[apache2] 01/05: Imported Upstream version 2.4.25
Stefan Fritsch
sf at moszumanska.debian.org
Wed Dec 21 23:09:04 UTC 2016
This is an automated email from the git hooks/post-receive script.
sf pushed a commit to branch master
in repository apache2.
commit 4e95102dff3e219075cf0ae044c3b91e0b168887
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Wed Dec 21 23:04:58 2016 +0100
Imported Upstream version 2.4.25
---
Apache-apr2.dsw | 25 +
Apache.dsw | 27 +
CHANGES | 284 +++++++-
CMakeLists.txt | 35 +-
Makefile.win | 2 +
acinclude.m4 | 9 +-
build/installwinconf.awk | 1 +
configure | 325 +++++++--
configure.in | 27 +-
docs/conf/httpd.conf.in | 9 +
docs/conf/mime.types | 293 +++++++-
docs/manual/caching.html.en | 49 +-
docs/manual/caching.html.fr | 50 +-
docs/manual/caching.html.tr.utf8 | 50 +-
docs/manual/convenience.map | 5 +
docs/manual/custom-error.html.tr.utf8 | 1 -
docs/manual/expr.html.en | 60 +-
docs/manual/expr.html.fr | 53 +-
docs/manual/howto/auth.html.tr.utf8 | 13 +-
docs/manual/howto/cgi.html.en | 15 +-
docs/manual/howto/cgi.html.fr | 12 +-
docs/manual/howto/public_html.html.tr.utf8 | 15 +-
docs/manual/install.html.en | 2 +-
docs/manual/install.html.fr | 2 +-
docs/manual/install.html.tr.utf8 | 4 +-
docs/manual/logs.html.tr.utf8 | 5 +-
docs/manual/mod/core.html.de | 27 +
docs/manual/mod/core.html.en | 129 +++-
docs/manual/mod/core.html.es | 29 +
docs/manual/mod/core.html.fr | 84 ++-
docs/manual/mod/core.html.ja.utf8 | 27 +
docs/manual/mod/core.html.tr.utf8 | 207 ++++--
docs/manual/mod/directives.html.de | 7 +-
docs/manual/mod/directives.html.en | 7 +-
docs/manual/mod/directives.html.es | 7 +-
docs/manual/mod/directives.html.fr | 7 +-
docs/manual/mod/directives.html.ja.utf8 | 7 +-
docs/manual/mod/directives.html.ko.euc-kr | 7 +-
docs/manual/mod/directives.html.tr.utf8 | 7 +-
docs/manual/mod/directives.html.zh-cn.utf8 | 7 +-
docs/manual/mod/event.html.en | 69 +-
docs/manual/mod/event.html.fr | 2 +
docs/manual/mod/mod_alias.html.en | 23 +-
docs/manual/mod/mod_alias.html.fr | 32 +-
docs/manual/mod/mod_authz_groupfile.html.fr | 4 +-
docs/manual/mod/mod_autoindex.html.tr.utf8 | 1 -
docs/manual/mod/mod_dbd.html.en | 23 +
docs/manual/mod/mod_dbd.html.fr | 23 +
docs/manual/mod/mod_dir.html.en | 2 +-
docs/manual/mod/mod_dir.html.fr | 12 +-
docs/manual/mod/mod_dir.html.tr.utf8 | 2 +-
docs/manual/mod/mod_headers.html.en | 12 +-
docs/manual/mod/mod_headers.html.fr | 11 +-
docs/manual/mod/mod_http2.html.en | 95 +++
docs/manual/mod/mod_log_config.html.tr.utf8 | 1 -
docs/manual/mod/mod_negotiation.html.fr | 2 -
docs/manual/mod/mod_proxy.html.en | 7 +-
docs/manual/mod/mod_proxy.html.fr | 25 +-
docs/manual/mod/mod_proxy_express.html.en | 2 +-
docs/manual/mod/mod_proxy_express.html.fr | 2 +
docs/manual/mod/mod_proxy_html.html.en | 38 +-
docs/manual/mod/mod_proxy_html.html.fr | 50 +-
docs/manual/mod/mod_proxy_http2.html.en | 15 +
docs/manual/mod/mod_ratelimit.html.en | 16 +-
docs/manual/mod/mod_ratelimit.html.fr | 2 +
docs/manual/mod/mod_rewrite.html.en | 72 +-
docs/manual/mod/mod_rewrite.html.fr | 194 ++---
docs/manual/mod/mod_setenvif.html.fr | 10 +-
docs/manual/mod/mod_ssl.html.en | 20 +-
docs/manual/mod/mod_ssl.html.fr | 25 +-
docs/manual/mod/mod_substitute.html.fr | 9 +-
docs/manual/mod/mod_userdir.html.tr.utf8 | 8 +-
docs/manual/mod/mpm_common.html.de | 2 +-
docs/manual/mod/mpm_common.html.en | 36 +-
docs/manual/mod/mpm_common.html.fr | 17 +-
docs/manual/mod/mpm_common.html.ja.utf8 | 2 +-
docs/manual/mod/mpm_common.html.tr.utf8 | 35 +-
docs/manual/mod/quickreference.html.de | 474 +++++++------
docs/manual/mod/quickreference.html.en | 472 +++++++------
docs/manual/mod/quickreference.html.es | 478 ++++++-------
docs/manual/mod/quickreference.html.fr | 488 ++++++-------
docs/manual/mod/quickreference.html.ja.utf8 | 468 ++++++------
docs/manual/mod/quickreference.html.ko.euc-kr | 468 ++++++------
docs/manual/mod/quickreference.html.tr.utf8 | 484 ++++++-------
docs/manual/mod/quickreference.html.zh-cn.utf8 | 472 +++++++------
docs/manual/programs/configure.html.fr | 16 +-
docs/manual/programs/configure.html.tr.utf8 | 11 +-
docs/manual/rewrite/flags.html.en | 3 +
docs/manual/rewrite/flags.html.fr | 3 +
docs/manual/rewrite/vhosts.html.en | 2 +-
docs/manual/rewrite/vhosts.html.fr | 2 +-
docs/manual/sections.html.en | 2 +-
docs/manual/sections.html.fr | 2 +-
docs/manual/ssl/ssl_faq.html.fr | 22 +-
docs/manual/ssl/ssl_howto.html.fr | 6 +-
docs/manual/style/version.ent | 2 +-
docs/manual/upgrading.html.en | 64 +-
docs/manual/upgrading.html.fr | 2 +
docs/manual/urlmapping.html.tr.utf8 | 1 -
docs/manual/vhosts/examples.html.tr.utf8 | 42 +-
docs/manual/vhosts/index.html.en | 15 +-
docs/manual/vhosts/index.html.fr | 12 +-
docs/manual/vhosts/index.html.tr.utf8 | 10 +-
docs/manual/vhosts/index.html.zh-cn.utf8 | 1 +
httpd.spec | 2 +-
include/ap_config_auto.h.in | 4 +
include/ap_mmn.h | 19 +-
include/ap_release.h | 2 +-
include/http_config.h | 23 +-
include/http_core.h | 18 +-
include/http_log.h | 2 +-
include/http_protocol.h | 17 +-
include/http_request.h | 17 +-
include/httpd.h | 26 +-
include/scoreboard.h | 2 +-
include/util_ldap.h | 2 +-
modules/NWGNUmakefile | 2 +-
modules/aaa/mod_allowmethods.c | 2 +-
modules/aaa/mod_auth_basic.c | 2 +-
modules/aaa/mod_auth_digest.c | 56 +-
modules/aaa/mod_auth_form.c | 2 +-
modules/aaa/mod_authn_dbd.c | 5 -
modules/aaa/mod_authz_core.c | 2 +-
modules/aaa/mod_authz_groupfile.c | 2 +-
modules/arch/netware/mod_nw_ssl.c | 2 +-
modules/arch/win32/mod_isapi.c | 6 +-
modules/arch/win32/mod_isapi.h | 2 +-
modules/cache/NWGNUsocachmem | 1 +
modules/cache/cache_storage.c | 50 +-
modules/cache/cache_util.c | 107 ++-
modules/cache/cache_util.h | 2 +-
modules/cache/mod_cache.c | 91 ++-
modules/cache/mod_cache_disk.c | 17 +-
modules/cache/mod_file_cache.c | 6 +-
modules/cache/mod_socache_memcache.c | 66 +-
modules/cache/mod_socache_memcache.dsp | 4 +-
modules/cluster/README.heartbeat | 2 +-
modules/core/mod_macro.c | 6 +-
modules/core/mod_so.c | 4 +-
modules/dav/main/mod_dav.c | 93 ++-
modules/dav/main/mod_dav.h | 69 +-
modules/dav/main/util.c | 4 +-
modules/examples/README | 2 +-
modules/filters/mod_include.c | 14 +-
modules/filters/mod_ratelimit.c | 56 +-
modules/filters/mod_reqtimeout.c | 10 +-
modules/filters/regexp.c | 2 +-
modules/generators/mod_cgid.c | 67 +-
modules/generators/mod_status.c | 55 +-
modules/http/http_core.c | 2 +-
modules/http/http_filters.c | 206 ++++--
modules/http/http_protocol.c | 5 +-
modules/http/http_request.c | 91 ++-
modules/http2/NWGNUmod_http2 | 22 +-
modules/http2/NWGNUproxyht2 | 1 +
modules/http2/README.h2 | 2 +-
modules/http2/config2.m4 | 5 +-
modules/http2/h2.h | 46 +-
modules/http2/h2_alt_svc.c | 2 +-
modules/http2/h2_bucket_beam.c | 446 ++++++++----
modules/http2/h2_bucket_beam.h | 88 ++-
modules/http2/h2_config.c | 130 +++-
modules/http2/h2_config.h | 16 +-
modules/http2/h2_conn.c | 32 +-
modules/http2/h2_conn.h | 7 +-
modules/http2/h2_conn_io.c | 51 +-
modules/http2/h2_ctx.c | 4 +-
modules/http2/h2_filter.c | 389 ++++++++--
modules/http2/h2_filter.h | 30 +-
modules/http2/h2_from_h1.c | 784 ++++++++++++++-------
modules/http2/h2_from_h1.h | 48 +-
modules/http2/h2_h2.c | 84 ++-
modules/http2/h2_h2.h | 4 +-
modules/http2/h2_headers.c | 161 +++++
modules/http2/h2_headers.h | 70 ++
modules/http2/h2_mplx.c | 631 ++++++++---------
modules/http2/h2_mplx.h | 50 +-
modules/http2/h2_ngn_shed.c | 78 +-
modules/http2/h2_ngn_shed.h | 24 +-
modules/http2/h2_proxy_session.c | 370 +++++++---
modules/http2/h2_proxy_session.h | 16 +-
modules/http2/h2_proxy_util.c | 494 +++++++++++--
modules/http2/h2_proxy_util.h | 103 +--
modules/http2/h2_push.c | 69 +-
modules/http2/h2_push.h | 16 +-
modules/http2/h2_request.c | 195 +++--
modules/http2/h2_request.h | 7 +-
modules/http2/h2_response.c | 205 ------
modules/http2/h2_response.h | 73 --
modules/http2/h2_session.c | 578 ++++++++-------
modules/http2/h2_session.h | 16 +-
modules/http2/h2_stream.c | 629 ++++++++++-------
modules/http2/h2_stream.h | 111 ++-
modules/http2/h2_stream_set.c | 145 ----
modules/http2/h2_stream_set.h | 51 --
modules/http2/h2_switch.h | 2 +-
modules/http2/h2_task.c | 645 +++++++----------
modules/http2/h2_task.h | 45 +-
modules/http2/h2_util.c | 139 ++--
modules/http2/h2_util.h | 69 +-
modules/http2/h2_version.h | 4 +-
modules/http2/h2_worker.c | 2 +-
modules/http2/h2_workers.c | 4 +-
modules/http2/mod_http2.c | 38 +-
modules/http2/mod_http2.dep | 61 --
modules/http2/mod_http2.dsp | 2 +-
modules/http2/mod_http2.h | 12 +-
modules/http2/mod_http2.mak | 18 +-
modules/http2/mod_proxy_http2.c | 128 ++--
modules/ldap/util_ldap_cache_mgr.c | 2 +-
modules/loggers/mod_log_config.c | 2 +-
modules/lua/mod_lua.c | 3 +-
modules/mappers/mod_actions.c | 2 +-
modules/mappers/mod_negotiation.c | 6 +-
modules/mappers/mod_rewrite.c | 17 +-
modules/metadata/mod_env.c | 2 +-
modules/metadata/mod_headers.c | 11 +-
modules/metadata/mod_mime_magic.c | 2 +-
modules/metadata/mod_remoteip.c | 2 +-
modules/metadata/mod_version.c | 2 +-
modules/proxy/NWGNUproxy | 3 +
.../NWGNUsocachmem => proxy/NWGNUproxyhcheck} | 62 +-
modules/proxy/config.m4 | 2 +-
modules/proxy/mod_proxy.c | 62 +-
modules/proxy/mod_proxy.h | 33 +-
modules/proxy/mod_proxy_ajp.c | 9 +-
modules/proxy/mod_proxy_balancer.c | 14 +-
modules/proxy/mod_proxy_connect.c | 11 +-
modules/proxy/mod_proxy_fcgi.c | 37 +-
modules/proxy/mod_proxy_hcheck.c | 4 +-
modules/proxy/mod_proxy_hcheck.dep | 5 +
modules/proxy/mod_proxy_hcheck.dsp | 123 ++++
modules/proxy/mod_proxy_hcheck.mak | 380 ++++++++++
modules/proxy/mod_proxy_http.c | 19 +-
modules/proxy/proxy_util.c | 158 +++--
modules/session/mod_session.c | 13 +-
modules/session/mod_session_crypto.c | 228 +++++-
modules/slotmem/mod_slotmem_shm.c | 2 +-
modules/ssl/README | 4 +-
modules/ssl/ssl_engine_init.c | 2 +-
modules/ssl/ssl_engine_io.c | 17 +-
modules/ssl/ssl_engine_kernel.c | 20 +-
modules/ssl/ssl_engine_vars.c | 2 +-
modules/ssl/ssl_private.h | 2 +-
os/bs2000/ebcdic.c | 2 +-
os/netware/pre_nw.h | 2 +-
os/win32/BaseAddr.ref | 1 +
os/win32/ap_regkey.c | 2 +-
server/config.c | 6 +-
server/core.c | 72 +-
server/gen_test_char.c | 47 +-
server/listen.c | 2 +-
server/mpm/event/event.c | 391 +++++-----
server/mpm/event/fdqueue.c | 30 +-
server/mpm/event/fdqueue.h | 2 +
server/mpm/prefork/prefork.c | 2 +-
server/mpm/winnt/child.c | 113 +--
server/mpm/winnt/mpm_winnt.c | 6 +-
server/mpm/winnt/mpm_winnt.h | 3 -
server/mpm/winnt/service.c | 2 +-
server/mpm/worker/worker.c | 4 +-
server/mpm_unix.c | 36 +-
server/protocol.c | 696 ++++++++++++------
server/request.c | 14 +-
server/scoreboard.c | 2 +-
server/util.c | 35 +-
server/util_cookies.c | 6 +-
server/util_script.c | 8 +
server/vhost.c | 292 ++++++--
support/ab.c | 62 +-
support/checkgid.c | 2 +-
support/htcacheclean.c | 4 +-
support/logresolve.c | 2 +-
support/logresolve.pl.in | 4 +-
test/make_sni.sh | 2 +-
275 files changed, 11787 insertions(+), 6884 deletions(-)
diff --git a/Apache-apr2.dsw b/Apache-apr2.dsw
index 2b65979..1f4509e 100644
--- a/Apache-apr2.dsw
+++ b/Apache-apr2.dsw
@@ -282,6 +282,9 @@ Package=<4>
Project_Dep_Name mod_proxy_ftp
End Project Dependency
Begin Project Dependency
+ Project_Dep_Name mod_proxy_hcheck
+ End Project Dependency
+ Begin Project Dependency
Project_Dep_Name mod_proxy_http
End Project Dependency
Begin Project Dependency
@@ -2309,6 +2312,28 @@ Package=<4>
###############################################################################
+Project: "mod_proxy_hcheck"=.\modules\proxy\mod_proxy_hcheck.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+###############################################################################
+
Project: "mod_proxy_html"=.\modules\filters\mod_proxy_html.dsp - Package Owner=<4>
Package=<5>
diff --git a/Apache.dsw b/Apache.dsw
index 20259d2..af13918 100644
--- a/Apache.dsw
+++ b/Apache.dsw
@@ -297,6 +297,9 @@ Package=<4>
Project_Dep_Name mod_proxy_ftp
End Project Dependency
Begin Project Dependency
+ Project_Dep_Name mod_proxy_hcheck
+ End Project Dependency
+ Begin Project Dependency
Project_Dep_Name mod_proxy_http
End Project Dependency
Begin Project Dependency
@@ -2714,6 +2717,30 @@ Package=<4>
###############################################################################
+Project: "mod_proxy_hcheck"=.\modules\proxy\mod_proxy_hcheck.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
Project: "mod_proxy_html"=.\modules\filters\mod_proxy_html.dsp - Package Owner=<4>
Package=<5>
diff --git a/CHANGES b/CHANGES
index cc2f340..52d1b50 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,264 @@
-*- coding: utf-8 -*-
+Changes with Apache 2.4.25
+
+ *) Fix some build issues related to various modules.
+ [Rainer Jung]
+
+Changes with Apache 2.4.24
+
+ *) SECURITY: CVE-2016-8740 (cve.mitre.org)
+ mod_http2: Mitigate DoS memory exhaustion via endless
+ CONTINUATION frames.
+ [Naveen Tiwari <naveen.tiwari at asu.edu> and CDF/SEFCOM at Arizona State
+ University, Stefan Eissing]
+
+ *) SECURITY: CVE-2016-5387 (cve.mitre.org)
+ core: Mitigate [f]cgi "httpoxy" issues.
+ [Dominic Scheirlinck <dominic vendhq.com>, Yann Ylavic]
+
+ *) SECURITY: CVE-2016-2161 (cve.mitre.org)
+ mod_auth_digest: Prevent segfaults during client entry allocation when
+ the shared memory space is exhausted.
+ [Maksim Malyutin <m.malyutin dsec.ru>, Eric Covener, Jacob Champion]
+
+ *) SECURITY: CVE-2016-0736 (cve.mitre.org)
+ mod_session_crypto: Authenticate the session data/cookie with a
+ MAC (SipHash) to prevent deciphering or tampering with a padding
+ oracle attack. [Yann Ylavic, Colm MacCarthaigh]
+
+ *) SECURITY: CVE-2016-8743 (cve.mitre.org)
+ Enforce HTTP request grammar corresponding to RFC7230 for request lines
+ and request headers, to prevent response splitting and cache pollution by
+ malicious clients or downstream proxies. [William Rowe, Stefan Fritsch]
+
+ *) Validate HTTP response header grammar defined by RFC7230, resulting
+ in a 500 error in the event that invalid response header contents are
+ detected when serving the response, to avoid response splitting and cache
+ pollution by malicious clients, upstream servers or faulty modules.
+ [Stefan Fritsch, Eric Covener, Yann Ylavic]
+
+ *) mod_rewrite: Limit runaway memory use by short circuiting some kinds of
+ looping RewriteRules when the local path significantly exceeds
+ LimitRequestLine. PR 60478. [Jeff Wheelhouse <apache wheelhouse.org>]
+
+ *) mod_ratelimit: Allow for initial "burst" amount at full speed before
+ throttling: PR 60145 [Andy Valencia <ajv-etradanalhos vsta.org>,
+ Jim Jagielski]
+
+ *) mod_socache_memcache: Provide memcache stats to mod_status.
+ [Jim Jagielski]
+
+ *) http_filters: Fix potential looping in new check_headers() due to new
+ pattern of ap_die() from http header filter. Explicitly clear the
+ previous headers and body.
+
+ *) core: Drop Content-Length header and message-body from HTTP 204 responses.
+ PR 51350 [Luca Toscano]
+
+ *) mod_proxy: Honor a server scoped ProxyPass exception when ProxyPass is
+ configured in <Location>, like in 2.2. PR 60458.
+ [Eric Covener]
+
+ *) mod_lua: Fix default value of LuaInherit directive. It should be
+ 'parent-first' instead of 'none', as per documentation. PR 60419
+ [Christophe Jaillet]
+
+ *) core: New directive HttpProtocolOptions to control httpd enforcement
+ of various RFC7230 requirements. [Stefan Fritsch, William Rowe]
+
+ *) core: Permit unencoded ';' characters to appear in proxy requests and
+ Location: response headers. Corresponds to modern browser behavior.
+ [William Rowe]
+
+ *) core: ap_rgetline_core now pulls from r->proto_input_filters.
+
+ *) core: Correctly parse an IPv6 literal host specification in an absolute
+ URL in the request line. [Stefan Fritsch]
+
+ *) core: New directive RegisterHttpMethod for registering non-standard
+ HTTP methods. [Stefan Fritsch]
+
+ *) mod_socache_memcache: Pass expiration time through to memcached.
+ [Faidon Liambotis <paravoid debian.org>, Joe Orton]
+
+ *) mod_cache: Use the actual URI path and query-string for identifying the
+ cached entity (key), such that rewrites are taken into account when
+ running afterwards (CacheQuickHandler off). PR 21935. [Yann Ylavic]
+
+ *) mod_http2: new directive 'H2EarlyHints' to enable sending of HTTP status
+ 103 interim responses. Disabled by default. [Stefan Eissing]
+
+ *) mod_ssl: Fix quick renegotiation (OptRenegotiaton) with no intermediate
+ in the client certificate chain. PR 55786. [Yann Ylavic]
+
+ *) event: Allow to use the whole allocated scoreboard (up to ServerLimit
+ slots) to avoid scoreboard full errors when some processes are finishing
+ gracefully. Also, make gracefully finishing processes close all
+ keep-alive connections. PR 53555. [Stefan Fritsch]
+
+ *) mpm_event: Don't take over scoreboard slots from gracefully finishing
+ threads. [Stefan Fritsch]
+
+ *) mpm_event: Free memory earlier when shutting down processes.
+ [Stefan Fritsch]
+
+ *) mod_status: Display the process slot number in the async connection
+ overview. [Stefan Fritsch]
+
+ *) mod_dir: Responses that go through "FallbackResource" might appear to
+ hang due to unterminated chunked encoding. PR58292. [Eric Covener]
+
+ *) mod_dav: Fix a potential cause of unbounded memory usage or incorrect
+ behavior in a routine that sends <DAV:response>'s to the output filters.
+ [Evgeny Kotkov]
+
+ *) mod_http2: new directive 'H2PushResource' to enable early pushes before
+ processing of the main request starts. Resources are announced to the
+ client in Link headers on a 103 early hint response.
+ All responses with status code <400 are inspected for Link header and
+ trigger pushes accordingly. 304 still does prevent pushes.
+ 'H2PushResource' can mark resources as 'critical' which gives them higher
+ priority than the main resource. This leads to preferred scheduling for
+ processing and, when content is available, will send it first. 'critical'
+ is also recognized on Link headers. [Stefan Eissing]
+
+ *) mod_proxy_http2: uris in Link headers are now mapped back to a suitable
+ local url when available. Relative uris with an absolute path are mapped
+ as well. This makes reverse proxy mapping available for resources
+ announced in this header.
+ With 103 interim responses being forwarded to the main client connection,
+ this effectively allows early pushing of resources by a reverse proxied
+ backend server. [Stefan Eissing]
+
+ *) mod_proxy_http2: adding support for newly proposed 103 status code.
+ [Stefan Eissing]
+
+ *) mpm_unix: Apache fails to start if previously crashed then restarted with
+ the same PID (e.g. in container). PR 60261.
+ [Val <valentin.bremond gmail.com>, Yann Ylavic]
+
+ *) mod_http2: unannounced and multiple interim responses (status code < 200)
+ are parsed and forwarded to client until a final response arrives.
+ [Stefan Eissing]
+
+ *) mod_proxy_http2: improved robustness when main connection is closed early
+ by resetting all ongoing streams against the backend.
+ [Stefan Eissing]
+
+ *) mod_http2: allocators from slave connections are released earlier,
+ resulting in less overall memory use on busy, long lived connections.
+ [Stefan Eissing]
+
+ *) mod_remoteip: Pick up where we left off during a subrequest rather
+ than running with the modified XFF but original TCP address.
+ PR 49839/PR 60251
+
+ *) http: Respond with "408 Request Timeout" when a timeout occurs while
+ reading the request body. [Yann Ylavic]
+
+ *) mod_http2: connection shutdown revisited: corrected edge cases on
+ shutting down ongoing streams, changed log warnings to be less noisy
+ when waiting on long running tasks. [Stefan Eissing]
+
+ *) mod_http2: changed all AP_DEBUG_ASSERT to ap_assert to have them
+ available also in normal deployments. [Stefan Eissing]
+
+ *) mod_http2/mod_proxy_http2: 100-continue handling now properly implemented
+ up to the backend. Reused HTTP/2 proxy connections with more than a second
+ not used will block request bodies until a PING answer is received.
+ Requests headers are not delayed by this, since they are repeatable in
+ case of failure. This greatly increases robustness, especially with
+ busy server and/or low keepalive connections. [Stefan Eissing]
+
+ *) mod_proxy_http2: fixed duplicate symbols with mod_http2.
+ [Stefan Eissing]
+
+ *) mod_http2: rewrite of how responses and trailers are transferred between
+ master and slave connection. Reduction of internal states for tasks
+ and streams, stability. Heuristic id generation for slave connections
+ to better keep promise of connection ids unique at given point int time.
+ Fix for mod_cgid interop in high load situtations.
+ Fix for handling of incoming trailers when no request body is sent.
+ [Stefan Eissing]
+
+ *) mod_http2: fix suspended handling for streams. Output could become
+ blocked in rare cases. [Stefan Eissing]
+
+ *) mpm_winnt: Prevent a denial of service when the 'data' AcceptFilter is in
+ use by replacing it with the 'connect' filter. PR 59970. [Jacob Champion]
+
+ *) mod_cgid: Resolve a case where a short CGI response causes a subsequent
+ CGI to be killed prematurely, resulting in a truncated subsequent
+ response. [Eric Covener]
+
+ *) mod_proxy_hcheck: Set health check URI and expression correctly for health
+ check worker. PR 60038 [zdeno <zdeno at scnet.sk>]
+
+ *) mod_http2: if configured with nghttp2 1.14.0 and onward, invalid request
+ headers will immediately reset the stream with a PROTOCOL error. Feature
+ logged by module on startup as 'INVHD' in info message.
+ [Stefan Eissing]
+
+ *) mod_http2: fixed handling of stream buffers during shutdown.
+ [Stefan Eissing]
+
+ *) mod_reqtimeout: Fix body timeout disabling for CONNECT requests to avoid
+ triggering mod_proxy_connect's AH01018 once the tunnel is established.
+ [Yann Ylavic]
+
+ *) ab: Set the Server Name Indication (SNI) extension on outgoing TLS
+ connections (unless -I is specified), according to the Host header (if
+ any) or the requested URL's hostname otherwise. [Yann Ylavic]
+
+ *) mod_proxy_fcgi: avoid loops when ProxyErrorOverride is enabled
+ and the error documents are proxied. PR 55415. [Luca Toscano]
+
+ *) mod_proxy_fcgi: read the whole FCGI response even when the content
+ has not been modified (HTTP 304) or in case of a precondition failure
+ (HTTP 412) to avoid subsequent bogus reads and confusing
+ error messages logged. [Luca Toscano]
+
+ *) mod_http2: h2 status resource follows latest draft, see
+ http://www.ietf.org/id/draft-benfield-http2-debug-state-01.txt
+ [Stefan Eissing]
+
+ *) mod_http2: handling graceful shutdown gracefully, e.g. handling existing
+ streams to the end. [Stefan Eissing]
+
+ *) mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data
+ available before the request is sent. PR 57832. [Yann Ylavic]
+
+ *) mod_proxy_balancer: Prevent redirect loops between workers within a
+ balancer by limiting the number of redirects to the number balancer
+ members. PR 59864 [Ruediger Pluem]
+
+ *) mod_proxy: Correctly consider error response codes by the backend when
+ processing failonstatus. PR 59869 [Ruediger Pluem]
+
+ *) mod_dav: Add dav_get_provider_name() function to obtain the name
+ of the provider from mod_dav. [Graham Leggett]
+
+ *) mod_dav: Add support for childtags to dav_error.
+ [Jari Urpalainen <jari.urpalainen nokia.com>]
+
+ *) mod_proxy_fcgi: Fix 2.4.23 breakage for mod_rewrite per-dir and query
+ string showing up in SCRIPT_FILENAME. PR59815
+
+ *) mod_include: Fix a potential memory misuse while evaluating expressions.
+ PR59844. [Eric Covener]
+
+ *) mod_http2: new H2CopyFiles directive that changes treatment of file
+ handles in responses. Necessary in order to fix broken lifetime handling
+ in modules such as mod_wsgi.
+
+ *) mod_http2: removing timeouts on master connection while requests are
+ being processed. Requests may timeout, but the master only times out when
+ no more requests are active. [Stefan Eissing]
+
+ *) mod_http2: fixes connection flush when answering SETTINGS without any
+ stream open. [Moto Ishizawa <@summerwind>, Stefan Eissing]
+
Changes with Apache 2.4.23
*) mod_ssl: reset client-verify state of ssl when aborting renegotiations.
@@ -17,6 +276,9 @@ Changes with Apache 2.4.22
Changes with Apache 2.4.21
+ *) ab: Use caseless matching for HTTP tokens (e.g. content-length). PR 59111.
+ [Yann Ylavic]
+
*) mod_http2: more rigid error handling in DATA frame assembly, leading
to deterministic connection errors if assembly fails.
[Stefan Eissing, Pal Nilsen <https://github.com/maedox>]
@@ -162,7 +424,7 @@ Changes with Apache 2.4.20
*) mod_proxy_express: Fix possible use of DB handle after close. PR 59230.
[Petr <pgajdos suse.cz>]
- *) core/util_script: relax alphanumeric filter of enviroment variable names
+ *) core/util_script: relax alphanumeric filter of environment variable names
on Windows to allow '(' and ')' for passing PROGRAMFILES(X86) et.al.
unadulterated in 64 bit versions of Windows. PR 46751.
[John <john leineweb de>]
@@ -439,7 +701,7 @@ Changes with Apache 2.4.18
fixes crash on a request that did not produce any response.
[Stefan Eissing]
- *) mod_http2: trailers are sent after reponse body if set in request_rec
+ *) mod_http2: trailers are sent after response body if set in request_rec
trailers_out before the end-of-request bucket is sent through the
output filters. [Stefan Eissing]
@@ -795,7 +1057,7 @@ Changes with Apache 2.4.13 (not released)
[Yann Ylavic]
*) mod_proxy_connect/wstunnel: If both client and backend sides get readable
- at the same time, don't lose errors occuring while forwarding on the first
+ at the same time, don't lose errors occurring while forwarding on the first
side when none occurs next on the other side, and abort. [Yann Ylavic]
*) mod_rewrite: Improve relative substitutions in per-directory/htaccess
@@ -948,7 +1210,7 @@ Changes with Apache 2.4.11 (not released)
the URL parameter interpolates to an empty string. PR 56603.
[<ajprout hotmail.com>]
- *) core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
+ *) core: Fix -D[efined] or <Define>[d] variables lifetime across restarts.
PR 57328. [Armin Abfalterer <a.abfalterer gmail.com>, Yann Ylavic].
*) mod_proxy: Preserve original request headers even if they differ
@@ -1557,7 +1819,7 @@ Changes with Apache 2.4.7
instead of an explicit cn=* filter. [David Hawes <dhawes vt.edu>]
*) ab: Add wait time, fix processing time, and output write errors only if
- they occured. [Christophe Jaillet]
+ they occurred. [Christophe Jaillet]
*) worker MPM: Don't forcibly kill worker threads if the child process is
exiting gracefully. [Oracle Corporation]
@@ -1570,7 +1832,7 @@ Changes with Apache 2.4.7
[Chris Darroch]
*) ab: Add a new -l parameter in order not to check the length of the responses.
- This can be usefull with dynamic pages.
+ This can be useful with dynamic pages.
PR9945, PR27888, PR42040 [<ccikrs1 cranbrook edu>]
*) Suppress formatting of startup messages written to the console when
@@ -1951,7 +2213,7 @@ Changes with Apache 2.4.5
request information to the request_rec structure. [Daniel Gruno]
*) mod_lua: Add a server scope for Lua states, which creates a pool of
- states with managable minimum and maximum size. [Daniel Gruno]
+ states with manageable minimum and maximum size. [Daniel Gruno]
*) mod_lua: Add new directive, LuaMapHandler, for dynamically mapping
URIs to Lua scripts and functions using regular expressions.
@@ -2004,7 +2266,7 @@ Changes with Apache 2.4.4
*) mod_slotmem_shm: Fix mistaken reset of num_free for restored shm.
[Jim Jagielski]
- *) mod_proxy: non-existance of byrequests is not an immediate error.
+ *) mod_proxy: non-existence of byrequests is not an immediate error.
[Jim Jagielski]
*) mod_proxy_balancer: Improve output of balancer-manager (re: Drn,
@@ -2946,7 +3208,7 @@ Changes with Apache 2.3.14
binary needs PCRE. [Rainer Jung]
*) configure: tolerate dependency checking failures for modules if
- they have been enabled implicitely. [Rainer Jung]
+ they have been enabled implicitly. [Rainer Jung]
*) configure: Allow to specify module specific custom linker flags via
the MOD_XXX_LDADD variables. [Rainer Jung]
@@ -3052,7 +3314,7 @@ Changes with Apache 2.3.13
state after a timeout when discarding a request body. PR 51103.
[Stefan Fritsch]
- *) core: Add various file existance test operators to ap_expr.
+ *) core: Add various file existence test operators to ap_expr.
[Stefan Fritsch]
*) mod_proxy_express: New mass reverse-proxy switch extension for
@@ -4328,7 +4590,7 @@ Changes with Apache 2.3.2
*) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
- *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
+ *) mod_negotiation: Escape paths of filenames in 406 responses to avoid
HTML injections and HTTP response splitting. PR 46837.
[Geoff Keating <geoffk apple.com>]
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3f4b6d5..c2324a3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -125,7 +125,8 @@ GET_MOD_ENABLE_RANK("ENABLE_MODULES setting" ${ENABLE_MODULES} enable_modules_ra
# not defined to either 1 or 0)
MACRO(CHECK_APR_FEATURE which_define)
- CHECK_SYMBOL_EXISTS(${which_define} "${APR_INCLUDE_DIR}/apr.h;${APR_INCLUDE_DIR}/apu.h" tmp_${which_define})
+ SET(CMAKE_REQUIRED_INCLUDES "${APR_INCLUDE_DIR}")
+ CHECK_SYMBOL_EXISTS(${which_define} "apr.h;apu.h" tmp_${which_define})
IF(${tmp_${which_define}})
CHECK_C_SOURCE_COMPILES("#include \"${APR_INCLUDE_DIR}/apr.h\"
#include \"${APR_INCLUDE_DIR}/apu.h\"
@@ -317,6 +318,7 @@ SET(MODULE_LIST
"modules/proxy/mod_proxy_fcgi+I+Apache proxy FastCGI module. Requires and is enabled by --enable-proxy."
"modules/proxy/mod_proxy_ftp+I+Apache proxy FTP module. Requires and is enabled by --enable-proxy."
"modules/proxy/mod_proxy_http+I+Apache proxy HTTP module. Requires and is enabled by --enable-proxy."
+ "modules/proxy/mod_proxy_hcheck+I+Apache proxy health check module. Requires and is enabled by --enable-proxy."
"modules/proxy/mod_proxy_scgi+I+Apache proxy SCGI module. Requires and is enabled by --enable-proxy."
"modules/proxy/mod_proxy_wstunnel+I+Apache proxy Websocket Tunnel module. Requires and is enabled by --enable-proxy."
"modules/http2/mod_proxy_http2+i+Apache proxy HTTP/2 module. Requires --enable-proxy."
@@ -387,7 +389,7 @@ SET(mod_http2_extra_sources
modules/http2/h2_from_h1.c modules/http2/h2_h2.c
modules/http2/h2_bucket_beam.c
modules/http2/h2_mplx.c modules/http2/h2_push.c
- modules/http2/h2_request.c modules/http2/h2_response.c
+ modules/http2/h2_request.c modules/http2/h2_headers.c
modules/http2/h2_session.c modules/http2/h2_stream.c
modules/http2/h2_switch.c modules/http2/h2_ngn_shed.c
modules/http2/h2_task.c modules/http2/h2_util.c
@@ -423,6 +425,7 @@ SET(mod_proxy_connect_extra_libs mod_proxy)
SET(mod_proxy_express_extra_libs mod_proxy)
SET(mod_proxy_fcgi_extra_libs mod_proxy)
SET(mod_proxy_ftp_extra_libs mod_proxy)
+SET(mod_proxy_hcheck_extra_libs mod_proxy)
SET(mod_proxy_http_extra_libs mod_proxy)
SET(mod_proxy_html_requires LIBXML2_FOUND)
IF(LIBXML2_FOUND)
@@ -724,12 +727,12 @@ FOREACH (mod ${MODULE_PATHS})
SET(all_mod_sources ${tmp_mod_main_source} ${${mod_extra_sources}})
ADD_LIBRARY(${mod_name} SHARED ${all_mod_sources} build/win32/httpd.rc)
SET(install_modules ${install_modules} ${mod_name})
- SET(install_modules_pdb ${install_modules_pdb} "${PROJECT_BINARY_DIR}/${mod_name}.pdb")
+ SET(install_modules_pdb ${install_modules_pdb} "$<TARGET_PDB_FILE:${mod_name}>")
IF("${${mod_name}_install_lib}")
SET(installed_mod_libs_exps
${installed_mod_libs_exps}
- "${PROJECT_BINARY_DIR}/${mod_name}.lib"
- "${PROJECT_BINARY_DIR}/${mod_name}.exp"
+ "$<TARGET_LINKER_FILE:${mod_name}>"
+ "$<TARGET_LINKER_FILE_DIR:${mod_name}>/${mod_name}.exp"
)
ENDIF()
SET(mod_extra_libs "${mod_name}_extra_libs")
@@ -764,7 +767,7 @@ SET_TARGET_PROPERTIES(libhttpd PROPERTIES
LINK_FLAGS /base:@${PROJECT_BINARY_DIR}/BaseAddr.ref,libhttpd.dll
)
SET(install_targets ${install_targets} libhttpd)
-SET(install_bin_pdb ${install_bin_pdb} ${PROJECT_BINARY_DIR}/libhttpd.pdb)
+SET(install_bin_pdb ${install_bin_pdb} $<TARGET_PDB_FILE:libhttpd>)
TARGET_LINK_LIBRARIES(libhttpd ${EXTRA_LIBS} ${APR_LIBRARIES} ${PCRE_LIBRARIES} ${HTTPD_SYSTEM_LIBS})
DEFINE_WITH_BLANKS(define_long_name "LONG_NAME" "Apache HTTP Server Core")
SET_TARGET_PROPERTIES(libhttpd PROPERTIES COMPILE_FLAGS "-DAP_DECLARE_EXPORT ${define_long_name} -DBIN_NAME=libhttpd.dll ${EXTRA_COMPILE_FLAGS}")
@@ -773,7 +776,7 @@ ADD_DEPENDENCIES(libhttpd test_char_header)
########### HTTPD EXECUTABLES ##########
ADD_EXECUTABLE(httpd server/main.c build/win32/httpd.rc)
SET(install_targets ${install_targets} httpd)
-SET(install_bin_pdb ${install_bin_pdb} ${PROJECT_BINARY_DIR}/httpd.pdb)
+SET(install_bin_pdb ${install_bin_pdb} $<TARGET_PDB_FILE:httpd>)
DEFINE_WITH_BLANKS(define_long_name "LONG_NAME" "Apache HTTP Server")
SET_TARGET_PROPERTIES(httpd PROPERTIES COMPILE_FLAGS "-DAPP_FILE ${define_long_name} -DBIN_NAME=httpd.exe -DICON_FILE=${CMAKE_SOURCE_DIR}/build/win32/apache.ico ${EXTRA_COMPILE_FLAGS}")
TARGET_LINK_LIBRARIES(httpd libhttpd ${EXTRA_LIBS})
@@ -796,7 +799,7 @@ FOREACH(pgm ${standard_support})
SET(extra_sources ${pgm}_extra_sources)
ADD_EXECUTABLE(${pgm} support/${pgm}.c ${${extra_sources}} build/win32/httpd.rc)
SET(install_targets ${install_targets} ${pgm})
- SET(install_bin_pdb ${install_bin_pdb} ${PROJECT_BINARY_DIR}/${pgm}.pdb)
+ SET(install_bin_pdb ${install_bin_pdb} $<TARGET_PDB_FILE:${pgm}>)
DEFINE_WITH_BLANKS(define_long_name "LONG_NAME" "Apache HTTP Server ${pgm} program")
SET_TARGET_PROPERTIES(${pgm} PROPERTIES COMPILE_FLAGS "-DAPP_FILE ${define_long_name} -DBIN_NAME=${pgm}.exe ${EXTRA_COMPILE_FLAGS}")
TARGET_LINK_LIBRARIES(${pgm} ${EXTRA_LIBS} ${APR_LIBRARIES})
@@ -805,7 +808,7 @@ ENDFOREACH()
IF(OPENSSL_FOUND)
ADD_EXECUTABLE(abs support/ab.c build/win32/httpd.rc)
SET(install_targets ${install_targets} abs)
- SET(install_bin_pdb ${install_bin_pdb} ${PROJECT_BINARY_DIR}/abs.pdb)
+ SET(install_bin_pdb ${install_bin_pdb} $<TARGET_PDB_FILE:abs>)
SET_TARGET_PROPERTIES(abs PROPERTIES COMPILE_DEFINITIONS HAVE_OPENSSL)
SET(tmp_includes ${HTTPD_INCLUDE_DIRECTORIES} ${OPENSSL_INCLUDE_DIR})
SET_TARGET_PROPERTIES(abs PROPERTIES INCLUDE_DIRECTORIES "${tmp_includes}")
@@ -818,7 +821,7 @@ GET_PROPERTY(tmp_includes TARGET ab PROPERTY INCLUDE_DIRECTORIES)
# getting duplicate manifest error with ApacheMonitor
# ADD_EXECUTABLE(ApacheMonitor support/win32/ApacheMonitor.c support/win32/ApacheMonitor.rc)
# SET(install_targets ${install_targets} ApacheMonitor)
-# SET(install_bin_pdb ${install_bin_pdb} ${PROJECT_BINARY_DIR}/ApacheMonitor.pdb)
+# SET(install_bin_pdb ${install_bin_pdb} $<TARGET_PDB_FILE:ApacheMonitor>)
# SET_TARGET_PROPERTIES(ApacheMonitor PROPERTIES WIN32_EXECUTABLE TRUE)
# SET_TARGET_PROPERTIES(ApacheMonitor PROPERTIES COMPILE_FLAGS "-DAPP_FILE -DLONG_NAME=ApacheMonitor -DBIN_NAME=ApacheMonitor.exe ${EXTRA_COMPILE_FLAGS}")
# TARGET_LINK_LIBRARIES(ApacheMonitor ${EXTRA_LIBS} ${HTTPD_SYSTEM_LIBS} comctl32 wtsapi32)
@@ -875,7 +878,7 @@ INSTALL(DIRECTORY include/ DESTINATION include
)
INSTALL(FILES ${other_installed_h} DESTINATION include)
INSTALL(FILES ${installed_mod_libs_exps} DESTINATION lib)
-INSTALL(FILES "${CMAKE_BINARY_DIR}/libhttpd.exp" DESTINATION LIB)
+INSTALL(FILES "$<TARGET_LINKER_FILE_DIR:libhttpd>/libhttpd.exp" DESTINATION LIB)
IF(INSTALL_MANUAL) # Silly? This takes a while, and a dev doesn't need it.
INSTALL(DIRECTORY docs/manual/ DESTINATION manual)
@@ -884,22 +887,22 @@ ENDIF()
INSTALL(DIRECTORY DESTINATION logs)
INSTALL(DIRECTORY DESTINATION cgi-bin)
-INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl ${CMAKE_CURRENT_SOURCE_DIR}/docs/error ${CMAKE_INSTALL_PREFIX}/error ifdestmissing)")
+INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl \"${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl\" \"${CMAKE_CURRENT_SOURCE_DIR}/docs/error\" \"${CMAKE_INSTALL_PREFIX}/error\" ifdestmissing)")
-INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl ${CMAKE_CURRENT_SOURCE_DIR}/docs/docroot ${CMAKE_INSTALL_PREFIX}/htdocs ifdestmissing)")
+INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl \"${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl\" \"${CMAKE_CURRENT_SOURCE_DIR}/docs/docroot\" \"${CMAKE_INSTALL_PREFIX}/htdocs\" ifdestmissing)")
-INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl ${CMAKE_CURRENT_SOURCE_DIR}/docs/icons ${CMAKE_INSTALL_PREFIX}/icons ifdestmissing)")
+INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl \"${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl\" \"${CMAKE_CURRENT_SOURCE_DIR}/docs/icons\" \"${CMAKE_INSTALL_PREFIX}/icons\" ifdestmissing)")
# Copy generated .conf files from the build directory to the install,
# without overwriting stuff already there.
-INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl ${CMAKE_BINARY_DIR}/conf ${CMAKE_INSTALL_PREFIX}/conf)")
+INSTALL(CODE "EXECUTE_PROCESS(COMMAND perl \"${CMAKE_CURRENT_SOURCE_DIR}/build/cpR_noreplace.pl\" \"${CMAKE_BINARY_DIR}/conf\" \"${CMAKE_INSTALL_PREFIX}/conf\")")
# But conf/original is supposed to be overwritten.
# Note: FILE(TO_NATIVE_PATH ...) leaves the backslashes unescaped, which
# generates warnings. Just do it manually since this build only supports
# Windows anyway.
STRING(REPLACE "/" "\\\\" native_src ${CMAKE_BINARY_DIR}/conf/original)
STRING(REPLACE "/" "\\\\" native_dest ${CMAKE_INSTALL_PREFIX}/conf/original)
-INSTALL(CODE "EXECUTE_PROCESS(COMMAND xcopy ${native_src} ${native_dest} /Q /S /Y)")
+INSTALL(CODE "EXECUTE_PROCESS(COMMAND xcopy \"${native_src}\" \"${native_dest}\" /Q /S /Y)")
STRING(TOUPPER "${CMAKE_BUILD_TYPE}" buildtype)
MESSAGE(STATUS "")
diff --git a/Makefile.win b/Makefile.win
index d3cb5c5..9bdbb95 100644
--- a/Makefile.win
+++ b/Makefile.win
@@ -553,6 +553,7 @@ _build:
$(MAKE) $(MAKEOPT) -f mod_proxy_express.mak CFG="mod_proxy_express - Win32 $(LONG)" RECURSE=0 $(CTARGET)
$(MAKE) $(MAKEOPT) -f mod_proxy_fcgi.mak CFG="mod_proxy_fcgi - Win32 $(LONG)" RECURSE=0 $(CTARGET)
$(MAKE) $(MAKEOPT) -f mod_proxy_ftp.mak CFG="mod_proxy_ftp - Win32 $(LONG)" RECURSE=0 $(CTARGET)
+ $(MAKE) $(MAKEOPT) -f mod_proxy_hcheck.mak CFG="mod_proxy_hcheck - Win32 $(LONG)" RECURSE=0 $(CTARGET)
$(MAKE) $(MAKEOPT) -f mod_proxy_http.mak CFG="mod_proxy_http - Win32 $(LONG)" RECURSE=0 $(CTARGET)
$(MAKE) $(MAKEOPT) -f mod_proxy_scgi.mak CFG="mod_proxy_scgi - Win32 $(LONG)" RECURSE=0 $(CTARGET)
$(MAKE) $(MAKEOPT) -f mod_proxy_wstunnel.mak CFG="mod_proxy_wstunnel - Win32 $(LONG)" RECURSE=0 $(CTARGET)
@@ -831,6 +832,7 @@ _copybin:
copy modules\proxy\$(LONG)\mod_proxy_express.$(src_so) "$(inst_so)" <.y
copy modules\proxy\$(LONG)\mod_proxy_fcgi.$(src_so) "$(inst_so)" <.y
copy modules\proxy\$(LONG)\mod_proxy_ftp.$(src_so) "$(inst_so)" <.y
+ copy modules\proxy\$(LONG)\mod_proxy_hcheck.$(src_so) "$(inst_so)" <.y
copy modules\proxy\$(LONG)\mod_proxy_http.$(src_so) "$(inst_so)" <.y
copy modules\proxy\$(LONG)\mod_proxy_scgi.$(src_so) "$(inst_so)" <.y
copy modules\proxy\$(LONG)\mod_proxy_wstunnel.$(src_so) "$(inst_so)" <.y
diff --git a/acinclude.m4 b/acinclude.m4
index bbe6d5c..2605e20 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -118,13 +118,6 @@ AC_DEFUN([APACHE_GEN_MAKEFILES],[
$SHELL $srcdir/build/fastgen.sh $srcdir $ac_cv_mkdir_p $BSD_MAKEFILE $APACHE_FAST_OUTPUT_FILES
])
-dnl ## APACHE_OUTPUT(file)
-dnl ## adds "file" to the list of files generated by AC_OUTPUT
-dnl ## This macro can be used several times.
-AC_DEFUN([APACHE_OUTPUT], [
- APACHE_OUTPUT_FILES="$APACHE_OUTPUT_FILES $1"
-])
-
dnl
dnl APACHE_TYPE_RLIM_T
dnl
@@ -741,7 +734,7 @@ AC_DEFUN([APACHE_ADD_GCC_CFLAG], [
AC_CACHE_CHECK([whether gcc accepts $1], ap_gcc_ckvar, [
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $1"
- AC_COMPILE_IFELSE([AC_LANG_SOURCE([int foo() { return 0; }])],
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM()],
[ap_gcc_ckvar=yes], [ap_gcc_ckvar=no])
CFLAGS="$save_CFLAGS"
])
diff --git a/build/installwinconf.awk b/build/installwinconf.awk
index 29ab094..8f8b9b2 100644
--- a/build/installwinconf.awk
+++ b/build/installwinconf.awk
@@ -166,6 +166,7 @@ BEGIN {
print "#LoadModule proxy_express_module modules/mod_proxy_express.so" > dstfl;
print "#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so" > dstfl;
print "#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so" > dstfl;
+ print "#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so" > dstfl;
print "#LoadModule proxy_html_module modules/mod_proxy_html.so" > dstfl;
print "#LoadModule proxy_http_module modules/mod_proxy_http.so" > dstfl;
print "#LoadModule proxy_http2_module modules/mod_proxy_http2.so" > dstfl;
diff --git a/configure b/configure
index 72734a5..e460b8c 100755
--- a/configure
+++ b/configure
@@ -3024,8 +3024,6 @@ HTTPD_MMN=`$abs_srcdir/build/get-version.sh mmn $abs_srcdir/include/ap_mmn.h MOD
-
-
# Check whether --enable-layout was given.
if test "${enable_layout+set}" = set; then :
enableval=$enable_layout;
@@ -7991,36 +7989,43 @@ if test "${enable_maintainer_mode+set}" = set; then :
if test "$GCC" = "yes"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Wdeclaration-after-statement" >&5
-$as_echo_n "checking whether gcc accepts -Wdeclaration-after-statement... " >&6; }
-if ${ac_cv_gcc__Wdeclaration_after_statement+:} false; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -std=c89" >&5
+$as_echo_n "checking whether gcc accepts -std=c89... " >&6; }
+if ${ac_cv_gcc__std_c89+:} false; then :
$as_echo_n "(cached) " >&6
else
save_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS -Wdeclaration-after-statement"
+ CFLAGS="$CFLAGS -std=c89"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_gcc__Wdeclaration_after_statement=yes
+ ac_cv_gcc__std_c89=yes
else
- ac_cv_gcc__Wdeclaration_after_statement=no
+ ac_cv_gcc__std_c89=no
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
CFLAGS="$save_CFLAGS"
fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Wdeclaration_after_statement" >&5
-$as_echo "$ac_cv_gcc__Wdeclaration_after_statement" >&6; }
- if test "$ac_cv_gcc__Wdeclaration_after_statement" = "yes" ; then
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__std_c89" >&5
+$as_echo "$ac_cv_gcc__std_c89" >&6; }
+ if test "$ac_cv_gcc__std_c89" = "yes" ; then
if test "x$CFLAGS" = "x"; then
- test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Wdeclaration-after-statement\""
- CFLAGS="-Wdeclaration-after-statement"
+ test "x$silent" != "xyes" && echo " setting CFLAGS to \"-std=c89\""
+ CFLAGS="-std=c89"
else
- apr_addto_bugger="-Wdeclaration-after-statement"
+ apr_addto_bugger="-std=c89"
for i in $apr_addto_bugger; do
apr_addto_duplicate="0"
for j in $CFLAGS; do
@@ -8043,36 +8048,102 @@ $as_echo "$ac_cv_gcc__Wdeclaration_after_statement" >&6; }
if test "$GCC" = "yes"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Werror=declaration-after-statement" >&5
-$as_echo_n "checking whether gcc accepts -Werror=declaration-after-statement... " >&6; }
-if ${ac_cv_gcc__Werror_declaration_after_statement+:} false; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Werror" >&5
+$as_echo_n "checking whether gcc accepts -Werror... " >&6; }
+if ${ac_cv_gcc__Werror+:} false; then :
$as_echo_n "(cached) " >&6
else
save_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS -Werror=declaration-after-statement"
+ CFLAGS="$CFLAGS -Werror"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_gcc__Werror_declaration_after_statement=yes
+ ac_cv_gcc__Werror=yes
else
- ac_cv_gcc__Werror_declaration_after_statement=no
+ ac_cv_gcc__Werror=no
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
CFLAGS="$save_CFLAGS"
fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Werror_declaration_after_statement" >&5
-$as_echo "$ac_cv_gcc__Werror_declaration_after_statement" >&6; }
- if test "$ac_cv_gcc__Werror_declaration_after_statement" = "yes" ; then
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Werror" >&5
+$as_echo "$ac_cv_gcc__Werror" >&6; }
+ if test "$ac_cv_gcc__Werror" = "yes" ; then
if test "x$CFLAGS" = "x"; then
- test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Werror=declaration-after-statement\""
- CFLAGS="-Werror=declaration-after-statement"
+ test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Werror\""
+ CFLAGS="-Werror"
else
- apr_addto_bugger="-Werror=declaration-after-statement"
+ apr_addto_bugger="-Werror"
+ for i in $apr_addto_bugger; do
+ apr_addto_duplicate="0"
+ for j in $CFLAGS; do
+ if test "x$i" = "x$j"; then
+ apr_addto_duplicate="1"
+ break
+ fi
+ done
+ if test $apr_addto_duplicate = "0"; then
+ test "x$silent" != "xyes" && echo " adding \"$i\" to CFLAGS"
+ CFLAGS="$CFLAGS $i"
+ fi
+ done
+ fi
+
+ fi
+ fi
+
+
+
+
+ if test "$GCC" = "yes"; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Wdeclaration-after-statement" >&5
+$as_echo_n "checking whether gcc accepts -Wdeclaration-after-statement... " >&6; }
+if ${ac_cv_gcc__Wdeclaration_after_statement+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+
+ save_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -Wdeclaration-after-statement"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_gcc__Wdeclaration_after_statement=yes
+else
+ ac_cv_gcc__Wdeclaration_after_statement=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ CFLAGS="$save_CFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Wdeclaration_after_statement" >&5
+$as_echo "$ac_cv_gcc__Wdeclaration_after_statement" >&6; }
+ if test "$ac_cv_gcc__Wdeclaration_after_statement" = "yes" ; then
+
+ if test "x$CFLAGS" = "x"; then
+ test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Wdeclaration-after-statement\""
+ CFLAGS="-Wdeclaration-after-statement"
+ else
+ apr_addto_bugger="-Wdeclaration-after-statement"
for i in $apr_addto_bugger; do
apr_addto_duplicate="0"
for j in $CFLAGS; do
@@ -8105,7 +8176,14 @@ else
CFLAGS="$CFLAGS -Wformat"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Wformat=yes
@@ -8157,7 +8235,14 @@ else
CFLAGS="$CFLAGS -Wformat-security"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Wformat_security=yes
@@ -8199,36 +8284,43 @@ $as_echo "$ac_cv_gcc__Wformat_security" >&6; }
if test "$GCC" = "yes"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Werror=format-security" >&5
-$as_echo_n "checking whether gcc accepts -Werror=format-security... " >&6; }
-if ${ac_cv_gcc__Werror_format_security+:} false; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether gcc accepts -Wunused" >&5
+$as_echo_n "checking whether gcc accepts -Wunused... " >&6; }
+if ${ac_cv_gcc__Wunused+:} false; then :
$as_echo_n "(cached) " >&6
else
save_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS -Werror=format-security"
+ CFLAGS="$CFLAGS -Wunused"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_gcc__Werror_format_security=yes
+ ac_cv_gcc__Wunused=yes
else
- ac_cv_gcc__Werror_format_security=no
+ ac_cv_gcc__Wunused=no
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
CFLAGS="$save_CFLAGS"
fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Werror_format_security" >&5
-$as_echo "$ac_cv_gcc__Werror_format_security" >&6; }
- if test "$ac_cv_gcc__Werror_format_security" = "yes" ; then
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_gcc__Wunused" >&5
+$as_echo "$ac_cv_gcc__Wunused" >&6; }
+ if test "$ac_cv_gcc__Wunused" = "yes" ; then
if test "x$CFLAGS" = "x"; then
- test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Werror=format-security\""
- CFLAGS="-Werror=format-security"
+ test "x$silent" != "xyes" && echo " setting CFLAGS to \"-Wunused\""
+ CFLAGS="-Wunused"
else
- apr_addto_bugger="-Werror=format-security"
+ apr_addto_bugger="-Wunused"
for i in $apr_addto_bugger; do
apr_addto_duplicate="0"
for j in $CFLAGS; do
@@ -8345,7 +8437,14 @@ else
CFLAGS="$CFLAGS -Wdeclaration-after-statement"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Wdeclaration_after_statement=yes
@@ -8397,7 +8496,14 @@ else
CFLAGS="$CFLAGS -Werror=declaration-after-statement"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Werror_declaration_after_statement=yes
@@ -8449,7 +8555,14 @@ else
CFLAGS="$CFLAGS -Wformat"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Wformat=yes
@@ -8501,7 +8614,14 @@ else
CFLAGS="$CFLAGS -Wformat-security"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Wformat_security=yes
@@ -8553,7 +8673,14 @@ else
CFLAGS="$CFLAGS -Werror=format-security"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
-int foo() { return 0; }
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
ac_cv_gcc__Werror_format_security=yes
@@ -23096,7 +23223,7 @@ $as_echo_n "checking whether to enable mod_proxy_fdpass... " >&6; }
if test "${enable_proxy_fdpass+set}" = set; then :
enableval=$enable_proxy_fdpass; force_proxy_fdpass=$enableval
else
- enable_proxy_fdpass=maybe-all
+ enable_proxy_fdpass=most
fi
_apmod_extra_msg=""
@@ -23201,7 +23328,7 @@ $as_echo "$enable_proxy_fdpass$_apmod_extra_msg" >&6; }
sharedobjs=yes
shared=yes
DSO_MODULES="$DSO_MODULES proxy_fdpass"
- if test "" = "yes" ; then
+ if test "most" = "yes" ; then
ENABLED_DSO_MODULES="${ENABLED_DSO_MODULES},proxy_fdpass"
fi
;;
@@ -28060,7 +28187,7 @@ esac
> $modpath_current/modules.mk
-http2_objs="mod_http2.lo h2_alt_svc.lo h2_bucket_beam.lo h2_bucket_eoc.lo h2_bucket_eos.lo h2_config.lo h2_conn.lo h2_conn_io.lo h2_ctx.lo h2_filter.lo h2_from_h1.lo h2_h2.lo h2_mplx.lo h2_ngn_shed.lo h2_push.lo h2_request.lo h2_response.lo h2_session.lo h2_stream.lo h2_switch.lo h2_task.lo h2_util.lo h2_worker.lo h2_workers.lo "
+http2_objs="mod_http2.lo h2_alt_svc.lo h2_bucket_beam.lo h2_bucket_eoc.lo h2_bucket_eos.lo h2_config.lo h2_conn.lo h2_conn_io.lo h2_ctx.lo h2_filter.lo h2_from_h1.lo h2_h2.lo h2_headers.lo h2_mplx.lo h2_ngn_shed.lo h2_push.lo h2_request.lo h2_session.lo h2_stream.lo h2_switch.lo h2_task.lo h2_util.lo h2_worker.lo h2_workers.lo "
@@ -29181,6 +29308,37 @@ _ACEOF
fi
done
+ for ac_func in nghttp2_session_callbacks_set_on_invalid_header_callback
+do :
+ ac_fn_c_check_func "$LINENO" "nghttp2_session_callbacks_set_on_invalid_header_callback" "ac_cv_func_nghttp2_session_callbacks_set_on_invalid_header_callback"
+if test "x$ac_cv_func_nghttp2_session_callbacks_set_on_invalid_header_callback" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_NGHTTP2_SESSION_CALLBACKS_SET_ON_INVALID_HEADER_CALLBACK 1
+_ACEOF
+
+ if test "x$MOD_CPPFLAGS" = "x"; then
+ test "x$silent" != "xyes" && echo " setting MOD_CPPFLAGS to \""-DH2_NG2_INVALID_HEADER_CB"\""
+ MOD_CPPFLAGS=""-DH2_NG2_INVALID_HEADER_CB""
+ else
+ apr_addto_bugger=""-DH2_NG2_INVALID_HEADER_CB""
+ for i in $apr_addto_bugger; do
+ apr_addto_duplicate="0"
+ for j in $MOD_CPPFLAGS; do
+ if test "x$i" = "x$j"; then
+ apr_addto_duplicate="1"
+ break
+ fi
+ done
+ if test $apr_addto_duplicate = "0"; then
+ test "x$silent" != "xyes" && echo " adding \"$i\" to MOD_CPPFLAGS"
+ MOD_CPPFLAGS="$MOD_CPPFLAGS $i"
+ fi
+ done
+ fi
+
+fi
+done
+
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: nghttp2 version is too old" >&5
$as_echo "$as_me: WARNING: nghttp2 version is too old" >&2;}
@@ -29873,6 +30031,37 @@ _ACEOF
fi
done
+ for ac_func in nghttp2_session_callbacks_set_on_invalid_header_callback
+do :
+ ac_fn_c_check_func "$LINENO" "nghttp2_session_callbacks_set_on_invalid_header_callback" "ac_cv_func_nghttp2_session_callbacks_set_on_invalid_header_callback"
+if test "x$ac_cv_func_nghttp2_session_callbacks_set_on_invalid_header_callback" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_NGHTTP2_SESSION_CALLBACKS_SET_ON_INVALID_HEADER_CALLBACK 1
+_ACEOF
+
+ if test "x$MOD_CPPFLAGS" = "x"; then
+ test "x$silent" != "xyes" && echo " setting MOD_CPPFLAGS to \""-DH2_NG2_INVALID_HEADER_CB"\""
+ MOD_CPPFLAGS=""-DH2_NG2_INVALID_HEADER_CB""
+ else
+ apr_addto_bugger=""-DH2_NG2_INVALID_HEADER_CB""
+ for i in $apr_addto_bugger; do
+ apr_addto_duplicate="0"
+ for j in $MOD_CPPFLAGS; do
+ if test "x$i" = "x$j"; then
+ apr_addto_duplicate="1"
+ break
+ fi
+ done
+ if test $apr_addto_duplicate = "0"; then
+ test "x$silent" != "xyes" && echo " adding \"$i\" to MOD_CPPFLAGS"
+ MOD_CPPFLAGS="$MOD_CPPFLAGS $i"
+ fi
+ done
+ fi
+
+fi
+done
+
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: nghttp2 version is too old" >&5
$as_echo "$as_me: WARNING: nghttp2 version is too old" >&2;}
@@ -35795,6 +35984,13 @@ $as_echo "$as_me: Restore user-defined environment settings..." >&6;}
{ $as_echo "$as_me:${as_lineno-$LINENO}: " >&5
$as_echo "$as_me: " >&6;}
+APACHE_CONF_SEL_CC=${CC}
+APACHE_CONF_SEL_CFLAGS=${CFLAGS}
+APACHE_CONF_SEL_LDFLAGS=${LDFLAGS}
+APACHE_CONF_SEL_LIBS=${LIBS}
+APACHE_CONF_SEL_CPPFLAGS=${CPPFLAGS}
+APACHE_CONF_SEL_CPP=${CPP}
+
set X $apr_ste_save_CPPFLAGS
if test ${#} -eq 1; then
@@ -36298,7 +36494,7 @@ esac
test -d docs/conf||$mkdir_p docs/conf
-ac_config_files="$ac_config_files $APACHE_OUTPUT_FILES docs/conf/httpd.conf docs/conf/extra/httpd-autoindex.conf docs/conf/extra/httpd-dav.conf docs/conf/extra/httpd-default.conf docs/conf/extra/httpd-info.conf docs/conf/extra/httpd-languages.conf docs/conf/extra/httpd-manual.conf docs/conf/extra/httpd-mpm.conf docs/conf/extra/httpd-multilang-errordoc.conf docs/conf/extra/httpd-ssl.conf docs/conf/extra/httpd-userdir.conf docs/conf/extra/httpd-vhosts.conf docs/conf/extra/proxy-html.conf i [...]
