(balancer, r, is_best_bybusyness, ++ ap_proxy_balancer_get_best_worker_fn(balancer, r, is_best_bybusyness, + &total_factor); + + if (worker) { +@@ -82,9 +85,32 @@ static const proxy_balancer_method bybus + NULL + }; + ++/* post_config hook: */ ++static int lbmethod_bybusyness_post_config(apr_pool_t *pconf, apr_pool_t *plog, ++ apr_pool_t *ptemp, server_rec *s) ++{ ++ ++ /* lbmethod_bybusyness_post_config() will be called twice during startup. So, don't ++ * set up the static data the 1st time through. */ ++ if (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_CREATE_PRE_CONFIG) { ++ return OK; ++ } ++ ++ ap_proxy_balancer_get_best_worker_fn = ++ APR_RETRIEVE_OPTIONAL_FN(proxy_balancer_get_best_worker); ++ if (!ap_proxy_balancer_get_best_worker_fn) { ++ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10151) ++ "mod_proxy must be loaded for mod_lbmethod_bybusyness"); ++ return !OK; ++ } ++ ++ return OK; ++} ++ + static void register_hook(apr_pool_t *p) + { + ap_register_provider(p, PROXY_LBMETHOD, "bybusyness", "0", &bybusyness); ++ ap_hook_post_config(lbmethod_bybusyness_post_config, NULL, NULL, APR_HOOK_MIDDLE); + } + + AP_DECLARE_MODULE(lbmethod_bybusyness) = { +--- apache2.orig/modules/proxy/balancers/mod_lbmethod_byrequests.c ++++ apache2/modules/proxy/balancers/mod_lbmethod_byrequests.c +@@ -22,6 +22,9 @@ + + module AP_MODULE_DECLARE_DATA lbmethod_byrequests_module; + ++static APR_OPTIONAL_FN_TYPE(proxy_balancer_get_best_worker) ++ *ap_proxy_balancer_get_best_worker_fn = NULL; ++ + static int is_best_byrequests(proxy_worker *current, proxy_worker *prev_best, void *baton) + { + int *total_factor = (int *)baton; +@@ -81,7 +84,7 @@ static proxy_worker *find_best_byrequest + request_rec *r) + { + int total_factor = 0; +- proxy_worker *worker = ap_proxy_balancer_get_best_worker(balancer, r, is_best_byrequests, &total_factor); ++ proxy_worker *worker = ap_proxy_balancer_get_best_worker_fn(balancer, r, is_best_byrequests, &total_factor); + + if (worker) { + worker->s->lbstatus -= total_factor; +@@ -123,13 +126,32 @@ static const proxy_balancer_method byreq + NULL + }; + ++/* post_config hook: */ ++static int lbmethod_byrequests_post_config(apr_pool_t *pconf, apr_pool_t *plog, ++ apr_pool_t *ptemp, server_rec *s) ++{ ++ ++ /* lbmethod_byrequests_post_config() will be called twice during startup. So, don't ++ * set up the static data the 1st time through. */ ++ if (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_CREATE_PRE_CONFIG) { ++ return OK; ++ } ++ ++ ap_proxy_balancer_get_best_worker_fn = ++ APR_RETRIEVE_OPTIONAL_FN(proxy_balancer_get_best_worker); ++ if (!ap_proxy_balancer_get_best_worker_fn) { ++ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10152) ++ "mod_proxy must be loaded for mod_lbmethod_byrequests"); ++ return !OK; ++ } ++ ++ return OK; ++} ++ + static void register_hook(apr_pool_t *p) + { +- /* Only the mpm_winnt has child init hook handler. +- * make sure that we are called after the mpm +- * initializes and after the mod_proxy +- */ + ap_register_provider(p, PROXY_LBMETHOD, "byrequests", "0", &byrequests); ++ ap_hook_post_config(lbmethod_byrequests_post_config, NULL, NULL, APR_HOOK_MIDDLE); + } + + AP_DECLARE_MODULE(lbmethod_byrequests) = { +--- apache2.orig/modules/proxy/balancers/mod_lbmethod_bytraffic.c ++++ apache2/modules/proxy/balancers/mod_lbmethod_bytraffic.c +@@ -22,6 +22,9 @@ + + module AP_MODULE_DECLARE_DATA lbmethod_bytraffic_module; + ++static APR_OPTIONAL_FN_TYPE(proxy_balancer_get_best_worker) ++ *ap_proxy_balancer_get_best_worker_fn = NULL; ++ + static int is_best_bytraffic(proxy_worker *current, proxy_worker *prev_best, void *baton) + { + apr_off_t *min_traffic = (apr_off_t *)baton; +@@ -59,7 +62,7 @@ static proxy_worker *find_best_bytraffic + { + apr_off_t min_traffic = 0; + +- return ap_proxy_balancer_get_best_worker(balancer, r, is_best_bytraffic, ++ return ap_proxy_balancer_get_best_worker_fn(balancer, r, is_best_bytraffic, + &min_traffic); + } + +@@ -93,13 +96,32 @@ static const proxy_balancer_method bytra + NULL + }; + ++/* post_config hook: */ ++static int lbmethod_bytraffic_post_config(apr_pool_t *pconf, apr_pool_t *plog, ++ apr_pool_t *ptemp, server_rec *s) ++{ ++ ++ /* lbmethod_bytraffic_post_config() will be called twice during startup. So, don't ++ * set up the static data the 1st time through. */ ++ if (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_CREATE_PRE_CONFIG) { ++ return OK; ++ } ++ ++ ap_proxy_balancer_get_best_worker_fn = ++ APR_RETRIEVE_OPTIONAL_FN(proxy_balancer_get_best_worker); ++ if (!ap_proxy_balancer_get_best_worker_fn) { ++ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10150) ++ "mod_proxy must be loaded for mod_lbmethod_bytraffic"); ++ return !OK; ++ } ++ ++ return OK; ++} ++ + static void register_hook(apr_pool_t *p) + { +- /* Only the mpm_winnt has child init hook handler. +- * make sure that we are called after the mpm +- * initializes and after the mod_proxy +- */ + ap_register_provider(p, PROXY_LBMETHOD, "bytraffic", "0", &bytraffic); ++ ap_hook_post_config(lbmethod_bytraffic_post_config, NULL, NULL, APR_HOOK_MIDDLE); + } + + AP_DECLARE_MODULE(lbmethod_bytraffic) = { +--- apache2.orig/modules/proxy/mod_proxy.h ++++ apache2/modules/proxy/mod_proxy.h +@@ -846,6 +846,14 @@ PROXY_DECLARE(proxy_worker *) ap_proxy_b + request_rec *r, + proxy_is_best_callback_fn_t *is_best, + void *baton); ++/* ++ * Needed by the lb modules. ++ */ ++APR_DECLARE_OPTIONAL_FN(proxy_worker *, proxy_balancer_get_best_worker, ++ (proxy_balancer *balancer, ++ request_rec *r, ++ proxy_is_best_callback_fn_t *is_best, ++ void *baton)); + + /** + * Find the shm of the worker as needed +--- apache2.orig/modules/proxy/proxy_util.c ++++ apache2/modules/proxy/proxy_util.c +@@ -69,6 +69,10 @@ static int proxy_match_domainname(struct + static int proxy_match_hostname(struct dirconn_entry *This, request_rec *r); + static int proxy_match_word(struct dirconn_entry *This, request_rec *r); + static int ap_proxy_retry_worker(const char *proxy_function, proxy_worker *worker, server_rec *s); ++static proxy_worker *proxy_balancer_get_best_worker(proxy_balancer *balancer, ++ request_rec *r, ++ proxy_is_best_callback_fn_t *is_best, ++ void *baton); + + APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(proxy, PROXY, int, create_req, + (request_rec *r, request_rec *pr), (r, pr), +@@ -1307,10 +1311,10 @@ PROXY_DECLARE(apr_status_t) ap_proxy_ini + return APR_SUCCESS; + } + +-PROXY_DECLARE(proxy_worker *) ap_proxy_balancer_get_best_worker(proxy_balancer *balancer, +- request_rec *r, +- proxy_is_best_callback_fn_t *is_best, +- void *baton) ++static proxy_worker *proxy_balancer_get_best_worker(proxy_balancer *balancer, ++ request_rec *r, ++ proxy_is_best_callback_fn_t *is_best, ++ void *baton) + { + int i = 0; + int cur_lbset = 0; +@@ -1422,6 +1426,14 @@ PROXY_DECLARE(proxy_worker *) ap_proxy_b + return best_worker; + } + ++PROXY_DECLARE(proxy_worker *) ap_proxy_balancer_get_best_worker(proxy_balancer *balancer, ++ request_rec *r, ++ proxy_is_best_callback_fn_t *is_best, ++ void *baton) ++{ ++ return proxy_balancer_get_best_worker(balancer, r, is_best, baton); ++} ++ + /* + * CONNECTION related... + */ +@@ -4028,4 +4040,5 @@ void proxy_util_register_hooks(apr_pool_ + { + APR_REGISTER_OPTIONAL_FN(ap_proxy_retry_worker); + APR_REGISTER_OPTIONAL_FN(ap_proxy_clear_connection); ++ APR_REGISTER_OPTIONAL_FN(proxy_balancer_get_best_worker); + } +--- apache2.orig/modules/proxy/balancers/mod_lbmethod_heartbeat.c ++++ apache2/modules/proxy/balancers/mod_lbmethod_heartbeat.c +@@ -273,13 +273,11 @@ static proxy_worker *find_best_hb(proxy_ + ap_get_module_config(r->server->module_config, + &lbmethod_heartbeat_module); + ++ ap_proxy_retry_worker_fn = ++ APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); + if (!ap_proxy_retry_worker_fn) { +- ap_proxy_retry_worker_fn = +- APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); +- if (!ap_proxy_retry_worker_fn) { +- /* can only happen if mod_proxy isn't loaded */ +- return NULL; +- } ++ /* can only happen if mod_proxy isn't loaded */ ++ return NULL; + } + + apr_pool_create(&tpool, r->pool); +--- apache2.orig/modules/proxy/mod_proxy_balancer.c ++++ apache2/modules/proxy/mod_proxy_balancer.c +@@ -857,14 +857,12 @@ static int balancer_post_config(apr_pool + return OK; + } + ++ ap_proxy_retry_worker_fn = ++ APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); + if (!ap_proxy_retry_worker_fn) { +- ap_proxy_retry_worker_fn = +- APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); +- if (!ap_proxy_retry_worker_fn) { +- ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02230) +- "mod_proxy must be loaded for mod_proxy_balancer"); +- return !OK; +- } ++ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02230) ++ "mod_proxy must be loaded for mod_proxy_balancer"); ++ return !OK; + } + + /* +--- apache2.orig/modules/proxy/mod_proxy_http.c ++++ apache2/modules/proxy/mod_proxy_http.c +@@ -2037,14 +2037,12 @@ static int proxy_http_post_config(apr_po + return OK; + } + ++ ap_proxy_clear_connection_fn = ++ APR_RETRIEVE_OPTIONAL_FN(ap_proxy_clear_connection); + if (!ap_proxy_clear_connection_fn) { +- ap_proxy_clear_connection_fn = +- APR_RETRIEVE_OPTIONAL_FN(ap_proxy_clear_connection); +- if (!ap_proxy_clear_connection_fn) { +- ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02477) +- "mod_proxy must be loaded for mod_proxy_http"); +- return !OK; +- } ++ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02477) ++ "mod_proxy must be loaded for mod_proxy_http"); ++ return !OK; + } + + return OK; diff -Nru apache2-2.4.33/debian/patches/reproducible_builds.diff apache2-2.4.34/debian/patches/reproducible_builds.diff --- apache2-2.4.33/debian/patches/reproducible_builds.diff 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/reproducible_builds.diff 2018-08-03 20:09:27.000000000 +0000 @@ -27,7 +27,7 @@ CLEAN_TARGETS = gen_test_char test_char.h \ ApacheCoreOS2.def httpd.exp export_files \ -@@ -80,8 +81,8 @@ httpd.exp: exports.c export_vars.h +@@ -82,8 +83,8 @@ httpd.exp: exports.c export_vars.h @echo "#! ." > $@ @echo "* This file was AUTOGENERATED at build time." >> $@ @echo "* Please do not edit by hand." >> $@ diff -Nru apache2-2.4.33/debian/patches/series apache2-2.4.34/debian/patches/series --- apache2-2.4.33/debian/patches/series 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/series 2018-08-03 20:09:27.000000000 +0000 @@ -8,7 +8,7 @@ # This patch is applied manually #suexec-custom.patch -mod_http2_mem_usage_32bit.diff +remove_mod_lbmethod_load_order_dependency.diff # Patches added by Ubuntu 086_svn_cross_compiles diff -Nru apache2-2.4.33/debian/patches/suexec-custom.patch apache2-2.4.34/debian/patches/suexec-custom.patch --- apache2-2.4.33/debian/patches/suexec-custom.patch 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/suexec-custom.patch 2018-08-03 20:09:27.000000000 +0000 @@ -1,9 +1,11 @@ Description: the actual patch to make suexec-custom read a config file Forwarded: not-needed Author: Stefan Fritsch -Last-Update: 2014-05-29 ---- apache2.orig/support/suexec-custom.c -+++ apache2/support/suexec-custom.c +Last-Update: 2018-07-17 +diff --git a/support/suexec-custom.c b/support/suexec-custom.c +index f3811a97..30bb644b 100644 +--- a/support/suexec-custom.c ++++ b/support/suexec-custom.c @@ -29,6 +29,7 @@ * * @@ -20,7 +22,7 @@ #if APR_HAVE_UNISTD_H #include #endif -@@ -197,6 +199,26 @@ static void log_no_err(const char *fmt,. +@@ -222,6 +224,26 @@ static void log_no_err(const char *fmt,...) return; } @@ -47,7 +49,7 @@ static void clean_env(void) { char pathbuf[512]; -@@ -263,6 +285,11 @@ int main(int argc, char *argv[]) +@@ -288,6 +310,11 @@ int main(int argc, char *argv[]) struct stat dir_info; /* directory info holder */ struct stat prg_info; /* program info holder */ int cwdh; /* handle to cwd */ @@ -59,7 +61,7 @@ /* * Start with a "clean" environment -@@ -292,15 +319,10 @@ int main(int argc, char *argv[]) +@@ -317,15 +344,10 @@ int main(int argc, char *argv[]) || (! strcmp(AP_HTTPD_USER, pw->pw_name))) #endif /* _OSD_POSIX */ ) { @@ -73,20 +75,20 @@ -#ifdef AP_HTTPD_USER - fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER); -#endif - #ifdef AP_LOG_EXEC - fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC); + #if defined(AP_LOG_SYSLOG) + fprintf(stderr, " -D AP_LOG_SYSLOG\n"); + #elif defined(AP_LOG_EXEC) +@@ -339,9 +361,6 @@ int main(int argc, char *argv[]) #endif -@@ -313,9 +335,6 @@ int main(int argc, char *argv[]) #ifdef AP_UID_MIN fprintf(stderr, " -D AP_UID_MIN=%d\n", AP_UID_MIN); - #endif +-#endif -#ifdef AP_USERDIR_SUFFIX - fprintf(stderr, " -D AP_USERDIR_SUFFIX=\"%s\"\n", AP_USERDIR_SUFFIX); --#endif + #endif exit(0); } - /* -@@ -330,23 +349,6 @@ int main(int argc, char *argv[]) +@@ -357,23 +376,6 @@ int main(int argc, char *argv[]) target_gname = argv[2]; cmd = argv[3]; @@ -110,10 +112,11 @@ /* * Check for a leading '/' (absolute path) in the command to be executed, -@@ -371,6 +373,59 @@ int main(int argc, char *argv[]) +@@ -397,6 +399,59 @@ int main(int argc, char *argv[]) + userdir = 1; } - /* ++ /* + * Check to see if the user running this program + * is the user allowed to do so as defined in + * SUEXEC_CONFIG_DIR/username @@ -166,11 +169,10 @@ + } + } + -+ /* + /* * Error out if the target username is invalid. */ - if (strspn(target_uname, "1234567890") != strlen(target_uname)) { -@@ -511,7 +566,7 @@ int main(int argc, char *argv[]) +@@ -538,7 +593,7 @@ int main(int argc, char *argv[]) if (userdir) { if (((chdir(target_homedir)) != 0) || @@ -179,7 +181,7 @@ ((getcwd(dwd, AP_MAXPATH)) == NULL) || ((fchdir(cwdh)) != 0)) { log_err("cannot get docroot information (%s)\n", target_homedir); -@@ -519,7 +574,7 @@ int main(int argc, char *argv[]) +@@ -546,7 +601,7 @@ int main(int argc, char *argv[]) } } else { diff -Nru apache2-2.4.33/debian/patches/suexec-CVE-2007-1742.patch apache2-2.4.34/debian/patches/suexec-CVE-2007-1742.patch --- apache2-2.4.33/debian/patches/suexec-CVE-2007-1742.patch 2018-06-28 13:07:06.000000000 +0000 +++ apache2-2.4.34/debian/patches/suexec-CVE-2007-1742.patch 2018-08-03 20:09:27.000000000 +0000 @@ -14,7 +14,7 @@ #include #include -@@ -257,11 +258,12 @@ int main(int argc, char *argv[]) +@@ -281,11 +282,12 @@ int main(int argc, char *argv[]) char *actual_gname; /* actual group name */ char *cmd; /* command to be executed */ char cwd[AP_MAXPATH]; /* current working directory */ @@ -28,7 +28,7 @@ /* * Start with a "clean" environment -@@ -503,11 +505,16 @@ int main(int argc, char *argv[]) +@@ -529,11 +531,16 @@ int main(int argc, char *argv[]) exit(111); } @@ -46,7 +46,7 @@ log_err("cannot get docroot information (%s)\n", target_homedir); exit(112); } -@@ -515,12 +522,16 @@ int main(int argc, char *argv[]) +@@ -541,12 +548,16 @@ int main(int argc, char *argv[]) else { if (((chdir(AP_DOC_ROOT)) != 0) || ((getcwd(dwd, AP_MAXPATH)) == NULL) || diff -Nru apache2-2.4.33/docs/error/contact.html.var apache2-2.4.34/docs/error/contact.html.var --- apache2-2.4.33/docs/error/contact.html.var 2015-04-15 15:26:08.000000000 +0000 +++ apache2-2.4.34/docs/error/contact.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -104,6 +104,13 @@ in cazul in care credeti ca aceasta este o eroare a serverului. ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- +ЕÑли Ð’Ñ‹ Ñчитаете, что Ñто ошибка Ñервера, пожалуйÑта, Ñообщите об Ñтом +">веб-маÑтеру. +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -125,3 +132,15 @@ ">site yöneticisi ile iletişime geçin. ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- +如果您认为这是一个æœåŠ¡å™¨é”™è¯¯ï¼Œè¯·è”ç³»">网站管ç†å‘˜ã€‚ +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- +如果您èªç‚ºé€™æ˜¯ä¸€å€‹ä¼ºæœå™¨éŒ¯èª¤ï¼Œè«‹è¯ç¹«">網站管ç†å“¡ã€‚ +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_BAD_GATEWAY.html.var apache2-2.4.34/docs/error/HTTP_BAD_GATEWAY.html.var --- apache2-2.4.33/docs/error/HTTP_BAD_GATEWAY.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_BAD_GATEWAY.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -265,6 +265,23 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + ПрокÑи-Ñервер получил недопуÑтимый ответ от + вышеÑтоÑщего Ñервера. + + + + + + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -318,3 +335,37 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 代ç†æœåŠ¡å™¨ä»Žä¸Šæ¸¸æœåŠ¡å™¨æ”¶åˆ°äº†æ— æ•ˆçš„å“应。 + + + + + + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 代ç†ä¼ºæœå™¨å¾žä¸ŠéŠä¼ºæœå™¨æ”¶åˆ°äº†ç„¡æ•ˆçš„響應。 + + + + + + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_BAD_REQUEST.html.var apache2-2.4.34/docs/error/HTTP_BAD_REQUEST.html.var --- apache2-2.4.33/docs/error/HTTP_BAD_REQUEST.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_BAD_REQUEST.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -190,6 +190,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + ЗапроÑ, поÑланный Вашим браузером (или прокÑи-Ñервером), + Ñодержит ошибку и не может быть обработан. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -228,3 +240,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 您的æµè§ˆå™¨ï¼ˆæˆ–代ç†ï¼‰å‘é€äº†ä¸€ä¸ªæœåŠ¡å™¨æ— æ³•è§£æžçš„请求。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 您的ç€è¦½å™¨ï¼ˆæˆ–代ç†ï¼‰ç™¼é€äº†ä¸€å€‹ä¼ºæœå™¨ç„¡æ³•è§£æžçš„請求。 + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_FORBIDDEN.html.var apache2-2.4.34/docs/error/HTTP_FORBIDDEN.html.var --- apache2-2.4.33/docs/error/HTTP_FORBIDDEN.html.var 2015-05-01 11:57:08.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_FORBIDDEN.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -341,6 +341,27 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + + + У Ð’Ð°Ñ Ð½ÐµÑ‚ прав доÑтупа к Ñтой директории. + ОтÑутÑтвует индекÑный файл, или Ð´Ð¸Ñ€ÐµÐºÑ‚Ð¾Ñ€Ð¸Ñ Ð½ÐµÐ´Ð¾Ñтупна Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ. + + + + У Ð’Ð°Ñ Ð½ÐµÑ‚ прав доÑтупа к Ñтому объекту. + Файл недоÑтупен Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ, или Ñервер не может его прочитать. + + + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -409,3 +430,47 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + + + 您无æƒè®¿é—®æ‰€è¯·æ±‚的目录。 + 这是由于没有主页或该目录ä¸å…许被读å–导致的。 + + + + 您无æƒè®¿é—®æ‰€è¯·æ±‚的对象。 + 它å¯èƒ½ä¸å…许被读å–或无法被æœåŠ¡å™¨è¯»å–。 + + + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + + + 您無權訪å•æ‰€è«‹æ±‚的目錄。 + 這是由於沒有主é æˆ–該目錄ä¸å…許被讀å–導致的。 + + + + 您無權訪å•æ‰€è«‹æ±‚的物件。 + 它å¯èƒ½ä¸å…許被讀å–或無法被伺æœå™¨è®€å–。 + + + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_GONE.html.var apache2-2.4.34/docs/error/HTTP_GONE.html.var --- apache2-2.4.33/docs/error/HTTP_GONE.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_GONE.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -387,6 +387,30 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Документ удалён, и Ð°Ð´Ñ€ÐµÑ Ð¿ÐµÑ€ÐµÐ½Ð°Ð¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¾Ñ‚ÑутÑтвует. + + + + ПожалуйÑта, Ñообщите автору + ">Ñтраницы, + ÑÑылающейÑÑ Ð½Ð° документ, что ÑÑылка уÑтарела. + + + + ЕÑли Ð’Ñ‹ обратилиÑÑŒ к документу по ÑÑылке Ñ Ð´Ñ€ÑƒÐ³Ð¾Ð¹ Ñтраницы, пожалуйÑта, + Ñообщите её автору об ошибке. + + + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -464,3 +488,47 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 您请求的 URL 在此æœåŠ¡å™¨ä¸Šä¸å†å¯ç”¨ï¼Œä¸”没有设置转å‘的地å€ã€‚ + + + + 请通知">æ¥æºé¡µé¢çš„作者,该链接已过期。 + + + + 如果您从外部页é¢çš„一个链接访问,请è”系该页é¢çš„作者。 + + + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 您請求的 URL 在此伺æœå™¨ä¸Šä¸å†å¯ç”¨ï¼Œä¸”沒有設置轉發的ä½å€ã€‚ + + + + 請通知">來æºé é¢çš„作者,該連çµå·²éŽæœŸã€‚ + + + + 如果您從外部é é¢çš„一個連çµè¨ªå•ï¼Œè«‹è¯ç¹«æ­¤é é¢çš„作者。 + + + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_INTERNAL_SERVER_ERROR.html.var apache2-2.4.34/docs/error/HTTP_INTERNAL_SERVER_ERROR.html.var --- apache2-2.4.33/docs/error/HTTP_INTERNAL_SERVER_ERROR.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_INTERNAL_SERVER_ERROR.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -416,6 +416,33 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + + + Произошла внутреннÑÑ Ð¾ÑˆÐ¸Ð±ÐºÐ° Ñервера, в результате которой + Ñерверу не удалоÑÑŒ завершить обработку Вашего запроÑа. + + + + Error message: +
+ + + + Произошла внутреннÑÑ Ð¾ÑˆÐ¸Ð±ÐºÐ° Ñервера, в результате которой + Ñерверу не удалоÑÑŒ завершить обработку Вашего запроÑа. + Сервер перегружен, или в CGI-Ñкрипте обнаружена ошибка. + + + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -497,3 +524,53 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + + + æœåŠ¡å™¨å‘生了内部错误,无法处ç†æ‚¨çš„请求。 + + + + 错误信æ¯ï¼š +
+ + + + æœåŠ¡å™¨å‘生了内部错误,无法处ç†æ‚¨çš„请求。原因å¯èƒ½æ˜¯æœåŠ¡å™¨è¿‡è½½æˆ–在 CGI 脚本中出错。 + + + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + + + 伺æœå™¨ç™¼ç”Ÿäº†å…§éƒ¨éŒ¯èª¤ï¼Œç„¡æ³•è™•ç†æ‚¨çš„請求。 + + + + 錯誤資訊: +
+ + + + 伺æœå™¨ç™¼ç”Ÿäº†å…§éƒ¨éŒ¯èª¤ï¼Œç„¡æ³•è™•ç†æ‚¨çš„請求。原因å¯èƒ½æ˜¯ä¼ºæœå™¨è¶…載或在 CGI 腳本中出錯。 + + + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_LENGTH_REQUIRED.html.var apache2-2.4.34/docs/error/HTTP_LENGTH_REQUIRED.html.var --- apache2-2.4.33/docs/error/HTTP_LENGTH_REQUIRED.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_LENGTH_REQUIRED.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -200,6 +200,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Ð—Ð°Ð¿Ñ€Ð¾Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ метода + должен иметь правильное значение длины в поле Content-Length. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -239,3 +251,29 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 对 方法的请求必须带有有效的 + Content-Length 头字段。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + å° æ–¹æ³•çš„è«‹æ±‚å¿…é ˆå¸¶æœ‰æœ‰æ•ˆçš„ + Content-Length 頭欄ä½ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_METHOD_NOT_ALLOWED.html.var apache2-2.4.34/docs/error/HTTP_METHOD_NOT_ALLOWED.html.var --- apache2-2.4.33/docs/error/HTTP_METHOD_NOT_ALLOWED.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_METHOD_NOT_ALLOWED.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -190,6 +190,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Метод + Ð½ÐµÐ»ÑŒÐ·Ñ Ð¿Ñ€Ð¸Ð¼ÐµÐ½Ð¸Ñ‚ÑŒ к запрашиваемому реÑурÑу. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -229,3 +241,29 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 在请求的 URL 上ä¸å…许使用 + 方法。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 在請求的 URL 上ä¸å…許使用 + 方法。 + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_NOT_FOUND.html.var apache2-2.4.34/docs/error/HTTP_NOT_FOUND.html.var --- apache2-2.4.33/docs/error/HTTP_NOT_FOUND.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_NOT_FOUND.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -385,6 +385,32 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Запрашиваемый реÑÑƒÑ€Ñ Ð½Ðµ найден. + + + + СÑылка на + ">Ñтранице + неверна или уÑтарела. ПожалуйÑта, Ñообщите автору + ">Ñтой Ñтраницы + об ошибке. + + + + ЕÑли Ð’Ñ‹ ввели Ð°Ð´Ñ€ÐµÑ Ð´Ð°Ð½Ð½Ð¾Ð³Ð¾ реÑурÑа вручную, пожалуйÑта, удоÑтовертеÑÑŒ, + что в напиÑании адреÑа нет ошибок. + + + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -462,3 +488,49 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 您请求的 URL 在该æœåŠ¡å™¨ä¸Šæœªæ‰¾åˆ°ã€‚ + + + + 您的">æ¥æºé¡µé¢ä¸Šçš„链接å¯èƒ½å‡ºé”™æˆ–过期。 + 请将错误通知给">该页é¢çš„作者。 + + + + 如果您是手动输入的 URL ,请检查拼写并é‡è¯•ã€‚ + + + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 您請求的 URL 在該伺æœå™¨ä¸Šæœªæ‰¾åˆ°ã€‚ + + + + 您的">來æºé é¢ä¸Šçš„連çµå¯èƒ½å‡ºéŒ¯æˆ–éŽæœŸã€‚ + 請將錯誤通知給">該來æºé é¢çš„作者。 + + + + 如果您是手動輸入的 URL ,請檢查拼寫並é‡è©¦ã€‚ + + + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_NOT_IMPLEMENTED.html.var apache2-2.4.34/docs/error/HTTP_NOT_IMPLEMENTED.html.var --- apache2-2.4.33/docs/error/HTTP_NOT_IMPLEMENTED.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_NOT_IMPLEMENTED.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -181,6 +181,17 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Сервер не поддерживает возможноÑтей, необходимых Ð´Ð»Ñ Ð¾Ð±Ñ€Ð°Ð±Ð¾Ñ‚ÐºÐ¸ запроÑа. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -217,3 +228,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + æœåŠ¡å™¨ä¸æ”¯æŒæµè§ˆå™¨è¯·æ±‚的动作。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 伺æœå™¨ä¸æ”¯æ´ç€è¦½å™¨è«‹æ±‚的動作。 + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_PRECONDITION_FAILED.html.var apache2-2.4.34/docs/error/HTTP_PRECONDITION_FAILED.html.var --- apache2-2.4.33/docs/error/HTTP_PRECONDITION_FAILED.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_PRECONDITION_FAILED.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -183,6 +183,17 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + УÑловие в запроÑе к данному реÑурÑу не было выполнено. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -220,3 +231,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 对该 URL å‘é€çš„请求,包å«çš„先决æ¡ä»¶ä¸æˆç«‹ã€‚ + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + å°è©² URL 發é€çš„請求,包å«çš„先決æ¢ä»¶ä¸æˆç«‹ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var apache2-2.4.34/docs/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var --- apache2-2.4.33/docs/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -204,6 +204,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Тип передаваеиых данных запрещён методом , + или размера тела запроÑа Ñлишком велик. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -244,3 +256,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 方法ä¸å…许传输数æ®ï¼Œæˆ–æ•°æ®é‡è¶…过容é‡é™åˆ¶ã€‚ + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 方法ä¸å…許傳輸資料,或資料é‡è¶…éŽå®¹é‡é™åˆ¶ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_REQUEST_TIME_OUT.html.var apache2-2.4.34/docs/error/HTTP_REQUEST_TIME_OUT.html.var --- apache2-2.4.33/docs/error/HTTP_REQUEST_TIME_OUT.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_REQUEST_TIME_OUT.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -194,6 +194,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Сервер закрыл Ñоединение из-за иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ð²Ñ€ÐµÐ¼ÐµÐ½Ð¸, + отведённого браузеру на выполнение запроÑа. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -232,3 +244,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 由于æµè§ˆå™¨æœªåœ¨æŒ‡å®šæ—¶é—´å†…完æˆè¯·æ±‚,æœåŠ¡å™¨å…³é—­äº†ç½‘络连接。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 由於ç€è¦½å™¨æœªåœ¨æŒ‡å®šæ™‚間內完æˆè«‹æ±‚,伺æœå™¨é—œé–‰äº†ç¶²è·¯é€£æŽ¥ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_REQUEST_URI_TOO_LARGE.html.var apache2-2.4.34/docs/error/HTTP_REQUEST_URI_TOO_LARGE.html.var --- apache2-2.4.33/docs/error/HTTP_REQUEST_URI_TOO_LARGE.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_REQUEST_URI_TOO_LARGE.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -194,6 +194,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Длина запрашиваемого URL превышает макÑимально допуÑтимую + Ñервером. Ð—Ð°Ð¿Ñ€Ð¾Ñ Ð½Ðµ может быть обработан. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -233,3 +245,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 请求 URL 的长度超出了æœåŠ¡å™¨çš„长度é™åˆ¶ã€‚该请求无法处ç†ã€‚ + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 請求 URL 的長度超出了伺æœå™¨çš„長度é™åˆ¶ã€‚該請求無法處ç†ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_SERVICE_UNAVAILABLE.html.var apache2-2.4.34/docs/error/HTTP_SERVICE_UNAVAILABLE.html.var --- apache2-2.4.33/docs/error/HTTP_SERVICE_UNAVAILABLE.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_SERVICE_UNAVAILABLE.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -206,6 +206,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Сервер временно не имеет возможноÑти обработать Ваш Ð·Ð°Ð¿Ñ€Ð¾Ñ + по техничеÑким причинам. ПожалуйÑта, повторите позже. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -248,3 +260,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 由于æœåŠ¡å™¨ç»´æŠ¤æˆ–负载问题,æœåŠ¡å™¨æš‚时无法处ç†æ‚¨çš„请求。请ç¨åŽé‡è¯•ã€‚ + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 由於伺æœå™¨ç¶­è­·æˆ–負載å•é¡Œï¼Œä¼ºæœå™¨æš«æ™‚無法處ç†æ‚¨çš„請求。請ç¨å¾Œé‡è©¦ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_UNAUTHORIZED.html.var apache2-2.4.34/docs/error/HTTP_UNAUTHORIZED.html.var --- apache2-2.4.33/docs/error/HTTP_UNAUTHORIZED.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_UNAUTHORIZED.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -310,6 +310,25 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Сервер не Ñмог проверить данные аутентификации + на доÑтуп к "". + Ð’Ñ‹ предоÑтавили неверные учётные данные (например: пароль), или Ваш + браузер не знает, как их предоÑтавить. + + + + ЕÑли Вам разрешено запрашивать данный документ, пожалуйÑта, + проверьте Ñвои учётные данные и повторите запроÑ. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -368,3 +387,37 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + æ­¤æœåŠ¡å™¨æ— æ³•éªŒè¯æ‚¨æ˜¯å¦æœ‰æƒè®¿é—® URL ""。 + 原因å¯èƒ½æ˜¯æ‚¨æ供了错误的凭æ®ï¼ˆä¾‹å¦‚,错误的密ç ï¼‰ï¼Œæˆ–您的æµè§ˆå™¨ä¸çŸ¥é“如何æ供所需的凭æ®ã€‚ + + + + 如果您有æƒè®¿é—®è¯¥æ–‡æ¡£ï¼Œè¯·æ£€æŸ¥æ‚¨çš„用户å和密ç å¹¶é‡è¯•ã€‚ + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 此伺æœå™¨ç„¡æ³•é©—證您是å¦æœ‰æ¬Šè¨ªå• URL ""。 + 原因å¯èƒ½æ˜¯æ‚¨æ供了錯誤的憑據(例如,錯誤的密碼),或您的ç€è¦½å™¨ä¸çŸ¥é“如何æ供所需的憑據。 + + + + 如果您有權訪å•è©²æ–‡æª”,請檢查您的使用者å和密碼並é‡è©¦ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var apache2-2.4.34/docs/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var --- apache2-2.4.33/docs/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var 2015-04-22 17:10:17.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -180,6 +180,17 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Сервер не поддерживает работу Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ñ‹Ð¼ типом данных. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -215,3 +226,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + æœåŠ¡å™¨ä¸æ”¯æŒè¯·æ±‚中传输的媒体类型。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 伺æœå™¨ä¸æ”¯æŒè«‹æ±‚中傳輸的媒體型å¼ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/HTTP_VARIANT_ALSO_VARIES.html.var apache2-2.4.34/docs/error/HTTP_VARIANT_ALSO_VARIES.html.var --- apache2-2.4.33/docs/error/HTTP_VARIANT_ALSO_VARIES.html.var 2015-04-15 15:26:08.000000000 +0000 +++ apache2-2.4.34/docs/error/HTTP_VARIANT_ALSO_VARIES.html.var 2018-07-06 22:06:17.000000000 +0000 @@ -200,6 +200,18 @@ ----------ro-- +Content-language: ru +Content-type: text/html; charset=UTF-8 +Body:----------ru-- + + + Вариант запрашиваемого объекта - и Ñам реÑÑƒÑ€Ñ Ð½ÐµÐ¿Ð¾ÑтоÑнный. + ДоÑтуп к объекту невозможен. + + +----------ru-- + Content-language: sr Content-type: text/html; charset=UTF-8 Body:----------sr-- @@ -240,3 +252,27 @@ ----------tr-- + +Content-language: zh-cn +Content-type: text/html; charset=UTF-8 +Body:----------zh-cn-- + + + 请求实体的一个å˜å…ƒè‡ªèº«æ˜¯ä¸€ä¸ªå¯è¢«å商的资æºã€‚无法访问。 + + +----------zh-cn-- + +Content-language: zh-tw +Content-type: text/html; charset=UTF-8 +Body:----------zh-tw-- + + + 請求實體的一個變元自身是一個å¯è¢«å”商的資æºã€‚無法訪å•ã€‚ + + +----------zh-tw-- diff -Nru apache2-2.4.33/docs/error/README apache2-2.4.34/docs/error/README --- apache2-2.4.33/docs/error/README 2015-04-15 15:26:08.000000000 +0000 +++ apache2-2.4.34/docs/error/README 2018-07-06 22:06:17.000000000 +0000 @@ -16,6 +16,7 @@ | Language | Contributed by | +-----------------------+------------------------------------------+ | Brazilian (pt-br) | Ricardo Leite | + | Chinese (zh-cn/zh-tw) | CodeingBoy & popcorner | | Czech (cs) | Marcel Kolaja | | Dutch (nl) | Peter Van Biesen | | English (en) | Lars Eilebrecht | @@ -27,6 +28,7 @@ | Norwegian BokmÃ¥l (nb) | Tom Fredrik Klaussen | | Polish (pl) | Tomasz Kepczynski | | Romanian (ro) | Andrei Besleaga | + | Russian (ru) | Alexander Gaganashvili | | Serbian (sr) | Nikola Smolenski | | Spanish (es) | Karla Quintero | | Swedish (sv) | Thomas Sjögren | diff -Nru apache2-2.4.33/docs/man/ab.1 apache2-2.4.34/docs/man/ab.1 --- apache2-2.4.33/docs/man/ab.1 2015-05-07 16:25:55.000000000 +0000 +++ apache2-2.4.34/docs/man/ab.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "AB" 1 "2015-05-01" "Apache HTTP Server" "ab" +.TH "AB" 1 "2018-07-06" "Apache HTTP Server" "ab" .SH NAME ab \- Apache HTTP server benchmarking tool @@ -27,122 +27,122 @@ .SH "SYNOPSIS" .PP -\fBab\fR [ -\fBA\fR \fIauth-username\fR:\fIpassword\fR ] [ -\fBb\fR \fIwindowsize\fR ] [ -\fBB\fR \fIlocal-address\fR ] [ -\fBc\fR \fIconcurrency\fR ] [ -\fBC\fR \fIcookie-name\fR=\fIvalue\fR ] [ -\fBd\fR ] [ -\fBe\fR \fIcsv-file\fR ] [ -\fBf\fR \fIprotocol\fR ] [ -\fBg\fR \fIgnuplot-file\fR ] [ -\fBh\fR ] [ -\fBH\fR \fIcustom-header\fR ] [ -\fBi\fR ] [ -\fBk\fR ] [ -\fBl\fR ] [ -\fBm\fR \fIHTTP-method\fR ] [ -\fBn\fR \fIrequests\fR ] [ -\fBp\fR \fIPOST-file\fR ] [ -\fBP\fR \fIproxy-auth-username\fR:\fIpassword\fR ] [ -\fBq\fR ] [ -\fBr\fR ] [ -\fBs\fR \fItimeout\fR ] [ -\fBS\fR ] [ -\fBt\fR \fItimelimit\fR ] [ -\fBT\fR \fIcontent-type\fR ] [ -\fBu\fR \fIPUT-file\fR ] [ -\fBv\fR \fIverbosity\fR] [ -\fBV\fR ] [ -\fBw\fR ] [ -\fBx\fR \fI-attributes\fR ] [ -\fBX\fR \fIproxy\fR[:\fIport\fR] ] [ -\fBy\fR \fI-attributes\fR ] [ -\fBz\fR \fI
-attributes\fR ] [ -\fBZ\fR \fIciphersuite\fR ] [http[s]://]\fIhostname\fR[:\fIport\fR]/\fIpath\fR +\fB\fBab\fR [ -\fBA\fR \fIauth-username\fR:\fIpassword\fR ] [ -\fBb\fR \fIwindowsize\fR ] [ -\fBB\fR \fIlocal-address\fR ] [ -\fBc\fR \fIconcurrency\fR ] [ -\fBC\fR \fIcookie-name\fR=\fIvalue\fR ] [ -\fBd\fR ] [ -\fBe\fR \fIcsv-file\fR ] [ -\fBf\fR \fIprotocol\fR ] [ -\fBg\fR \fIgnuplot-file\fR ] [ -\fBh\fR ] [ -\fBH\fR \fIcustom-header\fR ] [ -\fBi\fR ] [ -\fBk\fR ] [ -\fBl\fR ] [ -\fBm\fR \fIHTTP-method\fR ] [ -\fBn\fR \fIrequests\fR ] [ -\fBp\fR \fIPOST-file\fR ] [ -\fBP\fR \fIproxy-auth-username\fR:\fIpassword\fR ] [ -\fBq\fR ] [ -\fBr\fR ] [ -\fBs\fR \fItimeout\fR ] [ -\fBS\fR ] [ -\fBt\fR \fItimelimit\fR ] [ -\fBT\fR \fIcontent-type\fR ] [ -\fBu\fR \fIPUT-file\fR ] [ -\fBv\fR \fIverbosity\fR] [ -\fBV\fR ] [ -\fBw\fR ] [ -\fBx\fR \fI-attributes\fR ] [ -\fBX\fR \fIproxy\fR[:\fIport\fR] ] [ -\fBy\fR \fI-attributes\fR ] [ -\fBz\fR \fI
-attributes\fR ] [ -\fBZ\fR \fIciphersuite\fR ] [http[s]://]\fIhostname\fR[:\fIport\fR]/\fIpath\fR\fR .SH "SUMMARY" .PP -ab is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server\&. It is designed to give you an impression of how your current Apache installation performs\&. This especially shows you how many requests per second your Apache installation is capable of serving\&. +\fBab\fR is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server\&. It is designed to give you an impression of how your current Apache installation performs\&. This especially shows you how many requests per second your Apache installation is capable of serving\&. .SH "OPTIONS" .TP --A \fIauth-username\fR:\fIpassword\fR -Supply BASIC Authentication credentials to the server\&. The username and password are separated by a single : and sent on the wire base64 encoded\&. The string is sent regardless of whether the server needs it (\fIi\&.e\&.\fR, has sent an 401 authentication needed)\&. +\fB-A \fIauth-username\fR:\fIpassword\fR\fR +Supply BASIC Authentication credentials to the server\&. The username and password are separated by a single \fB:\fR and sent on the wire base64 encoded\&. The string is sent regardless of whether the server needs it (\fIi\&.e\&.\fR, has sent an 401 authentication needed)\&. .TP --b \fIwindowsize\fR +\fB-b \fIwindowsize\fR\fR Size of TCP send/receive buffer, in bytes\&. .TP --B \fIlocal-address\fR +\fB-B \fIlocal-address\fR\fR Address to bind to when making outgoing connections\&. .TP --c \fIconcurrency\fR +\fB-c \fIconcurrency\fR\fR Number of multiple requests to perform at a time\&. Default is one request at a time\&. .TP --C \fIcookie-name\fR=\fIvalue\fR -Add a Cookie: line to the request\&. The argument is typically in the form of a \fIname\fR=\fIvalue\fR pair\&. This field is repeatable\&. +\fB-C \fIcookie-name\fR=\fIvalue\fR\fR +Add a \fBCookie:\fR line to the request\&. The argument is typically in the form of a \fB\fIname\fR=\fIvalue\fR\fR pair\&. This field is repeatable\&. .TP --d +\fB-d\fR Do not display the "percentage served within XX [ms] table"\&. (legacy support)\&. .TP --e \fIcsv-file\fR +\fB-e \fIcsv-file\fR\fR Write a Comma separated value (CSV) file which contains for each percentage (from 1% to 100%) the time (in milliseconds) it took to serve that percentage of the requests\&. This is usually more useful than the 'gnuplot' file; as the results are already 'binned'\&. .TP --f \fIprotocol\fR +\fB-f \fIprotocol\fR\fR Specify SSL/TLS protocol (SSL2, SSL3, TLS1, TLS1\&.1, TLS1\&.2, or ALL)\&. TLS1\&.1 and TLS1\&.2 support available in 2\&.4\&.4 and later\&. .TP --g \fIgnuplot-file\fR +\fB-g \fIgnuplot-file\fR\fR Write all measured values out as a 'gnuplot' or TSV (Tab separate values) file\&. This file can easily be imported into packages like Gnuplot, IDL, Mathematica, Igor or even Excel\&. The labels are on the first line of the file\&. .TP --h +\fB-h\fR Display usage information\&. .TP --H \fIcustom-header\fR -Append extra headers to the request\&. The argument is typically in the form of a valid header line, containing a colon-separated field-value pair (\fIi\&.e\&.\fR, "Accept-Encoding: zip/zop;8bit")\&. +\fB-H \fIcustom-header\fR\fR +Append extra headers to the request\&. The argument is typically in the form of a valid header line, containing a colon-separated field-value pair (\fIi\&.e\&.\fR, \fB"Accept-Encoding: zip/zop;8bit"\fR)\&. .TP --i -Do HEAD requests instead of GET\&. +\fB-i\fR +Do \fBHEAD\fR requests instead of \fBGET\fR\&. .TP --k +\fB-k\fR Enable the HTTP KeepAlive feature, \fIi\&.e\&.\fR, perform multiple requests within one HTTP session\&. Default is no KeepAlive\&. .TP --l +\fB-l\fR Do not report errors if the length of the responses is not constant\&. This can be useful for dynamic pages\&. Available in 2\&.4\&.7 and later\&. .TP --m \fIHTTP-method\fR +\fB-m \fIHTTP-method\fR\fR Custom HTTP method for the requests\&. Available in 2\&.4\&.10 and later\&. .TP --n \fIrequests\fR +\fB-n \fIrequests\fR\fR Number of requests to perform for the benchmarking session\&. The default is to just perform a single request which usually leads to non-representative benchmarking results\&. .TP --p \fIPOST-file\fR -File containing data to POST\&. Remember to also set -T\&. +\fB-p \fIPOST-file\fR\fR +File containing data to POST\&. Remember to also set \fB-T\fR\&. .TP --P \fIproxy-auth-username\fR:\fIpassword\fR -Supply BASIC Authentication credentials to a proxy en-route\&. The username and password are separated by a single : and sent on the wire base64 encoded\&. The string is sent regardless of whether the proxy needs it (\fIi\&.e\&.\fR, has sent an 407 proxy authentication needed)\&. +\fB-P \fIproxy-auth-username\fR:\fIpassword\fR\fR +Supply BASIC Authentication credentials to a proxy en-route\&. The username and password are separated by a single \fB:\fR and sent on the wire base64 encoded\&. The string is sent regardless of whether the proxy needs it (\fIi\&.e\&.\fR, has sent an 407 proxy authentication needed)\&. .TP --q -When processing more than 150 requests, ab outputs a progress count on stderr every 10% or 100 requests or so\&. The -q flag will suppress these messages\&. +\fB-q\fR +When processing more than 150 requests, \fBab\fR outputs a progress count on \fBstderr\fR every 10% or 100 requests or so\&. The \fB-q\fR flag will suppress these messages\&. .TP --r +\fB-r\fR Don't exit on socket receive errors\&. .TP --s \fItimeout\fR +\fB-s \fItimeout\fR\fR Maximum number of seconds to wait before the socket times out\&. Default is 30 seconds\&. Available in 2\&.4\&.4 and later\&. .TP --S +\fB-S\fR Do not display the median and standard deviation values, nor display the warning/error messages when the average and median are more than one or two times the standard deviation apart\&. And default to the min/avg/max values\&. (legacy support)\&. .TP --t \fItimelimit\fR -Maximum number of seconds to spend for benchmarking\&. This implies a -n 50000 internally\&. Use this to benchmark the server within a fixed total amount of time\&. Per default there is no timelimit\&. +\fB-t \fItimelimit\fR\fR +Maximum number of seconds to spend for benchmarking\&. This implies a \fB-n 50000\fR internally\&. Use this to benchmark the server within a fixed total amount of time\&. Per default there is no timelimit\&. .TP --T \fIcontent-type\fR -Content-type header to use for POST/PUT data, eg\&. application/x-www-form-urlencoded\&. Default is text/plain\&. +\fB-T \fIcontent-type\fR\fR +Content-type header to use for POST/PUT data, eg\&. \fBapplication/x-www-form-urlencoded\fR\&. Default is \fBtext/plain\fR\&. .TP --u \fIPUT-file\fR -File containing data to PUT\&. Remember to also set -T\&. +\fB-u \fIPUT-file\fR\fR +File containing data to PUT\&. Remember to also set \fB-T\fR\&. .TP --v \fIverbosity\fR -Set verbosity level - 4 and above prints information on headers, 3 and above prints response codes (404, 200, etc\&.), 2 and above prints warnings and info\&. +\fB-v \fIverbosity\fR\fR +Set verbosity level - \fB4\fR and above prints information on headers, \fB3\fR and above prints response codes (404, 200, etc\&.), \fB2\fR and above prints warnings and info\&. .TP --V +\fB-V\fR Display version number and exit\&. .TP --w +\fB-w\fR Print out results in HTML tables\&. Default table is two columns wide, with a white background\&. .TP --x \fI-attributes\fR -String to use as attributes for
\&. Attributes are inserted
\&. +\fB-x \fI
-attributes\fR\fR +String to use as attributes for \fB
\fR\&. Attributes are inserted \fB
\fR\&. .TP --X \fIproxy\fR[:\fIport\fR] +\fB-X \fIproxy\fR[:\fIport\fR]\fR Use a proxy server for the requests\&. .TP --y \fI-attributes\fR -String to use as attributes for \&. +\fB-y \fI-attributes\fR\fR +String to use as attributes for \fB\fR\&. .TP --z \fI - + @@ -222,7 +222,7 @@ - + @@ -236,7 +236,7 @@ - + @@ -434,10 +434,12 @@ - + + v can also be used to access variables). + diff -Nru apache2-2.4.33/docs/manual/expr.html.fr apache2-2.4.34/docs/manual/expr.html.fr --- apache2-2.4.33/docs/manual/expr.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/expr.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -208,8 +208,7 @@ + disponible à l'intérieur d'un bloc <If>) @@ -229,8 +228,7 @@ "basic") + disponible à l'intérieur d'un bloc <If>) @@ -245,8 +243,7 @@ "off" dans le cas contraire + disponible à l'intérieur d'un bloc <If>) @@ -454,10 +451,14 @@ - + + peut aussi utiliser le raccourci v). + + diff -Nru apache2-2.4.33/docs/manual/howto/http2.html.en apache2-2.4.34/docs/manual/howto/http2.html.en --- apache2-2.4.33/docs/manual/howto/http2.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/howto/http2.html.en 2018-06-24 19:42:08.000000000 +0000 @@ -37,10 +37,12 @@
  • HTTP/2 in Apache httpd
  • Build httpd with HTTP/2 support
  • Basic Configuration
    • +
  • MPM Configuration
  • Clients
  • Useful tools to debug HTTP/2
  • Server Push
    • -

    See also

    +
  • Early Hints
    • +

    See also

    top

    The HTTP/2 protocol

    @@ -72,7 +74,7 @@

    HTTP/2 in Apache httpd

    The HTTP/2 protocol is implemented by its own httpd module, aptly named - mod_http2. It implements the complete set + mod_http2. It implements the complete set of features described by RFC 7540 and supports HTTP/2 over cleartext (http:), as well as secure (https:) connections. The cleartext variant is named 'h2c', the secure one 'h2'. For h2c it allows the direct @@ -84,8 +86,8 @@

    Build httpd with HTTP/2 support

    -

    mod_http2 uses the library of nghttp2 - as its implementation base. In order to build mod_http2 you need at least version 1.2.1 of +

    mod_http2 uses the library of nghttp2 + as its implementation base. In order to build mod_http2 you need at least version 1.2.1 of libnghttp2 installed on your system.

    When you ./configure you Apache httpd source tree, you need to give it '--enable-http2' as additional argument to trigger the build of the module. @@ -94,7 +96,7 @@ to configure.

    While that should do the trick for most, they are people who might prefer a statically linked nghttp2 in this module. For those, the option --enable-nghttp2-staticlib-deps - exists. It works quite similar to how one statically links openssl to mod_ssl.

    + exists. It works quite similar to how one statically links openssl to mod_ssl.

    Speaking of SSL, you need to be aware that most browsers will speak HTTP/2 only on https: URLs, so you need a server with SSL support. But not only that, you will need a SSL library that supports the ALPN extension. If OpenSSL is the library you use, you need @@ -104,7 +106,7 @@

    Basic Configuration

    -

    When you have a httpd built with mod_http2 you need some +

    When you have a httpd built with mod_http2 you need some basic configuration for it becoming active. The first thing, as with every Apache module, is that you need to load it:

    LoadModule http2_module modules/mod_http2.so
    @@ -129,7 +131,13 @@

    This allows only HTTP/1 on connections, except SSL connections to test.example.org which offer HTTP/2.

    Choose a strong SSLCipherSuite

    -

    The SSLCipherSuite needs to be configured with a strong TLS cipher suite. The current version of mod_http2 does not enforce any cipher but most clients do so. Pointing a browser to a h2 enabled server with a inappropriate cipher suite will force it to simply refuse and fall back to HTTP 1.1. This is a common mistake that is done while configuring httpd for HTTP/2 the first time, so please keep it in mind to avoid long debugging sessions! If you want to be sure about the cipher suite to choose please avoid the ones listed in the HTTP/2 TLS blacklist.

    +

    The SSLCipherSuite needs to be configured with + a strong TLS cipher suite. The current version of mod_http2 does not enforce any cipher but most + clients do so. Pointing a browser to a h2 enabled server with a inappropriate + cipher suite will force it to simply refuse and fall back to HTTP 1.1. This is a common mistake + that is done while configuring httpd for HTTP/2 the first time, so please keep it in mind to avoid + long debugging sessions! If you want to be sure about the cipher suite to choose please avoid + the ones listed in the HTTP/2 TLS blacklist.

    The order of protocols mentioned is also relevant. By default, the first one is the most preferred protocol. When a client offers multiple choices, the one most to the @@ -151,12 +159,32 @@ ordering will decide.

    A last thing: the protocols you configure are not checked for correctness or spelling. You can mention protocols that do not exist, so there is no need - to guard Protocols with any IfModule checks.

    + to guard Protocols with any + <IfModule> checks.

    For more advanced tips on configuration, see the modules section about dimensioning and how to manage multiple hosts with the same certificate.

    top
    +

    MPM Configuration

    + + +

    HTTP/2 is supported in all multi-processing modules that come with httpd. However, if + you use the prefork mpm, there will be severe restrictions.

    +

    In prefork, mod_http2 will only process one request at at time + per connection. But clients, such as browsers, will send many requests at the same time. + If one of these takes long to process (or is a long polling one), the other requests will + stall.

    +

    mod_http2 will not work around this limit by default. The reason is that + prefork is today only chosen, if you run processing engines that are not + prepared for multi-threading, e.g. will crash with more than one request.

    +

    If your setup can handle it, configuring event mpm is nowadays + the best one (if supported on your platform).

    +

    If you are really stuck with prefork and want multiple requests, + you can tweak the H2MinWorkers to make + that possible. If it breaks, however, you own both parts.

    +
    top
    +

    Clients

    Almost all modern browsers support HTTP/2, but only over SSL connections: Firefox (v43), @@ -190,7 +218,10 @@

  • h2load - useful to stress-test your server.

    • Chrome offers detailed HTTP/2 logs on its connections via the - special net-internals page. There is also an interesting extension for Chrome and Firefox to visualize when your browser is using HTTP/2.

    + special net-internals page. There is also an + interesting extension for Chrome + and Firefox + to visualize when your browser is using HTTP/2.

    top

    Server Push

    @@ -211,7 +242,7 @@

    To summarize: there is no one good strategy on how to make best use of this feature of HTTP/2 and everyone is still experimenting. So, how do you experiment with it in Apache httpd?

    -

    mod_http2 inspect response header for Link headers +

    mod_http2 inspect response header for Link headers in a certain format:

    Link </xxx.css>;rel=preload, </xxx.js>; rel=preload
    @@ -237,10 +268,52 @@

    There are people thinking about how a client can tell a server what it already has, so PUSHes for those things can be avoided, but this is all highly experimental right now.

    -

    Another experimental draft that has been implemented in mod_http2 +

    Another experimental draft that has been implemented in mod_http2 is the Accept-Push-Policy Header Field where a client can, for each request, define what kind of PUSHes it accepts.

    +

    + PUSH might not always trigger the request/response/performance that one expects or + hopes for. There are various studies on this topic to be found on the web that explain + benefits and weaknesses and how different features of client and network influence + the outcome. For example: just because the server PUSHes a resource does not mean + a browser will actually use the data.

    +

    The major thing that influences the response being PUSHed is the request that was + simulated. The request URL for a PUSH is given by the application, but where do the + request headers come from? For example, will the PUSH request a accept-language + header and if yes with what value?

    +

    Apache will look at the original request (the one that triggered the PUSH) and copy the + following headers over to PUSH requests: user-agent, accept, + accept-encoding, accept-language, cache-control.

    +

    All other headers are ignored. Cookies will also not be copied over. PUSHing resources + that require a cookie to be present will not work. This can be a matter of debate. But + unless this is more clearly discussed with browser, let's err on the side of caution and + not expose cookie where they might oridinarily not be visible.

    +
    top
    +
    +

    Early Hints

    + +

    An alternative to PUSHing resources is to send Link headers to the + client before the response is even ready. This uses the HTTP feature called "Early Hints" and + is described in RFC 8297.

    +

    In order to use this, you need to explicitly enable it on the server via

    + 
    H2EarlyHints on
    + +

    (It is not enabled by default since some older browser tripped on such responses.)

    +

    If this feature is on, you can use the directive H2PushResource to + trigger early hints and resource PUSHes:

    + 
    <Location /xxx.html>
+    H2PushResource /xxx.css
+    H2PushResource /xxx.js
+</Location>
    + +

    This will send out a "103 Early Hints" response to a client as soon + as the server starts processing the request. This may be much early than + the time the first response headers have been determined, depending on your web + application.

    +

    If H2Push is enabled, this will also start the PUSH right after the + 103 response. If H2Push is disabled however, the 103 response will be send + nevertheless to the client.

    Available Languages:  en  | diff -Nru apache2-2.4.33/docs/manual/howto/http2.html.fr apache2-2.4.34/docs/manual/howto/http2.html.fr --- apache2-2.4.33/docs/manual/howto/http2.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/howto/http2.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -29,9 +29,9 @@

    Ce document est le guide de l'utilisateur de l'implémentation de HTTP/2 - dans Apache httpd. Cette fonctionnalité en est au stade de - production, et les interfaces et directives devraient - maintenant se stabiliser. + dans Apache httpd. Cette fonctionnalité en est au stade + de production, et les interfaces et directives devraient donc être + dorénavant relativement stables.

    +
  • Suggestions précoces
    • +

    Voir aussi

    top

    Le protocole HTTP/2

    @@ -99,7 +100,7 @@

    HTTP/2 dans Apache httpd

    Le protocole HTTP/2 est implémenté dans Apache httpd via un module - propre, pertinemment nommé mod_http2. Ce + propre, pertinemment nommé mod_http2. Ce module implémente toutes les fonctionnalités décrites par la RFC 7540 et supporte les connexions en texte pur (http:), ou sécurisées (https:). La variante texte pur se nomme 'h2c', et la variante sécurisée @@ -112,9 +113,9 @@

    Compilation de httpd avec le support de HTTP/2

    -

    mod_http2 se base sur la bibliothèque +

    mod_http2 se base sur la bibliothèque de nghttp2 pour son implémentation. Pour - pouvoir compiler mod_http2, libnghttp2 version + pouvoir compiler mod_http2, libnghttp2 version 1.2.1. ou supérieure doit être installée dans votre système.

    Pour déclencher la compilation de mod_http2, vous devez ajouter l'argument '--enable-http2' au script @@ -127,7 +128,7 @@ préféreront lier statiquement nghttp2 à ce module. Pour ce faire, utilisez l'argument --enable-nghttp2-staticlib-deps. Cette méthode est pratiquement la même que celle utilisée pour lier - statiquement openssl à mod_ssl.

    + statiquement openssl à mod_ssl.

    En parlant de SSL, vous devez savoir que la plupart des navigateurs ne communiqueront en HTTP/2 que sur des URLs sécurisées de type https: ; votre serveur doit donc supporter SSL. Mais de plus, @@ -140,7 +141,7 @@

    Maintenant que vous disposez d'un binaire httpd compilé avec le - module mod_http2, l'activation de ce dernier nécessite un + module mod_http2, l'activation de ce dernier nécessite un minimum de configuration supplémentaire. En premier lieu, comme pour tout module Apache, vous devez le charger :

    LoadModule http2_module modules/mod_http2.so
    @@ -171,7 +172,7 @@

    Utilisez une chaîne d'algorithmes de chiffrement forte

    La directive SSLCipherSuite doit être définie avec une chaîne d'algorithmes de chiffrement TLS forte. Même si - la version actuelle de mod_http2 n'impose pas d'algorithmes de chiffrement + la version actuelle de mod_http2 n'impose pas d'algorithmes de chiffrement particuliers, la plupart des clients le font. Faire pointer un navigateur vers un serveur où h2 est activé avec une chaîne d'algorithmes de chiffrement inappropriée entraînera un rejet et une retrogradation vers @@ -204,11 +205,11 @@

    Avec cette directive, l'ordre des protocoles que vous avez défini devient caduque et seul l'ordre défini par le client sera pris en compte.

    -

    Une dernière chose : les protocoles que vous définissez ne sont pas vérifiés - quant à leurs validité ou orthographe. Vous pouvez très bien définir des - protocoles qui n'existent pas, et il n'est donc pas nécessaire de filtrer - les Protocoles avec des vérifications de type - IfModule.

    +

    Une dernière chose : les protocoles que vous définissez ne sont pas + vérifiés quant à leurs validité ou orthographe. Vous pouvez très bien + définir des protocoles qui n'existent pas, et il n'est donc pas nécessaire + de filtrer le contenu de la directive Protocols avec des vérifications de type + <IfModule>.

    Pour des conseils plus avancés à propos de la configuration, voir la Documentation de mod_http2, et en particulier la section à propos de la consommation supplémentaire de ressources, ainsi que la section expliquant comment gérer les serveurs multiples avec certificat @@ -219,24 +220,24 @@

    Tous les modules multiprocessus (MPM) fournis avec httpd supportent - HTTP/2. Cependant, si vous utilisez le MPM prefork, vous allez + HTTP/2. Cependant, si vous utilisez le MPM prefork, vous allez faire face à de sévères restrictions.

    -

    Avec le MPM prefork, mod_http2 ne traitera +

    Avec le MPM prefork, mod_http2 ne traitera qu'une requête à la fois par connexion alors que les clients tels que les navigateurs internet envoient de nombreuses requêtes au même moment. Si l'une d'entre elles est longue à traiter (ou implique une longue interrogation), les autres requêtes seront mises en attente.

    -

    Par défaut, mod_http2 ne passe pas outre cette limitation pour - la simple et bonne raison que le MPM prefork n'est aujourd'hui +

    Par défaut, mod_http2 ne passe pas outre cette limitation pour + la simple et bonne raison que le MPM prefork n'est aujourd'hui choisi que si vous exécutez des moteurs de traitement qui ne sont pas préparés pour le multithreading (par exemple qui se crashent lorsque plusieurs requêtes arrivent).

    Si votre plateforme et votre installation de httpd le supportent, la meilleur solution consiste actuellement à utiliser le MPM - event. + event.

    Si vous n'avez pas d'autre choix que d'utiliser le MPM - prefork, mais souhaitez tout de même traiter plusieurs requêtes + prefork, mais souhaitez tout de même traiter plusieurs requêtes simultanément, vous pouvez jouer avec la directive H2MinWorkers, sans garantie que cela fonctionne.

    top
    @@ -310,7 +311,7 @@ meilleur usage de cette fonctionnalité de HTTP/2 et tout le monde en est encore au stade de l'expérimentation. À ce titre, voici des conseils pour procéder vous-même à ces expérimentations :

    -

    mod_http2 inspecte l'en-tête de la réponse et recherche les +

    mod_http2 inspecte l'en-tête de la réponse et recherche les en-têtes Link sous un certain format :

    Link </xxx.css>;rel=preload, </xxx.js>; rel=preload
    @@ -342,9 +343,61 @@ un stade très expérimental.

    L' en-tête Accept-Push-Policy est un autre dispositif expérimental - implémenté dans mod_http2 ; il permet au client de définir pour + implémenté dans mod_http2 ; il permet au client de définir pour chaque requête quels genres de PUSHes il accepte.

    -
    + + +

    + La fonctionnalité PUSH n'apportera pas toujours le gain de performances dans + l'obtention de réponses aux requêtes. Vous trouverez plusieurs études sur ce + sujet sur internet qui en expliquent les avantages et inconvénients et + comment les particularités des clients et du réseau en influencent le + fonctionnement. Par exemple, le seul fait que le serveur PUSHes une + ressource n'implique pas forcément que le navigateur l'utilisera.

    +

    Ce qui influence le plus la réponse PUSHed, c'est la requête qui a été + simulée. En effet, l'URL de la requête pour un PUSH est fournie par + l'application, mais d'où viennent les en-têtes ? Par exemple, La requête + PUSH requiert-elle un en-tête accept-language et si oui, quelle + sera sa valeur ?

    +

    httpd va consulter la requête originale (celle qui a déclenché le PUSH) + et copier les en-têtes suivants vers la requête PUSH : + user-agent, accept, accept-encoding, + accept-language et cache-control.

    +

    Tous les autres en-têtes sont ignorés. Les cookies eux non plus ne seront + pas copiés. PUSHer des ressources qui requièrent la présence d'un cookie ne + fonctionnera pas. Ceci peut être sujet à débat, mais tant que ce ne sera pas + clairement discuté avec les navigateurs, restons prudents et évitons + d'exposer les cookies là où ils ne sont pas censés être visibles.

    +
    top
    +
    +

    Suggestions précoces

    + +

    A l'instar des ressources PUSHées, une autre méthode consiste à envoyer + des en-têtes Link au client avant même que la réponse ne soit + prête. Cette méthode utilise la fonctionnalité appelée "Suggestions + précoces" (Early Hints) décrite dans la RFC 8297.

    +

    Pour utiliser cette fonctionnalité, vous devez l'activer explicitement + sur le serveur via :

    + 
    H2EarlyHints on
    + +

    Elle n'est en effet pas activée par défaut car certains navigateurs + anciens perdent pied avec de telles réponses.

    +

    Une fois cette fonctionnalité activée, vous pouvez utiliser la directive + H2PushResource pour déclencher les + suggestions précoces et les PUSHes de ressources :

    + 
    <Location /xxx.html>
+    H2PushResource /xxx.css
+    H2PushResource /xxx.js
+</Location>
    + +

    Le serveur enverra alors au client une réponse "103 Early + Hints" dès qu'il commencera à traiter la requête. Selon + votre application web, cet envoi peut intervenir beaucoup plus tôt que le + moment où les premiers en-têtes de réponse auront été déterminés.

    +

    Si H2Push est activé, ceci + déclenchera aussi le PUSH juste après la réponse 103. Mais si H2Push n'est pas activé, la réponse 103 sera + quand-même envoyée au client.

    +

    Langues Disponibles:  en  |  es  | diff -Nru apache2-2.4.33/docs/manual/howto/reverse_proxy.html.en apache2-2.4.34/docs/manual/howto/reverse_proxy.html.en --- apache2-2.4.33/docs/manual/howto/reverse_proxy.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/howto/reverse_proxy.html.en 2018-05-31 13:26:35.000000000 +0000 @@ -176,19 +176,40 @@

    - You can also fine-tune various failover scenarios, detailing which - workers and even which balancers should accessed in such cases. For - example, the below setup implements 2 failover cases: In the first, - http://hstandby.example.com:8080 is only sent traffic - if all other workers in the myset balancer are not available. - If that worker itself is not available, only then will the - http://bkup1.example.com:8080 and http://bkup2.example.com:8080 - workers be brought into rotation: + You can also fine-tune various failover scenarios, detailing which workers + and even which balancers should be accessed in such cases. For example, the + below setup implements three failover cases: +

    +
      +
    1. + http://spare1.example.com:8080 and + http://spare2.example.com:8080 are only sent traffic if one + or both of http://www2.example.com:8080 or + http://www3.example.com:8080 is unavailable. (One spare + will be used to replace one unusable member of the same balancer set.) +
      2. +
    2. + http://hstandby.example.com:8080 is only sent traffic if + all other workers in balancer set 0 are not available. +
      3. +
    3. + If all load balancer set 0 workers, spares, and the standby + are unavailable, only then will the + http://bkup1.example.com:8080 and + http://bkup2.example.com:8080 workers from balancer set + 1 be brought into rotation. +
      4. +
    +

    + Thus, it is possible to have one or more hot spares and hot standbys for + each load balancer set. 