+ac_config_files="$ac_config_files docs/conf/httpd.conf docs/conf/extra/httpd-autoindex.conf docs/conf/extra/httpd-dav.conf docs/conf/extra/httpd-default.conf docs/conf/extra/httpd-info.conf docs/conf/extra/httpd-languages.conf docs/conf/extra/httpd-manual.conf docs/conf/extra/httpd-mpm.conf docs/conf/extra/httpd-multilang-errordoc.conf docs/conf/extra/httpd-ssl.conf docs/conf/extra/httpd-userdir.conf docs/conf/extra/httpd-vhosts.conf docs/conf/extra/proxy-html.conf include/ap_config_layo [...]
ac_config_commands="$ac_config_commands default"
@@ -36992,11 +37188,9 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
# INIT-COMMANDS
#
-
$SHELL $srcdir/build/fastgen.sh $srcdir $ac_cv_mkdir_p $BSD_MAKEFILE $APACHE_FAST_OUTPUT_FILES
-
_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
@@ -37006,7 +37200,6 @@ for ac_config_target in $ac_config_targets
do
case $ac_config_target in
"include/ap_config_auto.h") CONFIG_HEADERS="$CONFIG_HEADERS include/ap_config_auto.h" ;;
- "$APACHE_OUTPUT_FILES") CONFIG_FILES="$CONFIG_FILES $APACHE_OUTPUT_FILES" ;;
"docs/conf/httpd.conf") CONFIG_FILES="$CONFIG_FILES docs/conf/httpd.conf" ;;
"docs/conf/extra/httpd-autoindex.conf") CONFIG_FILES="$CONFIG_FILES docs/conf/extra/httpd-autoindex.conf" ;;
"docs/conf/extra/httpd-dav.conf") CONFIG_FILES="$CONFIG_FILES docs/conf/extra/httpd-dav.conf" ;;
@@ -37622,3 +37815,25 @@ if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: summary of build options:
+
+ Server Version: ${HTTPD_VERSION}
+ Install prefix: ${prefix}
+ C compiler: ${APACHE_CONF_SEL_CC}
+ CFLAGS: ${APACHE_CONF_SEL_CFLAGS}
+ LDFLAGS: ${APACHE_CONF_SEL_LDFLAGS}
+ LIBS: ${APACHE_CONF_SEL_LIBS}
+ CPPFLAGS: ${APACHE_CONF_SEL_CPPFLAGS}
+ C preprocessor: ${APACHE_CONF_SEL_CPP}
+" >&5
+$as_echo "$as_me: summary of build options:
+
+ Server Version: ${HTTPD_VERSION}
+ Install prefix: ${prefix}
+ C compiler: ${APACHE_CONF_SEL_CC}
+ CFLAGS: ${APACHE_CONF_SEL_CFLAGS}
+ LDFLAGS: ${APACHE_CONF_SEL_LDFLAGS}
+ LIBS: ${APACHE_CONF_SEL_LIBS}
+ CPPFLAGS: ${APACHE_CONF_SEL_CPPFLAGS}
+ C preprocessor: ${APACHE_CONF_SEL_CPP}
+" >&6;}
diff --git a/configure.in b/configure.in
index 289b231..7ae20b8 100644
--- a/configure.in
+++ b/configure.in
@@ -596,11 +596,12 @@ AC_ARG_ENABLE(maintainer-mode,APACHE_HELP_STRING(--enable-maintainer-mode,Turn o
APR_ADDTO(CPPFLAGS, -DAP_DEBUG)
if test "$GCC" = "yes"; then
APR_ADDTO(CFLAGS,[-Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wpointer-arith])
+ APACHE_ADD_GCC_CFLAG([-std=c89])
+ APACHE_ADD_GCC_CFLAG([-Werror])
APACHE_ADD_GCC_CFLAG([-Wdeclaration-after-statement])
- APACHE_ADD_GCC_CFLAG([-Werror=declaration-after-statement])
APACHE_ADD_GCC_CFLAG([-Wformat])
APACHE_ADD_GCC_CFLAG([-Wformat-security])
- APACHE_ADD_GCC_CFLAG([-Werror=format-security])
+ APACHE_ADD_GCC_CFLAG([-Wunused])
elif test "$AIX_XLC" = "yes"; then
APR_ADDTO(CFLAGS,-qfullpath -qinitauto=FE -qcheck=all -qinfo=pro)
fi
@@ -808,6 +809,13 @@ AC_MSG_NOTICE([])
AC_MSG_NOTICE([Restore user-defined environment settings...])
AC_MSG_NOTICE([])
+APACHE_CONF_SEL_CC=${CC}
+APACHE_CONF_SEL_CFLAGS=${CFLAGS}
+APACHE_CONF_SEL_LDFLAGS=${LDFLAGS}
+APACHE_CONF_SEL_LIBS=${LIBS}
+APACHE_CONF_SEL_CPPFLAGS=${CPPFLAGS}
+APACHE_CONF_SEL_CPP=${CPP}
+
APR_RESTORE_THE_ENVIRONMENT(CPPFLAGS, EXTRA_)
APR_RESTORE_THE_ENVIRONMENT(CFLAGS, EXTRA_)
APR_RESTORE_THE_ENVIRONMENT(CXXFLAGS, EXTRA_)
@@ -862,6 +870,17 @@ AC_SUBST(ap_make_delimiter)
dnl Ensure that docs/conf is created.
test -d docs/conf||$mkdir_p docs/conf
-AC_OUTPUT($APACHE_OUTPUT_FILES docs/conf/httpd.conf docs/conf/extra/httpd-autoindex.conf docs/conf/extra/httpd-dav.conf docs/conf/extra/httpd-default.conf docs/conf/extra/httpd-info.conf docs/conf/extra/httpd-languages.conf docs/conf/extra/httpd-manual.conf docs/conf/extra/httpd-mpm.conf docs/conf/extra/httpd-multilang-errordoc.conf docs/conf/extra/httpd-ssl.conf docs/conf/extra/httpd-userdir.conf docs/conf/extra/httpd-vhosts.conf docs/conf/extra/proxy-html.conf include/ap_config_layout. [...]
- APACHE_GEN_MAKEFILES
+AC_CONFIG_FILES(docs/conf/httpd.conf docs/conf/extra/httpd-autoindex.conf docs/conf/extra/httpd-dav.conf docs/conf/extra/httpd-default.conf docs/conf/extra/httpd-info.conf docs/conf/extra/httpd-languages.conf docs/conf/extra/httpd-manual.conf docs/conf/extra/httpd-mpm.conf docs/conf/extra/httpd-multilang-errordoc.conf docs/conf/extra/httpd-ssl.conf docs/conf/extra/httpd-userdir.conf docs/conf/extra/httpd-vhosts.conf docs/conf/extra/proxy-html.conf include/ap_config_layout.h support/apxs [...]
+AC_CONFIG_COMMANDS([default], [true], [APACHE_GEN_MAKEFILES])
+AC_OUTPUT
+AC_MSG_NOTICE([summary of build options:
+
+ Server Version: ${HTTPD_VERSION}
+ Install prefix: ${prefix}
+ C compiler: ${APACHE_CONF_SEL_CC}
+ CFLAGS: ${APACHE_CONF_SEL_CFLAGS}
+ LDFLAGS: ${APACHE_CONF_SEL_LDFLAGS}
+ LIBS: ${APACHE_CONF_SEL_LIBS}
+ CPPFLAGS: ${APACHE_CONF_SEL_CPPFLAGS}
+ C preprocessor: ${APACHE_CONF_SEL_CPP}
])
diff --git a/docs/conf/httpd.conf.in b/docs/conf/httpd.conf.in
index 966d2c3..37d7c0b 100644
--- a/docs/conf/httpd.conf.in
+++ b/docs/conf/httpd.conf.in
@@ -268,6 +268,15 @@ LogLevel warn
Require all granted
</Directory>
+<IfModule headers_module>
+ #
+ # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
+ # backend servers which have lingering "httpoxy" defects.
+ # 'Proxy' request header is undefined by the IETF, not listed by IANA
+ #
+ RequestHeader unset Proxy early
+</IfModule>
+
<IfModule mime_module>
#
# TypesConfig points to the file containing the list of mappings from
diff --git a/docs/conf/mime.types b/docs/conf/mime.types
index 5175242..4980200 100644
--- a/docs/conf/mime.types
+++ b/docs/conf/mime.types
@@ -14,43 +14,76 @@
# MIME type (lowercased) Extensions
# ============================================ ==========
# application/1d-interleaved-parityfec
+# application/3gpdash-qoe-report+xml
# application/3gpp-ims+xml
+# application/a2l
# application/activemessage
+# application/alto-costmap+json
+# application/alto-costmapfilter+json
+# application/alto-directory+json
+# application/alto-endpointcost+json
+# application/alto-endpointcostparams+json
+# application/alto-endpointprop+json
+# application/alto-endpointpropparams+json
+# application/alto-error+json
+# application/alto-networkmap+json
+# application/alto-networkmapfilter+json
+# application/aml
application/andrew-inset ez
# application/applefile
application/applixware aw
+# application/atf
+# application/atfx
application/atom+xml atom
application/atomcat+xml atomcat
+# application/atomdeleted+xml
# application/atomicmail
application/atomsvc+xml atomsvc
+# application/atxml
# application/auth-policy+xml
+# application/bacnet-xdd+zip
# application/batch-smtp
# application/beep+xml
+# application/calendar+json
# application/calendar+xml
+# application/call-completion
# application/cals-1840
+# application/cbor
# application/ccmp+xml
application/ccxml+xml ccxml
+# application/cdfx+xml
application/cdmi-capability cdmia
application/cdmi-container cdmic
application/cdmi-domain cdmid
application/cdmi-object cdmio
application/cdmi-queue cdmiq
+# application/cdni
+# application/cea
# application/cea-2018+xml
# application/cellml+xml
# application/cfw
+# application/cms
# application/cnrp+xml
+# application/coap-group+json
# application/commonground
# application/conference-info+xml
# application/cpl+xml
+# application/csrattrs
# application/csta+xml
# application/cstadata+xml
+# application/csvm+json
application/cu-seeme cu
# application/cybercash
+# application/dash+xml
+# application/dashdelta
application/davmount+xml davmount
# application/dca-rft
+# application/dcd
# application/dec-dx
# application/dialog-info+xml
# application/dicom
+# application/dii
+# application/dit
# application/dns
application/docbook+xml dbk
# application/dskpp+xml
@@ -61,7 +94,15 @@ application/ecmascript ecma
# application/edi-consent
# application/edi-x12
# application/edifact
+# application/efi
+# application/emergencycalldata.comment+xml
+# application/emergencycalldata.deviceinfo+xml
+# application/emergencycalldata.providerinfo+xml
+# application/emergencycalldata.serviceinfo+xml
+# application/emergencycalldata.subscriberinfo+xml
application/emma+xml emma
+# application/emotionml+xml
+# application/encaprtp
# application/epp+xml
application/epub+zip epub
# application/eshop
@@ -69,12 +110,17 @@ application/epub+zip epub
application/exi exi
# application/fastinfoset
# application/fastsoap
+# application/fdt+xml
# application/fits
+# application/font-sfnt
application/font-tdpfr pfr
+application/font-woff woff
# application/framework-attributes+xml
+# application/geo+json
application/gml+xml gml
application/gpx+xml gpx
application/gxf gxf
+# application/gzip
# application/h224
# application/held+xml
# application/http
@@ -94,15 +140,30 @@ application/inkml+xml ink inkml
application/ipfix ipfix
# application/ipp
# application/isup
+# application/its+xml
application/java-archive jar
application/java-serialized-object ser
application/java-vm class
application/javascript js
+# application/jose
+# application/jose+json
+# application/jrd+json
application/json json
+# application/json-patch+json
+# application/json-seq
application/jsonml+json jsonml
+# application/jwk+json
+# application/jwk-set+json
+# application/jwt
# application/kpml-request+xml
# application/kpml-response+xml
+# application/ld+json
+# application/lgr+xml
+# application/link-format
+# application/load-control+xml
application/lost+xml lostxml
+# application/lostsync+xml
+# application/lxf
application/mac-binhex40 hqx
application/mac-compactpro cpt
# application/macwriteii
@@ -110,9 +171,9 @@ application/mads+xml mads
application/marc mrc
application/marcxml+xml mrcx
application/mathematica ma nb mb
+application/mathml+xml mathml
# application/mathml-content+xml
# application/mathml-presentation+xml
-application/mathml+xml mathml
# application/mbms-associated-procedure-description+xml
# application/mbms-deregister+xml
# application/mbms-envelope+xml
@@ -122,13 +183,17 @@ application/mathml+xml mathml
# application/mbms-reception-report+xml
# application/mbms-register+xml
# application/mbms-register-response+xml
+# application/mbms-schedule+xml
# application/mbms-user-service-description+xml
application/mbox mbox
+# application/media-policy-dataset+xml
# application/media_control+xml
application/mediaservercontrol+xml mscml
+# application/merge-patch+json
application/metalink+xml metalink
application/metalink4+xml meta4
application/mets+xml mets
+# application/mf4
# application/mikey
application/mods+xml mods
# application/moss-keys
@@ -140,6 +205,8 @@ application/mp4 mp4s
# application/mpeg4-generic
# application/mpeg4-iod
# application/mpeg4-iod-xmt
+# application/mrb-consumer+xml
+# application/mrb-publish+xml
# application/msc-ivr+xml
# application/msc-mixer+xml
application/msword doc dot
@@ -148,19 +215,23 @@ application/mxf mxf
# application/news-checkgroups
# application/news-groupinfo
# application/news-transmission
+# application/nlsml+xml
# application/nss
# application/ocsp-request
# application/ocsp-response
application/octet-stream bin dms lrf mar so dist distz pkg bpk dump elc deploy
application/oda oda
+# application/odx
application/oebps-package+xml opf
application/ogg ogx
application/omdoc+xml omdoc
application/onenote onetoc onetoc2 onetmp onepkg
application/oxps oxps
+# application/p2p-overlay+xml
# application/parityfec
application/patch-ops-error+xml xer
application/pdf pdf
+# application/pdx
application/pgp-encrypted pgp
# application/pgp-keys
application/pgp-signature asc sig
@@ -168,6 +239,7 @@ application/pics-rules prf
# application/pidf+xml
# application/pidf-diff+xml
application/pkcs10 p10
+# application/pkcs12
application/pkcs7-mime p7m p7c
application/pkcs7-signature p7s
application/pkcs8 p8
@@ -179,20 +251,29 @@ application/pkixcmp pki
application/pls+xml pls
# application/poc-settings+xml
application/postscript ai eps ps
+# application/ppsp-tracker+json
+# application/problem+json
+# application/problem+xml
+# application/provenance+xml
# application/prs.alvestrand.titrax-sheet
application/prs.cww cww
+# application/prs.hpub+zip
# application/prs.nprend
# application/prs.plucker
# application/prs.rdf-xml-crypt
# application/prs.xsf+xml
application/pskc+xml pskcxml
# application/qsig
+# application/raptorfec
+# application/rdap+json
application/rdf+xml rdf
application/reginfo+xml rif
application/relax-ng-compact-syntax rnc
# application/remote-printing
+# application/reputon+json
application/resource-lists+xml rl
application/resource-lists-diff+xml rld
+# application/rfc+xml
# application/riscos
# application/rlmi+xml
application/rls-services+xml rs
@@ -203,15 +284,21 @@ application/rpki-roa roa
application/rsd+xml rsd
application/rss+xml rss
application/rtf rtf
+# application/rtploopback
# application/rtx
# application/samlassertion+xml
# application/samlmetadata+xml
application/sbml+xml sbml
+# application/scaip+xml
+# application/scim+json
application/scvp-cv-request scq
application/scvp-cv-response scs
application/scvp-vp-request spq
application/scvp-vp-response spp
application/sdp sdp
+# application/sep+xml
+# application/sep-exi
+# application/session-info
# application/set-payment
application/set-payment-initiation setpay
# application/set-registration
@@ -226,11 +313,13 @@ application/shf+xml shf
# application/slate
# application/smil
application/smil+xml smi smil
+# application/smpte336m
# application/soap+fastinfoset
# application/soap+xml
application/sparql-query rq
application/sparql-results+xml srx
# application/spirits-event+xml
+# application/sql
application/srgs gram
application/srgs+xml grxml
application/sru+xml sru
@@ -252,25 +341,42 @@ application/thraud+xml tfi
# application/timestamp-query
# application/timestamp-reply
application/timestamped-data tsd
+# application/ttml+xml
# application/tve-trigger
# application/ulpfec
+# application/urc-grpsheet+xml
+# application/urc-ressheet+xml
+# application/urc-targetdesc+xml
+# application/urc-uisocketdesc+xml
+# application/vcard+json
# application/vcard+xml
# application/vemmi
# application/vividence.scriptfile
+# application/vnd.3gpp-prose+xml
+# application/vnd.3gpp-prose-pc3ch+xml
+# application/vnd.3gpp.access-transfer-events+xml
# application/vnd.3gpp.bsf+xml
+# application/vnd.3gpp.mid-call+xml
application/vnd.3gpp.pic-bw-large plb
application/vnd.3gpp.pic-bw-small psb
application/vnd.3gpp.pic-bw-var pvb
# application/vnd.3gpp.sms
+# application/vnd.3gpp.sms+xml
+# application/vnd.3gpp.srvcc-ext+xml
+# application/vnd.3gpp.srvcc-info+xml
+# application/vnd.3gpp.state-and-event-info+xml
+# application/vnd.3gpp.ussd+xml
# application/vnd.3gpp2.bcmcsinfo+xml
# application/vnd.3gpp2.sms
application/vnd.3gpp2.tcap tcap
+# application/vnd.3lightssoftware.imagescal
application/vnd.3m.post-it-notes pwn
application/vnd.accpac.simply.aso aso
application/vnd.accpac.simply.imp imp
application/vnd.acucobol acu
application/vnd.acucorp atc acutc
application/vnd.adobe.air-application-installer-package+zip air
+# application/vnd.adobe.flash.movie
application/vnd.adobe.formscentral.fcdt fcdt
application/vnd.adobe.fxp fxp fxpl
# application/vnd.adobe.partial-upload
@@ -282,42 +388,62 @@ application/vnd.ahead.space ahead
application/vnd.airzip.filesecure.azf azf
application/vnd.airzip.filesecure.azs azs
application/vnd.amazon.ebook azw
+# application/vnd.amazon.mobi8-ebook
application/vnd.americandynamics.acc acc
application/vnd.amiga.ami ami
# application/vnd.amundsen.maze+xml
application/vnd.android.package-archive apk
+# application/vnd.anki
application/vnd.anser-web-certificate-issue-initiation cii
application/vnd.anser-web-funds-transfer-initiation fti
application/vnd.antix.game-component atx
+# application/vnd.apache.thrift.binary
+# application/vnd.apache.thrift.compact
+# application/vnd.apache.thrift.json
+# application/vnd.api+json
application/vnd.apple.installer+xml mpkg
application/vnd.apple.mpegurl m3u8
# application/vnd.arastra.swi
application/vnd.aristanetworks.swi swi
+# application/vnd.artsquare
application/vnd.astraea-software.iota iota
application/vnd.audiograph aep
# application/vnd.autopackage
# application/vnd.avistar+xml
+# application/vnd.balsamiq.bmml+xml
+# application/vnd.balsamiq.bmpr
+# application/vnd.bekitzur-stech+json
+# application/vnd.biopax.rdf+xml
application/vnd.blueice.multipass mpm
# application/vnd.bluetooth.ep.oob
+# application/vnd.bluetooth.le.oob
application/vnd.bmi bmi
application/vnd.businessobjects rep
# application/vnd.cab-jscript
# application/vnd.canon-cpdl
# application/vnd.canon-lips
# application/vnd.cendio.thinlinc.clientconf
+# application/vnd.century-systems.tcp_stream
application/vnd.chemdraw+xml cdxml
+# application/vnd.chess-pgn
application/vnd.chipnuts.karaoke-mmd mmd
application/vnd.cinderella cdy
# application/vnd.cirpack.isdn-ext
+# application/vnd.citationstyles.style+xml
application/vnd.claymore cla
application/vnd.cloanto.rp9 rp9
application/vnd.clonk.c4group c4g c4d c4f c4p c4u
application/vnd.cluetrust.cartomobile-config c11amc
application/vnd.cluetrust.cartomobile-config-pkg c11amz
+# application/vnd.coffeescript
# application/vnd.collection+json
+# application/vnd.collection.doc+json
+# application/vnd.collection.next+json
+# application/vnd.comicbook+zip
# application/vnd.commerce-battelle
application/vnd.commonspace csp
application/vnd.contact.cmsg cdbcmsg
+# application/vnd.coreos.ignition+json
application/vnd.cosmocaller cmc
application/vnd.crick.clicker clkx
application/vnd.crick.clicker.keyboard clkk
@@ -335,22 +461,32 @@ application/vnd.cups-ppd ppd
# application/vnd.curl
application/vnd.curl.car car
application/vnd.curl.pcurl pcurl
+# application/vnd.cyan.dean.root+xml
# application/vnd.cybank
application/vnd.dart dart
application/vnd.data-vision.rdz rdz
+# application/vnd.debian.binary-package
application/vnd.dece.data uvf uvvf uvd uvvd
application/vnd.dece.ttml+xml uvt uvvt
application/vnd.dece.unspecified uvx uvvx
application/vnd.dece.zip uvz uvvz
application/vnd.denovo.fcselayout-link fe_launch
+# application/vnd.desmume.movie
# application/vnd.dir-bi.plate-dl-nosuffix
+# application/vnd.dm.delegation+xml
application/vnd.dna dna
+# application/vnd.document+json
application/vnd.dolby.mlp mlp
# application/vnd.dolby.mobile.1
# application/vnd.dolby.mobile.2
+# application/vnd.doremir.scorecloud-binary-document
application/vnd.dpgraph dpg
application/vnd.dreamfactory dfac
+# application/vnd.drive+json
application/vnd.ds-keypoint kpxx
+# application/vnd.dtg.local
+# application/vnd.dtg.local.flash
+# application/vnd.dtg.local.html
application/vnd.dvb.ait ait
# application/vnd.dvb.dvbj
# application/vnd.dvb.esgcontainer
@@ -372,6 +508,7 @@ application/vnd.dvb.ait ait
application/vnd.dvb.service svc
# application/vnd.dxr
application/vnd.dynageo geo
+# application/vnd.dzr
# application/vnd.easykaraoke.cdgdownload
# application/vnd.ecdis-update
application/vnd.ecowin.chart mag
@@ -382,6 +519,7 @@ application/vnd.ecowin.chart mag
# application/vnd.ecowin.seriesupdate
# application/vnd.emclient.accessrequest+xml
application/vnd.enliven nml
+# application/vnd.enphase.envoy
# application/vnd.eprints.data+xml
application/vnd.epson.esf esf
application/vnd.epson.msf msf
@@ -391,6 +529,8 @@ application/vnd.epson.ssf ssf
# application/vnd.ericsson.quickcall
application/vnd.eszigno3+xml es3 et3
# application/vnd.etsi.aoc+xml
+# application/vnd.etsi.asic-e+zip
+# application/vnd.etsi.asic-s+zip
# application/vnd.etsi.cug+xml
# application/vnd.etsi.iptvcommand+xml
# application/vnd.etsi.iptvdiscovery+xml
@@ -402,20 +542,26 @@ application/vnd.eszigno3+xml es3 et3
# application/vnd.etsi.iptvsync+xml
# application/vnd.etsi.iptvueprofile+xml
# application/vnd.etsi.mcid+xml
+# application/vnd.etsi.mheg5
# application/vnd.etsi.overload-control-policy-dataset+xml
+# application/vnd.etsi.pstn+xml
# application/vnd.etsi.sci+xml
# application/vnd.etsi.simservs+xml
+# application/vnd.etsi.timestamp-token
# application/vnd.etsi.tsl+xml
# application/vnd.etsi.tsl.der
# application/vnd.eudora.data
application/vnd.ezpix-album ez2
application/vnd.ezpix-package ez3
# application/vnd.f-secure.mobile
+# application/vnd.fastcopy-disk-image
application/vnd.fdf fdf
application/vnd.fdsn.mseed mseed
application/vnd.fdsn.seed seed dataless
# application/vnd.ffsns
+# application/vnd.filmit.zfc
# application/vnd.fints
+# application/vnd.firemonkeys.cloudcell
application/vnd.flographit gph
application/vnd.fluxtime.clip ftc
# application/vnd.font-fontforge-sfd
@@ -430,13 +576,15 @@ application/vnd.fujitsu.oasysgp fg5
application/vnd.fujitsu.oasysprs bh2
# application/vnd.fujixerox.art-ex
# application/vnd.fujixerox.art4
-# application/vnd.fujixerox.hbpl
application/vnd.fujixerox.ddd ddd
application/vnd.fujixerox.docuworks xdw
application/vnd.fujixerox.docuworks.binder xbd
+# application/vnd.fujixerox.docuworks.container
+# application/vnd.fujixerox.hbpl
# application/vnd.fut-misnet
application/vnd.fuzzysheet fzs
application/vnd.genomatix.tuxedo txd
+# application/vnd.geo+json
# application/vnd.geocube+xml
application/vnd.geogebra.file ggb
application/vnd.geogebra.tool ggt
@@ -444,11 +592,15 @@ application/vnd.geometry-explorer gex gre
application/vnd.geonext gxt
application/vnd.geoplan g2w
application/vnd.geospace g3w
+# application/vnd.gerber
# application/vnd.globalplatform.card-content-mgt
# application/vnd.globalplatform.card-content-mgt-response
application/vnd.gmx gmx
application/vnd.google-earth.kml+xml kml
application/vnd.google-earth.kmz kmz
+# application/vnd.gov.sk.e-form+xml
+# application/vnd.gov.sk.e-form+zip
+# application/vnd.gov.sk.xmldatacontainer+xml
application/vnd.grafeq gqf gqs
# application/vnd.gridmp
application/vnd.groove-account gac
@@ -463,6 +615,8 @@ application/vnd.hal+xml hal
application/vnd.handheld-entertainment+xml zmm
application/vnd.hbci hbci
# application/vnd.hcl-bireports
+# application/vnd.hdt
+# application/vnd.heroku+json
application/vnd.hhe.lesson-player les
application/vnd.hp-hpgl hpgl
application/vnd.hp-hpid hpid
@@ -472,6 +626,7 @@ application/vnd.hp-pcl pcl
application/vnd.hp-pclxl pclxl
# application/vnd.httphone
application/vnd.hydrostatix.sof-data sfd-hdstx
+# application/vnd.hyperdrive+json
# application/vnd.hzn-3d-crossword
# application/vnd.ibm.afplinedata
# application/vnd.ibm.electronic-media
@@ -480,9 +635,19 @@ application/vnd.ibm.modcap afp listafp list3820
application/vnd.ibm.rights-management irm
application/vnd.ibm.secure-container sc
application/vnd.iccprofile icc icm
+# application/vnd.ieee.1905
application/vnd.igloader igl
application/vnd.immervision-ivp ivp
application/vnd.immervision-ivu ivu
+# application/vnd.ims.imsccv1p1
+# application/vnd.ims.imsccv1p2
+# application/vnd.ims.imsccv1p3
+# application/vnd.ims.lis.v2.result+json
+# application/vnd.ims.lti.v2.toolconsumerprofile+json
+# application/vnd.ims.lti.v2.toolproxy+json
+# application/vnd.ims.lti.v2.toolproxy.id+json
+# application/vnd.ims.lti.v2.toolsettings+json
+# application/vnd.ims.lti.v2.toolsettings.simple+json
# application/vnd.informedcontrol.rms+xml
# application/vnd.informix-visionary
# application/vnd.infotech.project
@@ -495,6 +660,7 @@ application/vnd.intergeo i2g
# application/vnd.intertrust.nncp
application/vnd.intu.qbo qbo
application/vnd.intu.qfx qfx
+# application/vnd.iptc.g2.catalogitem+xml
# application/vnd.iptc.g2.conceptitem+xml
# application/vnd.iptc.g2.knowledgeitem+xml
# application/vnd.iptc.g2.newsitem+xml
@@ -517,6 +683,7 @@ application/vnd.jam jam
application/vnd.jcp.javame.midlet-rms rms
application/vnd.jisp jisp
application/vnd.joost.joda-archive joda
+# application/vnd.jsk.isdn-ngn
application/vnd.kahootz ktz ktr
application/vnd.kde.karbon karbon
application/vnd.kde.kchart chrt
@@ -543,18 +710,24 @@ application/vnd.lotus-organizer org
application/vnd.lotus-screencam scm
application/vnd.lotus-wordpro lwp
application/vnd.macports.portpkg portpkg
+# application/vnd.mapbox-vector-tile
# application/vnd.marlin.drm.actiontoken+xml
# application/vnd.marlin.drm.conftoken+xml
# application/vnd.marlin.drm.license+xml
# application/vnd.marlin.drm.mdcf
+# application/vnd.mason+json
+# application/vnd.maxmind.maxmind-db
application/vnd.mcd mcd
application/vnd.medcalcdata mc1
application/vnd.mediastation.cdkey cdkey
# application/vnd.meridian-slingshot
application/vnd.mfer mwf
application/vnd.mfmp mfm
+# application/vnd.micro+json
application/vnd.micrografx.flo flo
application/vnd.micrografx.igx igx
+# application/vnd.microsoft.portable-executable
+# application/vnd.miele+json
application/vnd.mif mif
# application/vnd.minisoft-hp3000-save
# application/vnd.mitsubishi.misty-guard.trustweb
@@ -576,6 +749,7 @@ application/vnd.mophun.certificate mpc
# application/vnd.motorola.flexsuite.wem
# application/vnd.motorola.iprm
application/vnd.mozilla.xul+xml xul
+# application/vnd.ms-3mfdocument
application/vnd.ms-artgalry cil
# application/vnd.ms-asf
application/vnd.ms-cab-compressed cab
@@ -602,9 +776,15 @@ application/vnd.ms-powerpoint.presentation.macroenabled.12 pptm
application/vnd.ms-powerpoint.slide.macroenabled.12 sldm
application/vnd.ms-powerpoint.slideshow.macroenabled.12 ppsm
application/vnd.ms-powerpoint.template.macroenabled.12 potm
+# application/vnd.ms-printdevicecapabilities+xml
# application/vnd.ms-printing.printticket+xml
+# application/vnd.ms-printschematicket+xml
application/vnd.ms-project mpp mpt
# application/vnd.ms-tnef
+# application/vnd.ms-windows.devicepairing
+# application/vnd.ms-windows.nwprinting.oob
+# application/vnd.ms-windows.printerpairing
+# application/vnd.ms-windows.wsd.oob
# application/vnd.ms-wmdrm.lic-chlg-req
# application/vnd.ms-wmdrm.lic-resp
# application/vnd.ms-wmdrm.meter-chlg-req
@@ -614,6 +794,7 @@ application/vnd.ms-word.template.macroenabled.12 dotm
application/vnd.ms-works wps wks wcm wdb
application/vnd.ms-wpl wpl
application/vnd.ms-xpsdocument xps
+# application/vnd.msa-disk-image
application/vnd.mseq mseq
# application/vnd.msign
# application/vnd.multiad.creator
@@ -627,6 +808,8 @@ application/vnd.mynfc taglet
# application/vnd.nervana
# application/vnd.netfpx
application/vnd.neurolanguage.nlu nlu
+# application/vnd.nintendo.nitro.rom
+# application/vnd.nintendo.snes.rom
application/vnd.nitf ntf nitf
application/vnd.noblenet-directory nnd
application/vnd.noblenet-sealer nns
@@ -634,8 +817,8 @@ application/vnd.noblenet-web nnw
# application/vnd.nokia.catalogs
# application/vnd.nokia.conml+wbxml
# application/vnd.nokia.conml+xml
-# application/vnd.nokia.isds-radio-presets
# application/vnd.nokia.iptv.config+xml
+# application/vnd.nokia.isds-radio-presets
# application/vnd.nokia.landmark+wbxml
# application/vnd.nokia.landmark+xml
# application/vnd.nokia.landmarkcollection+xml
@@ -650,7 +833,9 @@ application/vnd.nokia.radio-presets rpss
application/vnd.novadigm.edm edm
application/vnd.novadigm.edx edx
application/vnd.novadigm.ext ext
+# application/vnd.ntt-local.content-share
# application/vnd.ntt-local.file-transfer
+# application/vnd.ntt-local.ogw_remote-access
# application/vnd.ntt-local.sip-ta_remote
# application/vnd.ntt-local.sip-ta_tcp_stream
application/vnd.oasis.opendocument.chart odc
@@ -703,12 +888,15 @@ application/vnd.olpc-sugar xo
# application/vnd.oma.cab-address-book+xml
# application/vnd.oma.cab-feature-handler+xml
# application/vnd.oma.cab-pcc+xml
+# application/vnd.oma.cab-subs-invite+xml
# application/vnd.oma.cab-user-prefs+xml
# application/vnd.oma.dcd
# application/vnd.oma.dcdc
application/vnd.oma.dd2+xml dd2
# application/vnd.oma.drm.risd+xml
# application/vnd.oma.group-usage-list+xml
+# application/vnd.oma.lwm2m+json
+# application/vnd.oma.lwm2m+tlv
# application/vnd.oma.pal+xml
# application/vnd.oma.poc.detailed-progress-report+xml
# application/vnd.oma.poc.final-report+xml
@@ -722,6 +910,10 @@ application/vnd.oma.dd2+xml dd2
# application/vnd.omads-file+xml
# application/vnd.omads-folder+xml
# application/vnd.omaloc-supl-init
+# application/vnd.onepager
+# application/vnd.openblox.game+xml
+# application/vnd.openblox.game-binary
+# application/vnd.openeye.oeb
application/vnd.openofficeorg.extension oxt
# application/vnd.openxmlformats-officedocument.custom-properties+xml
# application/vnd.openxmlformats-officedocument.customxmlproperties+xml
@@ -797,16 +989,21 @@ application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
# application/vnd.openxmlformats-package.core-properties+xml
# application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml
# application/vnd.openxmlformats-package.relationships+xml
-# application/vnd.quobject-quoxdocument
+# application/vnd.oracle.resource+json
+# application/vnd.orange.indata
# application/vnd.osa.netdeploy
application/vnd.osgeo.mapguide.package mgp
# application/vnd.osgi.bundle
application/vnd.osgi.dp dp
application/vnd.osgi.subsystem esa
# application/vnd.otps.ct-kip+xml
+# application/vnd.oxli.countgraph
+# application/vnd.pagerduty+json
application/vnd.palm pdb pqa oprc
+# application/vnd.panoply
# application/vnd.paos.xml
application/vnd.pawaafile paw
+# application/vnd.pcos
application/vnd.pg.format str
application/vnd.pg.osasli ei6
# application/vnd.piaccess.application-licence
@@ -828,7 +1025,9 @@ application/vnd.pvi.ptid1 ptid
# application/vnd.pwg-multiplexed
# application/vnd.pwg-xhtml-print+xml
# application/vnd.qualcomm.brew-app-res
+# application/vnd.quarantainenet
application/vnd.quark.quarkxpress qxd qxt qwd qwt qxl qxb
+# application/vnd.quobject-quoxdocument
# application/vnd.radisys.moml+xml
# application/vnd.radisys.msml+xml
# application/vnd.radisys.msml-audit+xml
@@ -846,6 +1045,7 @@ application/vnd.quark.quarkxpress qxd qxt qwd qwt qxl qxb
# application/vnd.radisys.msml-dialog-transform+xml
# application/vnd.rainstor.data
# application/vnd.rapid
+# application/vnd.rar
application/vnd.realvnc.bed bed
application/vnd.recordare.musicxml mxl
application/vnd.recordare.musicxml+xml musicxml
@@ -882,6 +1082,7 @@ application/vnd.shana.informed.formtemplate itp
application/vnd.shana.informed.interchange iif
application/vnd.shana.informed.package ipk
application/vnd.simtech-mindmapper twd twds
+# application/vnd.siren+json
application/vnd.smaf mmf
# application/vnd.smart.notebook
application/vnd.smart.teacher teacher
@@ -902,6 +1103,7 @@ application/vnd.stardivision.writer-global sgl
application/vnd.stepmania.package smzip
application/vnd.stepmania.stepchart sm
# application/vnd.street-stream
+# application/vnd.sun.wadl+xml
application/vnd.sun.xml.calc sxc
application/vnd.sun.xml.calc.template stc
application/vnd.sun.xml.draw sxd
@@ -912,7 +1114,6 @@ application/vnd.sun.xml.math sxm
application/vnd.sun.xml.writer sxw
application/vnd.sun.xml.writer.global sxg
application/vnd.sun.xml.writer.template stw
-# application/vnd.sun.wadl+xml
application/vnd.sus-calendar sus susp
application/vnd.svd svd
# application/vnd.swiftview-ics
@@ -921,9 +1122,15 @@ application/vnd.syncml+xml xsm
application/vnd.syncml.dm+wbxml bdm
application/vnd.syncml.dm+xml xdm
# application/vnd.syncml.dm.notification
+# application/vnd.syncml.dmddf+wbxml
+# application/vnd.syncml.dmddf+xml
+# application/vnd.syncml.dmtnds+wbxml
+# application/vnd.syncml.dmtnds+xml
# application/vnd.syncml.ds.notification
application/vnd.tao.intent-module-archive tao
application/vnd.tcpdump.pcap pcap cap dmp
+# application/vnd.tmd.mediaflex.api+xml
+# application/vnd.tml
application/vnd.tmobile-livetv tmo
application/vnd.trid.tpt tpt
application/vnd.triscape.mxs mxs
@@ -948,9 +1155,12 @@ application/vnd.uoml+xml uoml
# application/vnd.uplanet.listcmd
# application/vnd.uplanet.listcmd-wbxml
# application/vnd.uplanet.signal
+# application/vnd.uri-map
+# application/vnd.valve.source.material
application/vnd.vcx vcx
# application/vnd.vd-study
# application/vnd.vectorworks
+# application/vnd.vel+json
# application/vnd.verimatrix.vcas
# application/vnd.vidsoft.vidconference
application/vnd.visio vsd vst vss vsw
@@ -963,7 +1173,9 @@ application/vnd.wap.wbxml wbxml
application/vnd.wap.wmlc wmlc
application/vnd.wap.wmlscriptc wmlsc
application/vnd.webturbo wtb
+# application/vnd.wfa.p2p
# application/vnd.wfa.wsc
+# application/vnd.windows.devicepairing
# application/vnd.wmc
# application/vnd.wmf.bootstrap
# application/vnd.wolfram.mathematica
@@ -976,6 +1188,7 @@ application/vnd.wt.stf stf
# application/vnd.wv.csp+wbxml
# application/vnd.wv.csp+xml
# application/vnd.wv.ssp+xml
+# application/vnd.xacml+json
application/vnd.xara xar
application/vnd.xfdl xfdl
# application/vnd.xfdl.webform
@@ -995,6 +1208,7 @@ application/vnd.yamaha.smaf-audio saf
application/vnd.yamaha.smaf-phrase spf
# application/vnd.yamaha.through-ngn
# application/vnd.yamaha.tunnel-udpencap
+# application/vnd.yaoweme
application/vnd.yellowriver-custom-menu cmp
application/vnd.zul zir zirz
application/vnd.zzazz.deck+xml zaz
@@ -1027,8 +1241,8 @@ application/x-cdlink vcd
application/x-cfs-compressed cfs
application/x-chat chat
application/x-chess-pgn pgn
-application/x-conference nsc
# application/x-compress
+application/x-conference nsc
application/x-cpio cpio
application/x-csh csh
application/x-debian-package deb udeb
@@ -1054,7 +1268,6 @@ application/x-font-snf snf
# application/x-font-sunos-news
application/x-font-ttf ttf ttc
application/x-font-type1 pfa pfb pfm afm
-application/x-font-woff woff
# application/x-font-vfont
application/x-freearc arc
application/x-futuresplash spl
@@ -1116,6 +1329,7 @@ application/x-texinfo texinfo texi
application/x-tgif obj
application/x-ustar ustar
application/x-wais-source src
+# application/x-www-form-urlencoded
application/x-x509-ca-cert der crt
application/x-xfig fig
application/x-xliff+xml xlf
@@ -1123,6 +1337,7 @@ application/x-xpinstall xpi
application/x-xz xz
application/x-zmachine z1 z2 z3 z4 z5 z6 z7 z8
# application/x400-bp
+# application/xacml+xml
application/xaml+xml xaml
# application/xcap-att+xml
# application/xcap-caps+xml
@@ -1130,14 +1345,15 @@ application/xcap-diff+xml xdf
# application/xcap-el+xml
# application/xcap-error+xml
# application/xcap-ns+xml
-# application/xcon-conference-info-diff+xml
# application/xcon-conference-info+xml
+# application/xcon-conference-info-diff+xml
application/xenc+xml xenc
application/xhtml+xml xhtml xht
# application/xhtml-voice+xml
application/xml xml xsl
application/xml-dtd dtd
# application/xml-external-parsed-entity
+# application/xml-patch+xml
# application/xmpp+xml
application/xop+xml xop
application/xproc+xml xpl
@@ -1147,6 +1363,7 @@ application/xv+xml mxml xhvml xvml xvm
application/yang yang
application/yin+xml yin
application/zip zip
+# application/zlib
# audio/1d-interleaved-parityfec
# audio/32kadpcm
# audio/3gpp
@@ -1156,6 +1373,7 @@ audio/adpcm adp
# audio/amr
# audio/amr-wb
# audio/amr-wb+
+# audio/aptx
# audio/asc
# audio/atrac-advanced-lossless
# audio/atrac-x
@@ -1174,6 +1392,7 @@ audio/basic au snd
# audio/dv
# audio/dvi4
# audio/eac3
+# audio/encaprtp
# audio/evrc
# audio/evrc-qcp
# audio/evrc0
@@ -1181,11 +1400,16 @@ audio/basic au snd
# audio/evrcb
# audio/evrcb0
# audio/evrcb1
+# audio/evrcnw
+# audio/evrcnw0
+# audio/evrcnw1
# audio/evrcwb
# audio/evrcwb0
# audio/evrcwb1
+# audio/evs
# audio/example
# audio/fwdred
+# audio/g711-0
# audio/g719
# audio/g722
# audio/g7221
@@ -1224,19 +1448,21 @@ audio/ogg oga ogg spx
# audio/parityfec
# audio/pcma
# audio/pcma-wb
-# audio/pcmu-wb
# audio/pcmu
+# audio/pcmu-wb
# audio/prs.sid
# audio/qcelp
+# audio/raptorfec
# audio/red
# audio/rtp-enc-aescm128
# audio/rtp-midi
+# audio/rtploopback
# audio/rtx
audio/s3m s3m
audio/silk sil
# audio/smv
-# audio/smv0
# audio/smv-qcp
+# audio/smv0
# audio/sp-midi
# audio/speex
# audio/t140c
@@ -1310,11 +1536,14 @@ chemical/x-csml csml
chemical/x-xyz xyz
image/bmp bmp
image/cgm cgm
+# image/dicom-rle
+# image/emf
# image/example
# image/fits
image/g3fax g3
image/gif gif
image/ief ief
+# image/jls
# image/jp2
image/jpeg jpeg jpg jpe
# image/jpm
@@ -1324,16 +1553,18 @@ image/ktx ktx
image/png png
image/prs.btif btif
# image/prs.pti
+# image/pwg-raster
image/sgi sgi
image/svg+xml svg svgz
# image/t38
image/tiff tiff tif
# image/tiff-fx
image/vnd.adobe.photoshop psd
+# image/vnd.airzip.accelerator.azv
# image/vnd.cns.inf2
image/vnd.dece.graphic uvi uvvi uvg uvvg
-image/vnd.dvb.subtitle sub
image/vnd.djvu djvu djv
+image/vnd.dvb.subtitle sub
image/vnd.dwg dwg
image/vnd.dxf dxf
image/vnd.fastbidsheet fbs
@@ -1344,6 +1575,7 @@ image/vnd.fujixerox.edmics-rlc rlc
# image/vnd.globalgraphics.pgb
# image/vnd.microsoft.icon
# image/vnd.mix
+# image/vnd.mozilla.apng
image/vnd.ms-modi mdi
image/vnd.ms-photo wdp
image/vnd.net-fpx npx
@@ -1352,9 +1584,13 @@ image/vnd.net-fpx npx
# image/vnd.sealedmedia.softseal.gif
# image/vnd.sealedmedia.softseal.jpg
# image/vnd.svf
+# image/vnd.tencent.tap
+# image/vnd.valve.source.texture
image/vnd.wap.wbmp wbmp
image/vnd.xiff xif
+# image/vnd.zbrush.pcx
image/webp webp
+# image/wmf
image/x-3ds 3ds
image/x-cmu-raster ras
image/x-cmx cmx
@@ -1392,7 +1628,9 @@ message/rfc822 eml mime
# message/sipfrag
# message/tracking-status
# message/vnd.si.simp
+# message/vnd.wfa.wsc
# model/example
+# model/gltf+json
model/iges igs iges
model/mesh msh mesh silo
model/vnd.collada+xml dae
@@ -1404,13 +1642,18 @@ model/vnd.gdl gdl
model/vnd.gtw gtw
# model/vnd.moml+xml
model/vnd.mts mts
+# model/vnd.opengex
# model/vnd.parasolid.transmit.binary
# model/vnd.parasolid.transmit.text
+# model/vnd.rosette.annotated-data-model
+# model/vnd.valve.source.compiled-map
model/vnd.vtu vtu
model/vrml wrl vrml
model/x3d+binary x3db x3dbz
+# model/x3d+fastinfoset
model/x3d+vrml x3dv x3dvz
model/x3d+xml x3d x3dz
+# model/x3d-vrml
# multipart/alternative
# multipart/appledouble
# multipart/byteranges
@@ -1425,30 +1668,41 @@ model/x3d+xml x3d x3dz
# multipart/report
# multipart/signed
# multipart/voice-message
+# multipart/x-mixed-replace
# text/1d-interleaved-parityfec
text/cache-manifest appcache
text/calendar ics ifb
text/css css
text/csv csv
+# text/csv-schema
# text/directory
# text/dns
# text/ecmascript
+# text/encaprtp
# text/enriched
# text/example
# text/fwdred
+# text/grammar-ref-list
text/html html htm
# text/javascript
+# text/jcr-cnd
+# text/markdown
+# text/mizar
text/n3 n3
+# text/parameters
# text/parityfec
text/plain txt text conf def list log in
+# text/provenance-notation
# text/prs.fallenstein.rst
text/prs.lines.tag dsc
-# text/vnd.radisys.msml-basic-layout
+# text/prs.prop.logic
+# text/raptorfec
# text/red
# text/rfc822-headers
text/richtext rtx
# text/rtf
# text/rtp-enc-aescm128
+# text/rtploopback
# text/rtx
text/sgml sgml sgm
# text/t140
@@ -1458,11 +1712,13 @@ text/turtle ttl
# text/ulpfec
text/uri-list uri uris urls
text/vcard vcard
+# text/vnd.a
# text/vnd.abc
text/vnd.curl curl
text/vnd.curl.dcurl dcurl
-text/vnd.curl.scurl scurl
text/vnd.curl.mcurl mcurl
+text/vnd.curl.scurl scurl
+# text/vnd.debian.copyright
# text/vnd.dmclientscript
text/vnd.dvb.subtitle sub
# text/vnd.esmertec.theme-descriptor
@@ -1477,6 +1733,7 @@ text/vnd.in3d.spot spot
# text/vnd.motorola.reflex
# text/vnd.ms-mediapackage
# text/vnd.net2phone.commcenter.command
+# text/vnd.radisys.msml-basic-layout
# text/vnd.si.uricatalogue
text/vnd.sun.j2me.app-descriptor jad
# text/vnd.trolltech.linguist
@@ -1488,9 +1745,9 @@ text/x-asm s asm
text/x-c c cc cxx cpp h hh dic
text/x-fortran f for f77 f90
text/x-java-source java
+text/x-nfo nfo
text/x-opml opml
text/x-pascal p pas
-text/x-nfo nfo
text/x-setext etx
text/x-sfv sfv
text/x-uuencode uu
@@ -1506,6 +1763,7 @@ video/3gpp2 3g2
# video/bt656
# video/celb
# video/dv
+# video/encaprtp
# video/example
video/h261 h261
video/h263 h263
@@ -1514,6 +1772,8 @@ video/h263 h263
video/h264 h264
# video/h264-rcdo
# video/h264-svc
+# video/h265
+# video/iso.segment
video/jpeg jpgv
# video/jpeg2000
video/jpm jpm jpgm
@@ -1531,8 +1791,10 @@ video/ogg ogv
# video/parityfec
# video/pointer
video/quicktime qt mov
+# video/raptorfec
# video/raw
# video/rtp-enc-aescm128
+# video/rtploopback
# video/rtx
# video/smpte292m
# video/ulpfec
@@ -1563,12 +1825,15 @@ video/vnd.ms-playready.media.pyv pyv
# video/vnd.nokia.interleaved-multimedia
# video/vnd.nokia.videovoip
# video/vnd.objectvideo
+# video/vnd.radgamettools.bink
+# video/vnd.radgamettools.smacker
# video/vnd.sealed.mpeg1
# video/vnd.sealed.mpeg4
# video/vnd.sealed.swf
# video/vnd.sealedmedia.softseal.mov
video/vnd.uvvu.mp4 uvu uvvu
video/vnd.vivo viv
+# video/vp8
video/webm webm
video/x-f4v f4v
video/x-fli fli
diff --git a/docs/manual/caching.html.en b/docs/manual/caching.html.en
index 89258aa..b51d589 100644
--- a/docs/manual/caching.html.en
+++ b/docs/manual/caching.html.en
@@ -35,7 +35,8 @@
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#introduction">Introduction</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#http-caching">Three-state RFC2616 HTTP caching</a></li>
-<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">Two-state Key/Value Shared Object Caching</a></li>
+<li><img alt="" src="./images/down.gif" /> <a href="#examples">Cache Setup Examples</a></li>
+<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">General Two-state Key/Value Shared Object Caching</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#file-caching">Specialized File Caching</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#security">Security Considerations</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
@@ -418,6 +419,14 @@ Vary: negotiate,accept-language,accept-charset
to decide on which of many variants to return to the client.</p>
+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Cache Setup Examples</a></h2>
+
+
+
+ <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code></li><li><code class="module"><a href="./mod/mod_cache_disk.html">mod_cache_disk</a></code></li><li><code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code></li><li><code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code></li></ul></td><td><ul><li [...]
+
<h3><a name="disk" id="disk">Caching to Disk</a></h3>
@@ -532,9 +541,45 @@ CacheDirLength 1</pre>
leave enough "grow room" following a clean.</p>
+ <h3><a name="memcache" id="memcache">Caching to memcached</a></h3>
+
+
+ <p>Using the <code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code> module, <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code>
+ can cache data from a variety of implementations (aka: "providers"). Using the
+ <code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code> module, for example, one can specify that
+ <a href="http://memcached.org">memcached</a> is to be used as the
+ the backend storage mechanism.</p>
+
+ <p>Typically the module will be configured as so:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:memcd.example.com:11211</pre>
+
+
+ <p>Additional <code>memcached</code> servers can be specified by
+ appending them to the end of the <code>CacheSocache memcache:</code>
+ line separated by commas:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:mem1.example.com:11211,mem2.example.com:11212</pre>
+
+
+ <p>This format is also used with the other various <code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code>
+ providers. For example:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache shmcb:/path/to/datafile(512000)</pre>
+
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache dbm:/path/to/datafile</pre>
+
+
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
-<h2><a name="socache-caching" id="socache-caching">Two-state Key/Value Shared Object Caching</a></h2>
+<h2><a name="socache-caching" id="socache-caching">General Two-state Key/Value Shared Object Caching</a></h2>
diff --git a/docs/manual/caching.html.fr b/docs/manual/caching.html.fr
index a395211..3f368da 100644
--- a/docs/manual/caching.html.fr
+++ b/docs/manual/caching.html.fr
@@ -38,7 +38,8 @@
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#introduction">Introduction</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#http-caching">Mise en cache HTTP � trois �tats RFC2616</a></li>
-<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">Mise en cache d'objets partag�s � deux �tats de forme
+<li><img alt="" src="./images/down.gif" /> <a href="#examples">Exemples de configuration du cache</a></li>
+<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">Mise en cache g�n�rale d'objets partag�s � deux �tats de forme
cl�/valeur</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#file-caching">Mise en cache � base de fichiers sp�cialis�s</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#security">Consid�rations sur la s�curit�</a></li>
@@ -457,6 +458,14 @@ Vary: negotiate,accept-language,accept-charset
+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Exemples de configuration du cache</a></h2>
+
+
+
+ <table class="related"><tr><th>Modules Apparent�s</th><th>Directives Apparent�es</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code></li><li><code class="module"><a href="./mod/mod_cache_disk.html">mod_cache_disk</a></code></li><li><code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code></li><li><code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code></li></ul></td><td> [...]
+
<h3><a name="disk" id="disk">Mise en cache sur disque</a></h3>
@@ -583,9 +592,46 @@ CacheDirLength 1</pre>
� la suite d'un nettoyage.</p>
+ <h3><a name="memcache" id="memcache">Cache en m�moire</a></h3>
+
+
+ <p>En utilisant le module <code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code>,
+ <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> peut mettre en cache des donn�es � partir de
+ diverses impl�mentations aussi nomm�es "fournisseurs". Par exemple, en
+ utilisant le module <code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code>, on peut
+ sp�cifier que c'est <a href="http://memcached.org">memcached</a> qui doit
+ �tre utilis� comme m�canisme de stockage sous-jacent.</p>
+
+ <p>Typiquement, le module sera configur� comme suit :</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:memcd.example.com:11211</pre>
+
+
+ <p>En outre, il est possible de sp�cifier plusieurs serveurs
+ <code>memcached</code> en les ajoutant � la fin de la ligne
+ <code>CacheSocache memcache:</code> et en les s�parant par des virgules :</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:mem1.example.com:11211,mem2.example.com:11212</pre>
+
+
+ <p>Divers autres fournisseurs <code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code> utilisent
+ aussi ce format. Par exemple :</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache shmcb:/path/to/datafile(512000)</pre>
+
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache dbm:/path/to/datafile</pre>
+
+
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
-<h2><a name="socache-caching" id="socache-caching">Mise en cache d'objets partag�s � deux �tats de forme
+<h2><a name="socache-caching" id="socache-caching">Mise en cache g�n�rale d'objets partag�s � deux �tats de forme
cl�/valeur</a></h2>
diff --git a/docs/manual/caching.html.tr.utf8 b/docs/manual/caching.html.tr.utf8
index b51adff..cdf3084 100644
--- a/docs/manual/caching.html.tr.utf8
+++ b/docs/manual/caching.html.tr.utf8
@@ -38,7 +38,8 @@
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#introduction">Giriş</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#http-caching">Üç durumlu RFC2616 HTTP önbelleklemesi</a></li>
-<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">İki durumlu Anahtar/Değer Paylaşımlı Nesne Önbellekleme</a></li>
+<li><img alt="" src="./images/down.gif" /> <a href="#examples">Önbellek Ayarlama Örnekleri</a></li>
+<li><img alt="" src="./images/down.gif" /> <a href="#socache-caching">Genel İki durumlu Anahtar/Değer Paylaşımlı Nesne Önbellekleme</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#file-caching">Uzmanlaşmış Dosya Önbellekleme</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#security">Güvenlik Kaygıları</a></li>
</ul><h3>Ayrıca bakınız:</h3><ul class="seealso"><li><a href="#comments_section">Yorum</a></li></ul></div>
@@ -393,6 +394,14 @@
saptar ve istemciye hangi sürümle yanıt verileceğine karar verir.</p>
+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Önbellek Ayarlama Örnekleri</a></h2>
+
+
+
+ <table class="related"><tr><th>İlgili Modüller</th><th>İlgili Yönergeler</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code></li><li><code class="module"><a href="./mod/mod_cache_disk.html">mod_cache_disk</a></code></li><li><code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code></li><li><code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code></li></ul></td><td><ul><li> [...]