    <Proxy balancer://myset>
     BalancerMember http://www2.example.com:8080
     BalancerMember http://www3.example.com:8080 loadfactor=3 timeout=1
+    BalancerMember http://spare1.example.com:8080 status=+R
+    BalancerMember http://spare2.example.com:8080 status=+R
     BalancerMember http://hstandby.example.com:8080 status=+H
     BalancerMember http://bkup1.example.com:8080 lbset=1
     BalancerMember http://bkup2.example.com:8080 lbset=1
@@ -200,11 +221,12 @@
 
 
     
    
-      The magic of this failover setup is setting http://hstandby.example.com:8080
-      with the +H status flag, which puts it in hot standby mode,
-      and making the 2 bkup# servers part of the #1 load balancer set (the
-      default set is 0); for failover, hot standbys (if they exist) are used 1st, when all regular
-      workers are unavailable; load balancer sets are always tried lowest number first.
+      For failover, hot spares are used as replacements for unusable workers in
+      the same load balancer set. A worker is considered unusable if it is
+      draining, stopped, or otherwise in an error/failed state. Hot standbys are
+      used if all workers and spares in the load balancer set are
+      unavailable. Load balancer sets (with their respective hot spares and
+      standbys) are always tried in order from lowest to highest.
    top
    @@ -292,8 +314,12 @@ + + viable workers or spares are available in the balancer set. diff -Nru apache2-2.4.33/docs/manual/install.html.tr.utf8 apache2-2.4.34/docs/manual/install.html.tr.utf8 --- apache2-2.4.33/docs/manual/install.html.tr.utf8 2018-03-03 13:08:07.000000000 +0000 +++ apache2-2.4.34/docs/manual/install.html.tr.utf8 2018-05-08 13:09:57.000000000 +0000 @@ -31,7 +31,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Bu belge Apache HTTP Sunucusunun sadece Unix ve Unix benzeri @@ -66,7 +65,33 @@

    top

    Tez canlılar için genel bir bakış

    +
    +
    Fedora/CentOS/Red Hat Enterprise Linux üzerinde kurulum
    +
    + 
    sudo yum install httpd
+sudo systemctl enable httpd
+sudo systemctl start httpd
    + +
    Bu dağıtımların yeni sürümlerinde yum + yerine dnf kullanılmaktadır.yum. Daha ayrıntılı + bilgi için Fedora projesinin + belgelerine bakınız.
    +
    + +
    Ubuntu/Debian üzerinde kurulum
    +
    +
    sudo apt install apache2
+sudo service apache2 start
    + + +
    Daha ayrıntılı bilgi için Ubuntu + belgelerine bakınız.
    + +
    + +
    Kaynak koddan kurulum
    +
    -attributes\fR -String to use as attributes for \&. +\fB-z \fI-attributes\fR\fR +String to use as attributes for \fB\fR\&. .TP --Z \fIciphersuite\fR +\fB-Z \fIciphersuite\fR\fR Specify SSL/TLS cipher suite (See openssl ciphers) .SH "OUTPUT" .PP -The following list describes the values returned by ab: +The following list describes the values returned by \fBab\fR: .TP @@ -198,10 +198,10 @@ This is the number of requests per second\&. This value is the result of dividing the number of requests by the total time taken .TP Time per request -The average time spent per request\&. The first value is calculated with the formula concurrency * timetaken * 1000 / done while the second value is calculated with the formula timetaken * 1000 / done +The average time spent per request\&. The first value is calculated with the formula \fBconcurrency * timetaken * 1000 / done\fR while the second value is calculated with the formula \fBtimetaken * 1000 / done\fR .TP Transfer rate -The rate of transfer as calculated by the formula totalread / 1024 / timetaken +The rate of transfer as calculated by the formula \fBtotalread / 1024 / timetaken\fR .SH "BUGS" @@ -209,5 +209,5 @@ There are various statically declared buffers of fixed length\&. Combined with the lazy parsing of the command line arguments, the response headers from the server and other external inputs, this might bite you\&. .PP -It does not implement HTTP/1\&.x fully; only accepts some 'expected' forms of responses\&. The rather heavy use of strstr(3) shows up top in profile, which might indicate a performance problem; \fIi\&.e\&.\fR, you would measure the ab performance rather than the server's\&. +It does not implement HTTP/1\&.x fully; only accepts some 'expected' forms of responses\&. The rather heavy use of \fBstrstr(3)\fR shows up top in profile, which might indicate a performance problem; \fIi\&.e\&.\fR, you would measure the \fBab\fR performance rather than the server's\&. diff -Nru apache2-2.4.33/docs/man/apachectl.8 apache2-2.4.34/docs/man/apachectl.8 --- apache2-2.4.33/docs/man/apachectl.8 2005-08-26 16:14:46.000000000 +0000 +++ apache2-2.4.34/docs/man/apachectl.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "APACHECTL" 8 "2005-08-26" "Apache HTTP Server" "apachectl" +.TH "APACHECTL" 8 "2018-07-06" "Apache HTTP Server" "apachectl" .SH NAME apachectl \- Apache HTTP Server Control Interface @@ -27,31 +27,31 @@ .SH "SYNOPSIS" .PP -When acting in pass-through mode, apachectl can take all the arguments available for the httpd binary\&. +When acting in pass-through mode, \fBapachectl\fR can take all the arguments available for the httpd binary\&. .PP -\fBapachectl\fR [ \fIhttpd-argument\fR ] +\fB\fBapachectl\fR [ \fIhttpd-argument\fR ]\fR .PP -When acting in SysV init mode, apachectl takes simple, one-word commands, defined below\&. +When acting in SysV init mode, \fBapachectl\fR takes simple, one-word commands, defined below\&. .PP -\fBapachectl\fR \fIcommand\fR +\fB\fBapachectl\fR \fIcommand\fR\fR .SH "SUMMARY" .PP -apachectl is a front end to the Apache HyperText Transfer Protocol (HTTP) server\&. It is designed to help the administrator control the functioning of the Apache httpd daemon\&. +\fBapachectl\fR is a front end to the Apache HyperText Transfer Protocol (HTTP) server\&. It is designed to help the administrator control the functioning of the Apache httpd daemon\&. .PP -The apachectl script can operate in two modes\&. First, it can act as a simple front-end to the httpd command that simply sets any necessary environment variables and then invokes httpd, passing through any command line arguments\&. Second, apachectl can act as a SysV init script, taking simple one-word arguments like start, restart, and stop, and translating them into appropriate signals to httpd\&. +The \fBapachectl\fR script can operate in two modes\&. First, it can act as a simple front-end to the httpd command that simply sets any necessary environment variables and then invokes httpd, passing through any command line arguments\&. Second, \fBapachectl\fR can act as a SysV init script, taking simple one-word arguments like \fBstart\fR, \fBrestart\fR, and \fBstop\fR, and translating them into appropriate signals to httpd\&. .PP -If your Apache installation uses non-standard paths, you will need to edit the apachectl script to set the appropriate paths to the httpd binary\&. You can also specify any necessary httpd command line arguments\&. See the comments in the script for details\&. +If your Apache installation uses non-standard paths, you will need to edit the \fBapachectl\fR script to set the appropriate paths to the httpd binary\&. You can also specify any necessary httpd command line arguments\&. See the comments in the script for details\&. .PP -The apachectl script returns a 0 exit value on success, and >0 if an error occurs\&. For more details, view the comments in the script\&. +The \fBapachectl\fR script returns a 0 exit value on success, and >0 if an error occurs\&. For more details, view the comments in the script\&. .SH "OPTIONS" @@ -61,35 +61,35 @@ .TP -start -Start the Apache httpd daemon\&. Gives an error if it is already running\&. This is equivalent to apachectl -k start\&. +\fBstart\fR +Start the Apache httpd daemon\&. Gives an error if it is already running\&. This is equivalent to \fBapachectl -k start\fR\&. .TP -stop -Stops the Apache httpd daemon\&. This is equivalent to apachectl -k stop\&. +\fBstop\fR +Stops the Apache httpd daemon\&. This is equivalent to \fBapachectl -k stop\fR\&. .TP -restart -Restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This command automatically checks the configuration files as in configtest before initiating the restart to make sure the daemon doesn't die\&. This is equivalent to apachectl -k restart\&. +\fBrestart\fR +Restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This command automatically checks the configuration files as in \fBconfigtest\fR before initiating the restart to make sure the daemon doesn't die\&. This is equivalent to \fBapachectl -k restart\fR\&. .TP -fullstatus -Displays a full status report from mod_status\&. For this to work, you need to have mod_status enabled on your server and a text-based browser such as lynx available on your system\&. The URL used to access the status report can be set by editing the STATUSURL variable in the script\&. +\fBfullstatus\fR +Displays a full status report from mod_status\&. For this to work, you need to have mod_status enabled on your server and a text-based browser such as \fBlynx\fR available on your system\&. The URL used to access the status report can be set by editing the \fBSTATUSURL\fR variable in the script\&. .TP -status -Displays a brief status report\&. Similar to the fullstatus option, except that the list of requests currently being served is omitted\&. +\fBstatus\fR +Displays a brief status report\&. Similar to the \fBfullstatus\fR option, except that the list of requests currently being served is omitted\&. .TP -graceful -Gracefully restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This differs from a normal restart in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This means that if used in a log rotation script, a substantial delay may be necessary to ensure that the old log files are closed before processing them\&. This command automatically checks the configuration files as in configtest before initiating the restart to make sure Apache doesn't die\&. This is equivalent to apachectl -k graceful\&. +\fBgraceful\fR +Gracefully restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This differs from a normal restart in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This means that if used in a log rotation script, a substantial delay may be necessary to ensure that the old log files are closed before processing them\&. This command automatically checks the configuration files as in \fBconfigtest\fR before initiating the restart to make sure Apache doesn't die\&. This is equivalent to \fBapachectl -k graceful\fR\&. .TP -graceful-stop -Gracefully stops the Apache httpd daemon\&. This differs from a normal stop in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This is equivalent to apachectl -k graceful-stop\&. +\fBgraceful-stop\fR +Gracefully stops the Apache httpd daemon\&. This differs from a normal stop in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This is equivalent to \fBapachectl -k graceful-stop\fR\&. .TP -configtest -Run a configuration file syntax test\&. It parses the configuration files and either reports Syntax Ok or detailed information about the particular syntax error\&. This is equivalent to apachectl -t\&. +\fBconfigtest\fR +Run a configuration file syntax test\&. It parses the configuration files and either reports \fBSyntax Ok\fR or detailed information about the particular syntax error\&. This is equivalent to \fBapachectl -t\fR\&. .PP The following option was available in earlier versions but has been removed\&. .TP -startssl -To start httpd with SSL support, you should edit your configuration file to include the relevant directives and then use the normal apachectl start\&. +\fBstartssl\fR +To start httpd with SSL support, you should edit your configuration file to include the relevant directives and then use the normal \fBapachectl start\fR\&. diff -Nru apache2-2.4.33/docs/man/apxs.1 apache2-2.4.34/docs/man/apxs.1 --- apache2-2.4.33/docs/man/apxs.1 2013-06-20 12:31:24.000000000 +0000 +++ apache2-2.4.34/docs/man/apxs.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "APXS" 1 "2013-06-20" "Apache HTTP Server" "apxs" +.TH "APXS" 1 "2018-07-06" "Apache HTTP Server" "apxs" .SH NAME apxs \- APache eXtenSion tool @@ -27,28 +27,28 @@ .SH "SYNOPSIS" .PP -\fBapxs\fR -\fBg\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] -\fBn\fR \fImodname\fR +\fB\fBapxs\fR -\fBg\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] -\fBn\fR \fImodname\fR\fR .PP -\fBapxs\fR -\fBq\fR [ -\fBv\fR ] [ -\fBS\fR \fIname\fR=\fIvalue\fR ] \fIquery\fR \&.\&.\&. +\fB\fBapxs\fR -\fBq\fR [ -\fBv\fR ] [ -\fBS\fR \fIname\fR=\fIvalue\fR ] \fIquery\fR \&.\&.\&.\fR .PP -\fBapxs\fR -\fBc\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBo\fR \fIdsofile\fR ] [ -\fBI\fR \fIincdir\fR ] [ -\fBD\fR \fIname\fR=\fIvalue\fR ] [ -\fBL\fR \fIlibdir\fR ] [ -\fBl\fR \fIlibname\fR ] [ -\fBWc,\fR\fIcompiler-flags\fR ] [ -\fBWl,\fR\fIlinker-flags\fR ] \fIfiles\fR \&.\&.\&. +\fB\fBapxs\fR -\fBc\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBo\fR \fIdsofile\fR ] [ -\fBI\fR \fIincdir\fR ] [ -\fBD\fR \fIname\fR=\fIvalue\fR ] [ -\fBL\fR \fIlibdir\fR ] [ -\fBl\fR \fIlibname\fR ] [ -\fBWc,\fR\fIcompiler-flags\fR ] [ -\fBWl,\fR\fIlinker-flags\fR ] \fIfiles\fR \&.\&.\&.\fR .PP -\fBapxs\fR -\fBi\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBn\fR \fImodname\fR ] [ -\fBa\fR ] [ -\fBA\fR ] \fIdso-file\fR \&.\&.\&. +\fB\fBapxs\fR -\fBi\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBn\fR \fImodname\fR ] [ -\fBa\fR ] [ -\fBA\fR ] \fIdso-file\fR \&.\&.\&.\fR .PP -\fBapxs\fR -\fBe\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBn\fR \fImodname\fR ] [ -\fBa\fR ] [ -\fBA\fR ] \fIdso-file\fR \&.\&.\&. +\fB\fBapxs\fR -\fBe\fR [ -\fBS\fR \fIname\fR=\fIvalue\fR ] [ -\fBn\fR \fImodname\fR ] [ -\fBa\fR ] [ -\fBA\fR ] \fIdso-file\fR \&.\&.\&.\fR .SH "SUMMARY" .PP -apxs is a tool for building and installing extension modules for the Apache HyperText Transfer Protocol (HTTP) server\&. This is achieved by building a dynamic shared object (DSO) from one or more source or object \fIfiles\fR which then can be loaded into the Apache server under runtime via the LoadModule directive from mod_so\&. +\fBapxs\fR is a tool for building and installing extension modules for the Apache HyperText Transfer Protocol (HTTP) server\&. This is achieved by building a dynamic shared object (DSO) from one or more source or object \fIfiles\fR which then can be loaded into the Apache server under runtime via the LoadModule directive from mod_so\&. .PP -So to use this extension mechanism your platform has to support the DSO feature and your Apache httpd binary has to be built with the mod_so module\&. The apxs tool automatically complains if this is not the case\&. You can check this yourself by manually running the command +So to use this extension mechanism your platform has to support the DSO feature and your Apache httpd binary has to be built with the mod_so module\&. The \fBapxs\fR tool automatically complains if this is not the case\&. You can check this yourself by manually running the command .nf @@ -57,7 +57,7 @@ .fi .PP -The module mod_so should be part of the displayed list\&. If these requirements are fulfilled you can easily extend your Apache server's functionality by installing your own modules with the DSO mechanism by the help of this apxs tool: +The module mod_so should be part of the displayed list\&. If these requirements are fulfilled you can easily extend your Apache server's functionality by installing your own modules with the DSO mechanism by the help of this \fBapxs\fR tool: .nf @@ -76,10 +76,10 @@ .fi .PP -The arguments \fIfiles\fR can be any C source file (\&.c), a object file (\&.o) or even a library archive (\&.a)\&. The apxs tool automatically recognizes these extensions and automatically used the C source files for compilation while just using the object and archive files for the linking phase\&. But when using such pre-compiled objects make sure they are compiled for position independent code (PIC) to be able to use them for a dynamically loaded shared object\&. For instance with GCC you always just have to use -fpic\&. For other C compilers consult its manual page or at watch for the flags apxs uses to compile the object files\&. +The arguments \fIfiles\fR can be any C source file (\&.c), a object file (\&.o) or even a library archive (\&.a)\&. The \fBapxs\fR tool automatically recognizes these extensions and automatically used the C source files for compilation while just using the object and archive files for the linking phase\&. But when using such pre-compiled objects make sure they are compiled for position independent code (PIC) to be able to use them for a dynamically loaded shared object\&. For instance with GCC you always just have to use \fB-fpic\fR\&. For other C compilers consult its manual page or at watch for the flags \fBapxs\fR uses to compile the object files\&. .PP -For more details about DSO support in Apache read the documentation of mod_so or perhaps even read the src/modules/standard/mod_so\&.c source file\&. +For more details about DSO support in Apache read the documentation of mod_so or perhaps even read the \fBsrc/modules/standard/mod_so\&.c\fR source file\&. .SH "OPTIONS" @@ -88,81 +88,81 @@ .TP --n \fImodname\fR -This explicitly sets the module name for the -i (install) and -g (template generation) option\&. Use this to explicitly specify the module name\&. For option -g this is required, for option -i the apxs tool tries to determine the name from the source or (as a fallback) at least by guessing it from the filename\&. +\fB-n \fImodname\fR\fR +This explicitly sets the module name for the \fB-i\fR (install) and \fB-g\fR (template generation) option\&. Use this to explicitly specify the module name\&. For option \fB-g\fR this is required, for option \fB-i\fR the \fBapxs\fR tool tries to determine the name from the source or (as a fallback) at least by guessing it from the filename\&. .SS "Query Options" .TP --q -Performs a query for variables and environment settings used to build httpd\&. When invoked without \fIquery\fR parameters, it prints all known variables and their values\&. The optional -v parameter formats the list output\&. .PP Use this to manually determine settings used to build the httpd that will load your module\&. For instance use INC=-I`apxs -q INCLUDEDIR` .PP inside your own Makefiles if you need manual access to Apache's C header files\&. +\fB-q\fR +Performs a query for variables and environment settings used to build \fBhttpd\fR\&. When invoked without \fIquery\fR parameters, it prints all known variables and their values\&. The optional \fB-v\fR parameter formats the list output\&. .PP Use this to manually determine settings used to build the \fBhttpd\fR that will load your module\&. For instance use INC=-I`apxs -q INCLUDEDIR` .PP inside your own Makefiles if you need manual access to Apache's C header files\&. .SS "Configuration Options" .TP --S \fIname\fR=\fIvalue\fR +\fB-S \fIname\fR=\fIvalue\fR\fR This option changes the apxs settings described above\&. .SS "Template Generation Options" .TP --g -This generates a subdirectory \fIname\fR (see option -n) and there two files: A sample module source file named mod_\fIname\fR\&.c which can be used as a template for creating your own modules or as a quick start for playing with the apxs mechanism\&. And a corresponding Makefile for even easier build and installing of this module\&. +\fB-g\fR +This generates a subdirectory \fIname\fR (see option \fB-n\fR) and there two files: A sample module source file named \fBmod_\fIname\fR\&.c\fR which can be used as a template for creating your own modules or as a quick start for playing with the apxs mechanism\&. And a corresponding \fBMakefile\fR for even easier build and installing of this module\&. .SS "DSO Compilation Options" .TP --c -This indicates the compilation operation\&. It first compiles the C source files (\&.c) of \fIfiles\fR into corresponding object files (\&.o) and then builds a dynamically shared object in \fIdsofile\fR by linking these object files plus the remaining object files (\&.o and \&.a) of \fIfiles\fR\&. If no -o option is specified the output file is guessed from the first filename in \fIfiles\fR and thus usually defaults to mod_\fIname\fR\&.so\&. +\fB-c\fR +This indicates the compilation operation\&. It first compiles the C source files (\&.c) of \fIfiles\fR into corresponding object files (\&.o) and then builds a dynamically shared object in \fIdsofile\fR by linking these object files plus the remaining object files (\&.o and \&.a) of \fIfiles\fR\&. If no \fB-o\fR option is specified the output file is guessed from the first filename in \fIfiles\fR and thus usually defaults to \fBmod_\fIname\fR\&.so\fR\&. .TP --o \fIdsofile\fR -Explicitly specifies the filename of the created dynamically shared object\&. If not specified and the name cannot be guessed from the \fIfiles\fR list, the fallback name mod_unknown\&.so is used\&. +\fB-o \fIdsofile\fR\fR +Explicitly specifies the filename of the created dynamically shared object\&. If not specified and the name cannot be guessed from the \fIfiles\fR list, the fallback name \fBmod_unknown\&.so\fR is used\&. .TP --D \fIname\fR=\fIvalue\fR +\fB-D \fIname\fR=\fIvalue\fR\fR This option is directly passed through to the compilation command(s)\&. Use this to add your own defines to the build process\&. .TP --I \fIincdir\fR +\fB-I \fIincdir\fR\fR This option is directly passed through to the compilation command(s)\&. Use this to add your own include directories to search to the build process\&. .TP --L \fIlibdir\fR +\fB-L \fIlibdir\fR\fR This option is directly passed through to the linker command\&. Use this to add your own library directories to search to the build process\&. .TP --l \fIlibname\fR +\fB-l \fIlibname\fR\fR This option is directly passed through to the linker command\&. Use this to add your own libraries to search to the build process\&. .TP --Wc,\fIcompiler-flags\fR -This option passes \fIcompiler-flags\fR as additional flags to the libtool --mode=compile command\&. Use this to add local compiler-specific options\&. +\fB-Wc,\fIcompiler-flags\fR\fR +This option passes \fIcompiler-flags\fR as additional flags to the \fBlibtool --mode=compile\fR command\&. Use this to add local compiler-specific options\&. .TP --Wl,\fIlinker-flags\fR -This option passes \fIlinker-flags\fR as additional flags to the libtool --mode=link command\&. Use this to add local linker-specific options\&. +\fB-Wl,\fIlinker-flags\fR\fR +This option passes \fIlinker-flags\fR as additional flags to the \fBlibtool --mode=link\fR command\&. Use this to add local linker-specific options\&. .TP --p +\fB-p\fR This option causes apxs to link against the apr/apr-util libraries\&. This is useful when compiling helper programs that use the apr/apr-util libraries\&. .SS "DSO Installation and Configuration Options" .TP --i +\fB-i\fR This indicates the installation operation and installs one or more dynamically shared objects into the server's \fImodules\fR directory\&. .TP --a -This activates the module by automatically adding a corresponding LoadModule line to Apache's httpd\&.conf configuration file, or by enabling it if it already exists\&. +\fB-a\fR +This activates the module by automatically adding a corresponding LoadModule line to Apache's \fBhttpd\&.conf\fR configuration file, or by enabling it if it already exists\&. .TP --A -Same as option -a but the created LoadModule directive is prefixed with a hash sign (#), \fIi\&.e\&.\fR, the module is just prepared for later activation but initially disabled\&. +\fB-A\fR +Same as option \fB-a\fR but the created LoadModule directive is prefixed with a hash sign (\fB#\fR), \fIi\&.e\&.\fR, the module is just prepared for later activation but initially disabled\&. .TP --e -This indicates the editing operation, which can be used with the -a and -A options similarly to the -i operation to edit Apache's httpd\&.conf configuration file without attempting to install the module\&. +\fB-e\fR +This indicates the editing operation, which can be used with the \fB-a\fR and \fB-A\fR options similarly to the \fB-i\fR operation to edit Apache's \fBhttpd\&.conf\fR configuration file without attempting to install the module\&. .SH "EXAMPLES" .PP -Assume you have an Apache module named mod_foo\&.c available which should extend Apache's server functionality\&. To accomplish this you first have to compile the C source into a shared object suitable for loading into the Apache server under runtime via the following command: +Assume you have an Apache module named \fBmod_foo\&.c\fR available which should extend Apache's server functionality\&. To accomplish this you first have to compile the C source into a shared object suitable for loading into the Apache server under runtime via the following command: .nf @@ -174,7 +174,7 @@ .fi .PP -Then you have to update the Apache configuration by making sure a LoadModule directive is present to load this shared object\&. To simplify this step apxs provides an automatic way to install the shared object in its "modules" directory and updating the httpd\&.conf file accordingly\&. This can be achieved by running: +Then you have to update the Apache configuration by making sure a LoadModule directive is present to load this shared object\&. To simplify this step \fBapxs\fR provides an automatic way to install the shared object in its "modules" directory and updating the \fBhttpd\&.conf\fR file accordingly\&. This can be achieved by running: .nf @@ -198,7 +198,7 @@ .fi .PP -is added to the configuration file if still not present\&. If you want to have this disabled per default use the -A option, \fIi\&.e\&.\fR +is added to the configuration file if still not present\&. If you want to have this disabled per default use the \fB-A\fR option, \fIi\&.e\&.\fR .nf diff -Nru apache2-2.4.33/docs/man/dbmmanage.1 apache2-2.4.34/docs/man/dbmmanage.1 --- apache2-2.4.33/docs/man/dbmmanage.1 2012-12-12 16:32:22.000000000 +0000 +++ apache2-2.4.34/docs/man/dbmmanage.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "DBMMANAGE" 1 "2012-12-12" "Apache HTTP Server" "dbmmanage" +.TH "DBMMANAGE" 1 "2018-07-06" "Apache HTTP Server" "dbmmanage" .SH NAME dbmmanage \- Manage user authentication files in DBM format @@ -27,19 +27,19 @@ .SH "SYNOPSIS" .PP -\fBdbmmanage\fR [ \fIencoding\fR ] \fIfilename\fR add|adduser|check|delete|update \fIusername\fR [ \fIencpasswd\fR [ \fIgroup\fR[,\fIgroup\fR\&.\&.\&.] [ \fIcomment\fR ] ] ] +\fB\fBdbmmanage\fR [ \fIencoding\fR ] \fIfilename\fR add|adduser|check|delete|update \fIusername\fR [ \fIencpasswd\fR [ \fIgroup\fR[,\fIgroup\fR\&.\&.\&.] [ \fIcomment\fR ] ] ]\fR .PP -\fBdbmmanage\fR \fIfilename\fR view [ \fIusername\fR ] +\fB\fBdbmmanage\fR \fIfilename\fR view [ \fIusername\fR ]\fR .PP -\fBdbmmanage\fR \fIfilename\fR import +\fB\fBdbmmanage\fR \fIfilename\fR import\fR .SH "SUMMARY" .PP -dbmmanage is used to create and update the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by dbmmanage\&. This program can only be used when the usernames are stored in a DBM file\&. To use a flat-file database see htpasswd\&. +\fBdbmmanage\fR is used to create and update the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBdbmmanage\fR\&. This program can only be used when the usernames are stored in a DBM file\&. To use a flat-file database see htpasswd\&. .PP Another tool to maintain a DBM password database is htdbm\&. @@ -52,70 +52,70 @@ .TP -\fIfilename\fR -The filename of the DBM format file\&. Usually without the extension \&.db, \&.pag, or \&.dir\&. +\fB\fIfilename\fR\fR +The filename of the DBM format file\&. Usually without the extension \fB\&.db\fR, \fB\&.pag\fR, or \fB\&.dir\fR\&. .TP -\fIusername\fR -The user for which the operations are performed\&. The \fIusername\fR may not contain a colon (:)\&. +\fB\fIusername\fR\fR +The user for which the operations are performed\&. The \fIusername\fR may not contain a colon (\fB:\fR)\&. .TP -\fIencpasswd\fR -This is the already encrypted password to use for the update and add commands\&. You may use a hyphen (-) if you want to get prompted for the password, but fill in the fields afterwards\&. Additionally when using the update command, a period (\&.) keeps the original password untouched\&. +\fB\fIencpasswd\fR\fR +This is the already encrypted password to use for the \fBupdate\fR and \fBadd\fR commands\&. You may use a hyphen (\fB-\fR) if you want to get prompted for the password, but fill in the fields afterwards\&. Additionally when using the \fBupdate\fR command, a period (\fB\&.\fR) keeps the original password untouched\&. .TP -\fIgroup\fR -A group, which the user is member of\&. A groupname may not contain a colon (:)\&. You may use a hyphen (-) if you don't want to assign the user to a group, but fill in the comment field\&. Additionally when using the update command, a period (\&.) keeps the original groups untouched\&. +\fB\fIgroup\fR\fR +A group, which the user is member of\&. A groupname may not contain a colon (\fB:\fR)\&. You may use a hyphen (\fB-\fR) if you don't want to assign the user to a group, but fill in the comment field\&. Additionally when using the \fBupdate\fR command, a period (\fB\&.\fR) keeps the original groups untouched\&. .TP -\fIcomment\fR +\fB\fIcomment\fR\fR This is the place for your opaque comments about the user, like realname, mailaddress or such things\&. The server will ignore this field\&. .SS "Encodings" .TP --d +\fB-d\fR crypt encryption (default, except on Win32, Netware) .TP --m +\fB-m\fR MD5 encryption (default on Win32, Netware) .TP --s +\fB-s\fR SHA1 encryption .TP --p +\fB-p\fR plaintext (\fInot recommended\fR) .SS "Commands" .TP -add +\fBadd\fR Adds an entry for \fIusername\fR to \fIfilename\fR using the encrypted password \fIencpasswd\fR\&. dbmmanage passwords\&.dat add rbowen foKntnEF3KSXA .TP -adduser +\fBadduser\fR Asks for a password and then adds an entry for \fIusername\fR to \fIfilename\fR\&. dbmmanage passwords\&.dat adduser krietz .TP -check +\fBcheck\fR Asks for a password and then checks if \fIusername\fR is in \fIfilename\fR and if it's password matches the specified one\&. dbmmanage passwords\&.dat check rbowen .TP -delete +\fBdelete\fR Deletes the \fIusername\fR entry from \fIfilename\fR\&. dbmmanage passwords\&.dat delete rbowen .TP -import -Reads \fIusername\fR:\fIpassword\fR entries (one per line) from STDIN and adds them to \fIfilename\fR\&. The passwords already have to be crypted\&. +\fBimport\fR +Reads \fB\fIusername\fR:\fIpassword\fR\fR entries (one per line) from \fBSTDIN\fR and adds them to \fIfilename\fR\&. The passwords already have to be crypted\&. .TP -update -Same as the adduser command, except that it makes sure \fIusername\fR already exists in \fIfilename\fR\&. dbmmanage passwords\&.dat update rbowen +\fBupdate\fR +Same as the \fBadduser\fR command, except that it makes sure \fIusername\fR already exists in \fIfilename\fR\&. dbmmanage passwords\&.dat update rbowen .TP -view +\fBview\fR Just displays the contents of the DBM file\&. If you specify a \fIusername\fR, it displays the particular record only\&. dbmmanage passwords\&.dat view .SH "BUGS" .PP -One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, the GNU project's GDBM, and Berkeley DB 2\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that dbmmanage expects to see\&. dbmmanage currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. +One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, the GNU project's GDBM, and Berkeley DB 2\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that \fBdbmmanage\fR expects to see\&. \fBdbmmanage\fR currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. .PP -dbmmanage has a list of DBM format preferences, defined by the @AnyDBM::ISA array near the beginning of the program\&. Since we prefer the Berkeley DB 2 file format, the order in which dbmmanage will look for system libraries is Berkeley DB 2, then NDBM, then GDBM and then SDBM\&. The first library found will be the library dbmmanage will attempt to use for all DBM file transactions\&. This ordering is slightly different than the standard @AnyDBM::ISA ordering in Perl, as well as the ordering used by the simple dbmopen() call in Perl, so if you use any other utilities to manage your DBM files, they must also follow this preference ordering\&. Similar care must be taken if using programs in other languages, like C, to access these files\&. +\fBdbmmanage\fR has a list of DBM format preferences, defined by the \fB@AnyDBM::ISA\fR array near the beginning of the program\&. Since we prefer the Berkeley DB 2 file format, the order in which \fBdbmmanage\fR will look for system libraries is Berkeley DB 2, then NDBM, then GDBM and then SDBM\&. The first library found will be the library \fBdbmmanage\fR will attempt to use for all DBM file transactions\&. This ordering is slightly different than the standard \fB@AnyDBM::ISA\fR ordering in Perl, as well as the ordering used by the simple \fBdbmopen()\fR call in Perl, so if you use any other utilities to manage your DBM files, they must also follow this preference ordering\&. Similar care must be taken if using programs in other languages, like C, to access these files\&. .PP -One can usually use the file program supplied with most Unix systems to see what format a DBM file is in\&. +One can usually use the \fBfile\fR program supplied with most Unix systems to see what format a DBM file is in\&. diff -Nru apache2-2.4.33/docs/man/fcgistarter.8 apache2-2.4.34/docs/man/fcgistarter.8 --- apache2-2.4.33/docs/man/fcgistarter.8 2013-04-18 16:17:19.000000000 +0000 +++ apache2-2.4.34/docs/man/fcgistarter.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "FCGISTARTER" 8 "2013-04-18" "Apache HTTP Server" "fcgistarter" +.TH "FCGISTARTER" 8 "2018-07-06" "Apache HTTP Server" "fcgistarter" .SH NAME fcgistarter \- Start a FastCGI program @@ -27,7 +27,7 @@ .SH "SYNOPSIS" .PP -\fBfcgistarter\fR -\fBc\fR \fIcommand\fR -\fBp\fR \fIport\fR [ -\fBi\fR \fIinterface\fR ] -\fBN\fR \fInum\fR +\fB\fBfcgistarter\fR -\fBc\fR \fIcommand\fR -\fBp\fR \fIport\fR [ -\fBi\fR \fIinterface\fR ] -\fBN\fR \fInum\fR \fR .SH "SUMMARY" @@ -45,15 +45,15 @@ .TP --c \fIcommand\fR +\fB-c \fIcommand\fR\fR FastCGI program .TP --p \fIport\fR +\fB-p \fIport\fR\fR Port which the program will listen on .TP --i \fIinterface\fR +\fB-i \fIinterface\fR\fR Interface which the program will listen on .TP --N \fInum\fR +\fB-N \fInum\fR\fR Number of instances of the program diff -Nru apache2-2.4.33/docs/man/htcacheclean.8 apache2-2.4.34/docs/man/htcacheclean.8 --- apache2-2.4.33/docs/man/htcacheclean.8 2010-11-20 15:48:51.000000000 +0000 +++ apache2-2.4.34/docs/man/htcacheclean.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTCACHECLEAN" 8 "2010-11-20" "Apache HTTP Server" "htcacheclean" +.TH "HTCACHECLEAN" 8 "2018-07-06" "Apache HTTP Server" "htcacheclean" .SH NAME htcacheclean \- Clean up the disk cache @@ -27,74 +27,74 @@ .SH "SYNOPSIS" .PP -\fBhtcacheclean\fR [ -\fBD\fR ] [ -\fBv\fR ] [ -\fBt\fR ] [ -\fBr\fR ] [ -\fBn\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR [-\fBl\fR\fIlimit\fR| -\fBL\fR\fIlimit\fR] +\fB\fBhtcacheclean\fR [ -\fBD\fR ] [ -\fBv\fR ] [ -\fBt\fR ] [ -\fBr\fR ] [ -\fBn\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR [-\fBl\fR\fIlimit\fR| -\fBL\fR\fIlimit\fR]\fR .PP -\fBhtcacheclean\fR [ -\fBn\fR ] [ -\fBt\fR ] [ -\fBi\fR ] [ -\fBP\fR\fIpidfile\fR ] [ -\fBR\fR\fIround\fR ] -\fBd\fR\fIinterval\fR -\fBp\fR\fIpath\fR [-\fBl\fR\fIlimit\fR| -\fBL\fR\fIlimit\fR] +\fB\fBhtcacheclean\fR [ -\fBn\fR ] [ -\fBt\fR ] [ -\fBi\fR ] [ -\fBP\fR\fIpidfile\fR ] [ -\fBR\fR\fIround\fR ] -\fBd\fR\fIinterval\fR -\fBp\fR\fIpath\fR [-\fBl\fR\fIlimit\fR| -\fBL\fR\fIlimit\fR]\fR .PP -\fBhtcacheclean\fR [ -\fBv\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR [ -\fBa\fR ] [ -\fBA\fR ] +\fB\fBhtcacheclean\fR [ -\fBv\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR [ -\fBa\fR ] [ -\fBA\fR ]\fR .PP -\fBhtcacheclean\fR [ -\fBD\fR ] [ -\fBv\fR ] [ -\fBt\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR \fIurl\fR +\fB\fBhtcacheclean\fR [ -\fBD\fR ] [ -\fBv\fR ] [ -\fBt\fR ] [ -\fBR\fR\fIround\fR ] -\fBp\fR\fIpath\fR \fIurl\fR\fR .SH "SUMMARY" .PP -htcacheclean is used to keep the size of mod_cache_disk's storage within a given size limit, or limit on inodes in use\&. This tool can run either manually or in daemon mode\&. When running in daemon mode, it sleeps in the background and checks the cache directory at regular intervals for cached content to be removed\&. You can stop the daemon cleanly by sending it a TERM or INT signal\&. When run manually, a once off check of the cache directory is made for cached content to be removed\&. If one or more URLs are specified, each URL will be deleted from the cache, if present\&. +\fBhtcacheclean\fR is used to keep the size of mod_cache_disk's storage within a given size limit, or limit on inodes in use\&. This tool can run either manually or in daemon mode\&. When running in daemon mode, it sleeps in the background and checks the cache directory at regular intervals for cached content to be removed\&. You can stop the daemon cleanly by sending it a TERM or INT signal\&. When run manually, a once off check of the cache directory is made for cached content to be removed\&. If one or more URLs are specified, each URL will be deleted from the cache, if present\&. .SH "OPTIONS" .TP --d\fIinterval\fR -Daemonize and repeat cache cleaning every \fIinterval\fR minutes\&. This option is mutually exclusive with the -D, -v and -r options\&. To shutdown the daemon cleanly, just send it a SIGTERM or SIGINT\&. +\fB-d\fIinterval\fR\fR +Daemonize and repeat cache cleaning every \fIinterval\fR minutes\&. This option is mutually exclusive with the \fB-D\fR, \fB-v\fR and \fB-r\fR options\&. To shutdown the daemon cleanly, just send it a \fBSIGTERM\fR or \fBSIGINT\fR\&. .TP --D -Do a dry run and don't delete anything\&. This option is mutually exclusive with the -d option\&. When doing a dry run and deleting directories with -t, the inodes reported deleted in the stats cannot take into account the directories deleted, and will be marked as an estimate\&. +\fB-D\fR +Do a dry run and don't delete anything\&. This option is mutually exclusive with the \fB-d\fR option\&. When doing a dry run and deleting directories with \fB-t\fR, the inodes reported deleted in the stats cannot take into account the directories deleted, and will be marked as an estimate\&. .TP --v -Be verbose and print statistics\&. This option is mutually exclusive with the -d option\&. +\fB-v\fR +Be verbose and print statistics\&. This option is mutually exclusive with the \fB-d\fR option\&. .TP --r -Clean thoroughly\&. This assumes that the Apache web server is not running (otherwise you may get garbage in the cache)\&. This option is mutually exclusive with the -d option and implies the -t option\&. +\fB-r\fR +Clean thoroughly\&. This assumes that the Apache web server is not running (otherwise you may get garbage in the cache)\&. This option is mutually exclusive with the \fB-d\fR option and implies the \fB-t\fR option\&. .TP --n -Be nice\&. This causes slower processing in favour of other processes\&. htcacheclean will sleep from time to time so that (a) the disk IO will be delayed and (b) the kernel can schedule other processes in the meantime\&. +\fB-n\fR +Be nice\&. This causes slower processing in favour of other processes\&. \fBhtcacheclean\fR will sleep from time to time so that (a) the disk IO will be delayed and (b) the kernel can schedule other processes in the meantime\&. .TP --t +\fB-t\fR Delete all empty directories\&. By default only cache files are removed, however with some configurations the large number of directories created may require attention\&. If your configuration requires a very large number of directories, to the point that inode or file allocation table exhaustion may become an issue, use of this option is advised\&. .TP --p\fIpath\fR +\fB-p\fIpath\fR\fR Specify \fIpath\fR as the root directory of the disk cache\&. This should be the same value as specified with the CacheRoot directive\&. .TP --P\fIpidfile\fR +\fB-P\fIpidfile\fR\fR Specify \fIpidfile\fR as the name of the file to write the process ID to when daemonized\&. .TP --R\fIround\fR +\fB-R\fIround\fR\fR Specify \fIround\fR as the amount to round sizes up to, to compensate for disk block sizes\&. Set to the block size of the cache partition\&. .TP --l\fIlimit\fR -Specify \fIlimit\fR as the total disk cache size limit\&. The value is expressed in bytes by default (or attaching B to the number)\&. Attach K for Kbytes or M for MBytes\&. +\fB-l\fIlimit\fR\fR +Specify \fIlimit\fR as the total disk cache size limit\&. The value is expressed in bytes by default (or attaching \fBB\fR to the number)\&. Attach \fBK\fR for Kbytes or \fBM\fR for MBytes\&. .TP --L\fIlimit\fR +\fB-L\fIlimit\fR\fR Specify \fIlimit\fR as the total disk cache inode limit\&. .TP --i -Be intelligent and run only when there was a modification of the disk cache\&. This option is only possible together with the -d option\&. +\fB-i\fR +Be intelligent and run only when there was a modification of the disk cache\&. This option is only possible together with the \fB-d\fR option\&. .TP --a +\fB-a\fR List the URLs currently stored in the cache\&. Variants of the same URL will be listed once for each variant\&. .TP --A +\fB-A\fR List the URLs currently stored in the cache, along with their attributes in the following order: url, header size, body size, status, entity version, date, expiry, request time, response time, body present, head request\&. .SH "DELETING A SPECIFIC URL" .PP -If htcacheclean is passed one or more URLs, each URL will be deleted from the cache\&. If multiple variants of an URL exists, all variants would be deleted\&. +If \fBhtcacheclean\fR is passed one or more URLs, each URL will be deleted from the cache\&. If multiple variants of an URL exists, all variants would be deleted\&. .PP When a reverse proxied URL is to be deleted, the effective URL is constructed from the \fBHost\fR header, the \fBport\fR, the \fBpath\fR and the \fBquery\fR\&. Note the '?' in the URL must always be specified explicitly, whether a query string is present or not\&. For example, an attempt to delete the path \fB/\fR from the server \fBlocalhost\fR, the URL to delete would be \fBhttp://localhost:80/?\fR\&. @@ -102,7 +102,7 @@ .SH "LISTING URLS IN THE CACHE" .PP -By passing the -a or -A options to htcacheclean, the URLs within the cache will be listed as they are found, one URL per line\&. The -A option dumps the full cache entry after the URL, with fields in the following order: +By passing the \fB-a\fR or \fB-A\fR options to \fBhtcacheclean\fR, the URLs within the cache will be listed as they are found, one URL per line\&. The \fB-A\fR option dumps the full cache entry after the URL, with fields in the following order: .TP @@ -142,5 +142,5 @@ .SH "EXIT STATUS" .PP -htcacheclean returns a zero status ("true") if all operations were successful, 1 otherwise\&. If an URL is specified, and the URL was cached and successfully removed, 0 is returned, 2 otherwise\&. If an error occurred during URL removal, 1 is returned\&. +\fBhtcacheclean\fR returns a zero status ("true") if all operations were successful, \fB1\fR otherwise\&. If an URL is specified, and the URL was cached and successfully removed, \fB0\fR is returned, \fB2\fR otherwise\&. If an error occurred during URL removal, \fB1\fR is returned\&. diff -Nru apache2-2.4.33/docs/man/htdbm.1 apache2-2.4.34/docs/man/htdbm.1 --- apache2-2.4.33/docs/man/htdbm.1 2012-12-12 16:32:22.000000000 +0000 +++ apache2-2.4.34/docs/man/htdbm.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTDBM" 1 "2012-12-12" "Apache HTTP Server" "htdbm" +.TH "HTDBM" 1 "2018-07-06" "Apache HTTP Server" "htdbm" .SH NAME htdbm \- Manipulate DBM password databases @@ -27,106 +27,106 @@ .SH "SYNOPSIS" .PP -\fBhtdbm\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR +\fB\fBhtdbm\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR\fR .PP -\fBhtdbm\fR -\fBb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR \fIpassword\fR +\fB\fBhtdbm\fR -\fBb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR \fIpassword\fR\fR .PP -\fBhtdbm\fR -\fBn\fR [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR +\fB\fBhtdbm\fR -\fBn\fR [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR\fR .PP -\fBhtdbm\fR -\fBnb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR \fIpassword\fR +\fB\fBhtdbm\fR -\fBnb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIusername\fR \fIpassword\fR\fR .PP -\fBhtdbm\fR -\fBv\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR +\fB\fBhtdbm\fR -\fBv\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBi\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR\fR .PP -\fBhtdbm\fR -\fBvb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR \fIpassword\fR +\fB\fBhtdbm\fR -\fBvb\fR [ -\fBT\fR\fIDBTYPE\fR ] [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBt\fR ] [ -\fBv\fR ] \fIfilename\fR \fIusername\fR \fIpassword\fR\fR .PP -\fBhtdbm\fR -\fBx\fR [ -\fBT\fR\fIDBTYPE\fR ] \fIfilename\fR \fIusername\fR +\fB\fBhtdbm\fR -\fBx\fR [ -\fBT\fR\fIDBTYPE\fR ] \fIfilename\fR \fIusername\fR\fR .PP -\fBhtdbm\fR -\fBl\fR [ -\fBT\fR\fIDBTYPE\fR ] +\fB\fBhtdbm\fR -\fBl\fR [ -\fBT\fR\fIDBTYPE\fR ] \fR .SH "SUMMARY" .PP -htdbm is used to manipulate the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. See the dbmmanage documentation for more information about these DBM files\&. +\fBhtdbm\fR is used to manipulate the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. See the dbmmanage documentation for more information about these DBM files\&. .SH "OPTIONS" .TP --b -Use batch mode; \fIi\&.e\&.\fR, get the password from the command line rather than prompting for it\&. This option should be used with extreme care, since \fBthe password is clearly visible\fR on the command line\&. For script use see the -i option\&. +\fB-b\fR +Use batch mode; \fIi\&.e\&.\fR, get the password from the command line rather than prompting for it\&. This option should be used with extreme care, since \fBthe password is clearly visible\fR on the command line\&. For script use see the \fB-i\fR option\&. .TP --i +\fB-i\fR Read the password from stdin without verification (for script usage)\&. .TP --c -Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is rewritten and truncated\&. This option cannot be combined with the -n option\&. +\fB-c\fR +Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is rewritten and truncated\&. This option cannot be combined with the \fB-n\fR option\&. .TP --n -Display the results on standard output rather than updating a database\&. This option changes the syntax of the command line, since the \fIpasswdfile\fR argument (usually the first one) is omitted\&. It cannot be combined with the -c option\&. +\fB-n\fR +Display the results on standard output rather than updating a database\&. This option changes the syntax of the command line, since the \fIpasswdfile\fR argument (usually the first one) is omitted\&. It cannot be combined with the \fB-c\fR option\&. .TP --m +\fB-m\fR Use MD5 encryption for passwords\&. On Windows and Netware, this is the default\&. .TP --B +\fB-B\fR Use bcrypt encryption for passwords\&. This is currently considered to be very secure\&. .TP --C -This flag is only allowed in combination with -B (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&. +\fB-C\fR +This flag is only allowed in combination with \fB-B\fR (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&. .TP --d -Use crypt() encryption for passwords\&. The default on all platforms but Windows and Netware\&. Though possibly supported by htdbm on all platforms, it is not supported by the httpd server on Windows and Netware\&. This algorithm is \fBinsecure\fR by today's standards\&. +\fB-d\fR +Use \fBcrypt()\fR encryption for passwords\&. The default on all platforms but Windows and Netware\&. Though possibly supported by \fBhtdbm\fR on all platforms, it is not supported by the httpd server on Windows and Netware\&. This algorithm is \fBinsecure\fR by today's standards\&. .TP --s +\fB-s\fR Use SHA encryption for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&. .TP --p -Use plaintext passwords\&. Though htdbm will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. +\fB-p\fR +Use plaintext passwords\&. Though \fBhtdbm\fR will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. .TP --l +\fB-l\fR Print each of the usernames and comments from the database on stdout\&. .TP --v +\fB-v\fR Verify the username and password\&. The program will print a message indicating whether the supplied password is valid\&. If the password is invalid, the program exits with error code 3\&. .TP --x +\fB-x\fR Delete user\&. If the username exists in the specified DBM file, it will be deleted\&. .TP --t +\fB-t\fR Interpret the final parameter as a comment\&. When this option is specified, an additional string can be appended to the command line; this string will be stored in the "Comment" field of the database, associated with the specified username\&. .TP -\fIfilename\fR -The filename of the DBM format file\&. Usually without the extension \&.db, \&.pag, or \&.dir\&. If -c is given, the DBM file is created if it does not already exist, or updated if it does exist\&. +\fB\fIfilename\fR\fR +The filename of the DBM format file\&. Usually without the extension \fB\&.db\fR, \fB\&.pag\fR, or \fB\&.dir\fR\&. If \fB-c\fR is given, the DBM file is created if it does not already exist, or updated if it does exist\&. .TP -\fIusername\fR +\fB\fIusername\fR\fR The username to create or update in \fIpasswdfile\fR\&. If \fIusername\fR does not exist in this file, an entry is added\&. If it does exist, the password is changed\&. .TP -\fIpassword\fR -The plaintext password to be encrypted and stored in the DBM file\&. Used only with the -b flag\&. +\fB\fIpassword\fR\fR +The plaintext password to be encrypted and stored in the DBM file\&. Used only with the \fB-b\fR flag\&. .TP --T\fIDBTYPE\fR +\fB-T\fIDBTYPE\fR\fR Type of DBM file (SDBM, GDBM, DB, or "default")\&. .SH "BUGS" .PP -One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, GNU GDBM, and Berkeley/Sleepycat DB 2/3/4\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that htdbm expects to see\&. htdbm currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. +One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, GNU GDBM, and Berkeley/Sleepycat DB 2/3/4\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that \fBhtdbm\fR expects to see\&. \fBhtdbm\fR currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. .PP -One can usually use the file program supplied with most Unix systems to see what format a DBM file is in\&. +One can usually use the \fBfile\fR program supplied with most Unix systems to see what format a DBM file is in\&. .SH "EXIT STATUS" .PP -htdbm returns a zero status ("true") if the username and password have been successfully added or updated in the DBM File\&. htdbm returns 1 if it encounters some problem accessing files, 2 if there was a syntax problem with the command line, 3 if the password was entered interactively and the verification entry didn't match, 4 if its operation was interrupted, 5 if a value is too long (username, filename, password, or final computed record), 6 if the username contains illegal characters (see the Restrictions section), and 7 if the file is not a valid DBM password file\&. +\fBhtdbm\fR returns a zero status ("true") if the username and password have been successfully added or updated in the DBM File\&. \fBhtdbm\fR returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid DBM password file\&. .SH "EXAMPLES" @@ -137,7 +137,7 @@ .fi .PP -Adds or modifies the password for user jsmith\&. The user is prompted for the password\&. If executed on a Windows system, the password will be encrypted using the modified Apache MD5 algorithm; otherwise, the system's crypt() routine will be used\&. If the file does not exist, htdbm will do nothing except return an error\&. +Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. If executed on a Windows system, the password will be encrypted using the modified Apache MD5 algorithm; otherwise, the system's \fBcrypt()\fR routine will be used\&. If the file does not exist, \fBhtdbm\fR will do nothing except return an error\&. .nf @@ -146,7 +146,7 @@ .fi .PP -Creates a new file and stores a record in it for user jane\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and htdbm will display a message and return an error status\&. +Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and \fBhtdbm\fR will display a message and return an error status\&. .nf @@ -155,33 +155,33 @@ .fi .PP -Encrypts the password from the command line (Pwd4Steve) using the MD5 algorithm, and stores it in the specified file\&. +Encrypts the password from the command line (\fBPwd4Steve\fR) using the MD5 algorithm, and stores it in the specified file\&. .SH "SECURITY CONSIDERATIONS" .PP -Web password files such as those managed by htdbm should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. +Web password files such as those managed by \fBhtdbm\fR should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. .PP -The use of the -b option is discouraged, since when it is used the unencrypted password appears on the command line\&. +The use of the \fB-b\fR option is discouraged, since when it is used the unencrypted password appears on the command line\&. .PP -When using the crypt() algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&. +When using the \fBcrypt()\fR algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&. .PP -The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The crypt() and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&. +The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The \fBcrypt()\fR and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&. .PP -The SHA and crypt() formats are insecure by today's standards\&. +The SHA and \fBcrypt()\fR formats are insecure by today's standards\&. .SH "RESTRICTIONS" .PP -On the Windows platform, passwords encrypted with htdbm are limited to no more than 255 characters in length\&. Longer passwords will be truncated to 255 characters\&. +On the Windows platform, passwords encrypted with \fBhtdbm\fR are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. .PP -The MD5 algorithm used by htdbm is specific to the Apache software; passwords encrypted using it will not be usable with other Web servers\&. +The MD5 algorithm used by \fBhtdbm\fR is specific to the Apache software; passwords encrypted using it will not be usable with other Web servers\&. .PP -Usernames are limited to 255 bytes and may not include the character :\&. +Usernames are limited to \fB255\fR bytes and may not include the character \fB:\fR\&. diff -Nru apache2-2.4.33/docs/man/htdigest.1 apache2-2.4.34/docs/man/htdigest.1 --- apache2-2.4.33/docs/man/htdigest.1 2012-07-19 10:26:14.000000000 +0000 +++ apache2-2.4.34/docs/man/htdigest.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTDIGEST" 1 "2012-07-19" "Apache HTTP Server" "htdigest" +.TH "HTDIGEST" 1 "2018-07-06" "Apache HTTP Server" "htdigest" .SH NAME htdigest \- manage user files for digest authentication @@ -27,13 +27,13 @@ .SH "SYNOPSIS" .PP -\fBhtdigest\fR [ -\fBc\fR ] \fIpasswdfile\fR \fIrealm\fR \fIusername\fR +\fB\fBhtdigest\fR [ -\fBc\fR ] \fIpasswdfile\fR \fIrealm\fR \fIusername\fR\fR .SH "SUMMARY" .PP -htdigest is used to create and update the flat-files used to store usernames, realm and password for digest authentication of HTTP users\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htdigest\&. +\fBhtdigest\fR is used to create and update the flat-files used to store usernames, realm and password for digest authentication of HTTP users\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBhtdigest\fR\&. .PP This manual page only lists the command line arguments\&. For details of the directives necessary to configure digest authentication in httpd see the Apache manual, which is part of the Apache distribution or can be found at http://httpd\&.apache\&.org/\&. @@ -43,16 +43,16 @@ .TP --c +\fB-c\fR Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is deleted first\&. .TP -\fIpasswdfile\fR -Name of the file to contain the username, realm and password\&. If -c is given, this file is created if it does not already exist, or deleted and recreated if it does exist\&. +\fB\fIpasswdfile\fR\fR +Name of the file to contain the username, realm and password\&. If \fB-c\fR is given, this file is created if it does not already exist, or deleted and recreated if it does exist\&. .TP -\fIrealm\fR +\fB\fIrealm\fR\fR The realm name to which the user name belongs\&. See http://tools\&.ietf\&.org/html/rfc2617#section-3\&.2\&.1 for more details\&. .TP -\fIusername\fR +\fB\fIusername\fR\fR The user name to create or update in \fIpasswdfile\fR\&. If \fIusername\fR does not exist is this file, an entry is added\&. If it does exist, the password is changed\&. .SH "SECURITY CONSIDERATIONS" diff -Nru apache2-2.4.33/docs/man/htpasswd.1 apache2-2.4.34/docs/man/htpasswd.1 --- apache2-2.4.33/docs/man/htpasswd.1 2014-06-24 05:53:21.000000000 +0000 +++ apache2-2.4.34/docs/man/htpasswd.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTPASSWD" 1 "2014-06-24" "Apache HTTP Server" "htpasswd" +.TH "HTPASSWD" 1 "2018-07-06" "Apache HTTP Server" "htpasswd" .SH NAME htpasswd \- Manage user files for basic authentication @@ -27,28 +27,28 @@ .SH "SYNOPSIS" .PP -\fBhtpasswd\fR [ -\fBc\fR ] [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR +\fB\fBhtpasswd\fR [ -\fBc\fR ] [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR\fR .PP -\fBhtpasswd\fR -\fBb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR \fIpassword\fR +\fB\fBhtpasswd\fR -\fBb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR \fIpassword\fR\fR .PP -\fBhtpasswd\fR -\fBn\fR [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR +\fB\fBhtpasswd\fR -\fBn\fR [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR\fR .PP -\fBhtpasswd\fR -\fBnb\fR [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR \fIpassword\fR +\fB\fBhtpasswd\fR -\fBnb\fR [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR \fIpassword\fR\fR .SH "SUMMARY" .PP -htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users\&. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes\&. +\fBhtpasswd\fR is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users\&. If \fBhtpasswd\fR cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes\&. .PP -Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htpasswd\&. This program can only manage usernames and passwords stored in a flat-file\&. It can encrypt and display password information for use in other types of data stores, though\&. To use a DBM database see dbmmanage or htdbm\&. +Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBhtpasswd\fR\&. This program can only manage usernames and passwords stored in a flat-file\&. It can encrypt and display password information for use in other types of data stores, though\&. To use a DBM database see dbmmanage or htdbm\&. .PP -htpasswd encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's crypt() routine\&. Files managed by htpasswd may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-encrypted passwords while others in the same file may have passwords encrypted with crypt()\&. +\fBhtpasswd\fR encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's \fBcrypt()\fR routine\&. Files managed by \fBhtpasswd\fR may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-encrypted passwords while others in the same file may have passwords encrypted with \fBcrypt()\fR\&. .PP This manual page only lists the command line arguments\&. For details of the directives necessary to configure user authentication in httpd see the Apache manual, which is part of the Apache distribution or can be found at http://httpd\&.apache\&.org/\&. @@ -58,55 +58,55 @@ .TP --b -Use batch mode; \fIi\&.e\&.\fR, get the password from the command line rather than prompting for it\&. This option should be used with extreme care, since \fBthe password is clearly visible\fR on the command line\&. For script use see the -i option\&. Available in 2\&.4\&.4 and later\&. +\fB-b\fR +Use batch mode; \fIi\&.e\&.\fR, get the password from the command line rather than prompting for it\&. This option should be used with extreme care, since \fBthe password is clearly visible\fR on the command line\&. For script use see the \fB-i\fR option\&. Available in 2\&.4\&.4 and later\&. .TP --i +\fB-i\fR Read the password from stdin without verification (for script usage)\&. .TP --c -Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is rewritten and truncated\&. This option cannot be combined with the -n option\&. +\fB-c\fR +Create the \fIpasswdfile\fR\&. If \fIpasswdfile\fR already exists, it is rewritten and truncated\&. This option cannot be combined with the \fB-n\fR option\&. .TP --n -Display the results on standard output rather than updating a file\&. This is useful for generating password records acceptable to Apache for inclusion in non-text data stores\&. This option changes the syntax of the command line, since the \fIpasswdfile\fR argument (usually the first one) is omitted\&. It cannot be combined with the -c option\&. +\fB-n\fR +Display the results on standard output rather than updating a file\&. This is useful for generating password records acceptable to Apache for inclusion in non-text data stores\&. This option changes the syntax of the command line, since the \fIpasswdfile\fR argument (usually the first one) is omitted\&. It cannot be combined with the \fB-c\fR option\&. .TP --m +\fB-m\fR Use MD5 encryption for passwords\&. This is the default (since version 2\&.2\&.18)\&. .TP --B +\fB-B\fR Use bcrypt encryption for passwords\&. This is currently considered to be very secure\&. .TP --C -This flag is only allowed in combination with -B (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&. +\fB-C\fR +This flag is only allowed in combination with \fB-B\fR (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&. .TP --d -Use crypt() encryption for passwords\&. This is not supported by the httpd server on Windows and Netware\&. This algorithm limits the password length to 8 characters\&. This algorithm is \fBinsecure\fR by today's standards\&. It used to be the default algorithm until version 2\&.2\&.17\&. +\fB-d\fR +Use \fBcrypt()\fR encryption for passwords\&. This is not supported by the httpd server on Windows and Netware\&. This algorithm limits the password length to 8 characters\&. This algorithm is \fBinsecure\fR by today's standards\&. It used to be the default algorithm until version 2\&.2\&.17\&. .TP --s +\fB-s\fR Use SHA encryption for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&. .TP --p -Use plaintext passwords\&. Though htpasswd will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. +\fB-p\fR +Use plaintext passwords\&. Though \fBhtpasswd\fR will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. .TP --D +\fB-D\fR Delete user\&. If the username exists in the specified htpasswd file, it will be deleted\&. .TP --v +\fB-v\fR Verify password\&. Verify that the given password matches the password of the user stored in the specified htpasswd file\&. Available in 2\&.4\&.5 and later\&. .TP -\fIpasswdfile\fR -Name of the file to contain the user name and password\&. If -c is given, this file is created if it does not already exist, or rewritten and truncated if it does exist\&. +\fB\fIpasswdfile\fR\fR +Name of the file to contain the user name and password\&. If \fB-c\fR is given, this file is created if it does not already exist, or rewritten and truncated if it does exist\&. .TP -\fIusername\fR +\fB\fIusername\fR\fR The username to create or update in \fIpasswdfile\fR\&. If \fIusername\fR does not exist in this file, an entry is added\&. If it does exist, the password is changed\&. .TP -\fIpassword\fR -The plaintext password to be encrypted and stored in the file\&. Only used with the -b flag\&. +\fB\fIpassword\fR\fR +The plaintext password to be encrypted and stored in the file\&. Only used with the \fB-b\fR flag\&. .SH "EXIT STATUS" .PP -htpasswd returns a zero status ("true") if the username and password have been successfully added or updated in the \fIpasswdfile\fR\&. htpasswd returns 1 if it encounters some problem accessing files, 2 if there was a syntax problem with the command line, 3 if the password was entered interactively and the verification entry didn't match, 4 if its operation was interrupted, 5 if a value is too long (username, filename, password, or final computed record), 6 if the username contains illegal characters (see the Restrictions section), and 7 if the file is not a valid password file\&. +\fBhtpasswd\fR returns a zero status ("true") if the username and password have been successfully added or updated in the \fIpasswdfile\fR\&. \fBhtpasswd\fR returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid password file\&. .SH "EXAMPLES" @@ -117,7 +117,7 @@ .fi .PP -Adds or modifies the password for user jsmith\&. The user is prompted for the password\&. The password will be encrypted using the modified Apache MD5 algorithm\&. If the file does not exist, htpasswd will do nothing except return an error\&. +Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. The password will be encrypted using the modified Apache MD5 algorithm\&. If the file does not exist, \fBhtpasswd\fR will do nothing except return an error\&. .nf @@ -126,7 +126,7 @@ .fi .PP -Creates a new file and stores a record in it for user jane\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status\&. +Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and \fBhtpasswd\fR will display a message and return an error status\&. .nf @@ -135,36 +135,36 @@ .fi .PP -Encrypts the password from the command line (Pwd4Steve) using the crypt() algorithm, and stores it in the specified file\&. +Encrypts the password from the command line (\fBPwd4Steve\fR) using the \fBcrypt()\fR algorithm, and stores it in the specified file\&. .SH "SECURITY CONSIDERATIONS" .PP -Web password files such as those managed by htpasswd should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. +Web password files such as those managed by \fBhtpasswd\fR should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. .PP This program is not safe as a setuid executable\&. Do \fInot\fR make it setuid\&. .PP -The use of the -b option is discouraged, since when it is used the unencrypted password appears on the command line\&. +The use of the \fB-b\fR option is discouraged, since when it is used the unencrypted password appears on the command line\&. .PP -When using the crypt() algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&. +When using the \fBcrypt()\fR algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&. .PP -The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The crypt() and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&. +The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The \fBcrypt()\fR and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&. .PP -The SHA and crypt() formats are insecure by today's standards\&. +The SHA and \fBcrypt()\fR formats are insecure by today's standards\&. .SH "RESTRICTIONS" .PP -On the Windows platform, passwords encrypted with htpasswd are limited to no more than 255 characters in length\&. Longer passwords will be truncated to 255 characters\&. +On the Windows platform, passwords encrypted with \fBhtpasswd\fR are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. .PP -The MD5 algorithm used by htpasswd is specific to the Apache software; passwords encrypted using it will not be usable with other Web servers\&. +The MD5 algorithm used by \fBhtpasswd\fR is specific to the Apache software; passwords encrypted using it will not be usable with other Web servers\&. .PP -Usernames are limited to 255 bytes and may not include the character :\&. +Usernames are limited to \fB255\fR bytes and may not include the character \fB:\fR\&. diff -Nru apache2-2.4.33/docs/man/httpd.8 apache2-2.4.34/docs/man/httpd.8 --- apache2-2.4.33/docs/man/httpd.8 2017-01-19 14:50:11.000000000 +0000 +++ apache2-2.4.34/docs/man/httpd.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTTPD" 8 "2012-02-10" "Apache HTTP Server" "httpd" +.TH "HTTPD" 8 "2018-07-06" "Apache HTTP Server" "httpd" .SH NAME httpd \- Apache Hypertext Transfer Protocol Server @@ -27,80 +27,80 @@ .SH "SYNOPSIS" .PP -\fBhttpd\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR start|restart|graceful|stop|graceful-stop ] [ -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ] [ -\fBT\fR ] +\fB\fBhttpd\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR start|restart|graceful|stop|graceful-stop ] [ -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ] [ -\fBT\fR ] \fR .PP On Windows systems, the following additional arguments are available: .PP -\fBhttpd\fR [ -\fBk\fR install|config|uninstall ] [ -\fBn\fR \fIname\fR ] [ -\fBw\fR ] +\fB\fBhttpd\fR [ -\fBk\fR install|config|uninstall ] [ -\fBn\fR \fIname\fR ] [ -\fBw\fR ]\fR .SH "SUMMARY" .PP -httpd is the Apache HyperText Transfer Protocol (HTTP) server program\&. It is designed to be run as a standalone daemon process\&. When used like this it will create a pool of child processes or threads to handle requests\&. +\fBhttpd\fR is the Apache HyperText Transfer Protocol (HTTP) server program\&. It is designed to be run as a standalone daemon process\&. When used like this it will create a pool of child processes or threads to handle requests\&. .PP -In general, httpd should not be invoked directly, but rather should be invoked via apachectl on Unix-based systems or as a service on Windows NT, 2000 and XP and as a console application on Windows 9x and ME\&. +In general, \fBhttpd\fR should not be invoked directly, but rather should be invoked via apachectl on Unix-based systems or as a service on Windows NT, 2000 and XP and as a console application on Windows 9x and ME\&. .SH "OPTIONS" .TP --d \fIserverroot\fR -Set the initial value for the ServerRoot directive to \fIserverroot\fR\&. This can be overridden by the ServerRoot directive in the configuration file\&. The default is /usr/local/apache2\&. +\fB-d \fIserverroot\fR\fR +Set the initial value for the ServerRoot directive to \fIserverroot\fR\&. This can be overridden by the ServerRoot directive in the configuration file\&. The default is \fB/usr/local/apache2\fR\&. .TP --f \fIconfig\fR -Uses the directives in the file \fIconfig\fR on startup\&. If \fIconfig\fR does not begin with a /, then it is taken to be a path relative to the ServerRoot\&. The default is conf/httpd\&.conf\&. +\fB-f \fIconfig\fR\fR +Uses the directives in the file \fIconfig\fR on startup\&. If \fIconfig\fR does not begin with a /, then it is taken to be a path relative to the ServerRoot\&. The default is \fBconf/httpd\&.conf\fR\&. .TP --k start|restart|graceful|stop|graceful-stop -Signals httpd to start, restart, or stop\&. See Stopping Apache httpd for more information\&. +\fB-k \fBstart|restart|graceful|stop|graceful-stop\fR\fR +Signals \fBhttpd\fR to start, restart, or stop\&. See Stopping Apache httpd for more information\&. .TP --C \fIdirective\fR +\fB-C \fIdirective\fR\fR Process the configuration \fIdirective\fR before reading config files\&. .TP --c \fIdirective\fR +\fB-c \fIdirective\fR\fR Process the configuration \fIdirective\fR after reading config files\&. .TP --D \fIparameter\fR -Sets a configuration \fIparameter \fRwhich can be used with sections in the configuration files to conditionally skip or process commands at server startup and restart\&. Also can be used to set certain less-common startup parameters including -DNO_DETACH (prevent the parent from forking) and -DFOREGROUND (prevent the parent from calling setsid() et al)\&. +\fB-D \fIparameter\fR\fR +Sets a configuration \fIparameter \fRwhich can be used with sections in the configuration files to conditionally skip or process commands at server startup and restart\&. Also can be used to set certain less-common startup parameters including \fB-DNO_DETACH\fR (prevent the parent from forking) and \fB-DFOREGROUND\fR (prevent the parent from calling \fBsetsid()\fR et al)\&. .TP --e \fIlevel\fR +\fB-e \fIlevel\fR\fR Sets the LogLevel to \fIlevel\fR during server startup\&. This is useful for temporarily increasing the verbosity of the error messages to find problems during startup\&. .TP --E \fIfile\fR +\fB-E \fIfile\fR\fR Send error messages during server startup to \fIfile\fR\&. .TP --h +\fB-h\fR Output a short summary of available command line options\&. .TP --l +\fB-l\fR Output a list of modules compiled into the server\&. This will \fBnot\fR list dynamically loaded modules included using the LoadModule directive\&. .TP --L +\fB-L\fR Output a list of directives provided by static modules, together with expected arguments and places where the directive is valid\&. Directives provided by shared modules are not listed\&. .TP --M +\fB-M\fR Dump a list of loaded Static and Shared Modules\&. .TP --S +\fB-S\fR Show the settings as parsed from the config file (currently only shows the virtualhost settings)\&. .TP --T (Available in 2\&.3\&.8 and later) +\fB-T\fR (Available in 2\&.3\&.8 and later) Skip document root check at startup/restart\&. .TP --t +\fB-t\fR Run syntax tests for configuration files only\&. The program immediately exits after these syntax parsing tests with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error)\&. If -D \fIDUMP\fR_\fIVHOSTS \fRis also set, details of the virtual host configuration will be printed\&. If -D \fIDUMP\fR_\fIMODULES \fR is set, all loaded modules will be printed\&. .TP --v -Print the version of httpd, and then exit\&. +\fB-v\fR +Print the version of \fBhttpd\fR, and then exit\&. .TP --V -Print the version and build parameters of httpd, and then exit\&. +\fB-V\fR +Print the version and build parameters of \fBhttpd\fR, and then exit\&. .TP --X +\fB-X\fR Run httpd in debug mode\&. Only one worker will be started and the server will not detach from the console\&. .PP @@ -108,12 +108,12 @@ .TP --k install|config|uninstall +\fB-k install|config|uninstall\fR Install Apache httpd as a Windows NT service; change startup options for the Apache httpd service; and uninstall the Apache httpd service\&. .TP --n \fIname\fR +\fB-n \fIname\fR\fR The \fIname\fR of the Apache httpd service to signal\&. .TP --w +\fB-w\fR Keep the console window open on error so that the error message can be read\&. diff -Nru apache2-2.4.33/docs/man/httxt2dbm.1 apache2-2.4.34/docs/man/httxt2dbm.1 --- apache2-2.4.33/docs/man/httxt2dbm.1 2013-03-20 12:43:51.000000000 +0000 +++ apache2-2.4.34/docs/man/httxt2dbm.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTTXT2DBM" 1 "2013-03-20" "Apache HTTP Server" "httxt2dbm" +.TH "HTTXT2DBM" 1 "2018-07-06" "Apache HTTP Server" "httxt2dbm" .SH NAME httxt2dbm \- Generate dbm files for use with RewriteMap @@ -27,13 +27,13 @@ .SH "SYNOPSIS" .PP -\fBhttxt2dbm\fR [ -\fBv\fR ] [ -\fBf\fR \fIDBM_TYPE\fR ] -\fBi\fR \fISOURCE_TXT\fR -\fBo\fR \fIOUTPUT_DBM\fR +\fB\fBhttxt2dbm\fR [ -\fBv\fR ] [ -\fBf\fR \fIDBM_TYPE\fR ] -\fBi\fR \fISOURCE_TXT\fR -\fBo\fR \fIOUTPUT_DBM\fR \fR .SH "SUMMARY" .PP -httxt2dbm is used to generate dbm files from text input, for use in RewriteMap with the dbm map type\&. +\fBhttxt2dbm\fR is used to generate dbm files from text input, for use in RewriteMap with the \fBdbm\fR map type\&. .PP If the output file already exists, it will not be truncated\&. New keys will be added and existing keys will be updated\&. @@ -43,16 +43,16 @@ .TP --v +\fB-v\fR More verbose output .TP --f \fIDBM_TYPE\fR -Specify the DBM type to be used for the output\&. If not specified, will use the APR Default\&. Available types are: GDBM for GDBM files, SDBM for SDBM files, DB for berkeley DB files, NDBM for NDBM files, default for the default DBM type\&. +\fB-f \fIDBM_TYPE\fR\fR +Specify the DBM type to be used for the output\&. If not specified, will use the APR Default\&. Available types are: \fBGDBM\fR for GDBM files, \fBSDBM\fR for SDBM files, \fBDB\fR for berkeley DB files, \fBNDBM\fR for NDBM files, \fBdefault\fR for the default DBM type\&. .TP --i \fISOURCE_TXT\fR -Input file from which the dbm is to be created\&. The file should be formated with one record per line, of the form: key value\&. See the documentation for RewriteMap for further details of this file's format and meaning\&. +\fB-i \fISOURCE_TXT\fR\fR +Input file from which the dbm is to be created\&. The file should be formated with one record per line, of the form: \fBkey value\fR\&. See the documentation for RewriteMap for further details of this file's format and meaning\&. .TP --o \fIOUTPUT_DBM\fR +\fB-o \fIOUTPUT_DBM\fR\fR Name of the output dbm files\&. .SH "EXAMPLES" diff -Nru apache2-2.4.33/docs/man/logresolve.1 apache2-2.4.34/docs/man/logresolve.1 --- apache2-2.4.33/docs/man/logresolve.1 2012-01-09 17:03:50.000000000 +0000 +++ apache2-2.4.34/docs/man/logresolve.1 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "LOGRESOLVE" 1 "2012-01-09" "Apache HTTP Server" "logresolve" +.TH "LOGRESOLVE" 1 "2018-07-06" "Apache HTTP Server" "logresolve" .SH NAME logresolve \- Resolve IP-addresses to hostnames in Apache log files @@ -27,13 +27,13 @@ .SH "SYNOPSIS" .PP -\fBlogresolve\fR [ -\fBs\fR \fIfilename\fR ] [ -\fBc\fR ] < \fIaccess_log\fR > \fIaccess_log\&.new\fR +\fB\fBlogresolve\fR [ -\fBs\fR \fIfilename\fR ] [ -\fBc\fR ] < \fIaccess_log\fR > \fIaccess_log\&.new\fR\fR .SH "SUMMARY" .PP -logresolve is a post-processing program to resolve IP-addresses in Apache's access logfiles\&. To minimize impact on your nameserver, logresolve has its very own internal hash-table cache\&. This means that each IP number will only be looked up the first time it is found in the log file\&. +\fBlogresolve\fR is a post-processing program to resolve IP-addresses in Apache's access logfiles\&. To minimize impact on your nameserver, logresolve has its very own internal hash-table cache\&. This means that each IP number will only be looked up the first time it is found in the log file\&. .PP Takes an Apache log file on standard input\&. The IP addresses must be the first thing on each line and must be separated from the remainder of the line by a space\&. @@ -43,9 +43,9 @@ .TP --s \fIfilename\fR +\fB-s \fIfilename\fR\fR Specifies a filename to record statistics\&. .TP --c -This causes logresolve to apply some DNS checks: after finding the hostname from the IP address, it looks up the IP addresses for the hostname and checks that one of these matches the original address\&. +\fB-c\fR +This causes \fBlogresolve\fR to apply some DNS checks: after finding the hostname from the IP address, it looks up the IP addresses for the hostname and checks that one of these matches the original address\&. diff -Nru apache2-2.4.33/docs/man/rotatelogs.8 apache2-2.4.34/docs/man/rotatelogs.8 --- apache2-2.4.33/docs/man/rotatelogs.8 2015-01-01 15:30:56.000000000 +0000 +++ apache2-2.4.34/docs/man/rotatelogs.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "ROTATELOGS" 8 "2015-01-01" "Apache HTTP Server" "rotatelogs" +.TH "ROTATELOGS" 8 "2018-07-06" "Apache HTTP Server" "rotatelogs" .SH NAME rotatelogs \- Piped logging program to rotate Apache logs @@ -27,57 +27,60 @@ .SH "SYNOPSIS" .PP -\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIlinkname\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fInumber-of-files\fR ] \fIlogfile\fR \fIrotationtime\fR|\fIfilesize\fR(B|K|M|G) [ \fIoffset\fR ] +\fB\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIlinkname\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBD\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fInumber-of-files\fR ] \fIlogfile\fR \fIrotationtime\fR|\fIfilesize\fR(B|K|M|G) [ \fIoffset\fR ]\fR .SH "SUMMARY" .PP -rotatelogs is a simple program for use in conjunction with Apache's piped logfile feature\&. It supports rotation based on a time interval or maximum size of the log\&. +\fBrotatelogs\fR is a simple program for use in conjunction with Apache's piped logfile feature\&. It supports rotation based on a time interval or maximum size of the log\&. .SH "OPTIONS" .TP --l -Causes the use of local time rather than GMT as the base for the interval or for strftime(3) formatting with size-based rotation\&. +\fB-l\fR +Causes the use of local time rather than GMT as the base for the interval or for \fBstrftime(3)\fR formatting with size-based rotation\&. .TP --L \fIlinkname\fR -Causes a hard link to be made from the current logfile to the specified link name\&. This can be used to watch the log continuously across rotations using a command like tail -F linkname\&. +\fB-L\fR \fIlinkname\fR +Causes a hard link to be made from the current logfile to the specified link name\&. This can be used to watch the log continuously across rotations using a command like \fBtail -F linkname\fR\&. .TP --p \fIprogram\fR -If given, rotatelogs will execute the specified program every time a new log file is opened\&. The filename of the newly opened file is passed as the first argument to the program\&. If executing after a rotation, the old log file is passed as the second argument\&. rotatelogs does not wait for the specified program to terminate before continuing to operate, and will not log any error code returned on termination\&. The spawned program uses the same stdin, stdout, and stderr as rotatelogs itself, and also inherits the environment\&. +\fB-p\fR \fIprogram\fR +If given, \fBrotatelogs\fR will execute the specified program every time a new log file is opened\&. The filename of the newly opened file is passed as the first argument to the program\&. If executing after a rotation, the old log file is passed as the second argument\&. \fBrotatelogs\fR does not wait for the specified program to terminate before continuing to operate, and will not log any error code returned on termination\&. The spawned program uses the same stdin, stdout, and stderr as rotatelogs itself, and also inherits the environment\&. .TP --f -Causes the logfile to be opened immediately, as soon as rotatelogs starts, instead of waiting for the first logfile entry to be read (for non-busy sites, there may be a substantial delay between when the server is started and when the first request is handled, meaning that the associated logfile does not "exist" until then, which causes problems from some automated logging tools) +\fB-f\fR +Causes the logfile to be opened immediately, as soon as \fBrotatelogs\fR starts, instead of waiting for the first logfile entry to be read (for non-busy sites, there may be a substantial delay between when the server is started and when the first request is handled, meaning that the associated logfile does not "exist" until then, which causes problems from some automated logging tools) .TP --t +\fB-D\fR +Creates the parent directories of the path that the log file will be placed in if they do not already exist\&. This allows \fBstrftime(3)\fR formatting to be used in the path and not just the filename\&. +.TP +\fB-t\fR Causes the logfile to be truncated instead of rotated\&. This is useful when a log is processed in real time by a command like tail, and there is no need for archived data\&. No suffix will be added to the filename, however format strings containing '%' characters will be respected\&. .TP --v +\fB-v\fR Produce verbose output on STDERR\&. The output contains the result of the configuration parsing, and all file open and close actions\&. .TP --e +\fB-e\fR Echo logs through to stdout\&. Useful when logs need to be further processed in real time by a further tool in the chain\&. .TP --c +\fB-c\fR Create log file for each interval, even if empty\&. .TP --n \fInumber-of-files\fR +\fB-n \fInumber-of-files\fR\fR Use a circular list of filenames without timestamps\&. With -n 3, the series of log files opened would be "logfile", "logfile\&.1", "logfile\&.2", then overwriting "logfile"\&. Available in 2\&.4\&.5 and later\&. .TP -\fIlogfile\fR -.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for strftime(3)\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the strftime(3) format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using strftime(3) filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was /var/log/errorlog\&.%Y-%m-%d with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. +\fB\fIlogfile\fR\fR +.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for \fBstrftime(3)\fR\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the \fBstrftime(3)\fR format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using \fBstrftime(3)\fR filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was \fB/var/log/errorlog\&.%Y-%m-%d\fR with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. .TP -\fIrotationtime\fR +\fB\fIrotationtime\fR\fR The time between log file rotations in seconds\&. The rotation occurs at the beginning of this interval\&. For example, if the rotation time is 3600, the log file will be rotated at the beginning of every hour; if the rotation time is 86400, the log file will be rotated every night at midnight\&. (If no data is logged during an interval, no file will be created\&.) .TP -\fIfilesize\fR(B|K|M|G) -The maximum file size in followed by exactly one of the letters B (Bytes), K (KBytes), M (MBytes) or G (GBytes)\&. .PP When time and size are specified, the size must be given after the time\&. Rotation will occur whenever either time or size limits are reached\&. +\fB\fIfilesize\fR(B|K|M|G)\fR +The maximum file size in followed by exactly one of the letters \fBB\fR (Bytes), \fBK\fR (KBytes), \fBM\fR (MBytes) or \fBG\fR (GBytes)\&. .PP When time and size are specified, the size must be given after the time\&. Rotation will occur whenever either time or size limits are reached\&. .TP -\fIoffset\fR -The number of minutes offset from UTC\&. If omitted, zero is assumed and UTC is used\&. For example, to use local time in the zone UTC -5 hours, specify a value of -300 for this argument\&. In most cases, -l should be used instead of specifying an offset\&. +\fB\fIoffset\fR\fR +The number of minutes offset from UTC\&. If omitted, zero is assumed and UTC is used\&. For example, to use local time in the zone UTC -5 hours, specify a value of \fB-300\fR for this argument\&. In most cases, \fB-l\fR should be used instead of specifying an offset\&. .SH "EXAMPLES" @@ -115,7 +118,7 @@ .fi .PP -This configuration will rotate the error logfile whenever it reaches a size of 5 megabytes, and the suffix to the logfile name will be created of the form errorlog\&.YYYY-mm-dd-HH_MM_SS\&. +This configuration will rotate the error logfile whenever it reaches a size of 5 megabytes, and the suffix to the logfile name will be created of the form \fBerrorlog\&.YYYY-mm-dd-HH_MM_SS\fR\&. .nf @@ -129,49 +132,49 @@ .SH "PORTABILITY" .PP -The following logfile format string substitutions should be supported by all strftime(3) implementations, see the strftime(3) man page for library-specific extensions\&. +The following logfile format string substitutions should be supported by all \fBstrftime(3)\fR implementations, see the \fBstrftime(3)\fR man page for library-specific extensions\&. -.Ip "\(bu \s-1%A\s0 \- full weekday name (localized) +.Ip "\(bu \s-1\fB%A\fR\s0 \- full weekday name (localized) -.Ip "\(bu \s-1%a\s0 \- 3-character weekday name (localized) +.Ip "\(bu \s-1\fB%a\fR\s0 \- 3-character weekday name (localized) -.Ip "\(bu \s-1%B\s0 \- full month name (localized) +.Ip "\(bu \s-1\fB%B\fR\s0 \- full month name (localized) -.Ip "\(bu \s-1%b\s0 \- 3-character month name (localized) +.Ip "\(bu \s-1\fB%b\fR\s0 \- 3-character month name (localized) -.Ip "\(bu \s-1%c\s0 \- date and time (localized) +.Ip "\(bu \s-1\fB%c\fR\s0 \- date and time (localized) -.Ip "\(bu \s-1%d\s0 \- 2-digit day of month +.Ip "\(bu \s-1\fB%d\fR\s0 \- 2-digit day of month -.Ip "\(bu \s-1%H\s0 \- 2-digit hour (24 hour clock) +.Ip "\(bu \s-1\fB%H\fR\s0 \- 2-digit hour (24 hour clock) -.Ip "\(bu \s-1%I\s0 \- 2-digit hour (12 hour clock) +.Ip "\(bu \s-1\fB%I\fR\s0 \- 2-digit hour (12 hour clock) -.Ip "\(bu \s-1%j\s0 \- 3-digit day of year +.Ip "\(bu \s-1\fB%j\fR\s0 \- 3-digit day of year -.Ip "\(bu \s-1%M\s0 \- 2-digit minute +.Ip "\(bu \s-1\fB%M\fR\s0 \- 2-digit minute -.Ip "\(bu \s-1%m\s0 \- 2-digit month +.Ip "\(bu \s-1\fB%m\fR\s0 \- 2-digit month -.Ip "\(bu \s-1%p\s0 \- am/pm of 12 hour clock (localized) +.Ip "\(bu \s-1\fB%p\fR\s0 \- am/pm of 12 hour clock (localized) -.Ip "\(bu \s-1%S\s0 \- 2-digit second +.Ip "\(bu \s-1\fB%S\fR\s0 \- 2-digit second -.Ip "\(bu \s-1%U\s0 \- 2-digit week of year (Sunday first day of week) +.Ip "\(bu \s-1\fB%U\fR\s0 \- 2-digit week of year (Sunday first day of week) -.Ip "\(bu \s-1%W\s0 \- 2-digit week of year (Monday first day of week) +.Ip "\(bu \s-1\fB%W\fR\s0 \- 2-digit week of year (Monday first day of week) -.Ip "\(bu \s-1%w\s0 \- 1-digit weekday (Sunday first day of week) +.Ip "\(bu \s-1\fB%w\fR\s0 \- 1-digit weekday (Sunday first day of week) -.Ip "\(bu \s-1%X\s0 \- time (localized) +.Ip "\(bu \s-1\fB%X\fR\s0 \- time (localized) -.Ip "\(bu \s-1%x\s0 \- date (localized) +.Ip "\(bu \s-1\fB%x\fR\s0 \- date (localized) -.Ip "\(bu \s-1%Y\s0 \- 4-digit year +.Ip "\(bu \s-1\fB%Y\fR\s0 \- 4-digit year -.Ip "\(bu \s-1%y\s0 \- 2-digit year +.Ip "\(bu \s-1\fB%y\fR\s0 \- 2-digit year -.Ip "\(bu \s-1%Z\s0 \- time zone name +.Ip "\(bu \s-1\fB%Z\fR\s0 \- time zone name -.Ip "\(bu \s-1%%\s0 \- literal `%' +.Ip "\(bu \s-1\fB%%\fR\s0 \- literal `%' diff -Nru apache2-2.4.33/docs/man/suexec.8 apache2-2.4.34/docs/man/suexec.8 --- apache2-2.4.33/docs/man/suexec.8 2013-07-01 09:02:13.000000000 +0000 +++ apache2-2.4.34/docs/man/suexec.8 2018-07-06 08:44:47.000000000 +0000 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "SUEXEC" 8 "2013-07-01" "Apache HTTP Server" "suexec" +.TH "SUEXEC" 8 "2018-07-06" "Apache HTTP Server" "suexec" .SH NAME suexec \- Switch user before executing external programs @@ -27,13 +27,13 @@ .SH "SYNOPSIS" .PP -\fBsuexec\fR -\fBV\fR +\fB\fBsuexec\fR -\fBV\fR\fR .SH "SUMMARY" .PP -suexec is used by the Apache HTTP Server to switch to another user before executing CGI programs\&. In order to achieve this, it must run as root\&. Since the HTTP daemon normally doesn't run as root, the suexec executable needs the setuid bit set and must be owned by root\&. It should never be writable for any other person than root\&. +\fBsuexec\fR is used by the Apache HTTP Server to switch to another user before executing CGI programs\&. In order to achieve this, it must run as \fBroot\fR\&. Since the HTTP daemon normally doesn't run as \fBroot\fR, the \fBsuexec\fR executable needs the setuid bit set and must be owned by \fBroot\fR\&. It should never be writable for any other person than \fBroot\fR\&. .PP For further information about the concepts and the security model of suexec please refer to the suexec documentation (http://httpd\&.apache\&.org/docs/2\&.4/suexec\&.html)\&. @@ -43,6 +43,6 @@ .TP --V -If you are root, this option displays the compile options of suexec\&. For security reasons all configuration options are changeable only at compile time\&. +\fB-V\fR +If you are \fBroot\fR, this option displays the compile options of \fBsuexec\fR\&. For security reasons all configuration options are changeable only at compile time\&. diff -Nru apache2-2.4.33/docs/manual/bind.html.de apache2-2.4.34/docs/manual/bind.html.de --- apache2-2.4.33/docs/manual/bind.html.de 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/bind.html.de 2018-05-31 13:26:35.000000000 +0000 @@ -30,6 +30,9 @@  ko  |  tr 

    +
    Diese Übersetzung ist möglicherweise + nicht mehr aktuell. Bitte prüfen Sie die englische Version auf + die neuesten Änderungen.