+
<h3><a name="disk" id="disk">Disk Üzerinde Önbellekleme</a></h3>
@@ -503,10 +512,47 @@ CacheDirLength 1</pre>
ardından yeterli bir büyüme alanı kalacak şekilde yapılandırılması
temin edilmelidir.</p>
+
+ <h3><a name="memcache" id="memcache">memcached ile önbellekleme</a></h3>
+
+
+ <p><code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code> modülünü kullanarak,
+ <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> çeşitli gerçeklenimlerden (diğer adıyla:
+ "sağlayıcılar"dan) gelen veriyi önbellekleyebilir.
+ <code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code> modülü kullanılarak, örneğin,
+ artalan saklama mekanizması olarak
+ <a href="http://memcached.org">memcached</a> kullanıldığı
+ söylenebilir.</p>
+
+ <p>Genelde modül şöyle yapılandırılır:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:memcd.example.com:11211</pre>
+
+
+ <p>İlave <code>memcached</code> sunucular
+ <code>CacheSocache memcache:</code> satırının ardına virgüllerle
+ ayrılarak eklenebilir:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache memcache:mem1.example.com:11211,mem2.example.com:11212</pre>
+
+
+ <p>Bu biçim diğer <code class="module"><a href="./mod/mod_cache_socache.html">mod_cache_socache</a></code> sağlayıcıları için de kullanılabilir:</p>
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache shmcb:/path/to/datafile(512000)</pre>
+
+
+ <pre class="prettyprint lang-config">CacheEnable socache /
+CacheSocache dbm:/path/to/datafile</pre>
+
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
-<h2><a name="socache-caching" id="socache-caching">İki durumlu Anahtar/Değer Paylaşımlı Nesne Önbellekleme</a></h2>
+<h2><a name="socache-caching" id="socache-caching">Genel İki durumlu Anahtar/Değer Paylaşımlı Nesne Önbellekleme</a></h2>
<table class="related"><tr><th>İlgili Modüller</th><th>İlgili Yönergeler</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_authn_socache.html">mod_authn_socache</a></code></li><li><code class="module"><a href="./mod/mod_socache_dbm.html">mod_socache_dbm</a></code></li><li><code class="module"><a href="./mod/mod_socache_dc.html">mod_socache_dc</a></code></li><li><code class="module"><a href="./mod/mod_socache_memcache.html">mod_socache_memcache</a></code></li><li><code [...]
diff --git a/docs/manual/convenience.map b/docs/manual/convenience.map
index 439720e..5dc5b09 100644
--- a/docs/manual/convenience.map
+++ b/docs/manual/convenience.map
@@ -242,7 +242,9 @@ globallog mod/mod_log_config.html#globallog
gprofdir mod/core.html#gprofdir
gracefulshutdowntimeout mod/mpm_common.html#gracefulshutdowntimeout
group mod/mod_unixd.html#group
+h2copyfiles mod/mod_http2.html#h2copyfiles
h2direct mod/mod_http2.html#h2direct
+h2earlyhints mod/mod_http2.html#h2earlyhints
h2maxsessionstreams mod/mod_http2.html#h2maxsessionstreams
h2maxworkeridleseconds mod/mod_http2.html#h2maxworkeridleseconds
h2maxworkers mod/mod_http2.html#h2maxworkers
@@ -251,6 +253,7 @@ h2moderntlsonly mod/mod_http2.html#h2moderntlsonly
h2push mod/mod_http2.html#h2push
h2pushdiarysize mod/mod_http2.html#h2pushdiarysize
h2pushpriority mod/mod_http2.html#h2pushpriority
+h2pushresource mod/mod_http2.html#h2pushresource
h2serializeheaders mod/mod_http2.html#h2serializeheaders
h2sessionextrafiles mod/mod_http2.html#h2sessionextrafiles
h2streammaxmemsize mod/mod_http2.html#h2streammaxmemsize
@@ -266,6 +269,7 @@ heartbeatmaxservers mod/mod_heartmonitor.html#heartbeatmaxservers
heartbeatstorage mod/mod_lbmethod_heartbeat.html#heartbeatstorage
heartbeatstorage mod/mod_heartmonitor.html#heartbeatstorage
hostnamelookups mod/core.html#hostnamelookups
+httpprotocoloptions mod/core.html#httpprotocoloptions
identitycheck mod/mod_ident.html#identitycheck
identitychecktimeout mod/mod_ident.html#identitychecktimeout
if mod/core.html#if
@@ -446,6 +450,7 @@ redirectmatch mod/mod_alias.html#redirectmatch
redirectpermanent mod/mod_alias.html#redirectpermanent
redirecttemp mod/mod_alias.html#redirecttemp
reflectorheader mod/mod_reflector.html#reflectorheader
+registerhttpmethod mod/core.html#registerhttpmethod
remoteipheader mod/mod_remoteip.html#remoteipheader
remoteipinternalproxy mod/mod_remoteip.html#remoteipinternalproxy
remoteipinternalproxylist mod/mod_remoteip.html#remoteipinternalproxylist
diff --git a/docs/manual/custom-error.html.tr.utf8 b/docs/manual/custom-error.html.tr.utf8
index 72a3eaa..ba6739a 100644
--- a/docs/manual/custom-error.html.tr.utf8
+++ b/docs/manual/custom-error.html.tr.utf8
@@ -30,7 +30,6 @@
<a href="./ko/custom-error.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="./tr/custom-error.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Apache HTTP Sunucusu 4xx veya 5xx HTTP durum kodları ile ilgili
diff --git a/docs/manual/expr.html.en b/docs/manual/expr.html.en
index 9bd50b6..61d662a 100644
--- a/docs/manual/expr.html.en
+++ b/docs/manual/expr.html.en
@@ -256,12 +256,12 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
<tr><td><code>TIME_YEAR</code></td>
<td>The current year (e.g. <code>2010</code>)</td></tr>
<tr class="odd"><td><code>TIME_MON</code></td>
- <td>The current month (<code>1</code>, ..., <code>12</code>)</td></tr>
+ <td>The current month (<code>01</code>, ..., <code>12</code>)</td></tr>
<tr><td><code>TIME_DAY</code></td>
- <td>The current day of the month</td></tr>
+ <td>The current day of the month (<code>01</code>, ...)</td></tr>
<tr class="odd"><td><code>TIME_HOUR</code></td>
<td>The hour part of the current time
- (<code>0</code>, ..., <code>23</code>)</td></tr>
+ (<code>00</code>, ..., <code>23</code>)</td></tr>
<tr><td><code>TIME_MIN</code></td>
<td>The minute part of the current time </td></tr>
<tr class="odd"><td><code>TIME_SEC</code></td>
@@ -418,7 +418,7 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
a string. Functions names are not case sensitive.
Modules may register additional functions.</p>
- <table class="bordered"><tr class="header"><th>Name</th><th>Description</th><th>Restricted</th></tr>
+ <table class="bordered"><tr class="header"><th>Name</th><th>Description</th><th>Special notes</th></tr>
<tr><td><code>req</code>, <code>http</code></td>
<td>Get HTTP request header; header names may be added to the Vary
header, see below</td><td /></tr>
@@ -429,15 +429,15 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
<td>Get HTTP response header</td><td /></tr>
<tr class="odd"><td><code>reqenv</code></td>
<td>Lookup request environment variable (as a shortcut,
- <code>v</code> can be used too to access
- variables).</td><td /></tr>
+ <code>v</code> can also be used to access variables).</td>
+ <td>ordering</td></tr>
<tr><td><code>osenv</code></td>
<td>Lookup operating system environment variable</td><td /></tr>
<tr class="odd"><td><code>note</code></td>
- <td>Lookup request note</td><td /></tr>
+ <td>Lookup request note</td><td>ordering</td></tr>
<tr><td><code>env</code></td>
<td>Return first match of <code>note</code>, <code>reqenv</code>,
- <code>osenv</code></td><td /></tr>
+ <code>osenv</code></td><td>ordering</td></tr>
<tr class="odd"><td><code>tolower</code></td>
<td>Convert string to lower case</td><td /></tr>
<tr><td><code>toupper</code></td>
@@ -460,14 +460,37 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
encoding</td><td /></tr>
<tr class="odd"><td><code>file</code></td>
<td>Read contents from a file (including line endings, when present)
- </td><td>yes</td></tr>
-<tr><td><code>filesize</code></td>
+ </td><td>restricted</td></tr>
+<tr><td><code>filemod</code></td>
+ <td>Return last modification time of a file (or 0 if file does not exist
+ or is not regular file)</td><td>restricted</td></tr>
+<tr class="odd"><td><code>filesize</code></td>
<td>Return size of a file (or 0 if file does not exist or is not
- regular file)</td><td>yes</td></tr>
+ regular file)</td><td>restricted</td></tr>
</table>
- <p>The functions marked as "restricted" are not available in some modules
- like <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</p>
+ <p>The functions marked as "restricted" in the final column are not
+ available in some modules like <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</p>
+
+ <p>The functions marked as "ordering" in the final column require some
+ consideration for the ordering of different components of the server,
+ especially when the function is used within the
+ <<code class="directive"><a href="./mod/core.html#if">If</a></code>> directive which is
+ evaluated relatively early.</p>
+ <div class="note">
+ <h3>Environment variable ordering</h3>
+ When environment variables are looked up within an
+ <<code class="directive"><a href="./mod/core.html#if">If</a></code>> condition, it's important
+ to consider how extremely early in request processing that this
+ resolution occurs. As a guideline, any directive defined outside of virtual host
+ context (directory, location, htaccess) is not likely to have yet had a
+ chance to execute. <code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code>
+ in virtual host scope is one directive that runs prior to this resolution
+ <br />
+ <br />
+ When <code>reqenv</code> is used outside of <<code class="directive"><a href="./mod/core.html#if">If</a></code>>, the resolution will generally occur later, but the
+ exact timing depends on the directive the expression has been used within.
+ </div>
<p>When the functions <code>req</code> or <code>http</code> are used,
the header name will automatically be added to the Vary header of the
@@ -490,12 +513,13 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="examples" id="examples">Example expressions</a></h2>
+
-
<p>The following examples show how expressions might be used to
evaluate requests:</p>
-
- <pre class="prettyprint lang-config"># Compare the host name to example.com and redirect to www.example.com if it matches
+
+
+ <pre class="prettyprint lang-config"># Compare the host name to example.com and redirect to www.example.com if it matches
<If "%{HTTP_HOST} == 'example.com'">
Redirect permanent "/" "http://www.example.com/"
</If>
@@ -508,7 +532,7 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
# Only allow access to this content during business hours
<Directory "/foo/bar/business">
Require expr %{TIME_HOUR} -gt 9 && %{TIME_HOUR} -lt 17
-</Directory>
+</Directory>
# Check a HTTP header for a list of values
<If "%{HTTP:X-example-header} in { 'foo', 'bar', 'baz' }">
@@ -542,7 +566,7 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
Header set foo-checksum "expr=%{md5:foo}"
# This delays the evaluation of the condition clause compared to <If>
-Header always set CustomHeader my-value "expr=%{REQUEST_URI} =~ m#^/special_path.php$#"</pre>
+Header always set CustomHeader my-value "expr=%{REQUEST_URI} =~ m#^/special_path\.php$#"</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
diff --git a/docs/manual/expr.html.fr b/docs/manual/expr.html.fr
index 8211a84..a950224 100644
--- a/docs/manual/expr.html.fr
+++ b/docs/manual/expr.html.fr
@@ -266,11 +266,11 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
<tr><td><code>TIME_YEAR</code></td>
<td>L'ann�e courante (par exemple <code>2010</code>)</td></tr>
<tr class="odd"><td><code>TIME_MON</code></td>
- <td>Le mois courant (<code>1</code>, ..., <code>12</code>)</td></tr>
+ <td>Le mois courant (<code>01</code>, ..., <code>12</code>)</td></tr>
<tr><td><code>TIME_DAY</code></td>
- <td>Le jour courant dans le mois</td></tr>
+ <td>Le jour courant dans le mois (<code>01</code>, ...)</td></tr>
<tr class="odd"><td><code>TIME_HOUR</code></td>
- <td>Les heures de la date courante (<code>0</code>, ...,
+ <td>Les heures de la date courante (<code>00</code>, ...,
<code>23</code>)</td></tr>
<tr><td><code>TIME_MIN</code></td>
<td>Les minutes de la date courante</td></tr>
@@ -372,7 +372,7 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
sensible � la casse. Les modules peuvent fournir des op�rateurs
unaires suppl�mentaires.</p>
- <table class="bordered"><tr class="header"><th>Nom</th><th>Description</th><th>Restreint</th></tr>
+ <table class="bordered"><tr class="header"><th>Nom</th><th>Description</th><th>Remarques particuli�res</th></tr>
<tr><td><code>-d</code></td>
<td>L'argument est trait� comme un nom de fichier.
Vrai si le fichier existe et correspond � un
@@ -449,15 +449,15 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
<td>Lit l'en-t�te de r�ponse HTTP</td><td /></tr>
<tr class="odd"><td><code>reqenv</code></td>
<td>Recherche une variable d'environnement de requ�te (on
- peut aussi utiliser le raccourci <code>v</code>).</td><td /></tr>
+ peut aussi utiliser le raccourci <code>v</code>).</td><td>ordonnancement</td></tr>
<tr><td><code>osenv</code></td>
<td>Recherche une variable d'environnement du syst�me
d'exploitation</td><td /></tr>
<tr class="odd"><td><code>note</code></td>
- <td>Recherche une note de requ�te</td><td /></tr>
+ <td>Recherche une note de requ�te</td><td>ordonnancement</td></tr>
<tr><td><code>env</code></td>
<td>Renvoie le premier r�sultat positif de <code>note</code>,
- <code>reqenv</code>, <code>osenv</code></td><td /></tr>
+ <code>reqenv</code>, <code>osenv</code></td><td>ordonnancement</td></tr>
<tr class="odd"><td><code>tolower</code></td>
<td>Convertit une cha�ne en minuscules</td><td /></tr>
<tr><td><code>toupper</code></td>
@@ -481,14 +481,40 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pr
le hash obtenu en hexad�cimal</td><td /></tr>
<tr class="odd"><td><code>file</code></td>
<td>Lit le contenu d'un fichier(fins de lignes incluses, si
- elles existent)</td><td>oui</td></tr>
-<tr><td><code>filesize</code></td>
+ elles existent)</td><td>limit�</td></tr>
+<tr><td><code>filemod</code></td>
+ <td>Renvoie la date de derni�re modification d'un fichier (ou 0 si le
+ fichier n'existe pas ou n'est pas un fichier r�gulier)</td><td>limit�</td></tr>
+<tr class="odd"><td><code>filesize</code></td>
<td>Renvoie la taille d'un fichier (ou 0 si le fichier n'existe
- pas ou ne correspond pas � un fichier r�gulier)</td><td>oui</td></tr>
+ pas ou ne correspond pas � un fichier r�gulier)</td><td>limit�</td></tr>
</table>
- <p>Les fonctions marqu�es comme "restreints" ne sont pas disponibles
- avec certains modules comme <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</p>
+ <p>Les fonctions marqu�es comme "limit�" dans la derni�re colonne ne sont
+ pas disponibles avec certains modules comme
+ <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</p>
+
+ <p>Les fonctions marqu�es comme "ordonnancement" dans la derni�re colonne
+ n�cessitent une attention particuli�re pour l'ordonnancement des diff�rents
+ composants du serveur, sp�cialement lorsque la fonction est utilis�e au sein
+ d'une directive <<code class="directive"><a href="./mod/core.html#if">If</a></code>> qui est
+ �valu�e relativement t�t.</p>
+ <div class="note">
+ <h3>Ordonnancement des variables d'environnement</h3>
+ Lorsque des variables d'environnement sont �valu�es au sein d'une directive
+ <<code class="directive"><a href="./mod/core.html#if">If</a></code>>, il est important de tenir
+ compte du moment o� cette �valuation intervient dans le traitement de la
+ requ�te. Par exemple, toute directive d�finie en dehors d'un contexte de
+ serveur virtuel (directory, location, htaccess) aura peu de chance d'�tre
+ d�j� ex�cut�e. Ainsi la directive <code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code> est une directive qui s'ex�cute
+ avant cette �valuation.
+ <br />
+ <br />
+ Lorsque <code>reqenv</code> est utilis� en dehors de la directive
+ <<code class="directive"><a href="./mod/core.html#if">If</a></code>>, l'�valuation survient en
+ g�n�ral plus tard, mais le moment exact d�pend de la directive dans laquelle
+ l'expression a �t� utilis�e.
+ </div>
<p>Lorsque les fonctions <code>req</code> ou <code>http</code> sont
utilis�es, le nom d'en-t�te sera automatiquement ajout� � l'en-t�te
@@ -573,7 +599,8 @@ Header set foo-checksum "expr=%{md5:foo}"
# L'exemple suivant retarde l'�valuation de la clause de condition par rapport �
# <If>
-Header always set CustomHeader my-value "expr=%{REQUEST_URI} =~ m#^/special_path.php$#"</pre>
+Header always set CustomHeader my-value "expr=%{REQUEST_URI} =~
+m#^/special_path\.php$#"</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
diff --git a/docs/manual/howto/auth.html.tr.utf8 b/docs/manual/howto/auth.html.tr.utf8
index acb9fc0..1bcd11e 100644
--- a/docs/manual/howto/auth.html.tr.utf8
+++ b/docs/manual/howto/auth.html.tr.utf8
@@ -29,7 +29,6 @@
<a href="../ko/howto/auth.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/howto/auth.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Kimlik Doğrulama istediğiniz kişileri teyid etme işlemidir.
Yetkilendirme ise kişilerin nereye gireceklerine ve hangi bilgiye
@@ -566,6 +565,18 @@ Require group Grupismi</pre>
yapılandırmalarla uyumluluğu sağlamak için bu yönergeler
<code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code> modülüne taşınmıştır.</p>
+ <div class="warning"><h3>Note</h3>
+ <p><code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code> ile sağlanan yönergelerin
+ kullanımı artık önerilmemekte, <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>
+ modülündeki yönergeler önerilmektedir. <code class="directive"><a href="../mod/mod_access_compat.html#order">Order</a></code>, <code class="directive"><a href="../mod/mod_access_compat.html#allow">Allow</a></code> veya <code class="directive"><a href="../mod/mod_access_compat.html#deny">Deny</a></code> ile
+ <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> gibi daha yeni
+ olanlarının yenilerle karışık kullanımı teknik olarak mümkünse de
+ önerilmemektedir. <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code> modülü, 2.4
+ yükseltmesini kolaylaştırmak için sadece eski yönergeleri içeren
+ yapılandırmaları desteklemek üzere oluşturulmuştur. Daha ayrıntılı
+ bilgi için <a href="../upgrading.html">yükseltme</a> belgesine bakınız.
+ </p>
+ </div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
diff --git a/docs/manual/howto/cgi.html.en b/docs/manual/howto/cgi.html.en
index 0888b60..87e2edb 100644
--- a/docs/manual/howto/cgi.html.en
+++ b/docs/manual/howto/cgi.html.en
@@ -42,13 +42,14 @@
<h2><a name="intro" id="intro">Introduction</a></h2>
- <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a hr [...]
+ <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li><li><code class="directive"><a href=".. [...]
<p>The CGI (Common Gateway Interface) defines a way for a web
server to interact with external content-generating programs,
which are often referred to as CGI programs or CGI scripts. It
- is the simplest, and most common, way to put dynamic content on
- your web site. This document will be an introduction to setting
+ is a simple way to put dynamic content on
+ your web site, using whatever programming language you're most
+ familiar with. This document will be an introduction to setting
up CGI on your Apache web server, and getting started writing
CGI programs.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -67,9 +68,17 @@
directive has not been commented out. A correctly configured directive
may look like this:
+ <pre class="prettyprint lang-config">LoadModule cgid_module modules/mod_cgid.so</pre>
+
+
+
+ On Windows, or using a non-threaded MPM like prefork, A correctly
+ configured directive may look like this:
+
<pre class="prettyprint lang-config">LoadModule cgi_module modules/mod_cgi.so</pre>
</div>
+
<h3><a name="scriptalias" id="scriptalias">ScriptAlias</a></h3>
diff --git a/docs/manual/howto/cgi.html.fr b/docs/manual/howto/cgi.html.fr
index 39ce995..2bf5fab 100644
--- a/docs/manual/howto/cgi.html.fr
+++ b/docs/manual/howto/cgi.html.fr
@@ -28,6 +28,8 @@
<a href="../ja/howto/cgi.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/howto/cgi.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#intro">Introduction</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#configuring">Configurer Apache pour autoriser CGI</a></li>
@@ -42,7 +44,7 @@
<h2><a name="intro" id="intro">Introduction</a></h2>
- <table class="related"><tr><th>Modules Apparent�s</th><th>Directives Apparent�es</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive [...]
+ <table class="related"><tr><th>Modules Apparent�s</th><th>Directives Apparent�es</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li><li><code class="directive"><a h [...]
<p>CGI (Common Gateway Interface) d�finit une m�thode d'interaction
entre un serveur web et des programmes g�n�rateurs de contenu
@@ -67,9 +69,17 @@
comment�e dans votre <code>httpd.conf</code>. Une directive correcte
doit ressembler � ceci :
+ <pre class="prettyprint lang-config">LoadModule cgid_module modules/mod_cgid.so</pre>
+
+
+
+ Sous Windows, ou si l'on utilise un module MPM non-thread� comme prefork,
+ une directive correctement configur�e sera du style :
+
<pre class="prettyprint lang-config">LoadModule cgi_module modules/mod_cgi.so</pre>
</div>
+
<h3><a name="scriptalias" id="scriptalias">ScriptAlias</a></h3>
diff --git a/docs/manual/howto/public_html.html.tr.utf8 b/docs/manual/howto/public_html.html.tr.utf8
index cc9b8e9..9a55fb4 100644
--- a/docs/manual/howto/public_html.html.tr.utf8
+++ b/docs/manual/howto/public_html.html.tr.utf8
@@ -29,7 +29,6 @@
<a href="../ko/howto/public_html.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/howto/public_html.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Çok kullanıcılı sistemlerde, <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesi ile her kullanıcının kendi ev dizininde
bir sitesi olması sağlanabilir.
@@ -42,14 +41,14 @@
kullanırken <code>conf/httpd.conf</code> öntanımlı yapılandırma
dosyasındaki</p>
- <div class="example"><p><code>
- #Include conf/extra/httpd-userdir.conf
- </code></p></div>
+ <pre class="prettyprint lang-config">#Include conf/extra/httpd-userdir.conf</pre>
+
<p>satırını etkin hale getirip, gerekiyorsa <code>httpd-userdir.conf</code>
dosyasını da düzenleyerek veya ana yapılandırma dosyasında bir
- <code>Directory</code> bloğu içine uygun yönergeleri yerleştirerek bu
- dizinlere erişimi etkin hale getirebilirsiniz.</p>
+ <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> bloğu içine
+ uygun yönergeleri yerleştirerek bu dizinlere erişimi etkin hale
+ getirebilirsiniz.</p>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#related">Kullanıcı sayfaları dizinleri</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#userdir"><code>UserDir</code> ile dosya yolunun belirtilmesi</a></li>
@@ -149,8 +148,8 @@
işlevselliğin belli kullanıcılar dışında kullanılmamasını da
sağlayabilirsiniz:</p>
- <pre class="prettyprint lang-config"> UserDir disabled<br />
- UserDir enabled orhan yasar</pre>
+ <pre class="prettyprint lang-config">UserDir disabled
+UserDir enabled orhan yasar</pre>
<p>Daha fazla örnek için <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesinin açıklamasına bakabilirsiniz.</p>
diff --git a/docs/manual/install.html.en b/docs/manual/install.html.en
index a5598f0..d598d49 100644
--- a/docs/manual/install.html.en
+++ b/docs/manual/install.html.en
@@ -70,7 +70,7 @@
<tr>
<td><a href="#download">Download</a></td>
- <td><code>$ lynx http://httpd.apache.org/download.cgi</code>
+ <td>Download the latest release from <a href="http://httpd.apache.org/download.cgi#apache24">http://httpd.apache.org/download.cgi</a>
</td>
</tr>
diff --git a/docs/manual/install.html.fr b/docs/manual/install.html.fr
index 450e196..fdc8b93 100644
--- a/docs/manual/install.html.fr
+++ b/docs/manual/install.html.fr
@@ -73,7 +73,7 @@
<tr>
<td><a href="#download">T�l�chargement</a></td>
- <td><code>$ lynx http://httpd.apache.org/download.cgi</code>
+ <td>T�l�chargez la derni�re version depuis <a href="http://httpd.apache.org/download.cgi#apache24">http://httpd.apache.org/download.cgi</a>
</td>
</tr>
diff --git a/docs/manual/install.html.tr.utf8 b/docs/manual/install.html.tr.utf8
index d274b71..4c9fd58 100644
--- a/docs/manual/install.html.tr.utf8
+++ b/docs/manual/install.html.tr.utf8
@@ -71,7 +71,9 @@
<tr>
<td><a href="#download">İndirme</a></td>
- <td><code>$ lynx http://httpd.apache.org/download.cgi</code>
+ <td><a href="http://httpd.apache.org/download.cgi#apache24">http://httpd.apache.org/download.cgi</a> adresinden en son
+ dağıtımı indirin.
+
</td>
</tr>
diff --git a/docs/manual/logs.html.tr.utf8 b/docs/manual/logs.html.tr.utf8
index d395928..484d626 100644
--- a/docs/manual/logs.html.tr.utf8
+++ b/docs/manual/logs.html.tr.utf8
@@ -29,7 +29,6 @@
<a href="./ko/logs.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="./tr/logs.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Bir HTTP sunucusunu verimli şekilde yönetebilmek için oluşabilecek
sorunlardan başka sunucunun başarımı ve etkinliği hakkında da bazı geri
@@ -185,7 +184,7 @@
bilgiyi incelemektir. Günlük incelemesi bu belgenin kapsamına dahil
değildir ve aslında bu işlem sunucunun yaptığı işlerden biri değildir.
Bu konu ve günlük incelemesi yapan uygulamalar hakkında daha ayrıntılı
- bilgi edinmek için <a href="http://dmoz.org/Computers/Software/Internet/Site_Management/Log_Analysis/">dmoz.org</a> bakınız.</p>
+ bilgi edinmek için <a href="http://dmoz.org/Computers/Software/Internet/Site_Management/Log_Analysis/">dmoz.org</a>'a bakınız.</p>
<p>Apache httpd’nin çeşitli sürümlerinde erişim günlüklerini denetlemek
için kullanılan diğer modüller ve yönergeler arasında mod_log_referer,
@@ -450,7 +449,7 @@ LogFormat "%!200,304,302{Referer}i" refererlog</pre>
<strong>değilse</strong> (durum kodlarının öncesindeki "!" imine
dikkat) <code>Referer</code> başlığı günlüklenecektir.</p>
- <p>Koşulaa bağlı günlük kaydının çok esnek ve güçlü olabileceğini
+ <p>Koşula bağlı günlük kaydının çok esnek ve güçlü olabileceğini
göstermiş olsak da günlük içeriğini denetlemenin tek yolu bu değildir.
Günlük dosyaları sunucu etkinliğini eksiksiz olarak kaydedebildikleri
takdirde daha yararlı olurlar. Günlük dosyalarını sonradan işleme tabi
diff --git a/docs/manual/mod/core.html.de b/docs/manual/mod/core.html.de
index bd62cc5..a80249f 100644
--- a/docs/manual/mod/core.html.de
+++ b/docs/manual/mod/core.html.de
@@ -74,6 +74,7 @@ Servers</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -104,6 +105,7 @@ Servers</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -1535,6 +1537,20 @@ angegebenen MIME-Content-Type</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a>-<a name="httpprotocoloptions" id="httpprotocoloptions">Direktive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Beschreibung:</a></th><td>Modify restrictions on HTTP Request Messages</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Voreinstellung:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Kontext:</a></th><td>Serverkonfiguration, Virtual Host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Modul:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Kompatibilit�t:</a></th><td>2.2.32 or 2.4.24 and later</td></tr>
+</table><p>Die Dokumentation zu dieser Direktive wurde
+ noch nicht �bersetzt. Bitte schauen Sie in die englische
+ Version.</p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="If" id="If"><If></a>-<a name="if" id="if">Direktive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Beschreibung:</a></th><td>Contains directives that apply only if a condition is
@@ -2795,6 +2811,17 @@ as if 'QualifyRedirectURL ON' was configured.</td></tr>
noch nicht �bersetzt. Bitte schauen Sie in die englische
Version.</p></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a>-<a name="registerhttpmethod" id="registerhttpmethod">Direktive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Beschreibung:</a></th><td>Register non-standard HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Kontext:</a></th><td>Serverkonfiguration</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Modul:</a></th><td>core</td></tr>
+</table><p>Die Dokumentation zu dieser Direktive wurde
+ noch nicht �bersetzt. Bitte schauen Sie in die englische
+ Version.</p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a>-<a name="rlimitcpu" id="rlimitcpu">Direktive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Beschreibung:</a></th><td>Begrenzt den CPU-Verbrauch von Prozessen, die von
diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en
index ae76906..513efa9 100644
--- a/docs/manual/mod/core.html.en
+++ b/docs/manual/mod/core.html.en
@@ -71,6 +71,7 @@ available</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -101,6 +102,7 @@ available</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -179,24 +181,19 @@ AcceptFilter https data</pre>
requests. Any value besides <code>none</code> will enable
<code>TCP_DEFER_ACCEPT</code> on that listener. For more details
see the Linux
- <a href="http://homepages.cwi.nl/~aeb/linux/man2html/man7/tcp.7.html">
+ <a href="http://man7.org/linux/man-pages/man7/tcp.7.html">
tcp(7)</a> man page.</p>
<p>The default values on Windows are:</p>
- <pre class="prettyprint lang-config">AcceptFilter http data
-AcceptFilter https data</pre>
+ <pre class="prettyprint lang-config">AcceptFilter http connect
+AcceptFilter https connect</pre>
<p>Window's mpm_winnt interprets the AcceptFilter to toggle the AcceptEx()
- API, and does not support http protocol buffering. There are two values
- which utilize the Windows AcceptEx() API and will recycle network
- sockets between connections. <code>data</code> waits until data has
- been transmitted as documented above, and the initial data buffer and
- network endpoint addresses are all retrieved from the single AcceptEx()
- invocation. <code>connect</code> will use the AcceptEx() API, also
- retrieve the network endpoint addresses, but like <code>none</code>
- the <code>connect</code> option does not wait for the initial data
- transmission.</p>
+ API, and does not support http protocol buffering. <code>connect</code>
+ will use the AcceptEx() API, also retrieve the network endpoint
+ addresses, but like <code>none</code> the <code>connect</code> option
+ does not wait for the initial data transmission.</p>
<p>On Windows, <code>none</code> uses accept() rather than AcceptEx()
and will not recycle sockets between connections. This is useful for
@@ -204,6 +201,22 @@ AcceptFilter https data</pre>
network providers such as vpn drivers, or spam, virus or spyware
filters.</p>
+ <div class="warning">
+ <h3>The <code>data</code> AcceptFilter (Windows)</h3>
+
+ <p>For versions 2.4.23 and prior, the Windows <code>data</code> accept
+ filter waited until data had been transmitted and the initial data
+ buffer and network endpoint addresses had been retrieved from the
+ single AcceptEx() invocation. This implementation was subject to a
+ denial of service attack and has been disabled.</p>
+
+ <p>Current releases of httpd default to the <code>connect</code> filter
+ on Windows, and will fall back to <code>connect</code> if
+ <code>data</code> is specified. Users of prior releases are encouraged
+ to add an explicit setting of <code>connect</code> for their
+ AcceptFilter, as shown above.</p>
+ </div>
+
<h3>See also</h3>
<ul>
@@ -837,6 +850,13 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
<p>Variable names may not contain colon ":" characters, to avoid clashes
with <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>'s syntax.</p>
+ <p>While this directive is supported in virtual host and directory context,
+ the changes it makes are visible to any later configuration
+ directives, beyond any enclosing configuration section (matching or not).
+ Support for the other configuration sections was erroneously permitted by the initial
+ implementation of this directive and is only preserved (with unintuitive
+ results) to maintain backward compatibility.</p>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="Directory" id="Directory"><Directory></a> <a name="directory" id="directory">Directive</a></h2>
@@ -1982,6 +2002,74 @@ media type in the HTTP Content-Type header field</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a> <a name="httpprotocoloptions" id="httpprotocoloptions">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Modify restrictions on HTTP Request Messages</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.2.32 or 2.4.24 and later</td></tr>
+</table>
+ <p>This directive changes the rules applied to the HTTP Request Line
+ (<a href="https://tools.ietf.org/html/rfc7230#section-3.1.1">RFC 7230 �3.1.1</a>) and the HTTP Request Header Fields
+ (<a href="https://tools.ietf.org/html/rfc7230#section-3.2">RFC 7230 �3.2</a>), which are now applied by default or using
+ the <code>Strict</code> option. Due to legacy modules, applications or
+ custom user-agents which must be deperecated the <code>Unsafe</code>
+ option has been added to revert to the legacy behaviors. These rules
+ are applied prior to request processing, so must be configured at the
+ global or default (first) matching virtual host section, by IP/port
+ interface (and not by name) to be honored.</p>
+
+ <p>Prior to the introduction of this directive, the Apache HTTP Server
+ request message parsers were tolerant of a number of forms of input
+ which did not conform to the protocol.
+ <a href="https://tools.ietf.org/html/rfc7230#section-9.4">RFC 7230 �9.4 Request Splitting</a> and
+ <a href="https://tools.ietf.org/html/rfc7230#section-9.5">�9.5 Response Smuggling</a> call out only two of the potential
+ risks of accepting non-conformant request messages, while
+ <a href="https://tools.ietf.org/html/rfc7230#section-3.5">RFC 7230 �3.5</a> "Message Parsing Robustness" identify the
+ risks of accepting obscure whitespace and request message formatting.
+ As of the introduction of this directive, all grammer rules of the
+ specification are enforced in the default <code>Strict</code> operating
+ mode, and the strict whitespace suggested by section 3.5 is enforced
+ and cannot be relaxed.</p>
+
+ <p>Users are strongly cautioned against toggling the <code>Unsafe</code>
+ mode of operation, particularly on outward-facing, publicly accessible
+ server deployments. If an interface is required for faulty monitoring
+ or other custom service consumers running on an intranet, users should
+ toggle the Unsafe option only on a specific virtual host configured
+ to service their internal private network.</p>
+
+ <p>Reviewing the messages logged to the <code class="directive">ErrorLog</code>,
+ configured with <code class="directive">LogLevel</code> <code>debug</code> level,
+ can help identify such faulty requests along with their origin.
+ Users should pay particular attention to the 400 responses in the access
+ log for invalid requests which were unexpectedly rejected.</p>
+
+ <p><a href="https://tools.ietf.org/html/rfc7231#section-4.1">RFC 7231 �4.1</a> "Request Methods" "Overview" requires that
+ origin servers shall respond with an error when an unsupported method
+ is encountered in the request line. This already happens when the
+ <code>LenientMethods</code> option is used, but administrators may wish
+ to toggle the <code>RegisteredMethods</code> option and register any
+ non-standard methods using the <code class="directive">RegisterHttpMethod</code>
+ directive, particularly if the <code>Unsafe</code> option has been toggled.
+ The <code>RegisteredMethods</code> option should <strong>not</strong>
+ be toggled for forward proxy hosts, as the methods supported by the
+ origin servers are unknown to the proxy server.</p>
+
+ <p><a href="https://tools.ietf.org/html/rfc2616#section-19.6">RFC 2616 �19.6</a> "Compatibility With Previous Versions" had
+ encouraged HTTP servers to support legacy HTTP/0.9 requests. RFC 7230
+ superceeds this with "The expectation to support HTTP/0.9 requests has
+ been removed" and offers additional comments in
+ <a href="https://tools.ietf.org/html/rfc7230#appendix-A">RFC 7230 Appendix A</a>. The <code>Require1.0</code> option allows
+ the user to remove support of the default <code>Allow0.9</code> option's
+ behavior.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="If" id="If"><If></a> <a name="if" id="if">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Contains directives that apply only if a condition is
@@ -3720,6 +3808,23 @@ as if 'QualifyRedirectURL ON' was configured.</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a> <a name="registerhttpmethod" id="registerhttpmethod">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Register non-standard HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
+</table>
+<p>HTTP Methods that are not conforming to the relvant RFCs are normally
+rejected by request processing in Apache HTTPD. To avoid this, modules
+can register non-standard HTTP methods they support.
+The <code class="directive">RegisterHttpMethod</code> allows to register such
+methods manually. This can be useful for if such methods are forwared
+for external processing, e.g. to a CGI script.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a> <a name="rlimitcpu" id="rlimitcpu">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Limits the CPU consumption of processes launched
diff --git a/docs/manual/mod/core.html.es b/docs/manual/mod/core.html.es
index 00a3692..323f9e0 100644
--- a/docs/manual/mod/core.html.es
+++ b/docs/manual/mod/core.html.es
@@ -74,6 +74,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -104,6 +105,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -1731,6 +1733,21 @@ media type in the HTTP Content-Type header field</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a> <a name="httpprotocoloptions" id="httpprotocoloptions">Directiva</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Descripci�n:</a></th><td>Modify restrictions on HTTP Request Messages</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sintaxis:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Valor por defecto:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Contexto:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Estado:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">M�dulo:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibilidad:</a></th><td>2.2.32 or 2.4.24 and later</td></tr>
+</table><p>La Documentaci�n para esta directiva
+ no ha sido traducida a�n. Por favor use la versi�n en ingl�s
+ mientras tanto.
+ </p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="If" id="If"><If></a> <a name="if" id="if">Directiva</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Descripci�n:</a></th><td>Contains directives that apply only if a condition is
@@ -3454,6 +3471,18 @@ as if 'QualifyRedirectURL ON' was configured.</td></tr>
mientras tanto.
</p></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a> <a name="registerhttpmethod" id="registerhttpmethod">Directiva</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Descripci�n:</a></th><td>Register non-standard HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sintaxis:</a></th><td><code>RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Contexto:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Estado:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">M�dulo:</a></th><td>core</td></tr>
+</table><p>La Documentaci�n para esta directiva
+ no ha sido traducida a�n. Por favor use la versi�n en ingl�s
+ mientras tanto.
+ </p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a> <a name="rlimitcpu" id="rlimitcpu">Directiva</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Descripci�n:</a></th><td>Limits the CPU consumption of processes launched
diff --git a/docs/manual/mod/core.html.fr b/docs/manual/mod/core.html.fr
index 5a81255..31b255f 100644
--- a/docs/manual/mod/core.html.fr
+++ b/docs/manual/mod/core.html.fr
@@ -73,6 +73,7 @@ disponibles</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -103,6 +104,7 @@ disponibles</td></tr>
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -181,21 +183,16 @@ AcceptFilter https data</pre>
la mise en tampon des requ�tes http. Toute valeur autre que
<code>none</code> active le filtre <code>TCP_DEFER_ACCEPT</code>
pour ce protocole. Pour plus de d�tails, voir la page de
- manuel Linux de <a href="http://homepages.cwi.nl/~aeb/linux/man2html/man7/ tcp.7.html">tcp(7)</a>.</p>
+ manuel Linux de <a href="http://man7.org/linux/man-pages/man7/tcp.7.html">tcp(7)</a>.</p>
<p>Sous Windows, les valeurs par d�faut sont :</p>
- <pre class="prettyprint lang-config">AcceptFilter http data
-AcceptFilter https data</pre>
+ <pre class="prettyprint lang-config">AcceptFilter http connect
+AcceptFilter https connect</pre>
<p>Le module MPM pour Windows mpm_winnt utilise la directive
AcceptFilter comme commutateur de l'API AcceptEx(), et ne supporte
- pas la mise en tampon du protocole http. Deux valeurs utilisent
- l'API Windows AcceptEx() et vont recycler les sockets r�seau entre
- les connexions. <code>data</code> attend jusqu'� ce que les donn�es
- aient �t� transmises comme d�crit plus haut, et le tampon de donn�es
- initiales ainsi que les adresses r�seau finales sont tous extraits
- gr�ce � une seule invocation d'AcceptEx(). <code>connect</code>
+ pas la mise en tampon du protocole http. <code>connect</code>
utilise l'API AcceptEx(), extrait aussi les adresses r�seau finales,
mais � l'instar de <code>none</code>, la valeur <code>connect</code>
n'attend pas la transmission des donn�es initiales.</p>
@@ -207,6 +204,23 @@ AcceptFilter https data</pre>
pilotes vpn, ou les filtres anti-spam, anti-virus ou
anti-spyware.</p>
+ <div class="warning">
+ <h3>L'AcceptFilter <code>data</code> (Windows)</h3>
+
+ <p>Jusqu'� la version 2.4.23, le filtre d'acceptation <code>data</code>
+ attendait que des donn�es aient �t� transmises et que le tampon de donn�es
+ initial et l'adresse r�seau finale aient �t� d�termin�s par l'invocation
+ AcceptEx(). Cette impl�mentation �tant vuln�rable � une attaque de type
+ denial of service, elle a �t� d�sactiv�e.</p>
+
+ <p>La version actuelle de httpd prend par d�faut le filtre
+ <code>connect</code> sous Windows, et reprendra la valeur
+ <code>data</code> si <code>data</code> est sp�cifi�. Il est fortement
+ conseill� aux utilisateurs des versions plus anciennes de d�finir
+ explicitement le filtre <code>connect</code> pour leurs AcceptFilter
+ comme indiqu� plus haut.</p>
+ </div>
+
<h3>Voir aussi</h3>
<ul>
@@ -879,6 +893,13 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
<p>Le caract�re ":" est interdit dans les noms de variables afin
d'�viter les conflits avec la syntaxe de la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>.</p>
+ <p>Si cette directive est d�finie au sein d'un bloc VirtualHost, les
+ changements qu'elle induit sont visibles de toute directive
+ ult�rieure, au del� de tout bloc VirtualHost. Le support des autres sections
+ de configuration a �t� permis par erreur par l'impl�mentation initiale de
+ cette directive, et n'est conserv� (avec des effets impr�visibles) que dans un
+ but de compatibilit� ascendante.</p>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="directory" id="directory">Directive</a> <a name="Directory" id="Directory"><Directory></a></h2>
@@ -886,7 +907,7 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Regroupe un ensemble de directives qui ne s'appliquent
qu'au r�pertoire concern� du syst�me de fichiers, � ses
sous-r�pertoires, et � leur contenu.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code><Directory "<var>chemin r�pertoire</var>">
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code><Directory <var>chemin r�pertoire</var>>
... </Directory></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Core</td></tr>
@@ -1869,7 +1890,7 @@ dans les versions 2.3.14 et ant
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Contient des directives qui s'appliquent aux fichiers
pr�cis�s</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code><Files "<var>nom fichier</var>"> ... </Files></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code><Files <var>nom fichier</var>> ... </Files></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel, r�pertoire, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>All</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Core</td></tr>
@@ -2124,6 +2145,20 @@ clients</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="httpprotocoloptions" id="httpprotocoloptions">Directive</a> <a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Modify restrictions on HTTP Request Messages</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">D�faut:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel</td></tr>
+<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>2.2.32 or 2.4.24 and later</td></tr>
+</table><p>La documentation de cette directive
+ n'a pas encore t traduite. Veuillez vous reporter la version
+ en langue anglaise.</p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="if" id="if">Directive</a> <a name="If" id="If"><If></a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Contient des directives qui ne s'appliquent que si une
@@ -2834,7 +2869,7 @@ XML</td></tr>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>N'applique les directives contenues qu'aux URLs
sp�cifi�es</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code><Location
- "<var>chemin URL</var>|<var>URL</var>"> ... </Location></code></td></tr>
+ <var>chemin URL</var>|<var>URL</var>> ... </Location></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
@@ -3794,7 +3829,7 @@ particulier</td></tr>
<p>Normalement, si plusieurs directives
<code class="directive">Options</code> peuvent s'appliquer � un r�pertoire,
c'est la plus sp�cifique qui est utilis�e et les autres sont
- ignor�es ; les options ne sont pas fusionn�es (voir <a href="../sections.html#mergin">comment les sections sont
+ ignor�es ; les options ne sont pas fusionn�es (voir <a href="../sections.html#merging">comment les sections sont
fusionn�es</a>). Elles le sont cependant si <em>toutes</em> les
options de la directive <code class="directive">Options</code> sont
pr�c�d�es d'un symbole <code>+</code> ou <code>-</code>. Toute
@@ -4002,6 +4037,17 @@ comme si la directive QualifyRedirectURL
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="registerhttpmethod" id="registerhttpmethod">Directive</a> <a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Register non-standard HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur</td></tr>
+<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
+</table><p>La documentation de cette directive
+ n'a pas encore t traduite. Veuillez vous reporter la version
+ en langue anglaise.</p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="rlimitcpu" id="rlimitcpu">Directive</a> <a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Limite le temps CPU allou� aux processus initi�s par les
@@ -4767,18 +4813,18 @@ du serveur</td></tr>
peut autoriser l'ajout d'un corps de requ�te � l'aide de la
d�finition non standard <code>TraceEnable extended</code>. Le noyau
du serveur (dans le cas d'un serveur d'origine) va limiter la taille
- du corps de requ�te � 64k (plus 8k pour les en-t�tes de
+ du corps de requ�te � 64Kb (plus 8Kb pour les en-t�tes de
fractionnement si <code>Transfer-Encoding: chunked</code> est
utilis�). Le noyau du serveur va reproduire l'ensemble des en-t�tes,
y compris les en-t�tes de fractionnement avec le corps de la
r�ponse. Dans le cas d'un serveur mandataire, la taille du corps de
- requ�te n'est pas limit�e � 64k.</p>
+ requ�te n'est pas limit�e � 64Kb.</p>
<div class="note"><h3>Note</h3>
- <p>Bien que certains pr�tendent le contraire, <code>TRACE</code> ne
- constitue pas une vuln�rabilit� en mati�re de s�curit�, et il n'y a
- aucune raison suffisante pour le d�sactiver, ce qui rendrait
- votre serveur non conforme.</p>
+ <p>Bien que certains pr�tendent le contraire, activer la m�thode
+ <code>TRACE</code> ne constitue pas un probl�me de s�curit� dans Apache
+ httpd. La m�thode <code>TRACE</code> est d�finie par la sp�cification
+ HTTP/1.1 et les diff�rentes impl�mentations sont cens�es la supporter.</p>
</div>
</div>
diff --git a/docs/manual/mod/core.html.ja.utf8 b/docs/manual/mod/core.html.ja.utf8
index a397f7d..4485edc 100644
--- a/docs/manual/mod/core.html.ja.utf8
+++ b/docs/manual/mod/core.html.ja.utf8
@@ -74,6 +74,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -104,6 +105,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -1483,6 +1485,20 @@ request</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a> <a name="httpprotocoloptions" id="httpprotocoloptions">ディレクティブ</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>Modify restrictions on HTTP Request Messages</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">デフォルト:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">コンテキスト:</a></th><td>サーバ設定ファイル, バーチャルホスト</td></tr>
+<tr><th><a href="directive-dict.html#Status">ステータス:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">互換性:</a></th><td>2.2.32 or 2.4.24 and later</td></tr>
+</table><p>このディレクティブの解説文書は
+ まだ翻訳されていません。英語版をご覧ください。
+ </p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="If" id="If"><If></a> <a name="if" id="if">ディレクティブ</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>実行時、リクエストが条件を満たした場合にのみ適用される
@@ -2737,6 +2753,17 @@ as if 'QualifyRedirectURL ON' was configured.</td></tr>
まだ翻訳されていません。英語版をご覧ください。
</p></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a> <a name="registerhttpmethod" id="registerhttpmethod">ディレクティブ</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>Register non-standard HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">コンテキスト:</a></th><td>サーバ設定ファイル</td></tr>
+<tr><th><a href="directive-dict.html#Status">ステータス:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td>core</td></tr>
+</table><p>このディレクティブの解説文書は
+ まだ翻訳されていません。英語版をご覧ください。
+ </p></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a> <a name="rlimitcpu" id="rlimitcpu">ディレクティブ</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>Apache の子プロセスから起動されたプロセスの CPU 消費量を
diff --git a/docs/manual/mod/core.html.tr.utf8 b/docs/manual/mod/core.html.tr.utf8
index e8a136a..3581eb9 100644
--- a/docs/manual/mod/core.html.tr.utf8
+++ b/docs/manual/mod/core.html.tr.utf8
@@ -33,7 +33,6 @@
<a href="../ja/mod/core.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../tr/mod/core.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Apache HTTP Sunucusunda daima mevcut olan çekirdek
özellikler</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr></table>
@@ -72,6 +71,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#forcetype">ForceType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gprofdir">GprofDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#hostnamelookups">HostnameLookups</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#if"><If></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifdefine"><IfDefine></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ifmodule"><IfModule></a></li>
@@ -102,6 +102,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#protocols">Protocols</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protocolshonororder">ProtocolsHonorOrder</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#qualifyredirecturl">QualifyRedirectURL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#registerhttpmethod">RegisterHttpMethod</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitcpu">RLimitCPU</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitmem">RLimitMEM</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rlimitnproc">RLimitNPROC</a></li>
@@ -179,31 +180,40 @@ AcceptFilter https data</pre>
tamponlanmasını desteklemez. <code>none</code> dahil her değer
dinleyici üzerinde <code>TCP_DEFER_ACCEPT</code> seçeneğini etkin kılar.
Daha ayrıntılı bilgi edinmek için Linux
- <a href="http://homepages.cwi.nl/~aeb/linux/man2html/man7/tcp.7.html">tcp(7)</a> kılavuz sayfasına bakınız.</p>
+ <a href="http://man7.org/linux/man-pages/man7/tcp.7.html">tcp(7)</a> kılavuz sayfasına bakınız.</p>
<p>Windows’taki öntanımlı değerler::</p>
- <pre class="prettyprint lang-config">AcceptFilter http data
-AcceptFilter https data</pre>
+ <pre class="prettyprint lang-config">AcceptFilter http connect
+AcceptFilter https connect</pre>
<p>Windows'un <code>mpm_winnt</code> modülü <code>AcceptEx()</code>
arayüzünü açıp kapamak için <code>AcceptFilter</code>'i yorumlar ve
- http protokol tamponlamasını desteklemez. Windows
- <code>AcceptEx()</code> arayüzünü tetikleyen iki değer vardır ve ağ
- soketlerini bağlantılar arasında yer değiştirirler. <code>data</code>,
- veri aktarılana kadar yukarıda anlatıldığı gibi bekler ve ilk veri
- tamponu ve uç ağ adresleri tek bir <code>AcceptEx()</code> çağrısından
- alınır. <code>connect</code>, <code>AcceptEx()</code> arayüzünü
- kullanacak, ayrıca uç ağ adresleri de alınacak, fakat
- <code>none</code> gibi <code>connect</code> seçeneği de ilk veri
- aktarımını beklemeyecektir.</p>
+ http protokol tamponlamasını desteklemez. <code>connect</code>, <code>AcceptEx()</code> arayüzünü kullanacak, ayrıca uç ağ adresleri de alınacak, fakat <code>none</code> gibi <code>connect</code> seçeneği de ilk veri aktarımını beklemeyecektir.</p>
<p>Windows'ta <code>none</code> <code>AcceptEx()</code>'ten ziyade
<code>accept()</code> kullanır ve ağ soketlerini bağlantılar arasında
yer değiştirmez. Sürücü desteği bozuk ağ bağdaştırıcılarından başka
vpn sürücüleri gibi bazı sanal ağ sağlayıcılar veya spam, virus veya
casus yazılım süzgeçleri için kullanışlıdır.</p>
+
+ <div class="warning">
+ <h3><code>data</code> AcceptFilter (Windows)</h3>
+
+ <p>2.4.23 ve öncesi sürümlerde, Windows <code>data</code> accept
+ süzgeci veri aktarılana kadar bekletildikten sonra ilk veri
+ tamponlanır ve uç ağ adresi için tek bir AcceptEx() çağrısı yapılır.
+ Bu gerçeklenim hizmet reddi saldırısına konu olduğundan iptal
+ edilmiştir.</p>
+
+ <p>httpd'nin şu anki dağıtımları için Windows'da <code>connect</code>
+ süzgeci öntanımlıdır ve <code>data</code> belirtilmiş olsa dahi
+ <code>connect</code> belirtilmiş gibi davranılır. Önceki sürümleri
+ kullananların AcceptFilter satırını yukarıdaki gibi
+ <code>connect</code> süzgecine ayarlamaları gerekmektedir.</p>
+ </div>
+
<h3>Ayrıca bakınız:</h3>
<ul>
@@ -571,7 +581,8 @@ AcceptFilter https data</pre>
<p>Bu örnekte <code>AuthConfig</code> ve <code>Indexes</code> grubundaki
yönergeler bir dahili sunucu hatasına yol açmayacaktır.</p>
- <div class="note"><p>Güvenlik ve başarımı arttırmak için <code><Directory "/"></code>
+ <div class="note"><p>Güvenlik ve başarımı arttırmak için
+ <code><Directory "/"></code>
bloğu içinde <code>AllowOverride</code> yönergesine <code>None</code>
dışında bir değer atamayın. Böyle yapmak yerine bir <code>.htaccess</code>
dosyası yerleştirmeyi düşündüğünüz dizine ait bir
@@ -700,15 +711,27 @@ olarak aktarılmasını etkin kılar</td></tr>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="CGIVar" id="CGIVar">CGIVar</a> <a name="cgivar" id="cgivar">Yönergesi</a></h2>
<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Controls how some CGI variables are set</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code>CGIVar <var>variable</var> <var>rule</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Bazı CGI değişkenlerinin nasıl atanacağını belirler</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code>CGIVar <var>değişken</var> <var>kural</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>dizin, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Geçersizleştirme:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
<tr><th><a href="directive-dict.html#Module">Modül:</a></th><td>core</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Uyumluluk:</a></th><td>Available in Apache HTTP Server 2.4.21 and later</td></tr>
-</table><p>Bu yönergenin belgesi henüz Türkçeye çevrilmedi.
- Lütfen İngilizce sürümüne bakınız.</p></div>
+<tr><th><a href="directive-dict.html#Compatibility">Uyumluluk:</a></th><td>Apache HTTP Server 2.4.21 ve sonrasında kullanılabilir</td></tr>
+</table>
+ <p>Bu yönerge bazı CGI değişkenlerinin nasıl atanacağını belirler.</p>
+
+ <p><strong>REQUEST_URI</strong> kuralları:</p>
+ <dl>
+ <dt><code>original-uri</code> (default)</dt>
+ <dd>Değer özgün istek satırından alınır ve dahili yöneldirmeler veya
+ istenen özkaynakları değiştiren alt istekler dikkate alınmaz.</dd>
+ <dt><code>current-uri</code></dt>
+ <dd>Değer özgün istek satırından farklı olabilecek dahili yönlendirmeleri
+ veya istenen özkaynakları değiştiren alt istekleri de yansıtır.</dd>
+ </dl>
+
+</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="ContentDigest" id="ContentDigest">ContentDigest</a> <a name="contentdigest" id="contentdigest">Yönergesi</a></h2>
<table class="directive">
@@ -853,6 +876,13 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
<p><code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> sözdizimi ile
karışmalardan kaçınmak için değişken isimleri ikinokta ":" karakterleri
içeremez.</p>
+
+ <p>Bu yönerge sanal konakta ve dizin içeriğinde desteklenirken yapılan
+ değişiklikler (eşleşsin eşleşmesin) yönergeyi sarmalayan yapılandırma
+ bölümünün ötesinde, sonraki yapılandırma yönergelerine de görünür olur. Diğer
+ yapılandırma bölümleri için sağlanan bu desteğe bu yönergenin ilk
+ gerçekleniminde hatalı olarak izin verilmişti. Geriye uyumluluk amacıyla
+ (önceden sezilmeyen sonuçlarıyla) bu durum muhafaza edilmiştir.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -861,7 +891,7 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Sadece ismi belirtilen dosya sistemi dizininde ve bunun
altdizinlerinde ve bunların içeriğinde uygulanacak bir yönerge grubunu
sarmalar.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Directory "<var>dizin-yolu</var>">
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Directory <var>dizin-yolu</var>>
... </Directory></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>sunucu geneli, sanal konak</td></tr>
<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
@@ -1026,7 +1056,7 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
başvurular yoksayılmaktadır. Bunların yerine isimli geriye başvurular
kullanılmalıdır.</p>
-<pre class="prettyprint lang-config"><DirectoryMatch "^/var/www/combined/(?<sitename>[^/]+)">
+ <pre class="prettyprint lang-config"><DirectoryMatch "^/var/www/combined/(?<sitename>[^/]+)">
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
</DirectoryMatch></pre>
@@ -1351,11 +1381,11 @@ DocumentRoot "/var/www/${servername}/htdocs"</pre>
şeklinde de belirtilebilir. Bunlar yerine, tarayıcıda gösterilmek üzere
bir ileti de belirtilebilir. Örnekler:</p>
- <pre class="prettyprint lang-config">ErrorDocument 500 http://foo.example.com/cgi-bin/tester
-ErrorDocument 404 /cgi-bin/bad_urls.pl
+ <pre class="prettyprint lang-config">ErrorDocument 500 http://example.com/cgi-bin/server-error.cgi
+ErrorDocument 404 /errors/bad_urls.php
ErrorDocument 401 /subscription_info.html
ErrorDocument 403 "Kusura bakmayın, bugün hizmet veremiyoruz."
-ErrorDocument 403 /cgi-bin/forbidden.pl?referrer=%{escape:%{HTTP_REFERER}}</pre>
+ErrorDocument 403 /errors/forbidden.pl?referrer=%{escape:%{HTTP_REFERER}}</pre>
<p>Bunlardan başka, Apache httpd’nin kendi hata iletilerinin kullanılacağı
@@ -1761,7 +1791,7 @@ ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"</pre>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Dosya isimleriyle eşleşme halinde uygulanacak yönergeleri
içerir.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Files "<var>dosya-adı</var>"> ... </Files></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Files <var>dosya-adı</var>> ... </Files></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>sunucu geneli, sanal konak, dizin, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Geçersizleştirme:</a></th><td>All</td></tr>
<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
@@ -1837,7 +1867,7 @@ ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"</pre>
yönergelerin etki alanını <code class="directive"><a href="#files"><Files></a></code> yönergesinin yaptığı gibi dosya
isimlerine göre sınırlandırır. Ancak, argüman olarak bir <a class="glossarylink" href="../glossary.html#regex" title="sözlüğe bakınız">düzenli ifade</a> kabul eder. Örneğin</p>
-<pre class="prettyprint lang-config"><FilesMatch "\.(gif|jpe?g|png)$">
+ <pre class="prettyprint lang-config"><FilesMatch "\.(gif|jpe?g|png)$">
# ...
</FilesMatch></pre>
@@ -2000,6 +2030,74 @@ ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"</pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HttpProtocolOptions" id="HttpProtocolOptions">HttpProtocolOptions</a> <a name="httpprotocoloptions" id="httpprotocoloptions">Yönergesi</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>HTTP İstek İletilerindeki sınırlamalarda değişiklik yapar</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code>HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Öntanımlı:</a></th><td><code>HttpProtocolOptions Strict LenientMethods Allow0.9</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>sunucu geneli, sanal konak</td></tr>
+<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
+<tr><th><a href="directive-dict.html#Module">Modül:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Uyumluluk:</a></th><td>2.2.32 veya 2.4.24 ve sonrası</td></tr>
+</table>
+ <p>Bu yönerge HTTP istek satırına
+ (<a href="https://tools.ietf.org/html/rfc7230#section-3.1.1">RFC 7230 §3.1.1</a>) ve the HTTP istek başlığı alanlarına
+ (<a href="https://tools.ietf.org/html/rfc7230#section-3.2">RFC 7230 §3.2</a>) uygulanmış kuralları öntanımlı olarak veya
+ <code>Strict</code> seçeneği kullanılarak değiştirir. Eski modüller,
+ uygulamalar veya kullanımı önerilmeyen özel istemciler için eski davranışlara
+ dönmeyi sağlamak üzere <code>Unsafe</code> seçeneği eklenmiştir. Bu kurallar
+ istek işlenmeden önce uygulanır. Dolayısıyla yönerge, ana bölümde veya
+ öntanımlı (ilk) eşleşen sanal konak bölümünde yapılandırılmalıdır.</p>
+
+ <p>Bu yönerge devreye girmeden önce, Apache HTTP Sunucusunun istek iletisi
+ ayrıştırıcıları protokolle uyumlu olmayan bir dizi girdi şekline
+ toleranslıydı. <a href="https://tools.ietf.org/html/rfc7230#section-9.4">RFC 7230 §9.4 İstek bölme</a> ve
+ <a href="https://tools.ietf.org/html/rfc7230#section-9.5">§9.5 Yanıt kaçırma</a> çağrıları uyumsuz istek iletilerinin kabulündeki
+ olası risklerden yalnızca iki tanesidir.