    Konfiguration der vom Apache HTTP Server verwendeten Adressen und Ports.

    diff -Nru apache2-2.4.33/docs/manual/bind.html.en apache2-2.4.34/docs/manual/bind.html.en --- apache2-2.4.33/docs/manual/bind.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/bind.html.en 2018-03-30 12:48:02.000000000 +0000 @@ -34,6 +34,7 @@

    Configuring Apache HTTP Server to listen on specific addresses and ports.

    top
    +

    Changing Listen configuration on restart

    + + +

    When httpd is restarted, special consideration must be made for + changes to Listen directives. During a restart, httpd keeps ports + bound (as in the original configuration) to avoid generating + "Connection refused" errors for any new attempts to connect to the + server. If changes are made to the set of Listen directives used + which conflict with the old configuration, configuration will fail + and the server will terminate.

    + +

    For example, changing from configuration:

    + + 
    Listen 127.0.0.1:80
    +
    + +

    to the following may fail, because binding to port 80 across + all addresses conflicts with binding to port 80 on just + 127.0.0.1.

    + + 
    Listen 80
    +
    + +

    To have such configuration changes take effect, it is necessary + to stop and then start the server.

    + +
    top
    +

    Special IPv6 Considerations

    diff -Nru apache2-2.4.33/docs/manual/bind.html.fr apache2-2.4.34/docs/manual/bind.html.fr --- apache2-2.4.33/docs/manual/bind.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/bind.html.fr 2018-03-24 15:44:58.000000000 +0000 @@ -35,6 +35,7 @@ sur un port et une adresse IP spécifiques.

    top
    +

    Changer la configuration de l'écoute au redémarrage

    + + +

    Lorsque httpd est redémarré, certaines remarques sont à prendre en compte + quant aux modifications apportées aux directives Listen. Au cours du redémarrage, httpd + conserve la liaison avec les ports de la configuration précédente afin + d'éviter l'obtention d'un message d'erreur "Connection refused" lors d'une + tentative ultérieure de connexion au serveur. Si les modifications apportées au jeu de + directives Listen utilisé entrent + en conflit avec ce dernier, le serveur refusera de redémarrer.

    + +

    Par exemple, modifier la configuration suivante :

    + + 
    Listen 127.0.0.1:80
    +
    + +

    pour utiliser la suivante pourra échouer car écouter le port 80 sur + toutes les adresses IP entre en conflit avec une écoute sélective du port 80 + sur la seule adresse IP 127.0.0.1.

    + + 
    Listen 80
    +
    + +

    Pour qu'une telle modification de configuration soit prise en compte avec + succès, il est nécessaire d'arrêter, puis de démarrer le serveur.

    + +
    top
    +

    Remarques spécifiques à IPv6

    diff -Nru apache2-2.4.33/docs/manual/bind.html.tr.utf8 apache2-2.4.34/docs/manual/bind.html.tr.utf8 --- apache2-2.4.33/docs/manual/bind.html.tr.utf8 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/bind.html.tr.utf8 2018-05-08 13:09:57.000000000 +0000 @@ -35,6 +35,7 @@ yapılandırılması.

    + +
    top
    +
    +

    Dinleme yapılandırmasının yeniden başlatırken değiştirilmesi

    + + +

    httpd yeniden başlatılırken, + Listen yönergelerindeki + değişiklikler için özel değerlendirmeler yapılmalıdır. Yeniden başlatma + sırasında, httpd, yeni bağlanma çabalarında "Connection refused" (bağlantı + reddedildi) hatasından kaçınmak için [özgün yapılandırmadaki gibi] portları + bağlı tutar. Bu bakımdan, Listen + yönergelerinden yapılan değişiklikler yenden başlatılrken yapılandırmanın + başarısız olmasına ve sunucunun sonlanmasına sebep olur.

    + +

    Örneğin:

    + + 
    Listen 127.0.0.1:80
    -
    top
    +

    yapılandırmasını aşağıdakiyle değiştirmek yenden başlatma sırasında + sucunun hta verip sonlanmasına sebep olur. Çünkü, tüm adreslerden 80 porta + bağlanmak sadece 127.0.0.1 adresine bağlanmakla çelişir.

    + + 
    Listen 80
    +
    + +

    Böyle değişikliklerin etkili olabilmesi için sunucu önce durdurulmalı + sonra başlatımalıdır (restart yerine stop ve start kullanılmalıdır).

    + +
    top

    IPv6 Adreslerin Durumu

    diff -Nru apache2-2.4.33/docs/manual/convenience.map apache2-2.4.34/docs/manual/convenience.map --- apache2-2.4.33/docs/manual/convenience.map 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/convenience.map 2018-07-10 13:48:23.000000000 +0000 @@ -278,7 +278,10 @@ identitychecktimeout mod/mod_ident.html#identitychecktimeout if mod/core.html#if ifdefine mod/core.html#ifdefine +ifdirective mod/core.html#ifdirective +iffile mod/core.html#iffile ifmodule mod/core.html#ifmodule +ifsection mod/core.html#ifsection ifversion mod/mod_version.html#ifversion imapbase mod/mod_imagemap.html#imapbase imapdefault mod/mod_imagemap.html#imapdefault @@ -474,6 +477,7 @@ redirectpermanent mod/mod_alias.html#redirectpermanent redirecttemp mod/mod_alias.html#redirecttemp reflectorheader mod/mod_reflector.html#reflectorheader +regexdefaultoptions mod/core.html#regexdefaultoptions registerhttpmethod mod/core.html#registerhttpmethod remoteipheader mod/mod_remoteip.html#remoteipheader remoteipinternalproxy mod/mod_remoteip.html#remoteipinternalproxy diff -Nru apache2-2.4.33/docs/manual/developer/output-filters.html.en apache2-2.4.34/docs/manual/developer/output-filters.html.en --- apache2-2.4.33/docs/manual/developer/output-filters.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/developer/output-filters.html.en 2018-07-01 07:36:34.000000000 +0000 @@ -44,6 +44,7 @@
  • Buffering buckets
  • Non-blocking bucket reads
  • Ten rules for output filters
    • +
  • Use case: buffering in mod_ratelimit

    • See also

    top
    @@ -482,6 +483,78 @@ +
    top
    +
    +

    Use case: buffering in mod_ratelimit

    + +

    The r1833875 change is a good + example to show what buffering and keeping state means in the context of an + output filter. In this use case, a user asked on the users' mailing list a + interesting question about why mod_ratelimit seemed not to + honor its setting with proxied content (either rate limiting at a different + speed or simply not doing it at all). Before diving deep into the solution, + it is better to explain on a high level how mod_ratelimit works. + The trick is really simple: take the rate limit settings and calculate a + chunk size of data to flush every 200ms to the client. For example, let's imagine + that to set rate-limit 60 in our config, these are the high level + steps to find the chunk size:

    + 
    /* milliseconds to wait between each flush of data */
+RATE_INTERVAL_MS = 200;
+/* rate limit speed in b/s */
+speed = 60 * 1024;
+/* final chunk size is 12228 bytes */
+chunk_size = (speed / (1000 / RATE_INTERVAL_MS));
    + +

    If we apply this calculation to a bucket brigade carrying 38400 bytes, it means + that the filter will try to do the following:

    +
      +
    1. Split the 38400 bytes in chunks of maximum 12228 bytes each.
      2. +
    2. Flush the first 12228 chunk of bytes and sleep 200ms.
      3. +
    3. Flush the second 12228 chunk of bytes and sleep 200ms.
      4. +
    4. Flush the third 12228 chunk of bytes and sleep 200ms.
      5. +
    5. Flush the remaining 1716 bytes.
      6. +
    +

    The above pseudo code works fine if the output filter handles only one brigade + for each response, but it might happen that it needs to be called multiple times + with different brigade sizes as well. The former use case is for example when + httpd directly serves some content, like a static file: the bucket brigade + abstraction takes care of handling the whole content, and rate limiting + works nicely. But if the same static content is served via mod_proxy_http (for + example a backend is serving it rather than httpd) then the content generator + (in this case mod_proxy_http) may use a maximum buffer size and then send data + as bucket brigades to the output filters chain regularly, triggering of course + multiple calls to mod_ratelimit. If the reader tries to execute the pseudo code + assuming multiple calls to the output filter, each one requiring to process + a bucket brigade of 38400 bytes, then it is easy to spot some + anomalies:

    +
      +
    1. Between the last flush of a brigade and the first one of the next, + there is no sleep.
      2. +
    2. Even if the sleep was forced after the last flush, then that chunk size + would not be the ideal size (1716 bytes instead of 12228) and the final client's speed + would quickly become different than what set in the httpd's config.
      3. +
    +

    In this case, two things might help:

    +
      +
    1. Use the ctx internal data structure, initialized by mod_ratelimit + for each response handling cycle, to "remember" when the last sleep was + performed across multiple invocations, and act accordingly.
      2. +
    2. If a bucket brigade is not splittable into a finite number of chunk_size + blocks, store the remaining bytes (located in the tail of the bucket brigade) + in a temporary holding area (namely another bucket brigade) and then use + ap_save_brigade to set them aside. + These bytes will be preprended to the next bucket brigade that will be handled + in the subsequent invocation.
      3. +
    3. Avoid the previous logic if the bucket brigade that is currently being + processed contains the end of stream bucket (EOS). There is no need to sleep + or buffering data if the end of stream is reached.
      4. +
    +

    The commit linked in the beginning of the section contains also a bit of code + refactoring so it is not trivial to read during the first pass, but the overall + idea is basically what written up to now. The goal of this section is not to + cause an headache to the reader trying to read C code, but to put him/her into + the right mindset needed to use efficiently the tools offered by the httpd's + filter chain toolset.

    Available Languages:  en 

    diff -Nru apache2-2.4.33/docs/manual/expr.html.en apache2-2.4.34/docs/manual/expr.html.en --- apache2-2.4.33/docs/manual/expr.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/expr.html.en 2018-06-24 19:42:08.000000000 +0000 @@ -201,7 +201,7 @@
    REMOTE_HOST The host name of the remote host
    REMOTE_USERThe name of the authenticated user, if any (not available during <If >)
    The name of the authenticated user, if any (not available during <If>)
    REMOTE_IDENT The user name set by mod_ident
    SERVER_NAMEThe configured AuthType (e.g. "basic")
    CONTENT_TYPEThe content type of the response (not available during <If >)
    The content type of the response (not available during <If>)
    HANDLER The name of the handler creating the response
    "on" if the connection uses IPv6, "off" otherwise
    REQUEST_STATUSThe HTTP error status of the request (not available during <If >)
    The HTTP error status of the request (not available during <If>)
    REQUEST_LOG_ID The error log id of the request (see ErrorLogFormat)
    Same as req, but header names will not be added to the Vary header
    respGet HTTP response header
    Get HTTP response header (most response headers will not yet be set + during <If>)
    reqenv Lookup request environment variable (as a shortcut, - v can also be used to access variables). ordering
    osenv Lookup operating system environment variable
    Le nom d'hôte de l'hôte distant
    REMOTE_USER Le nom de l'utilisateur authentifié, s'il existe (non - disponible à l'intérieur d'un bloc <If - >)
    REMOTE_IDENT Le nom de l'utilisateur défini par mod_ident
    SERVER_NAME
    CONTENT_TYPE Le type de contenu de la réponse (non - disponible à l'intérieur d'un bloc <If - >)
    HANDLER Le nom du gestionnaire qui a généré la réponse
    REQUEST_STATUS Le code d'erreur HTTP de la requête (non - disponible à l'intérieur d'un bloc <If - >)
    REQUEST_LOG_ID L'identifiant du message d'erreur associé à la requête (voir la directive ErrorLogFormat)
    Identique à req, mais aucun nom d'en-tête n'est ajouté à l'en-tête Vary
    respLit l'en-tête de réponse HTTP
    Lit l'en-tête de réponse HTTP (La plupart des en-têtes de la réponse + ne seront pas encore définis pendant le traitement de la directive + <If>)
    reqenv Recherche une variable d'environnement de requête (on - peut aussi utiliser le raccourci v).ordonnancement
    ordonnancement
    osenv Recherche une variable d'environnement du système d'exploitation
    SStopWorker is administratively stopped; will not accept requests and will not be automatically retried
    IIgnWorker is in ignore-errors mode and will always be considered available.
    RSparWorker is a hot spare. For each worker in a given lbset that is unusable + (draining, stopped, in error, etc.), a usable hot spare with the same lbset will be used in + its place. Hot spares can help ensure that a specific number of workers are always available + for use by a balancer.
    HStbyWorker is in hot-standby mode and will only be used if no other - viable workers are available.
    EErrWorker is in an error state, usually due to failing pre-request check; requests will not be proxied to this worker, but it will be retried depending on the retry setting of the worker.
    @@ -127,6 +152,12 @@

    Derleme ve kurulum işleminin her aşaması, Apache HTTPd Sunucusunun derlenmesi ve kurulması için gerekenler başta olmak üzere aşağıda ayrıntılı olarak açıklanmıştır.

    + + + +
    Kullandığınız platformu burada göremiyor musunuz? + Bu belgeleri geliştirmek + için gelin bize yardımcı olun.
    top

    Gereksinimler

    diff -Nru apache2-2.4.33/docs/manual/mod/core.html.de apache2-2.4.34/docs/manual/mod/core.html.de --- apache2-2.4.33/docs/manual/mod/core.html.de 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.de 2018-07-10 12:21:25.000000000 +0000 @@ -77,7 +77,10 @@
  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -105,6 +108,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -1635,6 +1639,40 @@
    top
    +

    <IfDirective>-Direktive

    +
    + + + + + + + +
    Beschreibung:Encloses directives that are processed conditional on the +presence or absence of a specific directive
    Syntax:<IfDirective [!]directive-name> ... + </IfDirective>
    Kontext:Serverkonfiguration, Virtual Host, Verzeichnis, .htaccess
    AllowOverride:All
    Status:Core
    Modul:core
    Kompatibilität:Available in 2.4.34 and later.

    Die Dokumentation zu dieser Direktive wurde + noch nicht übersetzt. Bitte schauen Sie in die englische + Version.

    Siehe auch

    + + +
    top
    +

    <IfFile>-Direktive

    + + + + + + + + +
    Beschreibung:Encloses directives that will be processed only +if file exists at startup
    Syntax:<IfFile [!]parameter-name> ... + </IfFile>
    Kontext:Serverkonfiguration, Virtual Host, Verzeichnis, .htaccess
    AllowOverride:All
    Status:Core
    Modul:core
    Kompatibilität:Available in 2.4.34 and later.

    Die Dokumentation zu dieser Direktive wurde + noch nicht übersetzt. Bitte schauen Sie in die englische + Version.

    +
    top

    <IfModule>-Direktive

    +
    Beschreibung:Schließt Direktiven ein, die abhängig vom @@ -1691,6 +1729,25 @@
    top
    +

    <IfSection>-Direktive

    + + + + + + + + +
    Beschreibung:Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    Syntax:<IfSection [!]section-name> ... + </IfSection>
    Kontext:Serverkonfiguration, Virtual Host, Verzeichnis, .htaccess
    AllowOverride:All
    Status:Core
    Modul:core
    Kompatibilität:Available in 2.4.34 and later.

    Die Dokumentation zu dieser Direktive wurde + noch nicht übersetzt. Bitte schauen Sie in die englische + Version.

    Siehe auch

    + +
    +
    top

    Include-Direktive

    Beschreibung:Fügt andere Konfigurationsdateien innerhalb der @@ -2815,6 +2872,19 @@ noch nicht übersetzt. Bitte schauen Sie in die englische Version.

    top
    +

    RegexDefaultOptions-Direktive

    + + + + + + + + +
    Beschreibung:Allow to configure global/default options for regexes
    Syntax:RegexDefaultOptions [none] [+|-]option [[+|-]option] ...
    Voreinstellung:RegexDefaultOptions DOLLAR_ENDONLY
    Kontext:Serverkonfiguration
    Status:Core
    Modul:core
    Kompatibilität:Only available from Apache 2.4.30 and later.

    Die Dokumentation zu dieser Direktive wurde + noch nicht übersetzt. Bitte schauen Sie in die englische + Version.

    +
    top

    RegisterHttpMethod-Direktive

    @@ -2822,6 +2892,7 @@ +
    Beschreibung:Register non-standard HTTP methods
    Kontext:Serverkonfiguration
    Status:Core
    Modul:core
    Kompatibilität:Available in Apache HTTP Server 2.4.24 and later

    Die Dokumentation zu dieser Direktive wurde noch nicht übersetzt. Bitte schauen Sie in die englische Version.

    Siehe auch

    diff -Nru apache2-2.4.33/docs/manual/mod/core.html.en apache2-2.4.34/docs/manual/mod/core.html.en --- apache2-2.4.33/docs/manual/mod/core.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.en 2018-07-06 08:44:47.000000000 +0000 @@ -74,7 +74,10 @@
  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -102,6 +105,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -827,12 +831,12 @@
    Status:Core
    Module:core
    -

    In its one parameter form, Define is equivalent - to passing the -D argument to httpd. It - can be used to toggle the use of - <IfDefine> sections - without needing to alter -D arguments in any startup - scripts.

    +

    In its one parameter form, Define is + equivalent to passing the -D argument to + httpd. It can be used to toggle the use of + <IfDefine> + sections without needing to alter -D arguments in any + startup scripts.

    In addition to that, if the second parameter is given, a config variable is set to this value. The variable can be used in the configuration using @@ -2252,6 +2256,87 @@

    top
    +

    <IfDirective> Directive

    + + + + + + + + +
    Description:Encloses directives that are processed conditional on the +presence or absence of a specific directive
    Syntax:<IfDirective [!]directive-name> ... + </IfDirective>
    Context:server config, virtual host, directory, .htaccess
    Override:All
    Status:Core
    Module:core
    Compatibility:Available in 2.4.34 and later.
    +

    The <IfDirective test>...</IfDirective> + section is used to mark directives that are conditional on the presence of + a specific directive. The directives within an <IfDirective> section are only processed if the test + is true. If test is false, everything between the start and + end markers is ignored.

    + +

    The test in the <IfDirective> section can be one of two forms:

    + +
      +
    • directive-name
      • + +
    • !directive-name
      • +
    + +

    In the former case, the directives between the start and end + markers are only processed if a directive of the given name is + available at the time of processing. The second format reverses the test, + and only processes the directives if the directive-name is + not defined.

    + +
    This section should only be used if you need to have one + configuration file that works across multiple versions of + httpd, regardless of whether a particular + directive is available. In normal operation, directives need not + be placed in <IfDirective> + sections.
    + +

    See also

    + +
    +
    top
    +

    <IfFile> Directive

    + + + + + + + + +
    Description:Encloses directives that will be processed only +if file exists at startup
    Syntax:<IfFile [!]parameter-name> ... + </IfFile>
    Context:server config, virtual host, directory, .htaccess
    Override:All
    Status:Core
    Module:core
    Compatibility:Available in 2.4.34 and later.
    +

    The <IfFile filename>...</IfFile> + section is used to mark directives that are conditional on + the existence of a file on disk. The directives within an + <IfFile> section are only + processed if filename exists. If filename + doesn't exist, everything between the start and end markers is + ignored. filename can be an absolute path or a path + relative to the server root.

    + +

    The filename in the <IfFile> section directive can take the same forms as the + test variable in the <IfDefine> section, i.e. the test can be negated if the + ! character is placed directly before filename. +

    + +

    If a relative filename is supplied, the check is + ServerRoot relative. In the case where + this directive occurs before the ServerRoot, + the path will be checked relative to the compiled-in server root or + the server root passed in on the command line via the -d + parameter.

    + + +
    +
    top

    <IfModule> Directive

    Description:Encloses directives that are processed conditional on the @@ -2305,6 +2390,64 @@
    top
    +

    <IfSection> Directive

    + + + + + + + + +
    Description:Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    Syntax:<IfSection [!]section-name> ... + </IfSection>
    Context:server config, virtual host, directory, .htaccess
    Override:All
    Status:Core
    Module:core
    Compatibility:Available in 2.4.34 and later.
    +

    The <IfSection + test>...</IfSection> section is used + to mark directives that are conditional on the presence of a + specific section directive. A section directive is any directive + such as <virtualhost> which + encloses other directives, and has a directive name with a leading + "<". The sec + + The directives within an <IfSection> section are only processed if the test + is true. If test is false, everything between the start and + end markers is ignored.

    + +

    The section-name specified must not include the + leading "<". The test in the <IfSection> section can be one of two + forms:

    + +
      +
    • section-name
      • +
    • !section-name
      • +
    + +

    In the former case, the directives between the start and + end markers are only processed if a section directive of the given + name is available at the time of processing. The second format + reverses the test, and only processes the directives if the + section-name is not defined.

    + +

    For example:

    + + 
    <IfSection VirtualHost>
+   ...
+</IfSection>
    + + +
    This section should only be used if you need to have one + configuration file that works across multiple versions of httpd, + regardless of whether a particular section directive is + available. In normal operation, directives need not be placed in + <IfSection> sections.
    + +

    See also

    + +
    +
    top

    Include Directive

    -
    Description:Includes other configuration files from within @@ -3874,6 +4017,53 @@
    top
    +

    RegexDefaultOptions Directive

    + + + + + + + + +
    Description:Allow to configure global/default options for regexes
    Syntax:RegexDefaultOptions [none] [+|-]option [[+|-]option] ...
    Default:RegexDefaultOptions DOLLAR_ENDONLY
    Context:server config
    Status:Core
    Module:core
    Compatibility:Only available from Apache 2.4.30 and later.
    +

    This directive adds some default behavior to ANY regular expression + used afterwards.

    + +

    Any option preceded by a '+' is added to the already set options.
    + Any option preceded by a '-' is removed from the already set options.
    + Any option without a '+' or a '-' will be set, removing any other + already set option.
    + The none keyword resets any already set options.

    + +

    option can be:

    +
    +
    ICASE
    +
    Use a case-insensitive match.
    + +
    DOTALL
    +
    Perl's /s flag.
    + +
    DOLLAR_ENDONLY
    +
    '$' matches at end of subject string only.
    +
    .
    +
    + 
    # 
+RegexDefaultOptions +ICASE +DOLLAR_ENDONLY
+...
+# Remove the ICASE option, but keep all the other already set options
+RegexDefaultOptions -ICASE
+...
+# Set the default option to DOTALL, resetting any other option
+RegexDefaultOptions DOTALL
+...
+# Reset all defined option
+RegexDefaultOptions none
+...
    + + +
    +
    top

    RegisterHttpMethod Directive

    @@ -3881,6 +4071,7 @@ +
    Description:Register non-standard HTTP methods
    Context:server config
    Status:Core
    Module:core
    Compatibility:Available in Apache HTTP Server 2.4.24 and later

    This directive may be used to register additional HTTP methods. This is necessary if non-standard methods need to be used with directives that accept diff -Nru apache2-2.4.33/docs/manual/mod/core.html.es apache2-2.4.34/docs/manual/mod/core.html.es --- apache2-2.4.33/docs/manual/mod/core.html.es 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.es 2018-07-10 12:21:25.000000000 +0000 @@ -77,7 +77,10 @@

  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -105,6 +108,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -1864,6 +1868,42 @@
    top
    +

    <IfDirective> Directiva

    + + + + + + + + +
    Descripción:Encloses directives that are processed conditional on the +presence or absence of a specific directive
    Sintaxis:<IfDirective [!]directive-name> ... + </IfDirective>
    Contexto:server config, virtual host, directorio, .htaccess
    Prevalece sobre:All
    Estado:Core
    Módulo:core
    Compatibilidad:Available in 2.4.34 and later.

    La Documentación para esta directiva + no ha sido traducida aún. Por favor use la versión en inglés + mientras tanto. +

    Consulte también

    + +
    +
    top
    +

    <IfFile> Directiva

    + + + + + + + + +
    Descripción:Encloses directives that will be processed only +if file exists at startup
    Sintaxis:<IfFile [!]parameter-name> ... + </IfFile>
    Contexto:server config, virtual host, directorio, .htaccess
    Prevalece sobre:All
    Estado:Core
    Módulo:core
    Compatibilidad:Available in 2.4.34 and later.

    La Documentación para esta directiva + no ha sido traducida aún. Por favor use la versión en inglés + mientras tanto. +

    +
    top

    <IfModule> Directiva

    + @@ -96,8 +97,8 @@ Disponible en tant que module tiers dans les versions 2.x antérieures.
    Descripción:Encloses directives that are processed conditional on the @@ -1917,6 +1957,26 @@
    top
    +

    <IfSection> Directiva

    + + + + + + + + +
    Descripción:Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    Sintaxis:<IfSection [!]section-name> ... + </IfSection>
    Contexto:server config, virtual host, directorio, .htaccess
    Prevalece sobre:All
    Estado:Core
    Módulo:core
    Compatibilidad:Available in 2.4.34 and later.

    La Documentación para esta directiva + no ha sido traducida aún. Por favor use la versión en inglés + mientras tanto. +

    Consulte también

    + +
    +
    top

    Include Directiva

    Descripción:Includes other configuration files from within @@ -3474,6 +3534,20 @@ mientras tanto.

    top
    +

    RegexDefaultOptions Directiva

    + + + + + + + + +
    Descripción:Allow to configure global/default options for regexes
    Sintaxis:RegexDefaultOptions [none] [+|-]option [[+|-]option] ...
    Valor por defecto:RegexDefaultOptions DOLLAR_ENDONLY
    Contexto:server config
    Estado:Core
    Módulo:core
    Compatibilidad:Only available from Apache 2.4.30 and later.

    La Documentación para esta directiva + no ha sido traducida aún. Por favor use la versión en inglés + mientras tanto. +

    +
    top

    RegisterHttpMethod Directiva

    @@ -3481,6 +3555,7 @@ +
    Descripción:Register non-standard HTTP methods
    Contexto:server config
    Estado:Core
    Módulo:core
    Compatibilidad:Available in Apache HTTP Server 2.4.24 and later

    La Documentación para esta directiva no ha sido traducida aún. Por favor use la versión en inglés mientras tanto. diff -Nru apache2-2.4.33/docs/manual/mod/core.html.fr apache2-2.4.34/docs/manual/mod/core.html.fr --- apache2-2.4.33/docs/manual/mod/core.html.fr 2018-01-04 16:52:13.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -74,7 +74,10 @@

  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -102,6 +105,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -2412,6 +2416,90 @@
    top
    +

    Directive <IfDirective>

    + + + + + + + + +
    Description:Regroupe des directives dont le traitement est conditionné par la +présence ou l'absence d'une directive particulière
    Syntaxe:<IfDirective [!]directive-name> ... + </IfDirective>
    Contexte:configuration du serveur, serveur virtuel, répertoire, .htaccess
    AllowOverride:All
    Statut:Core
    Module:core
    Compatibilité:Disponible à partir de la version 2.4.34 du serveur HTTP Apache
    +

    La section <IfDirective + test>...</IfDirective> permet de regrouper des + directives dont le traitement n'est effectué que si une directive + particulière est présente, autrement dit si l'expression test est + évaluée à true. Si l'expression test est évaluée à false, toutes + les lignes qui se trouvent entre les balises de début et de fin de la + section sont ignorées.

    + +

    L'expression test de la section <IfDirective> peut prendre les deux formes + suivantes :

    + +
      +
    • directive-name
      • + +
    • !directive-name
      • +
    + +

    Dans le premier cas, les directives qui se situent entre les balises de + début et de fin de la section ne sont traitées que si une directive de nom + directive-name est disponible à cet instant. Dans le second cas, la condition est + inversée, et les directives ne sont traitées que si + directive-name n'est pas disponible.

    + +
    Cette section ne doit être utilisée que si vous devez partager le même + fichier de configuration entre plusieurs versions de + httpd, sans tenir compte de la disponibilité de telle ou + telle directive. Dans une configuration standard, il est inutile de placer + les directives dans des sections <IfDirective>.
    + +

    Voir aussi

    + +
    +
    top
    +

    Directive <IfFile>

    + + + + + + + + +
    Description:Regroupe des directives qui ne seront traitées que si un fichier +existe au démarrage
    Syntaxe:<IfFile [!]parameter-name> ... + </IfFile>
    Contexte:configuration du serveur, serveur virtuel, répertoire, .htaccess
    AllowOverride:All
    Statut:Core
    Module:core
    Compatibilité:Disponible à partir de la version 2.4.34 du serveur HTTP Apache
    +

    La section <IfFile filename>...</IfFile> + permet de conditionner le traitement de directives à + l'existence d'un fichier sur disque. Ainsi, les directives définies au sein + d'une section <IfFile> ne seront + traitées que si le fichier filename existe. Si le fichier + filename n'existe pas, tout ce qui se trouve entre les marqueurs + start et end sera ignoré. filename peut être un chemin absolu ou + relatif au chemin défini par la directive ServerRoot.

    + +

    Le paramètre filename de l'en-tête d'une section <IfFile> peut prendre la même forme que la variable + test de la section <IfDefine> ; à ce titre, le résultat du test peut + être inversé en plaçant le caractère ! juste avant + filename. +

    + +

    Si filename est un chemin relatif, il sera généré par rapport + au chemin défini par la directive ServerRoot. Lorsque la directive <IfFile> intervient avant la définition de la + directive ServerRoot, + filename sera relatif au répertoire racine par défaut du serveur + ou au répertoire racine passé dans la ligne de commande via l'option + -d.

    + + +
    +
    top

    Directive <IfModule>

    +module for earlier 2.x versions
    Description:Contient des directives qui ne s'appliquent qu'en fonction @@ -2468,6 +2556,62 @@
    top
    +

    Directive <IfSection>

    + + + + + + + + +
    Description:Regroupe des directives dont le traitement est conditionné par la +présence ou l'absence d'une section particulière
    Syntaxe:<IfSection [!]section-name> ... + </IfSection>
    Contexte:configuration du serveur, serveur virtuel, répertoire, .htaccess
    AllowOverride:All
    Statut:Core
    Module:core
    Compatibilité:Disponible à partir de la version 2.4.34 du serveur HTTP Apache
    +

    La section <IfSection + test>...</IfSection> permet de regrouper des + directives dont le traitement n'est effectué que si une section de + configuration particulière est présente. Une section, par exemple <VirtualHost>, permet de regrouper des directives + et possède un nom précédé du caractère "<".

    + +

    Les directives situées à l'intérieur d'une section <IfSection> ne sont traitées que si l'expression + test est évaluée à true. Si l'expression test est + évaluée à false, toutes les lignes situées entre les balises de début et de + fin de la section sont ignorées.

    + +

    section-name doit être spécifié sans les caractères de début + "<" ou fin ">". L'expression test de la section <IfSection> peut prendre deux formes :

    + +
      +
    • section-name
      • +
    • !section-name
      • +
    + +

    Dans le premier cas, les directives qui se situent entre les balises de + début et de fin de la section ne sont traitées que si une section de nom + section-name est disponible à cet instant. Dans le second cas, la condition est + inversée, et les directives ne sont traitées que si + section-name n'est pas disponible.

    + +

    Par exemple :

    + + 
    <IfSection VirtualHost>
+   ...
+</IfSection>
    + + +
    Cette section ne doit être utilisée que si vous devez partager le même + fichier de configuration entre plusieurs versions de + httpd, sans tenir compte de la disponibilité de telle ou + telle section. Dans une configuration standard, il est inutile de placer + les directives dans des sections <IfSection>.
    + +

    Voir aussi

    + +
    +
    top

    Directive Include

    - + -
    Description:Inclut d'autres fichiers de configuration dans un des @@ -4170,6 +4314,56 @@
    top
    +

    Directive RegexDefaultOptions

    + + + + + + + + +
    Description:Configuration des options globales par défaut pour les + expressions rationnelles
    Syntaxe:RegexDefaultOptions [none] [+|-]option [[+|-]option] ...
    Défaut:RegexDefaultOptions DOLLAR_ENDONLY
    Contexte:configuration du serveur
    Statut:Core
    Module:core
    Compatibilité:Disponible à partir de la version 2.4.30 du serveur HTTP + Apache.
    +

    Cette directive permet d'ajouter certains comportements par défaut à + TOUTES les expressions rationnelles utilisées ultérieurement.

    + +

    Toute option précédée d'un '+' est ajoutée aux options déjà définies.
    + Toute option précédée d'un '-' est enlevée des options déjà définies.
    + Toute option non suffixée par '+' ou '-' sera définie et remplacera + l'option correspondante éventuellement déjà définie.
    + Le mot-clé none annule toutes les options déjà définies.

    + +

    option peut être :

    +
    +
    ICASE
    +
    Utilise une recherche de correspondance insensible à la casse.
    + +
    DOTALL
    +
    Le drapeau Perl /s.
    + +
    DOLLAR_ENDONLY
    +
    '$' n'est actif qu'à la fin de la chaîne de référence.
    +
    .
    +
    + 
    # 
+RegexDefaultOptions +ICASE +DOLLAR_ENDONLY
+...
+# Supprime l'option ICASE, tout en conservant toutes les autres options
+# préexistantes
+RegexDefaultOptions -ICASE
+...
+# Définit l'option par défaut à DOTALL et annule toutes les autres options
+RegexDefaultOptions DOTALL
+...
+# Annule toutes les options définies
+RegexDefaultOptions none
+...
    + + +
    +
    top

    Directive RegisterHttpMethod

    @@ -4177,6 +4371,7 @@ +
    Description:Enregistrement de méthodes HTTP non standards
    Contexte:configuration du serveur
    Statut:Core
    Module:core
    Compatibilité:Disponible à partir de la version 2.4.24 du serveur HTTP Apache

    Cette directive permet d'enregistrer des méthodes HTTP supplémentaires. Ceci s'avérera nécessaire si l'on doit utiliser des méthodes non standards avec des diff -Nru apache2-2.4.33/docs/manual/mod/core.html.ja.utf8 apache2-2.4.34/docs/manual/mod/core.html.ja.utf8 --- apache2-2.4.33/docs/manual/mod/core.html.ja.utf8 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.ja.utf8 2018-07-10 12:21:25.000000000 +0000 @@ -77,7 +77,10 @@

  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -105,6 +108,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -1608,6 +1612,40 @@
    top
    +

    <IfDirective> ディレクティブ

    + + + + + + + + +
    説明:Encloses directives that are processed conditional on the +presence or absence of a specific directive
    構文:<IfDirective [!]directive-name> ... + </IfDirective>
    コンテキスト:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«, ãƒãƒ¼ãƒãƒ£ãƒ«ãƒ›ã‚¹ãƒˆ, ディレクトリ, .htaccess
    上書ã:All
    ステータス:Core
    モジュール:core
    互æ›æ€§:Available in 2.4.34 and later.

    ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã®è§£èª¬æ–‡æ›¸ã¯ + ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。 +

    å‚ç…§

    + +
    +
    top
    +

    <IfFile> ディレクティブ

    + + + + + + + + +
    説明:Encloses directives that will be processed only +if file exists at startup
    構文:<IfFile [!]parameter-name> ... + </IfFile>
    コンテキスト:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«, ãƒãƒ¼ãƒãƒ£ãƒ«ãƒ›ã‚¹ãƒˆ, ディレクトリ, .htaccess
    上書ã:All
    ステータス:Core
    モジュール:core
    互æ›æ€§:Available in 2.4.34 and later.

    ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã®è§£èª¬æ–‡æ›¸ã¯ + ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。 +

    +
    top

    <IfModule> ディレクティブ

    説明:モジュールã®å­˜åœ¨ã™ã‚‹ã‹ã—ãªã„ã‹ã«å¿œã˜ã¦å‡¦ç†ã•ã‚Œã‚‹ @@ -1667,6 +1705,25 @@
    top
    +

    <IfSection> ディレクティブ

    + + + + + + + + +
    説明:Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    構文:<IfSection [!]section-name> ... + </IfSection>
    コンテキスト:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«, ãƒãƒ¼ãƒãƒ£ãƒ«ãƒ›ã‚¹ãƒˆ, ディレクトリ, .htaccess
    上書ã:All
    ステータス:Core
    モジュール:core
    互æ›æ€§:Available in 2.4.34 and later.

    ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã®è§£èª¬æ–‡æ›¸ã¯ + ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。 +

    å‚ç…§

    + +
    +
    top

    Include ディレクティブ

    @@ -2756,6 +2813,19 @@ ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。

    top
    +

    RegexDefaultOptions ディレクティブ

    +
    説明:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ä¸­ã‹ã‚‰ä»–ã®è¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’å–り込む
    + + + + + + + +
    説明:Allow to configure global/default options for regexes
    構文:RegexDefaultOptions [none] [+|-]option [[+|-]option] ...
    デフォルト:RegexDefaultOptions DOLLAR_ENDONLY
    コンテキスト:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«
    ステータス:Core
    モジュール:core
    互æ›æ€§:Only available from Apache 2.4.30 and later.

    ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã®è§£èª¬æ–‡æ›¸ã¯ + ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。 +

    +
    top

    RegisterHttpMethod ディレクティブ

    @@ -2763,6 +2833,7 @@ +
    説明:Register non-standard HTTP methods
    コンテキスト:サーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«
    ステータス:Core
    モジュール:core
    互æ›æ€§:Available in Apache HTTP Server 2.4.24 and later

    ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã®è§£èª¬æ–‡æ›¸ã¯ ã¾ã ç¿»è¨³ã•ã‚Œã¦ã„ã¾ã›ã‚“。英語版をã”覧ãã ã•ã„。

    å‚ç…§

    diff -Nru apache2-2.4.33/docs/manual/mod/core.html.tr.utf8 apache2-2.4.34/docs/manual/mod/core.html.tr.utf8 --- apache2-2.4.33/docs/manual/mod/core.html.tr.utf8 2018-01-17 01:47:04.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/core.html.tr.utf8 2018-07-10 12:21:25.000000000 +0000 @@ -33,6 +33,7 @@  ja  |  tr 

    +
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.
    Açıklama:Apache HTTP Sunucusunda daima mevcut olan çekirdek özellikler
    Durum:Çekirdek
    @@ -74,7 +75,10 @@
  • HttpProtocolOptions
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • Include
  • IncludeOptional
  • KeepAlive
    • @@ -102,6 +106,7 @@
  • Protocols
  • ProtocolsHonorOrder
  • QualifyRedirectURL
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RLimitCPU
  • RLimitMEM
    • @@ -2287,6 +2292,38 @@
    top
    +

    <IfDirective> Yönergesi

    + + + + + + + + +
    Açıklama:Encloses directives that are processed conditional on the +presence or absence of a specific directive
    Sözdizimi:<IfDirective [!]directive-name> ... + </IfDirective>
    BaÄŸlam:sunucu geneli, sanal konak, dizin, .htaccess
    Geçersizleştirme:All
    Durum:Çekirdek
    Modül:core
    Uyumluluk:Available in 2.4.34 and later.

    Bu yönergenin belgesi henüz Türkçeye çevrilmedi. + Lütfen İngilizce sürümüne bakınız.

    Ayrıca bakınız:

    + +
    +
    top
    +

    <IfFile> Yönergesi

    + + + + + + + + +
    Açıklama:Encloses directives that will be processed only +if file exists at startup
    Sözdizimi:<IfFile [!]parameter-name> ... + </IfFile>
    BaÄŸlam:sunucu geneli, sanal konak, dizin, .htaccess
    Geçersizleştirme:All
    Durum:Çekirdek
    Modül:core
    Uyumluluk:Available in 2.4.34 and later.

    Bu yönergenin belgesi henüz Türkçeye çevrilmedi. + Lütfen İngilizce sürümüne bakınız.

    +
    top

    <IfModule> Yönergesi

    Açıklama:Belli bir modülün varlığına veya yokluğuna göre işleme sokulacak @@ -2338,6 +2375,24 @@
    top
    +

    <IfSection> Yönergesi

    + + + + + + + + +
    Açıklama:Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    Sözdizimi:<IfSection [!]section-name> ... + </IfSection>
    BaÄŸlam:sunucu geneli, sanal konak, dizin, .htaccess
    Geçersizleştirme:All
    Durum:Çekirdek
    Modül:core
    Uyumluluk:Available in 2.4.34 and later.

    Bu yönergenin belgesi henüz Türkçeye çevrilmedi. + Lütfen İngilizce sürümüne bakınız.

    Ayrıca bakınız:

    + +
    +
    top

    Include Yönergesi

    -
    Açıklama:Sunucu yapılandırma dosyalarının başka dosyaları içermesini sağlar. @@ -3869,6 +3924,55 @@
    top
    +

    RegexDefaultOptions Yönergesi

    + + + + + + + + +
    Açıklama:Regex düzenli ifadeleri için öntanımlı/küresel seçenekleri yapılandırır
    Sözdizimi:RegexDefaultOptions [none] [+|-]seçenek [[+|-]seçenek] ...
    Öntanımlı:RegexDefaultOptions DOLLAR_ENDONLY
    BaÄŸlam:sunucu geneli
    Durum:Çekirdek
    Modül:core
    Uyumluluk:Sadece Apache 2.4.30 ve sonrasında kullanılabilmektedir.
    +

    Bu yönerge kendisinden sonra kullanılan bütün düzenli ifsdelerin + davranışını etkiler.

    + +

    '+' ile öncelenmiş bütün seçenekler önceden atanmış seçeneklere + eklenir.
    + '-' ile öncelenmiş bütün seçenekler önceden atanmış seçeneklerden + çıkarılır.
    + '+' veya '-' ile öncelenmemiş her seçenek önceden atanmış seçenekleri + silerek onların yerini alır.
    + none ile önceden atanmış tüm seçenekler sıfırlanır.

    + +

    seçenek şunlardan biri olabilir:

    +
    +
    ICASE
    +
    Harf büyüklüğüne duyarlı eşleşmeler kullanılır.
    + +
    DOTALL
    +
    Perl'ün /s seçeneği.
    + +
    DOLLAR_ENDONLY
    +
    '$' dizgenin sonu ile eÅŸleÅŸir.
    +
    .
    +
    + 
    # 
+RegexDefaultOptions +ICASE +DOLLAR_ENDONLY
+...
+# ICASE seçeneği silinir, diğer seçenekler tutulur:
+RegexDefaultOptions -ICASE
+...
+# Atanmuş seçenekler silinir, DOTALL öntanımlı seçenek yapılır:
+RegexDefaultOptions DOTALL
+...
+# Tüm seçenekler silinir, öntanımlı seçenek kalmaz.
+RegexDefaultOptions none
+...
    + + +
    +
    top

    RegisterHttpMethod Yönergesi

    @@ -3876,6 +3980,7 @@ +
    Açıklama:Standart olmayan HTTP yöntemlerini devreye alır
    BaÄŸlam:sunucu geneli
    Durum:Çekirdek
    Modül:core
    Uyumluluk:Apache HTTP Sunucusunun 2.4.24 ve sonraki sürümlerinde kullanılabilmektedir.

    Bu yönerge sunucunun standatta bulunmayan ek HTTP yöntemlerini kullanabilmesini sağlar. Yönergelerde standartta olmayan yöntem isimleri diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.de apache2-2.4.34/docs/manual/mod/directives.html.de --- apache2-2.4.33/docs/manual/mod/directives.html.de 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.de 2018-06-21 13:37:53.000000000 +0000 @@ -320,7 +320,10 @@

  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -516,6 +519,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.en apache2-2.4.34/docs/manual/mod/directives.html.en --- apache2-2.4.33/docs/manual/mod/directives.html.en 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.en 2018-05-31 15:13:38.000000000 +0000 @@ -321,7 +321,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -517,6 +520,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.es apache2-2.4.34/docs/manual/mod/directives.html.es --- apache2-2.4.33/docs/manual/mod/directives.html.es 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.es 2018-06-21 13:37:53.000000000 +0000 @@ -323,7 +323,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -519,6 +522,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.fr apache2-2.4.34/docs/manual/mod/directives.html.fr --- apache2-2.4.33/docs/manual/mod/directives.html.fr 2018-02-16 16:00:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.fr 2018-06-09 14:35:25.000000000 +0000 @@ -321,7 +321,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -517,6 +520,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.ja.utf8 apache2-2.4.34/docs/manual/mod/directives.html.ja.utf8 --- apache2-2.4.33/docs/manual/mod/directives.html.ja.utf8 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.ja.utf8 2018-06-21 13:37:53.000000000 +0000 @@ -318,7 +318,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -514,6 +517,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.ko.euc-kr apache2-2.4.34/docs/manual/mod/directives.html.ko.euc-kr --- apache2-2.4.33/docs/manual/mod/directives.html.ko.euc-kr 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.ko.euc-kr 2018-06-21 13:37:53.000000000 +0000 @@ -318,7 +318,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -514,6 +517,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.tr.utf8 apache2-2.4.34/docs/manual/mod/directives.html.tr.utf8 --- apache2-2.4.33/docs/manual/mod/directives.html.tr.utf8 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.tr.utf8 2018-06-21 13:37:53.000000000 +0000 @@ -317,7 +317,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -513,6 +516,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/directives.html.zh-cn.utf8 apache2-2.4.34/docs/manual/mod/directives.html.zh-cn.utf8 --- apache2-2.4.33/docs/manual/mod/directives.html.zh-cn.utf8 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/directives.html.zh-cn.utf8 2018-06-21 13:37:53.000000000 +0000 @@ -316,7 +316,10 @@
  • IdentityCheckTimeout
  • <If>
  • <IfDefine>
    • +
  • <IfDirective>
    • +
  • <IfFile>
  • <IfModule>
    • +
  • <IfSection>
  • <IfVersion>
  • ImapBase
  • ImapDefault
    • @@ -512,6 +515,7 @@
  • RedirectPermanent
  • RedirectTemp
  • ReflectorHeader
    • +
  • RegexDefaultOptions
  • RegisterHttpMethod
  • RemoteIPHeader
  • RemoteIPInternalProxy
    • diff -Nru apache2-2.4.33/docs/manual/mod/mod_authnz_ldap.html.fr apache2-2.4.34/docs/manual/mod/mod_authnz_ldap.html.fr --- apache2-2.4.33/docs/manual/mod/mod_authnz_ldap.html.fr 2018-02-16 16:00:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_authnz_ldap.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -34,7 +34,7 @@
    Statut:Extension
    Identificateur de Module:authnz_ldap_module
    Fichier Source:mod_authnz_ldap.c
    Compatibilité:Dosponible depuis les versions 2.1 et supérieures +
    Compatibilité:Disponible depuis les versions 2.1 et supérieures d'Apache

    Sommaire

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_authz_core.html.en apache2-2.4.34/docs/manual/mod/mod_authz_core.html.en --- apache2-2.4.33/docs/manual/mod/mod_authz_core.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_authz_core.html.en 2018-07-06 08:44:47.000000000 +0000 @@ -48,9 +48,9 @@
    top
    -

    Creating Authorization Provider Aliases

    - -

    Extended authorization providers can be created within the configuration - file and assigned an alias name. The alias providers can then be referenced - through the Require directive - in the same way as a base authorization provider. Besides the ability to - create and alias an extended provider, it also allows the same extended - authorization provider to be referenced by multiple locations. -

    - -

    Example

    -

    The example below creates two different ldap authorization provider - aliases based on the ldap-group authorization provider. This example - allows a single authorization location to check group membership within - multiple ldap hosts: -

    - - 
    <AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
-    AuthLDAPBindDN cn=youruser,o=ctx
-    AuthLDAPBindPassword yourpassword
-    AuthLDAPURL ldap://ldap.host/o=ctx
-</AuthzProviderAlias>
-
-<AuthzProviderAlias ldap-group ldap-group-alias2 cn=my-other-group,o=dev>
-    AuthLDAPBindDN cn=yourotheruser,o=dev
-    AuthLDAPBindPassword yourotherpassword
-    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
-</AuthzProviderAlias>
-
-Alias "/secure" "/webpages/secure"
-<Directory "/webpages/secure">
-    Require all granted
-    
-    AuthBasicProvider file
-    
-    AuthType Basic
-    AuthName LDAP_Protected_Place
-    
-    #implied OR operation
-    Require ldap-group-alias1
-    Require ldap-group-alias2
-</Directory>
    - - - -
    top
    -

    Authorization Containers

    The authorization container directives @@ -140,7 +93,7 @@ Require user superadmin <RequireAll> Require group admins - Require ldap-group cn=Administrators,o=Airius + Require ldap-group "cn=Administrators,o=Airius" <RequireAny> Require group sales Require ldap-attribute dept="sales" @@ -149,7 +102,7 @@ </RequireAny> <RequireNone> Require group temps - Require ldap-group cn=Temporary Employees,o=Airius + Require ldap-group "cn=Temporary Employees,o=Airius" </RequireNone> </RequireAll> </Directory> @@ -176,7 +129,7 @@ User-Agent (browser type), Referer, or other HTTP request header fields.

    - 
    SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+    
    SetEnvIf User-Agent "^KnockKnock/2\.0" let_me_in
 <Directory "/docroot">
     Require env let_me_in
 </Directory>
    
@@ -186,12 +139,12 @@
     with KnockKnock/2.0 will be allowed access, and all
     others will be denied.
    
 
-    
    When the server looks up a path via an internal 
-    subrequest such as looking 
-    for a DirectoryIndex 
+    
    When the server looks up a path via an internal
+    subrequest such as looking
+    for a DirectoryIndex
     or generating a directory listing with mod_autoindex,
-    per-request environment variables are not inherited in the 
-    subrequest. Additionally, 
+    per-request environment variables are not inherited in the
+    subrequest. Additionally,
     SetEnvIf directives
     are not separately evaluated in the subrequest due to the API phases
     mod_setenvif takes action in.
    
@@ -249,7 +202,7 @@
 
     
    <RequireAll>
     Require expr "!(%{QUERY_STRING} =~ /secret/)"
-    Require expr "%{REQUEST_URI} in { '/example.cgi', '/other.cgi' }" 
+    Require expr "%{REQUEST_URI} in { '/example.cgi', '/other.cgi' }"
 </RequireAll>
    
 
 
@@ -257,7 +210,8 @@
 
 
   
    The syntax is described in the ap_expr
-  documentation.
    
+  documentation. Before httpd 2.4.16, the surrounding double-quotes MUST be
+  omitted.
    
 
   
    Normally, the expression is evaluated before authentication. However, if
   the expression returns false and references the variable
@@ -267,6 +221,53 @@
   
 
 
+
    top
    +
    +

    Creating Authorization Provider Aliases

    + +

    Extended authorization providers can be created within the configuration + file and assigned an alias name. The alias providers can then be referenced + through the Require directive + in the same way as a base authorization provider. Besides the ability to + create and alias an extended provider, it also allows the same extended + authorization provider to be referenced by multiple locations. +

    + +

    Example

    +

    The example below creates two different ldap authorization provider + aliases based on the ldap-group authorization provider. This example + allows a single authorization location to check group membership within + multiple ldap hosts: +

    + + 
    <AuthzProviderAlias ldap-group ldap-group-alias1 "cn=my-group,o=ctx">
+    AuthLDAPBindDN "cn=youruser,o=ctx"
+    AuthLDAPBindPassword yourpassword
+    AuthLDAPUrl "ldap://ldap.host/o=ctx"
+</AuthzProviderAlias>
+
+<AuthzProviderAlias ldap-group ldap-group-alias2 "cn=my-other-group,o=dev">
+    AuthLDAPBindDN "cn=yourotheruser,o=dev"
+    AuthLDAPBindPassword yourotherpassword
+    AuthLDAPUrl "ldap://other.ldap.host/o=dev?cn"
+</AuthzProviderAlias>
+
+Alias "/secure" "/webpages/secure"
+<Directory "/webpages/secure">
+    Require all granted
+
+    AuthBasicProvider file
+
+    AuthType Basic
+    AuthName LDAP_Protected_Place
+
+    #implied OR operation
+    Require ldap-group-alias1
+    Require ldap-group-alias2
+</Directory>
    + + +
    top

    AuthMerging Directive

    @@ -353,6 +354,22 @@ authorization directives that can be referenced by the alias name using the directive Require.

    +

    If several parameters are needed in Require-Parameters, + they must be enclosed in quotation marks. Otherwise, only the first one + is taken into account.

    + + 
    # In this example, for both addresses to be taken into account, they MUST be enclosed
+# between quotation marks
+<AuthzProviderAlias ip blacklisted-ips "XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY">
+</AuthzProviderAlias>
+
+<Directory "/path/to/dir">
+    <RequireAll>
+        Require not blacklisted-ips
+        Require all granted
+    </RequireAll>
+</Directory>
    +
    top
    @@ -505,18 +522,18 @@

    Security Warning

    Exercise caution when setting authorization directives in Location sections - that overlap with content served out of the filesystem. + that overlap with content served out of the filesystem. By default, these configuration sections overwrite authorization configuration - in Directory, + in Directory, and Files sections.

    -

    The AuthMerging directive - can be used to control how authorization configuration sections are +

    The AuthMerging directive + can be used to control how authorization configuration sections are merged.

    See also

      -
    • Access control howto
      • +
    • Access Control howto
    • Authorization Containers
    • mod_authn_core
    • mod_authz_host
      • diff -Nru apache2-2.4.33/docs/manual/mod/mod_authz_core.html.fr apache2-2.4.34/docs/manual/mod/mod_authz_core.html.fr --- apache2-2.4.33/docs/manual/mod/mod_authz_core.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_authz_core.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -29,6 +29,8 @@

      Langues Disponibles:  en  |  fr 

      +
      Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
      @@ -49,10 +51,10 @@
      top
      -

      Création des alias du fournisseur -d'autorisation

      - -

      Il est possible de créer des fournisseurs d'autorisation étendus - dans le fichier de configuration et de leur assigner un nom d'alias. - On peut ensuite utiliser ces fournisseurs aliasés dans une - directive Require de - la même manière qu'on le ferait pour des fournisseurs d'autorisation - de base. En plus de la possibilité de créer et d'aliaser un - fournisseur étendu, le même fournisseur d'autorisation étendu peut - être référencé par plusieurs localisations. -

      - -

      Exemple

      -

      Dans l'exemple suivant, on crée deux alias de fournisseur - d'autorisation ldap différents basés sur le fournisseur - d'autorisation ldap-group. Il est ainsi possible pour un seul - répertoire de vérifier l'appartenance à un groupe dans plusieurs - serveurs ldap : -

      - - 
      <AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
-    AuthLDAPBindDN cn=youruser,o=ctx
-    AuthLDAPBindPassword yourpassword
-    AuthLDAPURL ldap://ldap.host/o=ctx
-</AuthzProviderAlias>
-
-<AuthzProviderAlias ldap-group ldap-group-alias2 cn=my-other-group,o=dev>
-    AuthLDAPBindDN cn=yourotheruser,o=dev
-    AuthLDAPBindPassword yourotherpassword
-    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
-</AuthzProviderAlias>
-
-Alias "/secure" "/webpages/secure"
-<Directory "/webpages/secure">
-    Require all granted
-    
-    AuthBasicProvider file
-    
-    AuthType Basic
-    AuthName LDAP_Protected_Place
-    
-    #implied OR operation
-    Require ldap-group-alias1
-    Require ldap-group-alias2
-</Directory>
      - - - -
      top
      -

      Conteneurs d'autorisation

      Les directives de conteneur d'autorisation <RequireAll>, @@ -142,7 +93,7 @@ Require user superadmin <RequireAll> Require group admins - Require ldap-group cn=Administrators,o=Airius + Require ldap-group "cn=Administrators,o=Airius" <RequireAny> Require group sales Require ldap-attribute dept="sales" @@ -151,7 +102,7 @@ </RequireAny> <RequireNone> Require group temps - Require ldap-group cn=Temporary Employees,o=Airius + Require ldap-group "cn=Temporary Employees,o=Airius" </RequireNone> </RequireAll> </Directory> @@ -179,7 +130,7 @@ User-Agent (type de navigateur), Referer, entre autres.

      - 
      SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+    
      SetEnvIf User-Agent "^KnockKnock/2\.0" let_me_in
 <Directory "/docroot">
     Require env let_me_in
 </Directory>
      
@@ -258,7 +209,8 @@
     
      Require expr "!(%{QUERY_STRING} =~ /secret/) && %{REQUEST_URI} in { '/example.cgi', '/other.cgi' }"
      
 
 
-    
      La syntaxe de l'expression est décrite dans la documentation de ap_expr.
      
+    
      La syntaxe de l'expression est décrite dans la documentation de ap_expr. Avant la version 2.4.16, les doubles-quotes
+    étaient prohibées
      
 
     
      Normalement, l'expression est évaluée avant l'authentification.
     Cependant, si l'expression renvoie false et se réfère à la variable
@@ -267,6 +219,57 @@
 
   
 
+
      top
      +
      +

      Création des alias du fournisseur +d'autorisation

      + +

      Il est possible de créer des fournisseurs d'autorisation étendus + dans le fichier de configuration et de leur assigner un nom d'alias. + On peut ensuite utiliser ces fournisseurs aliasés dans une + directive Require de + la même manière qu'on le ferait pour des fournisseurs d'autorisation + de base. En plus de la possibilité de créer et d'aliaser un + fournisseur étendu, le même fournisseur d'autorisation étendu peut + être référencé par plusieurs localisations. +

      + +

      Exemple

      +

      Dans l'exemple suivant, on crée deux alias de fournisseur + d'autorisation ldap différents basés sur le fournisseur + d'autorisation ldap-group. Il est ainsi possible pour un seul + répertoire de vérifier l'appartenance à un groupe dans plusieurs + serveurs ldap : +

      + + 
      <AuthzProviderAlias ldap-group ldap-group-alias1 "cn=my-group,o=ctx">
+    AuthLDAPBindDN "cn=youruser,o=ctx"
+    AuthLDAPBindPassword yourpassword
+    AuthLDAPURL "ldap://ldap.host/o=ctx"
+</AuthzProviderAlias>
+
+<AuthzProviderAlias ldap-group ldap-group-alias2 "cn=my-other-group,o=dev">
+    AuthLDAPBindDN "cn=yourotheruser,o=dev"
+    AuthLDAPBindPassword yourotherpassword
+    AuthLDAPURL "ldap://other.ldap.host/o=dev?cn"
+</AuthzProviderAlias>
+
+Alias "/secure" "/webpages/secure"
+<Directory "/webpages/secure">
+    Require all granted
+    
+    AuthBasicProvider file
+    
+    AuthType Basic
+    AuthName LDAP_Protected_Place
+    
+    #implied OR operation
+    Require ldap-group-alias1
+    Require ldap-group-alias2
+</Directory>
      + + +
      top

      Directive AuthMerging

      diff -Nru apache2-2.4.33/docs/manual/mod/mod_autoindex.html.fr apache2-2.4.34/docs/manual/mod/mod_autoindex.html.fr --- apache2-2.4.33/docs/manual/mod/mod_autoindex.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_autoindex.html.fr 2018-04-08 16:35:44.000000000 +0000 @@ -332,7 +332,7 @@ fichier aussi complet que possible, et ordonnez votre liste de directives AddDescription en conséquence.

      -

      Voir le mot-clé DescriptionWidth de la directive module="mod_autoindex">IndexOptions pour plus de +

      Voir le mot-clé DescriptionWidth de la directive IndexOptions pour plus de détails sur la manière d'augmenter la taille de cette colonne, ou pour permettre des descriptions de taille illimitée.

      diff -Nru apache2-2.4.33/docs/manual/mod/mod_include.html.en apache2-2.4.34/docs/manual/mod/mod_include.html.en --- apache2-2.4.33/docs/manual/mod/mod_include.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_include.html.en 2018-03-25 12:50:34.000000000 +0000 @@ -572,6 +572,10 @@
      The filename (excluding directories) of the document requested by the user.
      +
      DOCUMENT_PATH_INFO
      +
      The trailing pathname information. See directive AcceptPathInfo for more information + about PATH_INFO.
      +
      DOCUMENT_URI
      The (%-decoded) URL path of the document requested by the user. Note that in the case of nested include files, this is @@ -591,6 +595,9 @@ backslashes). It is not set if a query string is not present. Use DOCUMENT_ARGS if shell escaping is not desired.
      + +
      USER_NAME
      +
      The user name of the owner of the file.
      top
      diff -Nru apache2-2.4.33/docs/manual/mod/mod_include.html.fr apache2-2.4.34/docs/manual/mod/mod_include.html.fr --- apache2-2.4.33/docs/manual/mod/mod_include.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_include.html.fr 2018-04-08 16:35:44.000000000 +0000 @@ -605,6 +605,10 @@
      Le nom de base du fichier demandé par l'utilisateur (sans son chemin).
      +
      DOCUMENT_PATH_INFO
      +
      La partie terminale du chemin du fichier. Voir la directive AcceptPathInfo pour plus d'informations à + propos de PATH_INFO.
      +
      DOCUMENT_URI
      Le chemin URL (caractères % décodés) du document demandé par l'utilisateur. Notez que dans le cas d'inclusions de fichiers @@ -626,6 +630,9 @@ sont précédés d'anti-slashes). Cette variable n'est pas définie si aucune chaîne d'arguments n'est présente. Utilisez DOCUMENT_ARGS si l'échappement des caractères du shell n'est pas souhaité.
      + +
      USER_NAME
      +
      Le nom d'utilisateur du propriétaire du fichier.
      top
      diff -Nru apache2-2.4.33/docs/manual/mod/mod_lbmethod_byrequests.html.en apache2-2.4.34/docs/manual/mod/mod_lbmethod_byrequests.html.en --- apache2-2.4.33/docs/manual/mod/mod_lbmethod_byrequests.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_lbmethod_byrequests.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -38,7 +38,7 @@

      This module does not provide any configuration directives of its own. It requires the services of mod_proxy_balancer, and -provides the byrequests load balancing method..

      +provides the byrequests load balancing method.

      Support Apache!

      Topics

        diff -Nru apache2-2.4.33/docs/manual/mod/mod_lbmethod_bytraffic.html.en apache2-2.4.34/docs/manual/mod/mod_lbmethod_bytraffic.html.en --- apache2-2.4.33/docs/manual/mod/mod_lbmethod_bytraffic.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_lbmethod_bytraffic.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -38,7 +38,7 @@

        This module does not provide any configuration directives of its own. It requires the services of mod_proxy_balancer, and -provides the bytraffic load balancing method..

        +provides the bytraffic load balancing method.

      Support Apache!

      Topics

        diff -Nru apache2-2.4.33/docs/manual/mod/mod_lbmethod_heartbeat.html.en apache2-2.4.34/docs/manual/mod/mod_lbmethod_heartbeat.html.en --- apache2-2.4.33/docs/manual/mod/mod_lbmethod_heartbeat.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_lbmethod_heartbeat.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -36,12 +36,12 @@
      Description:Autorisation basique
      Statut:Base
      Identificateur de Module:authz_core_module
      Compatibility:Available in version 2.3 and later

      Summary

      -

      lbmethod=heartbeat uses the services of mod_heartmonitor to balance between origin servers that are providing +

      lbmethod=heartbeat uses the services of mod_heartmonitor to balance between origin servers that are providing heartbeat info via the mod_heartbeat module.

      This modules load balancing algorithm favors servers with more ready (idle) -capacity over time, but does not select the server with the most ready capacity -every time. Servers that have 0 active clients are penalized, with the +capacity over time, but does not select the server with the most ready capacity +every time. Servers that have 0 active clients are penalized, with the assumption that they are not fully initialized.

      Support Apache!

      Directives

      diff -Nru apache2-2.4.33/docs/manual/mod/mod_lbmethod_heartbeat.html.fr apache2-2.4.34/docs/manual/mod/mod_lbmethod_heartbeat.html.fr --- apache2-2.4.33/docs/manual/mod/mod_lbmethod_heartbeat.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_lbmethod_heartbeat.html.fr 2018-04-21 16:11:03.000000000 +0000 @@ -37,7 +37,7 @@
    Compatibilité:Disponible depuis la version 2.3 d'Apache

    Sommaire

    -

    lbmethod=heartbeat utilise les services du module +

    lbmethod=heartbeat utilise les services du module mod_heartmonitor pour répartir la charge entre les serveurs d'origine qui fournissent des données heartbeat via le module mod_heartbeat.

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_md.html.en apache2-2.4.34/docs/manual/mod/mod_md.html.en --- apache2-2.4.33/docs/manual/mod/mod_md.html.en 2018-03-12 10:18:22.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_md.html.en 2018-06-29 13:42:51.000000000 +0000 @@ -72,7 +72,7 @@ to request a certificate for the domain. If Let's Encrypt can verify the ownership of the domain, the module will retrieve the certificate and its chain, store it in the local file system (see MDStoreDir) - and provide it, on next restart, to mod_ssl. + and provide it, on next restart, to mod_ssl.

    This happens while the server is already running. All other hosts will continue to work as before. While a certificate is not available, requests for the managed @@ -152,7 +152,7 @@

    MDCAChallenges Directive

    - + @@ -171,7 +171,7 @@

    MDCertificateAgreement Directive

    Description:Type of ACME challenge used to prove domain ownership.
    Syntax:MDCAChallenges name [ name ... ]
    Syntax:MDCAChallenges name [ name ... ]
    Default:MDCAChallenges tls-sni-01 http-01
    Context:server config
    Status:Extension
    - + @@ -191,7 +191,7 @@

    MDCertificateAuthority Directive

    Description:The URL of the Terms-of-Service document, that the CA server requires you to accept.
    Syntax:MDCertificateAgreement url-of-terms-of-service
    Syntax:MDCertificateAgreement url-of-terms-of-service
    Context:server config
    Status:Extension
    Module:mod_md
    - + @@ -214,7 +214,7 @@

    MDCertificateProtocol Directive

    Description:The URL of the ACME Certificate Authority service.
    Syntax:MDCertificateAuthority url
    Syntax:MDCertificateAuthority url
    Default:MDCertificateAuthority https://acme-v01.api.letsencrypt.org/directory
    Context:server config
    Status:Extension
    - + @@ -241,7 +241,7 @@ renew it.

    In 'manual' mode, it is your duty to do all this. The module will provide the existing - certificate to mod_ssl, if available. But it will not contact the CA for signup/renewal. + certificate to mod_ssl, if available. But it will not contact the CA for signup/renewal. This can be useful in clustered setups where you want just one node to perform the driving.

    @@ -254,7 +254,7 @@

    MDHttpProxy Directive

    Description:The protocol to use with the Certificate Authority.
    Syntax:MDCertificateProtocol protocol
    Syntax:MDCertificateProtocol protocol
    Default:MDCertificateProtocol ACME
    Context:server config
    Status:Extension
    - + @@ -268,14 +268,14 @@

    MDMember Directive

    Description:Define a proxy for outgoing connections.
    Syntax:MDHttpProxy url
    Syntax:MDHttpProxy url
    Context:server config
    Status:Extension
    Module:mod_md
    - +
    Description:Additional hostname for the managed domain.
    Syntax:MDMember hostname
    Syntax:MDMember hostname
    Context:server config
    Status:Extension
    Module:mod_md

    Instead of listing all dns names on the same line, you may use - MDMember to add such names + MDMember to add such names to a managed domain.

    Example

    <MDomainSet example.org>
@@ -320,7 +320,7 @@
             
    Defines if newly requested certificate should have the OCSP Must Staple flag 
             set or not. If a certificate has this flag, the server is required to send a 
             OCSP stapling response to every client. This only works if you configure 
-            mod_ssl to generate this (see SSLUseStapling
+            mod_ssl to generate this (see SSLUseStapling
             and friends).
             
    
         
@@ -329,15 +329,15 @@
 
    MDNotifyCmd Directive
    
 
-
+
    
 
    Description:Run a program when Managed Domain are ready.
    Syntax:MDNotifyCmd  path
    Syntax:MDNotifyCmd path [ args ]
    
 
    Context:server config
    
 
    Status:Extension
    
 
    Module:mod_md
    
 
    
             
    The configured executable is run when Managed Domains have signed up or
             renewed their certificates. It is given the names of the processed MDs as
-            arguments. It should return status code 0 to indicate that it has 
-            run successfully.
+            additional arguments (after the parameters specified here). It should 
+            return status code 0 to indicate that it has run successfully.
             
    
         
 
    
@@ -352,7 +352,7 @@

    All the names in the list are managed as one Managed Domain (MD). - mod_md will request one single certificate that is valid for all these names. This + mod_md will request one single certificate that is valid for all these names. This directive uses the global settings (see other MD directives below). If you need specific settings for one MD, use the <MDomainSet>. @@ -417,7 +417,7 @@ In this example, the domain 'www.example.org' is automatically added to the MD 'example.org'. Similarly for 'example2.org' where 'auto' is configured explicitly. Whenever you add more ServerAlias names to this - virtual host, they will be added as well to the Manged Domain. + virtual host, they will be added as well to the Managed Domain.

    If you prefer to explicitly declare all the domain names, use 'manual' mode. An error will be logged if the names do not match with the expected ones. @@ -454,14 +454,14 @@

    MDPortMap Directive

    - +
    Description:Map external to internal ports for domain ownership verification.
    Syntax:MDPortMap map1 [ map2 ]
    Syntax:MDPortMap map1 [ map2 ]
    Default:MDPortMap 80:80 443:443
    Context:server config
    Status:Extension
    Module:mod_md

    - The ACME protocol provides two method to verify domain ownership: one that uses + The ACME protocol provides two methods to verify domain ownership: one that uses port 80 and one for port 443. If your server is not reachable by at least one of the two, ACME will not work for you.

    @@ -474,8 +474,8 @@ another one. Your server might only listen on ports 5001 and 5002, but be reached on ports 443 and 80. How should mod_md figure that one out?

    - With MDPortMap you can tell it which 'Internet port' corresponds to which local - port. + With MDPortMap you can tell it which 'Internet port' + corresponds to which local port.

    Example

    MDPortMap 80:- 443:5002
    @@ -489,7 +489,7 @@

    MDPrivateKeys Directive

    - + @@ -520,17 +520,17 @@

    MDRenewWindow Directive

    Description:Set type and size of the private keys generated.
    Syntax:MDPrivateKeys type [ params... ]
    Syntax:MDPrivateKeys type [ params... ]
    Default:MDPrivateKeys RSA 2048
    Context:server config
    Status:Extension
    - +
    Description:Control when a certificate will be renewed.
    Syntax:MDRenewWindow duration
    Syntax:MDRenewWindow duration
    Default:MDRenewWindow 33%
    Context:server config
    Status:Extension
    Module:mod_md

    - If the validity of the certificate falls below duration, mod_md will get a - new signed certificate. + If the validity of the certificate falls below duration, mod_md + will get a new signed certificate.

    - Normally, certificates are valid for around 90 days and mod_md will renew + Normally, certificates are valid for around 90 days and mod_md will renew them the earliest 33% of their complete lifetime before they expire (so for 90 days validity, 30 days before it expires). If you think this is not what you need, you can specify either the exact time, as in: @@ -591,10 +591,11 @@ you cannot simply take it back again. -

    You can achieve the same with mod_alias and some Redirect configuration, +

    You can achieve the same with mod_alias and some + Redirect configuration, basically. If you do it yourself, please make sure to exclude the paths - /.well-known/* from your redirection, otherwise mod_md might have trouble - signing on new certificates. + /.well-known/* from your redirection, otherwise mod_md + might have trouble signing on new certificates.

    If you set this globally, it applies to all managed domains. If you want it for a specific domain only, use: diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy_balancer.html.en apache2-2.4.34/docs/manual/mod/mod_proxy_balancer.html.en --- apache2-2.4.33/docs/manual/mod/mod_proxy_balancer.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy_balancer.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -90,9 +90,12 @@

    Load balancer scheduler algorithm

    -

    At present, there are 3 load balancer scheduler algorithms available - for use: Request Counting, Weighted Traffic Counting and Pending Request - Counting. These are controlled via the lbmethod value of +

    At present, there are 4 load balancer scheduler algorithms available + for use: Request Counting (mod_lbmethod_byrequests), + Weighted Traffic Counting (mod_lbmethod_bytraffic), + Pending Request Counting (mod_lbmethod_bybusyness) and + Heartbeat Traffic Counting (mod_lbmethod_heartbeat). + These are controlled via the lbmethod value of the Balancer definition. See the ProxyPass directive for more information, especially regarding how to configure the Balancer and BalancerMembers.

    @@ -126,7 +129,7 @@ BalancerMember "http://192.168.1.50:80" BalancerMember "http://192.168.1.51:80" </Proxy> -ProxyPass "/test" "balancer://mycluster" +ProxyPass "/test" "balancer://mycluster" ProxyPassReverse "/test" "balancer://mycluster" @@ -141,7 +144,7 @@ BalancerMember "http://192.168.1.51:80" route=2 ProxySet stickysession=ROUTEID </Proxy> -ProxyPass "/test" "balancer://mycluster" +ProxyPass "/test" "balancer://mycluster" ProxyPassReverse "/test" "balancer://mycluster"
    top
    diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy_balancer.html.fr apache2-2.4.34/docs/manual/mod/mod_proxy_balancer.html.fr --- apache2-2.4.33/docs/manual/mod/mod_proxy_balancer.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy_balancer.html.fr 2018-04-21 16:11:03.000000000 +0000 @@ -98,12 +98,14 @@

    L'algorithme de planification de la répartition de charge

    -

    A l'heure actuelle, 3 algorithmes de planification de la - répartition de charge sont disponibles : ils se basent - respectivement sur le comptage des requêtes, la mesure du trafic et - le comptage des requêtes en attente. Ils sont contrôlés par la - valeur de lbmethod dans la définition du répartiteur. - Voir la directive ProxyPass pour plus de détails, et en +

    A l'heure actuelle, 4 algorithmes de planification de la répartition de + charge sont disponibles : ils se basent respectivement sur le comptage des + requêtes (mod_lbmethod_byrequests), la mesure de + l'intensité du trafic (mod_lbmethod_bytraffic), le comptage + des requêtes en attente (mod_lbmethod_bybusyness) et la + mesure de l'activité du serveur (mod_lbmethod_heartbeat). + Ils sont contrôlés par la valeur de lbmethod dans la définition + du répartiteur. Voir la directive ProxyPass pour plus de détails, et en particulier la configuration du répartiteur et de ses membres.

    top
    @@ -143,7 +145,7 @@ BalancerMember "http://192.168.1.50:80" BalancerMember "http://192.168.1.51:80" </Proxy> -ProxyPass "/test" "balancer://mycluster" +ProxyPass "/test" "balancer://mycluster" ProxyPassReverse "/test" "balancer://mycluster" @@ -160,7 +162,7 @@ BalancerMember "http://192.168.1.51:80" route=2 ProxySet stickysession=ROUTEID </Proxy> -ProxyPass "/test" "balancer://mycluster" +ProxyPass "/test" "balancer://mycluster" ProxyPassReverse "/test" "balancer://mycluster" diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy_hcheck.html.en apache2-2.4.34/docs/manual/mod/mod_proxy_hcheck.html.en --- apache2-2.4.33/docs/manual/mod/mod_proxy_hcheck.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy_hcheck.html.en 2018-05-26 08:55:19.000000000 +0000 @@ -45,10 +45,11 @@

    Parameters

    The health check mechanism is enabled via the use of additional - BalancerMember parameters, which are configured in the standard - way via ProxyPass:

    + BalancerMember parameters, which are configured + in the standard way via ProxyPass:

    -

    A new BalancerMember status state (flag) is defined via this module: "C". +

    A new BalancerMember status state (flag) + is defined via this module: "C". When the worker is taken offline due to failures as determined by the health check module, this flag is set, and can be seen (and modified) via the balancer-manager.

    @@ -86,10 +87,12 @@
    		Additional URI to be appended to the worker URL for the health check.
    hctemplate  Name of template, created via ProxyHCTemplate to use for setting health check parameters for this worker
    Name of template, created via ProxyHCTemplate, + to use for setting health check parameters for this worker
    hcexpr  Name of expression, created via ProxyHCExpr, used to check response headers for health.
    +     		Name of expression, created via ProxyHCExpr, + used to check response headers for health.
    If not used, 2xx thru 3xx status codes imply success
    @@ -123,7 +126,7 @@ <Proxy balancer://foo> BalancerMember http://www.example.com/ hcmethod=GET hcexpr=in_maint hcuri=/status.php - BalancerMember http://www2.example.com/ hcmethod=HEAD hcexpr=ok234 hcinterval=10 + BalancerMember http://www2.example.com/ hcmethod=HEAD hcexpr=ok234 hcinterval=10 BalancerMember http://www3.example.com/ hcmethod=TCP hcinterval=5 hcpasses=2 hcfails=3 BalancerMember http://www4.example.com/ </Proxy> @@ -149,8 +152,8 @@
    top

    ProxyHCExpr Directive

    - - + + @@ -159,10 +162,14 @@ for creating a named condition expression that checks the response headers of the backend server to determine its health. This named condition can then be assigned to balancer members via the hcexpr - parameter

    + parameter.

    ProxyHCExpr: Allow for 2xx/3xx/4xx as passing

    ProxyHCExpr ok234 {%{REQUEST_STATUS} =~ /^[234]/}
-ProxyPass "/apps"     "http://backend.example.com/" hcexpr=ok234
    +ProxyPass "/apps" "balancer://foo" + +<Proxy balancer://foo> + BalancerMember http://www2.example.com/ hcmethod=HEAD hcexpr=ok234 hcinterval=10 +</Proxy>
    @@ -179,7 +186,11 @@ we want to disable the backend.

    ProxyHCExpr: Checking response body

    ProxyHCExpr in_maint {hc('body') !~ /Under maintenance/}
-ProxyPass "/apps"     "http://backend.example.com/" hcexpr=in_maint hcmethod=get hcuri=/status.php
    +ProxyPass "/apps" "balancer://foo" + +<Proxy balancer://foo> + BalancerMember http://www.example.com/ hcexpr=in_maint hcmethod=get hcuri=/status.php +</Proxy>

    NOTE: Since response body can quite large, it is best if used against specific status pages.

    @@ -189,7 +200,7 @@

    ProxyHCTemplate Directive

    Description:Creates a named condition expression to use to determine health of the backend based on its response.
    Syntax:ProxyHCExpr name {ap_expr expression}
    Description:Creates a named condition expression to use to determine health of the backend based on its response
    Syntax:ProxyHCExpr name {ap_expr expression}
    Context:server config, virtual host
    Status:Extension
    Module:mod_proxy_hcheck
    - + @@ -197,10 +208,14 @@

    The ProxyHCTemplate directive allows for creating a named set (template) of health check parameters that can then be assigned to balancer members via the hctemplate - parameter

    + parameter.

    ProxyHCTemplate

    ProxyHCTemplate tcp5 hcmethod=tcp hcinterval=5
-ProxyPass "/apps"     "http://backend.example.com/" hctemplate=tcp5
    +ProxyPass "/apps" "balancer://foo" + +<Proxy balancer://foo> + BalancerMember http://www2.example.com/ hctemplate=tcp5 +</Proxy>
    @@ -208,8 +223,8 @@
    top

    ProxyHCTPsize Directive

    Description:Creates a named template for setting various health check parameters
    Syntax:ProxyHCTemplate name parameter=setting <...>
    Syntax:ProxyHCTemplate name parameter=setting [...]
    Context:server config, virtual host
    Status:Extension
    Module:mod_proxy_hcheck
    - - + + diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy.html.en apache2-2.4.34/docs/manual/mod/mod_proxy.html.en --- apache2-2.4.33/docs/manual/mod/mod_proxy.html.en 2018-03-03 13:08:07.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy.html.en 2018-06-27 17:55:34.000000000 +0000 @@ -1067,6 +1067,18 @@ backend.example.comexcept requests made to /mirror/foo/i.

    +

    Mixing ProxyPass settings in different contexts does not work:

    + 
    ProxyPass "/mirror/foo/i" "!"
+<Location "/mirror/foo/">
+    ProxyPass "http://backend.example.com/"
+</Location>
    + +

    In this case, a request to /mirror/foo/i will get proxied, + because the ProxyPass directive in the Location block will be evaluated + first. The fact that ProxyPass supports both server and directory contexts + does not mean that their scope and position in the configuration file will + guarantee any ordering or override.

    +

    Ordering ProxyPass Directives

    The configured ProxyPass and ProxyPassMatch @@ -1075,12 +1087,15 @@ ProxyPass rules starting with the longest URLs first. Otherwise, later rules for longer URLS will be hidden by any earlier rule which uses a leading substring of the URL. Note that - there is some relation with worker sharing. In contrast, only one - ProxyPass directive can be placed - in a Location block, and the most - specific location will take precedence.

    - -

    For the same reasons, exclusions must come before the + there is some relation with worker sharing.

    +
    +

    Ordering ProxyPass Directives in Locations

    +

    Only one ProxyPass directive + can be placed in a Location block, + and the most specific location will take precedence.

    +
    +

    Exclusions and the no-proxy environment variable

    +

    Exclusions must come before the general ProxyPass directives. In 2.4.26 and later, the "no-proxy" environment variable is an alternative to exclusions, and is the only way to configure an exclusion of a ProxyPass @@ -1203,6 +1218,14 @@ to override the ProxyIOBufferSize for a specific worker. This must be at least 512 or set to 0 for the system default of 8192. +

    + + - + + + viable workers or spares are available in the balancer set. @@ -1433,8 +1460,23 @@ </Proxy> +

    Configuring hot spares can help ensure that a certain number of + workers are always available for use per load balancer set:

    + 
    ProxyPass "/" "balancer://sparecluster/"
+<Proxy balancer://sparecluster>
+    BalancerMember ajp://1.2.3.4:8009
+    BalancerMember ajp://1.2.3.5:8009
+    # The servers below are hot spares. For each server above that is unusable
+    # (draining, stopped, unreachable, in error state, etc.), one of these spares
+    # will be used in its place. Two servers will always be available for a request
+    # unless one or more of the spares is also unusable.
+    BalancerMember ajp://1.2.3.6:8009 status=+R
+    BalancerMember ajp://1.2.3.7:8009 status=+R
+</Proxy>
    + +

    Setting up a hot-standby that will only be used if no other - members are available:

    + members (or spares) are available in the load balancer set:

    ProxyPass "/" "balancer://hotcluster/"
 <Proxy "balancer://hotcluster">
     BalancerMember "ajp://1.2.3.4:8009" loadfactor=1
@@ -1461,15 +1503,18 @@
     httpd 2.4.1 and later) prevents this.
    
 
     
    The optional interpolate keyword, in combination with
-    ProxyPassInterpolateEnv, causes the ProxyPass
+    ProxyPassInterpolateEnv, causes the ProxyPass
     to interpolate environment variables, using the syntax
     ${VARNAME}.  Note that many of the standard CGI-derived
     environment variables will not exist when this interpolation happens,
     so you may still have to resort to mod_rewrite
-    for complex rules.  Also note that interpolation is not supported
-    within the scheme portion of a URL.  Dynamic determination of the
-    scheme can be accomplished with mod_rewrite as in the
-    following example.
    
+    for complex rules. Also note that interpolation is supported
+    within the scheme/hostname/port portion of a URL only for variables that
+    are available when the directive is parsed 
+    (like Define). Dynamic determination of
+    those fields can be accomplished with mod_rewrite.
+    The following example describes how to use mod_rewrite
+    to dynamically set the scheme to http or https:
    
 
     
    RewriteEngine On
 
@@ -1530,7 +1575,17 @@
     and causes them to substitute the value of an environment
     variable varname for the string ${varname}
     in configuration directives if the interpolate option is set.
    
-    
    Keep this turned off (for server performance) unless you need it!
    
+    
    The scheme/hostname/port portion of ProxyPass may
+    contain variables, but only the ones available when the directive is parsed
+    (for example, using Define).
+    For all the other use cases, please consider using
+    mod_rewrite instead.
    
+    
    Performance warning
    
+    
    Keep this turned off unless you need it!
+    Adding variables to ProxyPass for example may lead to
+    the use of the default mod_proxy's workers configured (that don't allow any fine
+    tuning like connections reuse, etc..).
    
+    
    
 
 
 
    top
    
@@ -1858,7 +1913,7 @@
    Description:Sets the total server-wide size of the threadpool used for the health check workers.
    Syntax:ProxyHCTPsize <size>
    Description:Sets the total server-wide size of the threadpool used for the health check workers
    Syntax:ProxyHCTPsize size
    Context:server config
    Status:Extension
    Module:mod_proxy_hcheck
    responsefieldsize8192Adjust the size of the proxy response field buffer. The buffer size + should be at least the size of the largest expected header size from + a proxied response. Setting the value to 0 will use the system + default of 8192 bytes.
    + Available in Apache HTTP Server 2.4.34 and later. +
    keepalive Off

    This parameter should be used when you have a firewall between your @@ -1270,7 +1293,7 @@

    		Route of the worker when used inside load balancer. The route is a value appended to session id.
    status
    status - Single letter value defining the initial status of this worker. @@ -1278,8 +1301,12 @@
    D: Worker is disabled and will not accept any requests.
    S: Worker is administratively stopped.
    I: Worker is in ignore-errors mode and will always be considered available.
    R: Worker is a hot spare. For each worker in a given lbset that is unusable + (draining, stopped, in error, etc.), a usable hot spare with the same lbset will be used in + its place. Hot spares can help ensure that a specific number of workers are always available + for use by a balancer.
    H: Worker is in hot-standby mode and will only be used if no other - viable workers are available.
    E: Worker is in an error state.
    N: Worker is in drain mode and will only accept existing sticky sessions destined for itself and ignore all other requests.
    - + + + + - + + + utilisé que si aucun autre serveur ou remplaçant à chaud n'est + disponible dans le jeu de serveurs cibles. - + + @@ -89,7 +90,7 @@ for earlier 2.x versions
    Description:Set various Proxy balancer or member parameters
    Syntax:ProxySet url key=value [key=value ...]
    Context:directory
    Context:server config, virtual host, directory
    Status:Extension
    Module:mod_proxy
    Compatibility:ProxySet is only available in Apache HTTP Server 2.2 diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy.html.fr apache2-2.4.34/docs/manual/mod/mod_proxy.html.fr --- apache2-2.4.33/docs/manual/mod/mod_proxy.html.fr 2018-03-10 16:12:37.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -1149,7 +1149,7 @@

    va convertir en interne toute requête pour - http://example.com/miroir/foo/bar en une requête + http://example.com/mirror/foo/bar en une requête mandatée pour http://backend.example.com/bar.

    Si vous avez besoin d'un configuration de mandataire inverse plus @@ -1161,7 +1161,7 @@ présente en très grand nombre. Elle possède l'avantage de permettre un contrôle dynamique via l'interface Balancer Manager :

    - 
    ProxyPass "/miroir/foo/" "http://backend.example.com/"
    + 
    ProxyPass "/mirror/foo/" "http://backend.example.com/"
    @@ -1188,9 +1188,24 @@ ProxyPass "/mirror/foo" "http://backend.example.com" -

    va mandater toutes les requêtes pour /miroir/foo +

    va mandater toutes les requêtes pour /mirror/foo vers backend.example.com, sauf les requêtes - pour /miroir/foo/i.

    + pour /mirror/foo/i.

    + +

    Mélanger plusieurs configurations ProxyPass dans différents contextes ne + fonctionne pas :

    + 
    ProxyPass "/mirror/foo/i" "!"
+<Location "/mirror/foo/">
+    ProxyPass "http://backend.example.com/"
+</Location>
    + +

    Dans ce cas, une requête pour /mirror/foo/i sera tout de + même mandatée car c'est la directive ProxyPass de la + section Location qui sera évaluée en premier. Le fait que la directive + ProxyPass supporte les deux contextes serveur + principal et répertoire ne signifie pas que sa portée et sa position dans le + fichier de configuration va garantir une quelconque priorité et/ou + chronologie de prise en compte.

    Ordre de classement des directives ProxyPass

    Les directives ProxyPass et ProxyPassMatch sont évaluées dans @@ -1200,12 +1215,18 @@ l'URL la plus longue à la plus courte. Dans le cas contraire, les règles situées après une règle dont l'URL correspond au début de leur propre URL seront ignorées. Notez que tout ceci est en - relation avec le partage de workers. Par contre, on ne peut placer + relation avec le partage de workers.

    + +
    +

    Chronologie de prise en compte des directives + ProxyPass au sein des sections Locations

    +

    On ne peut placer qu'une seule directive ProxyPass dans une section Location, et c'est la section la plus spécifique qui l'emportera.

    - -

    Pour les mêmes raisons, les exclusions doivent se situer avant +

    +

    Exclusions et variable d'environnement no-proxy

    +

    Les exclusions doivent se situer avant les directives ProxyPass générales. A partir de la version 2.4.26 du serveur HTTP Apache, la variable d'environnement "no-proxy" est une alternative aux exclusions et constitue @@ -1213,7 +1234,7 @@ ProxyPass dans le contexte d'une section Location. Cette variable doit être définie via la directive SetEnvIf car la directive SetEnv n'est pas évaluée - assez tôt.

    + assez tôt.

    @@ -1347,6 +1368,14 @@ serveur cible spécifique. La valeur doit être au minimum 512 ou définie à 0 pour la valeur par défaut du système de 8192.
    responsefieldsize8192Contrôle la taille du tampon pour le champ de la réponse mandatée. + Cette taille doit être au moins égale à la taille attendue du plus grand + en-tête d'une réponse mandatée. Une valeur de 0 implique l'utilisation + de la valeur par défaut du système, à savoir 8192 octets.
    + Disponible à partir de la version 2.4.34 du serveur HTTP Apache. +
    keepalive Off

    Cette clé doit être utilisée lorsque vous avez un pare-feu @@ -1427,7 +1456,7 @@ répartiteur de charge. La route est une valeur ajoutée à l'identifiant de session.

    status
    status - Valeur constituée d'une simple lettre et définissant l'état initial de ce serveur cible. @@ -1436,8 +1465,15 @@
    S: le serveur cible est arrêté.
    I: le serveur cible est en mode "erreurs ignorées", et sera toujours considéré comme disponible.
    R: Le serveur cible sert de remplaçant à + chaud. Lorsqu'un serveur cible avec un lbset donné est inutilisable + (maintenance, arrêt, en erreur, etc...), un serveur de remplacement à + chaud libre de même lbset sera utilisé à sa place. Les remplaçants à + chaud permettent de s'assurer qu'un nombre déterminé de serveurs cibles + sera toujours disponible pour un répartiteur de charge.
    H: le serveur cible est en mode d'attente et ne sera - utilisé que si aucun autre serveur n'est disponible.
    E: le serveur cible est en erreur.
    N: le serveur cible est en mode vidage, n'acceptera que les sessions persistantes qui lui appartiennent, et refusera @@ -1619,8 +1655,27 @@ </Proxy> +

    La définition de remplaçants à chaud permet de s'assurer qu'un nombre + déterminé de serveurs sera toujours disponible dans le jeu de serveurs + cibles :

    + 
    ProxyPass "/" "balancer://sparecluster/"
+<Proxy balancer://sparecluster>
+    BalancerMember ajp://1.2.3.4:8009
+    BalancerMember ajp://1.2.3.5:8009
+    # Les serveurs ci-dessous sont des remplaçants à chaud. Pour chaque serveur
+    # ci-dessus qui viendrait à être inutilisable (maintenance, arrêt, non
+    # contactable, en erreur, etc...), un de ces remplaçants à chaud prendra sa
+    # place. Deux serveurs seront toujours disponibles pour traiter une requête
+    # (à moins qu'un ou plusieurs remplaçant à chaud soit lui aussi
+    # indisponible).
+    BalancerMember ajp://1.2.3.6:8009 status=+R
+    BalancerMember ajp://1.2.3.7:8009 status=+R
+</Proxy>
    + +

    Configuration d'un serveur cible de réserve qui ne sera utilisé que si - aucun autre serveur cible n'est disponible

    + aucun autre serveur cible ou remplaçant à chaud n'est disponible dans le jeu + de serveurs cibles :

    ProxyPass "/" "balancer://hotcluster/"
 <Proxy "balancer://hotcluster">
     BalancerMember "ajp://1.2.3.4:8009" loadfactor=1
@@ -1666,16 +1721,20 @@
     [P].
    
 
     
    Le mot-clé optionnel interpolate, en combinaison avec la directive
-    ProxyPassInterpolateEnv, permet à ProxyPass
+    ProxyPassInterpolateEnv, permet à ProxyPass
     d'interpoler les variables d'environnement à l'aide de la syntaxe
     ${VARNAME}. Notez que de nombreuses variables
     d'environnement standard dérivées de CGI n'existeront pas lorsque
     l'interpolation se produit ; vous devrez alors encore avoir avoir
     recours à mod_rewrite pour des règles
-    complexes. Notez aussi que l'interpolation n'est pas supportée dans
-    la partie protocole d'une URL. La détermination dynamique du
-    protocole peut être effectuée à l'aide de
-    mod_rewrite comme dans l'exemple suivant :
    
+    complexes. Notez aussi que l'interpolation n'est supportée dans
+    la partie protocole/hostname/port d'une URL que pour les variables qui sont
+    disponibles au moment où la directive est interprétée (comme pour la
+    directive Define). La détermination
+    dynamique de ces champs peut être effectuée à l'aide de
+    mod_rewrite, et l'exemple suivant décrit comment utiliser
+    mod_rewrite pour définir dynamiquement le protocole à http
+    ou https :
    
 
     
    RewriteEngine On
 
@@ -1744,8 +1803,18 @@
     de configuration par la valeur de la variable d'environnement
     nom_var (si l'option interpolate est
     spécifiée).
    
-    
    Conservez cette directive à off (pour les performances du
-    serveur), sauf si vous en avez réellement besoin.
    
+    
    La partie protocole/hostname/port de ProxyPass
+    peut contenir des variables, mais seulement celles qui sont accessibles au
+    moment où la directive est interprétée (similairement à la directive
+    Define). Pour tous les autres cas,
+    utilisez plutôt mod_rewrite.
     
+    
    Avertissement concernant les performances
    
+    
    Laissez cette directive à off, à moins que vous n'en ayez réellemnt
+    besoin ! Par exemple, ajouter des variables à
+    ProxyPass peut entraîner l'utilisation des serveurs
+    d'arrière-plan de mod_proxy configurés par défaut, et ceux-ci ne permettent
+    pas un réglage fin comme la réutilisation des connexions, entre
+    autres...).
     
    
 
 
 
    top
    
@@ -1871,14 +1940,14 @@
 
 
     
    ne va pas seulement provoquer la conversion interne d'une requête
-    locale pour http://example.com/miroir/foo/bar en une
+    locale pour http://example.com/mirror/foo/bar en une
     requête mandatée pour http://backend.example.com/bar
     (la fonctionnalité fournie par ProxyPass). Il va
     aussi s'occuper des redirections que le serveur
     backend.example.com envoie lorsqu'il redirige
     http://backend.example.com/bar vers
     http://backend.example.com/quux. Apache
-    httpd corrige ceci en http://example.com/miroir/foo/quux
+    httpd corrige ceci en http://example.com/mirror/foo/quux
     avant de faire suivre la redirection HTTP au client. Notez que le
     nom d'hôte utilisé pour construire l'URL est choisi en respectant la
     définition de la directive UseCanonicalName.
    
@@ -2120,7 +2189,7 @@
 charge des mandataires et aux membres des groupes de répartition de
 charge
    Syntaxe:ProxySet url clé=valeur [clé=valeur ...]
    Contexte:répertoire
    Contexte:configuration du serveur, serveur virtuel, répertoire
    Statut:Extension
    Module:mod_proxy
    Compatibilité:ProxySet n'est disponible que depuis la version 2.2 diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy_html.html.en apache2-2.4.34/docs/manual/mod/mod_proxy_html.html.en --- apache2-2.4.33/docs/manual/mod/mod_proxy_html.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy_html.html.en 2018-06-21 20:16:21.000000000 +0000 @@ -40,7 +40,7 @@

    This module provides an output filter to rewrite HTML links in a proxy situation, to ensure that links work for users outside the proxy. -It serves the same purpose as Apache's ProxyPassReverse directive does +It serves the same purpose as Apache's ProxyPassReverse directive does for HTTP headers, and is an essential component of a reverse proxy.

    For example, if a company has an application server at @@ -49,7 +49,7 @@ www.example.com, they may wish to provide a gateway to the application server at http://www.example.com/appserver/. When the application server links to itself, those links need to be -rewritten to work through the gateway. mod_proxy_html serves to rewrite +rewritten to work through the gateway. mod_proxy_html serves to rewrite <a href="http://appserver.example.com/foo/bar.html">foobar</a> to <a href="http://www.example.com/appserver/foo/bar.html">foobar</a> making it accessible from outside.

    @@ -82,6 +82,7 @@
    Description:Sets the buffer size increment for buffering inline scripts and stylesheets.
    Syntax:ProxyHTMLBufSize bytes
    Default:ProxyHTMLBufSize 8192
    Context:server config, virtual host, directory
    Status:Base
    Module:mod_proxy_html

    In order to parse non-HTML content (stylesheets and scripts) embedded -in HTML documents, mod_proxy_html +in HTML documents, mod_proxy_html has to read the entire script or stylesheet into a buffer. This buffer will be expanded as necessary to hold the largest script or stylesheet in a page, in increments of bytes as set by this directive.

    @@ -137,7 +138,7 @@ HTML or XHTML syntax is used for output. Note that the format of the documents coming from the backend server is immaterial: the parser will deal with it automatically. If the optional second argument is set to -"Legacy", documents will be declared "Transitional", an option that may +Legacy, documents will be declared "Transitional", an option that may be necessary if you are proxying pre-1998 content or working with defective authoring/publishing tools.

    In the second form, it will insert your own FPI. The optional second @@ -256,7 +257,7 @@

    Status:Base
    Module:mod_proxy_html
    Compatibility:Version 2.4 and later; available as a third-party -for earlier 2.x versions

    This enables per-request interpolation in ProxyHTMLURLMap to- and from- patterns.

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_proxy_html.html.fr apache2-2.4.34/docs/manual/mod/mod_proxy_html.html.fr --- apache2-2.4.33/docs/manual/mod/mod_proxy_html.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_proxy_html.html.fr 2018-06-23 13:44:41.000000000 +0000 @@ -39,12 +39,12 @@ Disponible en tant que module tiers dans les versions 2.x antérieures

    Sommaire

    -

    Ce module fournit un filtre en sortie permettant de réécrire les - liens HTML dans un contexte de mandataire, afin de s'assurer que ces - liens fonctionnent pour les utilisateurs en dehors du mandataire. Il - accomplit la même tâche que la directive ProxyPassReverse d'Apache - accomplit pour les en-têtes HTTP, et fait partie des composants - essentiels d'un mandataire inverse.

    +

    Ce module fournit un filtre en sortie permettant de réécrire les liens + HTML dans un contexte de mandataire, afin de s'assurer que ces liens + fonctionnent pour les utilisateurs en dehors du mandataire. Il accomplit la + même tâche que la directive ProxyPassReverse d'Apache accomplit pour les + en-têtes HTTP, et fait partie des composants essentiels d'un mandataire + inverse.

    Par exemple, si une entreprise possède un serveur d'applications nommé appserver.example.com qui n'est visible que depuis son réseau @@ -53,7 +53,7 @@ à l'adresse http://www.example.com/appserver/. Lorsque le serveur d'applications présente un lien vers lui-même, ce lien doit être réécrit pour fonctionner à travers la passerelle. A cet effet, -mod_proxy_html permet de réécrire <a +mod_proxy_html permet de réécrire <a href="http://appserver.example.com/foo/bar.html">foobar</a> en <a href="http://www.example.com/appserver/foo/bar.html">foobar</a>, @@ -89,6 +89,7 @@ taille initiale, pour la mise en tampon des scripts en ligne et des feuilles de style.

    Syntaxe:ProxyHTMLBufSize nb-octets
    Défaut:ProxyHTMLBufSize 8192
    Contexte:configuration du serveur, serveur virtuel, répertoire
    Statut:Base
    Module:mod_proxy_html

    Pour pouvoir interpréter du contenu non HTML (feuilles de style et -scripts) embarqué dans des documents HTML, mod_proxy_html doit le lire -et le mémoriser en entier dans un +scripts) embarqué dans des documents HTML, mod_proxy_html doit +le lire et le mémoriser en entier dans un tampon. Ce tampon devra être étendu autant que nécessaire afin de pouvoir accueillir le plus grand script ou la plus grande feuille de style de la page, selon un incrément de nb-octets que cette @@ -152,7 +153,7 @@ si la syntaxe utilisée en sortie est HTML ou XHTML. Notez que le format des documents en provenance du serveur d'arrière-plan n'est pas important, car l'interpréteur le détectera automatiquement. Si le -second argument optionnel est défini à "Legacy", les documents seront +second argument optionnel est défini à Legacy, les documents seront déclarés de type "Transitional" ; cette option peut être nécessaire si vous mandatez du contenu datant d'avant 1998, ou si vous travaillez avec des outils de création/publication déficients.

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_ratelimit.html.en apache2-2.4.34/docs/manual/mod/mod_ratelimit.html.en --- apache2-2.4.33/docs/manual/mod/mod_ratelimit.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_ratelimit.html.en 2018-07-06 08:44:47.000000000 +0000 @@ -33,7 +33,10 @@
    Status:Extension
    Module Identifier:ratelimit_module
    Source File:mod_ratelimit.c
    Compatibility:rate-initial-burst available in httpd 2.4.24 and later.
    +
    Compatibility: + rate-initial-burst available in httpd 2.4.24 and later. + Rate limiting proxied content does not work correctly up to httpd 2.4.33. +

    Summary

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_ratelimit.html.fr apache2-2.4.34/docs/manual/mod/mod_ratelimit.html.fr --- apache2-2.4.33/docs/manual/mod/mod_ratelimit.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_ratelimit.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -32,7 +32,12 @@ -
    Description:Limitation de la bande passante pour les clients
    Statut:Extension
    Identificateur de Module:ratelimit_module
    Fichier Source:mod_ratelimit.c
    +
    Fichier Source:mod_ratelimit.c
    Compatibilité: + rate-initial-burst est disponible à partir de la version 2.4.24 + du serveur HTTP Apache. La limitation de bande passante pour les contenus + mandatés ne fonctionne pas correctement jusqu'à la version 2.4.33. +

    Sommaire

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_reqtimeout.html.en apache2-2.4.34/docs/manual/mod/mod_reqtimeout.html.en --- apache2-2.4.33/docs/manual/mod/mod_reqtimeout.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_reqtimeout.html.en 2018-03-30 12:48:02.000000000 +0000 @@ -125,7 +125,7 @@ (usually the case on Linux and FreeBSD), the socket is not sent to the server process before at least one byte (or the whole request for httpready) is received. The header timeout configured with - RequestReadTimeout is only effective after the server process has + RequestReadTimeout is only effective after the server process has received the socket.

    For each of the two timeout types (header or body), there are three ways @@ -142,7 +142,7 @@ body, respectively. A value of 0 means no limit.

    -
  • Disable module for a vhost::
    +
  • Disable module for a vhost:

    header=0 body=0

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_reqtimeout.html.fr apache2-2.4.34/docs/manual/mod/mod_reqtimeout.html.fr --- apache2-2.4.33/docs/manual/mod/mod_reqtimeout.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_reqtimeout.html.fr 2018-04-08 16:35:44.000000000 +0000 @@ -131,7 +131,7 @@ processus du serveur qu'après la réception du premier octet (ou de l'ensemble de la requête si httpready est défini). Le délai configuré pour les en-têtes via la directive - RequestReadTimeout n'entre en ligne de compte qu'une fois + RequestReadTimeout n'entre en ligne de compte qu'une fois la socket reçue par le processus du serveur.

    Il existe deux méthodes pour spécifier le délai (pour l'en-tête @@ -148,7 +148,7 @@ corps de la requête. La valeur 0 signifie aucune limite.

    • -
  • Désactivation du module pour un serveur virtuel ::
    +
  • Désactivation du module pour un serveur virtuel:

    header=0 body=0

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_rewrite.html.en apache2-2.4.34/docs/manual/mod/mod_rewrite.html.en --- apache2-2.4.33/docs/manual/mod/mod_rewrite.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_rewrite.html.en 2018-03-30 12:48:02.000000000 +0000 @@ -302,7 +302,7 @@ UseCanonicalPhysicalPort respectively.

    -

    Those that are special to mod_rewrite include those below.

    +

    Those that are special to mod_rewrite include those below.

    API_VERSION
    @@ -455,9 +455,9 @@ per-server context (httpd.conf file) you must use %{LA-U:REMOTE_USER} - this variable is set by the authorization phases, which come - after the URL translation phase (during which mod_rewrite - operates).

    -

    On the other hand, because mod_rewrite implements + after the URL translation phase (during which + mod_rewrite operates).

    +

    On the other hand, because mod_rewrite implements its per-directory context (.htaccess file) via the Fixup phase of the API and because the authorization phases come before this phase, you just can use @@ -690,7 +690,7 @@

    You can also set special flags for CondPattern by appending [flags] - as the third argument to the RewriteCond + as the third argument to the RewriteCond directive, where flags is a comma-separated list of any of the following flags:

    @@ -789,10 +789,13 @@ +
    Description:Defines a mapping function for key-lookup
    Syntax:RewriteMap MapName MapType:MapSource + [MapTypeOptions]
    Context:server config, virtual host
    Status:Extension
    Module:mod_rewrite
    Compatibility:The 3rd parameter, MapTypeOptions, in only available from Apache +2.4.29 and later

    The RewriteMap directive defines a Rewriting Map which can be used inside rule @@ -829,11 +832,16 @@

    You would then be able to use this map in a - RewriteRule as follows:

    + RewriteRule as follows:

    RewriteRule "^/ex/(.*)" "${examplemap:$1}"
    +

    The meaning of the MapTypeOptions argument depends on + particular MapType. See the + Using RewriteMap for + more information.

    +

    The following combinations for MapType and MapSource can be used:

    @@ -1076,7 +1084,7 @@ this context only match against the portion of the currently mapped filesystem path "below" where the rule is defined.

    -

    Directives such as DocumentRoot and Alias, or even the +

    Directives such as DocumentRoot and Alias, or even the result of previous RewriteRule substitutions, determine the currently mapped filesystem path.

    @@ -1125,7 +1133,7 @@ the mod_rewrite Introduction.

    -

    In mod_rewrite, the NOT character +

    In mod_rewrite, the NOT character ('!') is also available as a possible pattern prefix. This enables you to negate a pattern; to say, for instance: ``if the current URL does NOT match this @@ -1389,7 +1397,7 @@

    Home directory expansion

    When the substitution string begins with a string -resembling "/~user" (via explicit text or backreferences), mod_rewrite performs +resembling "/~user" (via explicit text or backreferences), mod_rewrite performs home directory expansion independent of the presence or configuration of mod_userdir.

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_rewrite.html.fr apache2-2.4.34/docs/manual/mod/mod_rewrite.html.fr --- apache2-2.4.33/docs/manual/mod/mod_rewrite.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_rewrite.html.fr 2018-03-24 15:44:58.000000000 +0000 @@ -319,7 +319,7 @@ des valeurs des directives UseCanonicalName et UseCanonicalPhysicalPort.

    Parmi les variables - spécifiques à mod_rewrite, ou trouve les suivantes :

    + spécifiques à mod_rewrite, ou trouve les suivantes :

    API_VERSION
    @@ -488,8 +488,9 @@ principal (fichier httpd.conf), vous devez utiliser %{LA-U:REMOTE_USER} - cette variable est définie par la phase d'autorisation qui intervient après la - phase de traduction d'URL (pendant laquelle mod_rewrite opère).

    -

    Par contre, comme mod_rewrite implémente son contexte de + phase de traduction d'URL (pendant laquelle mod_rewrite + opère).

    +

    Par contre, comme mod_rewrite implémente son contexte de répertoire (fichier .htaccess) via la phase Fixup de l'API, et comme la phase d'autorisation intervient avant cette dernière, vous pouvez vous contenter @@ -732,7 +733,7 @@ l'expression_de_comparaison en ajoutant ces [drapeaux] comme troisième argument de la directive - RewriteCond, où drapeaux est un + RewriteCond, où drapeaux est un sous-ensemble séparé par des virgules des drapeaux suivants :

      @@ -840,11 +841,13 @@ - +
      Description:Définit une fonction de mise en correspondance pour la recherche de mots-clés
      Syntaxe:RewriteMap MapName MapType:MapSource +
      Syntaxe:RewriteMap MapName MapType:MapSource [MapTypeOptions]
      Contexte:configuration du serveur, serveur virtuel
      Statut:Extension
      Module:mod_rewrite
      Compatibilité:Le troisième paramètre, MapTypeOptions, est disponible à partir +de la version 2.4.29 du serveur HTTP Apache

      La directive RewriteMap définit une Table de correspondance pour la réécriture que les @@ -885,11 +888,15 @@

      Vous pourrez ensuite utiliser cette table dans une - directive RewriteRule comme suit :

      + directive RewriteRule comme suit :

      RewriteRule "^/ex/(.*)" "${map-exemple:$1}"
      +

      La signification de l'argument MapTypeOptions dépend du MapType + spécifié. Veuillez vous référer au document Utiliser RewriteMap pour + plus de détails.

      +

      Les combinaisons suivantes pour type de correspondance et MapSource peuvent être utilisées :

      @@ -1152,9 +1159,9 @@ du système de fichiers "en dessous" de l'endroit où la règle est définie.

      Le chemin correspondant actuel du système de fichiers est déterminé par - des directives telles que DocumentRoot et - Alias, ou même le résultat de substitutions dans - des règles RewriteRule précédentes. + des directives telles que DocumentRoot et + Alias, ou même le résultat de + substitutions dans des règles RewriteRule précédentes.

      @@ -1211,8 +1218,8 @@ document Introduction à mod_rewrite.

      -

      Dans mod_rewrite, on peut aussi utiliser le caractère NON - ('!') comme préfixe de modèle. Ceci vous permet +

      Dans mod_rewrite, on peut aussi utiliser le caractère + NOT ('!') comme préfixe de modèle. Ceci vous permet d'inverser la signification d'un modèle, soit pour dire ``si l'URL considérée ne correspond PAS à ce modèle''. Le caractère NON peut donc être utilisé à @@ -1497,7 +1504,7 @@

      Développement du répertoire home

      Quand la chaîne de substitution commence par quelque chose comme -"/~user" (de manière explicite ou par références arrières), mod_rewrite +"/~user" (de manière explicite ou par références arrières), mod_rewrite développe le répertoire home sans tenir compte de la présence ou de la configuration du module mod_userdir.

      diff -Nru apache2-2.4.33/docs/manual/mod/mod_slotmem_plain.html.en apache2-2.4.34/docs/manual/mod/mod_slotmem_plain.html.en --- apache2-2.4.33/docs/manual/mod/mod_slotmem_plain.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_slotmem_plain.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -35,7 +35,7 @@
    • Source File:mod_slotmem_plain.c

    Summary

    -

    mod_slotmem_plain is a memory provider which +

    mod_slotmem_plain is a memory provider which provides for creation and access to a plain memory segment in which the datasets are organized in "slots."

    @@ -45,43 +45,42 @@ mod_slotmem_shm.

    -

    mod_slotmem_plain provides the following API functions: +

    mod_slotmem_plain provides the following API functions:

    -
    -
    apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
    -
    call the callback on all worker slots
    +
    /* call the callback on all worker slots */
+apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
 
-      
    apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
    
-      
    create a new slotmem with each item size is item_size.
    
+/* create a new slotmem with each item size is item_size */
+apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
 
-      
    apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
    
-      
    attach to an existing slotmem.
    
+/* attach to an existing slotmem */
+apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
 
-      
    apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void**mem)
    
-      
    get the direct pointer to the memory associated with this worker slot.
    
+/* get the direct pointer to the memory associated with this worker slot */
+apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void **mem)
 
-      
    apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
    
-      
    get/read the memory from this slot to dest
    
+/* get/read the memory from this slot to dest */
+apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
 
-      
    apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
    
-      
    put/write the data from src to this slot
    
+/* put/write the data from src to this slot */
+apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
 
-      
    unsigned int num_slots(ap_slotmem_instance_t *s)
    
-      
    return the total number of slots in the segment
    
+/* return the total number of slots in the segment */
+unsigned int num_slots(ap_slotmem_instance_t *s)
 
-      
    apr_size_t slot_size(ap_slotmem_instance_t *s)
    
-      
    return the total data size, in bytes, of a slot in the segment
    
+/* return the total data size, in bytes, of a slot in the segment */
+apr_size_t slot_size(ap_slotmem_instance_t *s)
 
-      
    apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id);
    
-      
    grab or allocate the first free slot and mark as in-use (does not do any data copying)
    
+/* grab or allocate the first free slot and mark as in-use (does not do any data copying) */
+apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id)
+
+/* forced grab or allocate the specified slot and mark as in-use (does not do any data copying) */
+apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id)
+
+/* release or free a slot and mark as not in-use (does not do any data copying) */
+apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id)
    -
    apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    forced grab or allocate the specified slot and mark as in-use (does not do any data copying)
    - -
    apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    release or free a slot and mark as not in-use (does not do any data copying)
    -
    Support Apache!

    Directives

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_slotmem_plain.html.fr apache2-2.4.34/docs/manual/mod/mod_slotmem_plain.html.fr --- apache2-2.4.33/docs/manual/mod/mod_slotmem_plain.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_slotmem_plain.html.fr 2018-04-21 16:11:03.000000000 +0000 @@ -36,7 +36,7 @@
    Fichier Source:mod_slotmem_plain.c

    Sommaire

    -

    mod_slotmem_plain est un fournisseur de mémoire qui +

    mod_slotmem_plain est un fournisseur de mémoire qui permet la création et l'utilisation d'un segment de mémoire contigu dans lequel les ensembles de données sont organisés en "slots".

    @@ -46,49 +46,44 @@ mod_slotmem_shm.

    -

    mod_slotmem_plain fournit une API comprenant les +

    mod_slotmem_plain fournit une API comprenant les fonctions suivantes :

    -
    -
    apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
    -
    appelle le callback sur tous les slots actifs
    + +
    /* appelle le callback sur tous les slots actifs */
+apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)      
 
-      
    apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
    
-      
    crée un nouveau slot de mémoire dont chaque objet aura une
-      taille de item_size.
    
+/* crée un nouveau slot de mémoire dont chaque item aura une taille de item_size. */
+apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)      
 
-      
    apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
    
-      
    rattache à un slot de mémoire existant.
    
+/* rattache à un slot de mémoire existant. */
+apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)      
 
-      
    apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void**mem)
    
-      
    indique la mémoire associée à ce slot actif.
    
+/* indique la mémoire associée à ce slot actif. */
+apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void **mem)      
 
-      
    apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
    
-      
    lit la mémoire depuis ce slot et la transfère vers dest
    
+/* lit la mémoire depuis ce slot et la transfert vers dest */
+apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)      
 
-      
    apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
    
-      
    écrit dans ce slot la mémoire en provenance de src
    
+/* écrit dans ce slot la mémoire en provenance de src */
+apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)      
 
-      
    unsigned int num_slots(ap_slotmem_instance_t *s)
    
-      
    renvoie le nombre total de slots contenus dans ce segment
    
+/* renvoie le nombre total de slots contenus dans ce segment */
+unsigned int num_slots(ap_slotmem_instance_t *s)      
 
-      
    apr_size_t slot_size(ap_slotmem_instance_t *s)
    
-      
    renvoie la taille totale des données, en octets, contenues
-      dans un slot de ce segment
    
+/* renvoie la taille totale des données, en octets, contenues dans un slot de ce segment */
+apr_size_t slot_size(ap_slotmem_instance_t *s)      
 
-      
    apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id);
    
-      
    alloue le premier slot disponible et le marque comme utilisé (n'effectue aucune
-      copie de données)
    
+/* alloue le premier slot libre et le marque comme utilisé (n'effectue aucune copie de données) */
+apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id)      
 
-      
    apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id);
    
-      
    force l'allocation ou l'appropriation du slot spécifié et le marque comme utilisé (n'effectue aucune
-      copie de données)
    
-
-      
    apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id);
    
-      
    libère un slot et le marque comme non utilisé (n'effectue aucune
-      copie de données)
    
-
    +/* appropriation ou allocation forcée du slot spécifié et marquage comme utilisé (n'effectue aucune copie de données) */ +apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id) + +/* libère un slot et le marque comme non utilisé (n'effectue aucune copie de données) */ +apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id) +
    Support Apache!

    Directives

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_slotmem_shm.html.en apache2-2.4.34/docs/manual/mod/mod_slotmem_shm.html.en --- apache2-2.4.33/docs/manual/mod/mod_slotmem_shm.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_slotmem_shm.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -35,7 +35,7 @@ Source File:mod_slotmem_shm.c

    Summary

    -

    mod_slotmem_shm is a memory provider which +

    mod_slotmem_shm is a memory provider which provides for creation and access to a shared memory segment in which the datasets are organized in "slots."

    @@ -49,52 +49,46 @@ DefaultRuntimeDir directive.

    -

    mod_slotmem_shm provides the following API functions: +

    mod_slotmem_shm provides the following API functions:

    -
    -
    apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
    -
    call the callback on all worker slots
    - -
    apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
    -
    create a new slotmem with each item size is item_size. name is used to generate a filename for the persistent store of - the shared memory if configured. Values are: -
    -
    "none"
    -
    Anonymous shared memory and no persistent store
    -
    "file-name"
    -
    [DefaultRuntimeDir]/file-name
    -
    "/absolute-file-name"
    -
    Absolute file name
    -
    - -
    apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
    -
    attach to an existing slotmem. See create for description of name parameter.
    - -
    apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void**mem)
    -
    get the direct pointer to the memory associated with this worker slot.
    - -
    apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
    -
    get/read the memory from this slot to dest
    - -
    apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
    -
    put/write the data from src to this slot
    - -
    unsigned int num_slots(ap_slotmem_instance_t *s)
    -
    return the total number of slots in the segment
    - -
    apr_size_t slot_size(ap_slotmem_instance_t *s)
    -
    return the total data size, in bytes, of a slot in the segment
    - -
    apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id);
    -
    grab or allocate the first free slot and mark as in-use (does not do any data copying)
    - -
    apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    forced grab or allocate the specified slot and mark as in-use (does not do any data copying)
    - -
    apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    release or free a slot and mark as not in-use (does not do any data copying)
    -
    +
    /* call the callback on all worker slots */
+apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
+
+/* create a new slotmem with each item size is item_size. 'name' is used to generate a filename for the persistent
+   store of the shared memory if configured. Values are:
+      "none"                - Anonymous shared memory and no persistent store
+      "file-name"           - [DefaultRuntimeDir]/file-name
+      "/absolute-file-name" - Absolute file name */
+apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
+
+/* attach to an existing slotmem. See 'create()' for description of 'name' parameter */
+apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
+
+/* get the direct pointer to the memory associated with this worker slot */
+apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void **mem)
+
+/* get/read the memory from this slot to dest */
+apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
+
+/* put/write the data from src to this slot */
+apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
+
+/* return the total number of slots in the segment */
+unsigned int num_slots(ap_slotmem_instance_t *s)
+
+/* return the total data size, in bytes, of a slot in the segment */
+apr_size_t slot_size(ap_slotmem_instance_t *s)
+
+/* grab or allocate the first free slot and mark as in-use (does not do any data copying) */
+apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id)
+
+/* forced grab or allocate the specified slot and mark as in-use (does not do any data copying) */
+apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id)
+
+/* release or free a slot and mark as not in-use (does not do any data copying) */
+apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id)
    +
    Support Apache!

    Directives

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_slotmem_shm.html.fr apache2-2.4.34/docs/manual/mod/mod_slotmem_shm.html.fr --- apache2-2.4.33/docs/manual/mod/mod_slotmem_shm.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_slotmem_shm.html.fr 2018-04-21 16:11:03.000000000 +0000 @@ -36,77 +36,69 @@ Fichier Source:mod_slotmem_shm.c

    Sommaire

    -

    mod_slotmem_shm est un fournisseur de mémoire qui +

    mod_slotmem_shm est un fournisseur de mémoire qui permet la création et l'accès à un segment de mémoire partagée dans lequel les ensembles de données sont organisés en "slots".

    L'ensemble de la mémoire partagée est effacé à chaque - redémarrage, que ce dernier soit graceful ou non. Les données sont - stockées et restituées dans et à partir d'un fichier défini par le + redémarrage, que ce dernier soit graceful ou non. Les données sont + stockées et restituées dans/à partir d'un fichier défini par le paramètre name des appels create et attach. Si son chemin absolu n'est pas spécifié, le chemin du fichier sera relatif au chemin défini par la directive DefaultRuntimeDir.

    -

    mod_slotmem_shm fournit les fonctions d'API suivantes +

    mod_slotmem_shm fournit les fonctions d'API suivantes :

    -
    -
    apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
    -
    appelle le callback pour tous les slots actifs
    - -
    apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
    -
    crée un nouveau slot de mémoire dont chaque taille d'objet est - item_size. name est utilisé pour générer le nom du fichier - permettant de stocker/restaurer le contenu de la mémoire partagée - si la configuration le spécifie. Les valeurs possibles sont : -
    -
    "none"
    -
    Mémoire partagée anonyme et pas de stockage - persistant
    -
    "file-name"
    -
    [DefaultRuntimeDir]/file-name
    -
    Absolute file name
    -
    $absolute-file-name
    -
    -
    - -
    apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
    -
    attache à un slot de mémoire existant. Voir - create pour la description du paramètre - name.
    - -
    apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void**mem)
    -
    obtient la mémoire associée à ce slot actif.
    - -
    apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
    -
    lit la mémoire depuis ce slot et la transfère vers dest
    - -
    apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
    -
    écrit dans ce slot la mémoire en provenance de src
    - -
    unsigned int num_slots(ap_slotmem_instance_t *s)
    -
    renvoie le nombre total de slots contenus dans ce segment
    - -
    apr_size_t slot_size(ap_slotmem_instance_t *s)
    -
    renvoie la taille totale des données, en octets, contenues - dans un slot de ce segment
    - -
    apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id);
    -
    alloue ou s'approprie le premier slot disponible et le marque comme utilisé (n'effectue aucune - copie de données)
    - -
    apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    force l'allocation ou l'attribution du slot spécifié et le marque comme utilisé (n'effectue aucune - copie de données)
    - -
    apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id);
    -
    libère un slot et le marque comme non utilisé (n'effectue aucune - copie de données)
    -
    +
    /* appelle le callback pour tous les slots actifs */
+apr_status_t doall(ap_slotmem_instance_t *s, ap_slotmem_callback_fn_t *func, void *data, apr_pool_t *pool)
+
+/* crée un nouveau slot de mémoire dont chaque taille d'item est
+      item_size. 'name' est utilisé pour générer le nom du fichier
+      permettant de stocker/restaurer le contenu de la mémoire partagée,
+      si elle est configurée. Les valeurs possibles sont :
+      "none"                - Mémoire partagée anonyme et pas de stockage permanent
+      "file-name"           - [DefaultRuntimeDir]/file-name
+      "/absolute-file-name" - Chemin absolu du fichier */
+apr_status_t create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, ap_slotmem_type_t type, apr_pool_t *pool)
+
+/* attache à un slot de mémoire existant. Voir
+      'create' pour la description du paramètre
+      'name'. */
+apr_status_t attach(ap_slotmem_instance_t **new, const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool)
+
+/* obtient la mémoire associée à ce slot actif. */
+apr_status_t dptr(ap_slotmem_instance_t *s, unsigned int item_id, void **mem)
+
+/* lit la mémoire depuis ce slot et la transfert vers dest */
+apr_status_t get(ap_slotmem_instance_t *s, unsigned int item_id, unsigned char *dest, apr_size_t dest_len)
+
+/* écrit dans ce slot la mémoire en provenance de src */
+apr_status_t put(ap_slotmem_instance_t *slot, unsigned int item_id, unsigned char *src, apr_size_t src_len)
+
+/* renvoie le nombre total de slots contenus dans ce segment */
+unsigned int num_slots(ap_slotmem_instance_t *s)
+
+/* renvoie la taille totale des données, en octets, contenues
+      dans un slot de ce segment */
+apr_size_t slot_size(ap_slotmem_instance_t *s)
+
+/* alloue le premier slot libre et le marque comme utilisé (n'effectue aucune
+      copie de données) */
+apr_status_t grab(ap_slotmem_instance_t *s, unsigned int *item_id)
+
+/* appropriation ou allocation forcée du slot spécifié et marquage comme
+      utilisé (n'effectue aucune copie de données) */
+apr_status_t fgrab(ap_slotmem_instance_t *s, unsigned int item_id)
+
+/* libère un slot et le marque comme non utilisé (n'effectue aucune
+      copie de données) */
+apr_status_t release(ap_slotmem_instance_t *s, unsigned int item_id)
    +
    Support Apache!

    Directives

    diff -Nru apache2-2.4.33/docs/manual/mod/mod_ssl.html.en apache2-2.4.34/docs/manual/mod/mod_ssl.html.en --- apache2-2.4.33/docs/manual/mod/mod_ssl.html.en 2018-03-10 02:33:21.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_ssl.html.en 2018-06-24 07:27:31.000000000 +0000 @@ -1077,16 +1077,18 @@

    SSLOCSPEnable Directive

    - + +
    Description:Enable OCSP validation of the client certificate chain
    Syntax:SSLOCSPEnable on|off
    Syntax:SSLOCSPEnable on|leaf|off
    Default:SSLOCSPEnable off
    Context:server config, virtual host
    Status:Extension
    Module:mod_ssl
    Compatibility:Mode leaf available in httpd 2.4.34 and later

    This option enables OCSP validation of the client certificate chain. If this option is enabled, certificates in the client's certificate chain will be validated against an OCSP responder after -normal verification (including CRL checks) have taken place.

    +normal verification (including CRL checks) have taken place. In +mode 'leaf', only the client certificate itself will be validated.

    The OCSP responder used is either extracted from the certificate itself, or derived by configuration; see the @@ -1963,8 +1965,8 @@

    This is the always available builtin seeding source. Its usage consumes minimum CPU cycles under runtime and hence can be always used without drawbacks. The source used for seeding the PRNG contains of the - current time, the current process id and (when applicable) a randomly - chosen 1KB extract of the inter-process scoreboard structure of Apache. + current time, the current process id and a randomly + chosen 128 bytes extract of the stack. The drawback is that this is not really a strong source and at startup time (where the scoreboard is still not available) this source just produces a few bytes of entropy. So you should always, at least for the diff -Nru apache2-2.4.33/docs/manual/mod/mod_ssl.html.fr apache2-2.4.34/docs/manual/mod/mod_ssl.html.fr --- apache2-2.4.33/docs/manual/mod/mod_ssl.html.fr 2018-03-10 16:12:37.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_ssl.html.fr 2018-06-23 13:44:41.000000000 +0000 @@ -1225,17 +1225,19 @@ - + +
    Description:Active la validation OCSP de la chaîne de certificats du client
    Syntaxe:SSLOCSPEnable on|off
    Syntaxe:SSLOCSPEnable on|leaf|off
    Défaut:SSLOCSPEnable off
    Contexte:configuration du serveur, serveur virtuel
    Statut:Extension
    Module:mod_ssl
    Compatibilité:Le mode leaf est disponible à partir de la version +2.4.34 du serveur HTTP Apache

    Cette directive permet d'activer la validation OCSP de la chaîne de certificats du client. Si elle est activée, les certificats de la chaîne de certificats du client seront validés auprès d'un répondeur OCSP, une fois la vérification normale effectuée (vérification des CRLs -incluse).

    +incluse). En mode 'leaf', seul le certificat du client sera validé.

    Le répondeur OCSP utilisé est soit extrait du certificat lui-même, soit spécifié dans la configuration ; voir les directives SSLOCSPDefaultResponder et SSLOCSPOverrideResponder.

    @@ -2188,17 +2190,15 @@ Les différentes valeurs de source disponibles sont :

    • builtin -

      Cette source de déclenchement intégrée est toujours disponible. - Son utilisation consomme un minimum de cycles CPU en cours - d'exécution, et son utilisation ne présente de ce fait aucun - problème. La source utilisée pour déclencher le PRNG contient la - date courante, l'identifiant du processus courant et (si disponible) - un extrait de 1Ko aléatoirement choisi de la structure d'Apache pour - les échanges inter-processus. Ceci présente un inconvénient car le - caractère aléatoire de cette source n'est pas vraiment fort, et au - démarrage (lorsque la structure d'échanges n'est pas encore - disponible), cette source ne produit que quelques octets d'entropie. - Vous devez donc toujours utiliser une source de déclenchement +

      Cette source de déclenchement intégrée est toujours disponible. Son + utilisation consomme un minimum de cycles CPU en cours d'exécution, et son + utilisation ne présente de ce fait aucun problème. La source utilisée pour + déclencher le PRNG contient la date courante, l'identifiant du processus + courant et un extrait de 128 octets aléatoirement choisi dans la pile. Ceci + présente un inconvénient car le caractère aléatoire de cette source n'est + pas vraiment fort, et au démarrage (lorsque la structure d'échanges n'est + pas encore disponible), cette source ne produit que quelques octets + d'entropie. Vous devez donc toujours utiliser une source de déclenchement additionnelle, au moins pour le démarrage.

    • file:/chemin/vers/source

      diff -Nru apache2-2.4.33/docs/manual/mod/mod_usertrack.html.en apache2-2.4.34/docs/manual/mod/mod_usertrack.html.en --- apache2-2.4.33/docs/manual/mod/mod_usertrack.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_usertrack.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -63,7 +63,7 @@ via mod_log_config configurable logging formats:

      LogFormat "%{Apache}n %r %t" usertrack
-CustomLog logs/clickstream.log usertrack
      +CustomLog "logs/clickstream.log" usertrack
    @@ -156,7 +156,7 @@ + Netscape|Cookie|Cookie2|RFC2109|RFC2965 diff -Nru apache2-2.4.33/docs/manual/mod/mod_usertrack.html.fr apache2-2.4.34/docs/manual/mod/mod_usertrack.html.fr --- apache2-2.4.33/docs/manual/mod/mod_usertrack.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/mod_usertrack.html.fr 2018-04-21 16:11:03.000000000 +0000 @@ -65,7 +65,7 @@ mod_log_config :

    LogFormat "%{Apache}n %r %t" usertrack
-CustomLog logs/clickstream.log usertrack
    +CustomLog "logs/clickstream.log" usertrack @@ -164,7 +164,7 @@
    Description:Format of the cookie header field
    Syntax:CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965
    Default:CookieStyle Netscape
    Context:server config, virtual host, directory, .htaccess
    Override:FileInfo
    + Netscape|Cookie|Cookie2|RFC2109|RFC2965 diff -Nru apache2-2.4.33/docs/manual/mod/overrides.html.en apache2-2.4.34/docs/manual/mod/overrides.html.en --- apache2-2.4.33/docs/manual/mod/overrides.html.en 2018-02-21 10:12:43.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/overrides.html.en 2018-07-06 08:44:47.000000000 +0000 @@ -112,73 +112,82 @@ + + + + - - - - + + + + + - - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - + + + - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + - - + - - + - - - - + + + - - + - - + +
    Description:Format du champ d'en-tête cookie
    Syntaxe:CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965
    Défaut:CookieStyle Netscape
    Contexte:configuration du serveur, serveur virtuel, répertoire, .htaccess
    AllowOverride:FileInfo
    <IfDefine>core
    Encloses directives that will be processed only if a test is true at startup
    <IfDirective>core
    Encloses directives that are processed conditional on the +presence or absence of a specific directive
    <IfFile>core
    Encloses directives that will be processed only +if file exists at startup
    <IfModule>core
    Encloses directives that are processed conditional on the presence or absence of a specific module
    <IfVersion>mod_version
    contains version dependent configuration
    LimitRequestBodycore
    Restricts the total size of the HTTP request body sent +
    <IfSection>core
    Encloses directives that are processed conditional on the +presence or absence of a specific section directive
    <IfVersion>mod_version
    contains version dependent configuration
    LimitRequestBodycore
    Restricts the total size of the HTTP request body sent from the client
    LimitXMLRequestBodycore
    Limits the size of an XML-based request body
    LogIOTrackTTFBmod_logio
    Enable tracking of time to first byte (TTFB)
    LuaCodeCachemod_lua
    Configure the compiled code cache.
    LuaHookAccessCheckermod_lua
    Provide a hook for the access_checker phase of request processing
    LuaHookAuthCheckermod_lua
    Provide a hook for the auth_checker phase of request processing
    LuaHookCheckUserIDmod_lua
    Provide a hook for the check_user_id phase of request processing
    LuaHookFixupsmod_lua
    Provide a hook for the fixups phase of a request +
    LimitXMLRequestBodycore
    Limits the size of an XML-based request body
    LogIOTrackTTFBmod_logio
    Enable tracking of time to first byte (TTFB)
    LuaCodeCachemod_lua
    Configure the compiled code cache.
    LuaHookAccessCheckermod_lua
    Provide a hook for the access_checker phase of request processing
    LuaHookAuthCheckermod_lua
    Provide a hook for the auth_checker phase of request processing
    LuaHookCheckUserIDmod_lua
    Provide a hook for the check_user_id phase of request processing
    LuaHookFixupsmod_lua
    Provide a hook for the fixups phase of a request processing
    LuaHookInsertFiltermod_lua
    Provide a hook for the insert_filter phase of request processing
    LuaHookLogmod_lua
    Provide a hook for the access log phase of a request +
    LuaHookInsertFiltermod_lua
    Provide a hook for the insert_filter phase of request processing
    LuaHookLogmod_lua
    Provide a hook for the access log phase of a request processing
    LuaHookMapToStoragemod_lua
    Provide a hook for the map_to_storage phase of request processing
    LuaHookTranslateNamemod_lua
    Provide a hook for the translate name phase of request processing
    LuaHookTypeCheckermod_lua
    Provide a hook for the type_checker phase of request processing
    LuaInheritmod_lua
    Controls how parent configuration sections are merged into children
    LuaMapHandlermod_lua
    Map a path to a lua handler
    LuaPackageCPathmod_lua
    Add a directory to lua's package.cpath
    LuaPackagePathmod_lua
    Add a directory to lua's package.path
    LuaQuickHandlermod_lua
    Provide a hook for the quick handler of request processing
    LuaRootmod_lua
    Specify the base path for resolving relative paths for mod_lua directives
    LuaScopemod_lua
    One of once, request, conn, thread -- default is once
    RLimitCPUcore
    Limits the CPU consumption of processes launched +
    LuaHookMapToStoragemod_lua
    Provide a hook for the map_to_storage phase of request processing
    LuaHookTranslateNamemod_lua
    Provide a hook for the translate name phase of request processing
    LuaHookTypeCheckermod_lua
    Provide a hook for the type_checker phase of request processing
    LuaInheritmod_lua
    Controls how parent configuration sections are merged into children
    LuaMapHandlermod_lua
    Map a path to a lua handler
    LuaPackageCPathmod_lua
    Add a directory to lua's package.cpath
    LuaPackagePathmod_lua
    Add a directory to lua's package.path
    LuaQuickHandlermod_lua
    Provide a hook for the quick handler of request processing
    LuaRootmod_lua
    Specify the base path for resolving relative paths for mod_lua directives
    LuaScopemod_lua
    One of once, request, conn, thread -- default is once
    RLimitCPUcore
    Limits the CPU consumption of processes launched by Apache httpd children
    RLimitMEMcore
    Limits the memory consumption of processes launched +
    RLimitMEMcore
    Limits the memory consumption of processes launched by Apache httpd children
    RLimitNPROCcore
    Limits the number of processes that can be launched by +
    RLimitNPROCcore
    Limits the number of processes that can be launched by processes launched by Apache httpd children
    ServerSignaturecore
    Configures the footer on server-generated documents
    SSIErrorMsgmod_include
    Error message displayed when there is an SSI +
    ServerSignaturecore
    Configures the footer on server-generated documents
    SSIErrorMsgmod_include
    Error message displayed when there is an SSI error
    SSITimeFormatmod_include
    Configures the format in which date strings are +
    SSITimeFormatmod_include
    Configures the format in which date strings are displayed
    SSIUndefinedEchomod_include
    String displayed when an unset variable is echoed
    SSIUndefinedEchomod_include
    String displayed when an unset variable is echoed
    top