+ <a href="https://tools.ietf.org/html/rfc7230#section-3.5">RFC 7230
+ §3.5</a> "İleti Ayrıştırma Sağlamlığı" belirsiz boşlukların kabul ve
+ istek iletisi biçimleme risklerini tanımlar. Bu yönergenin devreye girmesini
+ takiben belirtimin tüm imla kurallarına öntanımlı <code>Strict</code> işlem
+ kipi ve 3.5 bölümünde tavsiye edilen hoşgörüsüz boşluk uygulanır ve esnekliğe
+ müsamaha edilmez.</p>
+
+ <p>Kullanıcılar, özellikle dışa bakan, herkes tarafından erişilebilen sunucu
+ konuşlandırmalarında <code>Unsafe</code> işlem kipine geçiş yapmaya karşı
+ kesinlikle uyarılır. Eğer bir arayüz hataları izlemek veya bir intranette
+ çalışan özel hizmet tüketicileri için gerekliyse, kullanıcılar, sadece,
+ dahili özel ağlarına hizmet etmek üzere yapılandırılmış özel bir sanal konak
+ üzerinde <code>Unsafe</code> işlem kipine geçiş yapmalıdır.</p>
+
+ <p><code class="directive">LogLevel</code> <code>debug</code> seviyesiyle
+ yapılandırılmış <code class="directive">ErrorLog</code> ile kaydedilmiş günlüklerin
+ gözden geçirilmesi, böyle hatalı isteklerin kaynaklandıkları yerle birlikte
+ belirlenmesine yardımcı olabilir. Kullanıcılar, beklenmedik bir şekilde
+ reddedilmiş geçersiz istekleri bulmak için erişim günlüklerindeki 400
+ yanıtlarına özellikle dikkat etmelidir.</p>
+
+ <p><a href="https://tools.ietf.org/html/rfc7231#section-4.1">RFC 7231
+ §4.1</a> "İstek Yöntemleri" "Genel Bakış" bölümlerinde bir istek
+ satırında desteklenmeyen bir yöntem saptadığında özgün sunucuların bir
+ hatayla yanıt vermesini gerekli görmüştür. <code>LenientMethods</code>
+ seçeneği kullanıldığında olan zaten budur. <code>RegisteredMethods</code>
+ seçeneğine geçiş yapmak isteyen yöneticiler
+ <code class="directive">RegisterHttpMethod</code> yönergesini kullanarak standart
+ olmayan yöntemleri belirlemelidir. Özellikle <code>Unsafe</code> seçeneğine
+ geçiş yapılacaksa bu yol izlenmelidir. Özgün sunucunun kullandığı yöntemleri
+ vekil sunucu bilemeyeceği için ileri vekil konaklarda
+ <code>RegisteredMethods</code> seçeneğine geçiş yapılmamalıdır.</p>
+
+ <p><a href="https://tools.ietf.org/html/rfc2616#section-19.6">RFC 2616
+ §19.6</a> "Önceki Sürümlerle Uyumluluk" bölümünde HTTP sunucularının
+ eski HTTP/0.9 isteklerini desteklemesi tavsiye edilmektedir. RFC 7230
+ "HTTP/0.9 isteklerini destekleme beklentisi kaldırılmıştır." cümlesiyle bunu
+ geçersiz kılmış ve <a href="https://tools.ietf.org/html/rfc7230#appendix-A">RFC 7230 Ek A</a> bölümünde bununla ilgili yorumlar yer almıştır.
+ <code>Require1.0</code> seçeneği kullanıcıya öntanımlı <code>Allow0.9</code>
+ seçeneğinin davranışına verilen desteği kaldırma imkanını vermektedir.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="If" id="If"><If></a> <a name="if" id="if">Yönergesi</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Çalışma anında bir koşul bir istek tarafından yerine getirildiği
@@ -2660,7 +2758,7 @@ sınırlar.</td></tr>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>İçerdiği yönergeler sadece eşleşen URL’lere uygulanır.
</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Location "<var>URL-yolu</var>|<var>URL</var>"> ...
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code><Location <var>URL-yolu</var>|<var>URL</var>> ...
</Location></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>sunucu geneli, sanal konak</td></tr>
<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
@@ -2834,7 +2932,7 @@ uygulanır.</td></tr>
başvurular yoksayılmaktadır. Bunların yerine isimli geriye başvurular
kullanılmalıdır.</p>
-<pre class="prettyprint lang-config"><LocationMatch "^/combined/(?<sitename>[^/]+)">
+ <pre class="prettyprint lang-config"><LocationMatch "^/combined/(?<sitename>[^/]+)">
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
</LocationMatch></pre>
@@ -3411,9 +3509,14 @@ Mutex fcntl:/var/httpd/locks mpm-accept</pre>
<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
<tr><th><a href="directive-dict.html#Module">Modül:</a></th><td>core</td></tr>
</table>
-<p>2.3.11 öncesinde, <code class="directive">NameVirtualHost</code> yönergesi, isme dayalı sanal konaklar için belli bir IP adresi ve port çiftini sunucuya tanıtmak için gerekliydi. 2.3.11 ve sonrasında, bir IP adresi ve port çifti her zaman çok sayıda sanal konakta kullanılabilmekte, isme dayalı sanal barındırma bu adres için özdevinimli olarak etkin kılınmaktadır.</p>
+ <p>2.3.11 öncesinde, <code class="directive">NameVirtualHost</code> yönergesi,
+ isme dayalı sanal konaklar için belli bir IP adresi ve port çiftini
+ sunucuya tanıtmak için gerekliydi. 2.3.11 ve sonrasında, bir IP adresi
+ ve port çifti her zaman çok sayıda sanal konakta kullanılabilmekte,
+ isme dayalı sanal barındırma bu adres için özdevinimli olarak etkin
+ kılınmaktadır.</p>
-<p>Bu yönerge şu an etkisizdir.</p>
+ <p>Bu yönerge şu an etkisizdir.</p>
<h3>Ayrıca bakınız:</h3>
<ul>
@@ -3502,7 +3605,7 @@ Mutex fcntl:/var/httpd/locks mpm-accept</pre>
<p>Normalde, bir dizine çok sayıda <code class="directive">Options</code>
uygulanabilirse de, dizine en uygun olanı uygulanıp diğerleri yok
- sayılır; seçenekler katıştırılmaz (bkz, <a href="../sections.html#mergin">Bölümler Nasıl Katıştırılır?</a>). Bununla birlikte, önüne bir
+ sayılır; seçenekler katıştırılmaz (bkz, <a href="../sections.html#merging">Bölümler Nasıl Katıştırılır?</a>). Bununla birlikte, önüne bir
<code>+</code> veya <code>-</code> simgesi konmuş seçenekler varsa, o
seçenekler katıştırılır. Önüne <code>+</code> konmuş seçenekler
mevcutlara eklenirken <code>-</code> konmuş seçenekler silinir.</p>
@@ -3695,6 +3798,23 @@ davranılır.</td></tr>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="RegisterHttpMethod" id="RegisterHttpMethod">RegisterHttpMethod</a> <a name="registerhttpmethod" id="registerhttpmethod">Yönergesi</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Standart olamayan HTTP yöntemlerini belirler</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sözdizimi:</a></th><td><code>RegisterHttpMethod <var>yöntem</var> [<var>yöntem</var> [...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Bağlam:</a></th><td>sunucu geneli</td></tr>
+<tr><th><a href="directive-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr>
+<tr><th><a href="directive-dict.html#Module">Modül:</a></th><td>core</td></tr>
+</table>
+ <p>İlgili RFClerle uyumlu olmayan HTTP Yöntemleri Apache HTTPD'de isteğin
+ işlenmesi sırasında normal olarak reddedilir. Bundan kaçınmak için, uyumsuz
+ HTTP yöntemlerini modüller destekli hale getirebilir.
+ <code class="directive">RegisterHttpMethod</code> yönergesi böyle yöntemleri elle
+ desteklenir yapmaya yarar. Bu tür yöntemler CGI gibi harici işlemlere
+ aktarılıyorsa bu işlem yararlıdır.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="RLimitCPU" id="RLimitCPU">RLimitCPU</a> <a name="rlimitcpu" id="rlimitcpu">Yönergesi</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Açıklama:</a></th><td>Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin
@@ -3964,8 +4084,9 @@ kullanılacak konak adları için başka isimler belirtebilmeyi sağlar.
kullanımları arasında fark gözetilmeksizin <code class="directive"><a href="#servername">ServerName</a></code> veya <code class="directive"><a href="#serveralias">ServerAlias</a></code> yönergesi eşleşen ilk sanal konak
kullanılır.</p>
- <p><code class="directive">VirtualHost</code> bölümü içindeki isimlerin sırası
- (jokersiz) <code class="directive">ServerAlias</code> yönergesindeki gibi ele
+ <p><code class="directive"><a href="#virtualhost"><VirtualHost></a></code>
+ bölümü içindeki isimlerin sırası (jokersiz)
+ <code class="directive">ServerAlias</code> yönergesindeki gibi ele
alınır.</p>
@@ -3992,11 +4113,11 @@ kullanılacak konak adları için başka isimler belirtebilmeyi sağlar.
<p><a href="../vhosts/name-based.html">isme dayalı sanal
konaklar</a> kullanılırken bir sanal konağı eşsiz bir şekilde betimlemek
için <code class="directive">ServerName</code> kullanılır (muhtemelen
- <code class="directive">ServerAlias</code> ile birlikte).</p>
+ <code class="directive"><a href="#serveralias">ServerAlias</a></code> ile birlikte).</p>
- <p>Ek olarak, <code class="directive">UseCanonicalName</code> yönergesine
- öntanımlı olmayan bir değer atanarak özüne yönlendiren URL'ler
- oluştururken de bu yönerge kullanılır.</p>
+ <p>Ek olarak, <code class="directive"><a href="#usecanonicalname">UseCanonicalName</a></code>
+ yönergesine öntanımlı olmayan bir değer atanarak özüne yönlendiren
+ URL'ler oluştururken de bu yönerge kullanılır.</p>
<p>Örneğin, HTTP
sunucusunun barındırıldığı makinenin ismi <code>mail.example.com</code>
@@ -4389,15 +4510,15 @@ gerçekleşmesi için sunucunun geçmesini bekleyeceği süre.</td></tr>
<p><code>TraceEnable extended</code> ile sadece sınama ve tanı koyma
amaçlarına yönelik olarak istek gövdelerine izin verilir. Asıl sunucu
- istek gövdesini 64k ile sınırlar (<code>Transfer-Encoding: chunked</code>
- kullanılmışsa bölüm başlıkları için 8k daha). Asıl sunucu yanıt
+ istek gövdesini 64kB ile sınırlar (<code>Transfer-Encoding: chunked</code>
+ kullanılmışsa bölüm başlıkları için 8kB daha). Asıl sunucu yanıt
gövdesinde tüm başlıkları ve bölüm başlıklarının tamamını yansıtacaktır.
- Vekil sunucuda ise istek gövdesi için 64k’lık sınır yoktur.</p>
+ Vekil sunucuda ise istek gövdesi için 64kB’lık sınır yoktur.</p>
<div class="note"><h3>Bilgi</h3>
- <p>Aksine iddialara rağmen, <code>TRACE</code> bir güvenlik açığı değildir
- ve iptal etmek için geçerli hiçbir sebep yoktur. Böyle yapmak sunucunuzu
- uyumsuz yapmaktan başka işe yaramaz.</p>
+ <p>Aksine iddialara rağmen, <code>TRACE</code> yöntemini etkinleştirmek
+ Apache httpd'de bir güvenlik açığı değildir. <code>TRACE</code> yöntemi
+ HTTP/1.1 belirtiminde tanımlanmış olup desteklenmesi umulmuştur.</p>
</div>
diff --git a/docs/manual/mod/directives.html.de b/docs/manual/mod/directives.html.de
index a53e862..0449e3a 100644
--- a/docs/manual/mod/directives.html.de
+++ b/docs/manual/mod/directives.html.de
@@ -284,7 +284,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -293,6 +295,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -308,6 +311,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -488,6 +492,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.en b/docs/manual/mod/directives.html.en
index e5c8b26..04ebe7a 100644
--- a/docs/manual/mod/directives.html.en
+++ b/docs/manual/mod/directives.html.en
@@ -285,7 +285,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -294,6 +296,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -309,6 +312,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -489,6 +493,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.es b/docs/manual/mod/directives.html.es
index 5a43062..f3b43af 100644
--- a/docs/manual/mod/directives.html.es
+++ b/docs/manual/mod/directives.html.es
@@ -287,7 +287,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -296,6 +298,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -311,6 +314,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -491,6 +495,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.fr b/docs/manual/mod/directives.html.fr
index 0efa1ad..187cec6 100644
--- a/docs/manual/mod/directives.html.fr
+++ b/docs/manual/mod/directives.html.fr
@@ -285,7 +285,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -294,6 +296,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -309,6 +312,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -489,6 +493,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.ja.utf8 b/docs/manual/mod/directives.html.ja.utf8
index fe1c04b..dcfb293 100644
--- a/docs/manual/mod/directives.html.ja.utf8
+++ b/docs/manual/mod/directives.html.ja.utf8
@@ -282,7 +282,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -291,6 +293,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -306,6 +309,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -486,6 +490,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.ko.euc-kr b/docs/manual/mod/directives.html.ko.euc-kr
index 0ecf9f9..2110d42 100644
--- a/docs/manual/mod/directives.html.ko.euc-kr
+++ b/docs/manual/mod/directives.html.ko.euc-kr
@@ -282,7 +282,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -291,6 +293,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -306,6 +309,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -486,6 +490,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.tr.utf8 b/docs/manual/mod/directives.html.tr.utf8
index 702af88..93f00bc 100644
--- a/docs/manual/mod/directives.html.tr.utf8
+++ b/docs/manual/mod/directives.html.tr.utf8
@@ -281,7 +281,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -290,6 +292,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -305,6 +308,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -485,6 +489,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/directives.html.zh-cn.utf8 b/docs/manual/mod/directives.html.zh-cn.utf8
index 71468f9..59faaa8 100644
--- a/docs/manual/mod/directives.html.zh-cn.utf8
+++ b/docs/manual/mod/directives.html.zh-cn.utf8
@@ -280,7 +280,9 @@
<li><a href="core.html#gprofdir">GprofDir</a></li>
<li><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
<li><a href="mod_unixd.html#group">Group</a></li>
-<li><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct</a></li>
+<li><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles</a></li>
+<li><a href="mod_http2.html#h2direct">H2Direct</a></li>
+<li><a href="mod_http2.html#h2earlyhints">H2EarlyHints</a></li>
<li><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><a href="mod_http2.html#h2maxworkers">H2MaxWorkers</a></li>
@@ -289,6 +291,7 @@
<li><a href="mod_http2.html#h2push">H2Push</a></li>
<li><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize</a></li>
<li><a href="mod_http2.html#h2pushpriority">H2PushPriority</a></li>
+<li><a href="mod_http2.html#h2pushresource">H2PushResource</a></li>
<li><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders</a></li>
<li><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -304,6 +307,7 @@
<li><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage</a></li>
<li><a href="core.html#hostnamelookups">HostnameLookups</a></li>
+<li><a href="core.html#httpprotocoloptions">HttpProtocolOptions</a></li>
<li><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck</a></li>
<li><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout</a></li>
<li><a href="core.html#if"><If></a></li>
@@ -484,6 +488,7 @@
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
<li><a href="mod_reflector.html#reflectorheader">ReflectorHeader</a></li>
+<li><a href="core.html#registerhttpmethod">RegisterHttpMethod</a></li>
<li><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
<li><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList</a></li>
diff --git a/docs/manual/mod/event.html.en b/docs/manual/mod/event.html.en
index a8af720..0883cb1 100644
--- a/docs/manual/mod/event.html.en
+++ b/docs/manual/mod/event.html.en
@@ -139,10 +139,77 @@ of the <code class="directive">AsyncRequestWorkerFactor</code>.</p>
+ <h3><a name="graceful-close" id="graceful-close">Graceful process termination and Scoreboard usage</a></h3>
+ <p>This mpm showed some scalability bottlenecks in the past leading to the following
+ error: "<strong>scoreboard is full, not at MaxRequestWorkers</strong>".
+ <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>
+ limits the number of simultaneous requests that will be served at any given time
+ and also the number of allowed processes
+ (<code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>
+ / <code class="directive"><a href="../mod/mpm_common.html#threadsperchild">ThreadsPerChild</a></code>), meanwhile
+ the Scoreboard is a representation of all the running processes and
+ the status of their worker threads. If the scoreboard is full (so all the
+ threads have a state that is not idle) but the number of active requests
+ served is not <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>,
+ it means that some of them are blocking new requests that could be served
+ but that are queued instead (up to the limit imposed by
+ <code class="directive"><a href="../mod/mpm_common.html#listenbacklog">ListenBacklog</a></code>). Most of the times
+ the threads are stuck in the Graceful state, namely they are waiting to
+ finish their work with a TCP connection to safely terminate and free up a
+ scoreboard slot (for example handling long running requests, slow clients
+ or connections with keep-alive enabled). Two scenarios are very common:</p>
+ <ul>
+ <li>During a <a href="../stopping.html#graceful">graceful restart</a>.
+ The parent process signals all its children to complete
+ their work and terminate, while it reloads the config and forks new
+ processes. If the old children keep running for a while before stopping,
+ the scoreboard will be partially occupied until their slots are freed.
+ </li>
+ <li>When the server load goes down in a way that causes httpd to
+ stop some processes (for example due to
+ <code class="directive"><a href="../mod/mpm_common.html#maxsparethreads">MaxSpareThreads</a></code>).
+ This is particularly problematic because when the load increases again,
+ httpd will try to start new processes.
+ If the pattern repeats, the number of processes can rise quite a bit,
+ ending up in a mixture of old processes trying to stop and new ones
+ trying to do some work.
+ </li>
+ </ul>
+ <p>From 2.4.24 onward, mpm-event is smarter and it is able to handle
+ graceful terminations in a much better way. Some of the improvements are:</p>
+ <ul>
+ <li>Allow the use of all the scoreboard slots up to
+ <code class="directive"><a href="../mod/mpm_common.html#serverlimit">ServerLimit</a></code>.
+ <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> and
+ <code class="directive"><a href="../mod/mpm_common.html#threadsperchild">ThreadsPerChild</a></code> are used
+ to limit the amount of active processes, meanwhile
+ <code class="directive"><a href="../mod/mpm_common.html#serverlimit">ServerLimit</a></code>
+ takes also into account the ones doing a graceful
+ close to allow extra slots when needed. The idea is to use
+ <code class="directive"><a href="../mod/mpm_common.html#serverlimit">ServerLimit</a></code> to instruct httpd
+ about how many overall processes are tolerated before impacting
+ the system resources.
+ </li>
+ <li>Force gracefully finishing processes to close their
+ connections in keep-alive state.</li>
+ <li>During graceful shutdown, if there are more running worker threads
+ than open connections for a given process, terminate these threads to
+ free resources faster (which may be needed for new processes).</li>
+ <li>If the scoreboard is full, prevent more processes to finish
+ gracefully due to reduced load until old processes have terminated
+ (otherwise the situation would get worse once the load increases again).</li>
+ </ul>
+ <p>The behavior described in the last point is completely observable via
+ <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> in the connection summary table through two new
+ columns: "Slot" and "Stopping". The former indicates the PID and
+ the latter if the process is stopping or not; the extra state "Yes (old gen)"
+ indicates a process still running after a graceful restart.</p>
+
+
<h3><a name="limitations" id="limitations">Limitations</a></h3>
<p>The improved connection handling may not work for certain connection
filters that have declared themselves as incompatible with event. In these
- cases, this MPM will fall back to the behaviour of the
+ cases, this MPM will fall back to the behavior of the
<code class="module"><a href="../mod/worker.html">worker</a></code> MPM and reserve one worker thread per connection.
All modules shipped with the server are compatible with the event MPM.</p>
diff --git a/docs/manual/mod/event.html.fr b/docs/manual/mod/event.html.fr
index 1f81d03..6080551 100644
--- a/docs/manual/mod/event.html.fr
+++ b/docs/manual/mod/event.html.fr
@@ -29,6 +29,8 @@
<p><span>Langues Disponibles: </span><a href="../en/mod/event.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/mod/event.html" title="Fran�ais"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Une variante du MPM <code class="module"><a href="../mod/worker.html">worker</a></code> con�ue pour ne
mobiliser des threads que pour les connexions en cours de traitement</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>MPM</td></tr>
diff --git a/docs/manual/mod/mod_alias.html.en b/docs/manual/mod/mod_alias.html.en
index a569185..47375d7 100644
--- a/docs/manual/mod/mod_alias.html.en
+++ b/docs/manual/mod/mod_alias.html.en
@@ -54,7 +54,7 @@
a new location.</p>
<p>When the <code class="directive"><a href="#alias">Alias</a></code>,
- <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
+ <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
<code class="directive"><a href="#redirect">Redirect</a></code> directives are used
within a <code class="directive"><a href="../mod/core.html#location"><Location></a></code>
or <code class="directive"><a href="../mod/core.html#locationmatch"><LocationMatch></a></code>
@@ -118,13 +118,13 @@ Alias "/foo" "/gaq"</pre>
ignored.</p>
<p>When the <code class="directive"><a href="#alias">Alias</a></code>,
- <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
+ <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
<code class="directive"><a href="#redirect">Redirect</a></code> directives are used
within a <code class="directive"><a href="../mod/core.html#location"><Location></a></code>
or <code class="directive"><a href="../mod/core.html#locationmatch"><LocationMatch></a></code>
section, these directives will take precedence over any globally
defined <code class="directive"><a href="#alias">Alias</a></code>,
- <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
+ <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
<code class="directive"><a href="#redirect">Redirect</a></code> directives.</p>
</div>
@@ -302,7 +302,7 @@ a different URL</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_alias</td></tr>
</table>
- <p>The Redirect directive maps an old URL into a new one by asking
+ <p>The <code class="directive">Redirect</code> directive maps an old URL into a new one by asking
the client to refetch the resource at the new location.</p>
<p>The old <em>URL-path</em> is a case-sensitive (%-decoded) path
@@ -313,10 +313,10 @@ a different URL</td></tr>
In this latter case the scheme and hostname of the current server will
be added.</p>
- <p>Then any request beginning with <em>URL-Path</em> will return a
+ <p>Then any request beginning with <em>URL-path</em> will return a
redirect request to the client at the location of the target
<em>URL</em>. Additional path information beyond the matched
- <em>URL-Path</em> will be appended to the target URL.</p>
+ <em>URL-path</em> will be appended to the target URL.</p>
<pre class="prettyprint lang-config"># Redirect to a URL on a different host
Redirect "/service" "http://foo2.example.com/service"
@@ -342,10 +342,11 @@ Redirect "/one" "/two"</pre>
<div class="note"><h3>Note</h3>
- <p>Redirect directives take precedence over Alias and ScriptAlias
+ <p><code class="directive">Redirect</code> directives take precedence over <code class="directive"><a href="#alias">Alias</a></code> and <code class="directive"><a href="#scriptalias">ScriptAlias</a></code>
directives, irrespective of their ordering in the configuration
- file. Redirect directives inside a Location take precedence over
- Redirect and Alias directives with an URL-path.</p></div>
+ file. <code class="directive">Redirect</code> directives inside a Location take
+ precedence over <code class="directive">Redirect</code> and <code class="directive"><a href="#alias">Alias</a></code> directives with an <var>URL-path</var>.</p>
+ </div>
<p>If no <var>status</var> argument is given, the redirect will
be "temporary" (HTTP status 302). This indicates to the client
@@ -390,8 +391,8 @@ Redirect 303 "/three" "http://example.com/other"</pre>
<p>If the <code class="directive">Redirect</code> directive is used within a
<code class="directive"><a href="../mod/core.html#location"><Location></a></code>
or <code class="directive"><a href="../mod/core.html#locationmatch"><LocationMatch></a></code>
- section with the URL-path omitted, then the URL parameter will be
- interpreted using <a href="../expr.html">expression syntax</a>.<br />
+ section with the <var>URL-path</var> omitted, then the <var>URL</var> parameter
+ will be interpreted using <a href="../expr.html">expression syntax</a>.<br />
This syntax is available in Apache 2.4.19 and later.</p>
<pre class="prettyprint lang-config"><Location "/one">
diff --git a/docs/manual/mod/mod_alias.html.fr b/docs/manual/mod/mod_alias.html.fr
index 9ed8e3c..0e5ef5d 100644
--- a/docs/manual/mod/mod_alias.html.fr
+++ b/docs/manual/mod/mod_alias.html.fr
@@ -297,18 +297,18 @@ en faisant intervenir les expressions rationnelles</td></tr>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Envoie une redirection externe demandant au client
d'effectuer une autre requ�te avec une URL diff�rente</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>Redirect [<var>�tat</var>] [<var>chemin URL</var>]
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>Redirect [<var>�tat</var>] [<var>URL-path</var>]
<var>URL</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel, r�pertoire, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_alias</td></tr>
</table>
- <p>La directive Redirect permet de faire correspondre une ancienne
- URL � une nouvelle en demandant au client d'aller chercher la ressource �
- une autre localisation.</p>
+ <p>La directive <code class="directive">Redirect</code> permet de faire correspondre
+ une ancienne URL � une nouvelle en demandant au client d'aller chercher la
+ ressource � une autre localisation.</p>
- <p>L'ancien <em>chemin URL</em> est un chemin sensible � la casse
+ <p>L'ancien <em>URL-path</em> est un chemin sensible � la casse
(d�cod� � l'aide de caract�res %) commen�ant par un slash. Les
chemins relatifs ne sont pas autoris�s.</p>
@@ -318,10 +318,10 @@ d'effectuer une autre requ
slash, auquel cas le protocole et le nom d'h�te du serveur local
seront ajout�s.</p>
- <p>Ensuite, toute requ�te commen�ant par <em>chemin URL</em> va
+ <p>Ensuite, toute requ�te commen�ant par <em>URL-path</em> va
renvoyer une redirection au client vers l'<em>URL</em> cible. Tout
- �l�ment de chemin suppl�mentaire situ� en aval du <em>chemin
- URL</em> sera ajout� � l'URL cible.</p>
+ �l�ment de chemin suppl�mentaire situ� en aval du <em>URL-path</em> sera
+ ajout� � l'URL cible.</p>
<pre class="prettyprint lang-config"># Redirige vers une URL sur un serveur diff�rent
Redirect "/service" "http://foo2.example.com/service"
@@ -344,17 +344,18 @@ Redirect "/one" "/two"</pre>
pr�c�dent ne s'appliquera pas � l'URL
<code>http://example.com/servicefoo.txt</code>. Pour des mises en
correspondance plus complexes utilisant la <a href="../expr.html">syntaxe des expressions</a>, ne sp�cifiez pas
- d'argument <var>chemin URL</var> comme d�crit ci-dessous. En outre,
+ d'argument <var>URL-path</var> comme d�crit ci-dessous. En outre,
pour une mise en correspondance en utilisant les expressions
rationnelles, veuillez vous reporter � la directive <code class="directive"><a href="#redirectmatch">RedirectMatch</a></code>.</p>
<div class="note"><h3>Note</h3>
- <p>Les directives de redirection ont priorit� sur les directives
- Alias et ScriptAlias, quel que soit leur ordre d'apparition dans le
- fichier de configuration. Les directives Redirect d�finies au sein
- d'une section Location l'emportent sur les directives Redirect et
- Alias comportant un argument <var>chemin URL</var>.</p></div>
+ <p>Les directives <code class="directive">Redirect</code> ont priorit� sur les
+ directives <code class="directive"><a href="#alias">Alias</a></code> et <code class="directive"><a href="#scriptalias">ScriptAlias</a></code>, quel que soit leur ordre
+ d'apparition dans le fichier de configuration. Les directives
+ <code class="directive">Redirect</code> d�finies au sein d'une section Location
+ l'emportent sur les directives <code class="directive">Redirect</code> et <code class="directive"><a href="#alias">Alias</a></code> comportant un argument
+ <var>URL-path</var>.</p></div>
<p>Si aucun argument <var>�tat</var> n'est sp�cifi�, la
redirection sera temporaire (code HTTP 302). Le client est alors
@@ -400,8 +401,7 @@ Redirect 303 "/three" "http://example.com/other"</pre>
<p>Si une directive <code class="directive">Redirect</code> est d�finie au
- sein d'une section <code class="directive"><a href="../mod/core.html#location"><Location></a></code> ou <code class="directive"><a href="../mod/core.html#locationmatch"><LocationMatch></a></code> et si l'argument <var>chemin
- URL</var> est omis, l'argument <var>URL</var> sera interpr�t� en
+ sein d'une section <code class="directive"><a href="../mod/core.html#location"><Location></a></code> ou <code class="directive"><a href="../mod/core.html#locationmatch"><LocationMatch></a></code> et si l'argument <var>URL-path</var> est omis, l'argument <var>URL</var> sera interpr�t� en
utilisant la <a href="../expr.html">syntaxe des expressions</a>.<br />
Cette syntaxe est disponible � partir de la version 2.4.19 du
serveur HTTP Apache.</p>
diff --git a/docs/manual/mod/mod_authz_groupfile.html.fr b/docs/manual/mod/mod_authz_groupfile.html.fr
index d2cf5b0..43ffb87 100644
--- a/docs/manual/mod/mod_authz_groupfile.html.fr
+++ b/docs/manual/mod/mod_authz_groupfile.html.fr
@@ -47,7 +47,7 @@ fonction de leur appartenance
</div>
<div id="quickview"><h3>Sujets</h3>
<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">Les directives Require</a></li>
</ul><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#authgroupfile">AuthGroupFile</a></li>
@@ -58,7 +58,7 @@ fonction de leur appartenance
<li><a href="#comments_section">Commentaires</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
-<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
+<h2><a name="requiredirectives" id="requiredirectives">Les directives Require</a></h2>
<p>Les directives <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> d'Apache permettent,
au cours de la phase d'autorisation, de s'assurer qu'un utilisateur
diff --git a/docs/manual/mod/mod_autoindex.html.tr.utf8 b/docs/manual/mod/mod_autoindex.html.tr.utf8
index 1754811..c5c1916 100644
--- a/docs/manual/mod/mod_autoindex.html.tr.utf8
+++ b/docs/manual/mod/mod_autoindex.html.tr.utf8
@@ -32,7 +32,6 @@
<a href="../ko/mod/mod_autoindex.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/mod/mod_autoindex.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Unix <code>ls</code> veya Win32 <code>dir</code> kabuk komutunun
yaptığı gibi dizin içeriğini listeler.</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Temel</td></tr>
diff --git a/docs/manual/mod/mod_dbd.html.en b/docs/manual/mod/mod_dbd.html.en
index 6df83c0..b24d625 100644
--- a/docs/manual/mod/mod_dbd.html.en
+++ b/docs/manual/mod/mod_dbd.html.en
@@ -49,6 +49,7 @@
<div id="quickview"><h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#pooling">Connection Pooling</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#connecting">Connecting</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#API">Apache DBD API</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#prepared">SQL Prepared Statements</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#security">SECURITY WARNING</a></li>
@@ -82,6 +83,28 @@
supersedes the modules presented in that article.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
+<h2><a name="connecting" id="connecting">Connecting</a></h2>
+
+ <p>To connect to your database, you'll need to specify
+ a driver, and connection parameters. These vary from
+ one database engine to another. For example, to connect
+ to mysql, do the following:</p>
+
+<pre class="prettyprint lang-config">DBDriver mysql
+DBDParams host=localhost,dbname=pony,user=shetland,pass=appaloosa</pre>
+
+
+ <p>You can then use this connection in a variety of other
+ modules, including <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>,
+ <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>, and <code class="module"><a href="../mod/mod_lua.html">mod_lua</a></code>.
+ Further usage examples appear in each of those modules'
+ documentation.</p>
+
+ <p>See <code class="directive">DBDParams</code> for connection string
+ information for each of the supported database drivers.</p>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
<h2><a name="API" id="API">Apache DBD API</a></h2>
<p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exports five functions for other modules
to use. The API is as follows:</p>
diff --git a/docs/manual/mod/mod_dbd.html.fr b/docs/manual/mod/mod_dbd.html.fr
index efe6a1e..0b6ba77 100644
--- a/docs/manual/mod/mod_dbd.html.fr
+++ b/docs/manual/mod/mod_dbd.html.fr
@@ -50,6 +50,7 @@
<div id="quickview"><h3>Sujets</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#pooling">Regroupement des connexions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#connecting">Connexion</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#API">API DBD d'Apache</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#prepared">Requ�tes SQL pr�par�es</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#security">AVERTISSEMENT DE SECURITE</a></li>
@@ -84,6 +85,28 @@ passe</a></li>
remplace les modules pr�sent�s dans cet article.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
+<h2><a name="connecting" id="connecting">Connexion</a></h2>
+
+ <p>Pour vous connecter � votre base de donn�es, vous devez sp�cifier un
+ pilote et des param�tres de connexion qui diff�rent selon le moteur de base
+ de donn�es. Par exemple, pour vous connecter � mysql, sp�cifiez ce qui suit
+ :</p>
+
+<pre class="prettyprint lang-config">DBDriver mysql
+DBDParams host=localhost,dbname=pony,user=shetland,pass=appaloosa</pre>
+
+
+ <p>Vous pourrez alors utiliser cette connexion dans de nombreux autres
+ modules comme <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>, <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>
+ et <code class="module"><a href="../mod/mod_lua.html">mod_lua</a></code>. Vous trouverez des exemples d'utilisation dans
+ la documentation de ces modules.</p>
+
+ <p>Voir la syntaxe de la directive <code class="directive">DBDParams</code> pour les
+ informations � fournir dans la cha�ne de connexion en fonction des
+ diff�rents pilotes de base de donn�es support�s.</p>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
<h2><a name="API" id="API">API DBD d'Apache</a></h2>
<p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exporte cinq fonctions que d'autres
modules pourront utiliser. L'API se pr�sente comme suit :</p>
diff --git a/docs/manual/mod/mod_dir.html.en b/docs/manual/mod/mod_dir.html.en
index 0ef1ba8..877fd65 100644
--- a/docs/manual/mod/mod_dir.html.en
+++ b/docs/manual/mod/mod_dir.html.en
@@ -98,7 +98,7 @@ act as if "DirectoryCheckHandler ON" was specified.</td></tr>
other handler was configured for a URL. This allows directory indexes to
be served even when a <code class="directive">SetHandler</code> directive is
specified for an entire directory, but it can also result in some conflicts
- with modules such as <code class="directive">mod_rewrite</code>.</p>
+ with modules such as <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
diff --git a/docs/manual/mod/mod_dir.html.fr b/docs/manual/mod/mod_dir.html.fr
index 21d2a8e..f227757 100644
--- a/docs/manual/mod/mod_dir.html.fr
+++ b/docs/manual/mod/mod_dir.html.fr
@@ -98,12 +98,12 @@ comme si "DirectoryCheckHandler ON" avait
modules tels que <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> au cours des
substitutions de niveau r�pertoire.</p>
- <p>Dans les versions ant�rieures � 2.4, ce module ne modifiait pas
- son comportement si un autre gestionnaire avait �t� d�fini pour
- l'URL consid�r�e. Ceci permettait de servir des index de r�pertoires
- m�me si une directive <code class="directive">SetHandler</code> avait �t�
- d�finie pour un r�pertoire entier, mais pouvait aussi �tre �
- l'origine de conflits avec d'autres modules.</p>
+ <p>Dans les versions ant�rieures � 2.4, ce module ne modifiait pas son
+ comportement si un autre gestionnaire avait �t� d�fini pour l'URL
+ consid�r�e. Ceci permettait de servir des index de r�pertoires m�me si une
+ directive <code class="directive">SetHandler</code> avait �t� d�finie pour un
+ r�pertoire entier, mais pouvait aussi �tre � l'origine de conflits avec
+ d'autres modules comme <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
diff --git a/docs/manual/mod/mod_dir.html.tr.utf8 b/docs/manual/mod/mod_dir.html.tr.utf8
index 8afe707..eada369 100644
--- a/docs/manual/mod/mod_dir.html.tr.utf8
+++ b/docs/manual/mod/mod_dir.html.tr.utf8
@@ -98,7 +98,7 @@
<p>2.4 öncesi sürümlerde, bir URL için başka bir eylemcinin yapılandılmış
olması durumunda bu modül herhangi bir eylemde bulunmaz ve sonuç olarak,
tüm dizin için bir <code class="directive">SetHandler</code> belirtildiği durumda
- index dosyalarının sunulmasının yanında <code class="directive">mod_rewrite</code>
+ index dosyalarının sunulmasının yanında <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
gibi modüller de ayrıca bazı çelişkili sonuçlar oluşturabilir.</p>
</div>
diff --git a/docs/manual/mod/mod_headers.html.en b/docs/manual/mod/mod_headers.html.en
index 7f6e108..d25f1a9 100644
--- a/docs/manual/mod/mod_headers.html.en
+++ b/docs/manual/mod/mod_headers.html.en
@@ -309,8 +309,16 @@ available in 2.4.10 and later</td></tr>
<dt><code>setifempty</code></dt>
<dd>The request header is set, but only if there is no previous header
- with this name.<br />
- Available in 2.4.7 and later.</dd>
+ with this name.
+ <div class="note">
+ The Content-Type header is a special use case since there might be
+ the chance that its value have been determined but the header is not part
+ of the response when <code>setifempty</code> is evaluated.
+ It is safer to use <code>set</code> for this use case like in the
+ following example:
+ <pre class="prettyprint lang-config">Header set Content-Type "text/plain" "expr=-z %{CONTENT_TYPE}"</pre>
+
+ </div></dd>
<dt><code>unset</code></dt>
<dd>The response header of this name is removed, if it exists.
diff --git a/docs/manual/mod/mod_headers.html.fr b/docs/manual/mod/mod_headers.html.fr
index 62b5109..5c381fe 100644
--- a/docs/manual/mod/mod_headers.html.fr
+++ b/docs/manual/mod/mod_headers.html.fr
@@ -345,8 +345,15 @@ version 2.4.10</td></tr>
<dt><code>setifempty</code></dt>
<dd>L'en-t�te est d�fini, mais seulement s'il n'existe
- aucun en-t�te avec le m�me nom.<br />
- Disponible depuis la version 2.4.7 du serveur HTTP Apache.</dd>
+ aucun en-t�te avec le m�me nom.
+ <div class="note">
+ L'en-t�te Content-Type est un cas particulier car il est possible que sa
+ valeur ait �t� d�termin�e mais que l'en-t�te ne soit pas pr�sent dans la
+ r�ponse lorsque <code>setifempty</code> est �valu�. Dans ce cas, il est
+ pr�f�rable d'utiliser <code>set</code> comme dans l'exemple suivant :
+ <pre class="prettyprint lang-config">Header set Content-Type "text/plain" "expr=-z %{CONTENT_TYPE}"</pre>
+
+ </div></dd>
<dt><code>unset</code></dt>
<dd>L'en-t�te est supprim� s'il existe. Si plusieurs en-t�tes
diff --git a/docs/manual/mod/mod_http2.html.en b/docs/manual/mod/mod_http2.html.en
index c8dde1d..c425e9f 100644
--- a/docs/manual/mod/mod_http2.html.en
+++ b/docs/manual/mod/mod_http2.html.en
@@ -82,7 +82,9 @@
<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it works</a></li>
</ul><h3 class="directives">Directives</h3>
<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#h2copyfiles">H2CopyFiles</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2direct">H2Direct</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#h2earlyhints">H2EarlyHints</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2maxsessionstreams">H2MaxSessionStreams</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2maxworkers">H2MaxWorkers</a></li>
@@ -91,6 +93,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#h2push">H2Push</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2pushdiarysize">H2PushDiarySize</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2pushpriority">H2PushPriority</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#h2pushresource">H2PushResource</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2serializeheaders">H2SerializeHeaders</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2sessionextrafiles">H2SessionExtraFiles</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#h2streammaxmemsize">H2StreamMaxMemSize</a></li>
@@ -228,6 +231,38 @@
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="H2CopyFiles" id="H2CopyFiles">H2CopyFiles</a> <a name="h2copyfiles" id="h2copyfiles">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determine file handling in responses</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>H2CopyFiles on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>H2CopyFiles off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_http2</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.4.24 and later.</td></tr>
+</table>
+ <p>
+ This directive influences how file content is handled in
+ responses. When <code>off</code>, which is the default, file handles
+ are passed from the requestion processing down to the main
+ connection, using the usual Apache setaside handling for
+ managing the lifetime of the file.
+ </p>
+ <p>
+ When set to <code>on</code>, file content is copied while the
+ request is still being processed and the buffered data is passed
+ on to the main connection. This is better if a third party
+ module is injecting files with different lifetimes into the response.
+ </p>
+ <p>
+ An example for such a module is <code>mod_wsgi</code> that may place
+ Python file handles into the response. Those files get close down when
+ Python thinks processing has finished. That may be well before
+ <code class="module"><a href="../mod/mod_http2.html">mod_http2</a></code> is done with them.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="H2Direct" id="H2Direct">H2Direct</a> <a name="h2direct" id="h2direct">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>H2 Direct Protocol Switch</td></tr>
@@ -274,6 +309,31 @@
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="H2EarlyHints" id="H2EarlyHints">H2EarlyHints</a> <a name="h2earlyhints" id="h2earlyhints">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determine sending of 103 status codes</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>H2EarlyHints on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>H2EarlyHints off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_http2</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.4.24 and later.</td></tr>
+</table>
+ <p>
+ This setting controls if HTTP status 103 interim responses are
+ forwarded to the client or not. By default, this is currently
+ not the case since a range of clients still have trouble with
+ unexpected interim responses.
+ </p>
+ <p>
+ When set to <code>on</code>, PUSH resources announced with
+ <code>H2PushResource</code> will trigger an interim 103 response
+ before the final response. The 103 response will carry <code>Link</code>
+ headers that advise the <code>preload</code> of such resources.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="H2MaxSessionStreams" id="H2MaxSessionStreams">H2MaxSessionStreams</a> <a name="h2maxsessionstreams" id="h2maxsessionstreams">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum number of active streams per HTTP/2 session.</td></tr>
@@ -607,6 +667,41 @@ H2PushPriority text/css interleaved # weight 256 default</pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="H2PushResource" id="H2PushResource">H2PushResource</a> <a name="h2pushresource" id="h2pushresource">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Declares resources for early pushing to the client</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>H2PushResource [add] path [critical]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_http2</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.4.24 and later.</td></tr>
+</table>
+ <p>
+ When added to a directory/location HTTP/2 PUSHes will be attempted
+ for all paths added via this directive. This directive can be used
+ several times for the same location.
+ </p>
+ <p>
+ This directive pushes resources much earlier than adding
+ <code>Link</code> headers via <code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code>.
+ <code class="module"><a href="../mod/mod_http2.html">mod_http2</a></code> announces these resources in a
+ <code>103 Early Hints</code> interim response to the client.
+ That means that clients not supporting PUSH will still get
+ early preload hints.
+ </p>
+ <p>
+ In contrast to setting <code>Link</code> response headers
+ via <code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code>, this directive will only
+ take effect on HTTP/2 connections.
+ </p>
+ <p>
+ By adding <code>critical</code> to such a resource, the server
+ will give processing it more preference and send its data, once
+ available, before the data from the main request.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="H2SerializeHeaders" id="H2SerializeHeaders">H2SerializeHeaders</a> <a name="h2serializeheaders" id="h2serializeheaders">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Serialize Request/Response Processing Switch</td></tr>
diff --git a/docs/manual/mod/mod_log_config.html.tr.utf8 b/docs/manual/mod/mod_log_config.html.tr.utf8
index 1a34903..f3cfa86 100644
--- a/docs/manual/mod/mod_log_config.html.tr.utf8
+++ b/docs/manual/mod/mod_log_config.html.tr.utf8
@@ -32,7 +32,6 @@
<a href="../ko/mod/mod_log_config.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/mod/mod_log_config.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Sunucuya yapılan isteklerin günlük kayıtlarının tutulması
</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Temel</td></tr>
diff --git a/docs/manual/mod/mod_negotiation.html.fr b/docs/manual/mod/mod_negotiation.html.fr
index acb9a0f..621f766 100644
--- a/docs/manual/mod/mod_negotiation.html.fr
+++ b/docs/manual/mod/mod_negotiation.html.fr
@@ -30,8 +30,6 @@
<a href="../fr/mod/mod_negotiation.html" title="Fran�ais"> fr </a> |
<a href="../ja/mod/mod_negotiation.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p>
</div>
-<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
- anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Effectue la <a href="../content-negotiation.html">n�gociation de
contenu</a></td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Base</td></tr>
diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en
index ddffcbe..b706142 100644
--- a/docs/manual/mod/mod_proxy.html.en
+++ b/docs/manual/mod/mod_proxy.html.en
@@ -985,8 +985,9 @@ through</td></tr>
a local virtual path; <var>url</var> is a partial URL for the
remote server and cannot include a query string.</p>
- <div class="note"><strong>Note: </strong>This directive cannot be used within a
- <code><Directory></code> context.</div>
+ <div class="note"><strong>Note: </strong>This directive is not supported within
+ <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> and
+ <code class="directive"><a href="../mod/core.html#files"><Files></a></code> containers.</div>
<div class="warning">The <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive should
usually be set <strong>off</strong> when using
@@ -1018,8 +1019,6 @@ through</td></tr>
<code>http://example.com/mirror/foo/bar</code> to be internally converted
into a proxy request to <code>http://backend.example.com/bar</code>.</p>
- <p>The ProxyPass directive is not supported in <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> or <code class="directive"><a href="../mod/core.html#files"><Files></a></code> sections.</p>
-
<p>If you require a more flexible reverse-proxy configuration, see the
<code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
<code>[P]</code> flag.</p>
diff --git a/docs/manual/mod/mod_proxy.html.fr b/docs/manual/mod/mod_proxy.html.fr
index 12c310a..ba49e49 100644
--- a/docs/manual/mod/mod_proxy.html.fr
+++ b/docs/manual/mod/mod_proxy.html.fr
@@ -30,8 +30,6 @@
<a href="../fr/mod/mod_proxy.html" title="Fran�ais"> fr </a> |
<a href="../ja/mod/mod_proxy.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p>
</div>
-<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
- anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Serveur mandataire/passerelle multi-protocole</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Identificateur�de�Module:</a></th><td>proxy_module</td></tr>
@@ -376,6 +374,20 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10</pre>
r�partition. La directive <code class="directive"><a href="#balancermember">BalancerMember</a></code> permet d'ajouter des
membres au r�partiteur.</p>
+ <div class="note"><h3>R�solution DNS pour les domaines originaux</h3>
+ <p>La r�solution DNS s'effectue lorsque le socket vers le
+ domaine original est cr�� pour la premi�re fois. Lorsque le pooling de
+ connexions est utilis�, chaque domaine d'arri�re-plan n'est r�solu qu'une
+ seule fois pour chaque processus enfant, et cette r�solution est r�utilis�e
+ pour toutes les connexions ult�rieures jusqu'� ce que le processus enfant
+ soit recycl�. Ce comportement doit �tre pris en consid�ration lorsqu'on
+ planifie des t�ches de maintenance du DNS impactant les domaines
+ d'arri�re-plan. Veuillez aussi vous reporter aux param�tres de la
+ directive <code class="directive"><a href="#proxypass">ProxyPass</a></code> pour plus de
+ d�tails � propos de la r�utilisation des connexions.
+ </p>
+ </div>
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="access" id="access">Contr�ler l'acc�s � votre
@@ -1095,8 +1107,9 @@ sont support
chemin virtuel local ; <var>url</var> est une URL partielle pour le
serveur distant et ne doit pas contenir de cha�ne d'arguments.</p>
- <div class="note"><strong>Note : </strong>Cette directive ne peut pas �tre
- utilis�e dans un contexte de niveau r�pertoire.</div>
+ <div class="note"><strong>Note : </strong>Cette directive n'est pas support�e au sein
+ des sections <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>
+ et <code class="directive"><a href="../mod/core.html#files"><Files></a></code>.</div>
<div class="warning">En g�n�ral, la directive <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> doit �tre d�finie �
<strong>off</strong> lorsqu'on utilise la directive
@@ -1134,10 +1147,6 @@ sont support
<code>http://example.com/miroir/foo/bar</code> en une requ�te
mandat�e pour <code>http://backend.example.com/bar</code>.</p>
- <p>La directive ProxyPass ne peut pas �tre plac�e dans une section
- <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> ou
- <code class="directive"><a href="../mod/core.html#files"><Files></a></code>.</p>
-
<p>Si vous avez besoin d'un configuration de mandataire inverse plus
souple, reportez-vous � la documentaion de la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> et son drapeau
<code>[P]</code>.</p>
diff --git a/docs/manual/mod/mod_proxy_express.html.en b/docs/manual/mod/mod_proxy_express.html.en
index 414f341..84fe80e 100644
--- a/docs/manual/mod/mod_proxy_express.html.en
+++ b/docs/manual/mod/mod_proxy_express.html.en
@@ -44,7 +44,7 @@
than <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>, which also provides
dynamic growth, but is intended to handle much, much
larger numbers of backends. It is ideally suited as a
- front-end HTTP switch.</p>
+ front-end HTTP switch and for micro-services architectures.</p>
<p>This module <em>requires</em> the service of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>.</p>
diff --git a/docs/manual/mod/mod_proxy_express.html.fr b/docs/manual/mod/mod_proxy_express.html.fr
index 3eee3d4..c314068 100644
--- a/docs/manual/mod/mod_proxy_express.html.fr
+++ b/docs/manual/mod/mod_proxy_express.html.fr
@@ -29,6 +29,8 @@
<p><span>Langues Disponibles: </span><a href="../en/mod/mod_proxy_express.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/mod/mod_proxy_express.html" title="Fran�ais"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Extension � <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> pour le mandatement
dynamique inverse de masse</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
diff --git a/docs/manual/mod/mod_proxy_html.html.en b/docs/manual/mod/mod_proxy_html.html.en
index 298c439..e6d1055 100644
--- a/docs/manual/mod/mod_proxy_html.html.en
+++ b/docs/manual/mod/mod_proxy_html.html.en
@@ -278,13 +278,29 @@ for earlier 2.x versions</td></tr>
for earlier 2.x versions</td></tr>
</table>
<p>Specifies elements that have URL attributes that should be rewritten
-using standard <code class="directive">ProxyHTMLURLMap</code>s. You will need one
-ProxyHTMLLinks directive per element, but it can have any number of attributes.</p>
+using standard <code class="directive"><a href="#proxyhtmlurlmap">ProxyHTMLURLMap</a></code>s.
+You will need one ProxyHTMLLinks directive per element,
+but it can have any number of attributes.</p>
<p>Normally you'll set this globally. If you set ProxyHTMLLinks in more than
one scope so that one overrides the other, you'll need to specify a complete
set in each of those scopes.</p>
<p>A default configuration is supplied in <var>proxy-html.conf</var>
and defines the HTML links for standard HTML 4 and XHTML 1.</p>
+<div class="example"><h3>Examples from proxy-html.conf</h3><pre class="prettyprint lang-config">ProxyHTMLLinks a href
+ProxyHTMLLinks area href
+ProxyHTMLLinks link href
+ProxyHTMLLinks img src longdesc usemap
+ProxyHTMLLinks object classid codebase data usemap
+ProxyHTMLLinks q cite
+ProxyHTMLLinks blockquote cite
+ProxyHTMLLinks ins cite
+ProxyHTMLLinks del cite
+ProxyHTMLLinks form action
+ProxyHTMLLinks input src usemap
+ProxyHTMLLinks head profile
+ProxyHTMLLinks base href
+ProxyHTMLLinks script src for</pre>
+</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -322,6 +338,15 @@ module for earlier 2.x versions.</td></tr>
them to real HTTP headers, in keeping with the original purpose
of this form of the HTML <meta> element.</p>
+ <div class="warning"><h3>Warning</h3>
+ Because ProxyHTMLMeta promotes <strong>all</strong>
+ <code>http-equiv</code> elements to HTTP headers, it is important that you
+ only enable it in cases where you trust the HTML content as much as you
+ trust the upstream server. If the HTML is controlled by bad actors, it
+ will be possible for them to inject arbitrary, possibly malicious, HTTP
+ headers into your server's responses.
+ </div>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="ProxyHTMLStripComments" id="ProxyHTMLStripComments">ProxyHTMLStripComments</a> <a name="proxyhtmlstripcomments" id="proxyhtmlstripcomments">Directive</a></h2>
@@ -355,11 +380,14 @@ filter chain if stripping comments!</p>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Version 2.4 and later; available as a third-party
module for earlier 2.x versions.</td></tr>
</table>
-<p>This is the key directive for rewriting HTML links. When parsing a document,
+<p>This is the key directive for rewriting HTML links. When parsing a document,
whenever a link target matches <var>from-pattern</var>, the matching
portion will be rewritten to <var>to-pattern</var>, as modified by any
-flags supplied and by the <code class="directive">ProxyHTMLExtended</code>
-directive.</p>
+flags supplied and by the
+<code class="directive"><a href="#proxyhtmlextended">ProxyHTMLExtended</a></code> directive.
+Only the elements specified using
+the <code class="directive"><a href="#proxyhtmllinks">ProxyHTMLLinks</a></code> directive
+will be considered as HTML links.</p>
<p>The optional third argument may define any of the following
<strong>Flags</strong>. Flags are case-sensitive.</p>
diff --git a/docs/manual/mod/mod_proxy_html.html.fr b/docs/manual/mod/mod_proxy_html.html.fr
index dba7c67..154cd8f 100644
--- a/docs/manual/mod/mod_proxy_html.html.fr
+++ b/docs/manual/mod/mod_proxy_html.html.fr
@@ -313,18 +313,30 @@ Disponible en tant que module tiers dans les versions 2.x ant
<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>Disponible depuis la version 2.4 du serveur HTTP Apache.
Disponible en tant que module tiers dans les versions 2.x ant�rieures.</td></tr>
</table>
-<p>Cette directive permet de sp�cifier les �l�ments dont les attributs
-d'URL doivent �tre r��crits en utilisant les r�gles standards
-<code class="directive">ProxyHTMLURLMap</code>. Vous devez d�finir une directive
-ProxyHTMLLinks pour chaque �l�ment, mais chacune d'entre elles peut
-sp�cifier un nombre quelconque d'attributs</p>
-<p>Normalement, cette directive est d�finie globalement. Si vous
-d�finissez ProxyHTMLLinks � plusieurs niveaux, certains niveaux
-l'emportant sur d'autres, vous devrez sp�cifier un jeu complet
-de liens pour chaque niveau.</p>
-<p>Le fichier <var>proxy-html.conf</var> fournit une configuration par
-d�faut et d�finit les liens HTML selon les standards
-HTML 4 et XHTML 1.</p>
+<p>Cette directive permet de sp�cifier les �l�ments dont les attributs d'URL
+doivent �tre r��crits en utilisant les r�gles standards <code class="directive"><a href="#proxyhtmlurlmap">ProxyHTMLURLMap</a></code>. Vous devez d�finir une
+directive ProxyHTMLLinks pour chaque �l�ment, mais chacune d'entre elles peut
+sp�cifier un nombre quelconque d'attributs</p> <p>Normalement, cette directive
+est d�finie globalement. Si vous d�finissez ProxyHTMLLinks � plusieurs niveaux,
+certains niveaux l'emportant sur d'autres, vous devrez sp�cifier un jeu complet
+de liens pour chaque niveau.</p> <p>Le fichier <var>proxy-html.conf</var>
+fournit une configuration par d�faut et d�finit les liens HTML selon les
+standards HTML 4 et XHTML 1.</p>
+<div class="example"><h3>Exemples issus de proxy-html.conf</h3><pre class="prettyprint lang-config">ProxyHTMLLinks a href
+ProxyHTMLLinks area href
+ProxyHTMLLinks link href
+ProxyHTMLLinks img src longdesc usemap
+ProxyHTMLLinks object classid codebase data usemap
+ProxyHTMLLinks q cite
+ProxyHTMLLinks blockquote cite
+ProxyHTMLLinks ins cite
+ProxyHTMLLinks del cite
+ProxyHTMLLinks form action
+ProxyHTMLLinks input src usemap
+ProxyHTMLLinks head profile
+ProxyHTMLLinks base href
+ProxyHTMLLinks script src for</pre>
+</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -368,6 +380,16 @@ pr
en-t�tes HTTP, afin de conserver le but original de cette forme
de m�ta�l�ment HTML.</p>
+ <div class="warning"><h3>Avertissement</h3> Compte tenu du fait que la
+ directive ProxyHTMLMeta promeut <strong>tous</strong> les �l�ments
+ <code>http-equiv</code> au rang d'en-t�tes HTTP, il est conseill� de ne
+ l'activer que si vous faites autant confiance au contenu HTML qu'� votre
+ serveur mandataire. Avec cette directive en effet, si ce contenu est g�r�
+ par des gens malintentionn�s, ces derniers seront en mesure d'injecter des
+ en-t�tes HTTP arbitraires et peut-�tre malveillants dans les r�ponses de
+ votre serveur.
+ </div>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="proxyhtmlstripcomments" id="proxyhtmlstripcomments">Directive</a> <a name="ProxyHTMLStripComments" id="ProxyHTMLStripComments">ProxyHTMLStripComments</a></h2>
@@ -407,7 +429,9 @@ liens HTML. Lors de l'interpr
lien correspond � <var>mod�le-source</var>, la partie du lien concern�e
sera r��crite en <var>mod�le-cible</var>, en tenant compte des
modifications induites par les drapeaux �ventuellement sp�cifi�s et par
-la directive <code class="directive">ProxyHTMLExtended</code>.</p>
+la directive <code class="directive"><a href="#proxyhtmlextended">ProxyHTMLExtended</a></code>.
+Ne seront consid�r�s comme des liens HTML que les �l�ments sp�cifi�s via la
+directive <code class="directive"><a href="#proxyhtmllinks">ProxyHTMLLinks</a></code>.</p>
<p>Le troisi�me argument optionnel permet de f�finir un des drapeaux
suivants (les drapeaux sont sensibles � la casse) :</p>
diff --git a/docs/manual/mod/mod_proxy_http2.html.en b/docs/manual/mod/mod_proxy_http2.html.en
index 8a87a10..00080db 100644
--- a/docs/manual/mod/mod_proxy_http2.html.en
+++ b/docs/manual/mod/mod_proxy_http2.html.en
@@ -67,6 +67,7 @@
</div>
<div id="quickview"><h3>Topics</h3>
<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Basic Examples</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#notes">Request notes</a></li>
</ul><h3 class="directives">Directives</h3>
<p>This module provides no
@@ -79,6 +80,20 @@
<li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
+<h2><a name="examples" id="examples">Basic Examples</a></h2>
+
+ <p>The examples below demonstrate how to configure HTTP/2 for
+ backend connections for a reverse proxy. </p>
+
+ <div class="example"><h3>HTTP/2 (TLS)</h3><pre class="prettyprint lang-config">ProxyPass "/app" "h2://app.example.com"
+ProxyPassReverse "/app" "h2://app.example.com"</pre>
+</div>
+
+ <div class="example"><h3>HTTP/2 (cleartext)</h3><pre class="prettyprint lang-config">ProxyPass "/app" "h2c://app.example.com"
+ProxyPassReverse "/app" "h2c://app.example.com"</pre>
+</div>
+ </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
<h2><a name="notes" id="notes">Request notes</a></h2>
<p><code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code> creates the following request notes for
logging using the <code>%{VARNAME}n</code> format in
diff --git a/docs/manual/mod/mod_ratelimit.html.en b/docs/manual/mod/mod_ratelimit.html.en
index a2b4f29..76c302a 100644
--- a/docs/manual/mod/mod_ratelimit.html.en
+++ b/docs/manual/mod/mod_ratelimit.html.en
@@ -32,19 +32,31 @@
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Bandwidth Rate Limiting for Clients</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>ratelimit_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_ratelimit.c</td></tr></table>
+<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_ratelimit.c</td></tr>
+<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td><code>rate-initial-burst</code> available in httpd 2.4.24 and later.</td></tr></table>
<h3>Summary</h3>
<p>Provides a filter named <code>RATE_LIMIT</code> to limit client bandwidth.
+The throttling is applied to each HTTP response while it is transferred to the client,
+and not aggregated at IP/client level.
The connection speed to be simulated is specified, in KiB/s, using the environment
variable <code>rate-limit</code>.</p>
+<p>Optionally, an initial amount of burst data, in KiB, may be
+configured to be passed at full speed before throttling to the
+specified rate limit. This value is optional, and is set using
+the environment variable <code>rate-initial-burst</code>.</p>
+
<div class="example"><h3>Example Configuration</h3><pre class="prettyprint lang-config"><Location "/downloads">
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 400
+ SetEnv rate-initial-burst 512
</Location></pre>
-</div>
+<div class="warning">
+If the value specified for <code>rate-limit</code> causes integer overflow, the rate-limited will be disabled.