    AuthConfig

    The following directives are allowed in .htaccess files when diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.de apache2-2.4.34/docs/manual/mod/quickreference.html.de --- apache2-2.4.33/docs/manual/mod/quickreference.html.de 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.de 2018-07-10 12:21:25.000000000 +0000 @@ -355,7 +355,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory VerzeichnissMVerzeichnis, in das der Apache zu wechseln versucht, bevor er einen Hauptspeicherauszug erstellt @@ -524,317 +524,327 @@ <IfDefine [!]Parametername> ... </IfDefine>svdhCSchließt Direktiven ein, die nur ausgeführt werden, wenn eine Testbedingung beim Start wahr ist +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]Modulname|Modulbezeichner> ... </IfModule>svdhCSchließt Direktiven ein, die abhängig vom Vorhandensein oder Fehlen eines speziellen Moduls ausgeführt werden -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include Dateiname|VerzeichnissvdCFügt andere Konfigurationsdateien innerhalb der +Include Dateiname|VerzeichnissvdCFügt andere Konfigurationsdateien innerhalb der Server-Konfigurationsdatei ein -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCAktiviert persistente HTTP-Verbindungen -KeepAliveTimeout Sekunden 5 svCZeitspanne, die der Server während persistenter Verbindungen +KeepAlive On|Off On svCAktiviert persistente HTTP-Verbindungen +KeepAliveTimeout Sekunden 5 svCZeitspanne, die der Server während persistenter Verbindungen auf nachfolgende Anfragen wartet -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit Methode [Methode] ... > ... - </Limit>svdhCBeschränkt die eingeschlossenen Zugriffskontrollen auf +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit Methode [Methode] ... > ... + </Limit>svdhCBeschränkt die eingeschlossenen Zugriffskontrollen auf bestimmte HTTP-Methoden -<LimitExcept Methode [Methode] ... > ... - </LimitExcept>svdhCBeschränkt Zugriffskontrollen auf alle HTTP-Methoden +<LimitExcept Methode [Methode] ... > ... + </LimitExcept>svdhCBeschränkt Zugriffskontrollen auf alle HTTP-Methoden außer den genannten -LimitInternalRecursion Zahl [Zahl] 10 svCBestimmt die maximale Anzahl interner Umleitungen und +LimitInternalRecursion Zahl [Zahl] 10 svCBestimmt die maximale Anzahl interner Umleitungen und verschachtelter Unteranfragen -LimitRequestBody Bytes 0 svdhCBegrenzt die Gesamtgröße des vom Client gesendeten +LimitRequestBody Bytes 0 svdhCBegrenzt die Gesamtgröße des vom Client gesendeten HTTP-Request-Body -LimitRequestFields Anzahl 100 sCBegrenzt die Anzahl der HTTP-Request-Header, die vom Client +LimitRequestFields Anzahl 100 sCBegrenzt die Anzahl der HTTP-Request-Header, die vom Client entgegengenommen werden -LimitRequestFieldsize BytessCBegrenzt die Länge des vom Client gesendeten +LimitRequestFieldsize BytessCBegrenzt die Länge des vom Client gesendeten HTTP-Request-Headers -LimitRequestLine Bytes 8190 sCBegrenzt die Länge der vom Client entgegengenommenen +LimitRequestLine Bytes 8190 sCBegrenzt die Länge der vom Client entgegengenommenen HTTP-Anfragezeile -LimitXMLRequestBody Bytes 1000000 svdhCBegrenzt die Größe eines XML-basierten +LimitXMLRequestBody Bytes 1000000 svdhCBegrenzt die Größe eines XML-basierten Request-Bodys -Listen [IP-Addresse:]PortsMIP-Adressen und Ports, an denen der Server lauscht -ListenBacklog backlogsMMaximale Länge der Warteschlange schwebender +Listen [IP-Addresse:]PortsMIP-Adressen und Ports, an denen der Server lauscht +ListenBacklog backlogsMMaximale Länge der Warteschlange schwebender Verbindungen -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...svELink in the named object file or library -LoadModule module filenamesvELinks in the object file or library, and adds to the list +LoadFile filename [filename] ...svELink in the named object file or library +LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules -<Location - URL-Pfad|URL> ... </Location>svCWendet die enthaltenen Direktiven nur auf die entsprechenden +<Location + URL-Pfad|URL> ... </Location>svCWendet die enthaltenen Direktiven nur auf die entsprechenden URLs an -<LocationMatch - regex> ... </LocationMatch>svCWendet die enthaltenen Direktiven nur auf URLs an, die auf +<LocationMatch + regex> ... </LocationMatch>svCWendet die enthaltenen Direktiven nur auf URLs an, die auf reguläre Ausdrücke passen -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel Level warn svCSteuert die Ausführlichkeit des Fehlerprotokolls -LogMessage message +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel Level warn svCSteuert die Ausführlichkeit des Fehlerprotokolls +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests Anzahl 100 svCAnzahl der Anfragen, die bei einer persistenten Verbindung +MaxKeepAliveRequests Anzahl 100 svCAnzahl der Anfragen, die bei einer persistenten Verbindung zulässig sind -MaxMemFree KBytes 0 sMMaximale Menge des Arbeitsspeichers, den die +MaxMemFree KBytes 0 sMMaximale Menge des Arbeitsspeichers, den die Haupt-Zuteilungsroutine verwalten darf, ohne free() aufzurufen -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers Anzahl 10 sMMaximale Anzahl der unbeschäftigten Kindprozesse des +MaxSpareServers Anzahl 10 sMMaximale Anzahl der unbeschäftigten Kindprozesse des Servers -MaxSpareThreads AnzahlsMMaximale Anzahl unbeschäftigter Threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MaxSpareThreads AnzahlsMMaximale Anzahl unbeschäftigter Threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers Anzahl 5 sMMinimale Anzahl der unbeschäftigten Kindprozesse des +MinSpareServers Anzahl 5 sMMinimale Anzahl der unbeschäftigten Kindprozesse des Servers -MinSpareThreads AnzahlsMMinimale Anzahl unbeschäftigter Threads, die zur +MinSpareThreads AnzahlsMMinimale Anzahl unbeschäftigter Threads, die zur Bedienung von Anfragespitzen zur Verfügung stehen -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost Adresse[:Port]sCBestimmt eine IP-Adresse für den Betrieb namensbasierter +NameVirtualHost Adresse[:Port]sCBestimmt eine IP-Adresse für den Betrieb namensbasierter virtueller Hosts -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]Option [[+|-]Option] ... All svdhCDefiniert, welche Eigenschaften oder Funktionen in einem +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]Option [[+|-]Option] ... All svdhCDefiniert, welche Eigenschaften oder Funktionen in einem bestimmten Verzeichnis verfügbar sind - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile Dateiname logs/httpd.pid sMDatei, in welcher der Server die Prozess-ID des Daemons +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile Dateiname logs/httpd.pid sMDatei, in welcher der Server die Prozess-ID des Daemons ablegt -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]svdESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -890,6 +900,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -1019,7 +1030,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.en apache2-2.4.34/docs/manual/mod/quickreference.html.en --- apache2-2.4.33/docs/manual/mod/quickreference.html.en 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.en 2018-06-29 13:42:51.000000000 +0000 @@ -351,7 +351,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to switch before dumping core @@ -519,314 +519,324 @@ <IfDefine [!]parameter-name> ... </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]module-file|module-identifier> ... </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...svELink in the named object file or library -LoadModule module filenamesvELinks in the object file or library, and adds to the list +LoadFile filename [filename] ...svELink in the named object file or library +LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules -<Location - URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching +<Location + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs -<LocationMatch - regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression +<LocationMatch + regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression matching URLs -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel [module:]level +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel [module:]level [module:level] ... - warn svdCControls the verbosity of the ErrorLog -LogMessage message + warn svdCControls the verbosity of the ErrorLog +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent +MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent connection -MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed +MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed to hold without calling free() -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers number 10 sMMaximum number of idle child server processes -MaxSpareThreads numbersMMaximum number of idle threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MaxSpareServers number 10 sMMaximum number of idle child server processes +MaxSpareThreads numbersMMaximum number of idle threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual +NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]svdESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -882,6 +892,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -1007,7 +1018,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.es apache2-2.4.34/docs/manual/mod/quickreference.html.es --- apache2-2.4.33/docs/manual/mod/quickreference.html.es 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.es 2018-07-10 12:21:25.000000000 +0000 @@ -354,7 +354,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to switch before dumping core @@ -522,314 +522,324 @@ <IfDefine [!]parameter-name> ... </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]module-file|module-identifier> ... </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include [optional|strict] file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include [optional|strict] file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...svELink in the named object file or library -LoadModule module filenamesvELinks in the object file or library, and adds to the list +LoadFile filename [filename] ...svELink in the named object file or library +LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules -<Location - URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching +<Location + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs -<LocationMatch - regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression +<LocationMatch + regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression matching URLs -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel [module:]level +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel [module:]level [module:level] ... - warn svdCControls the verbosity of the ErrorLog -LogMessage message + warn svdCControls the verbosity of the ErrorLog +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent +MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent connection -MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed +MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed to hold without calling free() -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers number 10 sMMaximum number of idle child server processes -MaxSpareThreads numbersMMaximum number of idle threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MaxSpareServers number 10 sMMaximum number of idle child server processes +MaxSpareThreads numbersMMaximum number of idle threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual +NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]svdESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -885,6 +895,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -1010,7 +1021,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.fr apache2-2.4.34/docs/manual/mod/quickreference.html.fr --- apache2-2.4.33/docs/manual/mod/quickreference.html.fr 2018-03-17 16:28:40.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.fr 2018-07-10 12:21:25.000000000 +0000 @@ -438,7 +438,7 @@ CookieExpires duréesvdhEDurée avant expiration du cookie traceur CookieName symbole Apache svdhENom du cookie traceur CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat du champ d'en-tête cookie + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat du champ d'en-tête cookie CookieTracking on|off off svdhEActive le cookie traceur CoreDumpDirectory répertoiresMLe répertoire dans lequel le serveur HTTP Apache va tenter de se positionner avant d'effectuer un vidage mémoire @@ -635,404 +635,415 @@ <IfDefine [!]paramètre> ... </IfDefine>svdhCContient des directives qui ne s'appliqueront que si un test retourne "vrai" au démarrage du serveur +<IfDirective [!]directive-name> ... + </IfDirective>svdhCRegroupe des directives dont le traitement est conditionné par la +présence ou l'absence d'une directive particulière +<IfFile [!]parameter-name> ... + </IfFile>svdhCRegroupe des directives qui ne seront traitées que si un fichier +existe au démarrage <IfModule [!]fichier module|identificateur module> ... </IfModule>svdhCContient des directives qui ne s'appliquent qu'en fonction de la présence ou de l'absence d'un module spécifique -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://nom_serveur/ +svdhBValeur par défaut de la directive base des +<IfSection [!]section-name> ... + </IfSection>svdhCRegroupe des directives dont le traitement est conditionné par la +présence ou l'absence d'une section particulière +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://nom_serveur/ +svdhBValeur par défaut de la directive base des fichiers imagemap -ImapDefault error|nocontent|map|referer|URL nocontent svdhBAction à entreprendre par défaut lorsqu'un fichier imagemap +ImapDefault error|nocontent|map|referer|URL nocontent svdhBAction à entreprendre par défaut lorsqu'un fichier imagemap est invoqué avec des coordonnées qui ne correspondent à aucune cible -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction à entreprendre si aucune coordonnée n'est fournie +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction à entreprendre si aucune coordonnée n'est fournie lorsqu'on invoque un fichier imagemap -Include chemin-fichier|chemin-répertoire|wildcardsvdCInclut d'autres fichiers de configuration dans un des +Include chemin-fichier|chemin-répertoire|wildcardsvdCInclut d'autres fichiers de configuration dans un des fichiers de configuration du serveur -IncludeOptional -file-path|directory-path|wildcardsvdCInclusion de fichiers dans le fichier de configuration -IndexHeadInsert "marque ..."svdhBInsère du texte dans la section HEAD de la page +IncludeOptional +file-path|directory-path|wildcardsvdCInclusion de fichiers dans le fichier de configuration +IndexHeadInsert "marque ..."svdhBInsère du texte dans la section HEAD de la page d'index. -IndexIgnore fichier [fichier] ... "." svdhBAjouts à la liste des fichiers à cacher lors de l'affichage +IndexIgnore fichier [fichier] ... "." svdhBAjouts à la liste des fichiers à cacher lors de l'affichage de l'index d'un répertoire -IndexIgnoreReset ON|OFFsvdhBVide la liste des fichiers à cacher lors de l'affichage du +IndexIgnoreReset ON|OFFsvdhBVide la liste des fichiers à cacher lors de l'affichage du contenu d'un répertoire -IndexOptions [+|-]option [[+|-]option] -...svdhBDiverses options de configuration pour l'indexation d'un +IndexOptions [+|-]option [[+|-]option] +...svdhBDiverses options de configuration pour l'indexation d'un répertoire -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBDéfinit l'ordre d'affichage par défaut d'un index de +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBDéfinit l'ordre d'affichage par défaut d'un index de répertoire -IndexStyleSheet chemin-urlsvdhBAjoute une feuille de style CSS à l'index du +IndexStyleSheet chemin-urlsvdhBAjoute une feuille de style CSS à l'index du répertoire -InputSed commande-seddhCommande sed à exécuter pour le filtrage des données d'une +InputSed commande-seddhCommande sed à exécuter pour le filtrage des données d'une requête (en général des données POST) -ISAPIAppendLogToErrors on|off off svdhBEnregistrement des requêtes +ISAPIAppendLogToErrors on|off off svdhBEnregistrement des requêtes HSE_APPEND_LOG_PARAMETER de la part des extensions ISAPI dans le journal des erreurs -ISAPIAppendLogToQuery on|off on svdhBEnregistre les requêtes +ISAPIAppendLogToQuery on|off on svdhBEnregistre les requêtes HSE_APPEND_LOG_PARAMETER de la part des extensions ISAPI dans la partie arguments de la requête -ISAPICacheFile chemin-fichier +ISAPICacheFile chemin-fichier [chemin-fichier] -...svBFichiers .dll ISAPI devant être chargés au +...svBFichiers .dll ISAPI devant être chargés au démarrage -ISAPIFakeAsync on|off off svdhBEmulation du support des entrées/sorties asynchrones pour +ISAPIFakeAsync on|off off svdhBEmulation du support des entrées/sorties asynchrones pour les appels ISAPI -ISAPILogNotSupported on|off off svdhBJournalisation des demandes de fonctionnalités non +ISAPILogNotSupported on|off off svdhBJournalisation des demandes de fonctionnalités non supportées de la part des extensions ISAPI -ISAPIReadAheadBuffer taille 49152 svdhBTaille du tampon de lecture anticipée envoyé aux extensions +ISAPIReadAheadBuffer taille 49152 svdhBTaille du tampon de lecture anticipée envoyé aux extensions ISAPI -KeepAlive On|Off On svCActive les connexions HTTP persistantes -KeepAliveTimeout nombre[ms] 5 svCDurée pendant laquelle le serveur va attendre une requête +KeepAlive On|Off On svCActive les connexions HTTP persistantes +KeepAliveTimeout nombre[ms] 5 svCDurée pendant laquelle le serveur va attendre une requête avant de fermer une connexion persistante -KeptBodySize taille maximale en octets 0 dBConserve le corps de la requête à concurrence de la taille +KeptBodySize taille maximale en octets 0 dBConserve le corps de la requête à concurrence de la taille maximale spécifiée, pour une utilisation éventuelle par des filtres comme mod_include. -LanguagePriority langage-MIME [langage-MIME] -...svdhBL'ordre de priorité des variantes de langages pour les +LanguagePriority langage-MIME [langage-MIME] +...svdhBL'ordre de priorité des variantes de langages pour les cas où le client n'a pas formulé de préférences -LDAPCacheEntries nombre 1024 sENombre maximum d'entrées dans le cache LDAP +LDAPCacheEntries nombre 1024 sENombre maximum d'entrées dans le cache LDAP primaire -LDAPCacheTTL secondes 600 sEDurée pendant laquelle les entrées du cache restent +LDAPCacheTTL secondes 600 sEDurée pendant laquelle les entrées du cache restent valides. -LDAPConnectionPoolTTL n -1 svEDésactive les connexions d'arrière-plan qui sont restées +LDAPConnectionPoolTTL n -1 svEDésactive les connexions d'arrière-plan qui sont restées inactives trop longtemps au sein du jeu de connexions. -LDAPConnectionTimeout secondessESpécifie le délai d'attente en secondes de la socket de +LDAPConnectionTimeout secondessESpécifie le délai d'attente en secondes de la socket de connexion -LDAPLibraryDebug 7sEActive le débogage dans le SDK LDAP -LDAPOpCacheEntries nombre 1024 sENombre d'entrées utilisées pour mettre en cache les +LDAPLibraryDebug 7sEActive le débogage dans le SDK LDAP +LDAPOpCacheEntries nombre 1024 sENombre d'entrées utilisées pour mettre en cache les opérations de comparaison LDAP -LDAPOpCacheTTL secondes 600 sEDurée pendant laquelle les entrées du cache d'opérations +LDAPOpCacheTTL secondes 600 sEDurée pendant laquelle les entrées du cache d'opérations restent valides -LDAPReferralHopLimit nombredhELe nombre maximum de redirections vers des serveurs +LDAPReferralHopLimit nombredhELe nombre maximum de redirections vers des serveurs alternatifs (referrals) avant l'abandon de la requête LDAP. -LDAPReferrals On|Off|default On dhEActive la redirection vers des serveurs alternatifs au +LDAPReferrals On|Off|default On dhEActive la redirection vers des serveurs alternatifs au cours des requêtes vers le serveur LDAP. -LDAPRetries nombre d'essais 3 sEDéfinit le nombre maximum de tentatives de connexions au +LDAPRetries nombre d'essais 3 sEDéfinit le nombre maximum de tentatives de connexions au serveur LDAP. -LDAPRetryDelay secondes 0 sEDéfinit le temps d'attente avant un autre essai de connexion au +LDAPRetryDelay secondes 0 sEDéfinit le temps d'attente avant un autre essai de connexion au serveur LDAP. -LDAPSharedCacheFile chemin/fichiersEDéfinit le fichier du cache en mémoire +LDAPSharedCacheFile chemin/fichiersEDéfinit le fichier du cache en mémoire partagée -LDAPSharedCacheSize octets 500000 sETaille en octets du cache en mémoire partagée -LDAPTimeout secondes 60 sESpécifie le délai d'attente pour les opérations de +LDAPSharedCacheSize octets 500000 sETaille en octets du cache en mémoire partagée +LDAPTimeout secondes 60 sESpécifie le délai d'attente pour les opérations de recherche et d'identification LDAP en secondes -LDAPTrustedClientCert type -chemin/nom-fichier/alias [mot de passe]svdhEDéfinit le nom de fichier contenant un certificat client ou +LDAPTrustedClientCert type +chemin/nom-fichier/alias [mot de passe]svdhEDéfinit le nom de fichier contenant un certificat client ou un alias renvoyant vers un certificat client spécifique à une connexion. Tous les SDK LDAP ne supportent pas les certificats clients par connexion. -LDAPTrustedGlobalCert type -chemin/nom-fichier [mot de passe]sEDéfinit le nom de fichier ou la base de données contenant +LDAPTrustedGlobalCert type +chemin/nom-fichier [mot de passe]sEDéfinit le nom de fichier ou la base de données contenant les Autorités de Certification de confiance globales ou les certificats clients globaux -LDAPTrustedMode typesvESpécifie le mode (SSL ou TLS) à utiliser lors de la +LDAPTrustedMode typesvESpécifie le mode (SSL ou TLS) à utiliser lors de la connexion à un serveur LDAP. -LDAPVerifyServerCert On|Off On sEForce la vérification du certificat du +LDAPVerifyServerCert On|Off On sEForce la vérification du certificat du serveur -<Limit méthode [méthode] ... > ... - </Limit>dhCLimite les contrôles d'accès que la section contient à +<Limit méthode [méthode] ... > ... + </Limit>dhCLimite les contrôles d'accès que la section contient à certaines méthodes HTTP -<LimitExcept méthode [méthode] ... > ... - </LimitExcept>dhCApplique les contrôles d'accès à toutes les méthodes HTTP, +<LimitExcept méthode [méthode] ... > ... + </LimitExcept>dhCApplique les contrôles d'accès à toutes les méthodes HTTP, sauf celles qui sont spécifiées -LimitInternalRecursion nombre [nombre] 10 svCDétermine le nombre maximal de redirections internes et de +LimitInternalRecursion nombre [nombre] 10 svCDétermine le nombre maximal de redirections internes et de sous-requêtes imbriquées -LimitRequestBody octets 0 svdhClimite la taille maximale du corps de la requête HTTP +LimitRequestBody octets 0 svdhClimite la taille maximale du corps de la requête HTTP envoyée par le client -LimitRequestFields nombre 100 svCLimite le nombre de champs d'en-tête autorisés dans une +LimitRequestFields nombre 100 svCLimite le nombre de champs d'en-tête autorisés dans une requête HTTP -LimitRequestFieldSize octets 8190 svCDédinit la taille maximale autorisée d'un en-tête de +LimitRequestFieldSize octets 8190 svCDédinit la taille maximale autorisée d'un en-tête de requête HTTP -LimitRequestLine octets 8190 svCDéfinit la taille maximale d'une ligne de requête +LimitRequestLine octets 8190 svCDéfinit la taille maximale d'une ligne de requête HTTP -LimitXMLRequestBody octets 1000000 svdhCDéfinit la taille maximale du corps d'une requête au format +LimitXMLRequestBody octets 1000000 svdhCDéfinit la taille maximale du corps d'une requête au format XML -Listen [adresse IP:]numéro port -[protocole]sMLes adresses IP et ports sur lesquels le serveur écoute -ListenBacklog backlogsMLongueur maximale de la liste d'attente des +Listen [adresse IP:]numéro port +[protocole]sMLes adresses IP et ports sur lesquels le serveur écoute +ListenBacklog backlogsMLongueur maximale de la liste d'attente des connexions -ListenCoresBucketsRatio ratio 0 (disabled) sMRapport entre le nombre de coeurs de processeur activés et +ListenCoresBucketsRatio ratio 0 (disabled) sMRapport entre le nombre de coeurs de processeur activés et le nombre de segments d'écoute -LoadFile nom-fichier [nom-fichier] ...svELiaison du fichier objet ou de la bibliothèque +LoadFile nom-fichier [nom-fichier] ...svELiaison du fichier objet ou de la bibliothèque spécifié -LoadModule module nom-fichiersvELiaison avec le serveur du fichier objet ou de la +LoadModule module nom-fichiersvELiaison avec le serveur du fichier objet ou de la bibliothèque spécifié, et ajout de ce dernier à la liste des modules actifs -<Location - chemin URL|URL> ... </Location>svCN'applique les directives contenues qu'aux URLs +<Location + chemin URL|URL> ... </Location>svCN'applique les directives contenues qu'aux URLs spécifiées -<LocationMatch - regex> ... </LocationMatch>svCN'applique les directives contenues qu'aux URLs +<LocationMatch + regex> ... </LocationMatch>svCN'applique les directives contenues qu'aux URLs correspondant à une expression rationnelle -LogFormat format|alias -[alias] "%h %l %u %t \"%r\" +svBDécrit un format utilisable dans un fichier +LogFormat format|alias +[alias] "%h %l %u %t \"%r\" +svBDécrit un format utilisable dans un fichier journal -LogIOTrackTTFB ON|OFF OFF svdhEPermet d'enregistrer le délai avant le premier octet (time +LogIOTrackTTFB ON|OFF OFF svdhEPermet d'enregistrer le délai avant le premier octet (time to first byte - TTFB) -LogLevel [module:]niveau +LogLevel [module:]niveau [module:niveau] ... - warn svdCContrôle la verbosité du journal des erreurs -LogMessage message + warn svdCContrôle la verbosité du journal des erreurs +LogMessage message [hook=hook] [expr=expression] -dXEnregistre des messages personnalisés dans le journal des +dXEnregistre des messages personnalisés dans le journal des erreurs -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXBranche une fonction fournisseur d'autorisation dans mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXBranche une fonction fournisseur d'autorisation dans mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure le cache de code compilé. -LuaHookAccessChecker /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase access_checker du +LuaCodeCache stat|forever|never stat svdhXConfigure le cache de code compilé. +LuaHookAccessChecker /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase access_checker du traitement de la requête -LuaHookAuthChecker /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase auth_checker du +LuaHookAuthChecker /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase auth_checker du traitement de la requête -LuaHookCheckUserID /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase check_user_id du +LuaHookCheckUserID /chemin/vers/lua/script.lua hook_function_name [early|late]svdhXFournit un point d'entrée pour la phase check_user_id du traitement de la requête -LuaHookFixups /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase de correction du +LuaHookFixups /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase de correction du traitement de la requête -LuaHookInsertFilter /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase insert_filter du +LuaHookInsertFilter /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase insert_filter du traitement de la requête -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXPermet une insertion dans la phase de journalisation du +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXPermet une insertion dans la phase de journalisation du traitement d'une requête -LuaHookMapToStorage /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase map_to_storage du +LuaHookMapToStorage /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase map_to_storage du traitement de la requête -LuaHookTranslateName /chemin/vers/lua/script.lua nom_fonction_hook [early|late]svXFournit un point d'entrée à la phase du nom de +LuaHookTranslateName /chemin/vers/lua/script.lua nom_fonction_hook [early|late]svXFournit un point d'entrée à la phase du nom de traduction du traitement de la requête -LuaHookTypeChecker /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase type_checker du +LuaHookTypeChecker /chemin/vers/lua/script.lua hook_function_namesvdhXFournit un point d'entrée pour la phase type_checker du traitement de la requête -LuaInherit none|parent-first|parent-last parent-first svdhXContrôle la manière dont les sections de configuration +LuaInherit none|parent-first|parent-last parent-first svdhXContrôle la manière dont les sections de configuration parentes sont fusionnées dans les enfants -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXFournit une fonction Lua pour le filtrage en entrée -LuaMapHandler modele-uri /chemin/vers/lua/script.lua -[nom-fonction]svdhXMet en correspondance un chemin avec un gestionnaire lua -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXFournit une fonction Lua pour le filtrage de contenu en +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXFournit une fonction Lua pour le filtrage en entrée +LuaMapHandler modele-uri /chemin/vers/lua/script.lua +[nom-fonction]svdhXMet en correspondance un chemin avec un gestionnaire lua +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXFournit une fonction Lua pour le filtrage de contenu en sortie -LuaPackageCPath /chemin/vers/include/?.soasvdhXAjoute un répertoire au package.cpath de lua -LuaPackagePath /chemin/vers/include/?.luasvdhXAjoute un répertoire au package.path de lua -LuaQuickHandler /path/to/script.lua hook_function_namesvdhXFournit un point d'entrée pour la gestion rapide du +LuaPackageCPath /chemin/vers/include/?.soasvdhXAjoute un répertoire au package.cpath de lua +LuaPackagePath /chemin/vers/include/?.luasvdhXAjoute un répertoire au package.path de lua +LuaQuickHandler /path/to/script.lua hook_function_namesvdhXFournit un point d'entrée pour la gestion rapide du traitement de la requête -LuaRoot /chemin/vers/un/répertoiresvdhXSpécifie le chemin de base pour la résolution des chemins +LuaRoot /chemin/vers/un/répertoiresvdhXSpécifie le chemin de base pour la résolution des chemins relatifs dans les directives de mod_lua -LuaScope once|request|conn|thread|server [min] [max] once svdhXUne valeur parmi once, request, conn, thread -- la valeur par défaut est once - +LuaScope once|request|conn|thread|server [min] [max] once svdhXUne valeur parmi once, request, conn, thread -- la valeur par défaut est once + <Macro nom [par1 .. parN]> -... </Macro>svdBDéfinition d'une macro dans un fichier de configuration -MaxConnectionsPerChild number 0 sMLimite le nombre de connexions qu'un processus enfant va +... </Macro>svdBDéfinition d'une macro dans un fichier de configuration +MaxConnectionsPerChild number 0 sMLimite le nombre de connexions qu'un processus enfant va traiter au cours de son fonctionnement -MaxKeepAliveRequests nombre 100 svCNombre de requêtes permises pour une connexion +MaxKeepAliveRequests nombre 100 svCNombre de requêtes permises pour une connexion persistante -MaxMemFree KOctets 2048 sMQuantité maximale de mémoire que l'allocateur principal est +MaxMemFree KOctets 2048 sMQuantité maximale de mémoire que l'allocateur principal est autorisé à conserver sans appeler free() -MaxRangeOverlaps default | unlimited | none | nombre de - chevauchements 20 svdCNombre de chevauchements de segments de données autorisé +MaxRangeOverlaps default | unlimited | none | nombre de + chevauchements 20 svdCNombre de chevauchements de segments de données autorisé (par exemple 100-200,150-300) avant le renvoi de la ressource complète -MaxRangeReversals default | unlimited | none | nombre - d'inversions 20 svdCNombre d'inversions d'ordre autorisé dans la spécification des +MaxRangeReversals default | unlimited | none | nombre + d'inversions 20 svdCNombre d'inversions d'ordre autorisé dans la spécification des segments de données (par exemple 100-200,50-70) avant le renvoi de la ressource complète -MaxRanges default | unlimited | none | nombre de segments 200 svdCNombre de segments de données autorisé avant le renvoi de +MaxRanges default | unlimited | none | nombre de segments 200 svdCNombre de segments de données autorisé avant le renvoi de l'intégralité de la ressource -MaxRequestWorkers nombresMNombre maximum de connexions pouvant être traitées +MaxRequestWorkers nombresMNombre maximum de connexions pouvant être traitées simultanément -MaxSpareServers nombre 10 sMNombre maximum de processus serveurs enfants +MaxSpareServers nombre 10 sMNombre maximum de processus serveurs enfants inactifs -MaxSpareThreads nombresMNombre maximum de threads inactifs -MaxThreads nombre 2048 sMDéfinit le nombre maximum de threads esclaves -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEDurée de conservation des connexions inactives -MergeTrailers [on|off] off svCDétermine si les données supplémentaires (trailers) sont +MaxSpareThreads nombresMNombre maximum de threads inactifs +MaxThreads nombre 2048 sMDéfinit le nombre maximum de threads esclaves +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEDurée de conservation des connexions inactives +MergeTrailers [on|off] off svCDétermine si les données supplémentaires (trailers) sont fusionnées avec les en-têtes -MetaDir répertoire .web svdhELe nom du répertoire où trouver les fichiers de +MetaDir répertoire .web svdhELe nom du répertoire où trouver les fichiers de métainformations dans le style du CERN -MetaFiles on|off off svdhEActive le traitement des métafichiers du CERN -MetaSuffix suffixe .meta svdhESuffixe du fichier contenant les métainformations dans le +MetaFiles on|off off svdhEActive le traitement des métafichiers du CERN +MetaSuffix suffixe .meta svdhESuffixe du fichier contenant les métainformations dans le style du CERN -MimeMagicFile chemin-fichiersvEActive la détermination du type MIME en se basant sur le +MimeMagicFile chemin-fichiersvEActive la détermination du type MIME en se basant sur le contenu du fichier et en utilisant le fichier magique spécifié -MinSpareServers nombre 5 sMNombre minimum de processus serveurs enfants +MinSpareServers nombre 5 sMNombre minimum de processus serveurs enfants inactifs -MinSpareThreads nombresMNombre minimum de threads inactifs qui seront disponibles +MinSpareThreads nombresMNombre minimum de threads inactifs qui seront disponibles pour pouvoir traiter les pics de requêtes -MMapFile chemin fichier [chemin fichier] ...sXCharge au démarrage une liste de fichiers en mémoire -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXStandard de modem à simuler -ModMimeUsePathInfo On|Off Off dBIndique à mod_mime de traiter les éléments +MMapFile chemin fichier [chemin fichier] ...sXCharge au démarrage une liste de fichiers en mémoire +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXStandard de modem à simuler +ModMimeUsePathInfo On|Off Off dBIndique à mod_mime de traiter les éléments de path_info en tant que parties du nom de fichier -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBLes types de fichiers qui seront inclus lors d'une +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBLes types de fichiers qui seront inclus lors d'une recherche de correspondance de fichier avec les vues multiples (MultiViews) -Mutex mécanisme [default|nom-mutex] ... [OmitPID] default sCDéfinit les mécanismes de mutex et le repertoire du fichier +Mutex mécanisme [default|nom-mutex] ... [OmitPID] default sCDéfinit les mécanismes de mutex et le repertoire du fichier verrou pour tous les mutex ou seulement les mutex spécifiés -NameVirtualHost adresse[:port]sCOBSOLETE : Définit une adresse IP pour les serveurs virtuels à base de +NameVirtualHost adresse[:port]sCOBSOLETE : Définit une adresse IP pour les serveurs virtuels à base de nom -NoProxy domaine [domaine] ...svEServeurs, domaines ou réseaux auquels on se connectera +NoProxy domaine [domaine] ...svEServeurs, domaines ou réseaux auquels on se connectera directement -NWSSLTrustedCerts nom-fichier -[nom-fichier] ...sBListe de certificats clients supplémentaires -NWSSLUpgradeable [adresse-IP:]num-portsBPermet de promouvoir une connexion non SSL au statut de +NWSSLTrustedCerts nom-fichier +[nom-fichier] ...sBListe de certificats clients supplémentaires +NWSSLUpgradeable [adresse-IP:]num-portsBPermet de promouvoir une connexion non SSL au statut de connexion SSL à la demande -Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhCDéfinit les fonctionnalités disponibles pour un répertoire +Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhCDéfinit les fonctionnalités disponibles pour un répertoire particulier - Order ordre Deny,Allow dhEDéfinit le statut d'accès par défaut et l'ordre dans lequel + Order ordre Deny,Allow dhEDéfinit le statut d'accès par défaut et l'ordre dans lequel les directives Allow et Deny sont évaluées. -OutputSed commande-seddhCommande sed pour le filtrage des contenus de type +OutputSed commande-seddhCommande sed pour le filtrage des contenus de type réponse -PassEnv var-env [var-env] -...svdhBTransmet des variables d'environnement depuis le +PassEnv var-env [var-env] +...svdhBTransmet des variables d'environnement depuis le shell -PidFile nom fichier logs/httpd.pid sMFicher dans lequel le serveur enregistre l'identificateur +PidFile nom fichier logs/httpd.pid sMFicher dans lequel le serveur enregistre l'identificateur de processus du démon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXFait un compromis entre d'une part l'efficacité et la +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXFait un compromis entre d'une part l'efficacité et la vitesse de traitement et d'autre part la sécurité à l'encontre des codes malicieux supportant les privilèges. -Protocol protocolesvCProtocole pour une socket d'écoute -ProtocolEcho On|Off Off svXActive ou désactive le serveur d'écho -Protocols protocole ... http/1.1 svCProtocoles disponibles pour un serveur virtuel ou non -ProtocolsHonorOrder On|Off On svCDétermine qui du client ou du serveur détermine l'ordre +Protocol protocolesvCProtocole pour une socket d'écoute +ProtocolEcho On|Off Off svXActive ou désactive le serveur d'écho +Protocols protocole ... http/1.1 svCProtocoles disponibles pour un serveur virtuel ou non +ProtocolsHonorOrder On|Off On svCDétermine qui du client ou du serveur détermine l'ordre des protocoles au cours de la négociation de la connexion -<Proxy url-avec-jokers> ...</Proxy>svEConteneur de directives s'appliquant à des ressources +<Proxy url-avec-jokers> ...</Proxy>svEConteneur de directives s'appliquant à des ressources mandatées -ProxyAddHeaders Off|On On svdEAjoute des informations à propos du mandataire aux +ProxyAddHeaders Off|On On svdEAjoute des informations à propos du mandataire aux en-têtes X-Forwarded-* -ProxyBadHeader IsError|Ignore|StartBody IsError svEDétermine la manière de traiter les lignes d'en-tête +ProxyBadHeader IsError|Ignore|StartBody IsError svEDétermine la manière de traiter les lignes d'en-tête incorrectes d'une réponse -ProxyBlock *|terme|serveur|domaine -[terme|serveur|domaine] ...svETermes, serveurs ou domaines bloqués par le +ProxyBlock *|terme|serveur|domaine +[terme|serveur|domaine] ...svETermes, serveurs ou domaines bloqués par le mandataire -ProxyDomain DomainesvENom de domaine par défaut pour les requêtes +ProxyDomain DomainesvENom de domaine par défaut pour les requêtes mandatées -ProxyErrorOverride On|Off Off svdEOutrepasser les pages d'erreur pour les contenus +ProxyErrorOverride On|Off Off svdEOutrepasser les pages d'erreur pour les contenus mandatés -ProxyExpressDBMFile <chemin>svEChemin du fichier DBM. -ProxyExpressDBMFile <type>svEType de fichier DBM. -ProxyExpressEnable [on|off]svEActive la fonctionnalité du module. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpécifie le type de l'application FastCGI d'arrière-plan -ProxyFCGISetEnvIf conditional-expression +ProxyExpressDBMFile <chemin>svEChemin du fichier DBM. +ProxyExpressDBMFile <type>svEType de fichier DBM. +ProxyExpressEnable [on|off]svEActive la fonctionnalité du module. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpécifie le type de l'application FastCGI d'arrière-plan +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEPermet d'adapter la valeur des variables envoyées aux serveurs + [value-expression]svdhEPermet d'adapter la valeur des variables envoyées aux serveurs FastCGI -ProxyFtpDirCharset jeu-caractères ISO-8859-1 svdEDéfinit le jeu de caractères des listings FTP +ProxyFtpDirCharset jeu-caractères ISO-8859-1 svdEDéfinit le jeu de caractères des listings FTP mandatés -ProxyFtpEscapeWildcards [on|off]svdELes caractères génériques dans les noms de fichiers +ProxyFtpEscapeWildcards [on|off]svdELes caractères génériques dans les noms de fichiers doivent-ils être échappés lorsqu'ils sont envoyés au serveur FTP ? -ProxyFtpListOnWildcard [on|off]svdELes caractères génériques dans les noms de fichiers +ProxyFtpListOnWildcard [on|off]svdELes caractères génériques dans les noms de fichiers demandés doivent-ils déclencher l'affichage d'un listing ? -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize nb-octetssvdBDéfinit l'incrément de la taille du tampon, ainsi que sa +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize nb-octets 8192 svdBDéfinit l'incrément de la taille du tampon, ainsi que sa taille initiale, pour la mise en tampon des scripts en ligne et des feuilles de style. -ProxyHTMLCharsetOut jeu-de-caractères | *svdBSpécifie un jeu de caractères pour la sortie de +ProxyHTMLCharsetOut jeu-de-caractères | *svdBSpécifie un jeu de caractères pour la sortie de mod_proxy_html. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBDéfinit une déclaration de type de document HTML ou XHTML. -ProxyHTMLEnable On|Off Off svdBPermet d'activer/désactiver le filtre proxy_html. -ProxyHTMLEvents attribut [attribut ...]svdBSpécifie les attributs à traiter comme des évènements de +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBDéfinit une déclaration de type de document HTML ou XHTML. +ProxyHTMLEnable On|Off Off svdBPermet d'activer/désactiver le filtre proxy_html. +ProxyHTMLEvents attribut [attribut ...]svdBSpécifie les attributs à traiter comme des évènements de type scripting. -ProxyHTMLExtended On|Off Off svdBDétermine si l'on doit corriger les liens dans les scripts +ProxyHTMLExtended On|Off Off svdBDétermine si l'on doit corriger les liens dans les scripts en ligne, les feuilles de style et les évènements de type scripting. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBCorrige les erreurs HTML simples. -ProxyHTMLInterp On|Off Off svdBActive la réinterprétation des règles +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBCorrige les erreurs HTML simples. +ProxyHTMLInterp On|Off Off svdBActive la réinterprétation des règles ProxyHTMLURLMap pour chaque requête. -ProxyHTMLLinks élément attribut [attribut2 ...]svdBSpécifie les éléments HTML dont les attributs d'URL doivent +ProxyHTMLLinks élément attribut [attribut2 ...]svdBSpécifie les éléments HTML dont les attributs d'URL doivent être réécrits. -ProxyHTMLMeta On|Off Off svdBActive ou désactive une préinterprétation supplémentaire +ProxyHTMLMeta On|Off Off svdBActive ou désactive une préinterprétation supplémentaire des métadonnées dans les sections HTML <head>. -ProxyHTMLStripComments On|Off Off svdBDétermine si les commentaires HTML doivent être supprimés. -ProxyHTMLURLMap modèle-source modèle-cible [drapeaux] [cond]svdBDéfinit une règle de réécriture des liens HTML -ProxyIOBufferSize octets 8192 svEDétermine la taille du tampon interne de transfert de +ProxyHTMLStripComments On|Off Off svdBDétermine si les commentaires HTML doivent être supprimés. +ProxyHTMLURLMap modèle-source modèle-cible [drapeaux] [cond]svdBDéfinit une règle de réécriture des liens HTML +ProxyIOBufferSize octets 8192 svEDétermine la taille du tampon interne de transfert de données -<ProxyMatch regex> ...</ProxyMatch>svEConteneur de directives s'appliquant à des ressources +<ProxyMatch regex> ...</ProxyMatch>svEConteneur de directives s'appliquant à des ressources mandatées correspondant à une expression rationnelle -ProxyMaxForwards nombre -1 svENombre maximum de mandataires à travers lesquelles une +ProxyMaxForwards nombre -1 svENombre maximum de mandataires à travers lesquelles une requête peut être redirigée -ProxyPass [chemin] !|url [clé=valeur - [clé=valeur ...]] [nocanon] [interpolate] [noquery]svdERéférencer des serveurs distants depuis +ProxyPass [chemin] !|url [clé=valeur + [clé=valeur ...]] [nocanon] [interpolate] [noquery]svdERéférencer des serveurs distants depuis l'espace d'URLs du serveur local -ProxyPassInherit On|Off On svEHéritage des directives ProxyPass définies au niveau du +ProxyPassInherit On|Off On svEHéritage des directives ProxyPass définies au niveau du serveur principal -ProxyPassInterpolateEnv On|Off Off svdEActive l'interpolation des variables d'environnement dans +ProxyPassInterpolateEnv On|Off Off svdEActive l'interpolation des variables d'environnement dans les configurations de mandataires inverses -ProxyPassMatch [regex] !|url +ProxyPassMatch [regex] !|url [clé=valeur - [clé=valeur ...]]svdEFait correspondre des serveurs distants dans l'espace d'URL + [clé=valeur ...]]svdEFait correspondre des serveurs distants dans l'espace d'URL du serveur local en utilisant des expressions rationnelles -ProxyPassReverse [chemin] url -[interpolate]svdEAjuste l'URL dans les en-têtes de la réponse HTTP envoyée +ProxyPassReverse [chemin] url +[interpolate]svdEAjuste l'URL dans les en-têtes de la réponse HTTP envoyée par un serveur mandaté en inverse -ProxyPassReverseCookieDomain domaine-interne -domaine-public [interpolate]svdEAjuste la chaîne correspondant au domaine dans les en-têtes +ProxyPassReverseCookieDomain domaine-interne +domaine-public [interpolate]svdEAjuste la chaîne correspondant au domaine dans les en-têtes Set-Cookie en provenance d'un serveur mandaté -ProxyPassReverseCookiePath chemin-interne -chemin-public [interpolate]svdEAjuste la chaîne correspondant au chemin dans les en-têtes +ProxyPassReverseCookiePath chemin-interne +chemin-public [interpolate]svdEAjuste la chaîne correspondant au chemin dans les en-têtes Set-Cookie en provenance d'un serveur mandaté -ProxyPreserveHost On|Off Off svdEUtilise l'en-tête de requête entrante Host pour la requête +ProxyPreserveHost On|Off Off svdEUtilise l'en-tête de requête entrante Host pour la requête du mandataire -ProxyReceiveBufferSize octets 0 svETaille du tampon réseau pour les connexions mandatées HTTP +ProxyReceiveBufferSize octets 0 svETaille du tampon réseau pour les connexions mandatées HTTP et FTP -ProxyRemote comparaison serveur-distantsvEMandataire distant à utiliser pour traiter certaines +ProxyRemote comparaison serveur-distantsvEMandataire distant à utiliser pour traiter certaines requêtes -ProxyRemoteMatch regex serveur-distantsvELe mandataire distant à utiliser pour traiter les requêtes +ProxyRemoteMatch regex serveur-distantsvELe mandataire distant à utiliser pour traiter les requêtes correspondant à une expression rationnelle -ProxyRequests On|Off Off svEActive la fonctionnalité (standard) de mandataire +ProxyRequests On|Off Off svEActive la fonctionnalité (standard) de mandataire direct -ProxySCGIInternalRedirect On|Off|Headername On svdEActive ou désactive les réponses de redirection interne en +ProxySCGIInternalRedirect On|Off|Headername On svdEActive ou désactive les réponses de redirection interne en provenance du serveur cible. -ProxySCGISendfile On|Off|nom-en-tête Off svdEActive l'évaluation du pseudo en-tête de réponse +ProxySCGISendfile On|Off|nom-en-tête Off svdEActive l'évaluation du pseudo en-tête de réponse X-Sendfile -ProxySet url clé=valeur [clé=valeur ...]dEDéfinit différents paramètres relatifs à la répartition de +ProxySet url clé=valeur [clé=valeur ...]svdEDéfinit différents paramètres relatifs à la répartition de charge des mandataires et aux membres des groupes de répartition de charge -ProxySourceAddress adressesvEDéfinit l'adresse IP locale pour les connexions mandatées +ProxySourceAddress adressesvEDéfinit l'adresse IP locale pour les connexions mandatées sortantes -ProxyStatus Off|On|Full Off svEAffiche l'état du répartiteur de charge du mandataire dans +ProxyStatus Off|On|Full Off svEAffiche l'état du répartiteur de charge du mandataire dans mod_status -ProxyTimeout secondessvEDélai d'attente réseau pour les requêtes +ProxyTimeout secondessvEDélai d'attente réseau pour les requêtes mandatées -ProxyVia On|Off|Full|Block Off svEInformation fournie dans l'en-tête de réponse HTTP +ProxyVia On|Off|Full|Block Off svEInformation fournie dans l'en-tête de réponse HTTP Via pour les requêtes mandatées -QualifyRedirectURL ON|OFF OFF svdCVérifie si la variable d'environnement REDIRECT_URL est +QualifyRedirectURL ON|OFF OFF svdCVérifie si la variable d'environnement REDIRECT_URL est pleinement qualifiée -ReadmeName nom-fichiersvdhBNom du fichier dont le contenu sera inséré à la fin de +ReadmeName nom-fichiersvdhBNom du fichier dont le contenu sera inséré à la fin de l'index -ReceiveBufferSize octets 0 sMTaille du tampon TCP en entrée -Redirect [état] [URL-path] -URLsvdhBEnvoie une redirection externe demandant au client +ReceiveBufferSize octets 0 sMTaille du tampon TCP en entrée +Redirect [état] [URL-path] +URLsvdhBEnvoie une redirection externe demandant au client d'effectuer une autre requête avec une URL différente -RedirectMatch [état] regex -URLsvdhBEnvoie une redirection externe faisant appel aux +RedirectMatch [état] regex +URLsvdhBEnvoie une redirection externe faisant appel aux expressions rationnelles pour la mise en correspondance de l'URL courante -RedirectPermanent chemin URL URLsvdhBEnvoie une redirection externe permanente demandant au +RedirectPermanent chemin URL URLsvdhBEnvoie une redirection externe permanente demandant au client d'effectuer une nouvelle requête avec une URL différente -RedirectTemp chemin URL URLsvdhBEnvoie une redirection externe temporaire demandant au +RedirectTemp chemin URL URLsvdhBEnvoie une redirection externe temporaire demandant au client d'effectuer une nouvelle requête avec une URL différente -ReflectorHeader en-tête-entrée [en-tête-sortie]svdhBRenvoie un en-tête d'entrée dans les en-têtes de sortie +ReflectorHeader en-tête-entrée [en-tête-sortie]svdhBRenvoie un en-tête d'entrée dans les en-têtes de sortie +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCConfiguration des options globales par défaut pour les + expressions rationnelles RegisterHttpMethod méthode [méthode [...]]sCEnregistrement de méthodes HTTP non standards RemoteIPHeader en-têtesvBDéfinit le champ d'en-tête qui contiendra les adresses IP du client @@ -1105,7 +1116,7 @@ RewriteEngine on|off off svdhEActive ou désactive l'exécution du moteur de réécriture -RewriteMap MapName MapType:MapSource +RewriteMap MapName MapType:MapSource [MapTypeOptions] svEDéfinit une fonction de mise en correspondance pour la recherche de mots-clés RewriteOptions OptionssvdhEConfigure certaines options spéciales @@ -1267,7 +1278,7 @@ non sécurisée SSLOCSDefaultResponder urisvEDéfinit l'URI du répondeur par défaut pour la validation OCSP -SSLOCSPEnable on|off off svEActive la validation OCSP de la chaîne de certificats du +SSLOCSPEnable on|leaf|off off svEActive la validation OCSP de la chaîne de certificats du client SSLOCSPNoverify On/Off Off svEEvite la vérification des certificats des répondeurs OCSP SSLOCSPOverrideResponder on|off off svEForce l'utilisation de l'URI du répondeur par défaut pour diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.ja.utf8 apache2-2.4.34/docs/manual/mod/quickreference.html.ja.utf8 --- apache2-2.4.33/docs/manual/mod/quickreference.html.ja.utf8 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.ja.utf8 2018-07-10 12:21:25.000000000 +0000 @@ -337,7 +337,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory directorysMApache ãŒã‚³ã‚¢ãƒ€ãƒ³ãƒ—ã™ã‚‹å‰ã«ç§»å‹•ã‚’試ã¿ã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª @@ -494,288 +494,298 @@ <IfDefine [!]parameter-name> ... </IfDefine>svdhC起動時ã«ãƒ†ã‚¹ãƒˆãŒçœŸã§ã‚ã‚‹ã¨ãã®ã¿ã«å‡¦ç†ã•ã‚Œã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã‚’ 囲む +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]module-file|module-identifier> ... </IfModule>svdhCモジュールã®å­˜åœ¨ã™ã‚‹ã‹ã—ãªã„ã‹ã«å¿œã˜ã¦å‡¦ç†ã•ã‚Œã‚‹ ディレクティブを囲む -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEãƒãƒ¼ã‚¸ãƒ§ãƒ³ä¾å­˜ã®è¨­å®šã‚’入れる -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEãƒãƒ¼ã‚¸ãƒ§ãƒ³ä¾å­˜ã®è¨­å®šã‚’入れる +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include file-path|directory-pathsvdCサーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ä¸­ã‹ã‚‰ä»–ã®è¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’å–り込む -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include file-path|directory-pathsvdCサーãƒè¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ä¸­ã‹ã‚‰ä»–ã®è¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’å–り込む +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBインデックスページ㮠HEAD セクションã«ãƒ†ã‚­ã‚¹ãƒˆã‚’挿入ã™ã‚‹ -IndexIgnore file [file] ...svdhBディレクトリ一覧を行ãªã†éš›ã«ç„¡è¦–ã™ã¹ã +IndexHeadInsert "markup ..."svdhBインデックスページ㮠HEAD セクションã«ãƒ†ã‚­ã‚¹ãƒˆã‚’挿入ã™ã‚‹ +IndexIgnore file [file] ...svdhBディレクトリ一覧を行ãªã†éš›ã«ç„¡è¦–ã™ã¹ã ファイルリストã«è¿½åŠ  -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] ...svdhBディレクトリインデックスã®æ§˜ã€…ãªè¨­å®šé …ç›® +IndexOptions [+|-]option [[+|-]option] ...svdhBディレクトリインデックスã®æ§˜ã€…ãªè¨­å®šé …ç›® -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhB +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhB ディレクトリインデックスã®æ¨™æº–ã®é †ç•ªä»˜ã‘を設定 -IndexStyleSheet url-pathsvdhBディレクトリインデックス㫠CSS スタイルシートを追加ã™ã‚‹ -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexStyleSheet url-pathsvdhBディレクトリインデックス㫠CSS スタイルシートを追加ã™ã‚‹ +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCHTTP ã®æŒç¶šçš„ãªæŽ¥ç¶šã‚’有効ã«ã™ã‚‹ -KeepAliveTimeout seconds 5 svCæŒç¶šçš„ãªæŽ¥ç¶šã§æ¬¡ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒæ¥ã‚‹ã¾ã§ã‚µãƒ¼ãƒãŒå¾…ã¤æ™‚é–“ -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeepAlive On|Off On svCHTTP ã®æŒç¶šçš„ãªæŽ¥ç¶šã‚’有効ã«ã™ã‚‹ +KeepAliveTimeout seconds 5 svCæŒç¶šçš„ãªæŽ¥ç¶šã§æ¬¡ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒæ¥ã‚‹ã¾ã§ã‚µãƒ¼ãƒãŒå¾…ã¤æ™‚é–“ +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBクライアントãŒå„ªå…ˆåº¦ã‚’示ã•ãªã‹ã£ãŸã¨ãã®è¨€èªžã® variant ã®å„ªå…ˆåº¦ã‚’ +LanguagePriority MIME-lang [MIME-lang] +...svdhBクライアントãŒå„ªå…ˆåº¦ã‚’示ã•ãªã‹ã£ãŸã¨ãã®è¨€èªžã® variant ã®å„ªå…ˆåº¦ã‚’ 指定 -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>svdhC囲ã„ã®ä¸­ã«ã‚るアクセス制御ã®é©ç”¨ã‚’特定㮠HTTP メソッドã®ã¿ã« +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>svdhC囲ã„ã®ä¸­ã«ã‚るアクセス制御ã®é©ç”¨ã‚’特定㮠HTTP メソッドã®ã¿ã« 制é™ã™ã‚‹ -<LimitExcept method [method] ... > ... - </LimitExcept>svdhC指定ã•ã‚ŒãŸã‚‚ã®ä»¥å¤–ã® HTTP メソッドã«ã‚¢ã‚¯ã‚»ã‚¹åˆ¶å¾¡ã‚’ +<LimitExcept method [method] ... > ... + </LimitExcept>svdhC指定ã•ã‚ŒãŸã‚‚ã®ä»¥å¤–ã® HTTP メソッドã«ã‚¢ã‚¯ã‚»ã‚¹åˆ¶å¾¡ã‚’ 制é™ã™ã‚‹ -LimitInternalRecursion number [number] 10 svC内部リダイレクトã¨å…¥ã‚Œå­ã«ãªã£ãŸã‚µãƒ–リクエストã®æœ€å¤§æ•°ã‚’決定ã™ã‚‹ -LimitRequestBody bytes 0 svdhCクライアントã‹ã‚‰é€ã‚‰ã‚Œã‚‹ HTTP リクエストã®ãƒœãƒ‡ã‚£ã® +LimitInternalRecursion number [number] 10 svC内部リダイレクトã¨å…¥ã‚Œå­ã«ãªã£ãŸã‚µãƒ–リクエストã®æœ€å¤§æ•°ã‚’決定ã™ã‚‹ +LimitRequestBody bytes 0 svdhCクライアントã‹ã‚‰é€ã‚‰ã‚Œã‚‹ HTTP リクエストã®ãƒœãƒ‡ã‚£ã® ç·é‡ã‚’制é™ã™ã‚‹ -LimitRequestFields number 100 sCクライアントã‹ã‚‰ã® HTTP リクエストã®ãƒ˜ãƒƒãƒ€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®æ•°ã‚’ +LimitRequestFields number 100 sCクライアントã‹ã‚‰ã® HTTP リクエストã®ãƒ˜ãƒƒãƒ€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®æ•°ã‚’ 制é™ã™ã‚‹ -LimitRequestFieldSize bytes 8190 sCクライアントã‹ã‚‰ã® HTTP リクエストã®ãƒ˜ãƒƒãƒ€ã® +LimitRequestFieldSize bytes 8190 sCクライアントã‹ã‚‰ã® HTTP リクエストã®ãƒ˜ãƒƒãƒ€ã® サイズを制é™ã™ã‚‹ -LimitRequestLine bytes 8190 sCクライアントã‹ã‚‰ã® HTTP リクエスト行ã®ã‚µã‚¤ã‚ºã‚’制é™ã™ã‚‹ -LimitXMLRequestBody bytes 1000000 svdhCXML å½¢å¼ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒœãƒ‡ã‚£ã®ã‚µã‚¤ã‚ºã‚’制é™ã™ã‚‹ -Listen [IP-address:]portnumber [protocol]sMサーãƒãŒ listen ã™ã‚‹IP アドレスã¨ãƒãƒ¼ãƒˆç•ªå· -ListenBacklog backlogsMä¿ç•™çŠ¶æ…‹ã®ã‚³ãƒã‚¯ã‚·ãƒ§ãƒ³ã®ã‚­ãƒ¥ãƒ¼ã®æœ€å¤§é•· -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +LimitRequestLine bytes 8190 sCクライアントã‹ã‚‰ã® HTTP リクエスト行ã®ã‚µã‚¤ã‚ºã‚’制é™ã™ã‚‹ +LimitXMLRequestBody bytes 1000000 svdhCXML å½¢å¼ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒœãƒ‡ã‚£ã®ã‚µã‚¤ã‚ºã‚’制é™ã™ã‚‹ +Listen [IP-address:]portnumber [protocol]sMサーãƒãŒ listen ã™ã‚‹IP アドレスã¨ãƒãƒ¼ãƒˆç•ªå· +ListenBacklog backlogsMä¿ç•™çŠ¶æ…‹ã®ã‚³ãƒã‚¯ã‚·ãƒ§ãƒ³ã®ã‚­ãƒ¥ãƒ¼ã®æœ€å¤§é•· +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...svE指定ã•ã‚ŒãŸã‚ªãƒ–ジェクトファイルやライブラリをリンクã™ã‚‹ -LoadModule module filenamesvEオブジェクトファイルやライブラリをリンクã—ã€ä½¿ç”¨ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«ã® +LoadFile filename [filename] ...svE指定ã•ã‚ŒãŸã‚ªãƒ–ジェクトファイルやライブラリをリンクã™ã‚‹ +LoadModule module filenamesvEオブジェクトファイルやライブラリをリンクã—ã€ä½¿ç”¨ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«ã® リストã«è¿½åŠ ã™ã‚‹ -<Location - URL-path|URL> ... </Location>svC囲んã ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–をマッãƒã™ã‚‹ URL ã®ã¿ã«é©ç”¨ -<LocationMatch - regex> ... </LocationMatch>svC囲んã ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã‚’æ­£è¦è¡¨ç¾ã«ãƒžãƒƒãƒã™ã‚‹ URL ã®ã¿ã« +<Location + URL-path|URL> ... </Location>svC囲んã ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–をマッãƒã™ã‚‹ URL ã®ã¿ã«é©ç”¨ +<LocationMatch + regex> ... </LocationMatch>svC囲んã ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–ã‚’æ­£è¦è¡¨ç¾ã«ãƒžãƒƒãƒã™ã‚‹ URL ã®ã¿ã« é©ç”¨ -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBログファイルã§ä½¿ç”¨ã™ã‚‹æ›¸å¼ã‚’設定ã™ã‚‹ -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel level warn svCErrorLog ã®å†—長性を制御ã™ã‚‹ -LogMessage message +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBログファイルã§ä½¿ç”¨ã™ã‚‹æ›¸å¼ã‚’設定ã™ã‚‹ +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel level warn svCErrorLog ã®å†—長性を制御ã™ã‚‹ +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests number 100 svCæŒç¶šçš„ãªæŽ¥ç¶šä¸Šã§è¨±å¯ã•ã‚Œã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã®æ•° -MaxMemFree KBytes 0 sMfree() ãŒå‘¼ã°ã‚Œãªã„é™ã‚Šã€ +MaxKeepAliveRequests number 100 svCæŒç¶šçš„ãªæŽ¥ç¶šä¸Šã§è¨±å¯ã•ã‚Œã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã®æ•° +MaxMemFree KBytes 0 sMfree() ãŒå‘¼ã°ã‚Œãªã„é™ã‚Šã€ 主メモリアロケータãŒä¿æŒã—続ã‘られるメモリã®æœ€å¤§é‡ -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers number 10 sMアイドルãªå­ã‚µãƒ¼ãƒãƒ—ロセスã®æœ€å¤§å€‹æ•° -MaxSpareThreads numbersMアイドルスレッドã®æœ€å¤§æ•° -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MaxSpareServers number 10 sMアイドルãªå­ã‚µãƒ¼ãƒãƒ—ロセスã®æœ€å¤§å€‹æ•° +MaxSpareThreads numbersMアイドルスレッドã®æœ€å¤§æ•° +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMアイドルãªå­ã‚µãƒ¼ãƒãƒ—ロセスã®æœ€å°å€‹æ•° -MinSpareThreads numbersMリクエストã«å¿œç­”ã™ã‚‹ã“ã¨ã®ã§ãã‚‹ +MinSpareServers number 5 sMアイドルãªå­ã‚µãƒ¼ãƒãƒ—ロセスã®æœ€å°å€‹æ•° +MinSpareThreads numbersMリクエストã«å¿œç­”ã™ã‚‹ã“ã¨ã®ã§ãã‚‹ アイドルスレッド数ã®æœ€å°æ•° -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dpath_info コンãƒãƒ¼ãƒãƒ³ãƒˆã‚’ファイルåã®ä¸€éƒ¨ã¨ã—ã¦æ‰±ã†ã‚ˆã†ã« +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dpath_info コンãƒãƒ¼ãƒãƒ³ãƒˆã‚’ファイルåã®ä¸€éƒ¨ã¨ã—ã¦æ‰±ã†ã‚ˆã†ã« mod_mime ã«é€šçŸ¥ã™ã‚‹ -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhMultiViews ã§ã®ãƒžãƒƒãƒãƒ³ã‚°ã®æ¤œç´¢ã«å«ã¾ã›ã‚‹ +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhMultiViews ã§ã®ãƒžãƒƒãƒãƒ³ã‚°ã®æ¤œç´¢ã«å«ã¾ã›ã‚‹ ファイルã®ã‚¿ã‚¤ãƒ—を指定ã™ã‚‹ -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCåå‰ãƒ™ãƒ¼ã‚¹ã®ãƒãƒ¼ãƒãƒ£ãƒ«ãƒ›ã‚¹ãƒˆã®ãŸã‚ã® IP アドレスを指定 -NoProxy host [host] ...svE直接接続ã™ã‚‹ ホストã€ãƒ‰ãƒ¡ã‚¤ãƒ³ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... All svdhCディレクトリã«å¯¾ã—ã¦ä½¿ç”¨å¯èƒ½ãªæ©Ÿèƒ½ã‚’設定ã™ã‚‹ - Order ordering Deny,Allow dhEデフォルトã®ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ãªçŠ¶æ…‹ã¨ã€Allow 㨠+NameVirtualHost addr[:port]sCåå‰ãƒ™ãƒ¼ã‚¹ã®ãƒãƒ¼ãƒãƒ£ãƒ«ãƒ›ã‚¹ãƒˆã®ãŸã‚ã® IP アドレスを指定 +NoProxy host [host] ...svE直接接続ã™ã‚‹ ホストã€ãƒ‰ãƒ¡ã‚¤ãƒ³ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... All svdhCディレクトリã«å¯¾ã—ã¦ä½¿ç”¨å¯èƒ½ãªæ©Ÿèƒ½ã‚’設定ã™ã‚‹ + Order ordering Deny,Allow dhEデフォルトã®ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ãªçŠ¶æ…‹ã¨ã€Allow 㨠Deny ãŒè©•ä¾¡ã•ã‚Œã‚‹é †ç•ªã‚’制御ã™ã‚‹ -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBシェルã‹ã‚‰ã®ç’°å¢ƒå¤‰æ•°ã‚’渡㙠-PidFile filename logs/httpd.pid sMデーモンã®ãƒ—ロセス ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBシェルã‹ã‚‰ã®ç’°å¢ƒå¤‰æ•°ã‚’渡㙠+PidFile filename logs/httpd.pid sMデーモンã®ãƒ—ロセス ID をサーãƒãŒè¨˜éŒ²ã™ã‚‹ãŸã‚ã®ãƒ•ã‚¡ã‚¤ãƒ« -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXエコーサーãƒã®æœ‰åŠ¹ç„¡åŠ¹ã‚’設定ã—ã¾ã™ã€‚ -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEプロキシã•ã‚Œã‚‹ãƒªã‚½ãƒ¼ã‚¹ã«é©ç”¨ã•ã‚Œã‚‹ã‚³ãƒ³ãƒ†ãƒŠ -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svE応答ã«ãŠã‹ã—ãªãƒ˜ãƒƒãƒ€ãŒã‚ã‚‹å ´åˆã®æ‰±ã„方を決ã‚ã‚‹ -ProxyBlock *|word|host|domain -[word|host|domain] ...svEプロキシ接続をç¦æ­¢ã™ã‚‹èªžå¥ã€ãƒ›ã‚¹ãƒˆåã€ãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’指定ã™ã‚‹ -ProxyDomain DomainsvEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ãƒ‰ãƒ¡ã‚¤ãƒ³å -ProxyErrorOverride On|Off Off svEプロキシã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã®ã‚¨ãƒ©ãƒ¼ãƒšãƒ¼ã‚¸ã‚’上書ãã™ã‚‹ -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXエコーサーãƒã®æœ‰åŠ¹ç„¡åŠ¹ã‚’設定ã—ã¾ã™ã€‚ +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEプロキシã•ã‚Œã‚‹ãƒªã‚½ãƒ¼ã‚¹ã«é©ç”¨ã•ã‚Œã‚‹ã‚³ãƒ³ãƒ†ãƒŠ +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svE応答ã«ãŠã‹ã—ãªãƒ˜ãƒƒãƒ€ãŒã‚ã‚‹å ´åˆã®æ‰±ã„方を決ã‚ã‚‹ +ProxyBlock *|word|host|domain +[word|host|domain] ...svEプロキシ接続をç¦æ­¢ã™ã‚‹èªžå¥ã€ãƒ›ã‚¹ãƒˆåã€ãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’指定ã™ã‚‹ +ProxyDomain DomainsvEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ãƒ‰ãƒ¡ã‚¤ãƒ³å +ProxyErrorOverride On|Off Off svEプロキシã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã®ã‚¨ãƒ©ãƒ¼ãƒšãƒ¼ã‚¸ã‚’上書ãã™ã‚‹ +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svE内部データスループットãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’決定ã™ã‚‹ -<ProxyMatch regex> ...</ProxyMatch>svEæ­£è¦è¡¨ç¾ã§ã®ãƒžãƒƒãƒã«ã‚ˆã‚‹ãƒ—ロキシリソース用ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–コンテナ -ProxyMaxForwards number 10 svEリクエストãŒãƒ•ã‚©ãƒ¯ãƒ¼ãƒ‰ã•ã‚Œã‚‹ãƒ—ロキシã®æœ€å¤§æ•° -ProxyPass [path] !|url [key=value key=value ...]]svdEリモートサーãƒã‚’ローカルサーãƒã® URL 空間ã«ãƒžãƒƒãƒ—ã™ã‚‹ -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -svdEEnable Environment Variable interpolation in Reverse Proxy configurations -svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] urlsvdEリãƒãƒ¼ã‚¹ãƒ—ロキシã•ã‚ŒãŸã‚µãƒ¼ãƒã‹ã‚‰é€ã‚‰ã‚ŒãŸ HTTP 応答ヘッダ㮠+ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svE内部データスループットãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’決定ã™ã‚‹ +<ProxyMatch regex> ...</ProxyMatch>svEæ­£è¦è¡¨ç¾ã§ã®ãƒžãƒƒãƒã«ã‚ˆã‚‹ãƒ—ロキシリソース用ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒ†ã‚£ãƒ–コンテナ +ProxyMaxForwards number 10 svEリクエストãŒãƒ•ã‚©ãƒ¯ãƒ¼ãƒ‰ã•ã‚Œã‚‹ãƒ—ロキシã®æœ€å¤§æ•° +ProxyPass [path] !|url [key=value key=value ...]]svdEリモートサーãƒã‚’ローカルサーãƒã® URL 空間ã«ãƒžãƒƒãƒ—ã™ã‚‹ +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +svdEEnable Environment Variable interpolation in Reverse Proxy configurations +svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] urlsvdEリãƒãƒ¼ã‚¹ãƒ—ロキシã•ã‚ŒãŸã‚µãƒ¼ãƒã‹ã‚‰é€ã‚‰ã‚ŒãŸ HTTP 応答ヘッダ㮠URL を調整ã™ã‚‹ -ProxyPassReverseCookieDomain internal-domain public-domainsvdEリãƒãƒ¼ã‚¹ãƒ—ロキシサーãƒã‹ã‚‰ã® Set-Cookie ヘッダ㮠Domain 文字列を +ProxyPassReverseCookieDomain internal-domain public-domainsvdEリãƒãƒ¼ã‚¹ãƒ—ロキシサーãƒã‹ã‚‰ã® Set-Cookie ヘッダ㮠Domain 文字列を 調整ã™ã‚‹ -ProxyPassReverseCookiePath internal-path public-pathsvdEReverse プロキシサーãƒã‹ã‚‰ã® Set-Cookie ヘッダ㮠Path 文字列を +ProxyPassReverseCookiePath internal-path public-pathsvdEReverse プロキシサーãƒã‹ã‚‰ã® Set-Cookie ヘッダ㮠Path 文字列を 調整ã™ã‚‹ -ProxyPreserveHost On|Off Off svEプロキシリクエストã«ã€å—ã‘付ã‘㟠Host HTTP ヘッダを使ㆠ-ProxyReceiveBufferSize bytes 0 svEプロキシã•ã‚Œã‚‹ HTTP 㨠FTP 接続ã®ãŸã‚ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º -ProxyRemote match remote-serversvE特定ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’扱ã†æ™‚ã«ä½¿ã‚れるリモートプロキシを指定ã™ã‚‹ -ProxyRemoteMatch regex remote-serversvEæ­£è¦è¡¨ç¾ã§ã®ãƒžãƒƒãƒã«ã‚ˆã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’扱ã†ãƒªãƒ¢ãƒ¼ãƒˆãƒ—ロキシã®æŒ‡å®š -ProxyRequests On|Off Off svEフォワード (標準ã®) プロキシリクエストを有効ã«ã™ã‚‹ -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyPreserveHost On|Off Off svEプロキシリクエストã«ã€å—ã‘付ã‘㟠Host HTTP ヘッダを使ㆠ+ProxyReceiveBufferSize bytes 0 svEプロキシã•ã‚Œã‚‹ HTTP 㨠FTP 接続ã®ãŸã‚ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º +ProxyRemote match remote-serversvE特定ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’扱ã†æ™‚ã«ä½¿ã‚れるリモートプロキシを指定ã™ã‚‹ +ProxyRemoteMatch regex remote-serversvEæ­£è¦è¡¨ç¾ã§ã®ãƒžãƒƒãƒã«ã‚ˆã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’扱ã†ãƒªãƒ¢ãƒ¼ãƒˆãƒ—ロキシã®æŒ‡å®š +ProxyRequests On|Off Off svEフォワード (標準ã®) プロキシリクエストを有効ã«ã™ã‚‹ +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout seconds 300 svEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆ -ProxyVia On|Off|Full|Block Off svEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã® Via HTTP 応答ヘッダ +dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout seconds 300 svEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆ +ProxyVia On|Off|Full|Block Off svEプロキシã•ã‚ŒãŸãƒªã‚¯ã‚¨ã‚¹ãƒˆã® Via HTTP 応答ヘッダ ã«ã‚ˆã‚Šæä¾›ã•ã‚Œã‚‹æƒ…å ± -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBインデックス一覧ã®æœ€å¾Œã«æŒ¿å…¥ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ -ReceiveBufferSize bytes 0 sMTCP å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º -Redirect [status] URL-path -URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆã‚’ +ReadmeName filenamesvdhBインデックス一覧ã®æœ€å¾Œã«æŒ¿å…¥ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ +ReceiveBufferSize bytes 0 sMTCP å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º +Redirect [status] URL-path +URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆã‚’ é€ã‚‹ -RedirectMatch [status] regex -URLsvdhBç¾åœ¨ã® URL ã¸ã®æ­£è¦è¡¨ç¾ã®ãƒžãƒƒãƒã«ã‚ˆã‚Š +RedirectMatch [status] regex +URLsvdhBç¾åœ¨ã® URL ã¸ã®æ­£è¦è¡¨ç¾ã®ãƒžãƒƒãƒã«ã‚ˆã‚Š 外部ã¸ã®ãƒªãƒ€ã‚¤ãƒ¬ã‚¯ãƒˆã‚’é€ã‚‹ -RedirectPermanent URL-path URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®æ°¸ä¹…的㪠+RedirectPermanent URL-path URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®æ°¸ä¹…的㪠リダイレクトをé€ã‚‹ -RedirectTemp URL-path URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®ä¸€æ™‚的㪠+RedirectTemp URL-path URLsvdhBクライアントãŒé•ã† URL ã‚’å–å¾—ã™ã‚‹ã‚ˆã†ã«å¤–部ã¸ã®ä¸€æ™‚的㪠リダイレクトをé€ã‚‹ -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -826,6 +836,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -937,7 +948,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.ko.euc-kr apache2-2.4.34/docs/manual/mod/quickreference.html.ko.euc-kr --- apache2-2.4.33/docs/manual/mod/quickreference.html.ko.euc-kr 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.ko.euc-kr 2018-07-10 12:21:25.000000000 +0000 @@ -334,7 +334,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to switch before dumping core @@ -491,308 +491,318 @@ <IfDefine [!]parameter-name> ... </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]module-file|module-identifier> ... </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhE¹öÀüº° ¼³Á¤À» ¹­´Â´Ù -ImapBase map|referer|URL http://servername/ svdhBÀ̹ÌÁö¸Ê ÆÄÀÏ¿¡¼­ base ±âº»°ª -ImapDefault error|nocontent|map|referer|URL nocontent svdhBÀ̹ÌÁö¸Ê¿¡ ¾î´À ¿µ¿ª¿¡µµ ÇØ´çÇÏÁö ¾Ê´Â ÁÂÇ¥¸¦ ÁØ +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhE¹öÀüº° ¼³Á¤À» ¹­´Â´Ù +ImapBase map|referer|URL http://servername/ svdhBÀ̹ÌÁö¸Ê ÆÄÀÏ¿¡¼­ base ±âº»°ª +ImapDefault error|nocontent|map|referer|URL nocontent svdhBÀ̹ÌÁö¸Ê¿¡ ¾î´À ¿µ¿ª¿¡µµ ÇØ´çÇÏÁö ¾Ê´Â ÁÂÇ¥¸¦ ÁØ °æ¿ì ±âº» Çൿ -ImapMenu none|formatted|semiformatted|unformattedsvdhBÁÂÇ¥¾øÀÌ À̹ÌÁö¸Ê ¿äû½Ã ÃëÇÒ Çൿ -Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within +ImapMenu none|formatted|semiformatted|unformattedsvdhBÁÂÇ¥¾øÀÌ À̹ÌÁö¸Ê ¿äû½Ã ÃëÇÒ Çൿ +Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ...svdhBµð·ºÅ丮 ¸ñ·Ï¿¡¼­ ¼û±æ ÆÄÀϸñ·ÏÀ» Ãß°¡ÇÑ´Ù -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ...svdhBµð·ºÅ丮 ¸ñ·Ï¿¡¼­ ¼û±æ ÆÄÀϸñ·ÏÀ» Ãß°¡ÇÑ´Ù +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBµð·ºÅ丮 ¸ñ·ÏÀÇ ¿©·¯ ¼³Á¤µé -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBµð·ºÅ丮 ¸ñ·ÏÀÇ ±âº» ¼ø¼­¸¦ ¼³Á¤ÇÑ´Ù -IndexStyleSheet url-pathsvdhBµð·ºÅ丮 ¸ñ·Ï¿¡ CSS ½ºÅ¸ÀϽ¬Æ®¸¦ Ãß°¡ÇÑ´Ù -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBISAPI exntensionÀÇ HSE_APPEND_LOG_PARAMETER +IndexOptions [+|-]option [[+|-]option] +...svdhBµð·ºÅ丮 ¸ñ·ÏÀÇ ¿©·¯ ¼³Á¤µé +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBµð·ºÅ丮 ¸ñ·ÏÀÇ ±âº» ¼ø¼­¸¦ ¼³Á¤ÇÑ´Ù +IndexStyleSheet url-pathsvdhBµð·ºÅ丮 ¸ñ·Ï¿¡ CSS ½ºÅ¸ÀϽ¬Æ®¸¦ Ãß°¡ÇÑ´Ù +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBISAPI exntensionÀÇ HSE_APPEND_LOG_PARAMETER ¿äûÀ» ¿À·ù ·Î±×¿¡ ±â·ÏÇÑ´Ù -ISAPIAppendLogToQuery on|off on svdhBISAPI exntensionÀÇ HSE_APPEND_LOG_PARAMETER +ISAPIAppendLogToQuery on|off on svdhBISAPI exntensionÀÇ HSE_APPEND_LOG_PARAMETER ¿äûÀ» ÁúÀǹ®ÀÚ¿­¿¡ ±â·ÏÇÑ´Ù -ISAPICacheFile file-path [file-path] -...svB¼­¹ö°¡ ½ÃÀÛÇÒ¶§ ¸Þ¸ð¸®·Î ÀоîµéÀÏ ISAPI .dll ÆÄÀϵé -ISAPIFakeAsync on|off off svdhBºñµ¿±â ISAPI ÄݹéÀ» Áö¿øÇϴ ôÇÑ´Ù -ISAPILogNotSupported on|off off svdhBISAPI extensionÀÌ Áö¿øÇÏÁö ¾Ê´Â ±â´ÉÀ» ¿äûÇϸé +ISAPICacheFile file-path [file-path] +...svB¼­¹ö°¡ ½ÃÀÛÇÒ¶§ ¸Þ¸ð¸®·Î ÀоîµéÀÏ ISAPI .dll ÆÄÀϵé +ISAPIFakeAsync on|off off svdhBºñµ¿±â ISAPI ÄݹéÀ» Áö¿øÇϴ ôÇÑ´Ù +ISAPILogNotSupported on|off off svdhBISAPI extensionÀÌ Áö¿øÇÏÁö ¾Ê´Â ±â´ÉÀ» ¿äûÇÏ¸é ·Î±×¿¡ ±â·ÏÇÑ´Ù -ISAPIReadAheadBuffer size 49152 svdhBISAPI extensionÀÇ ¹Ì¸®Àбâ¹öÆÛ(read ahead buffer) +ISAPIReadAheadBuffer size 49152 svdhBISAPI extensionÀÇ ¹Ì¸®Àбâ¹öÆÛ(read ahead buffer) Å©±â -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...sEÁöÁ¤ÇÑ ¸ñÀûÆÄÀÏÀ̳ª ¶óÀ̺귯¸®¸¦ ÀоîµéÀδ٠-LoadModule module filenamesE¸ñÀûÆÄÀÏÀ̳ª ¶óÀ̺귯¸®¸¦ ÀоîµéÀÌ°í, »ç¿ë°¡´ÉÇÑ +LoadFile filename [filename] ...sEÁöÁ¤ÇÑ ¸ñÀûÆÄÀÏÀ̳ª ¶óÀ̺귯¸®¸¦ ÀоîµéÀδ٠+LoadModule module filenamesE¸ñÀûÆÄÀÏÀ̳ª ¶óÀ̺귯¸®¸¦ ÀоîµéÀÌ°í, »ç¿ë°¡´ÉÇÑ ¸ðµâ ¸ñ·Ï¿¡ Ãß°¡ÇÑ´Ù -<Location - URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching +<Location + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs -<LocationMatch - regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression +<LocationMatch + regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression matching URLs -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svB·Î±×ÆÄÀÏ¿¡ »ç¿ëÇÒ Çü½ÄÀ» ±â¼úÇÑ´Ù -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel [module:]level +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svB·Î±×ÆÄÀÏ¿¡ »ç¿ëÇÒ Çü½ÄÀ» ±â¼úÇÑ´Ù +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel [module:]level [module:level] ... - warn svdCControls the verbosity of the ErrorLog -LogMessage message + warn svdCControls the verbosity of the ErrorLog +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent +MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent connection -MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed +MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed to hold without calling free() -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers number 10 sMMaximum number of idle child server processes -MaxSpareThreads numbersMMaximum number of idle threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhECERN ¸ÞŸÁ¤º¸¸¦ ãÀ» µð·ºÅ丮 À̸§ -MetaFiles on|off off svdhECERN ¸ÞŸÆÄÀÏÀ» ó¸®ÇÑ´Ù -MetaSuffix suffix .meta svdhECERN ¸ÞŸÁ¤º¸¸¦ ÀúÀåÇÏ´Â ÆÄÀÏÀÇ Á¢¹Ì»ç -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MaxSpareServers number 10 sMMaximum number of idle child server processes +MaxSpareThreads numbersMMaximum number of idle threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhECERN ¸ÞŸÁ¤º¸¸¦ ãÀ» µð·ºÅ丮 À̸§ +MetaFiles on|off off svdhECERN ¸ÞŸÆÄÀÏÀ» ó¸®ÇÑ´Ù +MetaSuffix suffix .meta svdhECERN ¸ÞŸÁ¤º¸¸¦ ÀúÀåÇÏ´Â ÆÄÀÏÀÇ Á¢¹Ì»ç +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sX½ÃÀ۽à ¿©·¯ ÆÄÀÏÀ» ¸Þ¸ð¸®¿¡ ´ëÀÀÇÑ´Ù -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sX½ÃÀ۽à ¿©·¯ ÆÄÀÏÀ» ¸Þ¸ð¸®¿¡ ´ëÀÀÇÑ´Ù +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual +NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhB½©¿¡¼­ ȯ°æº¯¼ö¸¦ °¡Á®¿Â´Ù -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhB½©¿¡¼­ ȯ°æº¯¼ö¸¦ °¡Á®¿Â´Ù +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|OffsvXecho ¼­¹ö¸¦ Å°°í ²ö´Ù -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|OffsvXecho ¼­¹ö¸¦ Å°°í ²ö´Ù +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]svdESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBÆÄÀϸñ·Ï ¸¶Áö¸·¿¡ »ðÀÔÇÒ ÆÄÀÏÀÇ À̸§ -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] URL-path -URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ +ReadmeName filenamesvdhBÆÄÀϸñ·Ï ¸¶Áö¸·¿¡ »ðÀÔÇÒ ÆÄÀÏÀÇ À̸§ +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] URL-path +URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ ¸®´ÙÀÌ·º¼ÇÀ» º¸³½´Ù -RedirectMatch [status] regex -URLsvdhBÇöÀç URLÀÌ Á¤±ÔÇ¥Çö½Ä¿¡ ÇØ´çÇÏ¸é ¿ÜºÎ ¸®´ÙÀÌ·º¼ÇÀ» +RedirectMatch [status] regex +URLsvdhBÇöÀç URLÀÌ Á¤±ÔÇ¥Çö½Ä¿¡ ÇØ´çÇÏ¸é ¿ÜºÎ ¸®´ÙÀÌ·º¼ÇÀ» º¸³½´Ù -RedirectPermanent URL-path URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ +RedirectPermanent URL-path URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ ¿µ±¸ ¸®´ÙÀÌ·º¼ÇÀ» º¸³½´Ù -RedirectTemp URL-path URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ +RedirectTemp URL-path URLsvdhBŬ¶óÀ̾ðÆ®°¡ ´Ù¸¥ URL¿¡ Á¢¼ÓÇϵµ·Ï ¿äûÇÏ´Â ¿ÜºÎ Àӽà ¸®´ÙÀÌ·º¼ÇÀ» º¸³½´Ù -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -846,6 +856,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -966,7 +977,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.tr.utf8 apache2-2.4.34/docs/manual/mod/quickreference.html.tr.utf8 --- apache2-2.4.33/docs/manual/mod/quickreference.html.tr.utf8 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.tr.utf8 2018-07-10 12:21:25.000000000 +0000 @@ -356,7 +356,7 @@ CookieExpires expiry-periodskdhEExpiry time for the tracking cookie CookieName token Apache skdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape skdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape skdhEFormat of the cookie header field CookieTracking on|off off skdhEEnables tracking cookie CoreDumpDirectory dizinsMcore dosyasını dökümlemek üzere Apache HTTP Sunucusunun geçmeye çalışacağı dizin. @@ -518,313 +518,323 @@ <IfDefine [!]parametre-adı> ... </IfDefine>skdhÇBaÅŸlatma sırasında bir doÄŸruluk sınamasından sonra iÅŸleme sokulacak yönergeleri sarmalar. +<IfDirective [!]directive-name> ... + </IfDirective>skdhÇEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>skdhÇEncloses directives that will be processed only +if file exists at startup <IfModule [!]modül-dosyası|modül-betimleyici> ... </IfModule>skdhÇBelli bir modülün varlığına veya yokluÄŸuna göre iÅŸleme sokulacak yönergeleri sarmalar. -<IfVersion [[!]operator] version> ... -</IfVersion>skdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ skdhTDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent skdhTDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>skdhÇEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>skdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ skdhTDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent skdhTDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted skdhTAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted skdhTAction if no coordinates are given when calling an imagemap -Include dosya-yolu|dizin-yolu|jokerskdÇSunucu yapılandırma dosyalarının baÅŸka dosyaları içermesini saÄŸlar. +Include dosya-yolu|dizin-yolu|jokerskdÇSunucu yapılandırma dosyalarının baÅŸka dosyaları içermesini saÄŸlar. -IncludeOptional dosya-yolu|dizin-yolu|jokerskdÇDiÄŸer yapılandırma dosyalarının sunucu yapılandırma dosyasına dahil edilmesini saÄŸlar -IndexHeadInsert "imlenim ..."skdhTBir dizin sayfasının HEAD bölümüne metin yerleÅŸtirir. -IndexIgnore dosya [dosya] ... "." skdhTDizin içerik listesinden gizlenecek dosyaların listesi belirtilir. +IncludeOptional dosya-yolu|dizin-yolu|jokerskdÇDiÄŸer yapılandırma dosyalarının sunucu yapılandırma dosyasına dahil edilmesini saÄŸlar +IndexHeadInsert "imlenim ..."skdhTBir dizin sayfasının HEAD bölümüne metin yerleÅŸtirir. +IndexIgnore dosya [dosya] ... "." skdhTDizin içerik listesinden gizlenecek dosyaların listesi belirtilir. -IndexIgnoreReset ON|OFFskdhTBir dizini listelerken gizlenecek dosyalar listesini boÅŸaltır +IndexIgnoreReset ON|OFFskdhTBir dizini listelerken gizlenecek dosyalar listesini boÅŸaltır -IndexOptions [+|-]seçenek [[+|-]seçenek] -...skdhTDizin içerik listesini yapılandıracak seçenekler belirtilir. +IndexOptions [+|-]seçenek [[+|-]seçenek] +...skdhTDizin içerik listesini yapılandıracak seçenekler belirtilir. -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name skdhTDizin içerik listesinin öntanımlı sıralamasını belirler. +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name skdhTDizin içerik listesinin öntanımlı sıralamasını belirler. -IndexStyleSheet url-yoluskdhTDizin listesine bir biçembent ekler. -InputSed sed-commanddhDSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off skdhTRecord HSE_APPEND_LOG_PARAMETER requests from +IndexStyleSheet url-yoluskdhTDizin listesine bir biçembent ekler. +InputSed sed-commanddhDSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off skdhTRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on skdhTRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on skdhTRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...skTISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off skdhTFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off skdhTLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...skTISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off skdhTFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off skdhTLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 skdhTSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 skdhTSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On skÇHTTP kalıcı baÄŸlantılarını etkin kılar -KeepAliveTimeout sayı[ms] 5 skÇBir kalıcı baÄŸlantıda sunucunun bir sonraki isteÄŸi bekleme süresi +KeepAlive On|Off On skÇHTTP kalıcı baÄŸlantılarını etkin kılar +KeepAliveTimeout sayı[ms] 5 skÇBir kalıcı baÄŸlantıda sunucunun bir sonraki isteÄŸi bekleme süresi -KeptBodySize azami_bayt_sayısı 0 dTmod_include gibi süzgeçler tarafından kullanılma olasılığına karşı +KeptBodySize azami_bayt_sayısı 0 dTmod_include gibi süzgeçler tarafından kullanılma olasılığına karşı istek gövdesi iptal edilmek yerine belirtilen azami boyutta tutulur. -LanguagePriority MIME-lang [MIME-lang] -...skdhTThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...skdhTThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 skEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 skEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typeskESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit yöntem [yöntem] ... > ... - </Limit>dhÇEriÅŸimi sınırlanacak HTTP yöntemleri için eriÅŸim sınırlayıcıları +LDAPTrustedMode typeskESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit yöntem [yöntem] ... > ... + </Limit>dhÇEriÅŸimi sınırlanacak HTTP yöntemleri için eriÅŸim sınırlayıcıları sarmalar. -<LimitExcept yöntem [yöntem] ... > ... - </LimitExcept>dhÇİsimleri belirtilenler dışında kalan HTTP yöntemleri için +<LimitExcept yöntem [yöntem] ... > ... + </LimitExcept>dhÇİsimleri belirtilenler dışında kalan HTTP yöntemleri için kullanılacak eriÅŸim sınırlayıcıları sarmalar. -LimitInternalRecursion sayı [sayı] 10 skÇDahili yönlendirmelerin ve istek içi isteklerin azami sayısını +LimitInternalRecursion sayı [sayı] 10 skÇDahili yönlendirmelerin ve istek içi isteklerin azami sayısını belirler. -LimitRequestBody bayt-sayısı 0 skdhÇİstemci tarafından gönderilen HTTP istek gövdesinin toplam +LimitRequestBody bayt-sayısı 0 skdhÇİstemci tarafından gönderilen HTTP istek gövdesinin toplam uzunluÄŸunu sınırlar. -LimitRequestFields sayı 100 skÇİstemciden kabul edilecek HTTP isteÄŸi baÅŸlık alanlarının sayısını +LimitRequestFields sayı 100 skÇİstemciden kabul edilecek HTTP isteÄŸi baÅŸlık alanlarının sayısını sınırlar. -LimitRequestFieldSize bayt-sayısı 8190 skÇİstemciden kabul edilecek HTTP isteÄŸi baÅŸlık uzunluÄŸunu sınırlar. +LimitRequestFieldSize bayt-sayısı 8190 skÇİstemciden kabul edilecek HTTP isteÄŸi baÅŸlık uzunluÄŸunu sınırlar. -LimitRequestLine bayt-sayısı 8190 skÇİstemciden kabul edilecek HTTP istek satırının uzunluÄŸunu sınırlar. +LimitRequestLine bayt-sayısı 8190 skÇİstemciden kabul edilecek HTTP istek satırının uzunluÄŸunu sınırlar. -LimitXMLRequestBody bayt-sayısı 1000000 skdhÇBir XML temelli istek gövdesinin uzunluÄŸunu sınırlar. -Listen [IP-adresi:]port-numarası - [protokol]sMSunucunun dinleyeceÄŸi IP adresini ve portu belirler. -ListenBacklog kuyruk-uzunluÄŸusMBekleyen baÄŸlantılar kuyruÄŸunun azami uzunluÄŸunu +LimitXMLRequestBody bayt-sayısı 1000000 skdhÇBir XML temelli istek gövdesinin uzunluÄŸunu sınırlar. +Listen [IP-adresi:]port-numarası + [protokol]sMSunucunun dinleyeceÄŸi IP adresini ve portu belirler. +ListenBacklog kuyruk-uzunluÄŸusMBekleyen baÄŸlantılar kuyruÄŸunun azami uzunluÄŸunu belirler -ListenCoresBucketsRatio oran 0 (iptal) sMÄ°ÅŸlemci çekirdek sayısının dinleyenlerin buket sayısına oranı -LoadFile dosya-ismi [dosya-ismi] ...skEBelirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler. +ListenCoresBucketsRatio oran 0 (iptal) sMÄ°ÅŸlemci çekirdek sayısının dinleyenlerin buket sayısına oranı +LoadFile dosya-ismi [dosya-ismi] ...skEBelirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler. -LoadModule modül dosya-ismiskEBelirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler +LoadModule modül dosya-ismiskEBelirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler ve etkin modül listesine ekler. -<Location URL-yolu|URL> ... -</Location>skÇİçerdiÄŸi yönergeler sadece eÅŸleÅŸen URL’lere uygulanır. +<Location URL-yolu|URL> ... +</Location>skÇİçerdiÄŸi yönergeler sadece eÅŸleÅŸen URL’lere uygulanır. -<LocationMatch - düzifade> ... </LocationMatch>skÇİçerdiÄŸi yönergeler sadece düzenli ifadelerle eÅŸleÅŸen URL’lere +<LocationMatch + düzifade> ... </LocationMatch>skÇİçerdiÄŸi yönergeler sadece düzenli ifadelerle eÅŸleÅŸen URL’lere uygulanır. -LogFormat biçem|takma-ad -[takma-ad] "%h %l %u %t \"%r\" +skTBir günlük dosyasında kullanılmak üzere girdi biçemi tanımlar. +LogFormat biçem|takma-ad +[takma-ad] "%h %l %u %t \"%r\" +skTBir günlük dosyasında kullanılmak üzere girdi biçemi tanımlar. -LogIOTrackTTFB ON|OFF OFF skdhEÄ°lk baytın yazılmasına kadar geçen süreyi izler -LogLevel [modül:]seviye +LogIOTrackTTFB ON|OFF OFF skdhEÄ°lk baytın yazılmasına kadar geçen süreyi izler +LogLevel [modül:]seviye [modül:seviye] ... - warn skdÇHata günlüklerinin ayrıntı seviyesini belirler. -LogMessage message + warn skdÇHata günlüklerinin ayrıntı seviyesini belirler. +LogMessage message [hook=hook] [expr=expression] -dDLog user-defined message to error log +dDLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesDPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesDPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat skdhDConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat skdhDConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]skdhDProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_nameskdhDProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_nameskdhDProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]skDProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first skdhDControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesDProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]skdhDMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesDProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soaskdhDAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luaskdhDAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_nameskDProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directoryskdhDSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once skdhDOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]skDProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_nameskdhDProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first skdhDControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesDProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]skdhDMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesDProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soaskdhDAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luaskdhDAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_nameskDProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directoryskdhDSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once skdhDOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>skdTDefine a configuration file macro -MaxConnectionsPerChild sayı 0 sMTek bir çocuk sürecin ömrü boyunca iÅŸleme sokabileceÄŸi istek +... </Macro>skdTDefine a configuration file macro +MaxConnectionsPerChild sayı 0 sMTek bir çocuk sürecin ömrü boyunca iÅŸleme sokabileceÄŸi istek sayısını sınırlamakta kullanılır. -MaxKeepAliveRequests sayı 100 skÇBir kalıcı baÄŸlantıda izin verilen istek sayısı -MaxMemFree kB-sayısı 2048 sMfree() çaÄŸrılmaksızın ana bellek ayırıcının +MaxKeepAliveRequests sayı 100 skÇBir kalıcı baÄŸlantıda izin verilen istek sayısı +MaxMemFree kB-sayısı 2048 sMfree() çaÄŸrılmaksızın ana bellek ayırıcının ayırmasına izin verilen azami bellek miktarını belirler. -MaxRangeOverlaps default | unlimited | none | - aralık-sayısı 20 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen üst üste binen +MaxRangeOverlaps default | unlimited | none | + aralık-sayısı 20 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen üst üste binen aralık sayısı (100-200,150-300 gibi) -MaxRangeReversals default | unlimited | none | - aralık-sayısı 20 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen ters sıralı +MaxRangeReversals default | unlimited | none | + aralık-sayısı 20 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen ters sıralı aralık sayısı (100-200,50-70 gibi) -MaxRanges default | unlimited | none | - aralık-sayısı 200 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen aralık sayısı -MaxRequestWorkers sayısMAynı anda iÅŸleme sokulacak azami baÄŸlantı sayısı -MaxSpareServers sayı 10 sMBoÅŸtaki çocuk süreçlerin azami sayısı -MaxSpareThreads numbersMBoÅŸtaki azami evre sayısını belirler -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s skEKeepalive time for idle connections -MergeTrailers [on|off] off skÇTrailer alanlarının baÅŸlığa dahil edilip edilmeyeceÄŸini belirler -MetaDir directory .web skdhEName of the directory to find CERN-style meta information +MaxRanges default | unlimited | none | + aralık-sayısı 200 skdÇÖzkaynağın tamamını döndürmeden önce izin verilen aralık sayısı +MaxRequestWorkers sayısMAynı anda iÅŸleme sokulacak azami baÄŸlantı sayısı +MaxSpareServers sayı 10 sMBoÅŸtaki çocuk süreçlerin azami sayısı +MaxSpareThreads numbersMBoÅŸtaki azami evre sayısını belirler +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s skEKeepalive time for idle connections +MergeTrailers [on|off] off skÇTrailer alanlarının baÅŸlığa dahil edilip edilmeyeceÄŸini belirler +MetaDir directory .web skdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off skdhEActivates CERN meta-file processing -MetaSuffix suffix .meta skdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off skdhEActivates CERN meta-file processing +MetaSuffix suffix .meta skdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathskEEnable MIME-type determination based on file contents +MimeMagicFile file-pathskEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers sayı 5 sMBoÅŸtaki çocuk süreçlerin asgari sayısı -MinSpareThreads sayısMÄ°steklerin ani artışında devreye girecek boÅŸtaki evrelerin asgari +MinSpareServers sayı 5 sMBoÅŸtaki çocuk süreçlerin asgari sayısı +MinSpareThreads sayısMÄ°steklerin ani artışında devreye girecek boÅŸtaki evrelerin asgari sayısını belirler. -MMapFile file-path [file-path] ...sDMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dDModem standard to simulate -ModMimeUsePathInfo On|Off Off dTTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sDMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dDModem standard to simulate +ModMimeUsePathInfo On|Off Off dTTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly skdhTThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly skdhTThe types of files that will be included when searching for a matching file with MultiViews -Mutex mekanizma [default|muteks-ismi] ... [OmitPID] default sÇMuteks mekanizmasını ve kilit dosyası dizinini tüm muteksler veya belirtilenler için yapılandırır -NameVirtualHost adres[:port]sÇÖNERÄ°LMÄ°YOR: Ä°sme dayalı sanal konaklar için IP adresi belirtir -NoProxy host [host] ...skEHosts, domains, or networks that will be connected to +Mutex mekanizma [default|muteks-ismi] ... [OmitPID] default sÇMuteks mekanizmasını ve kilit dosyası dizinini tüm muteksler veya belirtilenler için yapılandırır +NameVirtualHost adres[:port]sÇÖNERÄ°LMÄ°YOR: Ä°sme dayalı sanal konaklar için IP adresi belirtir +NoProxy host [host] ...skEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sTList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersTAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]seçenek [[+|-]seçenek] ... FollowSymlinks skdhÇBelli bir dizinde geçerli olacak özellikleri yapılandırır. +NWSSLTrustedCerts filename [filename] ...sTList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersTAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]seçenek [[+|-]seçenek] ... FollowSymlinks skdhÇBelli bir dizinde geçerli olacak özellikleri yapılandırır. - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhDSed command for filtering response content -PassEnv ortam-deÄŸiÅŸkeni [ortam-deÄŸiÅŸkeni] -...skdhTOrtam deÄŸiÅŸkenlerini kabuktan aktarır. -PidFile dosya logs/httpd.pid sMAna sürecin süreç kimliÄŸinin (PID) kaydedileceÄŸi dosyayı belirler. -PrivilegesMode FAST|SECURE|SELECTIVE FAST skdDTrade off processing speed and efficiency vs security against +OutputSed sed-commanddhDSed command for filtering response content +PassEnv ortam-deÄŸiÅŸkeni [ortam-deÄŸiÅŸkeni] +...skdhTOrtam deÄŸiÅŸkenlerini kabuktan aktarır. +PidFile dosya logs/httpd.pid sMAna sürecin süreç kimliÄŸinin (PID) kaydedileceÄŸi dosyayı belirler. +PrivilegesMode FAST|SECURE|SELECTIVE FAST skdDTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protokolskÇDinlenen bir soket için protokol -ProtocolEcho On|Off Off skDTurn the echo server on or off -Protocols protokol ... http/1.1 skÇSunucu/sanal konak için kullanılabilecek protokoller -ProtocolsHonorOrder On|Off On skÇUzlaÅŸma sırasında protokollerin öncelik sırasını belirler -<Proxy wildcard-url> ...</Proxy>skEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On skdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError skEDetermines how to handle bad header lines in a +Protocol protokolskÇDinlenen bir soket için protokol +ProtocolEcho On|Off Off skDTurn the echo server on or off +Protocols protokol ... http/1.1 skÇSunucu/sanal konak için kullanılabilecek protokoller +ProtocolsHonorOrder On|Off On skÇUzlaÅŸma sırasında protokollerin öncelik sırasını belirler +<Proxy wildcard-url> ...</Proxy>skEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On skdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError skEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...skEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...skEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainskEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off skdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>skEPathname to DBM file. -ProxyExpressDBMFile <type>skEDBM type of file. -ProxyExpressEnable [on|off]skEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM skdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainskEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off skdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>skEPathname to DBM file. +ProxyExpressDBMFile <type>skEDBM type of file. +ProxyExpressEnable [on|off]skEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM skdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]skdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 skdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]skdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]skdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}skECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>skECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytesskdTSets the buffer size increment for buffering inline scripts and + [value-expression]skdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 skdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]skdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]skdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}skECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]skECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 skdTSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *skdTSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    skdTSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off skdTTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]skdTSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off skdTDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *skdTSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    skdTSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off skdTTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]skdTSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off skdTDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]skdTFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off skdTEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]skdTFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off skdTEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]skdTSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off skdTTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]skdTSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off skdTTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off skdTDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]skdTDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 skEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>skEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off skdTDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]skdTDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 skEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>skEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 skEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 skEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]skdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On skEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off skdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]skdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]skdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]skdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On skEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off skdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]skdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]skdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]skdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]skdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]skdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]skdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off skdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off skdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 skENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 skENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serverskERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serverskERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serverskERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serverskERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off skEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On skdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off skEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On skdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off skdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off skdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addressskESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off skEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondsskENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off skEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]skdESet various Proxy balancer or member parameters +ProxySourceAddress addressskESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off skEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondsskENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off skEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF skdÇREDIRECT_URL ortam değişkeninin tamamen nitelenmiş olup +QualifyRedirectURL ON|OFF OFF skdÇREDIRECT_URL ortam değişkeninin tamamen nitelenmiş olup olmayacağını denetler -ReadmeName dosya-ismiskdhTDizin listesinin sonuna yerleştirilecek dosyanın ismini +ReadmeName dosya-ismiskdhTDizin listesinin sonuna yerleştirilecek dosyanın ismini belirler. -ReceiveBufferSize bayt-sayısı 0 sMTCP alım tamponu boyu -Redirect [durum] [URL-yolu] -URLskdhTİstemciyi, bir yönlendirme isteği döndürerek farklı bir URL’ye +ReceiveBufferSize bayt-sayısı 0 sMTCP alım tamponu boyu +Redirect [durum] [URL-yolu] +URLskdhTİstemciyi, bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir. -RedirectMatch [durum] düzenli-ifade -URLskdhTGeçerli URL ile eşleşen bir düzenli ifadeye dayanarak bir harici +RedirectMatch [durum] düzenli-ifade +URLskdhTGeçerli URL ile eşleşen bir düzenli ifadeye dayanarak bir harici yönlendirme gönderir. -RedirectPermanent URL-yolu URLskdhTİstemciyi, kalıcı bir yönlendirme isteği döndürerek farklı bir +RedirectPermanent URL-yolu URLskdhTİstemciyi, kalıcı bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir. -RedirectTemp URL-yolu URLskdhTİstemciyi, geçici bir yönlendirme isteği döndürerek farklı bir +RedirectTemp URL-yolu URLskdhTİstemciyi, geçici bir yönlendirme isteği döndürerek farklı bir URL’ye yönlendirir. -ReflectorHeader inputheader [outputheader]skdhTReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]skdhTReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]seçenek [[+|-]seçenek] ... DOLLAR_ENDONLY sÇRegex düzenli ifadeleri için öntanımlı/küresel seçenekleri yapılandırır RegisterHttpMethod yöntem [yöntem [...]]sÇStandart olmayan HTTP yöntemlerini devreye alır RemoteIPHeader header-fieldskTDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...skTDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -880,6 +890,7 @@ RewriteEngine on|off off skdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] skEDefines a mapping function for key-lookup RewriteOptions OptionsskdhESets some special options for the rewrite engine RewriteRule @@ -1004,7 +1015,7 @@ SSLHonorCipherOrder on|off off skEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off skEOption to enable support for insecure renegotiation SSLOCSDefaultResponder uriskESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off skEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off skEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off skEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off skEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlskEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/mod/quickreference.html.zh-cn.utf8 apache2-2.4.34/docs/manual/mod/quickreference.html.zh-cn.utf8 --- apache2-2.4.33/docs/manual/mod/quickreference.html.zh-cn.utf8 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/docs/manual/mod/quickreference.html.zh-cn.utf8 2018-07-10 12:21:25.000000000 +0000 @@ -346,7 +346,7 @@ CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie CookieName token Apache svdhEName of the tracking cookie CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field CookieTracking on|off off svdhEEnables tracking cookie CoreDumpDirectory directorysMDirectory where Apache HTTP Server attempts to switch before dumping core @@ -514,314 +514,324 @@ <IfDefine [!]parameter-name> ... </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup +<IfDirective [!]directive-name> ... + </IfDirective>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific directive +<IfFile [!]parameter-name> ... + </IfFile>svdhCEncloses directives that will be processed only +if file exists at startup <IfModule [!]module-file|module-identifier> ... </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -<IfVersion [[!]operator] version> ... -</IfVersion>svdhEcontains version dependent configuration -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +<IfSection [!]section-name> ... + </IfSection>svdhCEncloses directives that are processed conditional on the +presence or absence of a specific section directive +<IfVersion [[!]operator] version> ... +</IfVersion>svdhEcontains version dependent configuration +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformatted formatted svdhBAction if no coordinates are given when calling an imagemap -Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within +Include file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within +IncludeOptional file-path|directory-path|wildcardsvdCIncludes other configuration files from within the server configuration files -IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. -IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing +IndexHeadInsert "markup ..."svdhBInserts text in the HEAD section of an index page. +IndexIgnore file [file] ... "." svdhBAdds to the list of files to hide when listing a directory -IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing +IndexIgnoreReset ON|OFFsvdhBEmpties the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index -InputSed sed-commanddhXSed command to filter request data (typically POST data) -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +IndexStyleSheet url-pathsvdhBAdds a CSS stylesheet to the directory index +InputSed sed-commanddhXSed command to filter request data (typically POST data) +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout num[ms] 5 svCAmount of time the server will wait for subsequent requests on a persistent connection -KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to +KeptBodySize maximum size in bytes 0 dBKeep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precedence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precedence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache -LDAPCacheTTL seconds 600 sETime that cached items remain valid -LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long -LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds -LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK -LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sEMaximum number of entries in the primary LDAP cache +LDAPCacheTTL seconds 600 sETime that cached items remain valid +LDAPConnectionPoolTTL n -1 svEDiscard backend connections that have been sitting in the connection pool too long +LDAPConnectionTimeout secondssESpecifies the socket connection timeout in seconds +LDAPLibraryDebug 7sEEnable debugging in the LDAP SDK +LDAPOpCacheEntries number 1024 sENumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sETime that entries in the operation cache remain valid -LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. -LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. -LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. -LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. -LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file -LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache -LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds -LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per +LDAPReferralHopLimit numberdhEThe maximum number of referral hops to chase before terminating an LDAP query. +LDAPReferrals On|Off|default On dhEEnable referral chasing during queries to the LDAP server. +LDAPRetries number-of-retries 3 sEConfigures the number of LDAP server retries. +LDAPRetryDelay seconds 0 sEConfigures the delay between LDAP server retries. +LDAPSharedCacheFile directory-path/filenamesESets the shared memory cache file +LDAPSharedCacheSize bytes 500000 sESize in bytes of the shared-memory cache +LDAPTimeout seconds 60 sESpecifies the timeout for LDAP search and bind operations, in seconds +LDAPTrustedClientCert type directory-path/filename/nickname [password]dhESets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. -LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted +LDAPTrustedGlobalCert type directory-path/filename [password]sESets the file or database containing global trusted Certificate Authority or global client certificates -LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. -LDAPVerifyServerCert On|Off On sEForce server certificate verification -<Limit method [method] ... > ... - </Limit>dhCRestrict enclosed access controls to only certain HTTP +LDAPTrustedMode typesvESpecifies the SSL/TLS mode to be used when connecting to an LDAP server. +LDAPVerifyServerCert On|Off On sEForce server certificate verification +<Limit method [method] ... > ... + </Limit>dhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>dhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>dhCRestrict access controls to all HTTP methods except the named ones -LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested +LimitInternalRecursion number [number] 10 svCDetermine maximum number of internal redirects and nested subrequests -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 svCLimits the number of HTTP request header fields that +LimitRequestFields number 100 svCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the +LimitRequestFieldSize bytes 8190 svCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 svCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumber [protocol]sMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections -ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of +ListenBacklog backlogsMMaximum length of the queue of pending connections +ListenCoresBucketsRatio ratio 0 (disabled) sMRatio between the number of CPU cores (online) and the number of listeners' buckets -LoadFile filename [filename] ...svELink in the named object file or library -LoadModule module filenamesvELinks in the object file or library, and adds to the list +LoadFile filename [filename] ...svELink in the named object file or library +LoadModule module filenamesvELinks in the object file or library, and adds to the list of active modules -<Location - URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching +<Location + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs -<LocationMatch - regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression +<LocationMatch + regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression matching URLs -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file -LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) -LogLevel [module:]level +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file +LogIOTrackTTFB ON|OFF OFF svdhEEnable tracking of time to first byte (TTFB) +LogLevel [module:]level [module:level] ... - warn svdCControls the verbosity of the ErrorLog -LogMessage message + warn svdCControls the verbosity of the ErrorLog +LogMessage message [hook=hook] [expr=expression] -dXLog user-defined message to error log +dXLog user-defined message to error log -LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core +LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesXPlug an authorization provider function into mod_authz_core -LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. -LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing -LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing -LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing -LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request +LuaCodeCache stat|forever|never stat svdhXConfigure the compiled code cache. +LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the access_checker phase of request processing +LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the auth_checker phase of request processing +LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhXProvide a hook for the check_user_id phase of request processing +LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the fixups phase of a request processing -LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing -LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request +LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the insert_filter phase of request processing +LuaHookLog /path/to/lua/script.lua log_function_namesvdhXProvide a hook for the access log phase of a request processing -LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing -LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing -LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing -LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children -LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering -LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler -LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering -LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath -LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path -LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing -LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives -LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once - +LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the map_to_storage phase of request processing +LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svXProvide a hook for the translate name phase of request processing +LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhXProvide a hook for the type_checker phase of request processing +LuaInherit none|parent-first|parent-last parent-first svdhXControls how parent configuration sections are merged into children +LuaInputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content input filtering +LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhXMap a path to a lua handler +LuaOutputFilter filter_name /path/to/lua/script.lua function_namesXProvide a Lua function for content output filtering +LuaPackageCPath /path/to/include/?.soasvdhXAdd a directory to lua's package.cpath +LuaPackagePath /path/to/include/?.luasvdhXAdd a directory to lua's package.path +LuaQuickHandler /path/to/script.lua hook_function_namesvXProvide a hook for the quick handler of request processing +LuaRoot /path/to/a/directorysvdhXSpecify the base path for resolving relative paths for mod_lua directives +LuaScope once|request|conn|thread|server [min] [max] once svdhXOne of once, request, conn, thread -- default is once + <Macro name [par1 .. parN]> -... </Macro>svdBDefine a configuration file macro -MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server +... </Macro>svdBDefine a configuration file macro +MaxConnectionsPerChild number 0 sMLimit on the number of connections that an individual child server will handle during its life -MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent +MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent connection -MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed +MaxMemFree KBytes 2048 sMMaximum amount of memory that the main allocator is allowed to hold without calling free() -MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete +MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdCNumber of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource -MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete +MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdCNumber of range reversals (eg: 100-200,50-70) allowed before returning the complete resource -MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete +MaxRanges default | unlimited | none | number-of-ranges 200 svdCNumber of ranges allowed before returning the complete resource -MaxRequestWorkers numbersMMaximum number of connections that will be processed +MaxRequestWorkers numbersMMaximum number of connections that will be processed simultaneously -MaxSpareServers number 10 sMMaximum number of idle child server processes -MaxSpareThreads numbersMMaximum number of idle threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. -MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. -MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. -MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. -MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. -MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. -MDHttpProxy urlsEDefine a proxy for outgoing connections. -MDMember hostnamesEAdditional hostname for the managed domain. -MDMembers auto|manual auto sEControl if the alias domain names are automatically added. -MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. -MDNotifyCmd pathsERun a program when Managed Domain are ready. -MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. -<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. -MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. -MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. -MDRenewWindow duration 33% sEControl when a certificate will be renewed. -MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. -MDStoreDir path md sEPath on the local file system to store the Managed Domains data. -MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections -MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MaxSpareServers number 10 sMMaximum number of idle child server processes +MaxSpareThreads numbersMMaximum number of idle threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MDBaseServer on|off off sEControl if base server may be managed or only virtual hosts. +MDCAChallenges name [ name ... ] tls-sni-01 http-01 sEType of ACME challenge used to prove domain ownership. +MDCertificateAgreement url-of-terms-of-servicesEThe URL of the Terms-of-Service document, that the CA server requires you to accept. +MDCertificateAuthority url https://acme-v01.ap +sEThe URL of the ACME Certificate Authority service. +MDCertificateProtocol protocol ACME sEThe protocol to use with the Certificate Authority. +MDDriveMode always|auto|manual auto sEControl when it is allowed to obtain/renew certificates. +MDHttpProxy urlsEDefine a proxy for outgoing connections. +MDMember hostnamesEAdditional hostname for the managed domain. +MDMembers auto|manual auto sEControl if the alias domain names are automatically added. +MDMustStaple on|off off sEControl if new certificates carry the OCSP Must Staple flag. +MDNotifyCmd path [ args ]sERun a program when Managed Domain are ready. +MDomain dns-name [ other-dns-name... ] [auto|manual]sEDefine list of domain names that belong to one group. +<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sEContainer for directives applied to the same managed domains. +MDPortMap map1 [ map2 ] 80:80 443:443 sEMap external to internal ports for domain ownership verification. +MDPrivateKeys type [ params... ] RSA 2048 sESet type and size of the private keys generated. +MDRenewWindow duration 33% sEControl when a certificate will be renewed. +MDRequireHttps off|temporary|permanent off sERedirects http: traffic to https: for Managed Domains. +MDStoreDir path md sEPath on the local file system to store the Managed Domains data. +MemcacheConnTTL num[units] 15s svEKeepalive time for idle connections +MergeTrailers [on|off] off svCDetermines whether trailers are merged into headers +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModemStandard V.21|V.26bis|V.32|V.34|V.92dXModem standard to simulate +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all +Mutex mechanism [default|mutex-name] ... [OmitPID] default sCConfigures mutex mechanism and lock file directory for all or specified mutexes -NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual +NameVirtualHost addr[:port]sCDEPRECATED: Designates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected to +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates -NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request -Options - [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular +NWSSLTrustedCerts filename [filename] ...sBList of additional client certificates +NWSSLUpgradeable [IP-address:]portnumbersBAllows a connection to be upgraded to an SSL connection upon request +Options + [+|-]option [[+|-]option] ... FollowSymlinks svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhEControls the default access state and the order in which + Order ordering Deny,Allow dhEControls the default access state and the order in which Allow and Deny are evaluated. -OutputSed sed-commanddhXSed command for filtering response content -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +OutputSed sed-commanddhXSed command for filtering response content +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against +PrivilegesMode FAST|SECURE|SELECTIVE FAST svdXTrade off processing speed and efficiency vs security against malicious privileges-aware code. -Protocol protocolsvCProtocol for a listening socket -ProtocolEcho On|Off Off svXTurn the echo server on or off -Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host -ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers -ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a +Protocol protocolsvCProtocol for a listening socket +ProtocolEcho On|Off Off svXTurn the echo server on or off +Protocols protocol ... http/1.1 svCProtocols available for a server/virtual host +ProtocolsHonorOrder On|Off On svCDetermines if order of Protocols determines precedence during negotiation +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources +ProxyAddHeaders Off|On On svdEAdd proxy information in X-Forwarded-* headers +ProxyBadHeader IsError|Ignore|StartBody IsError svEDetermines how to handle bad header lines in a response -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content -ProxyExpressDBMFile <pathname>svEPathname to DBM file. -ProxyExpressDBMFile <type>svEDBM type of file. -ProxyExpressEnable [on|off]svEEnable the module functionality. -ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application -ProxyFCGISetEnvIf conditional-expression +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svdEOverride error pages for proxied content +ProxyExpressDBMFile <pathname>svEPathname to DBM file. +ProxyExpressDBMFile <type>svEDBM type of file. +ProxyExpressEnable [on|off]svEEnable the module functionality. +ProxyFCGIBackendType FPM|GENERIC FPM svdhESpecify the type of backend FastCGI application +ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name - [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up -ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings -ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server -ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing -ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response. -ProxyHCTemplate name parameter=setting <...>svECreates a named template for setting various health check parameters -ProxyHCTPsize <size>sESets the total server-wide size of the threadpool used for the health check workers. -ProxyHTMLBufSize bytessvdBSets the buffer size increment for buffering inline scripts and + [value-expression]svdhEAllow variables sent to FastCGI servers to be fixed up +ProxyFtpDirCharset character set ISO-8859-1 svdEDefine the character set for proxied FTP listings +ProxyFtpEscapeWildcards [on|off]svdEWhether wildcards in requested filenames are escaped when sent to the FTP server +ProxyFtpListOnWildcard [on|off]svdEWhether wildcards in requested filenames trigger a file listing +ProxyHCExpr name {ap_expr expression}svECreates a named condition expression to use to determine health of the backend based on its response +ProxyHCTemplate name parameter=setting [...]svECreates a named template for setting various health check parameters +ProxyHCTPsize sizesESets the total server-wide size of the threadpool used for the health check workers +ProxyHTMLBufSize bytes 8192 svdBSets the buffer size increment for buffering inline scripts and stylesheets. -ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. -ProxyHTMLDocType HTML|XHTML [Legacy]
    OR -
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. -ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. -ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. -ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, +ProxyHTMLCharsetOut Charset | *svdBSpecify a charset for mod_proxy_html output. +ProxyHTMLDocType HTML|XHTML [Legacy]
    OR +
    ProxyHTMLDocType fpi [SGML|XML]    svdBSets an HTML or XHTML document type declaration. +ProxyHTMLEnable On|Off Off svdBTurns the proxy_html filter on or off. +ProxyHTMLEvents attribute [attribute ...]svdBSpecify attributes to treat as scripting events. +ProxyHTMLExtended On|Off Off svdBDetermines whether to fix links in inline scripts, stylesheets, and scripting events. -ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. -ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of +ProxyHTMLFixups [lowercase] [dospath] [reset]svdBFixes for simple HTML errors. +ProxyHTMLInterp On|Off Off svdBEnables per-request interpolation of ProxyHTMLURLMap rules. -ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML +ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. +ProxyHTMLMeta On|Off Off svdBTurns on or off extra pre-parsing of metadata in HTML <head> sections. -ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLStripComments On|Off Off svdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInherit On|Off On svEInherit ProxyPass directives defined from the main server +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off|Headername On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]svdESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is +QualifyRedirectURL ON|OFF OFF svdCControls whether the REDIRECT_URL environment variable is fully qualified -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] [URL-path] -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] [URL-path] +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sCAllow to configure global/default options for regexes RegisterHttpMethod method [method [...]]sCRegister non-standard HTTP methods RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value @@ -877,6 +887,7 @@ RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine RewriteMap MapName MapType:MapSource + [MapTypeOptions] svEDefines a mapping function for key-lookup RewriteOptions OptionssvdhESets some special options for the rewrite engine RewriteRule @@ -1002,7 +1013,7 @@ SSLHonorCipherOrder on|off off svEOption to prefer the server's cipher preference order SSLInsecureRenegotiation on|off off svEOption to enable support for insecure renegotiation SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable on|off off svEEnable OCSP validation of the client certificate chain +SSLOCSPEnable on|leaf|off off svEEnable OCSP validation of the client certificate chain SSLOCSPNoverify On/Off Off svEskip the OCSP responder certificates verification SSLOCSPOverrideResponder on|off off svEForce use of the default responder URI for OCSP validation SSLOCSPProxyURL urlsvEProxy URL to use for OCSP requests diff -Nru apache2-2.4.33/docs/manual/programs/rotatelogs.html.en apache2-2.4.34/docs/manual/programs/rotatelogs.html.en --- apache2-2.4.33/docs/manual/programs/rotatelogs.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/programs/rotatelogs.html.en 2018-04-29 06:06:52.000000000 +0000 @@ -47,6 +47,7 @@ [ -L linkname ] [ -p program ] [ -f ] + [ -D ] [ -t ] [ -v ] [ -e ] @@ -93,6 +94,11 @@ associated logfile does not "exist" until then, which causes problems from some automated logging tools) +

    -D
    +
    Creates the parent directories of the path that the log file will be +placed in if they do not already exist. This allows strftime(3) +formatting to be used in the path and not just the filename.
    +
    -t
    Causes the logfile to be truncated instead of rotated. This is useful when a log is processed in real time by a command like tail, diff -Nru apache2-2.4.33/docs/manual/programs/rotatelogs.html.fr apache2-2.4.34/docs/manual/programs/rotatelogs.html.fr --- apache2-2.4.33/docs/manual/programs/rotatelogs.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/programs/rotatelogs.html.fr 2018-04-14 14:27:58.000000000 +0000 @@ -50,6 +50,7 @@ [ -L nom-lien ] [ -p programme ] [ -f ] + [ -D ] [ -t ] [ -v ] [ -e ] @@ -97,6 +98,12 @@ journal associé n'"existe" pas, ce qui peut causer des problèmes à certains utilitaires de journalisation automatiques).
    +
    -D
    +
    Crée les répertoires parents du répertoire dans lequel le fichier journal +sera placé s'ils n'existent pas déjà. Cela permet d'utiliser le formatage +strftime(3) non seulement dans le nom de fichier mais aussi dans le +chemin.
    +
    -t
    Provoque une troncature du fichier journal au lieu d'une rotation. Cela peut s'avérer utile lorsqu'un journal est élaboré en temps réel par diff -Nru apache2-2.4.33/docs/manual/programs/rotatelogs.html.tr.utf8 apache2-2.4.34/docs/manual/programs/rotatelogs.html.tr.utf8 --- apache2-2.4.33/docs/manual/programs/rotatelogs.html.tr.utf8 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/programs/rotatelogs.html.tr.utf8 2018-05-08 13:09:57.000000000 +0000 @@ -50,6 +50,7 @@ [ -L isim ] [ -p program ] [ -f ] + [ -D ] [ -t ] [ -v ] [ -e ] @@ -91,6 +92,11 @@ özdevinimli iÅŸlemler yapan bazı günlükleme araçlarında sorunlara yol açabilir. Bu seçenek bu gibi durumlarda yararlıdır.
    +
    -D
    +
    Günlük dosyasının yerleştirileceği dizini (eğer yoksa) üst dizinleri ile + birlikte yapılandırır. Bu, strftime(3) işlevinin sırf dosya için + değil yol için de kullanılmasını sağlar.
    +
    -t
    Günlük dosyasının döndürülmek yerine tepeden kırpılmasına sebep olur. Günlüğün tail gibi bir araç tarafından gerçek diff -Nru apache2-2.4.33/docs/manual/rewrite/rewritemap.html.en apache2-2.4.34/docs/manual/rewrite/rewritemap.html.en --- apache2-2.4.33/docs/manual/rewrite/rewritemap.html.en 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/rewrite/rewritemap.html.en 2018-04-01 07:35:32.000000000 +0000 @@ -359,10 +359,11 @@ a context that does not have RewriteEngine set to on.

    -

    By default, external rewriting programs are started as root. - This can be changed on UNIX systems by passing user name and - group name as third argument to - RewriteMap in the username:groupname format.

    +

    By default, external rewriting programs are run as the + user:group who started httpd. This can be changed on UNIX systems + by passing user name and group name as third argument to + RewriteMap in the + username:groupname format.

    This feature utilizes the rewrite-map mutex, which is required for reliable communication with the program. @@ -429,6 +430,11 @@

    Example

    RewriteMap myquery "fastdbd:SELECT destination FROM rewrite WHERE source = %s"
    +

    Note

    +

    The query name is passed to the database driver as a label for + an SQL prepared statement, and will therefore need to follow any rules + (such as case-sensitivity) required for your database.

    +
    top

    Summary

    diff -Nru apache2-2.4.33/docs/manual/rewrite/rewritemap.html.fr apache2-2.4.34/docs/manual/rewrite/rewritemap.html.fr --- apache2-2.4.33/docs/manual/rewrite/rewritemap.html.fr 2018-01-04 15:34:05.000000000 +0000 +++ apache2-2.4.34/docs/manual/rewrite/rewritemap.html.fr 2018-04-08 16:35:44.000000000 +0000 @@ -386,8 +386,8 @@ on.

    Par défaut, les programmes de réécriture externes sont lancés par - l'utilisateur root. Pour en changer, il est possible - sur les systèmes de style Unix de spécifier un autre couple + l'utilisateur/groupe qui a démarré httpd. Pour changer ce comportement, il + est possible sur les systèmes de style Unix de spécifier un autre couple utilisateur/groupe via le troisième argument de la directive RewriteMap, et ceci au format utilisateur:groupe.

    @@ -460,6 +460,11 @@

    Exemple

    RewriteMap ma-requete "fastdbd:SELECT destination FROM rewrite WHERE source = %s"
    +

    Note

    +

    Le nom de la requête est transmis au pilote de base de données en tant + que label pour une requête SQL préparée, et doit donc respecter toutes les + règles imposées par votre base de données (comme la sensibilité à la casse).

    +
    top

    Résumé

    diff -Nru apache2-2.4.33/docs/manual/sections.html.tr.utf8 apache2-2.4.34/docs/manual/sections.html.tr.utf8 --- apache2-2.4.33/docs/manual/sections.html.tr.utf8 2018-02-19 14:18:51.000000000 +0000 +++ apache2-2.4.34/docs/manual/sections.html.tr.utf8 2018-05-08 13:09:57.000000000 +0000 @@ -29,7 +29,6 @@  ko  |  tr 

    -
    Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.

    Yapılandırma dosyalarındaki yönergeler sunucunun tamamına uygulanacağı gibi sadece belli dizinler, @@ -50,7 +49,7 @@

    Yapılandırma Bölümü Taşıyıcılarının Türleri

    -
    İlgili Modüllerİlgili Yönergeler
    +
    İlgili Modüllerİlgili Yönergeler