+If the value specified for <code>rate-limit-burst</code> causes integer overflow, the burst will be disabled.
+</div></div>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
diff --git a/docs/manual/mod/mod_ratelimit.html.fr b/docs/manual/mod/mod_ratelimit.html.fr
index c6ade19..6121e06 100644
--- a/docs/manual/mod/mod_ratelimit.html.fr
+++ b/docs/manual/mod/mod_ratelimit.html.fr
@@ -29,6 +29,8 @@
<p><span>Langues Disponibles: </span><a href="../en/mod/mod_ratelimit.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/mod/mod_ratelimit.html" title="Fran�ais"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Limitation de la bande passante pour les clients</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Identificateur�de�Module:</a></th><td>ratelimit_module</td></tr>
diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en
index d859582..6158586 100644
--- a/docs/manual/mod/mod_rewrite.html.en
+++ b/docs/manual/mod/mod_rewrite.html.en
@@ -123,7 +123,7 @@ URLs on the fly</td></tr>
<code class="directive"><a href="#rewriterule">RewriteRule</a></code> directives that
substitute a relative path.</p>
<p> This directive is <em>required</em> when you use a relative path
- in a substitution in per-directory (htaccess) context unless either
+ in a substitution in per-directory (htaccess) context unless any
of the following conditions are true:</p>
<ul>
<li> The original request, and the substitution, are underneath the
@@ -163,7 +163,7 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Defines a condition under which rewriting will take place
</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code> RewriteCond
- <em>TestString</em> <em>CondPattern</em></code></td></tr>
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
@@ -686,14 +686,14 @@ RewriteRule ^(.+) /other/archive/$1 [R]</pre>
RewriteRule "^/images" "-" [F]</pre>
</li>
+ </ol>
- <li>You can also set special flags for
- <em>CondPattern</em> by appending
+ <p>You can also set special flags for <em>CondPattern</em> by appending
<strong><code>[</code><em>flags</em><code>]</code></strong>
as the third argument to the <code>RewriteCond</code>
directive, where <em>flags</em> is a comma-separated list of any of the
- following flags:
-
+ following flags:</p>
+
<ul>
<li>'<strong><code>nocase|NC</code></strong>'
(<strong>n</strong>o <strong>c</strong>ase)<br />
@@ -730,8 +730,6 @@ RewriteRule ...some special stuff for any of these hosts...</pre>
is well understood.
</li>
</ul>
- </li>
- </ol>
<p><strong>Example:</strong></p>
@@ -1037,35 +1035,40 @@ RewriteRule "^/$" "/homepage.std.html" [L]</pre>
<p><a id="patterns" name="patterns"><em>Pattern</em></a> is
a perl compatible <a id="regexp" name="regexp">regular
- expression</a>. On the first RewriteRule, it is matched against
- the (%-decoded) <a href="directive-dict.html#Syntax">URL-path</a>
- of the request, or, in per-directory context (see below), the URL
- path relative to that per-directory context. Subsequent patterns
- are matched against the output of the last matching RewriteRule.</p>
+ expression</a>. What this pattern is compared against varies depending
+ on where the <code class="directive">RewriteRule</code> directive is defined. </p>
<div class="note"><h3><a id="what_is_matched" name="what_is_matched">What is matched?</a></h3>
- <p>In <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code> context,
- The <em>Pattern</em> will initially be matched against the part of the
- URL after the hostname and port, and before the query string (e.g. "/app1/index.html").</p>
- <p>In <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> and htaccess context,
- the <em>Pattern</em> will initially be matched against the
- <em>filesystem</em> path, after removing the prefix that led the server
- to the current <code class="directive">RewriteRule</code> (e.g. "app1/index.html"
- or "index.html" depending on where the directives are defined).</p>
+<ul>
+ <li><p>In <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code> context,
+ The <em>Pattern</em> will initially be matched against the part of the
+ URL after the hostname and port, and before the query string (e.g. "/app1/index.html").
+ This is the (%-decoded) <a href="directive-dict.html#Syntax">URL-path</a>.</p></li>
+
+ <li><p>In per-directory context (<code class="directive"><a href="../mod/core.html#directory">Directory</a></code> and .htaccess),
+ the <em>Pattern</em> is matched against only a partial path, for example a request
+ of "/app1/index.html" may result in comparison against "app1/index.html"
+ or "index.html" depending on where the <code class="directive">RewriteRule</code> is
+ defined.</p>
+
+ <p>The directory path where the rule is defined is stripped from the currently mapped
+ filesystem path before comparison (up to and including a trailing slash).
+ The net result of this per-directory prefix stripping is that rules in
+ this context only match against the portion of the currently mapped filesystem path
+ "below" where the rule is defined.</p>
+
+ <p>Directives such as <code class="directive">DocumentRoot</code> and <code class="directive">Alias</code>, or even the
+ result of previous <code class="directive">RewriteRule</code> substitutions, determine
+ the currently mapped filesystem path.
+ </p>
+ </li>
- <p>If you wish to match against the hostname, port, or query string, use a
+ <li><p>If you wish to match against the hostname, port, or query string, use a
<code class="directive"><a href="#rewritecond">RewriteCond</a></code> with the
<code>%{HTTP_HOST}</code>, <code>%{SERVER_PORT}</code>, or
- <code>%{QUERY_STRING}</code> variables respectively.</p>
-
- <p>In any case, remember that regular expressions are substring
- matches. That is, you don't need the regex to describe the entire
- string, just the part that you wish to match. Thus, using a regex
- of <code>.</code> is often sufficient rather than <code>.*</code>,
- and the regex <code>abc</code> is <strong>not</strong> the same as
- <code>^abc$</code>.</p>
-
+ <code>%{QUERY_STRING}</code> variables respectively.</p></li>
+</ul>
</div>
<div class="note"><h3>Per-directory Rewrites</h3>
@@ -1080,12 +1083,7 @@ administrator has disabled override of <code>FollowSymLinks</code> for
a user's directory, then you cannot use the rewrite engine. This
restriction is required for security reasons.</li>
-<li>When using the rewrite engine in <code>.htaccess</code> files the
-per-directory prefix (which always is the same for a specific
-directory) is automatically <em>removed</em> for the RewriteRule pattern matching
-and automatically <em>added</em> after any relative (not starting with a
-slash or protocol name) substitution encounters the end of a rule set.
-See the <code class="directive"><a href="#rewritebase">RewriteBase</a></code>
+<li>See the <code class="directive"><a href="#rewritebase">RewriteBase</a></code>
directive for more information regarding what prefix will be added back to
relative substitutions.</li>
diff --git a/docs/manual/mod/mod_rewrite.html.fr b/docs/manual/mod/mod_rewrite.html.fr
index c0a68d4..fcf11f3 100644
--- a/docs/manual/mod/mod_rewrite.html.fr
+++ b/docs/manual/mod/mod_rewrite.html.fr
@@ -140,8 +140,9 @@ r
r�pertoire (htaccess), sauf si au moins une de ces conditions est
v�rifi�e :</p>
<ul>
- <li>La requ�te initiale, ainsi que la substitution, sont dans
- la <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> (c'est �
+ <li>La requ�te initiale, ainsi que la substitution, se
+ situent par raport � la valeur de la directive
+ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> (c'est �
dire que pour y acc�der, il n'est pas n�cessaire d'utiliser
une directive telle qu'<code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>).</li>
<li>Le chemin du syst�me de fichiers vers le r�pertoire
@@ -149,8 +150,9 @@ r
la substitution relative est aussi valide en tant qu'URL sur
le serveur (ce qui est rare).</li>
<li>A partir de la version 2.4.16 du serveur HTTP Apache,
- cette directive peut �tre omise lorsque la requ�te est
- transform�e via une directive <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> ou le module
+ cette directive peut �tre omise lorsque la requ�te est mise en
+ correspondance avec le syst�me de fichiers via la directive
+ <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> ou le module
<code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code>.</li>
</ul>
@@ -179,7 +181,7 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
la r��criture soit effectu�e
</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code> RewriteCond
- <em>cha�ne_de_test</em> <em>expression_de_comparaison</em></code></td></tr>
+ <em>cha�ne_de_test</em> <em>expression_de_comparaison</em> [<em>drapeaux</em>]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel, r�pertoire, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
@@ -393,13 +395,12 @@ la r
en-t�te ajout� par le navigateur. Cette
valeur n'a pas �t� d�s�chapp�e (d�cod�e), � la
diff�rence de la plupart des variables suivantes.</dd>
-
</dl>
</li>
</ul>
- <p>Si <em>cha�ne_de_test</em> contient la valeur sp�ciale
+ <p>Si la <em>cha�ne_de_test</em> contient la valeur sp�ciale
<code>expr</code>, <em>expression_de_comparaison</em> sera trait�
en tant qu'expression rationnelle de type <a href="../expr.html">ap_expr</a>. Si des en-t�tes HTTP sont
r�f�renc�s dans l'expression rationnelle, et si le drapeau
@@ -517,12 +518,13 @@ la r
<ol>
<li>Vous pouvez pr�fixer l'expression avec un caract�re
'<code>!</code>' (point d'exclamation) pour inverser le r�sultat
- de la condition, quelle que soit l'<em>expression_de_comparaison</em> utilis�e.</li>
+ de la condition, quelle que soit l'<em>expression de
+ comparaison</em> utilis�e.</li>
<li>Vous pouvez effectuer des comparaisons lexicographiques de
cha�nes :
- <dl>
+ <dl>
<dt><strong><expression</strong></dt>
<dd>inf�rieur au sens lexicographique<br />
Traite l'<em>expression</em> comme une cha�ne de
@@ -551,7 +553,7 @@ la r
<em>cha�ne_de_test</em> est compar�e � la
cha�ne vide.</dd>
- <dt><strong><=expression_de_comparaison</strong></dt>
+ <dt><strong><=expression de comparaison</strong></dt>
<dd>inf�rieur ou �gal � au sens lexicographique<br />
Consid�re l'<em>expression_de_comparaison</em> comme une
cha�ne de caract�res et la compare au sens lexicographique �
@@ -560,7 +562,7 @@ la r
�gale � <em>expression_de_comparaison</em> (les deux cha�nes
sont identiques, caract�re pour caract�re).</dd>
- <dt><strong>>=expression_de_comparaison</strong></dt>
+ <dt><strong>>=expression de comparaison</strong></dt>
<dd>sup�rieur ou �gal � au sens lexicographique<br />
Consid�re l'<em>expression_de_comparaison</em> comme une
cha�ne de caract�res et la compare au sens lexicographique �
@@ -568,7 +570,8 @@ la r
suit lexicographiquement <em>expression_de_comparaison</em>, ou est
�gale � <em>expression_de_comparaison</em> (les deux cha�nes
sont identiques, caract�re pour caract�re).</dd>
- </dl></li>
+ </dl>
+ </li>
<li>
Vous pouvez effectuer des comparaisons d'entiers :
@@ -577,28 +580,31 @@ la r
<dt><strong>-eq</strong></dt>
<dd>est num�riquement �gal �<br />
La <em>cha�ne_de_test</em> est consid�r�e comme un entier,
- et est compar�e num�riquement � l'<em>expression_de_comparaison</em>. Vrai si les deux expressions sont
+ et est compar�e num�riquement � l'<em>expression de
+ comparaison</em>. Vrai si les deux expressions sont
num�riquement �gales.</dd>
<dt><strong>-ge</strong></dt>
<dd>est num�riquement sup�rieur ou �gal �<br />
La <em>cha�ne_de_test</em> est consid�r�e comme un entier,
- et est compar�e num�riquement � l'<em>expression_de_comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
- num�riquement
- sup�rieure ou �gale �
+ et est compar�e num�riquement � l'<em>expression de
+ comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
+ num�riquement sup�rieure ou �gale �
<em>expression_de_comparaison</em>.</dd>
<dt><strong>-gt</strong></dt>
<dd>est num�riquement sup�rieur �<br />
La <em>cha�ne_de_test</em> est consid�r�e comme un entier,
- et est compar�e num�riquement � l'<em>expression_de_comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
+ et est compar�e num�riquement � l'<em>expression de
+ comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
num�riquement
sup�rieure � <em>expression_de_comparaison</em>.</dd>
<dt><strong>-le</strong></dt>
<dd>est num�riquement inf�rieur ou �gal �<br />
La <em>cha�ne_de_test</em> est consid�r�e comme un entier,
- et est compar�e num�riquement � l'<em>expression_de_comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
+ et est compar�e num�riquement � l'<em>expression de
+ comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
num�riquement
inf�rieure ou �gale � <em>expression_de_comparaison</em>.
Attention � la confusion avec le drapeau <strong>-l</strong>
@@ -608,7 +614,8 @@ la r
<dt><strong>-lt</strong></dt>
<dd>est num�riquement inf�rieur �<br />
La <em>cha�ne_de_test</em> est consid�r�e comme un entier,
- et est compar�e num�riquement � l'<em>expression_de_comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
+ et est compar�e num�riquement � l'<em>expression de
+ comparaison</em>. Vrai si <em>cha�ne_de_test</em> est
num�riquement
inf�rieure � <em>expression_de_comparaison</em>.
Attention � la confusion avec le drapeau <strong>-l</strong>
@@ -630,7 +637,7 @@ la r
<dl>
<dt><strong>-d</strong></dt>
- <dd>est un r�pertoire (<strong>d</strong>irectory)<br />
+ <dd>est un <strong>r</strong>�pertoire<br />
Traite <em>cha�ne_de_test</em> comme un chemin et v�rifie
s'il existe ou pas, et s'il s'agit d'un r�pertoire.</dd>
@@ -653,7 +660,7 @@ la r
Voir <strong>-l</strong>.</dd>
<dt><strong>-l</strong></dt>
- <dd>est un lien symbolique<br />
+ <dd>est un <strong>l</strong>ien symbolique<br />
Consid�re la <em>cha�ne_de_test</em> comme un chemin et
v�rifie son existence et si elle est un lien symbolique. On
peut aussi utiliser la convention bash <strong>-L</strong>
@@ -671,7 +678,8 @@ la r
d'une taille sup�rieure � z�ro.</dd>
<dt><strong>-U</strong></dt>
- <dd><p>test de l'existence d'une URL via une sous-requ�te<br />
+ <dd><p>test de l'existence d'une
+ URL via une sous-requ�te<br />
V�rifie si <em>cha�ne_de_test</em> est une URL valide,
accessible � travers tous les contr�les d'acc�s du serveur
actuellement configur�s pour ce chemin. C'est une
@@ -704,7 +712,7 @@ RewriteRule ^(.+) /other/archive/$1 [R]</pre>
<li>
<p>Si la <em>cha�ne_de_test</em> contient la valeur sp�ciale
- <code>expr</code>, la <em>cha�ne_de_comparaison</em> sera
+ <code>expr</code>, la <em>cha�ne de comparaison</em> sera
trait�e en tant qu'expression rationnelle de type <a href="../expr.html">ap_expr</a>.</p>
<p>
@@ -718,13 +726,14 @@ RewriteRule ^(.+) /other/archive/$1 [R]</pre>
RewriteRule "^/images" "-" [F]</pre>
</li>
+ </ol>
- <li>Vous pouvez aussi d�finir certains drapeaux pour
+ <p>Vous pouvez aussi d�finir certains drapeaux pour
l'<em>expression_de_comparaison</em> en ajoutant ces
<strong><code>[</code><em>drapeaux</em><code>]</code></strong>
comme troisi�me argument de la directive
<code>RewriteCond</code>, o� <em>drapeaux</em> est un
- sous-ensemble s�par� par des virgules des drapeaux suivants :
+ sous-ensemble s�par� par des virgules des drapeaux suivants :</p>
<ul>
<li>'<strong><code>nocase|NC</code></strong>'
@@ -765,8 +774,7 @@ RewriteRule ...r
fonctionnement de l'en-t�te Vary.
</li>
</ul>
- </li>
- </ol>
+
<p><strong>Exemple :</strong></p>
@@ -775,17 +783,18 @@ RewriteRule ...r
pouvez utiliser ce qui suit : </p>
<pre class="prettyprint lang-config">RewriteCond "%{HTTP_USER_AGENT}" "(iPhone|Blackberry|Android)"
-RewriteRule "^/$" "/homepage.mobile.html" [L]
+RewriteRule "^/$" "/homepage.mobile.html" [L]
-RewriteRule "^/$" "/homepage.std.html" [L]</pre>
+RewriteRule "^/$" "/homepage.std.html" [L]</pre>
<p>Explications : si vous utilisez un navigateur
- qui s'identifie comme un navigateur de mobile (notez que cet
- exemple est incomplet car il existe de nombreuses autres
- plateformes mobiles), c'est la version mobile de la page
- d'accueil qui sera servie. Dans le cas contraire, vous verrez
- s'afficher la page d'accueil standard.</p>
+ qui s'identifie comme un
+ navigateur de plateforme mobile (notez que l'exemple est
+ incomplet car il existe de nombreuses autres plateformes
+ mobiles), c'est la version pour mobile de la page d'accueil qui
+ sera renvoy�e. Dans le cas contraire, ce sera la page d'accueil
+ standard.</p>
</div>
@@ -845,8 +854,7 @@ recherche de mots-cl
La source utilis�e pour cette recherche peut �tre de plusieurs
types.</p>
- <p><a id="mapfunc" name="mapfunc"><em>MapName</em></a>
- est le nom de la table de correspondance
+ <p><a id="mapfunc" name="mapfunc"><em>MapName</em></a> est le nom de la table de correspondance
et servira � sp�cifier une fonction de mise en correspondance
pour les cha�nes de substitution d'une r�gle de r��criture selon
une des constructions suivantes :</p>
@@ -873,7 +881,7 @@ recherche de mots-cl
<p>Par exemple, vous pouvez d�finir une directive
<code class="directive">RewriteMap</code> comme suit </p>
- <pre class="prettyprint lang-config">RewriteMap "map-exemple" "txt:/chemin/vers/fichier/map.txt"</pre>
+ <pre class="prettyprint lang-config">RewriteMap map-exemple "txt:/chemin/vers/fichier/map.txt"</pre>
<p>Vous pourrez ensuite utiliser cette table dans une
@@ -883,7 +891,7 @@ recherche de mots-cl
<p>Les combinaisons suivantes pour <em>type de correspondance</em>
- et <em>source de la correspondance</em>
+ et <em>MapSource</em>
peuvent �tre utilis�es :</p>
<dl>
@@ -967,8 +975,7 @@ pour le moteur de r
les r�gles sp�cifi�es dans le niveau parent s'appliquent
<strong>avant</strong> les r�gles sp�cifi�es dans le niveau
enfant.<br />
- Disponible depuis la version 2.3.10 du serveur HTTP
- Apache.</p>
+ Disponible depuis la version 2.3.10 du serveur HTTP Apache.</p>
</dd>
<dt><code>InheritDown</code></dt>
@@ -1005,7 +1012,7 @@ pour le moteur de r
Cette option est disponible � partir
de la version 2.4.8 du serveur HTTP Apache.</p>
</dd>
-
+
<dt><code>AllowNoSlash</code></dt>
<dd>
<p>Par d�faut, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> ignore les URLs qui
@@ -1053,21 +1060,23 @@ pour le moteur de r
de l'URI r��crite, comme indiqu� dans les liens ci-dessus.</p>
</div>
</dd>
+
<dt><code>MergeBase</code></dt>
<dd>
- <p>Avec cette option, la valeur de la directive <code class="directive"><a href="#rewritebase">RewriteBase</a></code> est copi�e depuis le
- r�pertoire o� elle est explicitement d�finie dans tout
- sous-r�pertoire qui ne d�finit pas sa propre directive <code class="directive"><a href="#rewritebase">RewriteBase</a></code>. C'�tait le
- comportement par d�faut de la version 2.4.0 � la version 2.4.3, et
- cette option permet de le r�tablir � partir de la version 2.4.4 du
- serveur HTTP Apache.</p>
+ <p>Avec cette option, la valeur de la directive <code class="directive"><a href="#rewritebase">RewriteBase</a></code> est recopi�e depuis
+ une valeur explicitement d�finie dans tout sous-r�pertoire qui ne
+ d�finit pas sa propre directive <code class="directive"><a href="#rewritebase">RewriteBase</a></code>. Il s'agissait du
+ comportement par d�faut avec les versions 2.4.0 � 2.4.3, et ce
+ drapeau qui permet de retrouver ce comportement est disponible
+ depuis la version 2.4.4 du serveur HTTP Apache.</p>
</dd>
-
+
<dt><code>IgnoreContextInfo</code></dt>
<dd>
- <p>Lors d'une substitution relative dans un contexte de r�pertoire (htaccess),
+ <p>Lors d'une
+ substitution relative dans un contexte de r�pertoire (htaccess),
et si la directive <code class="directive"><a href="#rewritebase">RewriteBase</a></code> n'a pas �t� d�finie,
ce module utilise des informations en provenance d'une extension
d'URL et du contexte du syst�me de fichiers pour transformer la
@@ -1101,45 +1110,44 @@ pour le moteur de r
<p><a id="patterns" name="patterns"><em>Mod�le</em></a> est une
<a id="regexp" name="regexp">expression rationnelle</a>
- compatible perl. Dans la premi�re r�gle de r��criture,
- l'expression est compar�e au (%-decoded)
- <a href="./directive-dict.html#Syntax">chemin de l'URL</a> de la
- requ�te, ou, dans un contexte de r�pertoire (voir
- ci-dessous), au chemin de l'URL relativement � ce contexte de
- r�pertoire.
- Les expressions suivantes sont compar�es � la sortie de
- la derni�re r�gle de r��criture qui
- correspondait.</p>
+ compatible perl. Ce avec quoi ce mod�le est compar� d�pend de l'endroit o�
+ la directive <code class="directive">RewriteRule</code> est d�finie.</p>
<div class="note"><h3><a id="what_is_matched" name="what_is_matched">Qu'est-ce qui est compar� ?</a></h3>
- <p>Dans un contexte de serveur virtuel <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code>, le <em>mod�le</em> est tout
+<ul>
+ <li><p>Dans un contexte de serveur virtuel <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code>, le <em>mod�le</em> est tout
d'abord compar� � la portion de l'URL situ�e entre le nom d'h�te
�ventuellement accompagn� du port, et la cha�ne de param�tres (par
- exemple "/app1/index.html").</p>
-
- <p>Dans les contextes de r�pertoire <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> et htaccess, le
- <em>mod�le</em> est tout d'abord compar� au chemin du <em>syst�me
- de fichiers</em>, apr�s suppression du pr�fixe ou chemin de base
- ayant conduit le serveur vers la r�gle <code class="directive">RewriteRule</code> (par
- exemple "app1/index.html" ou
- "index.html" selon l'endroit o� les directives sont d�finies).</p>
+ exemple "/app1/index.html"). Il s'agit du <a href="directive-dict.html#Syntax">URL-path</a> d�cod� de sa valeur "%xx".</p></li>
+
+ <li><p>Dans un contexte de r�pertoire (sections <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> et fichiers .htaccess), le
+ <em>Mod�le</em> est compar� avec une partie de chemin ; par exemple une
+ requ�te pour "/app1/index.html" entra�nera une comparaison avec
+ "app1/index.html" ou "index.html" selon l'endroit o� la directive
+ <code class="directive">RewriteRule</code> est d�finie.</p>
+
+ <p>Le chemin o� la r�gle est d�fini est supprim� du chemin correspondant
+ du syst�me de fichiers avant comparaison (jusqu'au slash final compris).
+ En cons�quence de cette suppression, les r�gles d�finies dans
+ ce contexte n'effectuent des comparaisons qu'avec la portion du chemin
+ du syst�me de fichiers "en dessous" de l'endroit o� la r�gle est d�finie.</p>
+
+ <p>Le chemin correspondant actuel du syst�me de fichiers est d�termin� par
+ des directives telles que <code class="directive">DocumentRoot</code> et
+ <code class="directive">Alias</code>, ou m�me le r�sultat de substitutions dans
+ des r�gles <code class="directive">RewriteRule</code> pr�c�dentes.
+ </p>
+ </li>
- <p>Si vous souhaitez faire une comparaison sur le nom
+ <li><p>Si vous souhaitez faire une comparaison sur le nom
d'h�te, le port, ou la cha�ne de requ�te, utilisez une
directive <code class="directive"><a href="#rewritecond">RewriteCond</a></code>
comportant respectivement les variables
<code>%{HTTP_HOST}</code>, <code>%{SERVER_PORT}</code>, ou
- <code>%{QUERY_STRING}</code>.</p>
-
- <p>Dans tous les cas, il faut garder � l'esprit que les expressions
- rationnelles permettent de rechercher des correspondances de sous-cha�nes.
- En d'autres termes, l'expression rationnelle n'a pas besoin de correspondre �
- l'ensemble de la cha�ne, mais seulement � la partie que vous souhaitez
- voir correspondre. Ainsi, l'utilisation de l'expression <code>.</code> est
- souvent suffisante et pr�f�rable � <code>.*</code>, et l'expression
- <code>abc</code> <strong>n'est pas</strong> identique � l'expression
- <code>^abc$</code>.</p>
+ <code>%{QUERY_STRING}</code>.</p></li>
+</ul>
+
</div>
<div class="note"><h3>R��critures dans un contexte de r�pertoire</h3>
@@ -1157,16 +1165,9 @@ niveau du r
moteur de r��criture. Cette restriction a �t� instaur�e � des fins de
s�curit�.</li>
-<li>Lorsqu'on utilise le moteur de r��criture dans un fichier
-<code>.htaccess</code>, le chemin de base du r�pertoire courant (qui est
-toujours le m�me pour ce m�me r�pertoire) est automatiquement
-<em>supprim�</em> au cours de la comparaison avec le mod�le de la r�gle
-de r��criture, et automatiquement <em>ajout�</em> lorsqu'une
-substitution relative (ne d�butant pas par un slash ou un nom de
-protocole) arrive � la fin d'un jeu de r�gles. Voir la directive
-<code class="directive"><a href="#rewritebase">RewriteBase</a></code> pour plus de
-d�tails � propos de l'ajout du pr�fixe apr�s les substitutions
-relatives.</li>
+<li>Voir la directive
+<code class="directive"><a href="#rewritebase">RewriteBase</a></code> pour plus de d�tails �
+propos de l'ajout du pr�fixe apr�s les substitutions relatives.</li>
<li>Si vous souhaitez effectuer une comparaison en prenant en compte
l'int�gralit� du
@@ -1269,7 +1270,7 @@ substitution !
</dl>
- <p>En plus du texte, la cha�ne <em>Substition</em> peut
+ <p>En plus du texte, la cha�ne <em>Substitution</em> peut
comporter :</p>
<ol>
@@ -1291,7 +1292,7 @@ substitution !
<code>$</code><strong>N</strong> (<strong>N</strong>=0..9), qui
seront remplac�s par le contenu du <strong>N</strong>�me groupe
du <em>Mod�le</em> qui correspondait. Les variables du serveur
- sont les m�mes que dans la <em>Cha�ne de test</em> d'une
+ sont les m�mes que dans la <em>Cha�ne_de_test</em> d'une
directive <code class="directive"><a href="#rewritecond">RewriteCond</a></code>. Les
fonctions de comparaison sont issues de la directive <code class="directive"><a href="#rewritemap">RewriteMap</a></code> dans la
section de laquelle elles sont d�crites. Ces trois types de
@@ -1339,19 +1340,20 @@ substitution !
</tr>
<tr>
<td>B</td>
- <td>Echappe les caract�res non-alphanum�riques dans les
- r�f�rences arri�res <em>avant</em> d'appliquer la transformation. <em><a href="../rewrite/flags.html#flag_b">d�tails ...</a></em></td>
+ <td>Echappe les caract�res non-alphanum�riques
+ dans les r�f�rences arri�res <em>avant</em>
+ d'appliquer la transformation. <em><a href="../rewrite/flags.html#flag_b">d�tails ...</a></em></td>
</tr>
<tr class="odd">
<td>backrefnoplus|BNP</td>
- <td>Avec ce drapeau, si les r�f�rences arri�res sont �chapp�es,
+ <td>Avec ce drapeau, si les r�f�rences arri�res sont �chapp�es,
les espaces seront �chapp�s en %20 au lieu de +. Ceci s'av�re
utile lorsqu'une r�f�rence arri�re est utilis�e dans la partie
chemin, et non dans la cha�ne de param�tres de la requ�te ;
- pour plus de d�tails, voir <em><a href="../rewrite/flags.html#flag_bnp">ici.</a></em></td>
+ pour plus de d�tails, voir <em><a href="../rewrite/flags.html#flag_bnp">ici.</a></em></td>
</tr>
-<tr>
- <td>chain|C</td>
+<tr>
+ <td>chain|C</td>
<td>La r�gle est cha�n�e avec la r�gle suivante. Si la r�gle
�choue, la ou les r�gles avec lesquelles elle est est cha�n�e
seront saut�es. <em><a href="../rewrite/flags.html#flag_c">d�tails ...</a></em></td>
diff --git a/docs/manual/mod/mod_setenvif.html.fr b/docs/manual/mod/mod_setenvif.html.fr
index 81279e5..095caf2 100644
--- a/docs/manual/mod/mod_setenvif.html.fr
+++ b/docs/manual/mod/mod_setenvif.html.fr
@@ -219,9 +219,9 @@ ainsi que les valeurs optionnelles qui doivent leur
peuvent se pr�senter sous les formes suivantes :</p>
<ol>
- <li><code><em>nom-variable</em></code>, or</li>
+ <li><code><em>nom-variable</em></code>, ou</li>
- <li><code>!<em>nom-variable</em></code>, or</li>
+ <li><code>!<em>nom-variable</em></code>, ou</li>
<li><code><em>nom-variable</em>=<em>valeur</em></code></li>
</ol>
@@ -253,9 +253,9 @@ SetEnvIf ^TS ^[a-z] HAVE_TS</pre>
<p>Les trois premi�res lignes d�finissent la variable
d'environnement <code>objet_est_une_image</code> si l'objet de la
requ�te est un fichier image, et la quatri�me d�finit la variable
- <code>r�f�rant_intra_site</code> si la page r�f�rante se trouve
+ <code>intra_site_referral</code> si la page r�f�rante se trouve
quelque part dans le site web
- <code>www.mon-domaine.example.com</code>.</p>
+ <code>www.mydomain.example.com</code>.</p>
<p>La derni�re ligne d�finit la variable d'environnement
<code>HAVE_TS</code> si la requ�te contient un en-t�te dont le nom
@@ -329,7 +329,7 @@ attributs de la requ
d'un point de vue s�mantique � la directive <code class="directive"><a href="#setenvif">SetEnvIf</a></code>, et ne s'en distingue que
par le fait que la comparaison des expressions rationnelles est
effectu�e sans tenir compte de la casse. Par exemple :</p>
-<pre class="prettyprint lang-config">SetEnvIfNoCase Host Example\.Org site=apache</pre>
+<pre class="prettyprint lang-config">SetEnvIfNoCase Host Example\.Org site=example</pre>
<p>Cette ligne va d�finir la variable d'environnement
diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en
index 706ffbc..a13cd48 100644
--- a/docs/manual/mod/mod_ssl.html.en
+++ b/docs/manual/mod/mod_ssl.html.en
@@ -1704,7 +1704,8 @@ proxy handshake</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
</table>
-<p>Equivalent to <code>SSLCipherSuite</code>, but for the proxy connection.
+<p>Equivalent to <code class="directive"><a href="#sslciphersuite">SSLCipherSuite</a></code>, but
+for the proxy connection.
Please refer to <code class="directive"><a href="#sslciphersuite">SSLCipherSuite</a></code>
for additional information.</p>
@@ -1725,11 +1726,12 @@ is usually used inside a <code class="directive"><a href="../mod/core.html#virtu
usage in a particular virtual host. By default the SSL/TLS Protocol Engine is
disabled for proxy both for the main server and all configured virtual hosts.</p>
-<p>Note that the SSLProxyEngine directive should not, in
+<p>Note that the <code class="directive">SSLProxyEngine</code> directive should not, in
general, be included in a virtual host that will be acting as a
-forward proxy (using <Proxy> or <ProxyRequest> directives.
-SSLProxyEngine is not required to enable a forward proxy server to
-proxy SSL/TLS requests.</p>
+forward proxy (using <code class="directive"><a href="../mod/mod_proxy.html#proxy"><Proxy></a></code>
+or <code class="directive"><a href="../mod/mod_proxy.html#proxyrequests">ProxyRequests</a></code> directives).
+<code class="directive">SSLProxyEngine</code> is not required to enable a forward proxy
+server to proxy SSL/TLS requests.</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><VirtualHost _default_:443>
SSLProxyEngine on
@@ -2656,13 +2658,9 @@ The following levels are available for <em>level</em>:</p>
the client <em>has to</em> present a valid Certificate</li>
<li><strong>optional_no_ca</strong>:
the client may present a valid Certificate<br />
- but it need not to be (successfully) verifiable.</li>
+ but it need not to be (successfully) verifiable. This option
+ cannot be relied upon for client authentication. </li>
</ul>
-<p>In practice only levels <strong>none</strong> and
-<strong>require</strong> are really interesting, because level
-<strong>optional</strong> doesn't work with all browsers and level
-<strong>optional_no_ca</strong> is actually against the idea of
-authentication (but can be used to establish SSL test pages, etc.)</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyClient require</pre>
</div>
diff --git a/docs/manual/mod/mod_ssl.html.fr b/docs/manual/mod/mod_ssl.html.fr
index c9d5ea9..7367db3 100644
--- a/docs/manual/mod/mod_ssl.html.fr
+++ b/docs/manual/mod/mod_ssl.html.fr
@@ -1902,10 +1902,8 @@ lors de l'initialisation d'une connexion SSL de mandataire</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
</table>
-<p>Cette directive est �quivalente � la directive
-<code>SSLCipherSuite</code>, mais s'applique � une connexion de
-mandataire. Veuillez vous reporter � la directive <code class="directive"><a href="#sslciphersuite">SSLCipherSuite</a></code> pour plus
-d'informations.</p>
+<p>Cette directive est �quivalente � la directive <code class="directive"><a href="#sslciphersuite">SSLCipherSuite</a></code>, mais s'applique � une connexion de
+mandataire. Veuillez vous reporter � la directive <code class="directive"><a href="#sslciphersuite">SSLCipherSuite</a></code> pour plus d'informations.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -1928,11 +1926,11 @@ d
mandataire du serveur principal et de tous les serveurs virtuels
configur�s.</p>
-<p>Notez que la directive SSLProxyEngine ne doit g�n�ralement pas �tre
-utilis�e dans le cadre d'un serveur virtuel qui agit en tant que
-mandataire direct (via les directives <Proxy> ou
-<ProxyRequest>). SSLProxyEngine n'est pas n�cessaire pour activer
-un serveur mandataire direct pour les requ�tes SSL/TLS.</p>
+<p>Notez que la directive <code class="directive">SSLProxyEngine</code> ne doit
+g�n�ralement pas �tre utilis�e dans le cadre d'un serveur virtuel qui agit en
+tant que mandataire direct (via les directives <code class="directive"><a href="../mod/mod_proxy.html#proxy"><Proxy></a></code> ou <code class="directive"><a href="../mod/mod_proxy.html#proxyrequests">ProxyRequests</a></code>).
+<code class="directive">SSLProxyEngine</code> n'est pas n�cessaire pour activer un
+serveur mandataire direct pour les requ�tes SSL/TLS.</p>
<div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><VirtualHost _default_:443>
@@ -2944,14 +2942,9 @@ Les valeurs de <em>niveau</em> disponibles sont les suivantes :</p>
le client <em>doit</em> pr�senter un certificat valide</li>
<li><strong>optional_no_ca</strong>:
le client peut pr�senter un certificat valide, mais il n'est pas
- n�cessaire que ce dernier soit v�rifiable (avec succ�s).</li>
+ n�cessaire que ce dernier soit v�rifiable (avec succ�s). Cette option ne
+ peut pas �tre utilis�e lors de l'authentification du client.</li>
</ul>
-<p>En pratique, seuls les niveaux <strong>none</strong> et
-<strong>require</strong> sont vraiment int�ressants, car le niveau
-<strong>optional</strong> ne fonctionne pas avec tous les navigateurs,
-et le niveau <strong>optional_no_ca</strong> va vraiment � l'encontre de
-l'id�e que l'on peut se faire de l'authentification (mais peut tout de
-m�me �tre utilis� pour �tablir des pages de test SSL, etc...)</p>
<div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">SSLVerifyClient require</pre>
</div>
diff --git a/docs/manual/mod/mod_substitute.html.fr b/docs/manual/mod/mod_substitute.html.fr
index 7381224..8b4ce04 100644
--- a/docs/manual/mod/mod_substitute.html.fr
+++ b/docs/manual/mod/mod_substitute.html.fr
@@ -156,17 +156,14 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_substitute</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>Disponible � partir de la version 2.5 du serveur HTTP
+<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>Disponible � partir de la version 2.4.17 du serveur HTTP
Apache</td></tr>
</table>
<p>Cette directive permet de d�finir si l'on applique les mod�les
<code class="directive"><a href="#substitute">Substitute</a></code> h�rit�s en premier
(valeur <code>on</code>), ou apr�s ceux du
-contexte courant (valeur <code>off</code>). Sa valeur est maintenant
-d�finie par d�faut � <code>on</code> ; il est cependant possible de
-restaurer le comportement des versions 2.4 et ant�rieures du serveur qui
-�tait �quivalent � une d�finition � <code>off</code> de cette directive.
-La valeur de la directive <code class="directive">SubstituteInheritBefore</code> est
+contexte courant (valeur <code>off</code>). La valeur de la directive
+<code class="directive">SubstituteInheritBefore</code> est
elle-m�me h�rit�e, et les contextes qui en h�ritent (ceux qui ne
d�finissent pas explicitement leur propre directive
<code class="directive">SubstituteInheritBefore</code>) appliqueront donc
diff --git a/docs/manual/mod/mod_userdir.html.tr.utf8 b/docs/manual/mod/mod_userdir.html.tr.utf8
index b6e204a..1e67ed0 100644
--- a/docs/manual/mod/mod_userdir.html.tr.utf8
+++ b/docs/manual/mod/mod_userdir.html.tr.utf8
@@ -32,7 +32,6 @@
<a href="../ko/mod/mod_userdir.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/mod/mod_userdir.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Kullanıcılara özel dizinler</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Temel</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Modül Betimleyici:</a></th><td>userdir_module</td></tr>
@@ -90,7 +89,7 @@
listede yer alan dizinlere dönüşüm uygulanır.</li>
</ul>
- <p><code>Userdir</code> yönergesinde ne <code>enabled</code> ne de
+ <p><code class="directive">Userdir</code> yönergesinde ne <code>enabled</code> ne de
<code>disabled</code> varsa, argüman bir dosya ismi kalıbı olarak ele
alınır ve kullanıcı belge kök dizininin yolunu oluşturmakta kullanılır.
<code>http://example.com/~ali/bir/iki.html</code> şöyle dönüştürülür:</p>
@@ -146,7 +145,7 @@ UserDir enabled birey1 birey2 birey3</pre>
<p>Birden fazla dizin belirtmek de mümkündür:</p>
- <pre class="prettyprint lang-config">Userdir public_html /usr/siteler http://example.com/</pre>
+ <pre class="prettyprint lang-config">Userdir "public_html" "/usr/siteler" "http://example.com/"</pre>
<p>Bu örneğe göre, <code>http://example.com/~ali/bir/iki.html</code>
@@ -163,7 +162,8 @@ UserDir enabled birey1 birey2 birey3</pre>
sonra bir yönlendirme daha bulunması daha iyi olacaktır.</p>
<p>Kullanıcı dizini dönüşümü Apache 2.1.4 sürümü ve sonrasında öntanımlı
- olarak etkin değildir. Daha önceki sürümlerde bir <code class="directive"><a href="#userdir">UserDir</a></code> yönergesinin yokluğunda
+ olarak etkin değildir. Daha önceki sürümlerde bir
+ <code class="directive">UserDir</code> yönergesinin yokluğunda
<code>UserDir public_html</code> öntanımlıydı.</p>
<div class="note"><h3>Ayrıntıların birleştirilmesi</h3>
diff --git a/docs/manual/mod/mpm_common.html.de b/docs/manual/mod/mpm_common.html.de
index 5c7d0c9..0f0bfb3 100644
--- a/docs/manual/mod/mpm_common.html.de
+++ b/docs/manual/mod/mpm_common.html.de
@@ -238,7 +238,7 @@ listeners' buckets</td></tr>
<tr><th><a href="directive-dict.html#Module">Modul:</a></th><td><code class="module"><a href="../mod/event.html">event</a></code>, <code class="module"><a href="../mod/worker.html">worker</a></code>, <code class="module"><a href="../mod/prefork.html">prefork</a></code></td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Kompatibilit�t:</a></th><td>Available in Apache HTTP Server 2.4.17, with a kernel supporting
the socket option <code>SO_REUSEPORT</code> and distributing new connections
-evenly accross listening processes' (or threads') sockets using it (eg. Linux
+evenly across listening processes' (or threads') sockets using it (eg. Linux
3.9 and later, but not the current implementations of <code>SO_REUSEPORT</code>
in *BSDs.</td></tr>
</table><p>Die Dokumentation zu dieser Direktive wurde
diff --git a/docs/manual/mod/mpm_common.html.en b/docs/manual/mod/mpm_common.html.en
index a92386d..a9ce504 100644
--- a/docs/manual/mod/mpm_common.html.en
+++ b/docs/manual/mod/mpm_common.html.en
@@ -131,7 +131,7 @@ after a crash</td></tr>
<p>There are already two modules, <code>mod_whatkilledus</code> and
<code>mod_backtrace</code> that make use of this hook. Please have a
- look at Jeff Trawick's <a href="http://people.apache.org/~trawick/exception_hook.html">EnableExceptionHook site</a> for more information about these.</p>
+ look at Jeff Trawick's <a href="https://emptyhammock.com/projects/httpd/diag/">EnableExceptionHook site</a> for more information about these.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -268,7 +268,7 @@ listeners' buckets</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/event.html">event</a></code>, <code class="module"><a href="../mod/worker.html">worker</a></code>, <code class="module"><a href="../mod/prefork.html">prefork</a></code></td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.4.17, with a kernel supporting
the socket option <code>SO_REUSEPORT</code> and distributing new connections
-evenly accross listening processes' (or threads') sockets using it (eg. Linux
+evenly across listening processes' (or threads') sockets using it (eg. Linux
3.9 and later, but not the current implementations of <code>SO_REUSEPORT</code>
in *BSDs.</td></tr>
</table>
@@ -300,6 +300,12 @@ in *BSDs.</td></tr>
for each target system, testing multiple values and observing the variations in your
key performance metrics.</p>
+ <p>This directive influences the calculation of the
+ <code class="directive"><a href="#minsparethreads">MinSpareThreads</a></code> and
+ <code class="directive"><a href="#maxsparethreads">MaxSpareThreads</a></code> lower bound values.
+ The number of children processes needs to be a multiple of the number
+ of buckets to optimally accept connections.</p>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="MaxConnectionsPerChild" id="MaxConnectionsPerChild">MaxConnectionsPerChild</a> <a name="maxconnectionsperchild" id="maxconnectionsperchild">Directive</a></h2>
@@ -398,7 +404,9 @@ simultaneously</td></tr>
<code>MaxSpareThreads 250</code>. These MPMs deal with idle threads
on a server-wide basis. If there are too many idle threads in the
server then child processes are killed until the number of idle
- threads is less than this number.</p>
+ threads is less than this number. Additional processes/threads
+ might be created if <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code>
+ is enabled.</p>
<p>For <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code> the default is
<code>MaxSpareThreads 100</code>. Since this MPM runs a
@@ -448,7 +456,9 @@ spikes</td></tr>
<code>MinSpareThreads 75</code> and deal with idle threads on a server-wide
basis. If there aren't enough idle threads in the server then child
processes are created until the number of idle threads is greater
- than <var>number</var>.</p>
+ than <var>number</var>. Additional processes/threads
+ might be created if <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code>
+ is enabled.</p>
<p><code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code> uses a default of
<code>MinSpareThreads 10</code> and, since it is a single-process
@@ -595,9 +605,12 @@ Apache HTTP Server</a></li>
Apache httpd process. For the <code class="module"><a href="../mod/worker.html">worker</a></code> and <code class="module"><a href="../mod/event.html">event
</a></code> MPMs, this directive in combination with <code class="directive"><a href="#threadlimit">ThreadLimit</a></code> sets
the maximum configured value for <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> for the lifetime of the
- Apache httpd process. Any attempts to change this directive during a
- restart will be ignored, but <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> can be modified during
- a restart.</p>
+ Apache httpd process. For the <code class="module"><a href="../mod/event.html">event</a></code> MPM, this directive
+ also defines how many old server processes may keep running and finish processing
+ open connections.
+ Any attempts to change this directive during a restart will be ignored, but
+ <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> can be modified
+ during a restart.</p>
<p>Special care must be taken when using this directive. If
<code class="directive">ServerLimit</code> is set to a value much higher
@@ -611,13 +624,18 @@ Apache HTTP Server</a></li>
Do not set the value of this directive any higher than what you
might want to set <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> to.</p>
- <p>With <code class="module"><a href="../mod/worker.html">worker</a></code> and <code class="module"><a href="../mod/event.html">event</a></code>, use this
- directive only if your <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers
+ <p>With <code class="module"><a href="../mod/worker.html">worker</a></code>, use this directive only if your
+ <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers
</a></code> and <code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code>
settings require more than 16 server processes (default). Do not set
the value of this directive any higher than the number of server
processes required by what you may want for <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers </a></code> and <code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code>.</p>
+ <p>With <code class="module"><a href="../mod/event.html">event</a></code>, increase this directive if the process
+ number defined by your <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> and <code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code> settings, plus the
+ number of gracefully shutting down processes, is more than 16 server
+ processes (default).</p>
+
<div class="note"><h3>Note</h3>
<p>There is a hard limit of <code>ServerLimit 20000</code> compiled
into the server (for the <code class="module"><a href="../mod/prefork.html">prefork</a></code> MPM 200000). This is
diff --git a/docs/manual/mod/mpm_common.html.fr b/docs/manual/mod/mpm_common.html.fr
index a567006..74e1c7f 100644
--- a/docs/manual/mod/mpm_common.html.fr
+++ b/docs/manual/mod/mpm_common.html.fr
@@ -32,6 +32,8 @@
<a href="../ja/mod/mpm_common.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../tr/mod/mpm_common.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Une s�rie de directives impl�ment�es par plusieurs
modules multi-processus (MPM)</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>MPM</td></tr></table>
@@ -146,7 +148,7 @@ gestionnaires d'exception apr
<p>Deux modules, <code>mod_whatkilledus</code> et
<code>mod_backtrace</code> utilisent ce hook. Veuillez vous
- r�f�rer � la <a href="http://people.apache.org/~trawick/exception_hook.html">page EnableExceptionHook</a> de Jeff Trawick pour plus
+ r�f�rer � la <a href="https://emptyhammock.com/projects/httpd/diag/">page EnableExceptionHook</a> de Jeff Trawick pour plus
d'informations � leur sujet.</p>
</div>
@@ -333,6 +335,11 @@ plateformes de type BSD.</td></tr>
doit �tre calcul�e pour chaque syst�me cible, en testant plusieurs valeurs
et en observant les r�sultats.</p>
+ <p>Cette directive influence le calcul des valeurs limites inf�rieures de
+ <code class="directive"><a href="#minsparethreads">MinSpareThreads</a></code> et <code class="directive"><a href="#maxsparethreads">MaxSpareThreads</a></code>. En effet, pour accepter les
+ connexions de mani�re optimale, le nombre de processus enfants doit �tre un
+ multiple du nombre de segments d'�coute.</p>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="maxconnectionsperchild" id="maxconnectionsperchild">Directive</a> <a name="MaxConnectionsPerChild" id="MaxConnectionsPerChild">MaxConnectionsPerChild</a></h2>
@@ -443,7 +450,10 @@ simultan
<code>MaxSpareThreads 250</code>. Ce MPM g�re les threads inactifs
au niveau du serveur. Si le serveur poss�de trop de threads
inactifs, des processus enfants seront arr�t�s jusqu'� ce que le
- nombre de threads inactifs repasse en dessous de cette limite.</p>
+ nombre de threads inactifs repasse en dessous de cette limite. Des
+ processus/threads suppl�mentaires sont susceptibles d'�tre cr��s si
+ <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code> est
+ activ�e.</p>
<p>Pour <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, la d�finition par d�faut est
<code>MaxSpareThreads 100</code>. Comme ce MPM n'ex�cute qu'un seul
@@ -494,7 +504,8 @@ pour pouvoir traiter les pics de requ
est surveill� au niveau du serveur. Si le serveur ne poss�de pas
assez de threads inactifs, des processus enfants sont cr��s jusqu'�
ce que le nombre de threads inactifs repasse au dessus de
- <var>nombre</var>.</p>
+ <var>nombre</var>. Des processus/threads suppl�mentaires peuvent
+ �tre cr��s si <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code> est activ�e.</p>
<p>Avec <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, la d�finition par d�faut est
<code>MinSpareThreads 10</code> et, comme ce MPM n'ex�cute qu'un
diff --git a/docs/manual/mod/mpm_common.html.ja.utf8 b/docs/manual/mod/mpm_common.html.ja.utf8
index d865efa..47072c1 100644
--- a/docs/manual/mod/mpm_common.html.ja.utf8
+++ b/docs/manual/mod/mpm_common.html.ja.utf8
@@ -257,7 +257,7 @@ listeners' buckets</td></tr>
<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td><code class="module"><a href="../mod/event.html">event</a></code>, <code class="module"><a href="../mod/worker.html">worker</a></code>, <code class="module"><a href="../mod/prefork.html">prefork</a></code></td></tr>
<tr><th><a href="directive-dict.html#Compatibility">互換性:</a></th><td>Available in Apache HTTP Server 2.4.17, with a kernel supporting
the socket option <code>SO_REUSEPORT</code> and distributing new connections
-evenly accross listening processes' (or threads') sockets using it (eg. Linux
+evenly across listening processes' (or threads') sockets using it (eg. Linux
3.9 and later, but not the current implementations of <code>SO_REUSEPORT</code>
in *BSDs.</td></tr>
</table><p>このディレクティブの解説文書は
diff --git a/docs/manual/mod/mpm_common.html.tr.utf8 b/docs/manual/mod/mpm_common.html.tr.utf8
index 3f05bc1..8c34b68 100644
--- a/docs/manual/mod/mpm_common.html.tr.utf8
+++ b/docs/manual/mod/mpm_common.html.tr.utf8
@@ -32,7 +32,6 @@
<a href="../ja/mod/mpm_common.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../tr/mod/mpm_common.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Birden fazla Çok Süreçlilik Modülü (MPM) tarafından gerçeklenmiş
yönergeler bütünü.</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>MPM</td></tr></table>
@@ -141,7 +140,7 @@
<p>Bu kancayı kullanan iki modül (<code>mod_whatkilledus</code> ve
<code>mod_backtrace</code>) zaten vardır. bunlar hakkında daha fazla bilgi
- edinmek için Jeff Trawick'in <a href="http://people.apache.org/~trawick/exception_hook.html">EnableExceptionHook site</a>sine bakabilirsiniz.</p>
+ edinmek için Jeff Trawick'in <a href="https://emptyhammock.com/projects/httpd/diag/">EnableExceptionHook site</a>sine bakabilirsiniz.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -294,6 +293,12 @@ açıklaması</a></li>
her çocuk süreç tek bir buketle çalışır (çocukların oluşturulması
sırasında buketler döner dağılımla eşleştirilir).</p>
+ <div class="note"><h3>"çevrimiçi" İşlemci çekirdek sayısının anlamı</h3>
+ <p>Linux için (ve ayrıca BSD) bir işlemci çekirdeği <a href="https://www.kernel.org/doc/Documentation/cpu- hotplug.txt">Hotplug</a> yapılandırılarak açılıp kapatıalbilir.
+ Dolayısıyla, <code class="directive">ListenCoresBucketsRatio</code> yönergesi
+ oluşturulacak buket sayısını hesaplarken bu yapılandırmayı esas alır.</p>
+ </div>
+
<p><code class="directive">ListenCoresBucketsRatio</code> yeni bağlantılar kabul
edilirken/darboğazlar oluşurken ölçeklenebilirliği arttırabilir. Çok
sayıda işlemci çekirdekli sistemlerde bu özelliğin etkinleştirilmesinin
@@ -303,7 +308,10 @@ açıklaması</a></li>
<p>Bu <var>oran</var>ın etkin olabilmesi için işlemci çekirdeği çift sayıda
olmalıdır. <var>oran</var> için önerilen değer <code>8</code> olup bu
durumda çalışma anında en azından <code>16</code> çekirdek
- kullanılabiliyor olmalıdır.</p>
+ kullanılabiliyor olmalıdır. En iyi başarımı elde etmek gereken
+ <var>oran</var> her sistem için hesaplanmalı, çok sayıda değer denenmeli
+ ve başlıca başarım ölçütlerinizin çeşitli sonuçları iyi gözlemlenmelidir.
+ </p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -402,7 +410,9 @@ açıklaması</a></li>
<code>MaxSpareThreads 250</code> öntanımlıdır. Bu MPM'ler boştaki
evreleri sunucu genelinde izler. Eğer sunucuda çok fazla boşta evre
varsa, sunucu boştaki evrelerin sayısı bu sınırın altına inene kadar
- çocuk süreçleri öldürür.</p>
+ çocuk süreçleri öldürür.
+ <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code>
+ yönergesi etkinse ek süreçler/evreler oluşabilir.</p>
<p><code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code> için <code>MaxSpareThreads 100</code>
öntanımlıdır. Bu MPM tek bir süreç olarak çalıştığından boştaki evre
@@ -452,7 +462,9 @@ açıklaması</a></li>
<code>MinSpareThreads 75</code> öntanımlıdır ve bu modül boştaki evreleri
sunucu genelinde izler. Eğer sunucuda boştaki evre sayısı yetersizse,
sunucu, boştaki evrelerin sayısı bu sınırın üstüne çıkana kadar çocuk
- süreç oluşturur.</p>
+ süreç oluşturur.
+ <code class="directive"><a href="#listencoresbucketsratio">ListenCoresBucketsRatio</a></code>
+ yönergesi etkinse ek süreçler/evreler oluşabilir.</p>
<p><code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code> için <code>MinSpareThreads 10</code>
öntanımlıdır ve tek süreç kendisi olduğundan izleme sunucu genelinde
@@ -603,7 +615,9 @@ açıklaması</a></li>
azami değeri belirler. <code class="module"><a href="../mod/worker.html">worker</a></code> ve <code class="module"><a href="../mod/event.html">event</a></code>
modülü sözkonusu
olduğunda ise, Apache httpd sürecinin ömrü boyunca <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> yönergesine
- atanabilecek azami değeri <code class="directive"><a href="#threadlimit">ThreadLimit</a></code> ile birlikte belirler. Bu yönergeyi bir yeniden
+ atanabilecek azami değeri <code class="directive"><a href="#threadlimit">ThreadLimit</a></code> ile birlikte belirler. <code class="module"><a href="../mod/event.html">event</a></code> modülü
+ için bu yönerge kaç eski sunucunun çalışmayı sürdüreceğini ve kaçının açık
+ bağlantıları işlemeyi bitireceğini belirler. Bu yönergeyi bir yeniden
başlatma sırasında değiştirirseniz bu değişiklik yok sayılır fakat
<code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code>
değişiklikleri dikkate alınır.</p>
@@ -620,15 +634,18 @@ açıklaması</a></li>
<code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> için atamak
istediğiniz değerden fazlasını atamayınız.</p>
- <p><code class="module"><a href="../mod/worker.html">worker</a></code> ve <code class="module"><a href="../mod/event.html">event</a></code> modülü söz konusu
- olduğunda bu yönergeyi
+ <p><code class="module"><a href="../mod/worker.html">worker</a></code> modülü söz konusu olduğunda bu yönergeyi
<code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> ve
<code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code> ayarları 16
sunucu sürecinden (16 öntanımlıdır) fazlasını gerektiriyorsa
ayarlayınız. Bu yönergeye <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> ve <code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code> için gerekli gördüğünüz sunucu süreci
sayısından fazlasını atamayınız.</p>
- <div class="note"><h3>Ek Bilgi</h3>
+ <p><code class="module"><a href="../mod/event.html">event</a></code> modülü söz konusu olduğunda, <code class="directive"><a href="#maxrequestworkers">MaxRequestWorkers</a></code> ve <code class="directive"><a href="#threadsperchild">ThreadsPerChild</a></code> yönergeleri ile belirlenen
+ süreç sayısına ek olarak zarifçe kapatılan süreçlerin sayısıyla arttırıp 16
+ sunucu sürecinden (16 öntanımlıdır) fazlasına ayarlayınız.</p>
+
+ <div class="note"><h3>Ek Bilgi</h3>
<p>Sunucu içinde derlenmiş olarak <code>ServerLimit 20000</code>
şeklinde bir zorlayıcı sınır vardır (<code class="module"><a href="../mod/prefork.html">prefork</a></code> için
200000’dir). Bu önlem, yazım hatalarının istenmeyen sonuçlara yol
diff --git a/docs/manual/mod/quickreference.html.de b/docs/manual/mod/quickreference.html.de
index 59b4d28..71ac6a5 100644
--- a/docs/manual/mod/quickreference.html.de
+++ b/docs/manual/mod/quickreference.html.de
@@ -477,7 +477,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
will exit.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -486,26 +488,29 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the top
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the top
of the index listing</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Aktiviert DNS-Lookups auf Client-IP-Adressen</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Aktiviert DNS-Lookups auf Client-IP-Adressen</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
user</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
@@ -803,318 +808,319 @@ a different URL</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
a different URL</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>Sekunden</var>|max [<var>Sekunden</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Begrenzt den CPU-Verbrauch von Prozessen, die von
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>Sekunden</var>|max [<var>Sekunden</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Begrenzt den CPU-Verbrauch von Prozessen, die von
Apache-Kindprozessen gestartet wurden</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>Bytes</var>|max [<var>Bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Begrenzt den Speicherverbrauch von Prozessen, die von
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>Bytes</var>|max [<var>Bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Begrenzt den Speicherverbrauch von Prozessen, die von
Apache-Kindprozessen gestartet wurden</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>Zahl</var>|max [<var>Zahl</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Begrenzt die Anzahl der Prozesse, die von Prozessen gestartet
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>Zahl</var>|max [<var>Zahl</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Begrenzt die Anzahl der Prozesse, die von Prozessen gestartet
werden k�nnen, der ihrerseits von Apache-Kinprozessen gestartet
wurden</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>Dateipfad</var></a></td><td> logs/apache_status </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Ablageort der Datei, die zur Speicherung von Daten zur
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>Dateipfad</var></a></td><td> logs/apache_status </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Ablageort der Datei, die zur Speicherung von Daten zur
Koordinierung der Kindprozesse verwendet wird</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>Methode</var> <var>CGI-Skript</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Aktiviert ein CGI-Skript f�r eine bestimmte
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>Methode</var> <var>CGI-Skript</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Aktiviert ein CGI-Skript f�r eine bestimmte
Anfragemethode.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
target as a CGI script</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
and designates the target as a CGI script</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Methode zur Ermittlung des Interpreters von
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Methode zur Ermittlung des Interpreters von
CGI-Skripten</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>Bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Gr��e des TCP-Puffers</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>E-Mail-Adresse</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">E-Mail-Adresse, die der Server in Fehlermeldungen einf�gt,
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>Bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Gr��e des TCP-Puffers</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>E-Mail-Adresse</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">E-Mail-Adresse, die der Server in Fehlermeldungen einf�gt,
welche an den Client gesendet werden</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>Hostname</var> [<var>Hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternativer Name f�r einen Host, der verwendet wird, wenn
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>Hostname</var> [<var>Hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternativer Name f�r einen Host, der verwendet wird, wenn
Anfragen einem namensbasierten virtuellen Host zugeordnet werden</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Obergrenze f�r die konfigurierbare Anzahl von
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Obergrenze f�r die konfigurierbare Anzahl von
Prozessen</td></tr>
-<tr><td><a href="core.html#servername">ServerName
-<var>voll-qualifizierter-Domainname</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Rechnername und Port, die der Server dazu verwendet, sich
+<tr class="odd"><td><a href="core.html#servername">ServerName
+<var>voll-qualifizierter-Domainname</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Rechnername und Port, die der Server dazu verwendet, sich
selbst zu identifizieren</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-Pfad</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Veralteter URL-Pfad f�r einen namensbasierten
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-Pfad</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Veralteter URL-Pfad f�r einen namensbasierten
virtuellen Host, auf den von einem inkompatiblen Browser zugegriffen
wird</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>Verzeichnis</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Basisverzeichnis der Serverinstallation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Konfiguriert die Fu�zeile von servergenerierten
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>Verzeichnis</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Basisverzeichnis der Serverinstallation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Konfiguriert die Fu�zeile von servergenerierten
Dokumenten</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Konfiguriert den HTTP-Response-Header
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Konfiguriert den HTTP-Response-Header
<code>Server</code></td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
without respect to case</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>Handlername</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Erzwingt die Verarbeitung aller passenden Dateien durch
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>Handlername</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Erzwingt die Verarbeitung aller passenden Dateien durch
einen Handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>Filter</var>[;<var>Filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Bestimmt die Filter, die Client-Anfragen und POST-Eingaben
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>Filter</var>[;<var>Filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Bestimmt die Filter, die Client-Anfragen und POST-Eingaben
verarbeiten</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>Filter</var>[;<var>Filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Bestimmt die Filter, die Antworten des Servers verarbeiten</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>Filter</var>[;<var>Filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Bestimmt die Filter, die Antworten des Servers verarbeiten</td></tr>
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Anzahl der Kindprozesse des Servers, die beim Start erstellt
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Anzahl der Kindprozesse des Servers, die beim Start erstellt
werden</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Anzahl der Threads, die beim Start erstellt werden</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Bestimmt die Obergrenze der konfigurierbaren Anzahl von Threads
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Anzahl der Threads, die beim Start erstellt werden</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Bestimmt die Obergrenze der konfigurierbaren Anzahl von Threads
pro Kindprozess</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Anzahl der Threads, die mit jedem Kindprozess gestartet
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>Anzahl</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Anzahl der Threads, die mit jedem Kindprozess gestartet
werden</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Die Gr��e des Stacks in Bytes, der von Threads
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Die Gr��e des Stacks in Bytes, der von Threads
verwendet wird, die Client-Verbindungen bearbeiten.</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>Sekunden</var></a></td><td> 60 </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Zeitspanne, die der Server auf verschiedene Ereignisse wartet,
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>Sekunden</var></a></td><td> 60 </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Zeitspanne, die der Server auf verschiedene Ereignisse wartet,
bevor er die Anfrage abbricht</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legt das Verhalten von <code>TRACE</code>-Anfragen fest</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify location of a log file</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes variables from the environment</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Bestimmt, wie der Server seinen eigenen Namen und Port
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Legt das Verhalten von <code>TRACE</code>-Anfragen fest</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify location of a log file</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes variables from the environment</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Bestimmt, wie der Server seinen eigenen Namen und Port
ermittelt</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Bestimmt, wie der Server seinen eigenen Namen und Port
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Bestimmt, wie der Server seinen eigenen Namen und Port
ermittelt</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>Adresse</var>[:<var>Port</var>] [<var>Adresse</var>[:<var>Port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Enth�lt Direktiven, die nur auf bestimmte Hostnamen oder
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enth�lt Direktiven, die nur auf bestimmte Hostnamen oder
IP-Adressen angewendet werden</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>Verf�gbare Sprachen: </span><a href="../de/mod/quickreference.html" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en
index 3ada935..3d4829b 100644
--- a/docs/manual/mod/quickreference.html.en
+++ b/docs/manual/mod/quickreference.html.en
@@ -472,7 +472,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
will exit.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -481,26 +483,29 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the top
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the top
of the index listing</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
user</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
@@ -795,311 +800,312 @@ a different URL</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
a different URL</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the CPU consumption of processes launched
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the CPU consumption of processes launched
by Apache httpd children</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the memory consumption of processes launched
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the memory consumption of processes launched
by Apache httpd children</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of processes that can be launched by
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of processes that can be launched by
processes launched by Apache httpd children</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Location of the file used to store coordination data for
the child processes</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Activates a CGI script for a particular request
method.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
target as a CGI script</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
and designates the target as a CGI script</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Technique for locating the interpreter for CGI
scripts</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP buffer size</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Email address that the server includes in error
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP buffer size</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Email address that the server includes in error
messages sent to the client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternate names for a host used when matching requests
to name-virtual hosts</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Hostname and port that the server uses to identify
itself</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server installation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server installation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
header</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
without respect to case</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be processed by a
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be processed by a
handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process client requests and POST
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process client requests and POST
input</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process responses from the
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process responses from the
server</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created on startup</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created on startup</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
per child process</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
client connections</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for
certain events before failing a request</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify location of a log file</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes variables from the environment</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify location of a log file</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes variables from the environment</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only to a specific
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only to a specific
hostname or IP address</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.es b/docs/manual/mod/quickreference.html.es
index f4434cb..4182170 100644
--- a/docs/manual/mod/quickreference.html.es
+++ b/docs/manual/mod/quickreference.html.es
@@ -34,10 +34,6 @@
<a href="../tr/mod/quickreference.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a> |
<a href="../zh-cn/mod/quickreference.html" hreflang="zh-cn" rel="alternate" title="Simplified Chinese"> zh-cn </a></p>
</div>
-<div class="outofdate">Esta traducci�n podr�a estar
- obsoleta. Consulte la versi�n en ingl�s de la
- documentaci�n para comprobar si se han producido cambios
- recientemente.</div>
<p>La Gu�a R�pida de Referencia de Directivas muestra el uso, las
opciones por defecto, el estado y el contexto de cada directiva de
@@ -48,7 +44,7 @@
<p>La primera columna muestra el nombre y el uso de la directiva.