    Ä°ki temel taşıyıcı türü vardır. Taşıyıcıların çoÄŸu her istek için deÄŸerlendirmeye alınır. Taşıyıcılardaki yönergeler ise sadece bu @@ -575,9 +574,9 @@ </Files> <VirtualHost *> -<Directory "/a/b"> - B -</Directory> + <Directory "/a/b"> + B + </Directory> </VirtualHost> <DirectoryMatch "^.*b$"> diff -Nru apache2-2.4.33/docs/manual/style/version.ent apache2-2.4.34/docs/manual/style/version.ent --- apache2-2.4.33/docs/manual/style/version.ent 2018-03-10 02:33:29.000000000 +0000 +++ apache2-2.4.34/docs/manual/style/version.ent 2018-03-17 23:41:25.000000000 +0000 @@ -19,6 +19,6 @@ - + diff -Nru apache2-2.4.33/httpd.spec apache2-2.4.34/httpd.spec --- apache2-2.4.33/httpd.spec 2018-03-17 23:41:53.000000000 +0000 +++ apache2-2.4.34/httpd.spec 2018-07-10 13:55:14.000000000 +0000 @@ -4,7 +4,7 @@ Summary: Apache HTTP Server Name: httpd -Version: 2.4.33 +Version: 2.4.34 Release: 1 URL: http://httpd.apache.org/ Vendor: Apache Software Foundation diff -Nru apache2-2.4.33/include/ap_config_auto.h.in apache2-2.4.34/include/ap_config_auto.h.in --- apache2-2.4.33/include/ap_config_auto.h.in 2018-03-17 23:41:52.000000000 +0000 +++ apache2-2.4.34/include/ap_config_auto.h.in 2018-07-10 13:55:13.000000000 +0000 @@ -24,12 +24,18 @@ /* SuExec log file */ #undef AP_LOG_EXEC +/* SuExec log to syslog */ +#undef AP_LOG_SYSLOG + /* Listening sockets are non-blocking when there are more than 1 */ #undef AP_NONBLOCK_WHEN_MULTI_LISTEN /* safe shell path for SuExec */ #undef AP_SAFE_PATH +/* Enable if suexec is installed with Linux capabilities, not setuid */ +#undef AP_SUEXEC_CAPABILITIES + /* umask for suexec'd process */ #undef AP_SUEXEC_UMASK @@ -238,6 +244,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H +/* Define to 1 if you have the `vsyslog' function. */ +#undef HAVE_VSYSLOG + /* Root directory of the Apache install area */ #undef HTTPD_ROOT diff -Nru apache2-2.4.33/include/ap_mmn.h apache2-2.4.34/include/ap_mmn.h --- apache2-2.4.33/include/ap_mmn.h 2018-02-20 13:42:59.000000000 +0000 +++ apache2-2.4.34/include/ap_mmn.h 2018-06-22 10:04:49.000000000 +0000 @@ -512,6 +512,9 @@ * ap_regcomp_default_cflag_by_name * 20120211.75 (2.4.30-dev) Add hostname_ex to proxy_worker_shared * 20120211.76 (2.4.30-dev) Add CONN_STATE_NUM to enum conn_state_e + * 20120211.77 (2.4.34-dev) Add ap_exists_directive() + * 20120211.78 (2.4.34-dev) Add response_field_size to proxy_worker_shared + * 20120211.79 (2.4.34-dev) Add AP_GETLINE_NOSPC_EOL flag to http_protocol.h */ #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */ @@ -519,7 +522,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20120211 #endif -#define MODULE_MAGIC_NUMBER_MINOR 76 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 79 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a diff -Nru apache2-2.4.33/include/ap_release.h apache2-2.4.34/include/ap_release.h --- apache2-2.4.33/include/ap_release.h 2018-03-17 23:41:18.000000000 +0000 +++ apache2-2.4.34/include/ap_release.h 2018-07-10 13:48:23.000000000 +0000 @@ -43,7 +43,7 @@ #define AP_SERVER_MAJORVERSION_NUMBER 2 #define AP_SERVER_MINORVERSION_NUMBER 4 -#define AP_SERVER_PATCHLEVEL_NUMBER 33 +#define AP_SERVER_PATCHLEVEL_NUMBER 34 #define AP_SERVER_DEVBUILD_BOOLEAN 0 /* Synchronize the above with docs/manual/style/version.ent */ diff -Nru apache2-2.4.33/include/http_config.h apache2-2.4.34/include/http_config.h --- apache2-2.4.33/include/http_config.h 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/include/http_config.h 2018-05-31 15:10:26.000000000 +0000 @@ -1015,6 +1015,14 @@ AP_DECLARE(void) ap_show_directives(void); /** + * Returns non-zero if a configuration directive of the given name has + * been registered by a module at the time of calling. + * @param p Pool for temporary allocations + * @param name Directive name + */ +AP_DECLARE(int) ap_exists_directive(apr_pool_t *p, const char *name); + +/** * Show the preloaded module names. Used for httpd -l. */ AP_DECLARE(void) ap_show_modules(void); diff -Nru apache2-2.4.33/include/httpd.h apache2-2.4.34/include/httpd.h --- apache2-2.4.33/include/httpd.h 2018-02-20 13:42:59.000000000 +0000 +++ apache2-2.4.34/include/httpd.h 2018-05-31 13:19:12.000000000 +0000 @@ -2366,7 +2366,7 @@ const char *s); /** - * Perform a case-insensitive comparison of two strings @a atr1 and @a atr2, + * Perform a case-insensitive comparison of two strings @a str1 and @a str2, * treating upper and lower case values of the 26 standard C/POSIX alphabetic * characters as equivalent. Extended latin characters outside of this set * are treated as unique octets, irrespective of the current locale. @@ -2380,7 +2380,7 @@ AP_DECLARE(int) ap_cstr_casecmp(const char *s1, const char *s2); /** - * Perform a case-insensitive comparison of two strings @a atr1 and @a atr2, + * Perform a case-insensitive comparison of two strings @a str1 and @a str2, * treating upper and lower case values of the 26 standard C/POSIX alphabetic * characters as equivalent. Extended latin characters outside of this set * are treated as unique octets, irrespective of the current locale. diff -Nru apache2-2.4.33/include/http_protocol.h apache2-2.4.34/include/http_protocol.h --- apache2-2.4.33/include/http_protocol.h 2017-05-30 12:27:41.000000000 +0000 +++ apache2-2.4.34/include/http_protocol.h 2018-06-22 10:04:49.000000000 +0000 @@ -606,7 +606,9 @@ AP_CORE_DECLARE(void) ap_parse_uri(request_rec *r, const char *uri); #define AP_GETLINE_FOLD 1 /* Whether to merge continuation lines */ -#define AP_GETLINE_CRLF 2 /*Whether line ends must be in the form CR LF */ +#define AP_GETLINE_CRLF 2 /* Whether line ends must be in the form CR LF */ +#define AP_GETLINE_NOSPC_EOL 4 /* Whether to consume up to and including the + end of line on APR_ENOSPC */ /** * Get the next line of input for the request diff -Nru apache2-2.4.33/Makefile.in apache2-2.4.34/Makefile.in --- apache2-2.4.33/Makefile.in 2017-09-19 10:15:00.000000000 +0000 +++ apache2-2.4.34/Makefile.in 2018-05-30 19:09:00.000000000 +0000 @@ -269,11 +269,22 @@ cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ fi -install-suexec: +install-suexec: install-suexec-binary install-suexec-$(INSTALL_SUEXEC) + +install-suexec-binary: @if test -f $(builddir)/support/suexec; then \ test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir); \ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \ - chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ + fi + +install-suexec-setuid: + @if test -f $(builddir)/support/suexec; then \ + chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ + fi + +install-suexec-caps: + @if test -f $(builddir)/support/suexec; then \ + setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \ fi suexec: diff -Nru apache2-2.4.33/Makefile.win apache2-2.4.34/Makefile.win --- apache2-2.4.33/Makefile.win 2018-02-19 22:47:28.000000000 +0000 +++ apache2-2.4.34/Makefile.win 2018-06-04 14:51:36.000000000 +0000 @@ -1246,6 +1246,7 @@ modules\filters\mod_include.h \ modules\generators\mod_cgi.h \ modules\generators\mod_status.h \ + modules\http2\mod_http2.h \ modules\loggers\mod_log_config.h \ modules\mappers\mod_rewrite.h \ modules\proxy\mod_proxy.h \ diff -Nru apache2-2.4.33/modules/aaa/mod_auth_form.c apache2-2.4.34/modules/aaa/mod_auth_form.c --- apache2-2.4.33/modules/aaa/mod_auth_form.c 2017-01-06 08:28:00.000000000 +0000 +++ apache2-2.4.34/modules/aaa/mod_auth_form.c 2018-05-31 13:19:12.000000000 +0000 @@ -613,7 +613,7 @@ /* have we isolated the user and pw before? */ get_notes_auth(r, sent_user, sent_pw, sent_method, sent_mimetype); - if (*sent_user && *sent_pw) { + if (sent_user && *sent_user && sent_pw && *sent_pw) { return OK; } diff -Nru apache2-2.4.33/modules/aaa/mod_authz_core.c apache2-2.4.34/modules/aaa/mod_authz_core.c --- apache2-2.4.33/modules/aaa/mod_authz_core.c 2016-08-25 12:48:18.000000000 +0000 +++ apache2-2.4.34/modules/aaa/mod_authz_core.c 2018-07-02 12:48:17.000000000 +0000 @@ -253,7 +253,7 @@ const char *endp = ap_strrchr_c(args, '>'); char *provider_name; char *provider_alias; - char *provider_args; + char *provider_args, *extra_args; ap_conf_vector_t *new_authz_config; int old_overrides = cmd->override; const char *errmsg; @@ -279,11 +279,22 @@ provider_name = ap_getword_conf(cmd->pool, &args); provider_alias = ap_getword_conf(cmd->pool, &args); provider_args = ap_getword_conf(cmd->pool, &args); + extra_args = ap_getword_conf(cmd->pool, &args); if (!provider_name[0] || !provider_alias[0]) { return apr_pstrcat(cmd->pool, cmd->cmd->name, "> directive requires additional arguments", NULL); } + + /* We only handle one "Require-Parameters" parameter. If several parameters + are needed, they must be enclosed between quotes */ + if (extra_args && *extra_args) { + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(10142) + "When several arguments (%s %s...) are passed to a %s directive, " + "they must be enclosed in quotation marks. Otherwise, only the " + "first one is taken into account", + provider_args, extra_args, cmd->cmd->name); + } new_authz_config = ap_create_per_dir_config(cmd->pool); diff -Nru apache2-2.4.33/modules/arch/unix/mod_unixd.c apache2-2.4.34/modules/arch/unix/mod_unixd.c --- apache2-2.4.33/modules/arch/unix/mod_unixd.c 2011-12-05 00:08:01.000000000 +0000 +++ apache2-2.4.34/modules/arch/unix/mod_unixd.c 2018-05-30 19:09:00.000000000 +0000 @@ -284,6 +284,13 @@ return NULL; } +#ifdef AP_SUEXEC_CAPABILITIES +/* If suexec is using capabilities, don't test for the setuid bit. */ +#define SETUID_TEST(finfo) (1) +#else +#define SETUID_TEST(finfo) (finfo.protection & APR_USETID) +#endif + static int unixd_pre_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp) @@ -300,7 +307,7 @@ ap_unixd_config.suexec_enabled = 0; if ((apr_stat(&wrapper, SUEXEC_BIN, APR_FINFO_NORM, ptemp)) == APR_SUCCESS) { - if ((wrapper.protection & APR_USETID) && wrapper.user == 0 + if (SETUID_TEST(wrapper) && wrapper.user == 0 && (access(SUEXEC_BIN, R_OK|X_OK) == 0)) { ap_unixd_config.suexec_enabled = 1; ap_unixd_config.suexec_disabled_reason = ""; diff -Nru apache2-2.4.33/modules/cache/mod_cache.c apache2-2.4.34/modules/cache/mod_cache.c --- apache2-2.4.33/modules/cache/mod_cache.c 2017-03-24 18:00:40.000000000 +0000 +++ apache2-2.4.34/modules/cache/mod_cache.c 2018-06-24 10:18:38.000000000 +0000 @@ -1040,8 +1040,11 @@ if (reason) { /* noop */ } - else if (exps != NULL && exp == APR_DATE_BAD) { - /* if a broken Expires header is present, don't cache it */ + else if (!control.s_maxage && !control.max_age && !dconf->store_expired + && exps != NULL && exp == APR_DATE_BAD) { + /* if a broken Expires header is present, don't cache it + * Unless CC: s-maxage or max-age is present + */ reason = apr_pstrcat(p, "Broken expires header: ", exps, NULL); } else if (!control.s_maxage && !control.max_age diff -Nru apache2-2.4.33/modules/debugging/mod_dumpio.c apache2-2.4.34/modules/debugging/mod_dumpio.c --- apache2-2.4.33/modules/debugging/mod_dumpio.c 2012-12-04 02:28:16.000000000 +0000 +++ apache2-2.4.34/modules/debugging/mod_dumpio.c 2018-04-09 15:42:14.000000000 +0000 @@ -181,6 +181,11 @@ { dumpio_conf_t *ptr; + if (!APLOGctrace7(c)) { + /* Nothing to do below TRACE7 */ + return DECLINED; + } + ptr = (dumpio_conf_t *) ap_get_module_config(c->base_server->module_config, &dumpio_module); diff -Nru apache2-2.4.33/modules/filters/mod_include.c apache2-2.4.34/modules/filters/mod_include.c --- apache2-2.4.33/modules/filters/mod_include.c 2016-07-22 12:47:42.000000000 +0000 +++ apache2-2.4.34/modules/filters/mod_include.c 2018-05-31 13:19:12.000000000 +0000 @@ -498,6 +498,7 @@ /* The following is a shrinking transformation, therefore safe. */ +/* Note: this function is deprecated in favour of apr_unescape_entity() in APR */ static void decodehtml(char *s) { int val, i, j; diff -Nru apache2-2.4.33/modules/filters/mod_proxy_html.c apache2-2.4.34/modules/filters/mod_proxy_html.c --- apache2-2.4.33/modules/filters/mod_proxy_html.c 2018-01-13 15:57:11.000000000 +0000 +++ apache2-2.4.34/modules/filters/mod_proxy_html.c 2018-07-02 12:49:16.000000000 +0000 @@ -659,7 +659,7 @@ p = buf+offs+pmatch[1].rm_eo; while (!apr_isalpha(*++p)); for (q = p; apr_isalnum(*q) || (*q == '-'); ++q); - header = apr_pstrndup(r->pool, p, q-p); + header = apr_pstrmemdup(r->pool, p, q-p); if (strncasecmp(header, "Content-", 8)) { /* find content=... string */ p = apr_strmatch(seek_content, buf+offs+pmatch[0].rm_so, @@ -683,7 +683,7 @@ } else { for (q = p; *q && !apr_isspace(*q) && (*q != '>'); ++q); } - content = apr_pstrndup(r->pool, p, q-p); + content = apr_pstrmemdup(r->pool, p, q-p); break; } } @@ -716,26 +716,31 @@ const char *replacement; const char *var; for (;;) { - start = str; - if (start = ap_strstr_c(start, "${"), start == NULL) + if ((start = ap_strstr_c(str, "${")) == NULL) break; - if (end = ap_strchr_c(start+2, '}'), end == NULL) + if ((end = ap_strchr_c(start+2, '}')) == NULL) break; - delim = ap_strchr_c(start, '|'); - before = apr_pstrndup(r->pool, str, start-str); + delim = ap_strchr_c(start+2, '|'); + + /* Restrict delim to ${...} */ + if (delim && delim >= end) { + delim = NULL; + } + + before = apr_pstrmemdup(r->pool, str, start-str); after = end+1; if (delim) { - var = apr_pstrndup(r->pool, start+2, delim-start-2); + var = apr_pstrmemdup(r->pool, start+2, delim-start-2); } else { - var = apr_pstrndup(r->pool, start+2, end-start-2); + var = apr_pstrmemdup(r->pool, start+2, end-start-2); } replacement = apr_table_get(r->subprocess_env, var); if (!replacement) { if (delim) - replacement = apr_pstrndup(r->pool, delim+1, end-delim-1); + replacement = apr_pstrmemdup(r->pool, delim+1, end-delim-1); else replacement = ""; } diff -Nru apache2-2.4.33/modules/filters/mod_ratelimit.c apache2-2.4.34/modules/filters/mod_ratelimit.c --- apache2-2.4.33/modules/filters/mod_ratelimit.c 2016-12-13 17:57:58.000000000 +0000 +++ apache2-2.4.34/modules/filters/mod_ratelimit.c 2018-07-05 19:15:40.000000000 +0000 @@ -26,7 +26,6 @@ typedef enum rl_state_e { - RATE_ERROR, RATE_LIMIT, RATE_FULLSPEED } rl_state_e; @@ -36,6 +35,7 @@ int speed; int chunk_size; int burst; + int do_sleep; rl_state_e state; apr_bucket_brigade *tmpbb; apr_bucket_brigade *holdingbb; @@ -57,20 +57,11 @@ #endif /* RLFDEBUG */ static apr_status_t -rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb) +rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *bb) { apr_status_t rv = APR_SUCCESS; rl_ctx_t *ctx = f->ctx; - apr_bucket *fb; - int do_sleep = 0; apr_bucket_alloc_t *ba = f->r->connection->bucket_alloc; - apr_bucket_brigade *bb = input_bb; - - if (f->c->aborted) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, f->r, APLOGNO(01454) "rl: conn aborted"); - apr_brigade_cleanup(bb); - return APR_ECONNABORTED; - } /* Set up our rl_ctx_t on first use */ if (ctx == NULL) { @@ -120,6 +111,7 @@ ctx->state = RATE_LIMIT; ctx->speed = ratelimit; ctx->burst = burst; + ctx->do_sleep = 0; /* calculate how many bytes / interval we want to send */ /* speed is bytes / second, so, how many (speed / 1000 % interval) */ @@ -127,79 +119,49 @@ ctx->tmpbb = apr_brigade_create(f->r->pool, ba); ctx->holdingbb = apr_brigade_create(f->r->pool, ba); } + else { + APR_BRIGADE_PREPEND(bb, ctx->holdingbb); + } - while (ctx->state != RATE_ERROR && - (!APR_BRIGADE_EMPTY(bb) || !APR_BRIGADE_EMPTY(ctx->holdingbb))) { + while (!APR_BRIGADE_EMPTY(bb)) { apr_bucket *e; - if (!APR_BRIGADE_EMPTY(ctx->holdingbb)) { - APR_BRIGADE_CONCAT(bb, ctx->holdingbb); - } - - while (ctx->state == RATE_FULLSPEED && !APR_BRIGADE_EMPTY(bb)) { + if (ctx->state == RATE_FULLSPEED) { /* Find where we 'stop' going full speed. */ for (e = APR_BRIGADE_FIRST(bb); e != APR_BRIGADE_SENTINEL(bb); e = APR_BUCKET_NEXT(e)) { if (AP_RL_BUCKET_IS_END(e)) { - apr_bucket *f; - f = APR_RING_LAST(&bb->list); - APR_RING_UNSPLICE(e, f, link); - APR_RING_SPLICE_TAIL(&ctx->holdingbb->list, e, f, - apr_bucket, link); + apr_brigade_split_ex(bb, e, ctx->holdingbb); ctx->state = RATE_LIMIT; break; } } - if (f->c->aborted) { - apr_brigade_cleanup(bb); - ctx->state = RATE_ERROR; - break; - } - - fb = apr_bucket_flush_create(ba); - APR_BRIGADE_INSERT_TAIL(bb, fb); + e = apr_bucket_flush_create(ba); + APR_BRIGADE_INSERT_TAIL(bb, e); rv = ap_pass_brigade(f->next, bb); + apr_brigade_cleanup(bb); if (rv != APR_SUCCESS) { - ctx->state = RATE_ERROR; ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, f->r, APLOGNO(01455) "rl: full speed brigade pass failed."); + return rv; } } - - while (ctx->state == RATE_LIMIT && !APR_BRIGADE_EMPTY(bb)) { + else { for (e = APR_BRIGADE_FIRST(bb); e != APR_BRIGADE_SENTINEL(bb); e = APR_BUCKET_NEXT(e)) { if (AP_RL_BUCKET_IS_START(e)) { - apr_bucket *f; - f = APR_RING_LAST(&bb->list); - APR_RING_UNSPLICE(e, f, link); - APR_RING_SPLICE_TAIL(&ctx->holdingbb->list, e, f, - apr_bucket, link); + apr_brigade_split_ex(bb, e, ctx->holdingbb); ctx->state = RATE_FULLSPEED; break; } } while (!APR_BRIGADE_EMPTY(bb)) { - apr_bucket *stop_point; - apr_off_t len = 0; + apr_off_t len = ctx->chunk_size + ctx->burst; - if (f->c->aborted) { - apr_brigade_cleanup(bb); - ctx->state = RATE_ERROR; - break; - } - - if (do_sleep) { - apr_sleep(RATE_INTERVAL_MS * 1000); - } - else { - do_sleep = 1; - } - - apr_brigade_length(bb, 1, &len); + APR_BRIGADE_CONCAT(ctx->tmpbb, bb); /* * Pull next chunk of data; the initial amount is our @@ -208,38 +170,29 @@ * burst amounts we have left (in case not done in the * first bucket). */ - rv = apr_brigade_partition(bb, - ctx->chunk_size + ctx->burst, &stop_point); + rv = apr_brigade_partition(ctx->tmpbb, len, &e); if (rv != APR_SUCCESS && rv != APR_INCOMPLETE) { - ctx->state = RATE_ERROR; ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, f->r, APLOGNO(01456) "rl: partition failed."); - break; + return rv; } - - if (stop_point != APR_BRIGADE_SENTINEL(bb)) { - apr_bucket *f; - apr_bucket *e = APR_BUCKET_PREV(stop_point); - f = APR_RING_FIRST(&bb->list); - APR_RING_UNSPLICE(f, e, link); - APR_RING_SPLICE_HEAD(&ctx->tmpbb->list, f, e, apr_bucket, - link); + /* Send next metadata now if any */ + while (e != APR_BRIGADE_SENTINEL(ctx->tmpbb) + && APR_BUCKET_IS_METADATA(e)) { + e = APR_BUCKET_NEXT(e); + } + if (e != APR_BRIGADE_SENTINEL(ctx->tmpbb)) { + apr_brigade_split_ex(ctx->tmpbb, e, bb); } else { - APR_BRIGADE_CONCAT(ctx->tmpbb, bb); + apr_brigade_length(ctx->tmpbb, 1, &len); } - fb = apr_bucket_flush_create(ba); - - APR_BRIGADE_INSERT_TAIL(ctx->tmpbb, fb); - /* * Adjust the burst amount depending on how much * we've done up to now. */ if (ctx->burst) { - len = ctx->burst; - apr_brigade_length(ctx->tmpbb, 1, &len); ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, f->r, APLOGNO(03485) "rl: burst %d; len %"APR_OFF_T_FMT, ctx->burst, len); if (len < ctx->burst) { @@ -250,26 +203,58 @@ } } + e = APR_BRIGADE_LAST(ctx->tmpbb); + if (APR_BUCKET_IS_EOS(e)) { + ap_remove_output_filter(f); + } + else if (!APR_BUCKET_IS_FLUSH(e)) { + if (APR_BRIGADE_EMPTY(bb)) { + /* Wait for more (or next call) */ + break; + } + e = apr_bucket_flush_create(ba); + APR_BRIGADE_INSERT_TAIL(ctx->tmpbb, e); + } + #if defined(RLFDEBUG) brigade_dump(f->r, ctx->tmpbb); brigade_dump(f->r, bb); #endif /* RLFDEBUG */ + if (ctx->do_sleep) { + apr_sleep(RATE_INTERVAL_MS * 1000); + } + else { + ctx->do_sleep = 1; + } + rv = ap_pass_brigade(f->next, ctx->tmpbb); apr_brigade_cleanup(ctx->tmpbb); if (rv != APR_SUCCESS) { /* Most often, user disconnects from stream */ - ctx->state = RATE_ERROR; ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, f->r, APLOGNO(01457) "rl: brigade pass failed."); - break; + return rv; } } } + + if (!APR_BRIGADE_EMPTY(ctx->holdingbb)) { + /* Any rate-limited data in tmpbb is sent unlimited along + * with the rest. + */ + APR_BRIGADE_CONCAT(bb, ctx->tmpbb); + APR_BRIGADE_CONCAT(bb, ctx->holdingbb); + } } - return rv; +#if defined(RLFDEBUG) + brigade_dump(f->r, ctx->tmpbb); +#endif /* RLFDEBUG */ + + /* Save remaining tmpbb with the correct lifetime for the next call */ + return ap_save_brigade(f, &ctx->holdingbb, &ctx->tmpbb, f->r->pool); } diff -Nru apache2-2.4.33/modules/filters/mod_substitute.c apache2-2.4.34/modules/filters/mod_substitute.c --- apache2-2.4.33/modules/filters/mod_substitute.c 2017-05-11 17:09:35.000000000 +0000 +++ apache2-2.4.34/modules/filters/mod_substitute.c 2018-05-31 13:19:12.000000000 +0000 @@ -51,6 +51,7 @@ apr_size_t replen; apr_size_t patlen; int flatten; + const char *from; } subst_pattern_t; typedef struct { @@ -121,6 +122,8 @@ apr_bucket_delete(tmp_b); \ } while (0) +#define CAP2LINEMAX(n) ((n) < (apr_size_t)200 ? (int)(n) : 200) + static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, apr_bucket_brigade *mybb, apr_pool_t *pool) @@ -165,6 +168,17 @@ if (apr_bucket_read(b, &buff, &bytes, APR_BLOCK_READ) == APR_SUCCESS) { int have_match = 0; + + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Line read (%" APR_SIZE_T_FMT " bytes): %.*s", + bytes, CAP2LINEMAX(bytes), buff); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Replacing %s:'%s' by '%s'", + script->pattern ? "string" : + script->regexp ? "regex" : + "unknown", + script->from, script->replacement); + vb.strlen = 0; if (script->pattern) { const char *repl; @@ -176,6 +190,9 @@ apr_size_t repl_len = strlen(script->replacement); while ((repl = apr_strmatch(script->pattern, buff, bytes))) { + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Matching found, result: '%s'", + script->replacement); have_match = 1; /* get offset into buff for pattern */ len = (apr_size_t) (repl - buff); @@ -231,6 +248,9 @@ */ char *copy = ap_varbuf_pdup(pool, &vb, NULL, 0, buff, bytes, &len); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + len, CAP2LINEMAX(len), copy); tmp_b = apr_bucket_pool_create(copy, len, pool, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); @@ -248,6 +268,9 @@ */ if (space_left < b->length) return APR_ENOMEM; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + bytes, CAP2LINEMAX(bytes), buff); } } } @@ -259,6 +282,8 @@ while (!ap_regexec_len(script->regexp, pos, left, AP_MAX_REG_MATCH, regm, 0)) { apr_status_t rv; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Matching found"); have_match = 1; if (script->flatten && !force_quick) { /* check remaining buffer size */ @@ -276,6 +301,8 @@ cfg->max_line_length - vb.strlen); if (rv != APR_SUCCESS) return rv; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Result: '%s'", vb.buf); } else { apr_size_t repl_len; @@ -296,6 +323,8 @@ tmp_b = apr_bucket_transient_create(repl, repl_len, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Result: '%s'", repl); } /* * reset to past what we just did. pos now maps to b @@ -311,6 +340,9 @@ */ copy = ap_varbuf_pdup(pool, &vb, NULL, 0, pos, left, &len); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + len, CAP2LINEMAX(len), copy); tmp_b = apr_bucket_pool_create(copy, len, pool, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); @@ -646,6 +678,7 @@ nscript->regexp = NULL; nscript->replacement = NULL; nscript->patlen = 0; + nscript->from = from; if (is_pattern) { nscript->patlen = strlen(from); diff -Nru apache2-2.4.33/modules/filters/mod_xml2enc.c apache2-2.4.34/modules/filters/mod_xml2enc.c --- apache2-2.4.33/modules/filters/mod_xml2enc.c 2015-09-28 12:25:04.000000000 +0000 +++ apache2-2.4.34/modules/filters/mod_xml2enc.c 2018-06-22 10:44:13.000000000 +0000 @@ -303,6 +303,7 @@ apr_bucket* b; apr_bucket* bstart; apr_size_t insz = 0; + int pending_meta = 0; char *ctype; char *p; @@ -390,20 +391,36 @@ /* move the data back to bb */ APR_BRIGADE_CONCAT(bb, ctx->bbsave); - while (b = APR_BRIGADE_FIRST(bb), b != APR_BRIGADE_SENTINEL(bb)) { + while (!APR_BRIGADE_EMPTY(bb)) { + b = APR_BRIGADE_FIRST(bb); ctx->bytes = 0; if (APR_BUCKET_IS_METADATA(b)) { APR_BUCKET_REMOVE(b); + APR_BRIGADE_INSERT_TAIL(ctx->bbnext, b); + /* Besides FLUSH, aggregate meta buckets to send them at + * once below. This resource filter is over on EOS. + */ + pending_meta = 1; if (APR_BUCKET_IS_EOS(b)) { - /* send remaining data */ - APR_BRIGADE_INSERT_TAIL(ctx->bbnext, b); - return ap_fflush(f->next, ctx->bbnext); - } else if (APR_BUCKET_IS_FLUSH(b)) { - ap_fflush(f->next, ctx->bbnext); + ap_remove_output_filter(f); + APR_BRIGADE_CONCAT(ctx->bbnext, bb); } - apr_bucket_destroy(b); + else if (!APR_BUCKET_IS_FLUSH(b)) { + continue; + } + } + if (pending_meta) { + pending_meta = 0; + /* passing meta bucket down the chain */ + rv = ap_pass_brigade(f->next, ctx->bbnext); + apr_brigade_cleanup(ctx->bbnext); + if (rv != APR_SUCCESS) { + return rv; + } + continue; } - else { /* data bucket */ + /* data bucket */ + { char* buf; apr_size_t bytes = 0; char fixbuf[BUFLEN]; @@ -508,8 +525,7 @@ if (rv != APR_SUCCESS) ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, f->r, APLOGNO(01446) "ap_fflush failed"); - else - rv = ap_pass_brigade(f->next, ctx->bbnext); + apr_brigade_cleanup(ctx->bbnext); } } } else { @@ -522,8 +538,18 @@ return rv; } } + if (pending_meta) { + /* passing pending meta bucket down the chain before leaving */ + rv = ap_pass_brigade(f->next, ctx->bbnext); + apr_brigade_cleanup(ctx->bbnext); + if (rv != APR_SUCCESS) { + return rv; + } + } + return APR_SUCCESS; } + static apr_status_t xml2enc_charset(request_rec* r, xmlCharEncoding* encp, const char** encoding) { diff -Nru apache2-2.4.33/modules/filters/sed1.c apache2-2.4.34/modules/filters/sed1.c --- apache2-2.4.33/modules/filters/sed1.c 2016-06-28 11:44:15.000000000 +0000 +++ apache2-2.4.34/modules/filters/sed1.c 2018-05-31 13:19:12.000000000 +0000 @@ -196,7 +196,7 @@ if (eval->hsize <= reqsize) { grow_hold_buffer(eval, reqsize); } - strcpy(eval->hspend, sz); + memcpy(eval->hspend, sz, len + 1); /* hspend will now point to NULL character */ eval->hspend += len; } @@ -220,7 +220,7 @@ if (eval->gsize < reqsize) { grow_gen_buffer(eval, reqsize, gspend); } - strcpy(*gspend, sz); + memcpy(*gspend, sz, len + 1); /* *gspend will now point to NULL character */ *gspend += len; } diff -Nru apache2-2.4.33/modules/http/http_request.c apache2-2.4.34/modules/http/http_request.c --- apache2-2.4.33/modules/http/http_request.c 2018-03-15 23:19:12.000000000 +0000 +++ apache2-2.4.34/modules/http/http_request.c 2018-06-19 13:15:49.000000000 +0000 @@ -186,7 +186,8 @@ apr_table_setn(r->headers_out, "Location", custom_response); } else if (custom_response[0] == '/') { - const char *error_notes; + const char *error_notes, *original_method; + int original_method_number; r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for * error documents! */ /* @@ -204,9 +205,14 @@ "error-notes")) != NULL) { apr_table_setn(r->subprocess_env, "ERROR_NOTES", error_notes); } + original_method = r->method; + original_method_number = r->method_number; r->method = "GET"; r->method_number = M_GET; ap_internal_redirect(custom_response, r); + /* preserve ability to see %method = original_method; + r->method_number = original_method_number; return; } else { @@ -339,6 +345,16 @@ return rv; } +#define RETRIEVE_BRIGADE_FROM_POOL(bb, key, pool, allocator) do { \ + apr_pool_userdata_get((void **)&bb, key, pool); \ + if (bb == NULL) { \ + bb = apr_brigade_create(pool, allocator); \ + apr_pool_userdata_setn((const void *)bb, key, NULL, pool); \ + } \ + else { \ + apr_brigade_cleanup(bb); \ + } \ +} while(0) AP_DECLARE(void) ap_process_request_after_handler(request_rec *r) { @@ -351,7 +367,8 @@ * this bucket is destroyed, the request will be logged and * its pool will be freed */ - bb = apr_brigade_create(c->pool, c->bucket_alloc); + RETRIEVE_BRIGADE_FROM_POOL(bb, "ap_process_request_after_handler_brigade", + c->pool, c->bucket_alloc); b = ap_bucket_eor_create(c->bucket_alloc, r); APR_BRIGADE_INSERT_HEAD(bb, b); @@ -377,7 +394,7 @@ */ rv = ap_check_pipeline(c, bb, DEFAULT_LIMIT_BLANK_LINES); c->data_in_input_filters = (rv == APR_SUCCESS); - apr_brigade_destroy(bb); + apr_brigade_cleanup(bb); if (c->cs) c->cs->state = (c->aborted) ? CONN_STATE_LINGER @@ -471,7 +488,8 @@ ap_process_async_request(r); if (!c->data_in_input_filters) { - bb = apr_brigade_create(c->pool, c->bucket_alloc); + RETRIEVE_BRIGADE_FROM_POOL(bb, "ap_process_request_brigade", + c->pool, c->bucket_alloc); b = apr_bucket_flush_create(c->bucket_alloc); APR_BRIGADE_INSERT_HEAD(bb, b); rv = ap_pass_brigade(c->output_filters, bb); @@ -484,6 +502,7 @@ ap_log_cerror(APLOG_MARK, APLOG_INFO, rv, c, APLOGNO(01581) "flushing data to the client"); } + apr_brigade_cleanup(bb); } if (ap_extended_status) { ap_time_process_request(c->sbh, STOP_PREQUEST); diff -Nru apache2-2.4.33/modules/http2/h2_bucket_beam.c apache2-2.4.34/modules/http2/h2_bucket_beam.c --- apache2-2.4.33/modules/http2/h2_bucket_beam.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_bucket_beam.c 2018-05-30 19:13:36.000000000 +0000 @@ -550,6 +550,7 @@ apr_brigade_destroy(bb); if (bl) enter_yellow(beam, bl); + apr_thread_cond_broadcast(beam->change); if (beam->cons_ev_cb) { beam->cons_ev_cb(beam->cons_ctx, beam); } @@ -707,12 +708,10 @@ h2_beam_lock bl; if (beam && enter_yellow(beam, &bl) == APR_SUCCESS) { - if (!beam->aborted) { - beam->aborted = 1; - r_purge_sent(beam); - h2_blist_cleanup(&beam->send_list); - report_consumption(beam, &bl); - } + beam->aborted = 1; + r_purge_sent(beam); + h2_blist_cleanup(&beam->send_list); + report_consumption(beam, &bl); apr_thread_cond_broadcast(beam->change); leave_yellow(beam, &bl); } @@ -924,6 +923,7 @@ while (!APR_BRIGADE_EMPTY(sender_bb) && APR_SUCCESS == rv) { if (space_left <= 0) { report_prod_io(beam, force_report, &bl); + r_purge_sent(beam); rv = wait_not_full(beam, block, &space_left, &bl); if (APR_SUCCESS != rv) { break; diff -Nru apache2-2.4.33/modules/http2/h2_config.c apache2-2.4.34/modules/http2/h2_config.c --- apache2-2.4.33/modules/http2/h2_config.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_config.c 2018-05-29 21:06:49.000000000 +0000 @@ -604,6 +604,30 @@ return "value must be On or Off"; } +void h2_get_num_workers(server_rec *s, int *minw, int *maxw) +{ + int threads_per_child = 0; + const h2_config *config = h2_config_sget(s); + + *minw = h2_config_geti(config, H2_CONF_MIN_WORKERS); + *maxw = h2_config_geti(config, H2_CONF_MAX_WORKERS); + ap_mpm_query(AP_MPMQ_MAX_THREADS, &threads_per_child); + + if (*minw <= 0) { + *minw = threads_per_child; + } + if (*maxw <= 0) { + /* As a default, this seems to work quite well under mpm_event. + * For people enabling http2 under mpm_prefork, start 4 threads unless + * configured otherwise. People get unhappy if their http2 requests are + * blocking each other. */ + *maxw = 3 * (*minw) / 2; + if (*maxw < 4) { + *maxw = 4; + } + } +} + #define AP_END_CMD AP_INIT_TAKE1(NULL, NULL, NULL, RSRC_CONF, NULL) const command_rec h2_cmds[] = { diff -Nru apache2-2.4.33/modules/http2/h2_config.h apache2-2.4.34/modules/http2/h2_config.h --- apache2-2.4.33/modules/http2/h2_config.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_config.h 2018-05-29 21:06:49.000000000 +0000 @@ -95,6 +95,8 @@ int h2_config_geti(const h2_config *conf, h2_config_var_t var); apr_int64_t h2_config_geti64(const h2_config *conf, h2_config_var_t var); +void h2_get_num_workers(server_rec *s, int *minw, int *maxw); + void h2_config_init(apr_pool_t *pool); const struct h2_priority *h2_config_get_priority(const h2_config *conf, diff -Nru apache2-2.4.33/modules/http2/h2_conn.c apache2-2.4.34/modules/http2/h2_conn.c --- apache2-2.4.33/modules/http2/h2_conn.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_conn.c 2018-05-30 19:13:36.000000000 +0000 @@ -127,18 +127,7 @@ h2_config_init(pool); - minw = h2_config_geti(config, H2_CONF_MIN_WORKERS); - maxw = h2_config_geti(config, H2_CONF_MAX_WORKERS); - if (minw <= 0) { - minw = max_threads_per_child; - } - if (maxw <= 0) { - /* As a default, this seems to work quite well under mpm_event. - * For people enabling http2 under mpm_prefork, start 4 threads unless - * configured otherwise. People get unhappy if their http2 requests are - * blocking each other. */ - maxw = H2MAX(3 * minw / 2, 4); - } + h2_get_num_workers(s, &minw, &maxw); idle_secs = h2_config_geti(config, H2_CONF_MAX_WORKER_IDLE_SECS); ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s, @@ -240,7 +229,19 @@ && mpm_state != AP_MPMQ_STOPPING); if (c->cs) { - c->cs->state = CONN_STATE_LINGER; + switch (session->state) { + case H2_SESSION_ST_INIT: + case H2_SESSION_ST_IDLE: + case H2_SESSION_ST_BUSY: + case H2_SESSION_ST_WAIT: + c->cs->state = CONN_STATE_WRITE_COMPLETION; + break; + case H2_SESSION_ST_CLEANUP: + case H2_SESSION_ST_DONE: + default: + c->cs->state = CONN_STATE_LINGER; + break; + } } return APR_SUCCESS; @@ -313,8 +314,6 @@ c->log = NULL; c->log_id = apr_psprintf(pool, "%ld-%d", master->id, slave_id); - /* Simulate that we had already a request on this connection. */ - c->keepalives = 1; c->aborted = 0; /* We cannot install the master connection socket on the slaves, as * modules mess with timeouts/blocking of the socket, with @@ -349,6 +348,14 @@ apr_status_t h2_slave_run_pre_connection(conn_rec *slave, apr_socket_t *csd) { - return ap_run_pre_connection(slave, csd); + if (slave->keepalives == 0) { + /* Simulate that we had already a request on this connection. Some + * hooks trigger special behaviour when keepalives is 0. + * (Not necessarily in pre_connection, but later. Set it here, so it + * is in place.) */ + slave->keepalives = 1; + return ap_run_pre_connection(slave, csd); + } + return APR_SUCCESS; } diff -Nru apache2-2.4.33/modules/http2/h2_filter.c apache2-2.4.34/modules/http2/h2_filter.c --- apache2-2.4.33/modules/http2/h2_filter.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_filter.c 2018-05-29 21:16:29.000000000 +0000 @@ -291,6 +291,8 @@ } static apr_status_t bbout(apr_bucket_brigade *bb, const char *fmt, ...) + __attribute__((format(printf,2,3))); +static apr_status_t bbout(apr_bucket_brigade *bb, const char *fmt, ...) { va_list args; apr_status_t rv; @@ -351,8 +353,8 @@ bbout(x->bb, " \"created\": %f,\n", ((double)stream->created)/APR_USEC_PER_SEC); bbout(x->bb, " \"flowIn\": %d,\n", flowIn); bbout(x->bb, " \"flowOut\": %d,\n", flowOut); - bbout(x->bb, " \"dataIn\": %"APR_UINT64_T_FMT",\n", stream->in_data_octets); - bbout(x->bb, " \"dataOut\": %"APR_UINT64_T_FMT"\n", stream->out_data_octets); + bbout(x->bb, " \"dataIn\": %"APR_OFF_T_FMT",\n", stream->in_data_octets); + bbout(x->bb, " \"dataOut\": %"APR_OFF_T_FMT"\n", stream->out_data_octets); bbout(x->bb, " }"); ++x->idx; diff -Nru apache2-2.4.33/modules/http2/h2_from_h1.c apache2-2.4.34/modules/http2/h2_from_h1.c --- apache2-2.4.33/modules/http2/h2_from_h1.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_from_h1.c 2018-05-29 21:16:29.000000000 +0000 @@ -413,7 +413,7 @@ h2_headers *response = h2_headers_create(parser->http_status, make_table(parser), - NULL, task->pool); + NULL, 0, task->pool); apr_brigade_cleanup(parser->tmp); b = h2_bucket_headers_create(task->c->bucket_alloc, response); APR_BRIGADE_INSERT_TAIL(parser->tmp, b); @@ -772,6 +772,10 @@ APR_BUCKET_REMOVE(b); apr_bucket_destroy(b); ap_remove_input_filter(f); + + if (headers->raw_bytes && h2_task_logio_add_bytes_in) { + h2_task_logio_add_bytes_in(task->c, headers->raw_bytes); + } break; } } diff -Nru apache2-2.4.33/modules/http2/h2.h apache2-2.4.34/modules/http2/h2.h --- apache2-2.4.33/modules/http2/h2.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2.h 2018-05-29 21:16:29.000000000 +0000 @@ -51,6 +51,9 @@ /* Max data size to write so it fits inside a TLS record */ #define H2_DATA_CHUNK_SIZE ((16*1024) - 100 - 9) +/* Size of the frame header itself in HTTP/2 */ +#define H2_FRAME_HDR_LEN 9 + /* Maximum number of padding bytes in a frame, rfc7540 */ #define H2_MAX_PADLEN 256 /* Initial default window size, RFC 7540 ch. 6.5.2 */ @@ -137,6 +140,7 @@ apr_time_t request_time; unsigned int chunked : 1; /* iff requst body needs to be forwarded as chunked */ unsigned int serialize : 1; /* iff this request is written in HTTP/1.1 serialization */ + apr_off_t raw_bytes; /* RAW network bytes that generated this request - if known. */ }; typedef struct h2_headers h2_headers; @@ -145,6 +149,7 @@ int status; apr_table_t *headers; apr_table_t *notes; + apr_off_t raw_bytes; /* RAW network bytes that generated this request - if known. */ }; typedef apr_status_t h2_io_data_cb(void *ctx, const char *data, apr_off_t len); diff -Nru apache2-2.4.33/modules/http2/h2_h2.c apache2-2.4.34/modules/http2/h2_h2.c --- apache2-2.4.33/modules/http2/h2_h2.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_h2.c 2018-05-29 21:16:29.000000000 +0000 @@ -635,10 +635,10 @@ } h2_ctx_protocol_set(ctx, h2_h2_is_tls(c)? "h2" : "h2c"); } - else { + else if (APLOGctrace2(c)) { ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, - "h2_h2, not detected in %d bytes: %s", - (int)slen, s); + "h2_h2, not detected in %d bytes(base64): %s", + (int)slen, h2_util_base64url_encode(s, slen, c->pool)); } apr_brigade_destroy(temp); diff -Nru apache2-2.4.33/modules/http2/h2_headers.c apache2-2.4.34/modules/http2/h2_headers.c --- apache2-2.4.33/modules/http2/h2_headers.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_headers.c 2018-05-29 21:16:29.000000000 +0000 @@ -111,7 +111,8 @@ h2_headers *h2_headers_create(int status, apr_table_t *headers_in, - apr_table_t *notes, apr_pool_t *pool) + apr_table_t *notes, apr_off_t raw_bytes, + apr_pool_t *pool) { h2_headers *headers = apr_pcalloc(pool, sizeof(h2_headers)); headers->status = status; @@ -125,7 +126,7 @@ h2_headers *h2_headers_rcreate(request_rec *r, int status, apr_table_t *header, apr_pool_t *pool) { - h2_headers *headers = h2_headers_create(status, header, r->notes, pool); + h2_headers *headers = h2_headers_create(status, header, r->notes, 0, pool); if (headers->status == HTTP_FORBIDDEN) { const char *cause = apr_table_get(r->notes, "ssl-renegotiate-forbidden"); if (cause) { @@ -149,7 +150,7 @@ h2_headers *h2_headers_copy(apr_pool_t *pool, h2_headers *h) { return h2_headers_create(h->status, apr_table_copy(pool, h->headers), - apr_table_copy(pool, h->notes), pool); + apr_table_copy(pool, h->notes), h->raw_bytes, pool); } h2_headers *h2_headers_die(apr_status_t type, diff -Nru apache2-2.4.33/modules/http2/h2_headers.h apache2-2.4.34/modules/http2/h2_headers.h --- apache2-2.4.33/modules/http2/h2_headers.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_headers.h 2018-05-29 21:16:29.000000000 +0000 @@ -41,10 +41,12 @@ * @param status the headers status * @param header the headers of the headers * @param notes the notes carried by the headers + * @param raw_bytes the raw network bytes (if known) used to transmit these * @param pool the memory pool to use */ h2_headers *h2_headers_create(int status, apr_table_t *header, - apr_table_t *notes, apr_pool_t *pool); + apr_table_t *notes, apr_off_t raw_bytes, + apr_pool_t *pool); /** * Create the headers from the given request_rec. diff -Nru apache2-2.4.33/modules/http2/h2_mplx.c apache2-2.4.34/modules/http2/h2_mplx.c --- apache2-2.4.33/modules/http2/h2_mplx.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_mplx.c 2018-05-29 21:16:29.000000000 +0000 @@ -286,34 +286,6 @@ return 0; } -static void task_destroy(h2_mplx *m, h2_task *task) -{ - conn_rec *slave = NULL; - int reuse_slave = 0; - - slave = task->c; - - if (m->s->keep_alive_max == 0 || slave->keepalives < m->s->keep_alive_max) { - reuse_slave = ((m->spare_slaves->nelts < (m->limit_active * 3 / 2)) - && !task->rst_error); - } - - if (slave) { - if (reuse_slave && slave->keepalive == AP_CONN_KEEPALIVE) { - h2_beam_log(task->output.beam, m->c, APLOG_DEBUG, - APLOGNO(03385) "h2_task_destroy, reuse slave"); - h2_task_destroy(task); - APR_ARRAY_PUSH(m->spare_slaves, conn_rec*) = slave; - } - else { - h2_beam_log(task->output.beam, m->c, APLOG_TRACE1, - "h2_task_destroy, destroy slave"); - slave->sbh = NULL; - h2_slave_destroy(slave); - } - } -} - static int stream_destroy_iter(void *ctx, void *val) { h2_mplx *m = ctx; @@ -331,8 +303,42 @@ } if (stream->task) { - task_destroy(m, stream->task); + h2_task *task = stream->task; + conn_rec *slave; + int reuse_slave = 0; + stream->task = NULL; + slave = task->c; + if (slave) { + /* On non-serialized requests, the IO logging has not accounted for any + * meta data send over the network: response headers and h2 frame headers. we + * counted this on the stream and need to add this now. + * This is supposed to happen before the EOR bucket triggers the + * logging of the transaction. *fingers crossed* */ + if (task->request && !task->request->serialize && h2_task_logio_add_bytes_out) { + apr_off_t unaccounted = stream->out_frame_octets - stream->out_data_octets; + if (unaccounted > 0) { + h2_task_logio_add_bytes_out(slave, unaccounted); + } + } + + if (m->s->keep_alive_max == 0 || slave->keepalives < m->s->keep_alive_max) { + reuse_slave = ((m->spare_slaves->nelts < (m->limit_active * 3 / 2)) + && !task->rst_error); + } + + if (reuse_slave && slave->keepalive == AP_CONN_KEEPALIVE) { + h2_beam_log(task->output.beam, m->c, APLOG_DEBUG, + APLOGNO(03385) "h2_task_destroy, reuse slave"); + h2_task_destroy(task); + APR_ARRAY_PUSH(m->spare_slaves, conn_rec*) = slave; + } + else { + h2_beam_log(task->output.beam, m->c, APLOG_TRACE1, + "h2_task_destroy, destroy slave"); + h2_slave_destroy(slave); + } + } } h2_stream_destroy(stream); return 0; diff -Nru apache2-2.4.33/modules/http2/h2_proxy_util.c apache2-2.4.34/modules/http2/h2_proxy_util.c --- apache2-2.4.33/modules/http2/h2_proxy_util.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_proxy_util.c 2018-06-14 21:44:06.000000000 +0000 @@ -916,8 +916,8 @@ delta = nlen - olen; plen = ctx->slen + delta + 1; p = apr_pcalloc(ctx->pool, plen); - strncpy(p, ctx->s, start); - strncpy(p + start, ns, nlen); + memcpy(p, ctx->s, start); + memcpy(p + start, ns, nlen); strcpy(p + start + nlen, ctx->s + end); ctx->s = p; ctx->slen = (int)strlen(p); @@ -943,7 +943,7 @@ /* common to use relative uris in link header, for mappings * to work need to prefix the backend server uri */ need_len += ctx->psu_len; - strncpy(buffer, ctx->p_server_uri, sizeof(buffer)); + apr_cpystrn(buffer, ctx->p_server_uri, sizeof(buffer)); buffer_len = ctx->psu_len; } if (need_len > sizeof(buffer)) { @@ -951,9 +951,7 @@ "link_reverse_map uri too long, skipped: %s", ctx->s); return; } - strncpy(buffer + buffer_len, ctx->s + ctx->link_start, link_len); - buffer_len += link_len; - buffer[buffer_len] = '\0'; + apr_cpystrn(buffer + buffer_len, ctx->s + ctx->link_start, link_len + 1); if (!prepend_p_server && strcmp(ctx->real_backend_uri, ctx->p_server_uri) && !strncmp(buffer, ctx->real_backend_uri, ctx->rbu_len)) { @@ -961,8 +959,8 @@ * to work, we need to use the proxy uri */ int path_start = ctx->link_start + ctx->rbu_len; link_len -= ctx->rbu_len; - strcpy(buffer, ctx->p_server_uri); - strncpy(buffer + ctx->psu_len, ctx->s + path_start, link_len); + memcpy(buffer, ctx->p_server_uri, ctx->psu_len); + memcpy(buffer + ctx->psu_len, ctx->s + path_start, link_len); buffer_len = ctx->psu_len + link_len; buffer[buffer_len] = '\0'; } diff -Nru apache2-2.4.33/modules/http2/h2_push.c apache2-2.4.34/modules/http2/h2_push.c --- apache2-2.4.33/modules/http2/h2_push.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_push.c 2018-05-29 21:16:29.000000000 +0000 @@ -352,7 +352,7 @@ ctx->req->authority, path, headers, ctx->req->serialize); /* atm, we do not push on pushes */ - h2_request_end_headers(req, ctx->pool, 1); + h2_request_end_headers(req, ctx->pool, 1, 0); push->req = req; if (has_param(ctx, "critical")) { h2_priority *prio = apr_pcalloc(ctx->pool, sizeof(*prio)); diff -Nru apache2-2.4.33/modules/http2/h2_request.c apache2-2.4.34/modules/http2/h2_request.c --- apache2-2.4.33/modules/http2/h2_request.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_request.c 2018-05-29 21:16:29.000000000 +0000 @@ -150,7 +150,7 @@ return status; } -apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos) +apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos, size_t raw_bytes) { const char *s; @@ -190,7 +190,8 @@ apr_table_setn(req->headers, "Content-Length", "0"); } } - + req->raw_bytes += raw_bytes; + return APR_SUCCESS; } diff -Nru apache2-2.4.33/modules/http2/h2_request.h apache2-2.4.34/modules/http2/h2_request.h --- apache2-2.4.33/modules/http2/h2_request.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_request.h 2018-05-29 21:16:29.000000000 +0000 @@ -30,7 +30,7 @@ const char *name, size_t nlen, const char *value, size_t vlen); -apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos); +apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos, size_t raw_bytes); h2_request *h2_request_clone(apr_pool_t *p, const h2_request *src); diff -Nru apache2-2.4.33/modules/http2/h2_session.c apache2-2.4.34/modules/http2/h2_session.c --- apache2-2.4.33/modules/http2/h2_session.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_session.c 2018-05-29 21:16:29.000000000 +0000 @@ -348,7 +348,8 @@ * trailers */ stream = h2_session_stream_get(session, frame->hd.stream_id); if (stream) { - rv = h2_stream_recv_frame(stream, NGHTTP2_HEADERS, frame->hd.flags); + rv = h2_stream_recv_frame(stream, NGHTTP2_HEADERS, frame->hd.flags, + frame->hd.length + H2_FRAME_HDR_LEN); } break; case NGHTTP2_DATA: @@ -358,7 +359,8 @@ H2_STRM_LOG(APLOGNO(02923), stream, "DATA, len=%ld, flags=%d"), (long)frame->hd.length, frame->hd.flags); - rv = h2_stream_recv_frame(stream, NGHTTP2_DATA, frame->hd.flags); + rv = h2_stream_recv_frame(stream, NGHTTP2_DATA, frame->hd.flags, + frame->hd.length + H2_FRAME_HDR_LEN); } break; case NGHTTP2_PRIORITY: @@ -546,7 +548,8 @@ stream = h2_session_stream_get(session, stream_id); if (stream) { - h2_stream_send_frame(stream, frame->hd.type, frame->hd.flags); + h2_stream_send_frame(stream, frame->hd.type, frame->hd.flags, + frame->hd.length + H2_FRAME_HDR_LEN); } return 0; } diff -Nru apache2-2.4.33/modules/http2/h2_stream.c apache2-2.4.34/modules/http2/h2_stream.c --- apache2-2.4.33/modules/http2/h2_stream.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_stream.c 2018-05-29 21:16:29.000000000 +0000 @@ -221,7 +221,8 @@ stream->in_buffer = apr_brigade_create(stream->pool, c->bucket_alloc); } - r = h2_headers_create(HTTP_OK, stream->trailers, NULL, stream->pool); + r = h2_headers_create(HTTP_OK, stream->trailers, NULL, + stream->in_trailer_octets, stream->pool); stream->trailers = NULL; b = h2_bucket_headers_create(c->bucket_alloc, r); APR_BRIGADE_INSERT_TAIL(stream->in_buffer, b); @@ -369,7 +370,7 @@ r->serialize = h2_config_geti(stream->session->config, H2_CONF_SER_HEADERS); } -apr_status_t h2_stream_send_frame(h2_stream *stream, int ftype, int flags) +apr_status_t h2_stream_send_frame(h2_stream *stream, int ftype, int flags, size_t frame_len) { apr_status_t status = APR_SUCCESS; int new_state, eos = 0; @@ -381,7 +382,9 @@ AP_DEBUG_ASSERT(new_state > S_XXX); return transit(stream, new_state); } - + + ++stream->out_frames; + stream->out_frame_octets += frame_len; switch (ftype) { case NGHTTP2_DATA: eos = (flags & NGHTTP2_FLAG_END_STREAM); @@ -395,7 +398,7 @@ /* start pushed stream */ ap_assert(stream->request == NULL); ap_assert(stream->rtmp != NULL); - status = h2_request_end_headers(stream->rtmp, stream->pool, 1); + status = h2_request_end_headers(stream->rtmp, stream->pool, 1, 0); if (status != APR_SUCCESS) { return status; } @@ -416,7 +419,7 @@ return status; } -apr_status_t h2_stream_recv_frame(h2_stream *stream, int ftype, int flags) +apr_status_t h2_stream_recv_frame(h2_stream *stream, int ftype, int flags, size_t frame_len) { apr_status_t status = APR_SUCCESS; int new_state, eos = 0; @@ -441,6 +444,7 @@ if (!eos) { h2_stream_rst(stream, H2_ERR_PROTOCOL_ERROR); } + stream->in_trailer_octets += frame_len; } else { /* request HEADER */ @@ -452,7 +456,7 @@ * to abort the connection here, since this is clearly a protocol error */ return APR_EINVAL; } - status = h2_request_end_headers(stream->rtmp, stream->pool, eos); + status = h2_request_end_headers(stream->rtmp, stream->pool, eos, frame_len); if (status != APR_SUCCESS) { return status; } @@ -629,7 +633,7 @@ stream->rtmp = req; /* simulate the frames that led to this */ return h2_stream_recv_frame(stream, NGHTTP2_HEADERS, - NGHTTP2_FLAG_END_STREAM); + NGHTTP2_FLAG_END_STREAM, 0); } return status; } diff -Nru apache2-2.4.33/modules/http2/h2_stream.h apache2-2.4.34/modules/http2/h2_stream.h --- apache2-2.4.33/modules/http2/h2_stream.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_stream.h 2018-05-29 21:16:29.000000000 +0000 @@ -96,10 +96,13 @@ struct h2_task *task; /* assigned task to fullfill request */ const h2_priority *pref_priority; /* preferred priority for this stream */ + apr_off_t out_frames; /* # of frames sent out */ + apr_off_t out_frame_octets; /* # of RAW frame octets sent out */ apr_off_t out_data_frames; /* # of DATA frames sent */ apr_off_t out_data_octets; /* # of DATA octets (payload) sent */ apr_off_t in_data_frames; /* # of DATA frames received */ apr_off_t in_data_octets; /* # of DATA octets (payload) received */ + apr_off_t in_trailer_octets; /* # of HEADER octets (payload) received in trailers */ h2_stream_monitor *monitor; /* optional monitor for stream states */ }; @@ -196,8 +199,8 @@ const char *name, size_t nlen, const char *value, size_t vlen); -apr_status_t h2_stream_send_frame(h2_stream *stream, int frame_type, int flags); -apr_status_t h2_stream_recv_frame(h2_stream *stream, int frame_type, int flags); +apr_status_t h2_stream_send_frame(h2_stream *stream, int frame_type, int flags, size_t frame_len); +apr_status_t h2_stream_recv_frame(h2_stream *stream, int frame_type, int flags, size_t frame_len); /* * Process a frame of received DATA. diff -Nru apache2-2.4.33/modules/http2/h2_task.c apache2-2.4.34/modules/http2/h2_task.c --- apache2-2.4.33/modules/http2/h2_task.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_task.c 2018-05-29 21:16:29.000000000 +0000 @@ -675,7 +675,14 @@ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_task(%s): start process_request", task->id); + /* Add the raw bytes of the request (e.g. header frame lengths to + * the logio for this request. */ + if (req->raw_bytes && h2_task_logio_add_bytes_in) { + h2_task_logio_add_bytes_in(c, req->raw_bytes); + } + ap_process_request(r); + if (task->frozen) { ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_task(%s): process_request frozen", task->id); diff -Nru apache2-2.4.33/modules/http2/h2_version.h apache2-2.4.34/modules/http2/h2_version.h --- apache2-2.4.33/modules/http2/h2_version.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/h2_version.h 2018-05-30 19:13:36.000000000 +0000 @@ -27,7 +27,7 @@ * @macro * Version number of the http2 module as c string */ -#define MOD_HTTP2_VERSION "1.10.16" +#define MOD_HTTP2_VERSION "1.10.20" /** * @macro @@ -35,7 +35,7 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define MOD_HTTP2_VERSION_NUM 0x010a10 +#define MOD_HTTP2_VERSION_NUM 0x010a14 #endif /* mod_h2_h2_version_h */ diff -Nru apache2-2.4.33/modules/http2/mod_http2.c apache2-2.4.34/modules/http2/mod_http2.c --- apache2-2.4.33/modules/http2/mod_http2.c 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/mod_http2.c 2018-05-29 21:06:49.000000000 +0000 @@ -193,6 +193,11 @@ h2_mplx_req_engine_done(ngn, r_conn, status); } +static void http2_get_num_workers(server_rec *s, int *minw, int *maxw) +{ + h2_get_num_workers(s, minw, maxw); +} + /* Runs once per created child process. Perform any process * related initionalization here. */ @@ -218,6 +223,7 @@ APR_REGISTER_OPTIONAL_FN(http2_req_engine_push); APR_REGISTER_OPTIONAL_FN(http2_req_engine_pull); APR_REGISTER_OPTIONAL_FN(http2_req_engine_done); + APR_REGISTER_OPTIONAL_FN(http2_get_num_workers); ap_log_perror(APLOG_MARK, APLOG_TRACE1, 0, pool, "installing hooks"); diff -Nru apache2-2.4.33/modules/http2/mod_http2.h apache2-2.4.34/modules/http2/mod_http2.h --- apache2-2.4.33/modules/http2/mod_http2.h 2018-02-10 15:46:12.000000000 +0000 +++ apache2-2.4.34/modules/http2/mod_http2.h 2018-05-29 21:06:49.000000000 +0000 @@ -93,4 +93,9 @@ http2_req_engine_done, (h2_req_engine *engine, conn_rec *rconn, apr_status_t status)); + +APR_DECLARE_OPTIONAL_FN(void, + http2_get_num_workers, (server_rec *s, + int *minw, int *max)); + #endif diff -Nru apache2-2.4.33/modules/ldap/util_ldap_cache.c apache2-2.4.34/modules/ldap/util_ldap_cache.c --- apache2-2.4.33/modules/ldap/util_ldap_cache.c 2018-01-10 22:05:23.000000000 +0000 +++ apache2-2.4.34/modules/ldap/util_ldap_cache.c 2018-05-29 21:19:30.000000000 +0000 @@ -113,7 +113,7 @@ "%ld" "%ld" "%ld" - "%ld" + "%" APR_TIME_T_FMT "" "%ld" "%s" "", @@ -122,7 +122,7 @@ cache_node->size, cache_node->maxentries, cache_node->numentries, - cache_node->ttl / APR_USEC_PER_SEC, + apr_time_sec(cache_node->ttl), cache_node->fullmark, date_str); } diff -Nru apache2-2.4.33/modules/ldap/util_ldap_cache_mgr.c apache2-2.4.34/modules/ldap/util_ldap_cache_mgr.c --- apache2-2.4.33/modules/ldap/util_ldap_cache_mgr.c 2018-01-10 22:05:23.000000000 +0000 +++ apache2-2.4.34/modules/ldap/util_ldap_cache_mgr.c 2018-05-29 21:19:30.000000000 +0000 @@ -741,7 +741,7 @@ "\n" "\n" "TTL (sec):" - "%ld" + "%" APR_TIME_T_FMT "" "\n" "\n" "Full Mark:" @@ -755,7 +755,7 @@ util_ldap_cache->size, util_ldap_cache->maxentries, util_ldap_cache->numentries, - util_ldap_cache->ttl / APR_USEC_PER_SEC, + apr_time_sec(util_ldap_cache->ttl), util_ldap_cache->fullmark, date_str); diff -Nru apache2-2.4.33/modules/loggers/mod_logio.c apache2-2.4.34/modules/loggers/mod_logio.c --- apache2-2.4.33/modules/loggers/mod_logio.c 2015-12-29 16:26:41.000000000 +0000 +++ apache2-2.4.34/modules/loggers/mod_logio.c 2018-04-09 15:39:44.000000000 +0000 @@ -189,7 +189,7 @@ static int logio_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp) { - static APR_OPTIONAL_FN_TYPE(ap_register_log_handler) *log_pfn_register; + APR_OPTIONAL_FN_TYPE(ap_register_log_handler) *log_pfn_register; log_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_log_handler); diff -Nru apache2-2.4.33/modules/md/md_crypt.c apache2-2.4.34/modules/md/md_crypt.c --- apache2-2.4.33/modules/md/md_crypt.c 2018-01-30 10:20:50.000000000 +0000 +++ apache2-2.4.34/modules/md/md_crypt.c 2018-06-29 11:53:50.000000000 +0000 @@ -50,6 +50,13 @@ #include #endif +#if defined(LIBRESSL_VERSION_NUMBER) +/* Missing from LibreSSL */ +#define MD_USE_OPENSSL_PRE_1_1_API (LIBRESSL_VERSION_NUMBER < 0x2080000f) +#else /* defined(LIBRESSL_VERSION_NUMBER) */ +#define MD_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L) +#endif + static int initialized; struct md_pkey_t { @@ -190,7 +197,7 @@ */ static apr_time_t md_asn1_time_get(const ASN1_TIME* time) { -#ifdef LIBRESSL_VERSION_NUMBER +#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) /* courtesy: https://stackoverflow.com/questions/10975542/asn1-time-to-time-t-conversion#11263731 * all bugs are mine */ apr_time_exp_t t; @@ -471,7 +478,8 @@ } } -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if MD_USE_OPENSSL_PRE_1_1_API || (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER < 0x2070000f) #ifndef NID_tlsfeature #define NID_tlsfeature 1020 diff -Nru apache2-2.4.33/modules/md/md_json.c apache2-2.4.34/modules/md/md_json.c --- apache2-2.4.33/modules/md/md_json.c 2018-01-30 10:20:50.000000000 +0000 +++ apache2-2.4.34/modules/md/md_json.c 2018-06-29 11:53:50.000000000 +0000 @@ -28,10 +28,12 @@ * when undefining their INLINEs, we get static, unused functions, arg */ #if defined(__GNUC__) +#if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6) #pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wunreachable-code" #endif -#if defined(__clang__) +#pragma GCC diagnostic ignored "-Wunused-function" +#pragma GCC diagnostic ignored "-Wunreachable-code" +#elif defined(__clang__) #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wunused-function" #endif @@ -42,9 +44,10 @@ #include #if defined(__GNUC__) +#if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6) #pragma GCC diagnostic pop #endif -#if defined(__clang__) +#elif defined(__clang__) #pragma clang diagnostic pop #endif diff -Nru apache2-2.4.33/modules/md/md_version.h apache2-2.4.34/modules/md/md_version.h --- apache2-2.4.33/modules/md/md_version.h 2018-01-30 10:20:50.000000000 +0000 +++ apache2-2.4.34/modules/md/md_version.h 2018-06-29 11:53:50.000000000 +0000 @@ -27,7 +27,7 @@ * @macro * Version number of the md module as c string */ -#define MOD_MD_VERSION "1.1.8" +#define MOD_MD_VERSION "1.1.15" /** * @macro @@ -35,7 +35,7 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define MOD_MD_VERSION_NUM 0x010108 +#define MOD_MD_VERSION_NUM 0x01010f #define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory" diff -Nru apache2-2.4.33/modules/md/mod_md.c apache2-2.4.34/modules/md/mod_md.c --- apache2-2.4.33/modules/md/mod_md.c 2018-01-30 10:20:50.000000000 +0000 +++ apache2-2.4.34/modules/md/mod_md.c 2018-06-29 11:53:50.000000000 +0000 @@ -698,11 +698,11 @@ } } else { - job->next_check = job->md->expires - job->md->renew_window; - + /* Renew is not necessary yet, leave job->next_check as 0 since + * that keeps the default schedule of running twice a day. */ apr_rfc822_date(ts, job->md->expires); ap_log_error( APLOG_MARK, APLOG_DEBUG, 0, wd->s, APLOGNO(10053) - "md(%s): is complete, cert expires %s", job->md->name, ts); + "md(%s): no need to renew yet, cert expires %s", job->md->name, ts); } } @@ -823,8 +823,12 @@ wd->mc->notify_cmd, exit_code); } else { + if (APR_EINCOMPLETE == rv && exit_code) { + rv = 0; + } ap_log_error(APLOG_MARK, APLOG_ERR, rv, wd->s, APLOGNO(10109) - "executing configured MDNotifyCmd %s", wd->mc->notify_cmd); + "executing MDNotifyCmd %s returned %d", + wd->mc->notify_cmd, exit_code); notified = 0; } } @@ -1302,26 +1306,35 @@ const md_srv_conf_t *sc; const char *name, *data; md_reg_t *reg; + int configured; apr_status_t rv; - if (!strncmp(ACME_CHALLENGE_PREFIX, r->parsed_uri.path, sizeof(ACME_CHALLENGE_PREFIX)-1)) { - if (r->method_number == M_GET) { - - sc = ap_get_module_config(r->server->module_config, &md_module); - reg = sc && sc->mc? sc->mc->reg : NULL; + if (r->parsed_uri.path + && !strncmp(ACME_CHALLENGE_PREFIX, r->parsed_uri.path, sizeof(ACME_CHALLENGE_PREFIX)-1)) { + sc = ap_get_module_config(r->server->module_config, &md_module); + if (sc && sc->mc) { + ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, + "access inside /.well-known/acme-challenge for %s%s", + r->hostname, r->parsed_uri.path); + configured = (NULL != md_get_by_domain(sc->mc->mds, r->hostname)); name = r->parsed_uri.path + sizeof(ACME_CHALLENGE_PREFIX)-1; - - r->status = HTTP_NOT_FOUND; - if (!ap_strchr_c(name, '/') && reg) { + reg = sc && sc->mc? sc->mc->reg : NULL; + + if (strlen(name) && !ap_strchr_c(name, '/') && reg) { md_store_t *store = md_reg_store_get(reg); - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, - "Challenge for %s (%s)", r->hostname, r->uri); - + rv = md_store_load(store, MD_SG_CHALLENGES, r->hostname, MD_FN_HTTP01, MD_SV_TEXT, (void**)&data, r->pool); + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, + "loading challenge for %s (%s)", r->hostname, r->uri); if (APR_SUCCESS == rv) { apr_size_t len = strlen(data); + if (r->method_number != M_GET) { + return HTTP_NOT_IMPLEMENTED; + } + /* A GET on a challenge resource for a hostname we are + * configured for. Let's send the content back */ r->status = HTTP_OK; apr_table_setn(r->headers_out, "Content-Length", apr_ltoa(r->pool, (long)len)); @@ -1329,20 +1342,25 @@ apr_brigade_write(bb, NULL, NULL, data, len); ap_pass_brigade(r->output_filters, bb); apr_brigade_cleanup(bb); + + return DONE; + } + else if (!configured) { + /* The request hostname is not for a configured domain. We are not + * the sole authority here for /.well-known/acme-challenge (see PR62189). + * So, we decline to handle this and let others step in. + */ + return DECLINED; } else if (APR_STATUS_IS_ENOENT(rv)) { return HTTP_NOT_FOUND; } - else if (APR_ENOENT != rv) { + else { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(10081) "loading challenge %s from store", name); return HTTP_INTERNAL_SERVER_ERROR; } } - return r->status; - } - else { - return HTTP_NOT_IMPLEMENTED; } } return DECLINED; @@ -1358,7 +1376,7 @@ const char *s; int status; - if (opt_ssl_is_https + if (opt_ssl_is_https && r->parsed_uri.path && strncmp(WELL_KNOWN_PREFIX, r->parsed_uri.path, sizeof(WELL_KNOWN_PREFIX)-1)) { sc = ap_get_module_config(r->server->module_config, &md_module); diff -Nru apache2-2.4.33/modules/md/mod_md_config.c apache2-2.4.34/modules/md/mod_md_config.c --- apache2-2.4.33/modules/md/mod_md_config.c 2018-01-30 10:20:50.000000000 +0000 +++ apache2-2.4.34/modules/md/mod_md_config.c 2018-06-29 11:53:50.000000000 +0000 @@ -771,7 +771,7 @@ return apr_pstrcat(cmd->pool, "unsupported private key type \"", ptype, "\"", NULL); } -static const char *md_config_set_notify_cmd(cmd_parms *cmd, void *arg, const char *value) +static const char *md_config_set_notify_cmd(cmd_parms *cmd, void *mconfig, const char *arg) { md_srv_conf_t *sc = md_config_get(cmd->server); const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); @@ -779,8 +779,8 @@ if (err) { return err; } - sc->mc->notify_cmd = value; - (void)arg; + sc->mc->notify_cmd = arg; + (void)mconfig; return NULL; } @@ -837,8 +837,8 @@ "Time length for renewal before certificate expires (defaults to days)"), AP_INIT_TAKE1( MD_CMD_REQUIREHTTPS, md_config_set_require_https, NULL, RSRC_CONF, "Redirect non-secure requests to the https: equivalent."), - AP_INIT_TAKE1( MD_CMD_NOTIFYCMD, md_config_set_notify_cmd, NULL, RSRC_CONF, - "set the command to run when signup/renew of domain is complete."), + AP_INIT_RAW_ARGS(MD_CMD_NOTIFYCMD, md_config_set_notify_cmd, NULL, RSRC_CONF, + "set the command and optional arguments to run when signup/renew of domain is complete."), AP_INIT_TAKE1( MD_CMD_BASE_SERVER, md_config_set_base_server, NULL, RSRC_CONF, "allow managing of base server outside virtual hosts."), diff -Nru apache2-2.4.33/modules/metadata/mod_env.c apache2-2.4.34/modules/metadata/mod_env.c --- apache2-2.4.33/modules/metadata/mod_env.c 2017-05-30 12:25:13.000000000 +0000 +++ apache2-2.4.34/modules/metadata/mod_env.c 2018-07-02 12:49:16.000000000 +0000 @@ -121,7 +121,6 @@ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(10032) "Spurious usage of '=' in an environment variable name. " "'%s %s %s' expected instead?", cmd->cmd->name, env, plast); - } /* name is mandatory, value is optional. no value means diff -Nru apache2-2.4.33/modules/metadata/mod_remoteip.c apache2-2.4.34/modules/metadata/mod_remoteip.c --- apache2-2.4.33/modules/metadata/mod_remoteip.c 2018-02-14 15:32:52.000000000 +0000 +++ apache2-2.4.34/modules/metadata/mod_remoteip.c 2018-06-06 19:04:45.000000000 +0000 @@ -31,6 +31,7 @@ #define APR_WANT_BYTEFUNC #include "apr_want.h" #include "apr_network_io.h" +#include "apr_version.h" module AP_MODULE_DECLARE_DATA remoteip_module; @@ -314,6 +315,40 @@ return (addr1->port == addr2->port && apr_sockaddr_equal(addr1, addr2)); } +#if !APR_VERSION_AT_LEAST(1,5,0) +#define apr_sockaddr_is_wildcard sockaddr_is_wildcard +/* XXX: temp build fix from apr 1.5.x */ +static int sockaddr_is_wildcard(const apr_sockaddr_t *addr) +{ + static const char inaddr_any[ +#if APR_HAVE_IPV6 + sizeof(struct in6_addr) +#else + sizeof(struct in_addr) +#endif + ] = {0}; + + if (addr->ipaddr_ptr /* IP address initialized */ + && addr->ipaddr_len <= sizeof inaddr_any) { /* else bug elsewhere? */ + if (!memcmp(inaddr_any, addr->ipaddr_ptr, addr->ipaddr_len)) { + return 1; + } +#if APR_HAVE_IPV6 + if (addr->family == AF_INET6 + && IN6_IS_ADDR_V4MAPPED((struct in6_addr *)addr->ipaddr_ptr)) { + struct in_addr *v4 = (struct in_addr *)&((apr_uint32_t *)addr->ipaddr_ptr)[3]; + + if (!memcmp(inaddr_any, v4, sizeof *v4)) { + return 1; + } + } +#endif + } + return 0; +} +#endif + + /** Similar to remoteip_sockaddr_equal, except that it handles wildcard addresses * and ports too. */ @@ -457,17 +492,6 @@ return NULL; } -static int remoteip_hook_pre_config(apr_pool_t *pconf, apr_pool_t *plog, - apr_pool_t *ptemp) -{ - remoteip_config_t *config = (remoteip_config_t *) - create_remoteip_server_config(pconf, NULL); - ap_set_module_config(ap_server_conf->module_config, &remoteip_module, - config); - - return OK; -} - static int remoteip_hook_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s) { @@ -692,6 +716,9 @@ return OK; } + /* Port is not known so set it to zero; otherwise it can be misleading */ + req->useragent_addr->port = 0; + req->proxied_remote = remote; req->proxy_ips = proxy_ips; @@ -852,8 +879,13 @@ remoteip_conn_config_t *conn_conf; int i; - /* Do not attempt to manipulate slave connections */ + /* Establish master config in slave connections, so that request processing + * finds it. */ if (c->master != NULL) { + conn_conf = ap_get_module_config(c->master->conn_config, &remoteip_module); + if (conn_conf) { + ap_set_module_config(c->conn_config, &remoteip_module, conn_conf); + } return DECLINED; } @@ -1201,7 +1233,6 @@ ap_register_input_filter("REMOTEIP_INPUT", remoteip_input_filter, NULL, AP_FTYPE_CONNECTION + 7); - ap_hook_pre_config(remoteip_hook_pre_config, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_post_config(remoteip_hook_post_config, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_pre_connection(remoteip_hook_pre_connection, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_post_read_request(remoteip_modify_request, NULL, NULL, APR_HOOK_FIRST); diff -Nru apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_bybusyness.c apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_bybusyness.c --- apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_bybusyness.c 2017-09-08 14:05:38.000000000 +0000 +++ apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_bybusyness.c 2018-05-31 13:24:04.000000000 +0000 @@ -22,99 +22,36 @@ module AP_MODULE_DECLARE_DATA lbmethod_bybusyness_module; -static int (*ap_proxy_retry_worker_fn)(const char *proxy_function, - proxy_worker *worker, server_rec *s) = NULL; - -static proxy_worker *find_best_bybusyness(proxy_balancer *balancer, - request_rec *r) +static int is_best_bybusyness(proxy_worker *current, proxy_worker *prev_best, void *baton) { - int i; - proxy_worker **worker; - proxy_worker *mycandidate = NULL; - int cur_lbset = 0; - int max_lbset = 0; - int checking_standby; - int checked_standby; + int *total_factor = (int *)baton; - int total_factor = 0; + current->s->lbstatus += current->s->lbfactor; + *total_factor += current->s->lbfactor; - if (!ap_proxy_retry_worker_fn) { - ap_proxy_retry_worker_fn = - APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); - if (!ap_proxy_retry_worker_fn) { - /* can only happen if mod_proxy isn't loaded */ - return NULL; - } - } + return ( + !prev_best + || (current->s->busy < prev_best->s->busy) + || ( + (current->s->busy == prev_best->s->busy) + && (current->s->lbstatus > prev_best->s->lbstatus) + ) + ); +} - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01211) - "proxy: Entering bybusyness for BALANCER (%s)", - balancer->s->name); - - /* First try to see if we have available candidate */ - do { - - checking_standby = checked_standby = 0; - while (!mycandidate && !checked_standby) { - - worker = (proxy_worker **)balancer->workers->elts; - for (i = 0; i < balancer->workers->nelts; i++, worker++) { - if (!checking_standby) { /* first time through */ - if ((*worker)->s->lbset > max_lbset) - max_lbset = (*worker)->s->lbset; - } - if ( - ((*worker)->s->lbset != cur_lbset) || - (checking_standby ? !PROXY_WORKER_IS_STANDBY(*worker) : PROXY_WORKER_IS_STANDBY(*worker)) || - (PROXY_WORKER_IS_DRAINING(*worker)) - ) { - continue; - } - - /* If the worker is in error state run - * retry on that worker. It will be marked as - * operational if the retry timeout is elapsed. - * The worker might still be unusable, but we try - * anyway. - */ - if (!PROXY_WORKER_IS_USABLE(*worker)) { - ap_proxy_retry_worker_fn("BALANCER", *worker, r->server); - } - - /* Take into calculation only the workers that are - * not in error state or not disabled. - */ - if (PROXY_WORKER_IS_USABLE(*worker)) { - - (*worker)->s->lbstatus += (*worker)->s->lbfactor; - total_factor += (*worker)->s->lbfactor; - - if (!mycandidate - || (*worker)->s->busy < mycandidate->s->busy - || ((*worker)->s->busy == mycandidate->s->busy && (*worker)->s->lbstatus > mycandidate->s->lbstatus)) - mycandidate = *worker; - - } - - } - - checked_standby = checking_standby++; - - } - - cur_lbset++; - - } while (cur_lbset <= max_lbset && !mycandidate); - - if (mycandidate) { - mycandidate->s->lbstatus -= total_factor; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01212) - "proxy: bybusyness selected worker \"%s\" : busy %" APR_SIZE_T_FMT " : lbstatus %d", - mycandidate->s->name, mycandidate->s->busy, mycandidate->s->lbstatus); +static proxy_worker *find_best_bybusyness(proxy_balancer *balancer, + request_rec *r) +{ + int total_factor = 0; + proxy_worker *worker = + ap_proxy_balancer_get_best_worker(balancer, r, is_best_bybusyness, + &total_factor); + if (worker) { + worker->s->lbstatus -= total_factor; } - return mycandidate; + return worker; } /* assumed to be mutex protected by caller */ diff -Nru apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_byrequests.c apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_byrequests.c --- apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_byrequests.c 2017-09-08 14:05:38.000000000 +0000 +++ apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_byrequests.c 2018-05-31 13:24:04.000000000 +0000 @@ -22,8 +22,15 @@ module AP_MODULE_DECLARE_DATA lbmethod_byrequests_module; -static int (*ap_proxy_retry_worker_fn)(const char *proxy_function, - proxy_worker *worker, server_rec *s) = NULL; +static int is_best_byrequests(proxy_worker *current, proxy_worker *prev_best, void *baton) +{ + int *total_factor = (int *)baton; + + current->s->lbstatus += current->s->lbfactor; + *total_factor += current->s->lbfactor; + + return (!prev_best || (current->s->lbstatus > prev_best->s->lbstatus)); +} /* * The idea behind the find_best_byrequests scheduler is the following: @@ -70,82 +77,17 @@ * b a d c d a c d b d ... * */ - static proxy_worker *find_best_byrequests(proxy_balancer *balancer, request_rec *r) { - int i; int total_factor = 0; - proxy_worker **worker; - proxy_worker *mycandidate = NULL; - int cur_lbset = 0; - int max_lbset = 0; - int checking_standby; - int checked_standby; - - if (!ap_proxy_retry_worker_fn) { - ap_proxy_retry_worker_fn = - APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); - if (!ap_proxy_retry_worker_fn) { - /* can only happen if mod_proxy isn't loaded */ - return NULL; - } - } - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01207) - "proxy: Entering byrequests for BALANCER (%s)", - balancer->s->name); - - /* First try to see if we have available candidate */ - do { - checking_standby = checked_standby = 0; - while (!mycandidate && !checked_standby) { - worker = (proxy_worker **)balancer->workers->elts; - for (i = 0; i < balancer->workers->nelts; i++, worker++) { - if (!checking_standby) { /* first time through */ - if ((*worker)->s->lbset > max_lbset) - max_lbset = (*worker)->s->lbset; - } - if ( - ((*worker)->s->lbset != cur_lbset) || - (checking_standby ? !PROXY_WORKER_IS_STANDBY(*worker) : PROXY_WORKER_IS_STANDBY(*worker)) || - (PROXY_WORKER_IS_DRAINING(*worker)) - ) { - continue; - } - - /* If the worker is in error state run - * retry on that worker. It will be marked as - * operational if the retry timeout is elapsed. - * The worker might still be unusable, but we try - * anyway. - */ - if (!PROXY_WORKER_IS_USABLE(*worker)) - ap_proxy_retry_worker_fn("BALANCER", *worker, r->server); - /* Take into calculation only the workers that are - * not in error state or not disabled. - */ - if (PROXY_WORKER_IS_USABLE(*worker)) { - (*worker)->s->lbstatus += (*worker)->s->lbfactor; - total_factor += (*worker)->s->lbfactor; - if (!mycandidate || (*worker)->s->lbstatus > mycandidate->s->lbstatus) - mycandidate = *worker; - } - } - checked_standby = checking_standby++; - } - cur_lbset++; - } while (cur_lbset <= max_lbset && !mycandidate); - - if (mycandidate) { - mycandidate->s->lbstatus -= total_factor; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01208) - "proxy: byrequests selected worker \"%s\" : busy %" APR_SIZE_T_FMT " : lbstatus %d", - mycandidate->s->name, mycandidate->s->busy, mycandidate->s->lbstatus); + proxy_worker *worker = ap_proxy_balancer_get_best_worker(balancer, r, is_best_byrequests, &total_factor); + if (worker) { + worker->s->lbstatus -= total_factor; } - return mycandidate; + return worker; } /* assumed to be mutex protected by caller */ diff -Nru apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_bytraffic.c apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_bytraffic.c --- apache2-2.4.33/modules/proxy/balancers/mod_lbmethod_bytraffic.c 2017-09-08 14:05:38.000000000 +0000 +++ apache2-2.4.34/modules/proxy/balancers/mod_lbmethod_bytraffic.c 2018-05-31 13:24:04.000000000 +0000 @@ -22,8 +22,20 @@ module AP_MODULE_DECLARE_DATA lbmethod_bytraffic_module; -static int (*ap_proxy_retry_worker_fn)(const char *proxy_function, - proxy_worker *worker, server_rec *s) = NULL; +static int is_best_bytraffic(proxy_worker *current, proxy_worker *prev_best, void *baton) +{ + apr_off_t *min_traffic = (apr_off_t *)baton; + apr_off_t traffic = (current->s->transferred / current->s->lbfactor) + + (current->s->read / current->s->lbfactor); + + if (!prev_best || (traffic < *min_traffic)) { + *min_traffic = traffic; + + return TRUE; + } + + return FALSE; +} /* * The idea behind the find_best_bytraffic scheduler is the following: @@ -45,79 +57,10 @@ static proxy_worker *find_best_bytraffic(proxy_balancer *balancer, request_rec *r) { - int i; - apr_off_t mytraffic = 0; - apr_off_t curmin = 0; - proxy_worker **worker; - proxy_worker *mycandidate = NULL; - int cur_lbset = 0; - int max_lbset = 0; - int checking_standby; - int checked_standby; - - if (!ap_proxy_retry_worker_fn) { - ap_proxy_retry_worker_fn = - APR_RETRIEVE_OPTIONAL_FN(ap_proxy_retry_worker); - if (!ap_proxy_retry_worker_fn) { - /* can only happen if mod_proxy isn't loaded */ - return NULL; - } - } - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01209) - "proxy: Entering bytraffic for BALANCER (%s)", - balancer->s->name); - - /* First try to see if we have available candidate */ - do { - checking_standby = checked_standby = 0; - while (!mycandidate && !checked_standby) { - worker = (proxy_worker **)balancer->workers->elts; - for (i = 0; i < balancer->workers->nelts; i++, worker++) { - if (!checking_standby) { /* first time through */ - if ((*worker)->s->lbset > max_lbset) - max_lbset = (*worker)->s->lbset; - } - if ( - ((*worker)->s->lbset != cur_lbset) || - (checking_standby ? !PROXY_WORKER_IS_STANDBY(*worker) : PROXY_WORKER_IS_STANDBY(*worker)) || - (PROXY_WORKER_IS_DRAINING(*worker)) - ) { - continue; - } - - /* If the worker is in error state run - * retry on that worker. It will be marked as - * operational if the retry timeout is elapsed. - * The worker might still be unusable, but we try - * anyway. - */ - if (!PROXY_WORKER_IS_USABLE(*worker)) - ap_proxy_retry_worker_fn("BALANCER", *worker, r->server); - /* Take into calculation only the workers that are - * not in error state or not disabled. - */ - if (PROXY_WORKER_IS_USABLE(*worker)) { - mytraffic = ((*worker)->s->transferred/(*worker)->s->lbfactor) + - ((*worker)->s->read/(*worker)->s->lbfactor); - if (!mycandidate || mytraffic < curmin) { - mycandidate = *worker; - curmin = mytraffic; - } - } - } - checked_standby = checking_standby++; - } - cur_lbset++; - } while (cur_lbset <= max_lbset && !mycandidate); - - if (mycandidate) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(01210) - "proxy: bytraffic selected worker \"%s\" : busy %" APR_SIZE_T_FMT, - mycandidate->s->name, mycandidate->s->busy); - } + apr_off_t min_traffic = 0; - return mycandidate; + return ap_proxy_balancer_get_best_worker(balancer, r, is_best_bytraffic, + &min_traffic); } /* assumed to be mutex protected by caller */ diff -Nru apache2-2.4.33/modules/proxy/config.m4 apache2-2.4.34/modules/proxy/config.m4 --- apache2-2.4.33/modules/proxy/config.m4 2018-02-13 22:38:48.000000000 +0000 +++ apache2-2.4.34/modules/proxy/config.m4 2018-05-29 21:06:49.000000000 +0000 @@ -70,7 +70,7 @@ APACHE_MODULE(proxy_express, mass reverse-proxy module. Requires --enable-proxy., , , most, , proxy) APACHE_MODULE(proxy_hcheck, [reverse-proxy health-check module. Requires --enable-proxy and --enable-watchdog.], , , most, , [proxy,watchdog]) -APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) +APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current -I\$(top_srcdir)/modules/http2]) module_selection=$save_module_selection module_default=$save_module_default diff -Nru apache2-2.4.33/modules/proxy/mod_proxy_balancer.c apache2-2.4.34/modules/proxy/mod_proxy_balancer.c --- apache2-2.4.33/modules/proxy/mod_proxy_balancer.c 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy_balancer.c 2018-07-02 20:26:52.000000000 +0000 @@ -908,7 +908,7 @@ continue; } if (conf->bal_persist) { - type = AP_SLOTMEM_TYPE_PERSIST; + type = AP_SLOTMEM_TYPE_PERSIST | AP_SLOTMEM_TYPE_CLEARINUSE; } else { type = 0; } @@ -1237,6 +1237,9 @@ if ((val = apr_table_get(params, "w_status_H"))) { ap_proxy_set_wstatus(PROXY_WORKER_HOT_STANDBY_FLAG, atoi(val), wsel); } + if ((val = apr_table_get(params, "w_status_R"))) { + ap_proxy_set_wstatus(PROXY_WORKER_HOT_SPARE_FLAG, atoi(val), wsel); + } if ((val = apr_table_get(params, "w_status_S"))) { ap_proxy_set_wstatus(PROXY_WORKER_STOPPED_FLAG, atoi(val), wsel); } @@ -1763,7 +1766,8 @@ "Ignore Errors" "Draining Mode" "Disabled" - "Hot Standby", r); + "Hot Standby" + "Hot Spare", r); if (hc_show_exprs_f) { ap_rputs("HC Fail", r); } @@ -1772,6 +1776,7 @@ create_radio("w_status_N", (PROXY_WORKER_IS(wsel, PROXY_WORKER_DRAIN)), r); create_radio("w_status_D", (PROXY_WORKER_IS(wsel, PROXY_WORKER_DISABLED)), r); create_radio("w_status_H", (PROXY_WORKER_IS(wsel, PROXY_WORKER_HOT_STANDBY)), r); + create_radio("w_status_R", (PROXY_WORKER_IS(wsel, PROXY_WORKER_HOT_SPARE)), r); if (hc_show_exprs_f) { create_radio("w_status_C", (PROXY_WORKER_IS(wsel, PROXY_WORKER_HC_FAIL)), r); } diff -Nru apache2-2.4.33/modules/proxy/mod_proxy.c apache2-2.4.34/modules/proxy/mod_proxy.c --- apache2-2.4.33/modules/proxy/mod_proxy.c 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy.c 2018-06-22 10:04:49.000000000 +0000 @@ -68,6 +68,7 @@ {PROXY_WORKER_STOPPED, PROXY_WORKER_STOPPED_FLAG, "Stop "}, {PROXY_WORKER_IN_ERROR, PROXY_WORKER_IN_ERROR_FLAG, "Err "}, {PROXY_WORKER_HOT_STANDBY, PROXY_WORKER_HOT_STANDBY_FLAG, "Stby "}, + {PROXY_WORKER_HOT_SPARE, PROXY_WORKER_HOT_SPARE_FLAG, "Spar "}, {PROXY_WORKER_FREE, PROXY_WORKER_FREE_FLAG, "Free "}, {PROXY_WORKER_HC_FAIL, PROXY_WORKER_HC_FAIL_FLAG, "HcFl "}, {0x0, '\0', NULL} @@ -318,6 +319,14 @@ (int)sizeof(worker->s->upgrade)); } } + else if (!strcasecmp(key, "responsefieldsize")) { + long s = atol(val); + if (s < 0) { + return "ResponseFieldSize must be greater than 0 bytes, or 0 for system default."; + } + worker->s->response_field_size = (s ? s : HUGE_STRING_LEN); + worker->s->response_field_size_set = 1; + } else { if (set_worker_hc_param_f) { return set_worker_hc_param_f(p, s, worker, key, val, NULL); diff -Nru apache2-2.4.33/modules/proxy/mod_proxy.dsp apache2-2.4.34/modules/proxy/mod_proxy.dsp --- apache2-2.4.33/modules/proxy/mod_proxy.dsp 2007-01-11 05:37:20.