La segunda columna muestra el valor por defecto de la directiva,
si existe ese valor por defecto. Si el valor por defecto es
- demasiado largo para mostrarlo, el primer caracter va seguido de
+ demasiado largo para mostrarlo, el primer car�cter va seguido de
un signo "+".</p>
<p>La tercera y la cuarta columna listan los contextos en los que
@@ -479,7 +475,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
will exit.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -488,26 +486,29 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the top
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the top
of the index listing</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
user</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
@@ -802,312 +803,313 @@ a different URL</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
a different URL</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the CPU consumption of processes launched
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the CPU consumption of processes launched
by Apache httpd children</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the memory consumption of processes launched
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the memory consumption of processes launched
by Apache httpd children</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of processes that can be launched by
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of processes that can be launched by
processes launched by Apache httpd children</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Location of the file used to store coordination data for
the child processes</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Activates a CGI script for a particular request
method.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
target as a CGI script</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
and designates the target as a CGI script</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Technique for locating the interpreter for CGI
scripts</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP buffer size</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Email address that the server includes in error
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP buffer size</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Email address that the server includes in error
messages sent to the client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternate names for a host used when matching requests
to name-virtual hosts</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Hostname and port that the server uses to identify
itself</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server installation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server installation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
header</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
without respect to case</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be processed by a
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be processed by a
handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process client requests and POST
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process client requests and POST
input</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process responses from the
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process responses from the
server</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created on startup</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created on startup</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
per child process</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
client connections</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for
certain events before failing a request</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the behaviour on <code>TRACE</code> requests</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify location of a log file</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes variables from the environment</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determines the behaviour on <code>TRACE</code> requests</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify location of a log file</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes variables from the environment</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only to a specific
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only to a specific
hostname or IP address</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>Idiomas disponibles: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.fr b/docs/manual/mod/quickreference.html.fr
index fd5f574..e4dd114 100644
--- a/docs/manual/mod/quickreference.html.fr
+++ b/docs/manual/mod/quickreference.html.fr
@@ -491,7 +491,7 @@ compression</td></tr>
d'environnement</var>
[<var>h�te</var>|env=[!]<var>variable d'environnement</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit quels h�tes ne sont pas autoris�s � acc�der au
serveur</td></tr>
-<tr><td><a href="core.html#directory"><Directory "<var>chemin r�pertoire</var>">
+<tr><td><a href="core.html#directory"><Directory <var>chemin r�pertoire</var>>
... </Directory></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Regroupe un ensemble de directives qui ne s'appliquent
qu'au r�pertoire concern� du syst�me de fichiers, � ses
sous-r�pertoires, et � leur contenu.</td></tr>
@@ -554,7 +554,7 @@ requ
aucun fichier</td></tr>
<tr class="odd"><td><a href="core.html#fileetag">FileETag <var>composant</var> ...</a></td><td> MTime Size </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Caract�ristiques de fichier utilis�es lors de la g�n�ration
de l'en-t�te de r�ponse HTTP ETag pour les fichiers statiques</td></tr>
-<tr><td><a href="core.html#files"><Files "<var>nom fichier</var>"> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contient des directives qui s'appliquent aux fichiers
+<tr><td><a href="core.html#files"><Files <var>nom fichier</var>> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contient des directives qui s'appliquent aux fichiers
pr�cis�s</td></tr>
<tr class="odd"><td><a href="core.html#filesmatch"><FilesMatch <var>expression rationnelle</var>> ...
</FilesMatch></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contient des directives qui s'appliquent � des fichiers
@@ -582,7 +582,9 @@ gmon.out.</td></tr>
s'arr�ter dans le cas d'un arr�t "en douceur"</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>groupe unix</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Groupe sous lequel le serveur va traiter les
requ�tes</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -591,30 +593,33 @@ requ
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>en-t�te</var> [[expr=]<var>valeur</var>
[<var>remplacement</var>]
[early|env=[!]<var>variable</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure les en-t�tes d'une r�ponse HTTP</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>nom fichier</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Nom du fichier qui sera ins�r� au d�but de la page
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure les en-t�tes d'une r�ponse HTTP</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>nom fichier</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Nom du fichier qui sera ins�r� au d�but de la page
contenant l'index</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Adresse multicast � laquelle envoyer les requ�tes
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Adresse multicast � laquelle envoyer les requ�tes
heartbeat</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Adresse multicast d'�coute des requ�tes entrantes heartbeat</td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>nombre-de-serveurs</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Sp�cifie le nombre maximal de serveurs qui pourront envoyer
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Adresse multicast d'�coute des requ�tes entrantes heartbeat</td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>nombre-de-serveurs</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sp�cifie le nombre maximal de serveurs qui pourront envoyer
des requ�tes heartbeat � ce serveur.</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>chemin fichier</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Chemin vers le stockage des donn�es heartbeat</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>chemin-fichier</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Indique le chemin permettant de lire les donn�es
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>chemin fichier</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Chemin vers le stockage des donn�es heartbeat</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>chemin-fichier</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Indique le chemin permettant de lire les donn�es
heartbeat</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Active la recherche DNS sur les adresses IP des
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Active la recherche DNS sur les adresses IP des
clients</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Active la journalisation de l'identit� RFC 1413 de
l'utilisateur distant</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>secondes</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine le d�lai d'attente pour les requ�tes
@@ -752,7 +757,7 @@ sp
biblioth�que sp�cifi�, et ajout de ce dernier � la liste des modules
actifs</td></tr>
<tr class="odd"><td><a href="core.html#location"><Location
- "<var>chemin URL</var>|<var>URL</var>"> ... </Location></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">N'applique les directives contenues qu'aux URLs
+ <var>chemin URL</var>|<var>URL</var>> ... </Location></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">N'applique les directives contenues qu'aux URLs
sp�cifi�es</td></tr>
<tr><td><a href="core.html#locationmatch"><LocationMatch
<var>regex</var>> ... </LocationMatch></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">N'applique les directives contenues qu'aux URLs
@@ -985,7 +990,7 @@ pleinement qualifi
<tr class="odd"><td><a href="mod_autoindex.html#readmename" id="R" name="R">ReadmeName <var>nom-fichier</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Nom du fichier dont le contenu sera ins�r� � la fin de
l'index</td></tr>
<tr><td><a href="mpm_common.html#receivebuffersize">ReceiveBufferSize <var>octets</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Taille du tampon TCP en entr�e</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#redirect">Redirect [<var>�tat</var>] [<var>chemin URL</var>]
+<tr class="odd"><td><a href="mod_alias.html#redirect">Redirect [<var>�tat</var>] [<var>URL-path</var>]
<var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Envoie une redirection externe demandant au client
d'effectuer une autre requ�te avec une URL diff�rente</td></tr>
<tr><td><a href="mod_alias.html#redirectmatch">RedirectMatch [<var>�tat</var>] <var>regex</var>
@@ -999,398 +1004,399 @@ diff
client d'effectuer une nouvelle requ�te avec une URL
diff�rente</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>en-t�te-entr�e</var> <var>[en-t�te-sortie]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">R�fl�chit un en-t�te d'entr�e dans les en-t�tes de sortie</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>en-t�te</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit le champ d'en-t�te qui contiendra les adresses IP
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>en-t�te</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit le champ d'en-t�te qui contiendra les adresses IP
du client</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy
-<var>ip-mandataire</var>|<var>ip-mandataire/sous-r�seau</var>|<var>nom-h�te</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy
+<var>ip-mandataire</var>|<var>ip-mandataire/sous-r�seau</var>|<var>nom-h�te</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
confiance pour pr�senter la valeur RemoteIPHeader</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>nom-fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>nom-fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
confiance pour pr�senter la valeur RemoteIPHeader</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>Nom_en-t�te</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�clare le champ d'en-t�te qui contiendra toutes les
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>Nom_en-t�te</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�clare le champ d'en-t�te qui contiendra toutes les
adresses IP interm�diaires</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy
-<var>ip-mandataire</var>|<var>ip-mandataire/sous-r�seau</var>|<var>nom-h�te</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�clare les adresses IP clientes de l'intranet dignes de
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy
+<var>ip-mandataire</var>|<var>ip-mandataire/sous-r�seau</var>|<var>nom-h�te</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�clare les adresses IP clientes de l'intranet dignes de
confiance pour pr�senter la valeur RemoteIPHeader</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>nom-fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>nom-fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">D�clare les adresses IP intranet clients comme dignes de
confiance pour pr�senter la valeur RemoteIPHeader</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de jeu de caract�res pour un
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de jeu de caract�res pour un
ensemble d'extensions de noms de fichiers</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de codage de contenu pour un
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de codage de contenu pour un
ensemble d'extensions de noms de fichiers</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de gestionnaire � un ensemble
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de gestionnaire � un ensemble
d'extensions de noms de fichiers</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de filtre en entr�e � un
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de filtre en entr�e � un
ensemble d'extensions de noms de fichiers</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de langue � un ensemble
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de langue � un ensemble
d'extensions de noms de fichiers</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de filtre en sortie � un
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de filtre en sortie � un
ensemble d'extensions de noms de fichiers</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime toute association de type de contenu � un ensemble
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime toute association de type de contenu � un ensemble
d'extensions de noms de fichiers</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>en-t�te</var> [[expr=]<var>valeur</var>
[<var>remplacement</var>]
[early|env=[!]<var>variable</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure les en-t�tes d'une requ�te HTTP</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure les en-t�tes d'une requ�te HTTP</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>d�lai</var>[-<var>d�lai-maxi</var>][,MinRate=<var>taux-mini</var>]
[body=<var>d�lai</var>[-<var>d�lai-maxi</var>][,MinRate=<var>taux-mini</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit des d�lais maximums pour la r�ception des en-t�tes
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des d�lais maximums pour la r�ception des en-t�tes
et corps des requ�tes en provenance du client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>nom-entit�</var> [<var>nom-entit�</var>]
-...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">V�rifie si un utilisateur authentifi� a une
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>nom-entit�</var> [<var>nom-entit�</var>]
+...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">V�rifie si un utilisateur authentifi� a une
autorisation d'acc�s accord�e par un fournisseur
d'autorisation.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Regroupe plusieurs directives d'autorisation dont aucune ne
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Regroupe plusieurs directives d'autorisation dont aucune ne
doit �chouer et dont au moins une doit retourner un r�sultat positif
pour que la directive globale retourne elle-m�me un r�sultat
positif.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Regroupe des directives d'autorisation dont au moins une
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Regroupe des directives d'autorisation dont au moins une
doit retourner un r�sultat positif pour que la directive globale
retourne elle-m�me un r�sultat positif.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Regroupe des directives d'autorisation dont aucune ne doit
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Regroupe des directives d'autorisation dont aucune ne doit
retourner un r�sultat positif pour que la directive globale n'�choue
pas.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>chemin_URL</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit l'URL de base pour les r��critures au niveau
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>chemin_URL</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit l'URL de base pour les r��critures au niveau
r�pertoire</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>cha�ne_de_test</em> <em>expression_de_comparaison</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit une condition qui devra �tre satisfaite pour que
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>cha�ne_de_test</em> <em>expression_de_comparaison</em> [<em>drapeaux</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit une condition qui devra �tre satisfaite pour que
la r��criture soit effectu�e
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active ou d�sactive l'ex�cution du
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Active ou d�sactive l'ex�cution du
moteur de r��criture</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit une fonction de mise en correspondance pour la
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit une fonction de mise en correspondance pour la
recherche de mots-cl�s</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure certaines options sp�ciales
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure certaines options sp�ciales
pour le moteur de r��criture</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Mod�le</em> <em>Substitution</em> [<em>drapeaux</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit les r�gles pour le moteur de r��criture</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>secondes</var>|max [<var>secondes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limite le temps CPU allou� aux processus initi�s par les
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Mod�le</em> <em>Substitution</em> [<em>drapeaux</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les r�gles pour le moteur de r��criture</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>secondes</var>|max [<var>secondes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limite le temps CPU allou� aux processus initi�s par les
processus enfants d'Apache httpd</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>octets</var>|max [<var>octets</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limite la m�moire allou�e aux processus initi�s par les
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>octets</var>|max [<var>octets</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limite la m�moire allou�e aux processus initi�s par les
processus enfants d'Apache httpd</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>nombre</var>|max [<var>nombre</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limite le nombre de processus qui peuvent �tre initi�s par
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>nombre</var>|max [<var>nombre</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limite le nombre de processus qui peuvent �tre initi�s par
les processus initi�s par les processus enfants d'Apache httpd</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction entre le contr�le d'acc�s en fonction de l'h�te
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction entre le contr�le d'acc�s en fonction de l'h�te
et l'authentification utilisateur</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>chemin fichier</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Chemin du fichier o� sont stock�es les donn�es concernant
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>chemin fichier</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Chemin du fichier o� sont stock�es les donn�es concernant
la coordination des processus enfants</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>m�thode</var> <var>script cgi</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Active un script CGI dans le cas d'une m�thode de requ�te
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>m�thode</var> <var>script cgi</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Active un script CGI dans le cas d'une m�thode de requ�te
particuli�re.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>chemin URL</var>]
-<var>chemin fichier</var>|<var>chemin r�pertoire</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Fait correspondre une URL � une zone du syst�me de fichiers
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>chemin URL</var>]
+<var>chemin fichier</var>|<var>chemin r�pertoire</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Fait correspondre une URL � une zone du syst�me de fichiers
et d�signe la cible comme script CGI</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>chemin fichier</var>|<var>chemin r�pertoire</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Fait correspondre une URL � une zone du syst�me de fichiers
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>chemin fichier</var>|<var>chemin r�pertoire</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Fait correspondre une URL � une zone du syst�me de fichiers
en faisant appel aux expressions rationnelles et en d�signant la cible
comme un script CGI</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Permet de localiser l'interpr�teur des scripts
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Permet de localiser l'interpr�teur des scripts
CGI</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>chemin fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Chemin du fichier journal des erreurs du script
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>chemin fichier</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Chemin du fichier journal des erreurs du script
CGI</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>octets</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Taille maximale des requ�tes PUT ou POST qui seront
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>octets</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Taille maximale des requ�tes PUT ou POST qui seront
enregistr�es dans le journal du script</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>octets</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Taille maximale du fichier journal des scripts
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>octets</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Taille maximale du fichier journal des scripts
CGI</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>chemin fichier</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Le pr�fixe du nom de fichier du socket � utiliser pour
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>chemin fichier</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Le pr�fixe du nom de fichier du socket � utiliser pour
communiquer avec le d�mon CGI</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>adresse-IP</var>:]<var>num-port</var>
-<var>nom-certificat</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Active le chiffrement SSL pour le port
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>adresse-IP</var>:]<var>num-port</var>
+<var>nom-certificat</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Active le chiffrement SSL pour le port
sp�cifi�</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine si mod_status affiche les 63 premiers caract�res
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">D�termine si mod_status affiche les 63 premiers caract�res
d'une requ�te ou les 63 derniers, en supposant que la requ�te
elle-m�me poss�de plus de 63 caract�res.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>octets</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Taille du tampon TCP en sortie</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>adresse �lectronique</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">L'adresse �lectronique que le serveur inclut dans les
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>octets</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Taille du tampon TCP en sortie</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>adresse �lectronique</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">L'adresse �lectronique que le serveur inclut dans les
messages d'erreur envoy�s au client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>nom serveur</var> [<var>nom serveur</var>]
-...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Autres noms d'un serveur utilisables pour atteindre des
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>nom serveur</var> [<var>nom serveur</var>]
+...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Autres noms d'un serveur utilisables pour atteindre des
serveurs virtuels � base de nom</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Limite sup�rieure de la d�finition du nombre de
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Limite sup�rieure de la d�finition du nombre de
processus</td></tr>
-<tr><td><a href="core.html#servername">ServerName
-[<var>protocole</var>://]<var>nom-de-domaine</var>|<var>adresse-ip</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Nom d'h�te et port que le serveur utilise pour
+<tr class="odd"><td><a href="core.html#servername">ServerName
+[<var>protocole</var>://]<var>nom-de-domaine</var>|<var>adresse-ip</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Nom d'h�te et port que le serveur utilise pour
s'authentifier lui-m�me</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>chemin d'URL</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Nom de chemin d'URL h�rit� pour un serveur virtuel � base
+<tr><td><a href="core.html#serverpath">ServerPath <var>chemin d'URL</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Nom de chemin d'URL h�rit� pour un serveur virtuel � base
de nom acc�d� par un navigateur incompatible</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>chemin de r�pertoire</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Racine du r�pertoire d'installation du
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>chemin de r�pertoire</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Racine du r�pertoire d'installation du
serveur</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit un pied de page pour les documents g�n�r�s par le
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">D�finit un pied de page pour les documents g�n�r�s par le
serveur</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configure l'en-t�te <code>Server</code> de la r�ponse
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configure l'en-t�te <code>Server</code> de la r�ponse
HTTP</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Ouvre une session pour le contexte courant</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Nom et attributs du cookie RFC2109 dans lequel la session
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Ouvre une session pour le contexte courant</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nom et attributs du cookie RFC2109 dans lequel la session
est stock�e</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nom et attributs pour le cookie RFC2965 dans lequel est
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Nom et attributs pour le cookie RFC2965 dans lequel est
stock�e la session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�termine si les cookies de session doivent �tre supprim�s
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine si les cookies de session doivent �tre supprim�s
des en-t�tes HTTP entrants</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>algorithme</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">L'algorithme � utiliser pour le chiffrement de la session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>nom</var> <var>[param[=valeur]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Le pilote de chiffrement � utiliser pour chiffrer les
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>algorithme</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">L'algorithme � utiliser pour le chiffrement de la session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>nom</var> <var>[param[=valeur]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Le pilote de chiffrement � utiliser pour chiffrer les
sessions</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">La cl� utilis�e pour chiffrer la session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>nom-fichier</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">Le fichier contenant les cl�s utilis�es pour chiffrer la
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">La cl� utilis�e pour chiffrer la session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>nom-fichier</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Le fichier contenant les cl�s utilis�es pour chiffrer la
session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nom et attributs du cookie RFC2109 qui contient
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Nom et attributs du cookie RFC2109 qui contient
l'identifiant de session</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Nom et attributs du cookie RFC2965 qui contient
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>nom</var> <var>attributs</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nom et attributs du cookie RFC2965 qui contient
l'identifiant de session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine si les cookies de session doivent �tre supprim�s
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�termine si les cookies de session doivent �tre supprim�s
des en-t�tes HTTP entrants</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>�tiquette</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">La requ�te SQL � utiliser pour supprimer des sessions de la
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>�tiquette</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">La requ�te SQL � utiliser pour supprimer des sessions de la
base de donn�es</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>�tiquette</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">La requ�te SQL � utiliser pour ins�rer des sessions dans la
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>�tiquette</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">La requ�te SQL � utiliser pour ins�rer des sessions dans la
base de donn�es</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Active une session propre � un utilisateur</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>�tiquette</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">La requ�te SQL � utiliser pour s�lectionner des sessions
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active une session propre � un utilisateur</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>�tiquette</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">La requ�te SQL � utiliser pour s�lectionner des sessions
dans la base de donn�es</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>�tiquette</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">La requ�te SQL � utiliser pour mettre � jour des sessions
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>�tiquette</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">La requ�te SQL � utiliser pour mettre � jour des sessions
pr�existantes dans la base de donn�es</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit si le contenu de la session doit �tre enregistr�
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit si le contenu de la session doit �tre enregistr�
dans la variable d'environnement <var>HTTP_SESSION</var></td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>chemin</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit les pr�fixes d'URLs pour lesquels une session sera
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>chemin</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les pr�fixes d'URLs pour lesquels une session sera
ignor�e</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>en-t�te</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Importation des mises � jour de session depuis l'en-t�te de
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>en-t�te</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Importation des mises � jour de session depuis l'en-t�te de
r�ponse HTTP sp�cifi�</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>chemin</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit les pr�fixes d'URL pour lesquels une session est
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>chemin</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les pr�fixes d'URL pour lesquels une session est
valide</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>dur�e de vie maximale</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit une dur�e de vie maximale pour la session en
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>dur�e de vie maximale</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit une dur�e de vie maximale pour la session en
secondes</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>var-env</var> [<var>valeur</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit des variables d'environnement</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribut
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>var-env</var> [<var>valeur</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des variables d'environnement</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribut
regex [!]env-variable</em>[=<em>valeur</em>]
- [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des variables d'environnement en fonction des
+ [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit des variables d'environnement en fonction des
attributs de la requ�te</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
[!]env-variable</em>[=<em>valeur</em>]
- [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit des variables d'environnement en fonction d'une expression ap_expr</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribut regex
+ [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des variables d'environnement en fonction d'une expression ap_expr</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribut regex
[!]env-variable</em>[=<em>valeur</em>]
- [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des variables d'environnement en fonction des
+ [[!]<em>env-variable</em>[=<em>valeur</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit des variables d'environnement en fonction des
attributs de la requ�te sans tenir compte de la casse</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Force le traitement des fichiers sp�cifi�s par un
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Force le traitement des fichiers sp�cifi�s par un
gestionnaire particulier</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filtre</var>[;<var>filtre</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les filtres par lesquels vont passer les requ�tes
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filtre</var>[;<var>filtre</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">D�finit les filtres par lesquels vont passer les requ�tes
client et les donn�es POST</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filtre</var>[;<var>filtre</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">D�finit les filtres par lesquels vont passer les r�ponses
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filtre</var>[;<var>filtre</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les filtres par lesquels vont passer les r�ponses
du serveur</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Cha�ne qui termine l'�l�ment include</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Message d'erreur affich� lorsqu'une erreur SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Cha�ne qui termine l'�l�ment include</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Message d'erreur affich� lorsqu'une erreur SSI
survient</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit si des en-t�tes ETags sont g�n�r�s par le serveur.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit si des en-t�tes <code>Last-Modified</code> sont
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit si des en-t�tes ETags sont g�n�r�s par le serveur.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit si des en-t�tes <code>Last-Modified</code> sont
g�n�r�s par le serveur.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Active le mode de compatibilit� pour les expressions
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Active le mode de compatibilit� pour les expressions
conditionnelles.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Cha�ne qui marque le d�but d'un �l�ment
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Cha�ne qui marque le d�but d'un �l�ment
include</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>cha�ne de formatage</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration du format d'affichage des dates</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>cha�ne</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Cha�ne � afficher lorsqu'on tente d'extraire le contenu
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>cha�ne de formatage</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configuration du format d'affichage des dates</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>cha�ne</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Cha�ne � afficher lorsqu'on tente d'extraire le contenu
d'une variable non d�finie</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant une concat�nation des certificats de CA
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant une concat�nation des certificats de CA
cod�s en PEM pour l'authentification des clients</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire des certificats de CA cod�s en PEM pour
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire des certificats de CA cod�s en PEM pour
l'authentification des clients</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la concat�nation des certificats de CA
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la concat�nation des certificats de CA
cod�s en PEM pour la d�finition de noms de CA acceptables</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire contenant des fichiers de certificats de CA
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire contenant des fichiers de certificats de CA
cod�s en PEM pour la d�finition de noms de CA acceptables</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active la v�rification des r�vocations bas�e sur les CRL</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la concat�nation des CRLs des CA cod�s en
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active la v�rification des r�vocations bas�e sur les CRL</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la concat�nation des CRLs des CA cod�s en
PEM pour l'authentification des clients</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire des CRLs de CA cod�s en PEM pour
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire des CRLs de CA cod�s en PEM pour
l'authentification des clients</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant les certificats de CA du serveur cod�s en
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant les certificats de CA du serveur cod�s en
PEM</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier de donn�es contenant le certificat X.509 du serveur cod� en
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier de donn�es contenant le certificat X.509 du serveur cod� en
PEM</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la cl� priv�e du serveur cod�e en
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la cl� priv�e du serveur cod�e en
PEM</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>algorithmes</em></a></td><td> DEFAULT (d�pend de +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Algorithmes de chiffrement disponibles pour la n�gociation
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>algorithmes</em></a></td><td> DEFAULT (d�pend de +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Algorithmes de chiffrement disponibles pour la n�gociation
au cours de l'initialisation de la connexion SSL</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Permet d'activer la compression au niveau SSL</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>moteur</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active l'utilisation d'un acc�l�rateur mat�riel de
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Permet d'activer la compression au niveau SSL</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>moteur</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Active l'utilisation d'un acc�l�rateur mat�riel de
chiffrement</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Interrupteur marche/arr�t du moteur SSL</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Coimmutateur du mode SSL FIPS</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option permettant de classer les algorithmes de chiffrement
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interrupteur marche/arr�t du moteur SSL</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Coimmutateur du mode SSL FIPS</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option permettant de classer les algorithmes de chiffrement
du serveur par ordre de pr�f�rence</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option permettant d'activer le support de la ren�gociation
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option permettant d'activer le support de la ren�gociation
non s�curis�e</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit l'URI du r�pondeur par d�faut pour la validation
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit l'URI du r�pondeur par d�faut pour la validation
OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active la validation OCSP de la cha�ne de certificats du
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active la validation OCSP de la cha�ne de certificats du
client</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force l'utilisation de l'URI du r�pondeur par d�faut pour
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force l'utilisation de l'URI du r�pondeur par d�faut pour
la validation OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Adresse de mandataire � utiliser pour les requ�tes OCSP</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>secondes</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�lai d'attente pour les requ�tes OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>secondes</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Age maximum autoris� pour les r�ponses OCSP</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�rive temporelle maximale autoris�e pour la validation des
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Adresse de mandataire � utiliser pour les requ�tes OCSP</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>secondes</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�lai d'attente pour les requ�tes OCSP</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>secondes</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Age maximum autoris� pour les r�ponses OCSP</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�rive temporelle maximale autoris�e pour la validation des
r�ponses OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>commande</em> <em>valeur</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration des param�tres d'OpenSSL via son API <em>SSL_CONF</em></td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure diff�rentes options d'ex�cution du moteur SSL</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">M�thode utilis�e pour entrer le mot de passe pour les cl�s
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>commande</em> <em>valeur</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration des param�tres d'OpenSSL via son API <em>SSL_CONF</em></td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure diff�rentes options d'ex�cution du moteur SSL</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">M�thode utilis�e pour entrer le mot de passe pour les cl�s
priv�es chiffr�es</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocole</em> ...</a></td><td> all -SSLv3 (jusqu'� +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Indique les versions du protocole SSL/TLS
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocole</em> ...</a></td><td> all -SSLv3 (jusqu'� +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Indique les versions du protocole SSL/TLS
disponibles</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la concat�nation des certificats de CA
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la concat�nation des certificats de CA
cod�s en PEM pour l'authentification des serveurs distants</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire des certificats de CA cod�s en PEM pour
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire des certificats de CA cod�s en PEM pour
l'authentification des serveurs distants</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active la v�rification des r�vocations bas�e sur les CRLs
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active la v�rification des r�vocations bas�e sur les CRLs
pour l'authentification du serveur distant</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la concat�nation des CRLs de CA cod�s en
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la concat�nation des CRLs de CA cod�s en
PEM pour l'authentification des serveurs distants</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire des CRLs de CA cod�s en PEM pour
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>chemin-r�pertoire</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire des CRLs de CA cod�s en PEM pour
l'authentification des serveurs distants</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration de la v�rification du champ CN du certificat
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration de la v�rification du champ CN du certificat
du serveur distant
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration de la v�rification de l'expiration du
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration de la v�rification de l'expiration du
certificat du serveur distant
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure la v�rification du nom d'h�te dans les
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure la v�rification du nom d'h�te dans les
certificats serveur distants
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>algorithmes</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Algorithmes de chiffrement disponibles pour la n�gociation
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>algorithmes</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Algorithmes de chiffrement disponibles pour la n�gociation
lors de l'initialisation d'une connexion SSL de mandataire</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interrupteur marche/arr�t du moteur de mandataire
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Interrupteur marche/arr�t du moteur de mandataire
SSL</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>nom-fichier</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier de certificats de CA encod�s PEM concat�n�s permettant au
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>nom-fichier</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier de certificats de CA encod�s PEM concat�n�s permettant au
mandataire de choisir un certificat</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>chemin-fichier</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fichier contenant la concat�nation des cl�s et certificats
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>chemin-fichier</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Fichier contenant la concat�nation des cl�s et certificats
clients cod�s en PEM que le mandataire doit utiliser</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">R�pertoire des cl�s et certificats clients cod�s en PEM que
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>chemin-r�pertoire</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">R�pertoire des cl�s et certificats clients cod�s en PEM que
le mandataire doit utiliser</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocole</em> ...</a></td><td> all -SSLv3 (jusqu'� +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit les protocoles SSL disponibles pour la fonction de
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocole</em> ...</a></td><td> all -SSLv3 (jusqu'� +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit les protocoles SSL disponibles pour la fonction de
mandataire</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>niveau</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Niveau de v�rification du certificat du serveur
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>niveau</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Niveau de v�rification du certificat du serveur
distant</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>niveau</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Niveau de profondeur maximum dans les certificats de CA
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>niveau</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Niveau de profondeur maximum dans les certificats de CA
lors de la v�rification du certificat du serveur distant</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>contexte</em> <em>source</em>
-[<em>nombre</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Source de d�clenchement du G�n�rateur de Nombres
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>contexte</em> <em>source</em>
+[<em>nombre</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Source de d�clenchement du G�n�rateur de Nombres
Pseudo-Al�atoires (PRNG)</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>taille</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit la taille du tampon de ren�gociation
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>taille</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit la taille du tampon de ren�gociation
SSL</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">N'autorise l'acc�s que lorsqu'une expression bool�enne
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">N'autorise l'acc�s que lorsqu'une expression bool�enne
complexe et arbitraire est vraie</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interdit l'acc�s lorsque la requ�te HTTP n'utilise pas
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interdit l'acc�s lorsque la requ�te HTTP n'utilise pas
SSL</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type du cache de session SSL global et
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type du cache de session SSL global et
inter-processus</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nombre de secondes avant l'expiration d'une session SSL
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Nombre de secondes avant l'expiration d'une session SSL
dans le cache de sessions</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Cl� de chiffrement/d�chiffrement permanente pour les
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cl� de chiffrement/d�chiffrement permanente pour les
tickets de session TLS</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active ou d�sactive les tickets de session TLS</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Source d'al�a pour utilisateur SRP inconnu</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Chemin du fichier de v�rification SRP</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration du cache pour l'agrafage OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>secondes</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dur�e de vie des r�ponses invalides dans le cache pour
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active ou d�sactive les tickets de session TLS</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Source d'al�a pour utilisateur SRP inconnu</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Chemin du fichier de v�rification SRP</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration du cache pour l'agrafage OCSP</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>secondes</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dur�e de vie des r�ponses invalides dans le cache pour
agrafage OCSP</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">G�n�re une r�ponse "tryLater" pour les requ�tes OCSP �chou�es</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Remplace l'URI du serveur OCSP sp�cifi� dans l'extension
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">G�n�re une r�ponse "tryLater" pour les requ�tes OCSP �chou�es</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Remplace l'URI du serveur OCSP sp�cifi� dans l'extension
AIA du certificat</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>secondes</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Temps d'attente maximum pour les requ�tes vers les serveurs
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>secondes</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Temps d'attente maximum pour les requ�tes vers les serveurs
OCSP</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>secondes</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Age maximum autoris� des r�ponses OCSP incluses dans la
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>secondes</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Age maximum autoris� des r�ponses OCSP incluses dans la
n�gociation TLS</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dur�e de vie maximale autoris�e des r�ponses OCSP incluses dans la
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>secondes</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dur�e de vie maximale autoris�e des r�ponses OCSP incluses dans la
n�gociation TLS</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Transmet au client les erreurs survenues lors des requ�tes
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Transmet au client les erreurs survenues lors des requ�tes
OCSP</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>secondes</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dur�e de vie des r�ponses OCSP dans le cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Contr�le de l'acc�s des clients non-SNI � un serveur virtuel �
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>secondes</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dur�e de vie des r�ponses OCSP dans le cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Contr�le de l'acc�s des clients non-SNI � un serveur virtuel �
base de nom.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>nom-var</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Nom de la variable servant � d�terminer le nom de
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>nom-var</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Nom de la variable servant � d�terminer le nom de
l'utilisateur</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Active l'ajout des r�ponses OCSP � la n�gociation TLS</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>niveau</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Niveau de v�rification du certificat client</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>nombre</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Profondeur maximale des certificats de CA pour la
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active l'ajout des r�ponses OCSP � la n�gociation TLS</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>niveau</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Niveau de v�rification du certificat client</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>nombre</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Profondeur maximale des certificats de CA pour la
v�rification des certificats clients</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Nombre de processus enfants du serveur cr��s au
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Nombre de processus enfants du serveur cr��s au
d�marrage</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Nombre de threads cr��s au d�marrage</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/mod�le/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Mod�le de substition dans le contenu de la
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Nombre de threads cr��s au d�marrage</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/mod�le/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Mod�le de substition dans le contenu de la
r�ponse</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Modifie l'ordre de fusion des mod�les h�rit�s</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>octets</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">D�finit la longueur de ligne maximale</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Active ou d�sactive la fonctionnalit� suEXEC</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>Utilisateur Groupe</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">L'utilisateur et le groupe sous lesquels les programmes CGI
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Modifie l'ordre de fusion des mod�les h�rit�s</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>octets</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit la longueur de ligne maximale</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Active ou d�sactive la fonctionnalit� suEXEC</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>Utilisateur Groupe</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">L'utilisateur et le groupe sous lesquels les programmes CGI
doivent s'ex�cuter</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Le nombre de threads maximum que l'on peut d�finir par
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Le nombre de threads maximum que l'on peut d�finir par
processus enfant</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Nombre de threads cr��s par chaque processus
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>nombre</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Nombre de threads cr��s par chaque processus
enfant</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>taille</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">La taille en octets de la pile qu'utilisent les threads qui
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>taille</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">La taille en octets de la pile qu'utilisent les threads qui
traitent les connexions clients</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>secondes</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Temps pendant lequel le serveur va attendre certains
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>secondes</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Temps pendant lequel le serveur va attendre certains
�v�nements avant de consid�rer qu'une requ�te a �chou�</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine le comportement des requ�tes
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">D�termine le comportement des requ�tes
<code>TRACE</code></td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>fichier</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Sp�cifie l'emplacement d'un fichier journal</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>chemin-fichier</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Le chemin du fichier <code>mime.types</code></td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>nom-variable</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Invalide la d�finition d'une variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>var-env</var> [<var>var-env</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Supprime des variables de l'environnement</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>nom</var> [<var>valeur1</var> ... <var>valeurN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Utilisation d'une macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">D�finit la mani�re dont le serveur d�termine son propre nom
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>fichier</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sp�cifie l'emplacement d'un fichier journal</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>chemin-fichier</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Le chemin du fichier <code>mime.types</code></td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>nom-variable</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Invalide la d�finition d'une variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>var-env</var> [<var>var-env</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Supprime des variables de l'environnement</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>nom</var> [<var>valeur1</var> ... <var>valeurN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Utilisation d'une macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit la mani�re dont le serveur d�termine son propre nom
et son port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit la mani�re dont le serveur
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">D�finit la mani�re dont le serveur
d�termine son propre port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>utilisateur unix</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">L'utilisateur sous lequel le serveur va traiter les
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>utilisateur unix</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">L'utilisateur sous lequel le serveur va traiter les
requ�tes</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>nom-r�pertoire</em> [<em>nom-r�pertoire</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Chemin des r�pertoires propres � un
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>nom-r�pertoire</em> [<em>nom-r�pertoire</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Chemin des r�pertoires propres � un
utilisateur</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">D�termine si le serveur virtuel peut ex�cuter des
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine si le serveur virtuel peut ex�cuter des
sous-processus, et d�finit les privil�ges disponibles pour ces
dernier.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>nom-privil�ge</var> [[+-]?nom-privil�ge] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assigne des privil�ges au choix aux sous-processus cr��s
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>nom-privil�ge</var> [[+-]?nom-privil�ge] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assigne des privil�ges au choix aux sous-processus cr��s
par un serveur virtuel.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>identifiant-groupe-unix</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">D�finit l'identifiant du groupe sous lequel s'ex�cute un
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>identifiant-groupe-unix</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit l'identifiant du groupe sous lequel s'ex�cute un
serveur virtuel.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>nom-privil�ge</var> [[+-]?nom-privil�ge] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assigne des privil�ges � un serveur virtuel.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">D�termine si le serveur s'ex�cute avec une s�curit� avanc�e
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>nom-privil�ge</var> [[+-]?nom-privil�ge] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assigne des privil�ges � un serveur virtuel.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">D�termine si le serveur s'ex�cute avec une s�curit� avanc�e
pour les serveurs virtuels.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>identifiant-utilisateur-unix</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit l'identifiant utilisateur sous lequel s'ex�cute un
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>identifiant-utilisateur-unix</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">D�finit l'identifiant utilisateur sous lequel s'ex�cute un
serveur virtuel.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Permet une configuration dynamique de la racine des
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Permet une configuration dynamique de la racine des
documents d'un serveur virtuel donn�</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration dynamique de la racine des documents pour un
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration dynamique de la racine des documents pour un
serveur virtuel donn�</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>adresse IP</var>[:<var>port</var>] [<var>adresse
IP</var>[:<var>port</var>]] ...> ...
- </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contient des directives qui ne s'appliquent qu'� un nom
+ </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contient des directives qui ne s'appliquent qu'� un nom
d'h�te sp�cifique ou � une adresse IP</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration dynamique du r�pertoire des scripts CGI pour
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration dynamique du r�pertoire des scripts CGI pour
un serveur virtuel donn�</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configuration dynamique du r�pertoire des scripts CGI pour
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>r�pertoire-interpol�</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration dynamique du r�pertoire des scripts CGI pour
un serveur virtuel donn�</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Interpr�te les directives SSI dans les fichiers dont le bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Interpr�te les directives SSI dans les fichiers dont le bit
d'ex�cution est positionn�</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>jeu-de-caract�res alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit des alias pour les valeurs d'encodage</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>nom</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit un encodage par d�faut � utiliser lorsqu'aucune
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>jeu-de-caract�res alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">D�finit des alias pour les valeurs d'encodage</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>nom</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">D�finit un encodage par d�faut � utiliser lorsqu'aucune
information ne peut �tre <a href="#sniffing">automatiquement d�tect�e</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>�l�ment [�l�ment ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Indique � l'interpr�teur � partir de quelle balise il doit
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>�l�ment [�l�ment ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Indique � l'interpr�teur � partir de quelle balise il doit
commencer son traitement.</td></tr>
</table></div>
<div class="bottomlang">
diff --git a/docs/manual/mod/quickreference.html.ja.utf8 b/docs/manual/mod/quickreference.html.ja.utf8
index b2584ed..789ec6b 100644
--- a/docs/manual/mod/quickreference.html.ja.utf8
+++ b/docs/manual/mod/quickreference.html.ja.utf8
@@ -448,7 +448,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
<tr><td><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutDownTimeout <var>seconds</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">穏やかな停止をかけた後、終了するまで待つ時間</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -457,25 +459,28 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] set|append|add|unset|echo
-<var>header</var> [<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">HTTP 応答ヘッダの設定</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] set|append|add|unset|echo
+<var>header</var> [<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">HTTP 応答ヘッダの設定</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">
インデックス一覧の先頭に挿入されるファイルの名前</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">クライアントの IP アドレスの DNS ルックアップを
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">クライアントの IP アドレスの DNS ルックアップを
有効にする</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">リモートユーザの RFC 1413 によるアイデンティティのロギングを
有効にする</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Ident リクエストがタイムアウトするまでの期間を決める</td></tr>
@@ -744,292 +749,293 @@ header</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">クライアントが違う URL を取得するように外部への一時的な
リダイレクトを送る</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべての文字セット
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべての文字セット
を解除する</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべてのコンテントエンコーディング
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべてのコンテントエンコーディング
を解除する</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべてのハンドラを
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイルの拡張子に関連付けられたすべてのハンドラを
解除する</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイル拡張子に関連付けられた入力フィルタを解除する</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイル拡張子に関連付けられた言語を解除する</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイル拡張子に関連付けられた出力フィルタを解除する</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイルの拡張子と関連付けられたコンテントタイプを
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイル拡張子に関連付けられた入力フィルタを解除する</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイル拡張子に関連付けられた言語を解除する</td></tr>
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr><td class="descr" colspan="4">ファイル拡張子に関連付けられた出力フィルタを解除する</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td /></tr><tr class="odd"><td class="descr" colspan="4">ファイルの拡張子と関連付けられたコンテントタイプを
解除する</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader set|append|add|unset <var>header</var>
-[<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">HTTP リクエストヘッダの設定</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader set|append|add|unset <var>header</var>
+[<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">HTTP リクエストヘッダの設定</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスの CPU 消費量を
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスの CPU 消費量を
制限する</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスのメモリ消費量を
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスのメモリ消費量を
制限する</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスが起動するプロセスの
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Apache の子プロセスから起動されたプロセスが起動するプロセスの
数を制限する</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">ホストレベルのアクセス制御とユーザ認証との相互作用を指定</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_status </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">子プロセスと連携するためのデータを保存する
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">ホストレベルのアクセス制御とユーザ認証との相互作用を指定</td></tr>
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_status </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">子プロセスと連携するためのデータを保存する
ファイルの位置</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">特定のリクエストメソッドに対して CGI スクリプトを
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">特定のリクエストメソッドに対して CGI スクリプトを
実行するように設定</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias <var>URL-path</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">URL をファイルシステムの位置へマップし、マップ先を
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias <var>URL-path</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">URL をファイルシステムの位置へマップし、マップ先を
CGI スクリプトに指定</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">URL を正規表現を使ってファイルシステムの位置へマップし、マップ先を
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">URL を正規表現を使ってファイルシステムの位置へマップし、マップ先を
CGI スクリプトに指定</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">CGI スクリプトのインタープリタの位置を調べるための手法</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">CGI スクリプトのエラーログファイルの場所</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <em>bytes</em></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">スクリプトログに記録される PUT や POST リクエストの内容の上限</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">CGI スクリプトのログファイルの大きさの上限</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> logs/cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">CGI デーモンとの通信に使われるソケットのファイル名の接頭辞</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">CGI スクリプトのインタープリタの位置を調べるための手法</td></tr>
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">CGI スクリプトのエラーログファイルの場所</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <em>bytes</em></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">スクリプトログに記録される PUT や POST リクエストの内容の上限</td></tr>
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">CGI スクリプトのログファイルの大きさの上限</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> logs/cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">CGI デーモンとの通信に使われるソケットのファイル名の接頭辞</td></tr>
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP バッファサイズ</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">サーバがクライアントに送るエラーメッセージに含める電子メールの
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP バッファサイズ</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">サーバがクライアントに送るエラーメッセージに含める電子メールの
アドレス</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">リクエストを名前ベースのバーチャルホストにマッチさせているときに
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">リクエストを名前ベースのバーチャルホストにマッチさせているときに
使用されるホストの別名</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">設定可能なサーバプロセス数の上限</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">サーバが自分自身を示すときに使うホスト名とポート</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">非互換のブラウザが名前ベースのバーチャルホストにアクセスしたときの
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">設定可能なサーバプロセス数の上限</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">サーバが自分自身を示すときに使うホスト名とポート</td></tr>
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">非互換のブラウザが名前ベースのバーチャルホストにアクセスしたときの
ための互換用 URL パス名</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">インストールされたサーバのベースディレクトリ</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">サーバが生成するドキュメントのフッタを設定</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4"><code>Server</code> HTTP 応答ヘッダを設定する</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">インストールされたサーバのベースディレクトリ</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">サーバが生成するドキュメントのフッタを設定</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4"><code>Server</code> HTTP 応答ヘッダを設定する</td></tr>
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> <var>value</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">環境変数を設定する</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> <var>value</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">環境変数を設定する</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">リクエストの属性に基づいて環境変数を設定する
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">リクエストの属性に基づいて環境変数を設定する
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr" /></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr" /></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">リクエストの属性に基づいて大文字小文字を区別せずに環境変数を設定する</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">マッチするファイルがハンドラで処理されるようにする</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">クライアントのリクエストや POST の入力を処理するフィルタを設定する</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">サーバの応答を処理するフィルタを設定する</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">include 要素を終了させる文字列</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">SSI のエラーがあったときに表示されるエラーメッセージ</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">リクエストの属性に基づいて大文字小文字を区別せずに環境変数を設定する</td></tr>
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">マッチするファイルがハンドラで処理されるようにする</td></tr>
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">クライアントのリクエストや POST の入力を処理するフィルタを設定する</td></tr>
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">サーバの応答を処理するフィルタを設定する</td></tr>
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">include 要素を終了させる文字列</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">SSI のエラーがあったときに表示されるエラーメッセージ</td></tr>
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">include 要素を開始する文字列</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">日付けを現す文字列の書式を設定する</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">未定義の変数が echo されたときに表示される文字列</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">include 要素を開始する文字列</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">日付けを現す文字列の書式を設定する</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">未定義の変数が echo されたときに表示される文字列</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">起動時に生成される子サーバプロセスの数</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">起動時に生成されるスレッドの数</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">CGI プログラムのユーザパーミッション、グループパーミッション</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">設定可能な子プロセス毎のスレッド数の上限を
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">起動時に生成される子サーバプロセスの数</td></tr>
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">起動時に生成されるスレッドの数</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">CGI プログラムのユーザパーミッション、グループパーミッション</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">設定可能な子プロセス毎のスレッド数の上限を
設定します</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">子プロセスそれぞれに生成されるスレッド数</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">クライアントのコネクションを受け持つスレッドが使用する
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">子プロセスそれぞれに生成されるスレッド数</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">クライアントのコネクションを受け持つスレッドが使用する
スタックのバイト数</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">各イベントについて、リクエストを失敗させるまでにサーバが
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">各イベントについて、リクエストを失敗させるまでにサーバが
待つ時間を設定</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4"><code>TRACE</code> メソッドのリクエストに対する応答方法を決める
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4"><code>TRACE</code> メソッドのリクエストに対する応答方法を決める
</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">ログファイルの位置を指定</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td /></tr><tr class="odd"><td class="descr" colspan="4"><code>mime.types</code> ファイルの位置</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">環境から変数を取り除く</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|Dns</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">サーバが自分自身の名前とポートを決定する方法を設定する</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">自分自身の名前とポート番号を解決する方法を設定する
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">ログファイルの位置を指定</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td /></tr><tr><td class="descr" colspan="4"><code>mime.types</code> ファイルの位置</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">環境から変数を取り除く</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|Dns</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">サーバが自分自身の名前とポートを決定する方法を設定する</td></tr>
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">自分自身の名前とポート番号を解決する方法を設定する
</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">ユーザ専用ディレクトリの位置</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">ユーザ専用ディレクトリの位置</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">特定のホスト名や IP アドレスのみに適用されるディレクティブを
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">特定のホスト名や IP アドレスのみに適用されるディレクティブを
囲む</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">実行ビットが設定されたファイルの SSI ディレクティブを
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">実行ビットが設定されたファイルの SSI ディレクティブを
解析する</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>翻訳済み言語: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.ko.euc-kr b/docs/manual/mod/quickreference.html.ko.euc-kr
index 9ece731..ce7dd1a 100644
--- a/docs/manual/mod/quickreference.html.ko.euc-kr
+++ b/docs/manual/mod/quickreference.html.ko.euc-kr
@@ -448,7 +448,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
will exit.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -457,23 +459,26 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] set|append|add|unset|echo
-<var>header</var> [<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">HTTP ���� ����� �����Ѵ�</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">���ϸ�� ���� ������ ������ �̸�</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] set|append|add|unset|echo
+<var>header</var> [<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">HTTP ���� ����� �����Ѵ�</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">���ϸ�� ���� ������ ������ �̸�</td></tr>
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">���� ������� RFC 1413 �ſ��� �α� ����Ѵ�</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">ident ��û�� �ð������� �����Ѵ�</td></tr>
<tr><td><a href="core.html#if"><If <var>expression</var>> ... </If></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only if a condition is
@@ -761,303 +766,304 @@ header for proxied requests</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Ŭ���̾�Ʈ�� �ٸ� URL�� �����ϵ��� ��û�ϴ� �ܺ�
�ӽ� �����̷����� ������</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader set|append|add|unset <var>header</var>
-[<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">HTTP ��û ����� �����Ѵ�</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader set|append|add|unset <var>header</var>
+[<var>value</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">HTTP ��û ����� �����Ѵ�</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the CPU consumption of processes launched
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the CPU consumption of processes launched
by Apache httpd children</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the memory consumption of processes launched
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the memory consumption of processes launched
by Apache httpd children</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of processes that can be launched by
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of processes that can be launched by
processes launched by Apache httpd children</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Location of the file used to store coordination data for
the child processes</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Ư�� ��û���忡 ���� CGI ��ũ��Ʈ��
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Ư�� ��û���忡 ���� CGI ��ũ��Ʈ��
����Ѵ�.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias <var>URL-path</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">URL�� Ư�� ���Ͻý��� ��ҷ� �����ϰ� ����� CGI
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias <var>URL-path</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">URL�� Ư�� ���Ͻý��� ��ҷ� �����ϰ� ����� CGI
��ũ��Ʈ��� �˸���</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">����ǥ������ ����Ͽ� URL�� Ư�� ���Ͻý��� ��ҷ�
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">����ǥ������ ����Ͽ� URL�� Ư�� ���Ͻý��� ��ҷ�
�����ϰ� ����� CGI ��ũ��Ʈ��� �˸���</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Technique for locating the interpreter for CGI
scripts</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">CGI ��ũ��Ʈ �����α������� ��ġ</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">��ũ��Ʈ �α� ����� PUT Ȥ�� POST ��û�� �ִ뷮</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">CGI ��ũ��Ʈ �α������� ũ�� ����</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> logs/cgisock </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">cgi ����� ����� ���� ����� ������ �̸�</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">CGI ��ũ��Ʈ �����α������� ��ġ</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">��ũ��Ʈ �α� ����� PUT Ȥ�� POST ��û�� �ִ뷮</td></tr>
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">CGI ��ũ��Ʈ �α������� ũ�� ����</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> logs/cgisock </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">cgi ����� ����� ���� ����� ������ �̸�</td></tr>
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP buffer size</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Email address that the server includes in error
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP buffer size</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Email address that the server includes in error
messages sent to the client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternate names for a host used when matching requests
to name-virtual hosts</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Hostname and port that the server uses to identify
itself</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server installation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server installation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
header</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> <var>value</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">ȯ�溯���� �����Ѵ�</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> <var>value</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">ȯ�溯���� �����Ѵ�</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">��û�� ������ ���� ȯ�溯���� �����Ѵ�</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr" /></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">��û�� ������ ���� ȯ�溯���� �����Ѵ�</td></tr>
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr" /></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">��ҹ��ڸ� ���������ʰ� ��û�� ������ ���� ȯ�溯����
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">��ҹ��ڸ� ���������ʰ� ��û�� ������ ���� ȯ�溯����
�����Ѵ�</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be processed by a
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be processed by a
handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process client requests and POST
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process client requests and POST
input</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process responses from the
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process responses from the
server</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created on startup</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">CGI ���α��� ����� ����ڿ� �� ����</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created on startup</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">CGI ���α��� ����� ����ڿ� �� ����</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
per child process</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
client connections</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for
certain events before failing a request</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">�α����� ��ġ�� �����Ѵ�</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">ȯ�溯���� �����Ѵ�</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">�α����� ��ġ�� �����Ѵ�</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">ȯ�溯���� �����Ѵ�</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em></a></td><td> public_html </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">����ں� ���丮 ��ġ</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em></a></td><td> public_html </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">����ں� ���丮 ��ġ</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only to a specific
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only to a specific
hostname or IP address</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>������ ���: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.tr.utf8 b/docs/manual/mod/quickreference.html.tr.utf8
index aa7577a..1e76b0c 100644
--- a/docs/manual/mod/quickreference.html.tr.utf8
+++ b/docs/manual/mod/quickreference.html.tr.utf8
@@ -335,7 +335,7 @@ CGI program</td></tr>
</td></tr>
<tr><td><a href="core.html#cgipassauth">CGIPassAuth On|Off</a></td><td> Off </td><td>dh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">HTTP yetkilendirme başlıklarının betiklere CGI değişkenleri
olarak aktarılmasını etkin kılar</td></tr>
-<tr class="odd"><td><a href="core.html#cgivar">CGIVar <var>variable</var> <var>rule</var></a></td><td></td><td>dh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Controls how some CGI variables are set</td></tr>
+<tr class="odd"><td><a href="core.html#cgivar">CGIVar <var>değişken</var> <var>kural</var></a></td><td></td><td>dh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Bazı CGI değişkenlerinin nasıl atanacağını belirler</td></tr>
<tr><td><a href="mod_charset_lite.html#charsetdefault">CharsetDefault <var>charset</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Charset to translate into</td></tr>
<tr class="odd"><td><a href="mod_charset_lite.html#charsetoptions">CharsetOptions <var>option</var> [<var>option</var>] ...</a></td><td> ImplicitAdd </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures charset translation behavior</td></tr>
<tr><td><a href="mod_charset_lite.html#charsetsourceenc">CharsetSourceEnc <var>charset</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Source charset of files</td></tr>
@@ -397,7 +397,7 @@ türünü belirlerdi.</td></tr>
<tr class="odd"><td><a href="mod_access_compat.html#deny"> Deny from all|<var>host</var>|env=[!]<var>env-variable</var>
[<var>host</var>|env=[!]<var>env-variable</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
server</td></tr>
-<tr><td><a href="core.html#directory"><Directory "<var>dizin-yolu</var>">
+<tr><td><a href="core.html#directory"><Directory <var>dizin-yolu</var>>
... </Directory></a></td><td></td><td>sk</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sadece ismi belirtilen dosya sistemi dizininde ve bunun
altdizinlerinde ve bunların içeriğinde uygulanacak bir yönerge grubunu
sarmalar.</td></tr>
@@ -445,7 +445,7 @@ by MIME type</td></tr>
<tr><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>yerel-url</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Bir dosya ile eşleşmeyen istekler için öntanımlı URL tanımlar
</td></tr>
<tr class="odd"><td><a href="core.html#fileetag">FileETag <var>bileşen</var> ...</a></td><td> MTime Size </td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Duruk dosyalar için <code>ETag</code> HTTP yanıt başlığını oluşturmakta kullanılacak dosya özniteliklerini belirler.</td></tr>
-<tr><td><a href="core.html#files"><Files "<var>dosya-adı</var>"> ... </Files></a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Dosya isimleriyle eşleşme halinde uygulanacak yönergeleri
+<tr><td><a href="core.html#files"><Files <var>dosya-adı</var>> ... </Files></a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Dosya isimleriyle eşleşme halinde uygulanacak yönergeleri
içerir.</td></tr>
<tr class="odd"><td><a href="core.html#filesmatch"><FilesMatch <var>düzifd</var>> ... </FilesMatch></a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Düzenli ifadelerin dosya isimleriyle eşleşmesi halinde
uygulanacak yönergeleri içerir.</td></tr>
@@ -470,7 +470,9 @@ expr=<var>ifade</var>]</a></td><td></td><td>s</td><td>T</td></tr><tr><td class="
<tr><td><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout <var>saniye</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sunucunun nazikçe kapatılmasının ardından ana süreç çıkana kadar
geçecek süre için bir zaman aşımı belirler.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-grubu</var></a></td><td> #-1 </td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">İsteklere yanıt verecek sunucunun ait olacağı grubu belirler.</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -479,27 +481,30 @@ expr=<var>ifade</var>]</a></td><td></td><td>s</td><td>T</td></tr><tr><td class="
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>dosya-ismi</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Dizin listesinin tepesine yerleştirilecek dosyanın ismini
+</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>dosya-ismi</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Dizin listesinin tepesine yerleştirilecek dosyanın ismini
belirler.</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">İstemci IP adresleri üzerinde DNS sorgularını etkin kılar.
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr><td class="descr" colspan="4">İstemci IP adresleri üzerinde DNS sorgularını etkin kılar.
</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">HTTP İstek İletilerindeki sınırlamalarda değişiklik yapar</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>skd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
user</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>skd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
@@ -603,7 +608,7 @@ sınırlar.</td></tr>
</td></tr>
<tr><td><a href="mod_so.html#loadmodule">LoadModule <em>modül dosya-ismi</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Belirtilen nesne dosyasını veya kütüphaneyi sunucu ile ilintiler
ve etkin modül listesine ekler.</td></tr>
-<tr class="odd"><td><a href="core.html#location"><Location "<var>URL-yolu</var>|<var>URL</var>"> ...
+<tr class="odd"><td><a href="core.html#location"><Location <var>URL-yolu</var>|<var>URL</var>> ...
</Location></a></td><td></td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">İçerdiği yönergeler sadece eşleşen URL’lere uygulanır.
</td></tr>
<tr><td><a href="core.html#locationmatch"><LocationMatch
@@ -793,315 +798,316 @@ URL’ye yönlendirir.</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-yolu</var> <var>URL</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">İstemciyi, geçici bir yönlendirme isteği döndürerek farklı bir
URL’ye yönlendirir.</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>yöntem</var> [<var>yöntem</var> [...]]</a></td><td></td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Standart olamayan HTTP yöntemlerini belirler</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>kdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>kdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>saniye</var>|max [<var>saniye</var>|max]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>saniye</var>|max [<var>saniye</var>|max]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin
işlemci tüketimine sınırlama getirir.</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bayt-sayısı</var>|max [<var>bayt-sayısı</var>|max]
-</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bayt-sayısı</var>|max [<var>bayt-sayısı</var>|max]
+</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılan süreçlerin
bellek tüketimine sınırlama getirir.</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>sayı</var>|max [<var>sayı</var>|max]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılabilecek süreç
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>sayı</var>|max [<var>sayı</var>|max]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Apache httpd alt süreçleri tarafından çalıştırılabilecek süreç
sayısına sınırlama getirir.</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>dosya-yolu</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Çocuk süreçler için eşgüdüm verisini saklamakta kullanılan
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>dosya-yolu</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Çocuk süreçler için eşgüdüm verisini saklamakta kullanılan
dosyanın yerini belirler.</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>skd</td><td>T</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>skd</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Activates a CGI script for a particular request
method.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-yolu</var>]
-<var>dosya-yolu</var>|<var>dizin-yolu</var></a></td><td></td><td>skd</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Bir URL’yi dosya sistemindeki bir yere eşler ve hedefi bir CGI betiği olarak çalıştırır.</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>düzenli-ifade</var>
-<var>dosya-yolu</var>|<var>dizin-yolu</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Bir URL’yi dosya sistemindeki bir yere düzenli ifade kullanarak
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-yolu</var>]
+<var>dosya-yolu</var>|<var>dizin-yolu</var></a></td><td></td><td>skd</td><td>T</td></tr><tr><td class="descr" colspan="4">Bir URL’yi dosya sistemindeki bir yere eşler ve hedefi bir CGI betiği olarak çalıştırır.</td></tr>
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>düzenli-ifade</var>
+<var>dosya-yolu</var>|<var>dizin-yolu</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Bir URL’yi dosya sistemindeki bir yere düzenli ifade kullanarak
eşler ve hedefi bir CGI betiği olarak çalıştırır.</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">CGI betikleri için yorumlayıcı belirleme tekniği</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">CGI betikleri için yorumlayıcı belirleme tekniği</td></tr>
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">İsteğin 63 karakterden büyük olduğu varsayımıyla, mod_status'un
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4">İsteğin 63 karakterden büyük olduğu varsayımıyla, mod_status'un
ilk 63 karakteri mi yoksa son 63 karakteri mi göstereceğini
belirler.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bayt-sayısı</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP tamponu boyu</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>eposta-adresi</var>|<var>URL</var></a></td><td></td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun hata iletilerinde istemciye göstereceği eposta adresi
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bayt-sayısı</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP tamponu boyu</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>eposta-adresi</var>|<var>URL</var></a></td><td></td><td>sk</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucunun hata iletilerinde istemciye göstereceği eposta adresi
</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>konakadı</var> [<var>konakadı</var>] ...</a></td><td></td><td>k</td><td>Ç</td></tr><tr><td class="descr" colspan="4">İstekleri isme dayalı sanal konaklarla eşleştirilirken
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>konakadı</var> [<var>konakadı</var>] ...</a></td><td></td><td>k</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">İstekleri isme dayalı sanal konaklarla eşleştirilirken
kullanılacak konak adları için başka isimler belirtebilmeyi sağlar.
</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Ayarlanabilir süreç sayısının üst sınırını belirler.</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>şema</var>://]<var>alan-adı</var>|<var>ip-adresi</var>[:<var>port</var>]
-</a></td><td></td><td>sk</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucunun özdeşleşeceği konak ismi ve port.</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-yolu</var></a></td><td></td><td>k</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Uyumsuz bir tarayıcı tarafından erişilmesi için bir isme dayalı sanal konak için meşru URL yolu</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>dizin-yolu</var></a></td><td> /usr/local/apache </td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucu yapılandırması için kök dizin</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucu tarafından üretilen belgelerin dipnotunu ayarlar.
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Ayarlanabilir süreç sayısının üst sınırını belirler.</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>şema</var>://]<var>alan-adı</var>|<var>ip-adresi</var>[:<var>port</var>]
+</a></td><td></td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun özdeşleşeceği konak ismi ve port.</td></tr>
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-yolu</var></a></td><td></td><td>k</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Uyumsuz bir tarayıcı tarafından erişilmesi için bir isme dayalı sanal konak için meşru URL yolu</td></tr>
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>dizin-yolu</var></a></td><td> /usr/local/apache </td><td>s</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucu yapılandırması için kök dizin</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucu tarafından üretilen belgelerin dipnotunu ayarlar.
</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4"><code>Server</code> HTTP yanıt başlığını yapılandırır.
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4"><code>Server</code> HTTP yanıt başlığını yapılandırır.
</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>skdh</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>D</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>skdh</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>skd</td><td>D</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>skdh</td><td>D</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>skdh</td><td>D</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>skd</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>ortam-değişkeni</var> [<var>değer</var>]</a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Ortam değişkenlerini tanımlar.</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>öznitelik
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>ortam-değişkeni</var> [<var>değer</var>]</a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Ortam değişkenlerini tanımlar.</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>öznitelik
düzifd [!]ort-değişkeni</em>[=<em>değer</em>]
- [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Ortam değişkenlerini isteğin özniteliklerine göre atar.
+ [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Ortam değişkenlerini isteğin özniteliklerine göre atar.
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>ifade
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>ifade
[!]ort-değişkeni</em>[=<em>değer</em>]
- [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Bir ap_expr ifadesine dayanarak ortam değişkenlerine değer atar</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>öznitelik
+ [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Bir ap_expr ifadesine dayanarak ortam değişkenlerine değer atar</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>öznitelik
düzifd [!]ort-değişkeni</em>[=<em>değer</em>]
- [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Ortam değişkenlerini isteğin özniteliklerinde harf büyüklüğüne
+ [[!]<em>ort-değişkeni</em>[=<em>değer</em>]] ...</a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Ortam değişkenlerini isteğin özniteliklerinde harf büyüklüğüne
bağlı olmaksızın yapılmış tanımlara göre atar.</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>eylemci-ismi</var>|none|<var>ifade</var></a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Eşleşen tüm dosyaların belli bir eylemci tarafından işlenmesine
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>eylemci-ismi</var>|none|<var>ifade</var></a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Eşleşen tüm dosyaların belli bir eylemci tarafından işlenmesine
sebep olur.</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>süzgeç</var>[;<var>süzgeç</var>...]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">POST girdilerini ve istemci isteklerini işleyecek süzgeçleri
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>süzgeç</var>[;<var>süzgeç</var>...]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">POST girdilerini ve istemci isteklerini işleyecek süzgeçleri
belirler.</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>süzgeç</var>[;<var>süzgeç</var>...]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucunun yanıtlarını işleyecek süzgeçleri belirler.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>süzgeç</var>[;<var>süzgeç</var>...]</a></td><td></td><td>skdh</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun yanıtlarını işleyecek süzgeçleri belirler.</td></tr>
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>T</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>skdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>skdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sunucunun başlatılması sırasında oluşturulan çocuk süreçlerin
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun başlatılması sırasında oluşturulan çocuk süreçlerin
sayısını belirler.</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun başlatılması sırasında oluşturulan evrelerin sayısını
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sunucunun başlatılması sırasında oluşturulan evrelerin sayısını
belirler.</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">suEXEC özelliğini etkin veya etkisiz yapar</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>Kullanıcı Grup</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">CGI betiklerini çalıştıracak kullanıcı ve grup belirtilir.
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">suEXEC özelliğini etkin veya etkisiz yapar</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>Kullanıcı Grup</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">CGI betiklerini çalıştıracak kullanıcı ve grup belirtilir.
</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Çocuk süreç başına ayarlanabilir evre sayısının üst sınırını
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Çocuk süreç başına ayarlanabilir evre sayısının üst sınırını
belirler.</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Her çocuk süreç tarafından oluşturulan evrelerin sayısını
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>sayı</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Her çocuk süreç tarafından oluşturulan evrelerin sayısını
belirler.</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>boyut</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">İstemci bağlantılarını elde eden evreler tarafından kullanılan
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>boyut</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">İstemci bağlantılarını elde eden evreler tarafından kullanılan
yığıtın bayt cinsinden uzunluğunu belirler.</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>saniye</var></a></td><td> 60 </td><td>sk</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Bir istek için başarısız olmadan önce belirli olayların
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>saniye</var></a></td><td> 60 </td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Bir istek için başarısız olmadan önce belirli olayların
gerçekleşmesi için sunucunun geçmesini bekleyeceği süre.</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sk</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4"><code>TRACE</code> isteklerinde davranış şeklini belirler
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sk</td><td>Ç</td></tr><tr><td class="descr" colspan="4"><code>TRACE</code> isteklerinde davranış şeklini belirler
</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>dosya</var>|<var>borulu-süreç</var>
-[<var>takma-ad</var>]</a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Bir günlük dosyasının yerini belirtir.</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>değişken-ismi</var></a></td><td></td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Bir değişkeni tanımsız yapar</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>skd</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>ortam-değişkeni</var> [<var>ortam-değişkeni</var>]
-...</a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Ortamdaki değişkenleri tanımsız hale getirir.</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>skd</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucunun kendi adını ve portunu nasıl belirleyeceğini ayarlar
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>dosya</var>|<var>borulu-süreç</var>
+[<var>takma-ad</var>]</a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Bir günlük dosyasının yerini belirtir.</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>değişken-ismi</var></a></td><td></td><td>s</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Bir değişkeni tanımsız yapar</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>skd</td><td>T</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>ortam-değişkeni</var> [<var>ortam-değişkeni</var>]
+...</a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Ortamdaki değişkenleri tanımsız hale getirir.</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>skd</td><td>T</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun kendi adını ve portunu nasıl belirleyeceğini ayarlar
</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sunucunun kendi adını ve portunu nasıl belirleyeceğini ayarlar
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>skd</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sunucunun kendi adını ve portunu nasıl belirleyeceğini ayarlar
</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-kullanıcısı</var></a></td><td> #-1 </td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">İsteklere yanıt verecek sunucunun ait olacağı kullanıcıyı
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-kullanıcısı</var></a></td><td> #-1 </td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">İsteklere yanıt verecek sunucunun ait olacağı kullanıcıyı
belirler.</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>dizin</em> [<em>dizin</em>] ...</a></td><td></td><td>sk</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Kullanıcıya özel dizinlerin yeri</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>dizin</em> [<em>dizin</em>] ...</a></td><td></td><td>sk</td><td>T</td></tr><tr><td class="descr" colspan="4">Kullanıcıya özel dizinlerin yeri</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>k</td><td>D</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Bir sanal konağın belge kök dizinini devingen olarak yapılandırır.
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>k</td><td>D</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Bir sanal konağın belge kök dizinini devingen olarak yapılandırır.
</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Bir sanal konağın belge kök dizinini devingen olarak yapılandırır.
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Bir sanal konağın belge kök dizinini devingen olarak yapılandırır.
</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>adres</var>[:<var>port</var>] [<var>adres</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>Ç</td></tr><tr><td class="descr" colspan="4">Sadece belli bir konak ismine ve porta uygulanacak yönergeleri barındırır.</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Bir sanal konağın CGI dizinini devingen olarak yapılandırır.
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>Ç</td></tr><tr class="odd"><td class="descr" colspan="4">Sadece belli bir konak ismine ve porta uygulanacak yönergeleri barındırır.</td></tr>
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Bir sanal konağın CGI dizinini devingen olarak yapılandırır.
</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Bir sanal konağın CGI dizinini devingen olarak yapılandırır.
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>hesaplanan-dizin</em>|none</a></td><td> none </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Bir sanal konağın CGI dizinini devingen olarak yapılandırır.
</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>T</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>skdh</td><td>T</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>Mevcut Diller: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/mod/quickreference.html.zh-cn.utf8 b/docs/manual/mod/quickreference.html.zh-cn.utf8
index 46c02a7..cd64d8a 100644
--- a/docs/manual/mod/quickreference.html.zh-cn.utf8
+++ b/docs/manual/mod/quickreference.html.zh-cn.utf8
@@ -467,7 +467,9 @@ expr=<var>expression</var>]</a></td><td></td><td>s</td><td>B</td></tr><tr><td cl
will exit.</td></tr>
<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
requests</td></tr>
-<tr><td><a href="mod_http2.html#h2direct" id="H" name="H">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2copyfiles" id="H" name="H">H2CopyFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine file handling in responses</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2direct">H2Direct on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Direct Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2earlyhints">H2EarlyHints on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine sending of 103 status codes</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxsessionstreams">H2MaxSessionStreams <em>n</em></a></td><td> 100 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of active streams per HTTP/2 session.</td></tr>
<tr><td><a href="mod_http2.html#h2maxworkeridleseconds">H2MaxWorkerIdleSeconds <em>n</em></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of seconds h2 workers remain idle until shut down.</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2maxworkers">H2MaxWorkers <em>n</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of worker threads to use per child process.</td></tr>
@@ -476,26 +478,29 @@ requests</td></tr>
<tr><td><a href="mod_http2.html#h2push">H2Push on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Switch</td></tr>
<tr class="odd"><td><a href="mod_http2.html#h2pushdiarysize">H2PushDiarySize <em>n</em></a></td><td> 256 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Server Push Diary Size</td></tr>
<tr><td><a href="mod_http2.html#h2pushpriority">H2PushPriority <em>mime-type</em> [after|before|interleaved] [weight]</a></td><td> * After 16 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Server Push Priority</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
-<tr><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
-<tr><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
-<tr><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
-<tr class="odd"><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
-<tr><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr class="odd"><td><a href="mod_http2.html#h2pushresource">H2PushResource [add] path [critical]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Declares resources for early pushing to the client</td></tr>
+<tr><td><a href="mod_http2.html#h2serializeheaders">H2SerializeHeaders on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Serialize Request/Response Processing Switch</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2sessionextrafiles">H2SessionExtraFiles <em>n</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of Extra File Handles</td></tr>
+<tr><td><a href="mod_http2.html#h2streammaxmemsize">H2StreamMaxMemSize <em>bytes</em></a></td><td> 65536 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of output data buffered per stream.</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2tlscooldownsecs">H2TLSCoolDownSecs <em>seconds</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_http2.html#h2tlswarmupsize">H2TLSWarmUpSize <em>amount</em></a></td><td> 1048576 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">-</td></tr>
+<tr class="odd"><td><a href="mod_http2.html#h2upgrade">H2Upgrade on|off</a></td><td> on for h2c, off for +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">H2 Upgrade Protocol Switch</td></tr>
+<tr><td><a href="mod_http2.html#h2windowsize">H2WindowSize <em>bytes</em></a></td><td> 65535 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Size of Stream Window for upstream data.</td></tr>
+<tr class="odd"><td><a href="mod_headers.html#header">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the top
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the top
of the index listing</td></tr>
-<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
+<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending
heartbeat requests to this server</td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr class="odd"><td><a href="core.html#httpprotocoloptions">HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods]
+ [Allow0.9|Require1.0]</a></td><td> Strict LenientMetho +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Modify restrictions on HTTP Request Messages</td></tr>
<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
user</td></tr>
<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
@@ -790,311 +795,312 @@ a different URL</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
a different URL</td></tr>
<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="core.html#registerhttpmethod">RegisterHttpMethod <var>method</var> [<var>method</var> [...]]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Register non-standard HTTP methods</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
<var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
[early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
[header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
[body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
- [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+ [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall"><RequireAll> ... </RequireAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany"><RequireAny> ... </RequireAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone"><RequireNone> ... </RequireNone></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
- <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+ <em>TestString</em> <em>CondPattern</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
- <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the CPU consumption of processes launched
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+ <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the CPU consumption of processes launched
by Apache httpd children</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the memory consumption of processes launched
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the memory consumption of processes launched
by Apache httpd children</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of processes that can be launched by
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of processes that can be launched by
processes launched by Apache httpd children</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Location of the file used to store coordination data for
the child processes</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Activates a CGI script for a particular request
method.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
target as a CGI script</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
and designates the target as a CGI script</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Technique for locating the interpreter for CGI
scripts</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP buffer size</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Email address that the server includes in error
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP buffer size</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Email address that the server includes in error
messages sent to the client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternate names for a host used when matching requests
to name-virtual hosts</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>domain-name</var>|<var>ip-address</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Hostname and port that the server uses to identify
itself</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server installation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server installation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
header</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
regex [!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
</td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
[!]env-variable</em>[=<em>value</em>]
- [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+ [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
without respect to case</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be processed by a
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|none|<var>expression</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be processed by a
handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process client requests and POST
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process client requests and POST
input</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process responses from the
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process responses from the
server</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "-->" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "<!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none <em>flag</em>s</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
-<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspproxyurl">SSLOCSPProxyURL <em>url</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Proxy URL to use for OCSP requests</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
keys</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
proxy handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all -SSLv3 (up to 2 +</td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
source</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
boolean expression is true</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
HTTP request</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
host.
</td></tr>
-<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
Certificate verification</td></tr>
-<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created on startup</td></tr>
-<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
+<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
+<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created on startup</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr><td><a href="mod_substitute.html#substituteinheritbefore">SubstituteInheritBefore on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Change the merge order of inherited patterns</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
per child process</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
client connections</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for
certain events before failing a request</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify location of a log file</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes variables from the environment</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify location of a log file</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes variables from the environment</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost"><VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost"><VirtualHost
<var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
- ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only to a specific
+ ...> ... </VirtualHost></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only to a specific
hostname or IP address</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
</table></div>
<div class="bottomlang">
<p><span>可用语言: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch"> de </a> |
diff --git a/docs/manual/programs/configure.html.fr b/docs/manual/programs/configure.html.fr
index 82bfad0..4ccbe34 100644
--- a/docs/manual/programs/configure.html.fr
+++ b/docs/manual/programs/configure.html.fr
@@ -28,8 +28,6 @@
<a href="../ko/programs/configure.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/programs/configure.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p>
</div>
-<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
- anglaise pour les changements r�cents.</div>
<p>Le script <code>configure</code> permet de configurer
l'arborescence des sources afin de compiler et installer le serveur
@@ -323,11 +321,11 @@
<h4><a name="choosemodules" id="choosemodules">Choix des modules � compiler</a></h4>
<p>La plupart des modules sont compil�s par d�faut et ils doivent �tre
- d�sactiv�s de mani�re explicite ou via les mots-cl�s
- <code>few</code> ou <code>none</code> (voir ci-dessous
- <code>--enable-modules</code>, <code>--enable-mods-shared</code>
- et <code>--enable-mods-static</code> pour une explication plus
- d�taill�e).</p>
+ d�sactiv�s de mani�re explicite ou via le mots-cl� <code>few</code> (voir
+ ci-dessous <code>--enable-modules</code>,
+ <code>--enable-mods-shared</code> et <code>--enable-mods-static</code>
+ pour une explication plus d�taill�e), ou
+ <code>--enable-modules=none</code> pour les d�sactiver tous.</p>
<p>Par d�faut, les autres modules ne sont pas compil�s et doivent
�tre activ�s explicitement, ou en utilisant les mots-cl�s
@@ -453,8 +451,8 @@
--enable-mods-shared='headers rewrite dav'
</code></p></div>
<p>Vous pouvez aussi utiliser les mots-cl�s <code>reallyall</code>,
- <code>all</code>, <code>most</code>, <code>few</code> et
- <code>none</code>. Par exemple,</p>
+ <code>all</code>, <code>most</code> et <code>few</code>. Par
+ exemple,</p>
<div class="example"><p><code>
--enable-mods-shared=most
</code></p></div>
diff --git a/docs/manual/programs/configure.html.tr.utf8 b/docs/manual/programs/configure.html.tr.utf8
index 54e5aec..16ab762 100644
--- a/docs/manual/programs/configure.html.tr.utf8
+++ b/docs/manual/programs/configure.html.tr.utf8
@@ -28,7 +28,6 @@
<a href="../ko/programs/configure.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/programs/configure.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p><code>configure</code> betiği, Apache HTTP Sunucusunun kaynak kodlarını
belli bir platform için yapılandırmakta ve derlemekte kullanılır.
@@ -307,10 +306,11 @@
<h4><a name="choosemodules" id="choosemodules">Derlenecek modüllerin seçimi</a></h4>
<p>Modüllerin çoğu öntanımlı olarak derlenir ve ya açıkça iptal edilmek
- ya da <code>few</code> veya <code>none</code> anahtar sözcükleri
+ ya da <code>few</code> anahtar sözcüğü
kullanılarak kaldırılmak zorunda kalınır (ayrıntılar için
<code>--enable-modules</code>, <code>--enable-mods-shared</code> ve
- <code>--enable-mods-static</code> seçeneklerine bakın).</p>
+ <code>--enable-mods-static</code> seçeneklerine bakın). Bir grubu
+ tamamen kaldırmak için <code>--enable-modules=none</code> gerekir.</p>
<p>Öntanımlı olarak derlenmeyenler ise ya açıkça etkin kılınmak ya da
<code>all</code> veya <code>reallyall</code> anahtar sözcükleriyle
@@ -433,9 +433,8 @@
</code></p></div>
<p><code><var>modül-listesi</var></code> yerine
- <code>reallyall</code>, <code>all</code>, <code>most</code>,
- <code>few</code> ve <code>none</code> anahtar sözcükleri de
- belirtilebilir. Örneğin,</p>
+ <code>reallyall</code>, <code>all</code>, <code>most</code> ve
+ <code>few</code> anahtar sözcükleri de belirtilebilir. Örneğin,</p>
<div class="example"><p><code>
--enable-mods-shared=most
diff --git a/docs/manual/rewrite/flags.html.en b/docs/manual/rewrite/flags.html.en
index 450e10e..2be45bf 100644
--- a/docs/manual/rewrite/flags.html.en
+++ b/docs/manual/rewrite/flags.html.en
@@ -104,6 +104,9 @@ isn't a valid URL, and so would be encoded as
before being passed on to the output URL, resulting in a correct mapping to
<code>/search.php?term=x%20%26%20y%2Fz</code>.</p>
+<pre class="prettyprint lang-config">RewriteRule "^search/(.*)$" "/search.php?term=$1" [B,PT]</pre>
+
+
<p>Note that you may also need to set <code class="directive"><a href="../mod/core.html#allowencodedslashes">AllowEncodedSlashes</a></code> to <code>On</code> to get this
particular example to work, as httpd does not allow encoded slashes in URLs, and
returns a 404 if it sees one.</p>
diff --git a/docs/manual/rewrite/flags.html.fr b/docs/manual/rewrite/flags.html.fr
index e44696a..7b9a6f6 100644
--- a/docs/manual/rewrite/flags.html.fr
+++ b/docs/manual/rewrite/flags.html.fr
@@ -111,6 +111,9 @@ ce que l'on souhaitait.</p>
� l'URL r�sultante, ce qui fournit une r��criture correcte en
<code>/search.php?term=x%20%26%20y%2Fz</code>.</p>
+<pre class="prettyprint lang-config">RewriteRule "^search/(.*)$" "/search.php?term=$1" [B,PT]</pre>
+
+
<p>Notez que vous devrez peut-�tre aussi d�finir la
directive <code class="directive"><a href="../mod/core.html#allowencodedslashes">AllowEncodedSlashes</a></code>
� <code>On</code> pour
diff --git a/docs/manual/rewrite/vhosts.html.en b/docs/manual/rewrite/vhosts.html.en
index 7ddd5fd..eae9303 100644
--- a/docs/manual/rewrite/vhosts.html.en
+++ b/docs/manual/rewrite/vhosts.html.en
@@ -194,7 +194,7 @@ RewriteRule "^/(.*)$" "%1/docs/$1"
RewriteCond "%{REQUEST_URI}" "^/cgi-bin/"
RewriteCond "${lowercase:%{SERVER_NAME}}" "^(.+)$"
RewriteCond "${vhost:%1}" "^(/.*)$"
-RewriteRule "^/(.*)$" "%1/cgi-bin/$1" [H=cgi-script]</pre>
+RewriteRule "^/cgi-bin/(.*)$" "%1/cgi-bin/$1" [H=cgi-script]</pre>
</div></div>
diff --git a/docs/manual/rewrite/vhosts.html.fr b/docs/manual/rewrite/vhosts.html.fr
index 0db4a38..36a2769 100644
--- a/docs/manual/rewrite/vhosts.html.fr
+++ b/docs/manual/rewrite/vhosts.html.fr
@@ -204,7 +204,7 @@ RewriteRule "^/(.*)$" "%1/docs/$1"
RewriteCond "%{REQUEST_URI}" "^/cgi-bin/"
RewriteCond "${lowercase:%{SERVER_NAME}}" "^(.+)$"
RewriteCond "${vhost:%1}" "^(/.*)$"
-RewriteRule "^/(.*)$" "%1/cgi-bin/$1" [H=cgi-script]</pre>
+RewriteRule "^/cgi-bin/(.*)$" "%1/cgi-bin/$1" [H=cgi-script]</pre>
</div></div>
diff --git a/docs/manual/sections.html.en b/docs/manual/sections.html.en
index f09c6de..8d5b3ed 100644
--- a/docs/manual/sections.html.en
+++ b/docs/manual/sections.html.en
@@ -543,7 +543,7 @@ other words, order of merging is important, so be careful!</p>
Require all granted
</Location>
-# Woops! This <Directory> section will have no effect
+# Whoops! This <Directory> section will have no effect
<Directory "/">
<RequireAll>
Require all granted
diff --git a/docs/manual/sections.html.fr b/docs/manual/sections.html.fr
index 03f50cd..18a6dc8 100644
--- a/docs/manual/sections.html.fr
+++ b/docs/manual/sections.html.fr
@@ -402,7 +402,7 @@ sites qui correspondent
acc�d� via le serveur mandataire du module <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code>.
Par exemple, la configuration suivante n'autorisera qu'un sous-ensemble de
clients � acc�der au site <code>www.example.com</code> en passant par le serveur
-mandataire :.</p>
+mandataire :</p>
<pre class="prettyprint lang-config"><Proxy "http://www.example.com/*">
Require host yournetwork.example.com
diff --git a/docs/manual/ssl/ssl_faq.html.fr b/docs/manual/ssl/ssl_faq.html.fr
index b11c16e..70676d3 100644
--- a/docs/manual/ssl/ssl_faq.html.fr
+++ b/docs/manual/ssl/ssl_faq.html.fr
@@ -786,22 +786,22 @@ dans votre section d'h
<h3><a name="srp" id="srp">Comment activer TLS-SRP ?</a></h3>
- <p>Le protocole TLS-SRP (Echange de clés sécurisé par mot de passe
- pour TLS comme spécifié dans la RFC 5054) peut compléter ou même
+ <p>Le protocole TLS-SRP (Echange de cl�s s�curis� par mot de passe
+ pour TLS comme sp�cifi� dans la RFC 5054) peut compl�ter ou m�me
remplacer les certificats lors du processus d'authentification des
- connexions SSL. Pour utiliser TLS-SRP, spécifiez un fichier de
- vérification SRP OpenSSL via la directive <code class="directive"><a href="../mod/mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></code>. Vous pouvez créer
- le fichier de vérification via l'utilitaire <code>openssl</code> :</p>
+ connexions SSL. Pour utiliser TLS-SRP, sp�cifiez un fichier de
+ v�rification SRP OpenSSL via la directive <code class="directive"><a href="../mod/mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></code>. Vous pouvez cr�er
+ le fichier de v�rification via l'utilitaire <code>openssl</code> :</p>
<div class="example"><p><code>
openssl srp -srpvfile passwd.srpv -add username
</code></p></div>
- <p>Une fois ce fichier créé, vous devez le référencer dans la
+ <p>Une fois ce fichier cr��, vous devez le r�f�rencer dans la
configuration du serveur SSL :</p>
<div class="example"><p><code>
SSLSRPVerifierFile /path/to/passwd.srpv
</code></p></div>
- <p>Pour forcer les clients � utiliser des algorithmes de chiffrement
- basés sur TLS-SRP et s'affranchissant des certificats, utilisez la
+ <p>Pour forcer les clients � utiliser des algorithmes de chiffrement
+ bas�s sur TLS-SRP et s'affranchissant des certificats, utilisez la
directive suivante :</p>
<div class="example"><p><code>
SSLCipherSuite "!DSS:!aRSA:SRP"
@@ -841,9 +841,9 @@ MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR
Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
-----END DH PARAMETERS-----</pre></div>
- <p>Ajoute les paramètres personnalisés incluant les lignes "BEGIN DH
- PARAMETERS" et "END DH PARAMETERS" � la fin du premier fichier de
- certificat défini via la directive <code class="directive"><a href="../mod/mod_ssl.html#sslcertificatefile">SSLCertificateFile</a></code>.</p>
+ <p>Ajoute les param�tres personnalis�s incluant les lignes "BEGIN DH
+ PARAMETERS" et "END DH PARAMETERS" � la fin du premier fichier de
+ certificat d�fini via la directive <code class="directive"><a href="../mod/mod_ssl.html#sslcertificatefile">SSLCertificateFile</a></code>.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
diff --git a/docs/manual/ssl/ssl_howto.html.fr b/docs/manual/ssl/ssl_howto.html.fr
index 5799e39..863efe7 100644
--- a/docs/manual/ssl/ssl_howto.html.fr
+++ b/docs/manual/ssl/ssl_howto.html.fr
@@ -161,11 +161,11 @@ installations de httpd
<code>/etc/apache2/mods-enabled/ssl.conf</code> pour Ubuntu ou Debian,
etc...</p>
-<p>Le chemin spécifié par la directive
+<p>Le chemin sp�cifi� par la directive
<code class="directive">SSLStaplingCache</code> (par exemple <code>logs/</code>)
-doit être le même que celui spécifié par la directive
+doit �tre le m�me que celui sp�cifi� par la directive
<code class="directive">SSLSessionCache</code>. Ce chemin est relatif au chemin
-spécifié par la directive <code class="directive">ServerRoot</code>.</p>
+sp�cifi� par la directive <code class="directive">ServerRoot</code>.</p>
<p>Cette directive <code class="directive">SSLStaplingCache</code> particuli�re
n�cessite le chargement du module <code class="module"><a href="../mod/mod_socache_shmcb.html">mod_socache_shmcb</a></code> (�
diff --git a/docs/manual/style/version.ent b/docs/manual/style/version.ent
index af2170c..0c2a5f3 100644
--- a/docs/manual/style/version.ent
+++ b/docs/manual/style/version.ent
@@ -19,6 +19,6 @@
<!ENTITY httpd.major "2">
<!ENTITY httpd.minor "4">
-<!ENTITY httpd.patch "23">
+<!ENTITY httpd.patch "25">
<!ENTITY httpd.docs "2.4">
diff --git a/docs/manual/upgrading.html.en b/docs/manual/upgrading.html.en
index 2adb359..c4a9f40 100644
--- a/docs/manual/upgrading.html.en
+++ b/docs/manual/upgrading.html.en
@@ -150,21 +150,21 @@
<p>Here are some examples of old and new ways to do the same
access control.</p>
- <p>In this example, all requests are denied.</p>
+ <p>In this example, there is no authentication and all requests are denied.</p>
<div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order deny,allow
Deny from all</pre>
</div>
<div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">Require all denied</pre>
</div>
- <p>In this example, all requests are allowed.</p>
+ <p>In this example, there is no authentication and all requests are allowed.</p>
<div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order allow,deny
Allow from all</pre>
</div>
<div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">Require all granted</pre>
</div>
- <p>In the following example, all hosts in the example.org domain
+ <p>In the following example, there is no authentication and all hosts in the example.org domain
are allowed access; all other hosts are denied access.</p>
<div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order Deny,Allow
@@ -222,6 +222,64 @@ access.log - GET /server-status 200 127.0.0.1</pre>
</p>
+ <p>In many configurations with authentication, where the value of the
+ <code class="directive">Satisfy</code> was the default of <em>ALL</em>, snippets
+ that simply disabled host-based access control are omitted:</p>
+
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order Deny,Allow
+Deny from all
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user</pre>
+</div>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config"># No replacement needed
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user</pre>
+</div>
+
+ <p>In configurations where both authentication and access control were meaningfully combined, the
+ access control directives should be migrated. This example allows requests meeting <em>both</em> criteria:</p>
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order allow,deny
+Deny from all
+# Satisfy ALL is the default
+Satisfy ALL
+Allow from 127.0.0.1
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user</pre>
+</div>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+<RequireAll>
+ Require valid-user
+ Require ip 127.0.0.1
+</RequireAll></pre>
+</div>
+
+ <p>In configurations where both authentication and access control were meaningfully combined, the
+ access control directives should be migrated. This example allows requests meeting <em>either</em> criteria:</p>
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order allow,deny
+Deny from all
+Satisfy any
+Allow from 127.0.0.1
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user</pre>
+</div>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+# Implicitly <RequireAny>
+Require valid-user
+Require ip 127.0.0.1</pre>
+</div>
+
<h3><a name="config" id="config">Other configuration changes</a></h3>
diff --git a/docs/manual/upgrading.html.fr b/docs/manual/upgrading.html.fr
index f976bfe..8c86ea5 100644
--- a/docs/manual/upgrading.html.fr
+++ b/docs/manual/upgrading.html.fr
@@ -26,6 +26,8 @@
<p><span>Langues Disponibles: </span><a href="./en/upgrading.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="./fr/upgrading.html" title="Fran�ais"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version
+ anglaise pour les changements r�cents.</div>
<p>Afin d'assister les utilisateurs lors de leurs op�rations de mise �
jour, nous maintenons un document
diff --git a/docs/manual/urlmapping.html.tr.utf8 b/docs/manual/urlmapping.html.tr.utf8
index 913cf9a..f46e387 100644
--- a/docs/manual/urlmapping.html.tr.utf8
+++ b/docs/manual/urlmapping.html.tr.utf8
@@ -29,7 +29,6 @@
<a href="./ko/urlmapping.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="./tr/urlmapping.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Bu belgede, bir istekte belirtilen URL’nin sunulacak dosyanın dosya
sistemindeki yerini bulmak için Apache HTTP Sunucusu tarafından nasıl
diff --git a/docs/manual/vhosts/examples.html.tr.utf8 b/docs/manual/vhosts/examples.html.tr.utf8
index 3796e80..46fa823 100644
--- a/docs/manual/vhosts/examples.html.tr.utf8
+++ b/docs/manual/vhosts/examples.html.tr.utf8
@@ -29,7 +29,6 @@
<a href="../ko/vhosts/examples.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/vhosts/examples.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Bu belgede <a href="index.html">sanal konaklarla</a> ile ilgili olarak
@@ -59,11 +58,11 @@
<h2><a name="purename" id="purename">Tek bir IP ile çok sayıda isme dayalı site</a></h2>
- <p>Bu örnekte, makinenizin tek bir IP adresine sahip olduğunu ve bu
- makineye <code>example.com</code> ve <code>example.org</code> şeklinde
- (DNS A kayıtları sayesinde) farklı isimlerle erişilebildiğini
- varsayalım.</p>
-
+ <p>Bu örnekte, makinenizin tek bir IP adresine çözümlenen çok sayıda konak
+ adına sahip olduğunu, <code>example.com</code> ve
+ <code>example.org</code> gibi farklı isimlere farklı yanıtlar vermek
+ istediğinizi varsayalım.</p>
+
<div class="note"><h3>Bilginize</h3><p>Apache sunucusu üzerinde sanal konakları
yapılandırmakla bu konak isimleri için sihirli bir şekilde DNS
kayıtlarının da oluşturulmasını sağlamış olmazsınız. Bu isimler için
@@ -99,13 +98,19 @@ Listen 80
dosyasındaki <code>ServerName example.com</code> yönergeli konak, ilk
sanal konak olduğundan en yüksek önceliğe sahiptir ve
<cite>öntanımlı</cite> veya <cite>baskın</cite> site olarak davranır.
- Yani, hiçbir <code>ServerName</code> yönergesi ile eşleşmeyen bir istek
- alındığında bu istek ilk <code>VirtualHost</code> yapılandırması ile
+ Yani, hiçbir <code class="directive"><a href="../mod/core.html#servername">ServerName</a></code> yönergesi
+ ile eşleşmeyen bir istek alındığında bu istek ilk <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> yapılandırması ile
karşılanır.</p>
+
+ <p>Yukarıdaki yapılandırmayı hemen hemen tüm isme dayalı sanal konaklar
+ için kullanabilirsiniz. Bu yapılandırmanın çalışmayacağı tek durum,
+ farklı içerikleri farklı IP adres veya portlardan sunma gereğiyle
+ karşılaşmaktır.</p>
<div class="note"><h3>Bilginize</h3>
- <p>IP adresi ve porta dayalı ayrımı umursamıyorsanız, <code>*</code>
- yerine kendi IP adresinizi yazabilirsiniz.</p>
+ <p><code>*</code> yerine sisteminizdeki belli bir IP adresini
+ yazabilirsiniz. Böyle sanal konaklar sadece, HTTP isteklerinin sadece
+ belirtilen IP adreslerinden alınması için kullanilabilir.</p>
<pre class="prettyprint lang-config">NameVirtualHost 192.168.1.22
@@ -123,11 +128,6 @@ Listen 80
kullanabilirsiniz.</p>
</div>
- <p>Yukarıdaki yapılandırmayı hemen hemen tüm isme dayalı sanal konaklar
- için kullanabilirsiniz. Bu yapılandırmanın çalışmayacağı tek durum,
- farklı içerikleri farklı IP adreslerinden sunma gereğiyle
- karşılaşmaktır.</p>
-
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="twoips" id="twoips">IP adresleri farklı çok sayıda isme dayalı site</a></h2>
@@ -180,8 +180,7 @@ DocumentRoot "/siteler/anasunucu"
bakan IP’ye, iç ağda ise iç ağa bakan IP’ye çözümleniyor olsun.</p>
<p>Bu durumda, sunucu hem iç hem de dış ağdan gelen isteklere aynı içerik,
- dolayısıyla aynı <code>VirtualHost</code> bölümü ile hizmet
- verebilir.</p>
+ dolayısıyla aynı <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> bölümü ile hizmet verebilir.</p>
<pre class="prettyprint lang-config"><VirtualHost 192.168.1.1 172.20.30.40>
DocumentRoot "/siteler/sunucu"
@@ -191,7 +190,8 @@ DocumentRoot "/siteler/anasunucu"
<p>Artık, hem iç hem de dış ağdan gelen isteklere aynı
- <code>VirtualHost</code> bölümünden hizmet sunulacaktır.</p>
+ <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code>
+ bölümünden hizmet sunulacaktır.</p>
<div class="note"><h3>Bilginize:</h3>
<p>İç ağdan istek yapan biri, tam nitelenmiş konak ismi
@@ -350,7 +350,7 @@ Listen 172.20.30.50:8080
<pre class="prettyprint lang-config"><VirtualHost *:*>
ProxyPreserveHost On
- ProxyPass "/" "http://192.168.111.2/"
+ ProxyPass "/" "http://192.168.111.2/"
ProxyPassReverse "/" "http://192.168.111.2/"
ServerName konak.example.com
</VirtualHost></pre>
@@ -458,7 +458,7 @@ DocumentRoot "/siteler/ecom"
<VirtualHost 192.168.1.20>
DocumentRoot "/siteler/enet"
ServerName example.enet
- ServerAlias *.example.enet
+ ServerAlias *.example.net
# ...
</VirtualHost></pre>
@@ -490,7 +490,7 @@ DocumentRoot "/siteler/ecom"
</VirtualHost>
<VirtualHost 172.20.30.40>
-DocumentRoot /siteler/baska/bir
+ DocumentRoot /siteler/baska/bir
ServerName "bir.baska.tld"
ServerPath "/bir/"
RewriteEngine On
diff --git a/docs/manual/vhosts/index.html.en b/docs/manual/vhosts/index.html.en
index 8928359..be1ca85 100644
--- a/docs/manual/vhosts/index.html.en
+++ b/docs/manual/vhosts/index.html.en
@@ -87,13 +87,20 @@ hosts</a></li><li><a href="ip-based.html">IP-based virtual hosts</a></li><li><a
</ul>
<p>If you are trying to debug your virtual host configuration, you
- may find the Apache <code>-S</code> command line switch
- useful. That is, type the following command:</p>
+ may find the <code>-S</code> command line switch
+ useful.</p>
- <div class="example"><p><code>
- /usr/local/apache2/bin/httpd -S
+ <div class="example"><h3>Unix example</h3><p><code>
+
+ apachectl -S
</code></p></div>
+ <div class="example"><h3>Windows example</h3><p><code>
+
+ httpd.exe -S
+ </code></p></div>
+
+
<p>This command will dump out a description of how Apache parsed
the configuration file. Careful examination of the IP addresses and
server names may help uncover configuration mistakes. (See
diff --git a/docs/manual/vhosts/index.html.fr b/docs/manual/vhosts/index.html.fr
index 62aa171..19edf26 100644
--- a/docs/manual/vhosts/index.html.fr
+++ b/docs/manual/vhosts/index.html.fr
@@ -89,10 +89,16 @@
<p>Pour v�rifier et analyser la configuration de vos serveurs
virtuels, vous pouvez utiliser l'argument <code>-S</code> sur
- la ligne de commande lan�ant le programme Apache comme ceci :</p>
+ la ligne de commande.</p>
- <div class="example"><p><code>
- /usr/local/apache2/bin/httpd -S
+ <div class="example"><h3>Exemple Unix</h3><p><code>
+
+ apachectl -S
+ </code></p></div>
+
+ <div class="example"><h3>Exemple Windows</h3><p><code>
+
+ httpd.exe -S
</code></p></div>
<p>Cette commande affichera dans le d�tail comment Apache a
diff --git a/docs/manual/vhosts/index.html.tr.utf8 b/docs/manual/vhosts/index.html.tr.utf8
index 4dcf5be..693833f 100644
--- a/docs/manual/vhosts/index.html.tr.utf8
+++ b/docs/manual/vhosts/index.html.tr.utf8
@@ -87,13 +87,17 @@
</ul>
<p>Sanal konak yapılandırmanız üzerinde hata ayıklamaya çalışıyorsanız
- Apache’nin <code>-S</code> komut satırı seçeneği şu şekilde çok işinize
+ <code>-S</code> komut satırı seçeneği şu şekilde çok işinize
yarayabilir:</p>
- <div class="example"><p><code>
- /usr/local/apache2/bin/httpd -S
+ <div class="example"><h3>Unix örneği</h3><p><code>
+ apachectl -S
</code></p></div>
+ <div class="example"><h3>Windows örneği</h3><p><code>
+ httpd.exe -S
+ </code></p></div>
+
<p>Bu komut, yapılandırma dosyasının Apache yorumunu dökümler. IP
adreslerinin ve sunucu isimlerinin dikkatli bir incelemesi, yapılandırma
yanlışlarınızı keşfetmenize yardımcı olabilir. (Diğer komut satırı
diff --git a/docs/manual/vhosts/index.html.zh-cn.utf8 b/docs/manual/vhosts/index.html.zh-cn.utf8
index 8b3e31c..7b5667e 100644
--- a/docs/manual/vhosts/index.html.zh-cn.utf8
+++ b/docs/manual/vhosts/index.html.zh-cn.utf8
@@ -31,6 +31,7 @@
<a href="../tr/vhosts/" hreflang="tr" rel="alternate" title="Türkçe"> tr </a> |
<a href="../zh-cn/vhosts/" title="Simplified Chinese"> zh-cn </a></p>
</div>
+<div class="outofdate">此翻译可能过期。要了解最近的更改,请阅读英文版。</div>
<p>术语<cite>虚拟主机</cite>指的是在单一机器上运行多个网站
diff --git a/httpd.spec b/httpd.spec
index 645aea4..1ef8714 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -4,7 +4,7 @@
Summary: Apache HTTP Server
Name: httpd
-Version: 2.4.23
+Version: 2.4.25
Release: 1
URL: http://httpd.apache.org/
Vendor: Apache Software Foundation
diff --git a/include/ap_config_auto.h.in b/include/ap_config_auto.h.in
index 5a95d95..55ed9f6 100644
--- a/include/ap_config_auto.h.in
+++ b/include/ap_config_auto.h.in
@@ -115,6 +115,10 @@
/* Define to 1 if you have the <nghttp2/nghttp2.h> header file. */
#undef HAVE_NGHTTP2_NGHTTP2_H
+/* Define to 1 if you have the
+ `nghttp2_session_callbacks_set_on_invalid_header_callback' function. */
+#undef HAVE_NGHTTP2_SESSION_CALLBACKS_SET_ON_INVALID_HEADER_CALLBACK
+
/* Define to 1 if you have the `nghttp2_session_change_stream_priority'
function. */
#undef HAVE_NGHTTP2_SESSION_CHANGE_STREAM_PRIORITY
diff --git a/include/ap_mmn.h b/include/ap_mmn.h
index 54cbbee..124057c 100644
--- a/include/ap_mmn.h
+++ b/include/ap_mmn.h
@@ -477,6 +477,23 @@
* extended proxy_worker_shared.
* 20120211.60 (2.4.21-dev) Add dav_get_provider_name.
* 20120211.61 (2.4.21-dev) Add ap_cstr_casecmp[n]() - placeholder of apr_ fns
+ * 20120211.62 (2.4.24-dev) Add childtags to dav_error.
+ * 20120211.63 (2.4.24-dev) Add dav_begin_multistatus, dav_send_one_response,
+ * dav_finish_multistatus, dav_send_multistatus,
+ * dav_handle_err, dav_failed_proppatch,
+ * dav_success_proppatch.
+ * 20120211.64 (2.4.24-dev) Add ap_proxy_check_backend(), and tmp_bb to struct
+ * proxy_conn_rec.
+ * 20120211.65 (2.4.24-dev) Add ap_check_pipeline().
+ * 20120211.66 (2.4.24-dev) Rename ap_proxy_check_backend() to
+ * ap_proxy_check_connection().
+ * 20120211.67 (2.4.24-dev) Add http09_enable, http_conformance, and
+ * http_methods to core_server_config
+ * Add ap_scan_http_field_token(),
+ * ap_scan_http_field_content(),
+ * and ap_scan_vchar_obstext()
+ * Replaced fold boolean with with multiple bit flags
+ * to ap_[r]getline()
*/
#define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
@@ -484,7 +501,7 @@
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20120211
#endif
-#define MODULE_MAGIC_NUMBER_MINOR 61 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 67 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a
diff --git a/include/ap_release.h b/include/ap_release.h
index 2c5e13c..92fe7de 100644
--- a/include/ap_release.h
+++ b/include/ap_release.h
@@ -43,7 +43,7 @@
#define AP_SERVER_MAJORVERSION_NUMBER 2
#define AP_SERVER_MINORVERSION_NUMBER 4
-#define AP_SERVER_PATCHLEVEL_NUMBER 23
+#define AP_SERVER_PATCHLEVEL_NUMBER 25
#define AP_SERVER_DEVBUILD_BOOLEAN 0
/* Synchronize the above with docs/manual/style/version.ent */
diff --git a/include/http_config.h b/include/http_config.h
index da24d70..66c5b31 100644
--- a/include/http_config.h
+++ b/include/http_config.h
@@ -50,7 +50,7 @@ enum cmd_how {
RAW_ARGS, /**< cmd_func parses command line itself */
TAKE1, /**< one argument only */
TAKE2, /**< two arguments only */
- ITERATE, /**< one argument, occuring multiple times
+ ITERATE, /**< one argument, occurring multiple times
* (e.g., IndexIgnore)
*/
ITERATE2, /**< two arguments, 2nd occurs multiple times
@@ -410,6 +410,23 @@ struct module_struct {
};
/**
+ * The AP_MAYBE_UNUSED macro is used for variable declarations that
+ * might potentially exhibit "unused var" warnings on some compilers if
+ * left untreated.
+ * Since static intializers are not part of the C language (C89), making
+ * (void) usage is not possible. However many compiler have proprietary
+ * mechanism to suppress those warnings.
+ */
+#ifdef AP_MAYBE_UNUSED
+#elif defined(__GNUC__)
+# define AP_MAYBE_UNUSED(x) x __attribute__((unused))
+#elif defined(__LCLINT__)
+# define AP_MAYBE_UNUSED(x) /*@unused@*/ x
+#else
+# define AP_MAYBE_UNUSED(x) x
+#endif
+
+/**
* The APLOG_USE_MODULE macro is used choose which module a file belongs to.
* This is necessary to allow per-module loglevel configuration.
*
@@ -424,7 +441,7 @@ struct module_struct {
*/
#define APLOG_USE_MODULE(foo) \
extern module AP_MODULE_DECLARE_DATA foo##_module; \
- static int * const aplog_module_index = &(foo##_module.module_index)
+ AP_MAYBE_UNUSED(static int * const aplog_module_index) = &(foo##_module.module_index)
/**
* AP_DECLARE_MODULE is a convenience macro that combines a call of
@@ -812,7 +829,7 @@ AP_DECLARE(apr_status_t) ap_cfg_getc(char *ch, ap_configfile_t *cfp);
/**
* Detach from open ap_configfile_t, calling the close handler
* @param cfp The file to close
- * @return 1 on sucess, 0 on failure
+ * @return 1 on success, 0 on failure
*/
AP_DECLARE(int) ap_cfg_closefile(ap_configfile_t *cfp);
diff --git a/include/http_core.h b/include/http_core.h
index 2590b22..35df5dc 100644
--- a/include/http_core.h
+++ b/include/http_core.h
@@ -723,10 +723,24 @@ typedef struct {
#define AP_MERGE_TRAILERS_DISABLE 2
int merge_trailers;
-
-
apr_array_header_t *protocols;
int protocols_honor_order;
+
+#define AP_HTTP09_UNSET 0
+#define AP_HTTP09_ENABLE 1
+#define AP_HTTP09_DISABLE 2
+ char http09_enable;
+
+#define AP_HTTP_CONFORMANCE_UNSET 0
+#define AP_HTTP_CONFORMANCE_UNSAFE 1
+#define AP_HTTP_CONFORMANCE_STRICT 2
+ char http_conformance;
+
+#define AP_HTTP_METHODS_UNSET 0
+#define AP_HTTP_METHODS_LENIENT 1
+#define AP_HTTP_METHODS_REGISTERED 2
+ char http_methods;
+
} core_server_config;
/* for AddOutputFiltersByType in core.c */
diff --git a/include/http_log.h b/include/http_log.h
index 801dcce..2b61a11 100644
--- a/include/http_log.h
+++ b/include/http_log.h
@@ -141,7 +141,7 @@ extern "C" {
* Constant to store module_index for the current file.
* Objects with static storage duration are set to NULL if not
* initialized explicitly. This means that if aplog_module_index
- * is not initalized using the ::APLOG_USE_MODULE or the
+ * is not initialized using the ::APLOG_USE_MODULE or the
* ::AP_DECLARE_MODULE macro, we can safely fall back to
* use ::APLOG_NO_MODULE. This variable will usually be optimized away.
*/
diff --git a/include/http_protocol.h b/include/http_protocol.h
index 447e3a8..a9e0990 100644
--- a/include/http_protocol.h
+++ b/include/http_protocol.h
@@ -582,17 +582,22 @@ AP_DECLARE(int) ap_get_basic_auth_pw(request_rec *r, const char **pw);
*/
AP_CORE_DECLARE(void) ap_parse_uri(request_rec *r, const char *uri);
+#define AP_GETLINE_FOLD 1 /* Whether to merge continuation lines */
+#define AP_GETLINE_CRLF 2 /*Whether line ends must be in the form CR LF */
+
/**
* Get the next line of input for the request
* @param s The buffer into which to read the line
* @param n The size of the buffer
* @param r The request
- * @param fold Whether to merge continuation lines
+ * @param flags Bit flag of multiple parsing options
+ * AP_GETLINE_FOLD Whether to merge continuation lines
+ * AP_GETLINE_CRLF Whether line ends must be in the form CR LF
* @return The length of the line, if successful
* n, if the line is too big to fit in the buffer
* -1 for miscellaneous errors
*/
-AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int fold);
+AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int flags);
/**
* Get the next line of input for the request
@@ -610,7 +615,9 @@ AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int fold);
* @param n The size of the buffer
* @param read The length of the line.
* @param r The request
- * @param fold Whether to merge continuation lines
+ * @param flags Bit flag of multiple parsing options
+ * AP_GETLINE_FOLD Whether to merge continuation lines
+ * AP_GETLINE_CRLF Whether line ends must be in the form CR LF
* @param bb Working brigade to use when reading buckets
* @return APR_SUCCESS, if successful
* APR_ENOSPC, if the line is too big to fit in the buffer
@@ -619,7 +626,7 @@ AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int fold);
#if APR_CHARSET_EBCDIC
AP_DECLARE(apr_status_t) ap_rgetline(char **s, apr_size_t n,
apr_size_t *read,
- request_rec *r, int fold,
+ request_rec *r, int flags,
apr_bucket_brigade *bb);
#else /* ASCII box */
#define ap_rgetline(s, n, read, r, fold, bb) \
@@ -629,7 +636,7 @@ AP_DECLARE(apr_status_t) ap_rgetline(char **s, apr_size_t n,
/** @see ap_rgetline */
AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
apr_size_t *read,
- request_rec *r, int fold,
+ request_rec *r, int flags,
apr_bucket_brigade *bb);
/**
diff --git a/include/http_request.h b/include/http_request.h
index 3d0b143..0013d39 100644
--- a/include/http_request.h
+++ b/include/http_request.h
@@ -218,7 +218,7 @@ AP_DECLARE(void) ap_clear_auth_internal(void);
* Determine whether access control hooks will be run for all internal
* requests with URIs distinct from that of the initial request, or only
* those for which different configurations apply than those which applied
- * to the initial request. To accomodate legacy external modules which
+ * to the initial request. To accommodate legacy external modules which
* may expect access control hooks to be run for all internal requests
* with distinct URIs, this is the default behaviour unless all access
* control hooks and authentication and authorization providers are
@@ -337,6 +337,21 @@ void ap_process_async_request(request_rec *r);
*/
AP_DECLARE(void) ap_die(int type, request_rec *r);
+/**
+ * Check whether a connection is still established and has data available,
+ * optionnaly consuming blank lines ([CR]LF).
+ * @param c The current connection
+ * @param bb The brigade to filter
+ * @param max_blank_lines Max number of blank lines to consume, or zero
+ * to consider them as data (single read).
+ * @return APR_SUCCESS: connection established with data available,
+ * APR_EAGAIN: connection established and empty,
+ * APR_NOTFOUND: too much blank lines,
+ * APR_E*: connection/general error.
+ */
+AP_DECLARE(apr_status_t) ap_check_pipeline(conn_rec *c, apr_bucket_brigade *bb,
+ unsigned int max_blank_lines);
+
/* Hooks */
/**
diff --git a/include/httpd.h b/include/httpd.h
index 5035a61..61ab2e6 100644
--- a/include/httpd.h
+++ b/include/httpd.h
@@ -309,7 +309,7 @@ extern "C" {
/**
* APR_HAS_LARGE_FILES introduces the problem of spliting sendfile into
- * mutiple buckets, no greater than MAX(apr_size_t), and more granular
+ * multiple buckets, no greater than MAX(apr_size_t), and more granular
* than that in case the brigade code/filters attempt to read it directly.
* ### 16mb is an invention, no idea if it is reasonable.
*/
@@ -354,7 +354,7 @@ extern "C" {
* use by modules. The difference between #AP_DECLARE and
* #AP_DECLARE_NONSTD is that the latter is required for any functions
* which use varargs or are used via indirect function call. This
- * is to accomodate the two calling conventions in windows dlls.
+ * is to accommodate the two calling conventions in windows dlls.
*/
# define AP_DECLARE_NONSTD(type) type
#endif
@@ -1585,6 +1585,28 @@ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, const char *t
*/
AP_DECLARE(int) ap_find_etag_strong(apr_pool_t *p, const char *line, const char *tok);
+/* Scan a string for field content chars, as defined by RFC7230 section 3.2
+ * including VCHAR/obs-text, as well as HT and SP
+ * @param ptr The string to scan
+ * @return A pointer to the first (non-HT) ASCII ctrl character.
+ * @note lws and trailing whitespace are scanned, the caller is responsible
+ * for trimming leading and trailing whitespace
+ */
+AP_DECLARE(const char *) ap_scan_http_field_content(const char *ptr);
+
+/* Scan a string for token characters, as defined by RFC7230 section 3.2.6
+ * @param ptr The string to scan
+ * @return A pointer to the first non-token character.
+ */
+AP_DECLARE(const char *) ap_scan_http_token(const char *ptr);
+
+/* Scan a string for visible ASCII (0x21-0x7E) or obstext (0x80+)
+ * and return a pointer to the first SP/CTL/NUL character encountered.
+ * @param ptr The string to scan
+ * @return A pointer to the first SP/CTL character.
+ */
+AP_DECLARE(const char *) ap_scan_vchar_obstext(const char *ptr);
+
/**
* Retrieve an array of tokens in the format "1#token" defined in RFC2616. Only
* accepts ',' as a delimiter, does not accept quoted strings, and errors on
diff --git a/include/scoreboard.h b/include/scoreboard.h
index d712bd4..1378128 100644
--- a/include/scoreboard.h
+++ b/include/scoreboard.h
@@ -26,7 +26,7 @@
extern "C" {
#endif
-#ifdef HAVE_SYS_TIMES_H
+#if APR_HAVE_SYS_TIME_H
#include <sys/time.h>
#include <sys/times.h>
#endif
diff --git a/include/util_ldap.h b/include/util_ldap.h
index aa79fc3..f7cd736 100644
--- a/include/util_ldap.h
+++ b/include/util_ldap.h
@@ -254,7 +254,7 @@ APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t *,uldap_connection_find,(request_
* @param dn The first DN to compare.
* @param reqdn The DN to compare the first DN to.
* @param compare_dn_on_server Flag to determine whether the DNs should be checked using
- * LDAP calls or with a direct string comparision. A direct
+ * LDAP calls or with a direct string comparison. A direct
* string comparison is faster, but not as accurate - false
* negative comparisons are possible.
* @tip Two DNs can be equal and still fail a string comparison. Eg "dc=example,dc=com"
diff --git a/modules/NWGNUmakefile b/modules/NWGNUmakefile
index 337d6f6..ac8ee3e 100644
--- a/modules/NWGNUmakefile
+++ b/modules/NWGNUmakefile
@@ -22,7 +22,7 @@ endif
endif
endif
-# If USE_STDSOCKETS is defined we allways build mod_ssl
+# If USE_STDSOCKETS is defined we always build mod_ssl
ifdef USE_STDSOCKETS
WITH_SSL = 1
endif
diff --git a/modules/aaa/mod_allowmethods.c b/modules/aaa/mod_allowmethods.c
index bcde099..dd41196 100644
--- a/modules/aaa/mod_allowmethods.c
+++ b/modules/aaa/mod_allowmethods.c
@@ -26,7 +26,7 @@
* This module makes it easy to restrict what HTTP methods can be ran against
* a server.
*
- * It provides one comand:
+ * It provides one command:
* AllowMethods
* This command takes a list of HTTP methods to allow.