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy.dsp 2018-05-29 21:06:49.000000000 +0000 @@ -43,7 +43,7 @@ # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" # ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fd"Release\mod_proxy_src" /FD /c +# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../ssl" /I "../http2" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fd"Release\mod_proxy_src" /FD /c # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 # ADD BASE RSC /l 0x809 /d "NDEBUG" @@ -75,7 +75,7 @@ # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" # ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fd"Debug\mod_proxy_src" /FD /c +# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../ssl" /I "../http2" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fd"Debug\mod_proxy_src" /FD /c # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 # ADD BASE RSC /l 0x809 /d "_DEBUG" diff -Nru apache2-2.4.33/modules/proxy/mod_proxy.h apache2-2.4.34/modules/proxy/mod_proxy.h --- apache2-2.4.33/modules/proxy/mod_proxy.h 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy.h 2018-06-22 10:04:49.000000000 +0000 @@ -307,6 +307,7 @@ #define PROXY_WORKER_HOT_STANDBY 0x0100 #define PROXY_WORKER_FREE 0x0200 #define PROXY_WORKER_HC_FAIL 0x0400 +#define PROXY_WORKER_HOT_SPARE 0x0800 /* worker status flags */ #define PROXY_WORKER_INITIALIZED_FLAG 'O' @@ -320,6 +321,7 @@ #define PROXY_WORKER_HOT_STANDBY_FLAG 'H' #define PROXY_WORKER_FREE_FLAG 'F' #define PROXY_WORKER_HC_FAIL_FLAG 'C' +#define PROXY_WORKER_HOT_SPARE_FLAG 'R' #define PROXY_WORKER_NOT_USABLE_BITMAP ( PROXY_WORKER_IN_SHUTDOWN | \ PROXY_WORKER_DISABLED | PROXY_WORKER_STOPPED | PROXY_WORKER_IN_ERROR | \ @@ -330,6 +332,8 @@ #define PROXY_WORKER_IS_STANDBY(f) ( (f)->s->status & PROXY_WORKER_HOT_STANDBY ) +#define PROXY_WORKER_IS_SPARE(f) ( (f)->s->status & PROXY_WORKER_HOT_SPARE ) + #define PROXY_WORKER_IS_USABLE(f) ( ( !( (f)->s->status & PROXY_WORKER_NOT_USABLE_BITMAP) ) && \ PROXY_WORKER_IS_INITIALIZED(f) ) @@ -447,6 +451,8 @@ apr_interval_time_t interval; char upgrade[PROXY_WORKER_MAX_SCHEME_SIZE];/* upgrade protocol used by mod_proxy_wstunnel */ char hostname_ex[PROXY_RFC1035_HOSTNAME_SIZE]; /* RFC1035 compliant version of the remote backend address */ + apr_size_t response_field_size; /* Size of proxy response buffer in bytes. */ + unsigned int response_field_size_set:1; } proxy_worker_shared; #define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared))) @@ -824,6 +830,23 @@ server_rec *s, apr_pool_t *p); +typedef int (proxy_is_best_callback_fn_t)(proxy_worker *current, proxy_worker *prev_best, void *baton); + +/** + * Retrieve the best worker in a balancer for the current request + * @param balancer balancer for which to find the best worker + * @param r current request record + * @param is_best a callback function provide by the lbmethod + * that determines if the current worker is best + * @param baton an lbmethod-specific context pointer (baton) + * passed to the is_best callback + * @return the best worker to be used for the request + */ +PROXY_DECLARE(proxy_worker *) ap_proxy_balancer_get_best_worker(proxy_balancer *balancer, + request_rec *r, + proxy_is_best_callback_fn_t *is_best, + void *baton); + /** * Find the shm of the worker as needed * @param storage slotmem provider diff -Nru apache2-2.4.33/modules/proxy/mod_proxy_hcheck.c apache2-2.4.34/modules/proxy/mod_proxy_hcheck.c --- apache2-2.4.33/modules/proxy/mod_proxy_hcheck.c 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy_hcheck.c 2018-07-02 12:49:16.000000000 +0000 @@ -53,7 +53,6 @@ typedef struct { apr_pool_t *p; - apr_bucket_alloc_t *ba; apr_array_header_t *templates; apr_table_t *conditions; apr_hash_t *hcworkers; @@ -81,7 +80,7 @@ sctx_t *ctx = apr_pcalloc(p, sizeof(sctx_t)); ctx->s = s; apr_pool_create(&ctx->p, p); - ctx->ba = apr_bucket_alloc_create(p); + apr_pool_tag(ctx->p, "proxy_hcheck"); ctx->templates = apr_array_make(p, 10, sizeof(hc_template_t)); ctx->conditions = apr_table_make(p, 10); ctx->hcworkers = apr_hash_make(p); diff -Nru apache2-2.4.33/modules/proxy/mod_proxy_http.c apache2-2.4.34/modules/proxy/mod_proxy_http.c --- apache2-2.4.33/modules/proxy/mod_proxy_http.c 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy_http.c 2018-06-22 10:04:49.000000000 +0000 @@ -28,6 +28,9 @@ request_rec *r, proxy_conn_rec *backend); +static apr_status_t ap_proxygetline(apr_bucket_brigade *bb, char *s, int n, + request_rec *r, int flags, int *read); + /* * Canonicalise http-like URLs. * scheme is the scheme for the URL @@ -1028,11 +1031,12 @@ { int len; char *value, *end; - char field[MAX_STRING_LEN]; int saw_headers = 0; void *sconf = r->server->module_config; proxy_server_conf *psc; proxy_dir_conf *dconf; + apr_status_t rc; + apr_bucket_brigade *tmp_bb; dconf = ap_get_module_config(r->per_dir_config, &proxy_module); psc = (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module); @@ -1047,8 +1051,29 @@ */ ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "Headers received from backend:"); - while ((len = ap_getline(buffer, size, rr, 1)) > 0) { - ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer); + + tmp_bb = apr_brigade_create(r->pool, c->bucket_alloc); + while (1) { + rc = ap_proxygetline(tmp_bb, buffer, size, rr, + AP_GETLINE_FOLD | AP_GETLINE_NOSPC_EOL, &len); + + if (len <= 0) + break; + + if (APR_STATUS_IS_ENOSPC(rc)) { + /* The header could not fit in the provided buffer, warn. + * XXX: falls through with the truncated header, 5xx instead? + */ + int trunc = (len > 128 ? 128 : len) / 2; + ap_log_rerror(APLOG_MARK, APLOG_WARNING, rc, r, APLOGNO(10124) + "header size is over the limit allowed by " + "ResponseFieldSize (%d bytes). " + "Bad response header: '%.*s[...]%s'", + size, trunc, buffer, buffer + len - trunc); + } + else { + ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer); + } if (!(value = strchr(buffer, ':'))) { /* Find the colon separator */ @@ -1116,16 +1141,6 @@ */ process_proxy_header(r, dconf, buffer, value); saw_headers = 1; - - /* the header was too long; at the least we should skip extra data */ - if (len >= size - 1) { - while ((len = ap_getline(field, MAX_STRING_LEN, rr, 1)) - >= MAX_STRING_LEN - 1) { - /* soak up the extra data */ - } - if (len == 0) /* time to exit the larger loop as well */ - break; - } } } @@ -1137,23 +1152,19 @@ return 1; } -static -apr_status_t ap_proxygetline(apr_bucket_brigade *bb, char *s, int n, request_rec *r, - int fold, int *writen) +static apr_status_t ap_proxygetline(apr_bucket_brigade *bb, char *s, int n, + request_rec *r, int flags, int *read) { - char *tmp_s = s; apr_status_t rv; apr_size_t len; - rv = ap_rgetline(&tmp_s, n, &len, r, fold, bb); + rv = ap_rgetline(&s, n, &len, r, flags, bb); apr_brigade_cleanup(bb); - if (rv == APR_SUCCESS) { - *writen = (int) len; - } else if (APR_STATUS_IS_ENOSPC(rv)) { - *writen = n; + if (rv == APR_SUCCESS || APR_STATUS_IS_ENOSPC(rv)) { + *read = (int)len; } else { - *writen = -1; + *read = -1; } return rv; @@ -1184,7 +1195,8 @@ proxy_server_conf *conf, char *server_portstr) { conn_rec *c = r->connection; - char buffer[HUGE_STRING_LEN]; + char *buffer; + char fixed_buffer[HUGE_STRING_LEN]; const char *buf; char keepchar; apr_bucket *e; @@ -1193,6 +1205,7 @@ int len, backasswards; int interim_response = 0; /* non-zero whilst interim 1xx responses * are being read. */ + apr_size_t response_field_size = 0; int pread_len = 0; apr_table_t *save_table; int backend_broke = 0; @@ -1220,6 +1233,20 @@ bb = apr_brigade_create(p, c->bucket_alloc); pass_bb = apr_brigade_create(p, c->bucket_alloc); + /* Only use dynamically sized buffer if user specifies ResponseFieldSize */ + if(backend->worker->s->response_field_size_set) { + response_field_size = backend->worker->s->response_field_size; + + if (response_field_size != HUGE_STRING_LEN) + buffer = apr_pcalloc(p, response_field_size); + else + buffer = fixed_buffer; + } + else { + response_field_size = HUGE_STRING_LEN; + buffer = fixed_buffer; + } + /* Setup for 100-Continue timeout if appropriate */ if (do_100_continue) { apr_socket_timeout_get(backend->sock, &old_timeout); @@ -1249,11 +1276,11 @@ apr_brigade_cleanup(bb); - rc = ap_proxygetline(backend->tmp_bb, buffer, sizeof(buffer), + rc = ap_proxygetline(backend->tmp_bb, buffer, response_field_size, backend->r, 0, &len); if (len == 0) { /* handle one potential stray CRLF */ - rc = ap_proxygetline(backend->tmp_bb, buffer, sizeof(buffer), + rc = ap_proxygetline(backend->tmp_bb, buffer, response_field_size, backend->r, 0, &len); } if (len <= 0) { @@ -1342,7 +1369,7 @@ /* If not an HTTP/1 message or * if the status line was > 8192 bytes */ - if ((major != 1) || (len >= sizeof(buffer)-1)) { + if ((major != 1) || (len >= response_field_size - 1)) { return ap_proxyerror(r, HTTP_BAD_GATEWAY, apr_pstrcat(p, "Corrupt status line returned by remote " "server: ", buffer, NULL)); @@ -1385,7 +1412,7 @@ "Set-Cookie", NULL); /* shove the headers direct into r->headers_out */ - ap_proxy_read_headers(r, backend->r, buffer, sizeof(buffer), origin, + ap_proxy_read_headers(r, backend->r, buffer, response_field_size, origin, &pread_len); if (r->headers_out == NULL) { diff -Nru apache2-2.4.33/modules/proxy/mod_proxy.mak apache2-2.4.34/modules/proxy/mod_proxy.mak --- apache2-2.4.33/modules/proxy/mod_proxy.mak 2016-04-07 15:04:27.000000000 +0000 +++ apache2-2.4.34/modules/proxy/mod_proxy.mak 2018-06-01 18:57:21.000000000 +0000 @@ -63,7 +63,7 @@ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" CPP=cl.exe -CPP_PROJ=/nologo /MD /W3 /Zi /O2 /Oy- /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_src" /FD /c +CPP_PROJ=/nologo /MD /W3 /Zi /O2 /Oy- /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /I "../http2" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_src" /FD /c .c{$(INTDIR)}.obj:: $(CPP) @<< @@ -169,7 +169,7 @@ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" CPP=cl.exe -CPP_PROJ=/nologo /MDd /W3 /Zi /Od /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_src" /FD /EHsc /c +CPP_PROJ=/nologo /MDd /W3 /Zi /Od /I "../ssl" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /I "../generators" /I "../http2" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "PROXY_DECLARE_EXPORT" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_src" /FD /EHsc /c .c{$(INTDIR)}.obj:: $(CPP) @<< diff -Nru apache2-2.4.33/modules/proxy/proxy_util.c apache2-2.4.34/modules/proxy/proxy_util.c --- apache2-2.4.33/modules/proxy/proxy_util.c 2018-02-16 15:04:41.000000000 +0000 +++ apache2-2.4.34/modules/proxy/proxy_util.c 2018-07-05 19:20:20.000000000 +0000 @@ -24,6 +24,8 @@ #include "ajp.h" #include "scgi.h" +#include "mod_http2.h" /* for http2_get_num_workers() */ + #if APR_HAVE_UNISTD_H #include /* for getpid() */ #endif @@ -66,6 +68,7 @@ static int proxy_match_domainname(struct dirconn_entry *This, request_rec *r); static int proxy_match_hostname(struct dirconn_entry *This, request_rec *r); static int proxy_match_word(struct dirconn_entry *This, request_rec *r); +static int ap_proxy_retry_worker(const char *proxy_function, proxy_worker *worker, server_rec *s); APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(proxy, PROXY, int, create_req, (request_rec *r, request_rec *pr), (r, pr), @@ -956,7 +959,7 @@ int i; int ddiff = 0; int pdiff = 0; - char *ret; + char *tmpstr, *tmpstr_orig, *token, *last, *ret; if (r->proxyreq != PROXYREQ_REVERSE) { return str; @@ -966,48 +969,56 @@ * Find the match and replacement, but save replacing until we've done * both path and domain so we know the new strlen */ - if ((pathp = apr_strmatch(ap_proxy_strmatch_path, str, len)) != NULL) { - pathp += 5; - poffs = pathp - str; - pathe = ap_strchr_c(pathp, ';'); - l1 = pathe ? (pathe - pathp) : strlen(pathp); - pathe = pathp + l1 ; - if (conf->interpolate_env == 1) { - ent = (struct proxy_alias *)rconf->cookie_paths->elts; - } - else { - ent = (struct proxy_alias *)conf->cookie_paths->elts; + tmpstr_orig = tmpstr = apr_pstrdup(r->pool, str); + while ((token = apr_strtok(tmpstr, ";", &last))) { + /* skip leading spaces */ + while (apr_isspace(*token)) { + ++token; } - for (i = 0; i < conf->cookie_paths->nelts; i++) { - l2 = strlen(ent[i].fake); - if (l1 >= l2 && strncmp(ent[i].fake, pathp, l2) == 0) { - newpath = ent[i].real; - pdiff = strlen(newpath) - l1; - break; - } - } - } - if ((domainp = apr_strmatch(ap_proxy_strmatch_domain, str, len)) != NULL) { - domainp += 7; - doffs = domainp - str; - domaine = ap_strchr_c(domainp, ';'); - l1 = domaine ? (domaine - domainp) : strlen(domainp); - domaine = domainp + l1; - if (conf->interpolate_env == 1) { - ent = (struct proxy_alias *)rconf->cookie_domains->elts; - } - else { - ent = (struct proxy_alias *)conf->cookie_domains->elts; + if (ap_cstr_casecmpn("path=", token, 5) == 0) { + pathp = token + 5; + poffs = pathp - tmpstr_orig; + l1 = strlen(pathp); + pathe = str + poffs + l1; + if (conf->interpolate_env == 1) { + ent = (struct proxy_alias *)rconf->cookie_paths->elts; + } + else { + ent = (struct proxy_alias *)conf->cookie_paths->elts; + } + for (i = 0; i < conf->cookie_paths->nelts; i++) { + l2 = strlen(ent[i].fake); + if (l1 >= l2 && strncmp(ent[i].fake, pathp, l2) == 0) { + newpath = ent[i].real; + pdiff = strlen(newpath) - l1; + break; + } + } } - for (i = 0; i < conf->cookie_domains->nelts; i++) { - l2 = strlen(ent[i].fake); - if (l1 >= l2 && strncasecmp(ent[i].fake, domainp, l2) == 0) { - newdomain = ent[i].real; - ddiff = strlen(newdomain) - l1; - break; + else if (ap_cstr_casecmpn("domain=", token, 7) == 0) { + domainp = token + 7; + doffs = domainp - tmpstr_orig; + l1 = strlen(domainp); + domaine = str + doffs + l1; + if (conf->interpolate_env == 1) { + ent = (struct proxy_alias *)rconf->cookie_domains->elts; + } + else { + ent = (struct proxy_alias *)conf->cookie_domains->elts; + } + for (i = 0; i < conf->cookie_domains->nelts; i++) { + l2 = strlen(ent[i].fake); + if (l1 >= l2 && strncasecmp(ent[i].fake, domainp, l2) == 0) { + newdomain = ent[i].real; + ddiff = strlen(newdomain) - l1; + break; + } } } + + /* Iterate the remaining tokens using apr_strtok(NULL, ...) */ + tmpstr = NULL; } if (newpath) { @@ -1018,14 +1029,14 @@ if (doffs > poffs) { memcpy(ret, str, poffs); memcpy(ret + poffs, newpath, l1); - memcpy(ret + poffs + l1, pathe, domainp - pathe); + memcpy(ret + poffs + l1, pathe, str + doffs - pathe); memcpy(ret + doffs + pdiff, newdomain, l2); strcpy(ret + doffs + pdiff + l2, domaine); } else { memcpy(ret, str, doffs) ; memcpy(ret + doffs, newdomain, l2); - memcpy(ret + doffs + l2, domaine, pathp - domaine); + memcpy(ret + doffs + l2, domaine, str + poffs - domaine); memcpy(ret + poffs + ddiff, newpath, l1); strcpy(ret + poffs + ddiff + l1, pathe); } @@ -1036,17 +1047,15 @@ strcpy(ret + poffs + l1, pathe); } } - else { - if (newdomain) { - ret = apr_palloc(r->pool, len + pdiff + ddiff + 1); + else if (newdomain) { + ret = apr_palloc(r->pool, len + ddiff + 1); l2 = strlen(newdomain); memcpy(ret, str, doffs); memcpy(ret + doffs, newdomain, l2); - strcpy(ret + doffs+l2, domaine); - } - else { - ret = (char *)str; /* no change */ - } + strcpy(ret + doffs + l2, domaine); + } + else { + ret = (char *)str; /* no change */ } return ret; @@ -1298,6 +1307,121 @@ return APR_SUCCESS; } +PROXY_DECLARE(proxy_worker *) ap_proxy_balancer_get_best_worker(proxy_balancer *balancer, + request_rec *r, + proxy_is_best_callback_fn_t *is_best, + void *baton) +{ + int i = 0; + int cur_lbset = 0; + int max_lbset = 0; + int unusable_workers = 0; + apr_pool_t *tpool = NULL; + apr_array_header_t *spares = NULL; + apr_array_header_t *standbys = NULL; + proxy_worker *worker = NULL; + proxy_worker *best_worker = NULL; + + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(10122) + "proxy: Entering %s for BALANCER (%s)", + balancer->lbmethod->name, balancer->s->name); + + apr_pool_create(&tpool, r->pool); + + spares = apr_array_make(tpool, 1, sizeof(proxy_worker*)); + standbys = apr_array_make(tpool, 1, sizeof(proxy_worker*)); + + /* Process lbsets in order, only replacing unusable workers in a given lbset + * with available spares from the same lbset. Hot standbys will be used as a + * last resort when all other workers and spares are unavailable. + */ + for (cur_lbset = 0; !best_worker && (cur_lbset <= max_lbset); cur_lbset++) { + unusable_workers = 0; + apr_array_clear(spares); + apr_array_clear(standbys); + + for (i = 0; i < balancer->workers->nelts; i++) { + worker = APR_ARRAY_IDX(balancer->workers, i, proxy_worker *); + + if (worker->s->lbset > max_lbset) { + max_lbset = worker->s->lbset; + } + + if (worker->s->lbset != cur_lbset) { + continue; + } + + /* A draining worker that is neither a spare nor a standby should be + * considered unusable to be replaced by spares. + */ + if (PROXY_WORKER_IS_DRAINING(worker)) { + if (!PROXY_WORKER_IS_SPARE(worker) && !PROXY_WORKER_IS_STANDBY(worker)) { + unusable_workers++; + } + + continue; + } + + /* If the worker is in error state run retry on that worker. It will + * be marked as operational if the retry timeout is elapsed. The + * worker might still be unusable, but we try anyway. + */ + if (!PROXY_WORKER_IS_USABLE(worker)) { + ap_proxy_retry_worker("BALANCER", worker, r->server); + } + + if (PROXY_WORKER_IS_SPARE(worker)) { + if (PROXY_WORKER_IS_USABLE(worker)) { + APR_ARRAY_PUSH(spares, proxy_worker *) = worker; + } + } + else if (PROXY_WORKER_IS_STANDBY(worker)) { + if (PROXY_WORKER_IS_USABLE(worker)) { + APR_ARRAY_PUSH(standbys, proxy_worker *) = worker; + } + } + else if (PROXY_WORKER_IS_USABLE(worker)) { + if (is_best(worker, best_worker, baton)) { + best_worker = worker; + } + } + else { + unusable_workers++; + } + } + + /* Check if any spares are best. */ + for (i = 0; (i < spares->nelts) && (i < unusable_workers); i++) { + worker = APR_ARRAY_IDX(spares, i, proxy_worker *); + + if (is_best(worker, best_worker, baton)) { + best_worker = worker; + } + } + + /* If no workers are available, use the standbys. */ + if (!best_worker) { + for (i = 0; i < standbys->nelts; i++) { + worker = APR_ARRAY_IDX(standbys, i, proxy_worker *); + + if (is_best(worker, best_worker, baton)) { + best_worker = worker; + } + } + } + } + + apr_pool_destroy(tpool); + + if (best_worker) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, APLOGNO(10123) + "proxy: %s selected worker \"%s\" : busy %" APR_SIZE_T_FMT " : lbstatus %d", + balancer->lbmethod->name, best_worker->s->name, best_worker->s->busy, best_worker->s->lbstatus); + } + + return best_worker; +} + /* * CONNECTION related... */ @@ -1770,8 +1894,9 @@ PROXY_DECLARE(apr_status_t) ap_proxy_initialize_worker(proxy_worker *worker, server_rec *s, apr_pool_t *p) { + APR_OPTIONAL_FN_TYPE(http2_get_num_workers) *get_h2_num_workers; apr_status_t rv = APR_SUCCESS; - int mpm_threads; + int max_threads, minw, maxw; if (worker->s->status & PROXY_WORKER_INITIALIZED) { /* The worker is already initialized */ @@ -1795,11 +1920,26 @@ worker->s->is_address_reusable = 1; } - ap_mpm_query(AP_MPMQ_MAX_THREADS, &mpm_threads); - if (mpm_threads > 1) { - /* Set hard max to no more then mpm_threads */ - if (worker->s->hmax == 0 || worker->s->hmax > mpm_threads) { - worker->s->hmax = mpm_threads; + /* + * When mod_http2 is loaded we might have more threads since it has + * its own pool of processing threads. + */ + ap_mpm_query(AP_MPMQ_MAX_THREADS, &max_threads); + get_h2_num_workers = APR_RETRIEVE_OPTIONAL_FN(http2_get_num_workers); + if (get_h2_num_workers) { + get_h2_num_workers(s, &minw, &maxw); + /* So now the max is: + * max_threads-1 threads for HTTP/1 each requiring one connection + * + one thread for HTTP/2 requiring maxw connections + */ + max_threads = max_threads - 1 + maxw; + } + if (max_threads > 1) { + /* Default hmax is max_threads to scale with the load and never + * wait for an idle connection to proceed. + */ + if (worker->s->hmax == 0) { + worker->s->hmax = max_threads; } if (worker->s->smax == -1 || worker->s->smax > worker->s->hmax) { worker->s->smax = worker->s->hmax; @@ -3728,6 +3868,8 @@ {"scgi", SCGI_DEF_PORT}, {"h2c", DEFAULT_HTTP_PORT}, {"h2", DEFAULT_HTTPS_PORT}, + {"ws", DEFAULT_HTTP_PORT}, + {"wss", DEFAULT_HTTPS_PORT}, { NULL, 0xFFFF } /* unknown port */ }; diff -Nru apache2-2.4.33/modules/slotmem/mod_slotmem_shm.c apache2-2.4.34/modules/slotmem/mod_slotmem_shm.c --- apache2-2.4.33/modules/slotmem/mod_slotmem_shm.c 2018-03-15 23:15:49.000000000 +0000 +++ apache2-2.4.34/modules/slotmem/mod_slotmem_shm.c 2018-07-02 20:26:52.000000000 +0000 @@ -25,7 +25,7 @@ #include "httpd.h" #include "http_main.h" -#include "http_core.h" +#include "ap_mpm.h" /* for ap_mpm_query() */ #define AP_SLOTMEM_IS_PREGRAB(t) (t->desc->type & AP_SLOTMEM_TYPE_PREGRAB) #define AP_SLOTMEM_IS_PERSIST(t) (t->desc->type & AP_SLOTMEM_TYPE_PERSIST) @@ -47,7 +47,7 @@ int fbased; /* filebased? */ void *shm; /* ptr to memory segment (apr_shm_t *) */ void *base; /* data set start */ - apr_pool_t *pool; /* per segment pool (generation cleared) */ + apr_pool_t *gpool; /* per segment pool (generation cleared) */ char *inuse; /* in-use flag table*/ unsigned int *num_free; /* slot free count for this instance */ void *persist; /* persist dataset start */ @@ -68,10 +68,8 @@ * |_____________________ File (mem->persist + [meta]) __| */ - /* global pool and list of slotmem we are handling */ -static struct ap_slotmem_instance_t *globallistmem = NULL, - **retained_globallistmem = NULL; +static struct ap_slotmem_instance_t *globallistmem = NULL; static apr_pool_t *gpool = NULL; #define DEFAULT_SLOTMEM_PREFIX "slotmem-shm-" @@ -95,9 +93,11 @@ if (slotname && *slotname && strcasecmp(slotname, "none") != 0) { if (slotname[0] != '/') { - fname = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, - slotname, DEFAULT_SLOTMEM_SUFFIX, - NULL); + /* Each generation needs its own file name. */ + int generation = 0; + ap_mpm_query(AP_MPMQ_GENERATION, &generation); + fname = apr_psprintf(pool, "%s%s_%x%s", DEFAULT_SLOTMEM_PREFIX, + slotname, generation, DEFAULT_SLOTMEM_SUFFIX); fname = ap_runtime_dir_relative(pool, fname); } else { @@ -108,9 +108,19 @@ } if (persistname) { - pname = apr_pstrcat(pool, fname, - DEFAULT_SLOTMEM_PERSIST_SUFFIX, - NULL); + /* Persisted file names are immutable... */ + if (slotname[0] != '/') { + pname = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, + slotname, DEFAULT_SLOTMEM_SUFFIX, + DEFAULT_SLOTMEM_PERSIST_SUFFIX, + NULL); + pname = ap_runtime_dir_relative(pool, pname); + } + else { + pname = apr_pstrcat(pool, slotname, + DEFAULT_SLOTMEM_PERSIST_SUFFIX, + NULL); + } } } @@ -153,11 +163,11 @@ if (storename) { rv = apr_file_open(&fp, storename, APR_CREATE | APR_READ | APR_WRITE, - APR_OS_DEFAULT, slotmem->pool); + APR_OS_DEFAULT, slotmem->gpool); if (APR_STATUS_IS_EEXIST(rv)) { - apr_file_remove(storename, slotmem->pool); + apr_file_remove(storename, slotmem->gpool); rv = apr_file_open(&fp, storename, APR_CREATE | APR_READ | APR_WRITE, - APR_OS_DEFAULT, slotmem->pool); + APR_OS_DEFAULT, slotmem->gpool); } if (rv != APR_SUCCESS) { return; @@ -178,7 +188,7 @@ } apr_file_close(fp); if (rv != APR_SUCCESS) { - apr_file_remove(storename, slotmem->pool); + apr_file_remove(storename, slotmem->gpool); } } } @@ -190,8 +200,7 @@ apr_file_t *fp; apr_status_t rv = APR_ENOTIMPL; void *ptr = (char *)desc + AP_SLOTMEM_OFFSET; - apr_size_t dsize = size - AP_SLOTMEM_OFFSET; - apr_size_t nbytes = dsize; + apr_size_t nbytes = size - AP_SLOTMEM_OFFSET; unsigned char digest[APR_MD5_DIGESTSIZE]; unsigned char digest2[APR_MD5_DIGESTSIZE]; char desc_buf[AP_SLOTMEM_OFFSET]; @@ -203,18 +212,16 @@ rv = apr_file_open(&fp, storename, APR_READ | APR_WRITE, APR_OS_DEFAULT, pool); if (rv == APR_SUCCESS) { - rv = apr_file_read(fp, ptr, &nbytes); - if ((rv == APR_SUCCESS || rv == APR_EOF) && nbytes == dsize) { + rv = apr_file_read_full(fp, ptr, nbytes, NULL); + if (rv == APR_SUCCESS || rv == APR_EOF) { rv = APR_SUCCESS; /* for successful return @ EOF */ /* * if at EOF, don't bother checking md5 * - backwards compatibility * */ if (apr_file_eof(fp) != APR_EOF) { - apr_size_t ds = APR_MD5_DIGESTSIZE; - rv = apr_file_read(fp, digest, &ds); - if ((rv == APR_SUCCESS || rv == APR_EOF) - && ds == APR_MD5_DIGESTSIZE) { + rv = apr_file_read_full(fp, digest, APR_MD5_DIGESTSIZE, NULL); + if (rv == APR_SUCCESS || rv == APR_EOF) { apr_md5(digest2, ptr, nbytes); if (memcmp(digest, digest2, APR_MD5_DIGESTSIZE)) { rv = APR_EMISMATCH; @@ -224,18 +231,16 @@ * - backwards compatibility * */ else if (apr_file_eof(fp) != APR_EOF) { - nbytes = sizeof(desc_buf); - rv = apr_file_read(fp, desc_buf, &nbytes); - if ((rv == APR_SUCCESS || rv == APR_EOF) - && nbytes == sizeof(desc_buf)) { - if (memcmp(desc, desc_buf, nbytes)) { + rv = apr_file_read_full(fp, desc_buf, sizeof(desc_buf), NULL); + if (rv == APR_SUCCESS || rv == APR_EOF) { + if (memcmp(desc, desc_buf, sizeof(desc_buf))) { rv = APR_EMISMATCH; } else { rv = APR_SUCCESS; } } - else if (rv == APR_SUCCESS || rv == APR_EOF) { + else { rv = APR_INCOMPLETE; } } @@ -243,7 +248,7 @@ rv = APR_EOF; } } - else if (rv == APR_SUCCESS || rv == APR_EOF) { + else { rv = APR_INCOMPLETE; } } @@ -261,7 +266,7 @@ rv = APR_SUCCESS; } } - else if (rv == APR_SUCCESS || rv == APR_EOF) { + else { rv = APR_INCOMPLETE; } if (rv == APR_INCOMPLETE) { @@ -287,51 +292,21 @@ #endif } -static apr_status_t cleanup_slotmem(void *is_startup) +static apr_status_t cleanup_slotmem(void *param) { - int is_exiting = (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_EXITING); - ap_slotmem_instance_t *mem; + int is_child = is_child_process(); + ap_slotmem_instance_t *next = globallistmem; - if (is_child_process()) { - /* No reuse/retained data from here, let pconf cleanup everything */ - *retained_globallistmem = globallistmem = NULL; - return APR_SUCCESS; - } - - /* When in startup/pre-config's cleanup, the retained data and global pool - * are not used yet, but the SHMs contents were untouched hence they don't - * need to be persisted, simply unlink them. - * Otherwise when restarting or stopping we want to flush persisted data, - * and in the stopping/exiting case we also want to unlink the SHMs. - */ - for (mem = globallistmem; mem; mem = mem->next) { - int unlink; - if (is_startup) { - unlink = mem->fbased; - } - else { - if (AP_SLOTMEM_IS_PERSIST(mem)) { - store_slotmem(mem); - } - unlink = is_exiting; - } - if (unlink) { - /* Some systems may require the descriptor to be closed before - * unlink, thus call destroy() first. - */ - apr_shm_destroy(mem->shm); - apr_shm_remove(mem->name, mem->pool); - } + while (next) { + if (!is_child && AP_SLOTMEM_IS_PERSIST(next)) { + store_slotmem(next); + } + apr_shm_destroy(next->shm); + apr_shm_remove(next->name, next->gpool); + next = next->next; } - if (is_exiting) { - *retained_globallistmem = NULL; - } - else if (!is_startup) { - *retained_globallistmem = globallistmem; - } globallistmem = NULL; - return APR_SUCCESS; } @@ -361,32 +336,6 @@ return retval; } -static int check_slotmem(ap_slotmem_instance_t *mem, apr_size_t size, - apr_size_t item_size, unsigned int item_num) -{ - sharedslotdesc_t *desc; - - /* check size */ - if (apr_shm_size_get(mem->shm) != size) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(02599) - "existing shared memory for %s could not be used " - "(failed size check)", - mem->name); - return 0; - } - - desc = apr_shm_baseaddr_get(mem->shm); - if (desc->size != item_size || desc->num != item_num) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(02600) - "existing shared memory for %s could not be used " - "(failed contents check)", - mem->name); - return 0; - } - - return 1; -} - static apr_status_t slotmem_create(ap_slotmem_instance_t **new, const char *name, apr_size_t item_size, unsigned int item_num, @@ -405,33 +354,18 @@ (item_num * sizeof(char)) + basesize; int persist = (type & AP_SLOTMEM_TYPE_PERSIST) != 0; apr_status_t rv; - apr_pool_t *p; *new = NULL; - + if (gpool == NULL) { + return APR_ENOSHMAVAIL; + } if (slotmem_filenames(pool, name, &fname, persist ? &pname : NULL)) { /* first try to attach to existing slotmem */ if (next) { - ap_slotmem_instance_t *prev = NULL; for (;;) { if (strcmp(next->name, fname) == 0) { - *new = next; /* either returned here or reused finally */ - if (!check_slotmem(next, size, item_size, item_num)) { - apr_shm_destroy(next->shm); - next = next->next; - if (prev) { - prev->next = next; - } - else { - globallistmem = next; - } - if (next) { - continue; - } - next = prev; - break; - } /* we already have it */ + *new = next; ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(02603) "create found %s in global list", fname); return APR_SUCCESS; @@ -439,7 +373,6 @@ if (!next->next) { break; } - prev = next; next = next->next; } } @@ -457,11 +390,11 @@ item_num); { + /* For MPMs that run pre/post_config() phases in both the parent + * and children processes (e.g. winnt), SHMs created by the + * parent exist in the children already; attach them. + */ if (fbased) { - /* For MPMs (e.g. winnt) that run pre/post_config() phases in - * both the parent and children processes, SHMs created by the - * parent exist in the children already; only attach them. - */ if (is_child_process()) { rv = apr_shm_attach(&shm, fname, gpool); } @@ -471,7 +404,7 @@ } } else { - rv = apr_shm_create(&shm, size, NULL, pool); + rv = apr_shm_create(&shm, size, NULL, gpool); } ap_log_error(APLOG_MARK, rv == APR_SUCCESS ? APLOG_DEBUG : APLOG_ERR, rv, ap_server_conf, APLOGNO(02611) @@ -501,7 +434,7 @@ } else { /* just in case, re-zero */ - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf, + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(02554) "could not restore %s", fname); memset((char *)desc + AP_SLOTMEM_OFFSET, 0, size - AP_SLOTMEM_OFFSET); @@ -509,17 +442,12 @@ } } - p = fbased ? gpool : pool; ptr = (char *)desc + AP_SLOTMEM_OFFSET; - /* For the chained slotmem stuff (*new may be reused from above) */ - res = *new; - if (res == NULL) { - res = apr_pcalloc(p, sizeof(ap_slotmem_instance_t)); - res->name = apr_pstrdup(p, fname); - res->pname = apr_pstrdup(p, pname); - *new = res; - } + /* For the chained slotmem stuff */ + res = apr_pcalloc(gpool, sizeof(ap_slotmem_instance_t)); + res->name = apr_pstrdup(gpool, fname); + res->pname = apr_pstrdup(gpool, pname); res->fbased = fbased; res->shm = shm; res->persist = (void *)ptr; @@ -530,7 +458,7 @@ } res->base = (void *)ptr; res->desc = desc; - res->pool = pool; + res->gpool = gpool; res->next = NULL; res->inuse = ptr + basesize; if (fbased) { @@ -542,6 +470,7 @@ } } + *new = res; return APR_SUCCESS; } @@ -549,7 +478,6 @@ const char *name, apr_size_t *item_size, unsigned int *item_num, apr_pool_t *pool) { -/* void *slotmem = NULL; */ char *ptr; ap_slotmem_instance_t *res; ap_slotmem_instance_t *next = globallistmem; @@ -558,6 +486,9 @@ apr_shm_t *shm; apr_status_t rv; + if (gpool == NULL) { + return APR_ENOSHMAVAIL; + } if (!slotmem_filenames(pool, name, &fname, NULL)) { return APR_ENOSHMAVAIL; } @@ -587,7 +518,7 @@ } /* next try to attach to existing shared memory */ - rv = apr_shm_attach(&shm, fname, pool); + rv = apr_shm_attach(&shm, fname, gpool); if (rv != APR_SUCCESS) { return rv; } @@ -597,8 +528,8 @@ ptr = (char *)desc + AP_SLOTMEM_OFFSET; /* For the chained slotmem stuff */ - res = apr_pcalloc(pool, sizeof(ap_slotmem_instance_t)); - res->name = apr_pstrdup(pool, fname); + res = apr_pcalloc(gpool, sizeof(ap_slotmem_instance_t)); + res->name = apr_pstrdup(gpool, fname); res->fbased = 1; res->shm = shm; res->persist = (void *)ptr; @@ -606,7 +537,7 @@ ptr += AP_UNSIGNEDINT_OFFSET; res->base = (void *)ptr; res->desc = desc; - res->pool = pool; + res->gpool = gpool; res->inuse = ptr + (desc->size * desc->num); res->next = NULL; @@ -821,43 +752,20 @@ return (&storage); } -/* Initialize or reuse the retained slotmems list, and register the - * cleanup to make sure the persisted SHMs are stored and the retained - * data are up to date on next restart/stop. +/* + * Make sure the shared memory is cleaned */ -static int pre_config(apr_pool_t *pconf, apr_pool_t *plog, - apr_pool_t *ptemp) +static int post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, + server_rec *s) { - void *is_startup = NULL; - const char *retained_key = "mod_slotmem_shm"; - - retained_globallistmem = ap_retained_data_get(retained_key); - if (!retained_globallistmem) { - retained_globallistmem = - ap_retained_data_create(retained_key, - sizeof *retained_globallistmem); - } - globallistmem = *retained_globallistmem; - - /* For the first (dry-)loading or children in MPMs which (re-)run - * pre_config we don't need to retain slotmems, so use pconf and its - * normal cleanups. Otherwise we use ap_pglobal to match the lifetime - * of retained data and register our own cleanup to update them. - */ - if (is_child_process()) { - gpool = pconf; - } - else if (ap_state_query(AP_SQ_MAIN_STATE) != AP_SQ_MS_CREATE_PRE_CONFIG) { - gpool = ap_pglobal; - } - else { - is_startup = (void *)1; - gpool = pconf; - } - - apr_pool_cleanup_register(pconf, is_startup, cleanup_slotmem, - apr_pool_cleanup_null); + apr_pool_cleanup_register(p, NULL, cleanup_slotmem, apr_pool_cleanup_null); + return OK; +} +static int pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp) +{ + gpool = p; + globallistmem = NULL; return OK; } @@ -866,6 +774,7 @@ const ap_slotmem_provider_t *storage = slotmem_shm_getstorage(); ap_register_provider(p, AP_SLOTMEM_PROVIDER_GROUP, "shm", AP_SLOTMEM_PROVIDER_VERSION, storage); + ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_LAST); ap_hook_pre_config(pre_config, NULL, NULL, APR_HOOK_MIDDLE); } diff -Nru apache2-2.4.33/modules/ssl/mod_ssl.c apache2-2.4.34/modules/ssl/mod_ssl.c --- apache2-2.4.33/modules/ssl/mod_ssl.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/ssl/mod_ssl.c 2018-06-22 09:45:39.000000000 +0000 @@ -243,8 +243,8 @@ "request body if a per-location SSL renegotiation is required due to " "changed access control requirements") - SSL_CMD_SRV(OCSPEnable, FLAG, - "Enable use of OCSP to verify certificate revocation ('on', 'off')") + SSL_CMD_SRV(OCSPEnable, RAW_ARGS, + "Enable use of OCSP to verify certificate revocation mode ('on', 'leaf', 'off')") SSL_CMD_SRV(OCSPDefaultResponder, TAKE1, "URL of the default OCSP Responder") SSL_CMD_SRV(OCSPOverrideResponder, FLAG, diff -Nru apache2-2.4.33/modules/ssl/ssl_engine_config.c apache2-2.4.34/modules/ssl/ssl_engine_config.c --- apache2-2.4.33/modules/ssl/ssl_engine_config.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_engine_config.c 2018-06-22 09:45:39.000000000 +0000 @@ -137,8 +137,8 @@ mctx->auth.verify_depth = UNSET; mctx->auth.verify_mode = SSL_CVERIFY_UNSET; - mctx->ocsp_enabled = FALSE; - mctx->ocsp_force_default = FALSE; + mctx->ocsp_mask = UNSET; + mctx->ocsp_force_default = UNSET; mctx->ocsp_responder = NULL; mctx->ocsp_resptime_skew = UNSET; mctx->ocsp_resp_maxage = UNSET; @@ -281,7 +281,7 @@ cfgMergeInt(auth.verify_depth); cfgMerge(auth.verify_mode, SSL_CVERIFY_UNSET); - cfgMergeBool(ocsp_enabled); + cfgMergeInt(ocsp_mask); cfgMergeBool(ocsp_force_default); cfgMerge(ocsp_responder, NULL); cfgMergeInt(ocsp_resptime_skew); @@ -499,13 +499,21 @@ cfgMergeInt(nRenegBufferSize); mrg->proxy_post_config = add->proxy_post_config; - if (!add->proxy_post_config) { + if (!mrg->proxy_post_config) { cfgMergeBool(proxy_enabled); modssl_ctx_init_proxy(mrg, p); modssl_ctx_cfg_merge_proxy(p, base->proxy, add->proxy, mrg->proxy); + + /* Since ssl_proxy_section_post_config() hook won't be called if there + * is no SSLProxy* in this dir config, the ssl_ctx may still be NULL + * here at runtime. Merging it is either a no-op (NULL => NULL) because + * we are still before post config, or we really want to reuse the one + * from the upper/server context (outside of sections). + */ + cfgMerge(proxy->ssl_ctx, NULL); } else { - /* post_config hook has already merged and initialized the + /* The post_config hook has already merged and initialized the * proxy context, use it. */ mrg->proxy_enabled = add->proxy_enabled; @@ -1673,11 +1681,46 @@ return NULL; } -const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, int flag) +static const char *ssl_cmd_ocspcheck_parse(cmd_parms *parms, + const char *arg, + int *mask) { - SSLSrvConfigRec *sc = mySrvConfig(cmd->server); + const char *w; + + w = ap_getword_conf(parms->temp_pool, &arg); + if (strcEQ(w, "off")) { + *mask = SSL_OCSPCHECK_NONE; + } + else if (strcEQ(w, "leaf")) { + *mask = SSL_OCSPCHECK_LEAF; + } + else if (strcEQ(w, "on")) { + *mask = SSL_OCSPCHECK_CHAIN; + } + else { + return apr_pstrcat(parms->temp_pool, parms->cmd->name, + ": Invalid argument '", w, "'", + NULL); + } + + while (*arg) { + w = ap_getword_conf(parms->temp_pool, &arg); + if (strcEQ(w, "no_ocsp_for_cert_ok")) { + *mask |= SSL_OCSPCHECK_NO_OCSP_FOR_CERT_OK; + } + else { + return apr_pstrcat(parms->temp_pool, parms->cmd->name, + ": Invalid argument '", w, "'", + NULL); + } + } + + return NULL; +} - sc->server->ocsp_enabled = flag ? TRUE : FALSE; +const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, const char *arg) +{ + SSLSrvConfigRec *sc = mySrvConfig(cmd->server); #ifdef OPENSSL_NO_OCSP if (flag) { @@ -1686,7 +1729,7 @@ } #endif - return NULL; + return ssl_cmd_ocspcheck_parse(cmd, arg, &sc->server->ocsp_mask); } const char *ssl_cmd_SSLOCSPOverrideResponder(cmd_parms *cmd, void *dcfg, int flag) @@ -2065,3 +2108,4 @@ } } + diff -Nru apache2-2.4.33/modules/ssl/ssl_engine_init.c apache2-2.4.34/modules/ssl/ssl_engine_init.c --- apache2-2.4.33/modules/ssl/ssl_engine_init.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_engine_init.c 2018-07-05 19:24:07.000000000 +0000 @@ -261,7 +261,8 @@ * the protocol is https. */ if (ap_get_server_protocol(s) && strcmp("https", ap_get_server_protocol(s)) == 0 - && sc->enabled == SSL_ENABLED_UNSET) { + && sc->enabled == SSL_ENABLED_UNSET + && (!apr_is_empty_array(sc->server->pks->cert_files))) { sc->enabled = SSL_ENABLED_TRUE; } @@ -901,6 +902,10 @@ char *cfgp = mctx->pkp ? "SSLProxy" : "SSL"; int crl_check_mode; + if (mctx->ocsp_mask == UNSET) { + mctx->ocsp_mask = SSL_OCSPCHECK_NONE; + } + if (mctx->crl_check_mask == UNSET) { mctx->crl_check_mask = SSL_CRLCHECK_NONE; } @@ -1339,8 +1344,8 @@ #if defined(SSL_CTX_set_ecdh_auto) SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); #else - SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, - EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); + eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey); #endif } #endif diff -Nru apache2-2.4.33/modules/ssl/ssl_engine_kernel.c apache2-2.4.34/modules/ssl/ssl_engine_kernel.c --- apache2-2.4.33/modules/ssl/ssl_engine_kernel.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_engine_kernel.c 2018-06-22 09:45:39.000000000 +0000 @@ -321,7 +321,7 @@ * ) */ if (!r->hostname) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02031) + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02031) "Hostname %s provided via SNI, but no hostname" " provided in HTTP request", servername); return HTTP_BAD_REQUEST; @@ -333,7 +333,7 @@ * selected by the SNI and its SSL parameters are different */ - ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02032) + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02032) "Hostname %s provided via SNI and hostname %s provided" " via HTTP have no compatible SSL setup", servername, r->hostname); @@ -350,7 +350,7 @@ * server config we used for handshaking or in our current server. * This should avoid insecure configuration by accident. */ - ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02033) + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02033) "No hostname was provided via SNI for a name based" " virtual host"); apr_table_setn(r->notes, "error-notes", @@ -1578,7 +1578,6 @@ int errdepth = X509_STORE_CTX_get_error_depth(ctx); int depth, verify; - /* * Log verification information */ @@ -1652,7 +1651,8 @@ /* * Perform OCSP-based revocation checks */ - if (ok && sc->server->ocsp_enabled) { + if (ok && ((sc->server->ocsp_mask & SSL_OCSPCHECK_CHAIN) || + (errdepth == 0 && (sc->server->ocsp_mask & SSL_OCSPCHECK_LEAF)))) { /* If there was an optional verification error, it's not * possible to perform OCSP validation since the issuer may be * missing/untrusted. Fail in that case. */ @@ -2392,7 +2392,7 @@ void *arg) { conn_rec *c = (conn_rec*)SSL_get_app_data(ssl); - SSLConnRec *sslconn = myConnConfig(c); + SSLConnRec *sslconn; apr_array_header_t *client_protos; const char *proposed; size_t len; @@ -2403,6 +2403,7 @@ if (c == NULL) { return SSL_TLSEXT_ERR_OK; } + sslconn = myConnConfig(c); if (inlen == 0) { /* someone tries to trick us? */ diff -Nru apache2-2.4.33/modules/ssl/ssl_engine_ocsp.c apache2-2.4.34/modules/ssl/ssl_engine_ocsp.c --- apache2-2.4.33/modules/ssl/ssl_engine_ocsp.c 2017-04-03 11:39:20.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_engine_ocsp.c 2018-06-22 09:45:39.000000000 +0000 @@ -139,7 +139,14 @@ ruri = determine_responder_uri(sc, cert, c, pool); if (!ruri) { - return V_OCSP_CERTSTATUS_UNKNOWN; + if (sc->server->ocsp_mask & SSL_OCSPCHECK_NO_OCSP_FOR_CERT_OK) { + ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, + "Skipping OCSP check for certificate cos no OCSP URL" + " found and no_ocsp_for_cert_ok is set"); + return V_OCSP_CERTSTATUS_GOOD; + } else { + return V_OCSP_CERTSTATUS_UNKNOWN; + } } request = create_request(ctx, cert, &certID, s, pool, sc); @@ -159,7 +166,7 @@ if (r != OCSP_RESPONSE_STATUS_SUCCESSFUL) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01922) - "OCSP response not successful: %d", rc); + "OCSP response not successful: %d", r); rc = V_OCSP_CERTSTATUS_UNKNOWN; } } diff -Nru apache2-2.4.33/modules/ssl/ssl_engine_vars.c apache2-2.4.34/modules/ssl/ssl_engine_vars.c --- apache2-2.4.33/modules/ssl/ssl_engine_vars.c 2018-03-09 07:55:27.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_engine_vars.c 2018-04-09 15:39:44.000000000 +0000 @@ -1195,7 +1195,7 @@ */ void ssl_var_log_config_register(apr_pool_t *p) { - static APR_OPTIONAL_FN_TYPE(ap_register_log_handler) *log_pfn_register; + APR_OPTIONAL_FN_TYPE(ap_register_log_handler) *log_pfn_register; log_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_log_handler); diff -Nru apache2-2.4.33/modules/ssl/ssl_private.h apache2-2.4.34/modules/ssl/ssl_private.h --- apache2-2.4.33/modules/ssl/ssl_private.h 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_private.h 2018-06-22 09:45:39.000000000 +0000 @@ -418,6 +418,16 @@ } ssl_crlcheck_t; /** + * OCSP checking mask (mode | flags) + */ +typedef enum { + SSL_OCSPCHECK_NONE = (0), + SSL_OCSPCHECK_LEAF = (1 << 0), + SSL_OCSPCHECK_CHAIN = (1 << 1), + SSL_OCSPCHECK_NO_OCSP_FOR_CERT_OK = (1 << 2) +} ssl_ocspcheck_t; + +/** * Define the SSL pass phrase dialog types */ typedef enum { @@ -701,7 +711,7 @@ modssl_auth_ctx_t auth; - BOOL ocsp_enabled; /* true if OCSP verification enabled */ + int ocsp_mask; BOOL ocsp_force_default; /* true if the default responder URL is * used regardless of per-cert URL */ const char *ocsp_responder; /* default responder URL */ @@ -844,7 +854,7 @@ const char *ssl_cmd_SSLOCSPResponseMaxAge(cmd_parms *cmd, void *dcfg, const char *arg); const char *ssl_cmd_SSLOCSPResponderTimeout(cmd_parms *cmd, void *dcfg, const char *arg); const char *ssl_cmd_SSLOCSPUseRequestNonce(cmd_parms *cmd, void *dcfg, int flag); -const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, int flag); +const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, const char *arg); const char *ssl_cmd_SSLOCSPProxyURL(cmd_parms *cmd, void *dcfg, const char *arg); /* Declare OCSP Responder Certificate Verification Directive */ diff -Nru apache2-2.4.33/modules/ssl/ssl_util.c apache2-2.4.34/modules/ssl/ssl_util.c --- apache2-2.4.33/modules/ssl/ssl_util.c 2017-09-08 12:20:16.000000000 +0000 +++ apache2-2.4.34/modules/ssl/ssl_util.c 2018-07-02 12:49:16.000000000 +0000 @@ -41,23 +41,17 @@ char *ssl_util_vhostid(apr_pool_t *p, server_rec *s) { - char *id; SSLSrvConfigRec *sc; - char *host; apr_port_t port; - host = s->server_hostname; if (s->port != 0) port = s->port; else { sc = mySrvConfig(s); - if (sc->enabled == TRUE) - port = DEFAULT_HTTPS_PORT; - else - port = DEFAULT_HTTP_PORT; + port = sc->enabled == TRUE ? DEFAULT_HTTPS_PORT : DEFAULT_HTTP_PORT; } - id = apr_psprintf(p, "%s:%lu", host, (unsigned long)port); - return id; + + return apr_psprintf(p, "%s:%lu", s->server_hostname, (unsigned long)port); } /* diff -Nru apache2-2.4.33/os/unix/unixd.c apache2-2.4.34/os/unix/unixd.c --- apache2-2.4.33/os/unix/unixd.c 2018-01-10 21:48:04.000000000 +0000 +++ apache2-2.4.34/os/unix/unixd.c 2018-06-06 10:53:16.000000000 +0000 @@ -18,12 +18,14 @@ #include "httpd.h" #include "http_config.h" #include "http_main.h" +#include "http_core.h" #include "http_log.h" #include "unixd.h" #include "mpm_common.h" #include "os.h" #include "ap_mpm.h" #include "apr_thread_proc.h" +#include "apr_signal.h" #include "apr_strings.h" #include "apr_portable.h" #ifdef HAVE_PWD_H @@ -180,7 +182,7 @@ ** we force everything to be APR_PROGRAM, and never ** APR_SHELLCMD */ - if(apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) { + if (apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) { return APR_EGENERAL; } @@ -508,6 +510,13 @@ return APR_SUCCESS; } +static void ap_terminate(void) +{ + ap_main_state = AP_SQ_MS_EXITING; + apr_pool_destroy(ap_pglobal); + apr_terminate(); +} + AP_DECLARE(void) ap_unixd_mpm_set_signals(apr_pool_t *pconf, int one_process) { #ifndef NO_USE_SIGACTION @@ -517,6 +526,16 @@ if (!one_process) { ap_fatal_signal_setup(ap_server_conf, pconf); } + else if (!ap_retained_data_get("ap_unixd_mpm_one_process_cleanup")) { + /* In one process mode (debug), httpd will exit immediately when asked + * to (SIGTERM/SIGINT) and never restart. We still want the cleanups to + * run though (such that e.g. temporary files/IPCs don't leak on the + * system), so the first time around we use atexit() to cleanup after + * ourselves. + */ + ap_retained_data_create("ap_unixd_mpm_one_process_cleanup", 1); + atexit(ap_terminate); + } /* Signals' handlers depend on retained data */ (void)ap_unixd_mpm_get_retained_data(); diff -Nru apache2-2.4.33/server/config.c apache2-2.4.34/server/config.c --- apache2-2.4.33/server/config.c 2018-02-13 23:43:36.000000000 +0000 +++ apache2-2.4.34/server/config.c 2018-05-31 15:10:26.000000000 +0000 @@ -2046,7 +2046,7 @@ /* If matching internal to path, and we happen to match something * other than a directory, skip it */ - if (rest && (rv == APR_SUCCESS) && (dirent.filetype != APR_DIR)) { + if (rest && (dirent.filetype != APR_DIR)) { continue; } fnew = (fnames *) apr_array_push(candidates); @@ -2687,6 +2687,16 @@ printf(" %s\n", ap_loaded_modules[n]->name); } +AP_DECLARE(int) ap_exists_directive(apr_pool_t *p, const char *name) +{ + char *lname = apr_pstrdup(p, name); + + ap_str_tolower(lname); + + return ap_config_hash && + apr_hash_get(ap_config_hash, lname, APR_HASH_KEY_STRING) != NULL; +} + AP_DECLARE(void *) ap_retained_data_get(const char *key) { void *retained; diff -Nru apache2-2.4.33/server/connection.c apache2-2.4.34/server/connection.c --- apache2-2.4.33/server/connection.c 2016-02-25 10:27:27.000000000 +0000 +++ apache2-2.4.34/server/connection.c 2018-05-29 21:19:30.000000000 +0000 @@ -130,12 +130,6 @@ return 1; } -#ifdef NO_LINGCLOSE - ap_flush_conn(c); /* just close it */ - apr_socket_close(csd); - return 1; -#endif - /* Close the connection, being careful to send out whatever is still * in our buffers. If possible, try to avoid a hard close until the * client has ACKed our FIN and/or has stopped sending us data. @@ -144,21 +138,20 @@ /* Send any leftover data to the client, but never try to again */ ap_flush_conn(c); - if (c->aborted) { - apr_socket_close(csd); - return 1; - } - +#ifdef NO_LINGCLOSE + apr_socket_close(csd); + return 1; +#else /* Shut down the socket for write, which will send a FIN * to the peer. */ - if (apr_socket_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS - || c->aborted) { + if (c->aborted + || apr_socket_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS) { apr_socket_close(csd); return 1; } - return 0; +#endif } AP_DECLARE(void) ap_lingering_close(conn_rec *c) diff -Nru apache2-2.4.33/server/core.c apache2-2.4.34/server/core.c --- apache2-2.4.33/server/core.c 2018-02-16 13:27:44.000000000 +0000 +++ apache2-2.4.34/server/core.c 2018-05-31 15:10:26.000000000 +0000 @@ -2710,18 +2710,23 @@ return found; } +/* Callback function type used by start_cond_section. */ +typedef int (*test_cond_section_fn)(cmd_parms *cmd, const char *arg); -static const char *start_ifmod(cmd_parms *cmd, void *mconfig, const char *arg) +/* Implementation of -style conditional sections. Callback + * to test condition must be in cmd->info, matching function type + * test_cond_section_fn. */ +static const char *start_cond_section(cmd_parms *cmd, void *mconfig, const char *arg) { const char *endp = ap_strrchr_c(arg, '>'); - int not = (arg[0] == '!'); - module *found; + int result, not = (arg[0] == '!'); + test_cond_section_fn testfn = (test_cond_section_fn)cmd->info; if (endp == NULL) { return unclosed_directive(cmd); } - arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg); + arg = apr_pstrmemdup(cmd->temp_pool, arg, endp - arg); if (not) { arg++; @@ -2731,66 +2736,58 @@ return missing_container_arg(cmd); } - found = find_module(cmd->server, arg); + result = testfn(cmd, arg); - if ((!not && found) || (not && !found)) { + if ((!not && result) || (not && !result)) { ap_directive_t *parent = NULL; ap_directive_t *current = NULL; const char *retval; retval = ap_build_cont_config(cmd->pool, cmd->temp_pool, cmd, - ¤t, &parent, "cmd->name); *(ap_directive_t **)mconfig = current; return retval; } else { *(ap_directive_t **)mconfig = NULL; - return ap_soak_end_container(cmd, "cmd->name); } } +/* Callback to implement test for start_cond_section. */ +static int test_ifmod_section(cmd_parms *cmd, const char *arg) +{ + return find_module(cmd->server, arg) != NULL; +} + AP_DECLARE(int) ap_exists_config_define(const char *name) { return ap_array_str_contains(ap_server_config_defines, name); } -static const char *start_ifdefine(cmd_parms *cmd, void *dummy, const char *arg) +static int test_ifdefine_section(cmd_parms *cmd, const char *arg) { - const char *endp; - int defined; - int not = 0; - - endp = ap_strrchr_c(arg, '>'); - if (endp == NULL) { - return unclosed_directive(cmd); - } - - arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg); + return ap_exists_config_define(arg); +} - if (arg[0] == '!') { - not = 1; - arg++; - } +static int test_iffile_section(cmd_parms *cmd, const char *arg) +{ + const char *relative; + apr_finfo_t sb; - if (!arg[0]) { - return missing_container_arg(cmd); - } + relative = ap_server_root_relative(cmd->temp_pool, arg); + return (apr_stat(&sb, relative, 0, cmd->pool) == APR_SUCCESS); +} - defined = ap_exists_config_define(arg); - if ((!not && defined) || (not && !defined)) { - ap_directive_t *parent = NULL; - ap_directive_t *current = NULL; - const char *retval; +static int test_ifdirective_section(cmd_parms *cmd, const char *arg) +{ + return ap_exists_directive(cmd->temp_pool, arg); +} - retval = ap_build_cont_config(cmd->pool, cmd->temp_pool, cmd, - ¤t, &parent, "temp_pool, "<", arg, NULL); + return ap_exists_directive(cmd->temp_pool, name); } /* httpd.conf commands... beginning with the business */ @@ -4306,10 +4303,21 @@ OR_LIMIT | OR_AUTHCFG, "Container for authentication directives to be applied when any HTTP " "method other than those specified is used to access the resource"), -AP_INIT_TAKE1("error_fname || s->error_fname[0] == '|' - || strcmp(s->error_fname, "syslog") == 0) { + || strcmp(s->error_fname, "syslog") == 0 + || strncmp(s->error_fname, "syslog:", 7) == 0) { return APR_SUCCESS; } else { @@ -5281,7 +5290,9 @@ apr_file_printf(out, "ServerRoot: \"%s\"\n", ap_server_root); tmp = ap_server_root_relative(p, sconf->ap_document_root); apr_file_printf(out, "Main DocumentRoot: \"%s\"\n", tmp); - if (s->error_fname[0] != '|' && strcmp(s->error_fname, "syslog") != 0) + if (s->error_fname[0] != '|' + && strcmp(s->error_fname, "syslog") != 0 + && strncmp(s->error_fname, "syslog:", 7) != 0) tmp = ap_server_root_relative(p, s->error_fname); else tmp = s->error_fname; diff -Nru apache2-2.4.33/server/log.c apache2-2.4.34/server/log.c --- apache2-2.4.33/server/log.c 2017-09-08 10:17:21.000000000 +0000 +++ apache2-2.4.34/server/log.c 2018-06-25 13:24:16.000000000 +0000 @@ -249,14 +249,14 @@ char *filename = ap_server_root_relative(p, fname); if (!filename) { ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, - APR_EBADPATH, NULL, APLOGNO(00085) "Invalid -E error log file %s", + APR_EBADPATH, ap_server_conf, APLOGNO(00085) "Invalid -E error log file %s", fname); return APR_EBADPATH; } if ((rc = apr_file_open(&stderr_file, filename, APR_APPEND | APR_WRITE | APR_CREATE | APR_LARGEFILE, APR_OS_DEFAULT, p)) != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, NULL, APLOGNO(00086) + ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, ap_server_conf, APLOGNO(00086) "%s: could not open error log file %s.", ap_server_argv0, fname); return rc; @@ -386,7 +386,7 @@ * child inherits the parents stderr. */ rc = log_child(p, fname, &dummy, cmdtype, is_main); if (rc != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, NULL, APLOGNO(00089) + ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, ap_server_conf, APLOGNO(00089) "Couldn't start ErrorLog process '%s'.", s->error_fname + 1); return DONE; @@ -396,7 +396,8 @@ } #ifdef HAVE_SYSLOG - else if (!strncasecmp(s->error_fname, "syslog", 6)) { + else if (strcmp(s->error_fname, "syslog") == 0 + || strncmp(s->error_fname, "syslog:", 7) == 0) { if ((fname = strchr(s->error_fname, ':'))) { /* s->error_fname could be [level]:[tag] (see #60525) */ const char *tag; @@ -444,7 +445,7 @@ else { fname = ap_server_root_relative(p, s->error_fname); if (!fname) { - ap_log_error(APLOG_MARK, APLOG_STARTUP, APR_EBADPATH, NULL, APLOGNO(00090) + ap_log_error(APLOG_MARK, APLOG_STARTUP, APR_EBADPATH, ap_server_conf, APLOGNO(00090) "%s: Invalid error log path %s.", ap_server_argv0, s->error_fname); return DONE; @@ -452,7 +453,7 @@ if ((rc = apr_file_open(&s->error_log, fname, APR_APPEND | APR_WRITE | APR_CREATE | APR_LARGEFILE, APR_OS_DEFAULT, p)) != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, NULL, APLOGNO(00091) + ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, ap_server_conf, APLOGNO(00091) "%s: could not open error log file %s.", ap_server_argv0, fname); return DONE; @@ -1605,7 +1606,7 @@ fname = ap_server_root_relative(p, filename); if (!fname) { ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, APR_EBADPATH, - NULL, APLOGNO(00097) "Invalid PID file path %s, ignoring.", filename); + ap_server_conf, APLOGNO(00097) "Invalid PID file path %s, ignoring.", filename); return; } @@ -1658,7 +1659,7 @@ fname = ap_server_root_relative(p, filename); if (!fname) { ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, APR_EBADPATH, - NULL, APLOGNO(00101) "Invalid PID file path %s, ignoring.", filename); + ap_server_conf, APLOGNO(00101) "Invalid PID file path %s, ignoring.", filename); return APR_EGENERAL; } @@ -1730,7 +1731,7 @@ != APR_SUCCESS) || ((status = apr_procattr_error_check_set(procattr, 1)) != APR_SUCCESS)) { /* Something bad happened, give up and go away. */ - ap_log_error(APLOG_MARK, APLOG_STARTUP, status, NULL, APLOGNO(00103) + ap_log_error(APLOG_MARK, APLOG_STARTUP, status, ap_server_conf, APLOGNO(00103) "piped_log_spawn: unable to setup child process '%s'", pl->program); } @@ -1755,7 +1756,7 @@ } else { /* Something bad happened, give up and go away. */ - ap_log_error(APLOG_MARK, APLOG_STARTUP, status, NULL, APLOGNO(00104) + ap_log_error(APLOG_MARK, APLOG_STARTUP, status, ap_server_conf, APLOGNO(00104) "unable to start piped log program '%s'", pl->program); } @@ -1885,7 +1886,7 @@ rc = log_child(p, program, &dummy, cmdtype, 0); if (rc != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, NULL, APLOGNO(00108) + ap_log_error(APLOG_MARK, APLOG_STARTUP, rc, ap_server_conf, APLOGNO(00108) "Couldn't start piped log process '%s'.", (program == NULL) ? "NULL" : program); return NULL; diff -Nru apache2-2.4.33/server/main.c apache2-2.4.34/server/main.c --- apache2-2.4.33/server/main.c 2018-01-10 21:48:04.000000000 +0000 +++ apache2-2.4.34/server/main.c 2018-07-05 19:26:56.000000000 +0000 @@ -289,6 +289,7 @@ { if (process->pconf) { apr_pool_clear(process->pconf); + ap_server_conf = NULL; } else { apr_pool_create(&process->pconf, process->pool); diff -Nru apache2-2.4.33/server/mpm/event/event.c apache2-2.4.34/server/mpm/event/event.c --- apache2-2.4.33/server/mpm/event/event.c 2018-02-20 13:42:59.000000000 +0000 +++ apache2-2.4.34/server/mpm/event/event.c 2018-07-05 19:45:14.000000000 +0000 @@ -2431,6 +2431,7 @@ apr_threadattr_t *thread_attr; apr_thread_t *start_thread_id; int i; + apr_pool_t *pskip; /* for benefit of any hooks that run as this child initializes */ retained->mpm->mpm_state = AP_MPMQ_STARTING; @@ -2458,7 +2459,8 @@ apr_thread_mutex_create(&g_timer_skiplist_mtx, APR_THREAD_MUTEX_DEFAULT, pchild); APR_RING_INIT(&timer_free_ring, timer_event_t, link); - apr_skiplist_init(&timer_skiplist, pchild); + apr_pool_create(&pskip, pchild); + apr_skiplist_init(&timer_skiplist, pskip); apr_skiplist_set_compare(timer_skiplist, timer_comp, timer_comp); /* Just use the standard apr_setup_signal_thread to block all signals diff -Nru apache2-2.4.33/server/protocol.c apache2-2.4.34/server/protocol.c --- apache2-2.4.33/server/protocol.c 2018-02-16 13:17:33.000000000 +0000 +++ apache2-2.4.34/server/protocol.c 2018-06-22 10:04:49.000000000 +0000 @@ -224,9 +224,12 @@ int do_alloc = (*s == NULL), saw_eos = 0; int fold = flags & AP_GETLINE_FOLD; int crlf = flags & AP_GETLINE_CRLF; + int nospc_eol = flags & AP_GETLINE_NOSPC_EOL; + int saw_eol = 0, saw_nospc = 0; if (!n) { /* Needs room for NUL byte at least */ + *read = 0; return APR_BADARG; } @@ -238,7 +241,7 @@ if (last_char) *last_char = '\0'; - for (;;) { + do { apr_brigade_cleanup(bb); rv = ap_get_brigade(r->proto_input_filters, bb, AP_MODE_GETLINE, APR_BLOCK_READ, 0); @@ -282,8 +285,52 @@ /* Would this overrun our buffer? If so, we'll die. */ if (n < bytes_handled + len) { - rv = APR_ENOSPC; - goto cleanup; + /* Before we die, let's fill the buffer up to its limit (i.e. + * fall through with the remaining length, if any), setting + * saw_eol on LF to stop the outer loop appropriately; we may + * come back here once the buffer is filled (no LF seen), and + * either be done at that time or continue to wait for LF here + * if nospc_eol is set. + * + * But there is also a corner cases which we want to address, + * namely if the buffer is overrun by the final LF only (i.e. + * the CR fits in); this is not really an overrun since we'll + * strip the CR finally (and use it for NUL byte), but anyway + * we have to handle the case so that it's not returned to the + * caller as part of the truncated line (it's not!). This is + * easier to consider that LF is out of counting and thus fall + * through with no error (saw_eol is set to 2 so that we later + * ignore LF handling already done here), while folding and + * nospc_eol logics continue to work (or fail) appropriately. + */ + saw_eol = (str[len - 1] == APR_ASCII_LF); + if (/* First time around */ + saw_eol && !saw_nospc + /* Single LF completing the buffered CR, */ + && ((len == 1 && ((*s)[bytes_handled - 1] == APR_ASCII_CR)) + /* or trailing CRLF overuns by LF only */ + || (len > 1 && str[len - 2] == APR_ASCII_CR + && n - bytes_handled + 1 == len))) { + /* In both cases *last_char is (to be) the CR stripped by + * later 'bytes_handled = last_char - *s'. + */ + saw_eol = 2; + } + else { + /* In any other case we'd lose data. */ + rv = APR_ENOSPC; + saw_nospc = 1; + } + len = n - bytes_handled; + if (!len) { + if (saw_eol) { + break; + } + if (nospc_eol) { + continue; + } + goto cleanup; + } } /* Do we have to handle the allocation ourselves? */ @@ -322,18 +369,28 @@ /* If we got a full line of input, stop reading */ if (last_char && (*last_char == APR_ASCII_LF)) { - break; + saw_eol = 1; } + } while (!saw_eol); + + if (rv != APR_SUCCESS) { + /* End of line after APR_ENOSPC above */ + goto cleanup; } /* Now terminate the string at the end of the line; - * if the last-but-one character is a CR, terminate there */ - if (last_char > *s && last_char[-1] == APR_ASCII_CR) { - last_char--; - } - else if (crlf) { - rv = APR_EINVAL; - goto cleanup; + * if the last-but-one character is a CR, terminate there. + * LF is handled above (not accounted) when saw_eol == 2, + * the last char is CR to terminate at still. + */ + if (saw_eol < 2) { + if (last_char > *s && last_char[-1] == APR_ASCII_CR) { + last_char--; + } + else if (crlf) { + rv = APR_EINVAL; + goto cleanup; + } } bytes_handled = last_char - *s; @@ -407,8 +464,8 @@ next_size = n - bytes_handled; - rv = ap_rgetline_core(&tmp, next_size, - &next_len, r, 0, bb); + rv = ap_rgetline_core(&tmp, next_size, &next_len, r, + flags & ~AP_GETLINE_FOLD, bb); if (rv != APR_SUCCESS) { goto cleanup; } @@ -442,22 +499,22 @@ if (bytes_handled >= n) { bytes_handled = n - 1; } + + *read = bytes_handled; if (*s) { /* ensure the string is NUL terminated */ - (*s)[bytes_handled] = '\0'; - } - *read = bytes_handled; + (*s)[*read] = '\0'; - if (rv != APR_SUCCESS) { - return rv; - } - - /* PR#43039: We shouldn't accept NULL bytes within the line */ - if (strlen(*s) < bytes_handled) { - return APR_EINVAL; + /* PR#43039: We shouldn't accept NULL bytes within the line */ + bytes_handled = strlen(*s); + if (bytes_handled < *read) { + *read = bytes_handled; + if (rv == APR_SUCCESS) { + rv = APR_EINVAL; + } + } } - - return APR_SUCCESS; + return rv; } #if APR_CHARSET_EBCDIC @@ -476,7 +533,7 @@ apr_status_t rv; rv = ap_rgetline_core(s, n, read, r, fold, bb); - if (rv == APR_SUCCESS) { + if (rv == APR_SUCCESS || APR_STATUS_IS_ENOSPC(rv)) { ap_xlate_proto_from_ascii(*s, *read); } return rv; diff -Nru apache2-2.4.33/server/request.c apache2-2.4.34/server/request.c --- apache2-2.4.33/server/request.c 2017-06-29 11:29:11.000000000 +0000 +++ apache2-2.4.34/server/request.c 2018-04-07 21:04:16.000000000 +0000 @@ -99,7 +99,7 @@ (apr_finfo_t *finfo, request_rec *r, apr_int32_t wanted), (finfo, r, wanted), AP_DECLINED) AP_IMPLEMENT_HOOK_RUN_FIRST(int,force_authn, - (request_rec *r), (r), DECLINED) + (request_rec *r), (r), DECLINED) static int auth_internal_per_conf = 0; static int auth_internal_per_conf_hooks = 0; diff -Nru apache2-2.4.33/server/util_expr_eval.c apache2-2.4.34/server/util_expr_eval.c --- apache2-2.4.33/server/util_expr_eval.c 2017-10-17 08:06:13.000000000 +0000 +++ apache2-2.4.34/server/util_expr_eval.c 2018-05-31 13:19:12.000000000 +0000 @@ -1720,7 +1720,7 @@ case AP_EXPR_FUNC_STRING: case AP_EXPR_FUNC_OP_UNARY: case AP_EXPR_FUNC_OP_BINARY: { - const struct expr_provider_single *prov; + const struct expr_provider_single *prov = NULL; switch (parms->type) { case AP_EXPR_FUNC_STRING: prov = string_func_providers; @@ -1734,7 +1734,7 @@ default: ap_assert(0); } - while (prov->func) { + while (prov && prov->func) { int match; if (parms->type == AP_EXPR_FUNC_OP_UNARY) match = !strcmp(prov->name, parms->name); diff -Nru apache2-2.4.33/server/util_mutex.c apache2-2.4.34/server/util_mutex.c --- apache2-2.4.33/server/util_mutex.c 2016-03-02 13:10:05.000000000 +0000 +++ apache2-2.4.34/server/util_mutex.c 2018-04-09 15:39:44.000000000 +0000 @@ -505,7 +505,7 @@ for (idx = apr_hash_first(p, mxcfg_by_type); idx; idx = apr_hash_next(idx)) { mutex_cfg_t *mxcfg; - const char *name, *mech; + const char *name, *mech = ""; const void *name_; const char *dir = ""; apr_hash_this(idx, &name_, NULL, NULL); diff -Nru apache2-2.4.33/server/vhost.c apache2-2.4.34/server/vhost.c --- apache2-2.4.33/server/vhost.c 2017-03-29 17:15:29.000000000 +0000 +++ apache2-2.4.34/server/vhost.c 2018-07-02 20:47:00.000000000 +0000 @@ -757,7 +757,7 @@ int is_dotted_decimal = 1, leading_zeroes = 0, dots = 0; for (ch = host; *ch; ch++) { - if (apr_isalpha(*ch) || *ch == '-') { + if (apr_isalpha(*ch) || *ch == '-' || *ch == '_') { is_dotted_decimal = 0; } else if (ch[0] == '.') { diff -Nru apache2-2.4.33/support/rotatelogs.c apache2-2.4.34/support/rotatelogs.c --- apache2-2.4.33/support/rotatelogs.c 2018-03-09 09:09:38.000000000 +0000 +++ apache2-2.4.34/support/rotatelogs.c 2018-04-09 15:37:44.000000000 +0000 @@ -36,7 +36,6 @@ #include "apr_want.h" #define BUFSIZE 65536 -#define ERRMSGSZ 256 #define ROTATE_NONE 0 #define ROTATE_NEW 1 @@ -64,7 +63,7 @@ int force_open; int verbose; int echo; - const char *szLogRoot; + char *szLogRoot; int truncate; const char *linkfile; const char *postrotate_prog; @@ -72,6 +71,7 @@ int create_empty; #endif int num_files; + int create_path; }; typedef struct rotate_status rotate_status_t; @@ -93,7 +93,6 @@ struct rotate_status { struct logfile current; /* current logfile. */ apr_pool_t *pool; /* top-level pool */ - char errbuf[ERRMSGSZ]; int rotateReason; adjusted_time_t tLogEnd; int nMessCount; @@ -110,9 +109,9 @@ } fprintf(stderr, #if APR_FILES_AS_SOCKETS - "Usage: %s [-v] [-l] [-L linkname] [-p prog] [-f] [-t] [-e] [-c] [-n number] " + "Usage: %s [-v] [-l] [-L linkname] [-p prog] [-f] [-D] [-t] [-e] [-c] [-n number] " #else - "Usage: %s [-v] [-l] [-L linkname] [-p prog] [-f] [-t] [-e] [-n number] " + "Usage: %s [-v] [-l] [-L linkname] [-p prog] [-f] [-D] [-t] [-e] [-n number] " #endif "{|(B|K|M|G)} " "[offset minutes from UTC]\n\n", @@ -144,13 +143,15 @@ " -L path Create hard link from current log to specified path.\n" " -p prog Run specified program after opening a new log file. See below.\n" " -f Force opening of log on program start.\n" + " -D Create parent directories of log file.\n" " -t Truncate logfile instead of rotating, tail friendly.\n" " -e Echo log to stdout for further processing.\n" #if APR_FILES_AS_SOCKETS " -c Create log even if it is empty.\n" #endif + " -n num Rotate file by adding suffixes '.1', '.2', ..., '.num'.\n" "\n" - "The program is invoked as \"[prog] []\"\n" + "The program for '-p' is invoked as \"[prog] []\"\n" "where is the filename of the newly opened logfile, and\n" ", if given, is the filename of the previously used logfile.\n" "\n"); @@ -207,12 +208,13 @@ fprintf(stderr, "Rotation based on localtime: %12s\n", config->use_localtime ? "yes" : "no"); fprintf(stderr, "Rotation file date pattern: %12s\n", config->use_strftime ? "yes" : "no"); fprintf(stderr, "Rotation file forced open: %12s\n", config->force_open ? "yes" : "no"); + fprintf(stderr, "Create parent directories: %12s\n", config->create_path ? "yes" : "no"); fprintf(stderr, "Rotation verbose: %12s\n", config->verbose ? "yes" : "no"); #if APR_FILES_AS_SOCKETS fprintf(stderr, "Rotation create empty logs: %12s\n", config->create_empty ? "yes" : "no"); #endif fprintf(stderr, "Rotation file name: %21s\n", config->szLogRoot); - fprintf(stderr, "Post-rotation prog: %21s\n", config->postrotate_prog); + fprintf(stderr, "Post-rotation prog: %21s\n", config->postrotate_prog ? config->postrotate_prog : "not used"); } /* @@ -280,7 +282,7 @@ if (config->linkfile) { apr_file_remove(config->linkfile, newlog->pool); if (config->verbose) { - fprintf(stderr,"Linking %s to %s\n", newlog->name, config->linkfile); + fprintf(stderr, "Linking %s to %s\n", newlog->name, config->linkfile); } rv = apr_file_link(newlog->name, config->linkfile); if (rv != APR_SUCCESS) { @@ -343,19 +345,19 @@ } /* After a error, truncate the current file and write out an error - * message, which must be contained in status->errbuf. The process is + * message, which must be contained in message. The process is * terminated on failure. */ -static void truncate_and_write_error(rotate_status_t *status) +static void truncate_and_write_error(rotate_status_t *status, const char *message) { - apr_size_t buflen = strlen(status->errbuf); + apr_size_t buflen = strlen(message); if (apr_file_trunc(status->current.fd, 0) != APR_SUCCESS) { fprintf(stderr, "Error truncating the file %s\n", status->current.name); exit(2); } - if (apr_file_write_full(status->current.fd, status->errbuf, buflen, NULL) != APR_SUCCESS) { + if (apr_file_write_full(status->current.fd, message, buflen, NULL) != APR_SUCCESS) { fprintf(stderr, "Error writing error (%s) to the file %s\n", - status->errbuf, status->current.name); + message, status->current.name); exit(2); } } @@ -437,6 +439,23 @@ } } apr_pool_create(&newlog.pool, status->pool); + if (config->create_path) { + char *ptr = strrchr(newlog.name, '/'); + if (ptr && ptr > newlog.name) { + char *path = apr_pstrmemdup(newlog.pool, newlog.name, ptr - newlog.name); + if (config->verbose) { + fprintf(stderr, "Creating directory tree %s\n", path); + } + rv = apr_dir_make_recursive(path, APR_FPROT_OS_DEFAULT, newlog.pool); + if (rv != APR_SUCCESS) { + char error[120]; + + apr_strerror(rv, error, sizeof error); + fprintf(stderr, "Could not create directory '%s' (%s)\n", path, error); + exit(2); + } + } + } if (config->verbose) { fprintf(stderr, "Opening file %s\n", newlog.name); } @@ -457,9 +476,8 @@ status->current = newlog; } else { - char error[120]; - - apr_strerror(rv, error, sizeof error); + char *error = apr_psprintf(newlog.pool, "%pm", &rv); + char *message; /* Uh-oh. Failed to open the new log file. Try to clear * the previous log file, note the lost log entries, @@ -469,17 +487,17 @@ exit(2); } - /* Throw away new state; it isn't going to be used. */ - apr_pool_destroy(newlog.pool); - /* Try to keep this error message constant length * in case it occurs several times. */ - apr_snprintf(status->errbuf, sizeof status->errbuf, - "Resetting log file due to error opening " - "new log file, %10d messages lost: %-25.25s\n", - status->nMessCount, error); + message = apr_psprintf(newlog.pool, + "Resetting log file due to error opening " + "new log file, %10d messages lost: %-25.25s\n", + status->nMessCount, error); + + truncate_and_write_error(status, message); - truncate_and_write_error(status); + /* Throw away new state; it isn't going to be used. */ + apr_pool_destroy(newlog.pool); } status->nMessCount = 0; @@ -567,9 +585,9 @@ apr_pool_create(&status.pool, NULL); apr_getopt_init(&opt, status.pool, argc, argv); #if APR_FILES_AS_SOCKETS - while ((rv = apr_getopt(opt, "lL:p:ftvecn:", &c, &opt_arg)) == APR_SUCCESS) { + while ((rv = apr_getopt(opt, "lL:p:fDtvecn:", &c, &opt_arg)) == APR_SUCCESS) { #else - while ((rv = apr_getopt(opt, "lL:p:ftven:", &c, &opt_arg)) == APR_SUCCESS) { + while ((rv = apr_getopt(opt, "lL:p:fDtven:", &c, &opt_arg)) == APR_SUCCESS) { #endif switch (c) { case 'l': @@ -588,6 +606,9 @@ case 'f': config.force_open = 1; break; + case 'D': + config.create_path = 1; + break; case 't': config.truncate = 1; break; @@ -622,7 +643,11 @@ usage(argv[0], "Incorrect number of arguments"); } - config.szLogRoot = argv[opt->ind++]; + rv = apr_filepath_merge(&config.szLogRoot, "", argv[opt->ind++], + APR_FILEPATH_TRUENAME, status.pool); + if (rv != APR_SUCCESS && rv != APR_EPATHWILD) { + usage(argv[0], "Invalid filename given"); + } /* Read in the remaining flags, namely time, size and UTC offset. */ for(; opt->ind < argc; opt->ind++) { @@ -725,18 +750,21 @@ rv = apr_file_write_full(status.current.fd, buf, nWrite, &nWrite); if (nWrite != nRead) { apr_off_t cur_offset; + apr_pool_t *pool; + char *error; cur_offset = 0; if (apr_file_seek(status.current.fd, APR_CUR, &cur_offset) != APR_SUCCESS) { cur_offset = -1; } status.nMessCount++; - apr_snprintf(status.errbuf, sizeof status.errbuf, - "Error %d writing to log file at offset %" APR_OFF_T_FMT ". " - "%10d messages lost (%pm)\n", - rv, cur_offset, status.nMessCount, &rv); + apr_pool_create(&pool, status.pool); + error = apr_psprintf(pool, "Error %d writing to log file at offset %" + APR_OFF_T_FMT ". %10d messages lost (%pm)\n", + rv, cur_offset, status.nMessCount, &rv); - truncate_and_write_error(&status); + truncate_and_write_error(&status, error); + apr_pool_destroy(pool); } else { status.nMessCount++; diff -Nru apache2-2.4.33/support/suexec.c apache2-2.4.34/support/suexec.c --- apache2-2.4.33/support/suexec.c 2016-03-21 12:37:25.000000000 +0000 +++ apache2-2.4.34/support/suexec.c 2018-05-30 19:09:00.000000000 +0000 @@ -58,6 +58,10 @@ #include #endif +#ifdef AP_LOG_SYSLOG +#include +#endif + #if defined(PATH_MAX) #define AP_MAXPATH PATH_MAX #elif defined(MAXPATHLEN) @@ -69,7 +73,20 @@ #define AP_ENVBUF 256 extern char **environ; + +#ifdef AP_LOG_SYSLOG +/* Syslog support. */ +#if !defined(AP_LOG_FACILITY) && defined(LOG_AUTHPRIV) +#define AP_LOG_FACILITY LOG_AUTHPRIV +#elif !defined(AP_LOG_FACILITY) +#define AP_LOG_FACILITY LOG_AUTH +#endif + +static int log_open; +#else +/* Non-syslog support. */ static FILE *log = NULL; +#endif static const char *const safe_env_lst[] = { @@ -138,7 +155,14 @@ static void err_output(int is_error, const char *fmt, va_list ap) { -#ifdef AP_LOG_EXEC +#if defined(AP_LOG_SYSLOG) + if (!log_open) { + openlog("suexec", LOG_PID, AP_LOG_FACILITY); + log_open = 1; + } + + vsyslog(is_error ? LOG_ERR : LOG_INFO, fmt, ap); +#elif defined(AP_LOG_EXEC) time_t timevar; struct tm *lt; @@ -300,7 +324,9 @@ #ifdef AP_HTTPD_USER fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER); #endif -#ifdef AP_LOG_EXEC +#if defined(AP_LOG_SYSLOG) + fprintf(stderr, " -D AP_LOG_SYSLOG\n"); +#elif defined(AP_LOG_EXEC) fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC); #endif #ifdef AP_SAFE_PATH @@ -603,6 +629,12 @@ #endif /* AP_SUEXEC_UMASK */ /* Be sure to close the log file so the CGI can't mess with it. */ +#ifdef AP_LOG_SYSLOG + if (log_open) { + closelog(); + log_open = 0; + } +#else if (log != NULL) { #if APR_HAVE_FCNTL_H /* @@ -624,6 +656,7 @@ log = NULL; #endif } +#endif /* * Execute the command, replacing our image with its own. diff -Nru apache2-2.4.33/support/win32/ApacheMonitor.c apache2-2.4.34/support/win32/ApacheMonitor.c --- apache2-2.4.33/support/win32/ApacheMonitor.c 2016-05-25 16:29:59.000000000 +0000 +++ apache2-2.4.34/support/win32/ApacheMonitor.c 2018-05-31 13:19:12.000000000 +0000 @@ -912,7 +912,7 @@ WM_SETTEXT, (WPARAM) NULL, (LPARAM) szCmp); } - if (SHGetMalloc(&pMalloc)) { + if (SUCCEEDED(SHGetMalloc(&pMalloc))) { pMalloc->lpVtbl->Free(pMalloc, il); pMalloc->lpVtbl->Release(pMalloc); }