*
diff --git a/modules/aaa/mod_auth_basic.c b/modules/aaa/mod_auth_basic.c
index 1d72ff6..62d7f0c 100644
--- a/modules/aaa/mod_auth_basic.c
+++ b/modules/aaa/mod_auth_basic.c
@@ -381,7 +381,7 @@ static int authenticate_basic_user(request_rec *r)
apr_table_unset(r->notes, AUTHN_PROVIDER_NAME_NOTE);
- /* Something occured. Stop checking. */
+ /* Something occurred. Stop checking. */
if (auth_result != AUTH_USER_NOT_FOUND) {
break;
}
diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index dcf1e15..6a50ba7 100644
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -261,6 +261,26 @@ static void log_error_and_cleanup(char *msg, apr_status_t sts, server_rec *s)
cleanup_tables(NULL);
}
+/* RMM helper functions that behave like single-step malloc/free. */
+
+static void *rmm_malloc(apr_rmm_t *rmm, apr_size_t size)
+{
+ apr_rmm_off_t offset = apr_rmm_malloc(rmm, size);
+
+ if (!offset) {
+ return NULL;
+ }
+
+ return apr_rmm_addr_get(rmm, offset);
+}
+
+static apr_status_t rmm_free(apr_rmm_t *rmm, void *alloc)
+{
+ apr_rmm_off_t offset = apr_rmm_offset_get(rmm, alloc);
+
+ return apr_rmm_free(rmm, offset);
+}
+
#if APR_HAS_SHARED_MEMORY
static int initialize_tables(server_rec *s, apr_pool_t *ctx)
@@ -299,8 +319,8 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
return !OK;
}
- client_list = apr_rmm_addr_get(client_rmm, apr_rmm_malloc(client_rmm, sizeof(*client_list) +
- sizeof(client_entry*)*num_buckets));
+ client_list = rmm_malloc(client_rmm, sizeof(*client_list) +
+ sizeof(client_entry *) * num_buckets);
if (!client_list) {
log_error_and_cleanup("failed to allocate shared memory", -1, s);
return !OK;
@@ -322,7 +342,7 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
/* setup opaque */
- opaque_cntr = apr_rmm_addr_get(client_rmm, apr_rmm_malloc(client_rmm, sizeof(*opaque_cntr)));
+ opaque_cntr = rmm_malloc(client_rmm, sizeof(*opaque_cntr));
if (opaque_cntr == NULL) {
log_error_and_cleanup("failed to allocate shared memory", -1, s);
return !OK;
@@ -339,7 +359,7 @@ static int initialize_tables(server_rec *s, apr_pool_t *ctx)
/* setup one-time-nonce counter */
- otn_counter = apr_rmm_addr_get(client_rmm, apr_rmm_malloc(client_rmm, sizeof(*otn_counter)));
+ otn_counter = rmm_malloc(client_rmm, sizeof(*otn_counter));
if (otn_counter == NULL) {
log_error_and_cleanup("failed to allocate shared memory", -1, s);
return !OK;
@@ -779,7 +799,7 @@ static client_entry *get_client(unsigned long key, const request_rec *r)
* last entry in each bucket and updates the counters. Returns the
* number of removed entries.
*/
-static long gc(void)
+static long gc(server_rec *s)
{
client_entry *entry, *prev;
unsigned long num_removed = 0, idx;
@@ -789,6 +809,12 @@ static long gc(void)
for (idx = 0; idx < client_list->tbl_len; idx++) {
entry = client_list->table[idx];
prev = NULL;
+
+ if (!entry) {
+ /* This bucket is empty. */
+ continue;
+ }
+
while (entry->next) { /* find last entry */
prev = entry;
entry = entry->next;
@@ -800,8 +826,16 @@ static long gc(void)
client_list->table[idx] = NULL;
}
if (entry) { /* remove entry */
- apr_rmm_free(client_rmm, apr_rmm_offset_get(client_rmm, entry));
+ apr_status_t err;
+
+ err = rmm_free(client_rmm, entry);
num_removed++;
+
+ if (err) {
+ /* Nothing we can really do but log... */
+ ap_log_error(APLOG_MARK, APLOG_ERR, err, s, APLOGNO()
+ "Failed to free auth_digest client allocation");
+ }
}
}
@@ -835,16 +869,16 @@ static client_entry *add_client(unsigned long key, client_entry *info,
/* try to allocate a new entry */
- entry = apr_rmm_addr_get(client_rmm, apr_rmm_malloc(client_rmm, sizeof(client_entry)));
+ entry = rmm_malloc(client_rmm, sizeof(client_entry));
if (!entry) {
- long num_removed = gc();
+ long num_removed = gc(s);
ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, APLOGNO(01766)
"gc'd %ld client entries. Total new clients: "
"%ld; Total removed clients: %ld; Total renewed clients: "
"%ld", num_removed,
client_list->num_created - client_list->num_renewed,
client_list->num_removed, client_list->num_renewed);
- entry = apr_rmm_addr_get(client_rmm, apr_rmm_malloc(client_rmm, sizeof(client_entry)));
+ entry = rmm_malloc(client_rmm, sizeof(client_entry));
if (!entry) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01767)
"unable to allocate new auth_digest client");
@@ -1404,7 +1438,7 @@ static authn_status get_hash(request_rec *r, const char *user,
apr_table_unset(r->notes, AUTHN_PROVIDER_NAME_NOTE);
- /* Something occured. Stop checking. */
+ /* Something occurred. Stop checking. */
if (auth_result != AUTH_USER_NOT_FOUND) {
break;
}
@@ -1746,7 +1780,7 @@ static int authenticate_digest_user(request_rec *r)
* works out ok, since we can hash the header and get the same
* result. however, the uri from the request line won't match
* the uri Authorization component since the header lacks the
- * query string, leaving us incompatable with a (broken) MSIE.
+ * query string, leaving us incompatible with a (broken) MSIE.
*
* the workaround is to fake a query string match if in the proper
* environment - BrowserMatch MSIE, for example. the cool thing
diff --git a/modules/aaa/mod_auth_form.c b/modules/aaa/mod_auth_form.c
index 2306ab1..5cf6fb0 100644
--- a/modules/aaa/mod_auth_form.c
+++ b/modules/aaa/mod_auth_form.c
@@ -798,7 +798,7 @@ static int check_authn(request_rec * r, const char *sent_user, const char *sent_
apr_table_unset(r->notes, AUTHN_PROVIDER_NAME_NOTE);
- /* Something occured. Stop checking. */
+ /* Something occurred. Stop checking. */
if (auth_result != AUTH_USER_NOT_FOUND) {
break;
}
diff --git a/modules/aaa/mod_authn_dbd.c b/modules/aaa/mod_authn_dbd.c
index b9bd373..57090d2 100644
--- a/modules/aaa/mod_authn_dbd.c
+++ b/modules/aaa/mod_authn_dbd.c
@@ -34,11 +34,6 @@ typedef struct {
const char *realm;
} authn_dbd_conf;
-typedef struct {
- const char *label;
- const char *query;
-} authn_dbd_rec;
-
/* optional function - look it up once in post_config */
static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
static void (*authn_dbd_prepare_fn)(server_rec*, const char*, const char*) = NULL;
diff --git a/modules/aaa/mod_authz_core.c b/modules/aaa/mod_authz_core.c
index b669c8c..c5e5969 100644
--- a/modules/aaa/mod_authz_core.c
+++ b/modules/aaa/mod_authz_core.c
@@ -976,7 +976,7 @@ static const char *all_parse_config(cmd_parms *cmd, const char *require_line,
/*
* If the argument to the 'all' provider is 'granted' then just let
* everybody in. This would be equivalent to the previous syntax of
- * 'allow from all'. If the argument is 'denied' we reject everbody,
+ * 'allow from all'. If the argument is 'denied' we reject everybody,
* which is equivalent to 'deny from all'.
*/
if (strcasecmp(require_line, "granted") == 0) {
diff --git a/modules/aaa/mod_authz_groupfile.c b/modules/aaa/mod_authz_groupfile.c
index e1df129..76957f7 100644
--- a/modules/aaa/mod_authz_groupfile.c
+++ b/modules/aaa/mod_authz_groupfile.c
@@ -18,7 +18,7 @@
*
* AuthGroupFile standard /path/to/file
*
- * and the presense of a
+ * and the presence of a
*
* require group <list-of-groups>
*
diff --git a/modules/arch/netware/mod_nw_ssl.c b/modules/arch/netware/mod_nw_ssl.c
index fc8af98..298554a 100644
--- a/modules/arch/netware/mod_nw_ssl.c
+++ b/modules/arch/netware/mod_nw_ssl.c
@@ -778,7 +778,7 @@ static int nwssl_post_config(apr_pool_t *pconf, apr_pool_t *plog,
for (sl = ap_seclisteners; sl != NULL; sl = sl->next) {
/* If we find a pre-existing listen socket and it has already been
- created, then no neeed to go any further, just reuse it. */
+ created, then no need to go any further, just reuse it. */
if (((sl->fd = find_secure_listener(sl)) >= 0) && (sl->used)) {
continue;
}
diff --git a/modules/arch/win32/mod_isapi.c b/modules/arch/win32/mod_isapi.c
index bd7cae7..2e51d51 100644
--- a/modules/arch/win32/mod_isapi.c
+++ b/modules/arch/win32/mod_isapi.c
@@ -27,7 +27,7 @@
* It is a complete implementation of the ISAPI 2.0 specification,
* except for "Microsoft extensions" to the API which provide
* asynchronous I/O. It is further extended to include additional
- * "Microsoft extentions" through IIS 5.0, with some deficiencies
+ * "Microsoft extensions" through IIS 5.0, with some deficiencies
* where one-to-one mappings don't exist.
*
* Refer to /manual/mod/mod_isapi.html for additional details on
@@ -152,7 +152,7 @@ static const char *isapi_cmd_cachefile(cmd_parms *cmd, void *dummy,
return NULL;
}
- /* Load the extention as cached (with null request_rec) */
+ /* Load the extension as cached (with null request_rec) */
rv = isapi_lookup(cmd->pool, cmd->server, NULL, fspec, &isa);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_WARNING, rv, cmd->server, APLOGNO(02106)
@@ -753,7 +753,7 @@ static apr_ssize_t send_response_header(isapi_cid *cid,
/* Well... either there is no dwHttpStatusCode or it's HTTP_OK.
* In any case, we don't have a good status to return yet...
* Perhaps the one we came in with will be better. Let's use it,
- * if we were given one (note this is a pendantic case, it would
+ * if we were given one (note this is a pedantic case, it would
* normally be covered above unless the scan script code unset
* the r->status). Should there be a check here as to whether
* we are setting a valid response code?
diff --git a/modules/arch/win32/mod_isapi.h b/modules/arch/win32/mod_isapi.h
index 88f5017..6afa27b 100644
--- a/modules/arch/win32/mod_isapi.h
+++ b/modules/arch/win32/mod_isapi.h
@@ -136,7 +136,7 @@ typedef struct HSE_SEND_HEADER_EX_INFO {
#define HSE_IO_NODELAY 4096
/* The Completion function prototype. This callback may be fixed with
- * the HSE_REQ_IO_COMPLETION ServerSupportFunction call, or overriden
+ * the HSE_REQ_IO_COMPLETION ServerSupportFunction call, or overridden
* for the HSE_REQ_TRANSMIT_FILE call.
*/
typedef void (APR_THREAD_FUNC *PFN_HSE_IO_COMPLETION)
diff --git a/modules/cache/NWGNUsocachmem b/modules/cache/NWGNUsocachmem
index d8d10d8..cfbf815 100644
--- a/modules/cache/NWGNUsocachmem
+++ b/modules/cache/NWGNUsocachmem
@@ -26,6 +26,7 @@ XINCDIRS += \
$(APR)/include \
$(APRUTIL)/include \
$(AP_WORK)/include \
+ $(STDMOD)/generators \
$(AP_WORK)/server/mpm/netware \
$(NWOS) \
$(EOLIST)
diff --git a/modules/cache/cache_storage.c b/modules/cache/cache_storage.c
index 59d12ac..1a75cc1 100644
--- a/modules/cache/cache_storage.c
+++ b/modules/cache/cache_storage.c
@@ -115,7 +115,7 @@ int cache_create_entity(cache_request_rec *cache, request_rec *r,
static int filter_header_do(void *v, const char *key, const char *val)
{
- if ((*key == 'W' || *key == 'w') && !strcasecmp(key, "Warning")
+ if ((*key == 'W' || *key == 'w') && !ap_cstr_casecmp(key, "Warning")
&& *val == '1') {
/* any stored Warning headers with warn-code 1xx (see section
* 14.46) MUST be deleted from the cache entry and the forwarded
@@ -129,7 +129,7 @@ static int filter_header_do(void *v, const char *key, const char *val)
}
static int remove_header_do(void *v, const char *key, const char *val)
{
- if ((*key == 'W' || *key == 'w') && !strcasecmp(key, "Warning")) {
+ if ((*key == 'W' || *key == 'w') && !ap_cstr_casecmp(key, "Warning")) {
/* any stored Warning headers with warn-code 2xx MUST be retained
* in the cache entry and the forwarded response.
*/
@@ -427,7 +427,9 @@ int cache_select(cache_request_rec *cache, request_rec *r)
}
static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
- const char *uri, apr_uri_t *parsed_uri, const char **key)
+ const char *uri, const char *query,
+ apr_uri_t *parsed_uri,
+ const char **key)
{
cache_server_conf *conf;
char *port_str, *hn, *lcs;
@@ -563,7 +565,7 @@ static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
* if needed.
*/
path = uri;
- querystring = parsed_uri->query;
+ querystring = apr_pstrdup(p, query ? query : parsed_uri->query);
if (conf->ignore_session_id->nelts) {
int i;
char **identifier;
@@ -588,7 +590,7 @@ static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
/*
* Check if the identifier is in the querystring and cut it out.
*/
- if (querystring) {
+ if (querystring && *querystring) {
/*
* First check if the identifier is at the beginning of the
* querystring and followed by a '='
@@ -605,7 +607,7 @@ static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
* identifier with a '&' and append a '='
*/
complete = apr_pstrcat(p, "&", *identifier, "=", NULL);
- param = strstr(querystring, complete);
+ param = ap_strstr_c(querystring, complete);
/* If we found something we are sitting on the '&' */
if (param) {
param++;
@@ -669,7 +671,11 @@ static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
apr_status_t cache_generate_key_default(request_rec *r, apr_pool_t* p,
const char **key)
{
- return cache_canonicalise_key(r, p, r->uri, &r->parsed_uri, key);
+ /* We want the actual query-string, which may differ from
+ * r->parsed_uri.query (immutable), so use "" (not NULL).
+ */
+ const char *args = r->args ? r->args : "";
+ return cache_canonicalise_key(r, p, r->uri, args, &r->parsed_uri, key);
}
/*
@@ -709,12 +715,13 @@ int cache_invalidate(cache_request_rec *cache, request_rec *r)
location = apr_table_get(r->headers_out, "Location");
if (location) {
- if (APR_SUCCESS != apr_uri_parse(r->pool, location, &location_uri)
- || APR_SUCCESS
- != cache_canonicalise_key(r, r->pool, location,
- &location_uri, &location_key)
- || !(r->parsed_uri.hostname && location_uri.hostname
- && !strcmp(r->parsed_uri.hostname,
+ if (apr_uri_parse(r->pool, location, &location_uri)
+ || cache_canonicalise_key(r, r->pool,
+ location, NULL,
+ &location_uri, &location_key)
+ || !(r->parsed_uri.hostname
+ && location_uri.hostname
+ && !strcmp(r->parsed_uri.hostname,
location_uri.hostname))) {
location_key = NULL;
}
@@ -722,14 +729,15 @@ int cache_invalidate(cache_request_rec *cache, request_rec *r)
content_location = apr_table_get(r->headers_out, "Content-Location");
if (content_location) {
- if (APR_SUCCESS
- != apr_uri_parse(r->pool, content_location,
- &content_location_uri)
- || APR_SUCCESS
- != cache_canonicalise_key(r, r->pool, content_location,
- &content_location_uri, &content_location_key)
- || !(r->parsed_uri.hostname && content_location_uri.hostname
- && !strcmp(r->parsed_uri.hostname,
+ if (apr_uri_parse(r->pool, content_location,
+ &content_location_uri)
+ || cache_canonicalise_key(r, r->pool,
+ content_location, NULL,
+ &content_location_uri,
+ &content_location_key)
+ || !(r->parsed_uri.hostname
+ && content_location_uri.hostname
+ && !strcmp(r->parsed_uri.hostname,
content_location_uri.hostname))) {
content_location_key = NULL;
}
diff --git a/modules/cache/cache_util.c b/modules/cache/cache_util.c
index 1d65d3f..0960583 100644
--- a/modules/cache/cache_util.c
+++ b/modules/cache/cache_util.c
@@ -31,8 +31,9 @@ extern module AP_MODULE_DECLARE_DATA cache_module;
* in "filter". All but the path comparisons are case-insensitive.
*/
static int uri_meets_conditions(const apr_uri_t *filter, const int pathlen,
- const apr_uri_t *url)
+ request_rec *r)
{
+ const apr_uri_t *url = &r->parsed_uri;
/* Scheme, hostname port and local part. The filter URI and the
* URI we test may have the following shapes:
@@ -55,7 +56,7 @@ static int uri_meets_conditions(const apr_uri_t *filter, const int pathlen,
}
else {
/* The URI scheme must be present and identical except for case. */
- if (!url->scheme || strcasecmp(filter->scheme, url->scheme)) {
+ if (!url->scheme || ap_cstr_casecmp(filter->scheme, url->scheme)) {
return 0;
}
@@ -113,7 +114,7 @@ static int uri_meets_conditions(const apr_uri_t *filter, const int pathlen,
/* For HTTP caching purposes, an empty (NULL) path is equivalent to
* a single "/" path. RFCs 3986/2396
*/
- if (!url->path) {
+ if (!r->uri) {
if (*filter->path == '/' && pathlen == 1) {
return 1;
}
@@ -125,7 +126,7 @@ static int uri_meets_conditions(const apr_uri_t *filter, const int pathlen,
/* Url has met all of the filter conditions so far, determine
* if the paths match.
*/
- return !strncmp(filter->path, url->path, pathlen);
+ return !strncmp(filter->path, r->uri, pathlen);
}
static cache_provider_list *get_provider(request_rec *r, struct cache_enable *ent,
@@ -167,8 +168,7 @@ static cache_provider_list *get_provider(request_rec *r, struct cache_enable *en
}
cache_provider_list *cache_get_providers(request_rec *r,
- cache_server_conf *conf,
- apr_uri_t uri)
+ cache_server_conf *conf)
{
cache_dir_conf *dconf = ap_get_module_config(r->per_dir_config, &cache_module);
cache_provider_list *providers = NULL;
@@ -183,7 +183,7 @@ cache_provider_list *cache_get_providers(request_rec *r,
for (i = 0; i < conf->cachedisable->nelts; i++) {
struct cache_disable *ent =
(struct cache_disable *)conf->cachedisable->elts;
- if (uri_meets_conditions(&ent[i].url, ent[i].pathlen, &uri)) {
+ if (uri_meets_conditions(&ent[i].url, ent[i].pathlen, r)) {
/* Stop searching now. */
return NULL;
}
@@ -200,7 +200,7 @@ cache_provider_list *cache_get_providers(request_rec *r,
for (i = 0; i < conf->cacheenable->nelts; i++) {
struct cache_enable *ent =
(struct cache_enable *)conf->cacheenable->elts;
- if (uri_meets_conditions(&ent[i].url, ent[i].pathlen, &uri)) {
+ if (uri_meets_conditions(&ent[i].url, ent[i].pathlen, r)) {
providers = get_provider(r, &ent[i], providers);
}
}
@@ -284,7 +284,25 @@ apr_status_t cache_try_lock(cache_server_conf *conf, cache_request_rec *cache,
/* create the key if it doesn't exist */
if (!cache->key) {
- cache_generate_key(r, r->pool, &cache->key);
+ cache_handle_t *h;
+ /*
+ * Try to use the key of a possible open but stale cache
+ * entry if we have one.
+ */
+ if (cache->handle != NULL) {
+ h = cache->handle;
+ }
+ else {
+ h = cache->stale_handle;
+ }
+ if ((h != NULL) &&
+ (h->cache_obj != NULL) &&
+ (h->cache_obj->key != NULL)) {
+ cache->key = apr_pstrdup(r->pool, h->cache_obj->key);
+ }
+ else {
+ cache_generate_key(r, r->pool, &cache->key);
+ }
}
/* create a hashed filename from the key, and save it for later */
@@ -315,7 +333,7 @@ apr_status_t cache_try_lock(cache_server_conf *conf, cache_request_rec *cache,
status = apr_stat(&finfo, lockname,
APR_FINFO_MTIME | APR_FINFO_NLINK, r->pool);
if (!(APR_STATUS_IS_ENOENT(status)) && APR_SUCCESS != status) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_EEXIST, r, APLOGNO(00779)
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(00779)
"Could not stat a cache lock file: %s",
lockname);
return status;
@@ -981,12 +999,7 @@ int ap_cache_control(request_rec *r, cache_control_t *cc,
char *header = apr_pstrdup(r->pool, pragma_header);
const char *token = cache_strqtok(header, CACHE_SEPARATOR, &last);
while (token) {
- /* handle most common quickest case... */
- if (!strcmp(token, "no-cache")) {
- cc->no_cache = 1;
- }
- /* ...then try slowest case */
- else if (!strcasecmp(token, "no-cache")) {
+ if (!ap_cstr_casecmp(token, "no-cache")) {
cc->no_cache = 1;
}
token = cache_strqtok(NULL, CACHE_SEPARATOR, &last);
@@ -1003,52 +1016,36 @@ int ap_cache_control(request_rec *r, cache_control_t *cc,
switch (token[0]) {
case 'n':
case 'N': {
- /* handle most common quickest cases... */
- if (!strcmp(token, "no-cache")) {
- cc->no_cache = 1;
- }
- else if (!strcmp(token, "no-store")) {
- cc->no_store = 1;
- }
- /* ...then try slowest cases */
- else if (!strncasecmp(token, "no-cache", 8)) {
+ if (!ap_cstr_casecmpn(token, "no-cache", 8)) {
if (token[8] == '=') {
cc->no_cache_header = 1;
}
else if (!token[8]) {
cc->no_cache = 1;
}
- break;
}
- else if (!strcasecmp(token, "no-store")) {
+ else if (!ap_cstr_casecmp(token, "no-store")) {
cc->no_store = 1;
}
- else if (!strcasecmp(token, "no-transform")) {
+ else if (!ap_cstr_casecmp(token, "no-transform")) {
cc->no_transform = 1;
}
break;
}
case 'm':
case 'M': {
- /* handle most common quickest cases... */
- if (!strcmp(token, "max-age=0")) {
- cc->max_age = 1;
- cc->max_age_value = 0;
- }
- else if (!strcmp(token, "must-revalidate")) {
- cc->must_revalidate = 1;
- }
- /* ...then try slowest cases */
- else if (!strncasecmp(token, "max-age", 7)) {
+ if (!ap_cstr_casecmpn(token, "max-age", 7)) {
if (token[7] == '='
&& !apr_strtoff(&offt, token + 8, &endp, 10)
&& endp > token + 8 && !*endp) {
cc->max_age = 1;
cc->max_age_value = offt;
}
- break;
}
- else if (!strncasecmp(token, "max-stale", 9)) {
+ else if (!ap_cstr_casecmp(token, "must-revalidate")) {
+ cc->must_revalidate = 1;
+ }
+ else if (!ap_cstr_casecmpn(token, "max-stale", 9)) {
if (token[9] == '='
&& !apr_strtoff(&offt, token + 10, &endp, 10)
&& endp > token + 10 && !*endp) {
@@ -1059,63 +1056,51 @@ int ap_cache_control(request_rec *r, cache_control_t *cc,
cc->max_stale = 1;
cc->max_stale_value = -1;
}
- break;
}
- else if (!strncasecmp(token, "min-fresh", 9)) {
+ else if (!ap_cstr_casecmpn(token, "min-fresh", 9)) {
if (token[9] == '='
&& !apr_strtoff(&offt, token + 10, &endp, 10)
&& endp > token + 10 && !*endp) {
cc->min_fresh = 1;
cc->min_fresh_value = offt;
}
- break;
- }
- else if (!strcasecmp(token, "must-revalidate")) {
- cc->must_revalidate = 1;
}
break;
}
case 'o':
case 'O': {
- if (!strcasecmp(token, "only-if-cached")) {
+ if (!ap_cstr_casecmp(token, "only-if-cached")) {
cc->only_if_cached = 1;
}
break;
}
case 'p':
case 'P': {
- /* handle most common quickest cases... */
- if (!strcmp(token, "private")) {
- cc->private = 1;
- }
- /* ...then try slowest cases */
- else if (!strcasecmp(token, "public")) {
+ if (!ap_cstr_casecmp(token, "public")) {
cc->public = 1;
}
- else if (!strncasecmp(token, "private", 7)) {
+ else if (!ap_cstr_casecmpn(token, "private", 7)) {
if (token[7] == '=') {
cc->private_header = 1;
}
else if (!token[7]) {
cc->private = 1;
}
- break;
}
- else if (!strcasecmp(token, "proxy-revalidate")) {
+ else if (!ap_cstr_casecmp(token, "proxy-revalidate")) {
cc->proxy_revalidate = 1;
}
break;
}
case 's':
case 'S': {
- if (!strncasecmp(token, "s-maxage", 8)) {
+ if (!ap_cstr_casecmpn(token, "s-maxage", 8)) {
if (token[8] == '='
&& !apr_strtoff(&offt, token + 9, &endp, 10)
&& endp > token + 9 && !*endp) {
cc->s_maxage = 1;
cc->s_maxage_value = offt;
}
- break;
}
break;
}
@@ -1145,8 +1130,7 @@ static int cache_control_remove(request_rec *r, const char *cc_header,
switch (token[0]) {
case 'n':
case 'N': {
- if (!strncmp(token, "no-cache", 8)
- || !strncasecmp(token, "no-cache", 8)) {
+ if (!ap_cstr_casecmpn(token, "no-cache", 8)) {
if (token[8] == '=') {
const char *header = cache_strqtok(token + 9,
CACHE_SEPARATOR "\"", &slast);
@@ -1163,8 +1147,7 @@ static int cache_control_remove(request_rec *r, const char *cc_header,
}
case 'p':
case 'P': {
- if (!strncmp(token, "private", 7)
- || !strncasecmp(token, "private", 7)) {
+ if (!ap_cstr_casecmpn(token, "private", 7)) {
if (token[7] == '=') {
const char *header = cache_strqtok(token + 8,
CACHE_SEPARATOR "\"", &slast);
diff --git a/modules/cache/cache_util.h b/modules/cache/cache_util.h
index 397efb9..6b0174c 100644
--- a/modules/cache/cache_util.h
+++ b/modules/cache/cache_util.h
@@ -300,7 +300,7 @@ apr_status_t cache_remove_lock(cache_server_conf *conf,
cache_request_rec *cache, request_rec *r, apr_bucket_brigade *bb);
cache_provider_list *cache_get_providers(request_rec *r,
- cache_server_conf *conf, apr_uri_t uri);
+ cache_server_conf *conf);
/**
* Get a value from a table, where the table may contain multiple
diff --git a/modules/cache/mod_cache.c b/modules/cache/mod_cache.c
index 091d527..b857e2e 100644
--- a/modules/cache/mod_cache.c
+++ b/modules/cache/mod_cache.c
@@ -103,7 +103,7 @@ static int cache_quick_handler(request_rec *r, int lookup)
/*
* Which cache module (if any) should handle this request?
*/
- if (!(providers = cache_get_providers(r, conf, r->parsed_uri))) {
+ if (!(providers = cache_get_providers(r, conf))) {
return DECLINED;
}
@@ -413,7 +413,7 @@ static int cache_handler(request_rec *r)
/*
* Which cache module (if any) should handle this request?
*/
- if (!(providers = cache_get_providers(r, conf, r->parsed_uri))) {
+ if (!(providers = cache_get_providers(r, conf))) {
return DECLINED;
}
@@ -973,12 +973,20 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
/* Have we received a 304 response without any headers at all? Fall back to
* the original headers in the original cached request.
*/
- if (r->status == HTTP_NOT_MODIFIED && cache->stale_handle && !cc_out
- && !pragma) {
- cc_out = cache_table_getm(r->pool, cache->stale_handle->resp_hdrs,
- "Cache-Control");
- pragma = cache_table_getm(r->pool, cache->stale_handle->resp_hdrs,
- "Pragma");
+ if (r->status == HTTP_NOT_MODIFIED && cache->stale_handle) {
+ if (!cc_out && !pragma) {
+ cc_out = cache_table_getm(r->pool, cache->stale_handle->resp_hdrs,
+ "Cache-Control");
+ pragma = cache_table_getm(r->pool, cache->stale_handle->resp_hdrs,
+ "Pragma");
+ }
+
+ /* 304 does not contain Content-Type and mod_mime regenerates the
+ * Content-Type based on the r->filename. This would lead to original
+ * Content-Type to be lost (overwriten by whatever mod_mime generates).
+ * We preserves the original Content-Type here. */
+ ap_set_content_type(r, apr_table_get(
+ cache->stale_handle->resp_hdrs, "Content-Type"));
}
/* Parse the cache control header */
@@ -1017,6 +1025,8 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
* include the following: an Expires header (section 14.21); a
* "max-age", "s-maxage", "must-revalidate", "proxy-revalidate",
* "public" or "private" cache-control directive (section 14.9).
+ *
+ * FIXME: Wrong if cc_out has just an extension we don't know about
*/
}
else {
@@ -1031,9 +1041,12 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
/* if a broken Expires header is present, don't cache it */
reason = apr_pstrcat(p, "Broken expires header: ", exps, NULL);
}
- else if (!dconf->store_expired && exp != APR_DATE_BAD
+ else if (!control.s_maxage && !control.max_age
+ && !dconf->store_expired && exp != APR_DATE_BAD
&& exp < r->request_time) {
- /* if a Expires header is in the past, don't cache it */
+ /* if a Expires header is in the past, don't cache it
+ * Unless CC: s-maxage or max-age is present
+ */
reason = "Expires header already expired; not cacheable";
}
else if (!dconf->store_expired && (control.must_revalidate
@@ -1177,8 +1190,8 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(02473)
"cache: %s responded with an uncacheable 304, "
- "retrying the request. Reason: %s",
- r->unparsed_uri, reason);
+ "retrying the request %s. Reason: %s",
+ cache->key, r->unparsed_uri, reason);
/* we've got a cache conditional miss! tell anyone who cares */
cache_run_cache_status(cache->handle, r, r->headers_out, AP_CACHE_MISS,
@@ -1212,8 +1225,8 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
if (reason) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00768)
- "cache: %s not cached. Reason: %s", r->unparsed_uri,
- reason);
+ "cache: %s not cached for request %s. Reason: %s",
+ cache->key, r->unparsed_uri, reason);
/* we've got a cache miss! tell anyone who cares */
cache_run_cache_status(cache->handle, r, r->headers_out, AP_CACHE_MISS,
@@ -1277,7 +1290,7 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
/* It's safe to cache the response.
*
- * There are two possiblities at this point:
+ * There are two possibilities at this point:
* - cache->handle == NULL. In this case there is no previously
* cached entity anywhere on the system. We must create a brand
* new entity and store the response in it.
@@ -1331,7 +1344,8 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
}
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00769)
- "cache: Caching url: %s", r->unparsed_uri);
+ "cache: Caching url %s for request %s",
+ cache->key, r->unparsed_uri);
/* We are actually caching this response. So it does not
* make sense to remove this entity any more.
@@ -1387,7 +1401,26 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
"replacing with now");
}
+
+ /* CC has priority over Expires. */
+ if (control.s_maxage || control.max_age) {
+ apr_int64_t x;
+
+ x = control.s_maxage ? control.s_maxage_value : control.max_age_value;
+ x = x * MSEC_ONE_SEC;
+
+ if (x < dconf->minex) {
+ x = dconf->minex;
+ }
+ if (x > dconf->maxex) {
+ x = dconf->maxex;
+ }
+ exp = date + x;
+ }
+
/* if no expiry date then
+ * if Cache-Control: s-maxage
+ * expiry date = date + smaxage
* if Cache-Control: max-age
* expiry date = date + max-age
* else if lastmod
@@ -1395,28 +1428,9 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
* else
* expire date = date + defaultexpire
*/
- if (exp == APR_DATE_BAD) {
-
- if (control.max_age) {
- apr_int64_t x;
- errno = 0;
- x = control.max_age_value;
- if (errno) {
- x = dconf->defex;
- }
- else {
- x = x * MSEC_ONE_SEC;
- }
- if (x < dconf->minex) {
- x = dconf->minex;
- }
- if (x > dconf->maxex) {
- x = dconf->maxex;
- }
- exp = date + x;
- }
- else if ((lastmod != APR_DATE_BAD) && (lastmod < date)) {
+ if (exp == APR_DATE_BAD) {
+ if ((lastmod != APR_DATE_BAD) && (lastmod < date)) {
/* if lastmod == date then you get 0*conf->factor which results in
* an expiration time of now. This causes some problems with
* freshness calculations, so we choose the else path...
@@ -1558,6 +1572,9 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in)
/* let someone else attempt to cache */
cache_remove_lock(conf, cache, r, NULL);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, APLOGNO(02971)
+ "cache: serving %s (revalidated)", r->uri);
+
return ap_pass_brigade(f->next, bb);
}
diff --git a/modules/cache/mod_cache_disk.c b/modules/cache/mod_cache_disk.c
index 14dee81..52d5dba 100644
--- a/modules/cache/mod_cache_disk.c
+++ b/modules/cache/mod_cache_disk.c
@@ -786,7 +786,7 @@ static apr_status_t read_table(cache_handle_t *handle, request_rec *r,
/* ### What about APR_EOF? */
rv = apr_file_gets(w, MAX_STRING_LEN - 1, file);
if (rv != APR_SUCCESS) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00717)
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00717)
"Premature end of cache headers.");
return rv;
}
@@ -865,6 +865,7 @@ static apr_status_t read_table(cache_handle_t *handle, request_rec *r,
static apr_status_t recall_headers(cache_handle_t *h, request_rec *r)
{
disk_cache_object_t *dobj = (disk_cache_object_t *) h->cache_obj->vobj;
+ apr_status_t rv;
/* This case should not happen... */
if (!dobj->hdrs.fd) {
@@ -877,8 +878,18 @@ static apr_status_t recall_headers(cache_handle_t *h, request_rec *r)
h->resp_hdrs = apr_table_make(r->pool, 20);
/* Call routine to read the header lines/status line */
- read_table(h, r, h->resp_hdrs, dobj->hdrs.fd);
- read_table(h, r, h->req_hdrs, dobj->hdrs.fd);
+ rv = read_table(h, r, h->resp_hdrs, dobj->hdrs.fd);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02987)
+ "Error reading response headers from %s for %s",
+ dobj->hdrs.file, dobj->name);
+ }
+ rv = read_table(h, r, h->req_hdrs, dobj->hdrs.fd);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02988)
+ "Error reading request headers from %s for %s",
+ dobj->hdrs.file, dobj->name);
+ }
apr_file_close(dobj->hdrs.fd);
diff --git a/modules/cache/mod_file_cache.c b/modules/cache/mod_file_cache.c
index 97de196..4199361 100644
--- a/modules/cache/mod_file_cache.c
+++ b/modules/cache/mod_file_cache.c
@@ -312,10 +312,10 @@ static int file_cache_handler(request_rec *r)
int errstatus;
int rc = OK;
- /* XXX: not sure if this is right yet
- * see comment in http_core.c:default_handler
+ /* Bail out if r->handler isn't the default value, and doesn't look like a Content-Type
+ * XXX: Even though we made the user explicitly list each path to cache?
*/
- if (ap_strcmp_match(r->handler, "*/*")) {
+ if (ap_strcmp_match(r->handler, "*/*") && !AP_IS_DEFAULT_HANDLER_NAME(r->handler)) {
return DECLINED;
}
diff --git a/modules/cache/mod_socache_memcache.c b/modules/cache/mod_socache_memcache.c
index e1fb235..e943b9b 100644
--- a/modules/cache/mod_socache_memcache.c
+++ b/modules/cache/mod_socache_memcache.c
@@ -17,6 +17,7 @@
#include "httpd.h"
#include "http_config.h"
+#include "http_protocol.h"
#include "apr.h"
#include "apu_version.h"
@@ -33,6 +34,8 @@
#include "ap_mpm.h"
#include "http_log.h"
#include "apr_memcache.h"
+#include "apr_strings.h"
+#include "mod_status.h"
/* The underlying apr_memcache system is thread safe.. */
#define MC_KEY_LEN 254
@@ -214,8 +217,14 @@ static apr_status_t socache_mc_store(ap_socache_instance_t *ctx, server_rec *s,
return APR_EINVAL;
}
- /* In APR-util - unclear what 'timeout' is, as it was not implemented */
- rv = apr_memcache_set(ctx->mc, buf, (char*)ucaData, nData, 0, 0);
+ /* memcache needs time in seconds till expiry; fail if this is not
+ * positive *before* casting to unsigned (apr_uint32_t). */
+ expiry -= apr_time_now();
+ if (apr_time_sec(expiry) <= 0) {
+ return APR_EINVAL;
+ }
+ rv = apr_memcache_set(ctx->mc, buf, (char*)ucaData, nData,
+ apr_time_sec(expiry), 0);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s, APLOGNO(00790)
@@ -287,7 +296,58 @@ static apr_status_t socache_mc_remove(ap_socache_instance_t *ctx, server_rec *s,
static void socache_mc_status(ap_socache_instance_t *ctx, request_rec *r, int flags)
{
- /* TODO: Make a mod_status handler. meh. */
+ apr_memcache_t *rc = ctx->mc;
+ int i;
+
+ for (i = 0; i < rc->ntotal; i++) {
+ apr_memcache_server_t *ms;
+ apr_memcache_stats_t *stats;
+ apr_status_t rv;
+ char *br = (!(flags & AP_STATUS_SHORT) ? "<br />" : "");
+
+ ms = rc->live_servers[i];
+
+ ap_rprintf(r, "Memcached server: %s:%d [%s]%s\n", ms->host, (int)ms->port,
+ (ms->status == APR_MC_SERVER_LIVE) ? "Up" : "Down",
+ br);
+ rv = apr_memcache_stats(ms, r->pool, &stats);
+ if (rv != APR_SUCCESS)
+ continue;
+ if (!(flags & AP_STATUS_SHORT)) {
+ ap_rprintf(r, "<b>Version:</b> <i>%s</i> [%u bits], PID: <i>%u</i>, Uptime: <i>%u hrs</i> <br />\n",
+ stats->version , stats->pointer_size, stats->pid, stats->uptime/3600);
+ ap_rprintf(r, "<b>Clients::</b> Structures: <i>%u</i>, Total: <i>%u</i>, Current: <i>%u</i> <br />\n",
+ stats->connection_structures, stats->total_connections, stats->curr_connections);
+ ap_rprintf(r, "<b>Storage::</b> Total Items: <i>%u</i>, Current Items: <i>%u</i>, Bytes: <i>%" APR_UINT64_T_FMT "</i> <br />\n",
+ stats->total_items, stats->curr_items, stats->bytes);
+ ap_rprintf(r, "<b>CPU::</b> System: <i>%u</i>, User: <i>%u</i> <br />\n",
+ (unsigned)stats->rusage_system, (unsigned)stats->rusage_user );
+ ap_rprintf(r, "<b>Cache::</b> Gets: <i>%u</i>, Sets: <i>%u</i>, Hits: <i>%u</i>, Misses: <i>%u</i> <br />\n",
+ stats->cmd_get, stats->cmd_set, stats->get_hits, stats->get_misses);
+ ap_rprintf(r, "<b>Net::</b> Input bytes: <i>%" APR_UINT64_T_FMT "</i>, Output bytes: <i>%" APR_UINT64_T_FMT "</i> <br />\n",
+ stats->bytes_read, stats->bytes_written);
+ ap_rprintf(r, "<b>Misc::</b> Evictions: <i>%" APR_UINT64_T_FMT "</i>, MaxMem: <i>%u</i>, Threads: <i>%u</i> <br />\n",
+ stats->evictions, stats->limit_maxbytes, stats->threads);
+ ap_rputs("<hr><br />\n", r);
+ }
+ else {
+ ap_rprintf(r, "Version: %s [%u bits], PID: %u, Uptime: %u hrs %s\n",
+ stats->version , stats->pointer_size, stats->pid, stats->uptime/3600, br);
+ ap_rprintf(r, "Clients:: Structures: %d, Total: %d, Current: %u %s\n",
+ stats->connection_structures, stats->total_connections, stats->curr_connections, br);
+ ap_rprintf(r, "Storage:: Total Items: %u, Current Items: %u, Bytes: %" APR_UINT64_T_FMT " %s\n",
+ stats->total_items, stats->curr_items, stats->bytes, br);
+ ap_rprintf(r, "CPU:: System: %u, User: %u %s\n",
+ (unsigned)stats->rusage_system, (unsigned)stats->rusage_user , br);
+ ap_rprintf(r, "Cache:: Gets: %u, Sets: %u, Hits: %u, Misses: %u %s\n",
+ stats->cmd_get, stats->cmd_set, stats->get_hits, stats->get_misses, br);
+ ap_rprintf(r, "Net:: Input bytes: %" APR_UINT64_T_FMT ", Output bytes: %" APR_UINT64_T_FMT " %s\n",
+ stats->bytes_read, stats->bytes_written, br);
+ ap_rprintf(r, "Misc:: Evictions: %" APR_UINT64_T_FMT ", MaxMem: %u, Threads: %u %s\n",
+ stats->evictions, stats->limit_maxbytes, stats->threads, br);
+ }
+ }
+
}
static apr_status_t socache_mc_iterate(ap_socache_instance_t *instance,
diff --git a/modules/cache/mod_socache_memcache.dsp b/modules/cache/mod_socache_memcache.dsp
index e4f81a3..d530826 100644
--- a/modules/cache/mod_socache_memcache.dsp
+++ b/modules/cache/mod_socache_memcache.dsp
@@ -43,7 +43,7 @@ RSC=rc.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "mod_socache_memcache_EXPORTS" /FD /c
-# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../../srclib/apr-util/include" /I "../../srclib/apr/include" /I "../../include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_socache_memcache_src" /FD /c
+# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../../srclib/apr-util/include" /I "../../srclib/apr/include" /I "../../include" /I "../generators" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_socache_memcache_src" /FD /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "NDEBUG"
@@ -75,7 +75,7 @@ PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).ma
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c
-# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../srclib/apr-util/include" /I "../../srclib/apr/include" /I "../../include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_socache_memcache_src" /FD /c
+# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../srclib/apr-util/include" /I "../../srclib/apr/include" /I "../../include" /I "../generators" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_socache_memcache_src" /FD /c
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x409 /d "_DEBUG"
diff --git a/modules/cluster/README.heartbeat b/modules/cluster/README.heartbeat
index e216db6..5eec549 100644
--- a/modules/cluster/README.heartbeat
+++ b/modules/cluster/README.heartbeat
@@ -14,7 +14,7 @@ Consuming:
Every 1 second, this module generates a single multicast UDP packet,
containing the number of busy and idle workers.
- The packet is a simple ASCII format, similiar to GET query parameters in UDP.
+ The packet is a simple ASCII format, similar to GET query parameters in UDP.
An Example packet:
v=1&ready=75&busy=0
diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c
index 4cd1d41..dae4fcd 100644
--- a/modules/core/mod_macro.c
+++ b/modules/core/mod_macro.c
@@ -377,7 +377,7 @@ static char *substitute(char *buf,
}
/*
- find first occurence of args in buf.
+ find first occurrence of args in buf.
in case of conflict, the LONGEST argument is kept. (could be the FIRST?).
returns the pointer and the whichone found, or NULL.
*/
@@ -464,7 +464,7 @@ static const char *process_content(apr_pool_t * pool,
/* for each line of the macro body */
for (i = 0; i < contents->nelts; i++) {
const char *errmsg;
- /* copy the line and subtitute macro parameters */
+ /* copy the line and substitute macro parameters */
strncpy(line, ((char **) contents->elts)[i], MAX_STRING_LEN - 1);
errmsg = substitute_macro_args(line, MAX_STRING_LEN,
macro, replacements, used);
@@ -916,7 +916,7 @@ static int macro_pre_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
/*
macro module commands.
configuration file macro stuff
- they are processed immediatly when found, hence the EXEC_ON_READ.
+ they are processed immediately when found, hence the EXEC_ON_READ.
*/
static const command_rec macro_cmds[] = {
AP_INIT_RAW_ARGS(BEGIN_MACRO, macro_section, NULL, EXEC_ON_READ | OR_ALL,
diff --git a/modules/core/mod_so.c b/modules/core/mod_so.c
index eeacec6..6eafbe9 100644
--- a/modules/core/mod_so.c
+++ b/modules/core/mod_so.c
@@ -193,7 +193,7 @@ static const char *load_module(cmd_parms *cmd, void *dummy,
const char *error;
/* we need to setup this value for dummy to make sure that we don't try
- * to add a non-existant tree into the build when we return to
+ * to add a non-existent tree into the build when we return to
* execute_now.
*/
*(ap_directive_t **)dummy = NULL;
@@ -321,7 +321,7 @@ static const char *load_module(cmd_parms *cmd, void *dummy,
/*
* This implements the LoadFile directive and loads an arbitrary
- * shared object file into the adress space of the server process.
+ * shared object file into the address space of the server process.
*/
static const char *load_file(cmd_parms *cmd, void *dummy, const char *filename)
diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
index 22ff32f..7599c6d 100644
--- a/modules/dav/main/mod_dav.c
+++ b/modules/dav/main/mod_dav.c
@@ -364,16 +364,33 @@ static int dav_error_response_tag(request_rec *r,
ap_rputs(" xmlns:m=\"http://apache.org/dav/xmlns\"", r);
}
- if (err->namespace != NULL) {
- ap_rprintf(r,
- " xmlns:C=\"%s\">" DEBUG_CR
- "<C:%s/>" DEBUG_CR,
- err->namespace, err->tagname);
+ if (err->childtags) {
+ if (err->namespace != NULL) {
+ ap_rprintf(r,
+ " xmlns:C=\"%s\">" DEBUG_CR
+ "<C:%s>%s</C:%s>" DEBUG_CR,
+ err->namespace,
+ err->tagname, err->childtags, err->tagname);
+ }
+ else {
+ ap_rprintf(r,
+ ">" DEBUG_CR
+ "<D:%s>%s</D:%s>" DEBUG_CR,
+ err->tagname, err->childtags, err->tagname);
+ }
}
else {
- ap_rprintf(r,
- ">" DEBUG_CR
- "<D:%s/>" DEBUG_CR, err->tagname);
+ if (err->namespace != NULL) {
+ ap_rprintf(r,
+ " xmlns:C=\"%s\">" DEBUG_CR
+ "<C:%s/>" DEBUG_CR,
+ err->namespace, err->tagname);
+ }
+ else {
+ ap_rprintf(r,
+ ">" DEBUG_CR
+ "<D:%s/>" DEBUG_CR, err->tagname);
+ }
}
/* here's our mod_dav specific tag: */
@@ -421,30 +438,31 @@ static const char *dav_xml_escape_uri(apr_pool_t *p, const char *uri)
/* Write a complete RESPONSE object out as a <DAV:repsonse> xml
element. Data is sent into brigade BB, which is auto-flushed into
- OUTPUT filter stack. Use POOL for any temporary allocations.
+ the output filter stack for request R. Use POOL for any temporary
+ allocations.
[Presumably the <multistatus> tag has already been written; this
routine is shared by dav_send_multistatus and dav_stream_response.]
*/
-static void dav_send_one_response(dav_response *response,
- apr_bucket_brigade *bb,
- ap_filter_t *output,
- apr_pool_t *pool)
+DAV_DECLARE(void) dav_send_one_response(dav_response *response,
+ apr_bucket_brigade *bb,
+ request_rec *r,
+ apr_pool_t *pool)
{
apr_text *t = NULL;
if (response->propresult.xmlns == NULL) {
- ap_fputs(output, bb, "<D:response>");
+ ap_fputs(r->output_filters, bb, "<D:response>");
}
else {
- ap_fputs(output, bb, "<D:response");
+ ap_fputs(r->output_filters, bb, "<D:response");
for (t = response->propresult.xmlns; t; t = t->next) {
- ap_fputs(output, bb, t->text);
+ ap_fputs(r->output_filters, bb, t->text);
}
- ap_fputc(output, bb, '>');
+ ap_fputc(r->output_filters, bb, '>');
}
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
DEBUG_CR "<D:href>",
dav_xml_escape_uri(pool, response->href),
"</D:href>" DEBUG_CR,
@@ -455,7 +473,7 @@ static void dav_send_one_response(dav_response *response,
* default to 500 Internal Server Error if first->status
* is not a known (or valid) status code.
*/
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
"<D:status>HTTP/1.1 ",
ap_get_status_line(response->status),
"</D:status>" DEBUG_CR,
@@ -464,7 +482,7 @@ static void dav_send_one_response(dav_response *response,
else {
/* assume this includes <propstat> and is quoted properly */
for (t = response->propresult.propstats; t; t = t->next) {
- ap_fputs(output, bb, t->text);
+ ap_fputs(r->output_filters, bb, t->text);
}
}
@@ -473,14 +491,14 @@ static void dav_send_one_response(dav_response *response,
* We supply the description, so we know it doesn't have to
* have any escaping/encoding applied to it.
*/
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
"<D:responsedescription>",
response->desc,
"</D:responsedescription>" DEBUG_CR,
NULL);
}
- ap_fputs(output, bb, "</D:response>" DEBUG_CR);
+ ap_fputs(r->output_filters, bb, "</D:response>" DEBUG_CR);
}
@@ -488,9 +506,9 @@ static void dav_send_one_response(dav_response *response,
response and write <multistatus> tag into BB, destined for
R->output_filters. Use xml NAMESPACES in initial tag, if
non-NULL. */
-static void dav_begin_multistatus(apr_bucket_brigade *bb,
- request_rec *r, int status,
- apr_array_header_t *namespaces)
+DAV_DECLARE(void) dav_begin_multistatus(apr_bucket_brigade *bb,
+ request_rec *r, int status,
+ apr_array_header_t *namespaces)
{
/* Set the correct status and Content-Type */
r->status = status;
@@ -513,8 +531,8 @@ static void dav_begin_multistatus(apr_bucket_brigade *bb,
}
/* Finish a multistatus response started by dav_begin_multistatus: */
-static apr_status_t dav_finish_multistatus(request_rec *r,
- apr_bucket_brigade *bb)
+DAV_DECLARE(apr_status_t) dav_finish_multistatus(request_rec *r,
+ apr_bucket_brigade *bb)
{
apr_bucket *b;
@@ -528,9 +546,9 @@ static apr_status_t dav_finish_multistatus(request_rec *r,
return ap_pass_brigade(r->output_filters, bb);
}
-static void dav_send_multistatus(request_rec *r, int status,
- dav_response *first,
- apr_array_header_t *namespaces)
+DAV_DECLARE(void) dav_send_multistatus(request_rec *r, int status,
+ dav_response *first,
+ apr_array_header_t *namespaces)
{
apr_pool_t *subpool;
apr_bucket_brigade *bb = apr_brigade_create(r->pool,
@@ -542,7 +560,7 @@ static void dav_send_multistatus(request_rec *r, int status,
for (; first != NULL; first = first->next) {
apr_pool_clear(subpool);
- dav_send_one_response(first, bb, r->output_filters, subpool);
+ dav_send_one_response(first, bb, r, subpool);
}
apr_pool_destroy(subpool);
@@ -583,8 +601,8 @@ static void dav_log_err(request_rec *r, dav_error *err, int level)
* - repos_hooks->copy_resource
* - vsn_hooks->update
*/
-static int dav_handle_err(request_rec *r, dav_error *err,
- dav_response *response)
+DAV_DECLARE(int) dav_handle_err(request_rec *r, dav_error *err,
+ dav_response *response)
{
/* log the errors */
dav_log_err(r, err, APLOG_ERR);
@@ -1149,7 +1167,7 @@ static void dav_stream_response(dav_walk_resource *wres,
resp.propresult = *propstats;
}
- dav_send_one_response(&resp, ctx->bb, ctx->r->output_filters, pool);
+ dav_send_one_response(&resp, ctx->bb, ctx->r, pool);
}
@@ -2156,8 +2174,8 @@ static int dav_method_propfind(request_rec *r)
return DONE;
}
-static apr_text * dav_failed_proppatch(apr_pool_t *p,
- apr_array_header_t *prop_ctx)
+DAV_DECLARE(apr_text *) dav_failed_proppatch(apr_pool_t *p,
+ apr_array_header_t *prop_ctx)
{
apr_text_header hdr = { 0 };
int i = prop_ctx->nelts;
@@ -2217,7 +2235,8 @@ static apr_text * dav_failed_proppatch(apr_pool_t *p,
return hdr.first;
}
-static apr_text * dav_success_proppatch(apr_pool_t *p, apr_array_header_t *prop_ctx)
+DAV_DECLARE(apr_text *) dav_success_proppatch(apr_pool_t *p,
+ apr_array_header_t *prop_ctx)
{
apr_text_header hdr = { 0 };
int i = prop_ctx->nelts;
diff --git a/modules/dav/main/mod_dav.h b/modules/dav/main/mod_dav.h
index a51e7c5..80ad117 100644
--- a/modules/dav/main/mod_dav.h
+++ b/modules/dav/main/mod_dav.h
@@ -130,6 +130,8 @@ typedef struct dav_error {
struct dav_error *prev; /* previous error (in stack) */
+ const char *childtags; /* error-tag may have children */
+
} dav_error;
/*
@@ -183,6 +185,23 @@ DAV_DECLARE(dav_error*) dav_push_error(apr_pool_t *p, int status, int error_id,
*/
DAV_DECLARE(dav_error*) dav_join_error(dav_error* dest, dav_error* src);
+typedef struct dav_response dav_response;
+
+/*
+** dav_handle_err()
+**
+** Handle the standard error processing. <err> must be non-NULL.
+**
+** <response> is set by the following:
+** - dav_validate_request()
+** - dav_add_lock()
+** - repos_hooks->remove_resource
+** - repos_hooks->move_resource
+** - repos_hooks->copy_resource
+** - vsn_hooks->update
+*/
+DAV_DECLARE(int) dav_handle_err(request_rec *r, dav_error *err,
+ dav_response *response);
/* error ID values... */
@@ -418,7 +437,7 @@ typedef struct dav_locktoken dav_locktoken;
** the sub-pools are a bit more general and heavyweight than these buffers.
*/
-/* buffer for reuse; can grow to accomodate needed size */
+/* buffer for reuse; can grow to accommodate needed size */
typedef struct
{
apr_size_t alloc_len; /* how much has been allocated */
@@ -436,7 +455,7 @@ DAV_DECLARE(void) dav_set_bufsize(apr_pool_t *p, dav_buffer *pbuf,
DAV_DECLARE(void) dav_buffer_init(apr_pool_t *p, dav_buffer *pbuf,
const char *str);
-/* check that the buffer can accomodate <extra_needed> more bytes */
+/* check that the buffer can accommodate <extra_needed> more bytes */
DAV_DECLARE(void) dav_check_bufsize(apr_pool_t *p, dav_buffer *pbuf,
apr_size_t extra_needed);
@@ -467,7 +486,7 @@ typedef struct
} dav_get_props_result;
/* holds the contents of a <response> element */
-typedef struct dav_response
+struct dav_response
{
const char *href; /* always */
const char *desc; /* optional description at <response> level */
@@ -478,7 +497,7 @@ typedef struct dav_response
int status;
struct dav_response *next;
-} dav_response;
+};
typedef struct
{
@@ -515,6 +534,42 @@ typedef enum {
#define DAV_STYLE_RFC822 2
#define DAV_TIMEBUF_SIZE 30
+/* Write a complete RESPONSE object out as a <DAV:response> xml
+ * element. Data is sent into brigade BB, which is auto-flushed into
+ * the output filter stack for request R. Use POOL for any temporary
+ * allocations.
+ *
+ * [Presumably the <multistatus> tag has already been written; this
+ * routine is shared by dav_send_multistatus and dav_stream_response.]
+ */
+DAV_DECLARE(void) dav_send_one_response(dav_response *response,
+ apr_bucket_brigade *bb,
+ request_rec *r,
+ apr_pool_t *pool);
+
+/* Factorized helper function: prep request_rec R for a multistatus
+ * response and write <multistatus> tag into BB, destined for
+ * R->output_filters. Use xml NAMESPACES in initial tag, if
+ * non-NULL.
+ */
+DAV_DECLARE(void) dav_begin_multistatus(apr_bucket_brigade *bb,
+ request_rec *r, int status,
+ apr_array_header_t *namespaces);
+
+/* Finish a multistatus response started by dav_begin_multistatus: */
+DAV_DECLARE(apr_status_t) dav_finish_multistatus(request_rec *r,
+ apr_bucket_brigade *bb);
+
+/* Send a multistatus response */
+DAV_DECLARE(void) dav_send_multistatus(request_rec *r, int status,
+ dav_response *first,
+ apr_array_header_t *namespaces);
+
+DAV_DECLARE(apr_text *) dav_failed_proppatch(apr_pool_t *p,
+ apr_array_header_t *prop_ctx);
+DAV_DECLARE(apr_text *) dav_success_proppatch(apr_pool_t *p,
+ apr_array_header_t *prop_ctx);
+
DAV_DECLARE(int) dav_get_depth(request_rec *r, int def_depth);
DAV_DECLARE(int) dav_validate_root(const apr_xml_doc *doc,
@@ -867,7 +922,7 @@ struct dav_hooks_liveprop
**
** This structure is used as a standard way to determine if a particular
** property is a live property. Its use is not part of the mandated liveprop
-** interface, but can be used by liveprop providers in conjuction with the
+** interface, but can be used by liveprop providers in conjunction with the
** utility routines below.
**
** spec->name == NULL is the defined end-sentinel for a list of specs.
@@ -2314,7 +2369,7 @@ struct dav_hooks_vsn
** exist. Any <DAV:mkworkspace> element is passed to the provider
** in the "doc" structure; it may be empty.
**
- ** If workspace creation is succesful, the state of the resource
+ ** If workspace creation is successful, the state of the resource
** object is updated appropriately.
**
** This hook is optional; if the provider does not support workspaces,
@@ -2337,7 +2392,7 @@ struct dav_hooks_vsn
** Create an activity resource. The resource must not already
** exist.
**
- ** If activity creation is succesful, the state of the resource
+ ** If activity creation is successful, the state of the resource
** object is updated appropriately.
**
** This hook is optional; if the provider does not support activities,
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
index 8d4f64a..9f24604 100644
--- a/modules/dav/main/util.c
+++ b/modules/dav/main/util.c
@@ -428,7 +428,7 @@ DAV_DECLARE(void) dav_xmlns_add(dav_xmlns_info *xi,
apr_hash_set(xi->prefix_uri, prefix, APR_HASH_KEY_STRING, uri);
/* note: this may overwrite an existing URI->prefix mapping, but it
- doesn't matter -- any prefix is usuable to specify the URI. */
+ doesn't matter -- any prefix is usable to specify the URI. */
apr_hash_set(xi->uri_prefix, uri, APR_HASH_KEY_STRING, prefix);
}
@@ -587,7 +587,7 @@ static dav_error * dav_add_if_state(apr_pool_t *p, dav_if_header *ih,
}
/* fetch_next_token returns the substring from str+1
- * to the next occurence of char term, or \0, whichever
+ * to the next occurrence of char term, or \0, whichever
* occurs first. Leading whitespace is ignored.
*/
static char *dav_fetch_next_token(char **str, char term)
diff --git a/modules/examples/README b/modules/examples/README
index 02b1c91..2e03362 100644
--- a/modules/examples/README
+++ b/modules/examples/README
@@ -32,7 +32,7 @@ For windows, the process is slightly different;
A. copy modules\examples\mod_example_hooks.c modules\examples\mod_myexample.c
B. copy modules\examples\mod_example_hooks.dsp modules\examples\mod_myexample.dsp
- C. replace the occurances of 'example_hooks' with your module name.
+ C. replace the occurrences of 'example_hooks' with your module name.
D. add the new .dsp to your Apache.dsw workspace, with dependencies
on the libapr, libaprutil and libhttpd projects. With the newer
Developer Studio 2002 through 2005, when you add the new .dsp
diff --git a/modules/filters/mod_include.c b/modules/filters/mod_include.c
index 5a6271c..a5e44fe 100644
--- a/modules/filters/mod_include.c
+++ b/modules/filters/mod_include.c
@@ -1588,17 +1588,17 @@ static int parse_expr(include_ctx_t *ctx, const char *expr, int *was_error)
/* same as above, but use common ap_expr syntax / API */
static int parse_ap_expr(include_ctx_t *ctx, const char *expr, int *was_error)
{
- ap_expr_info_t expr_info;
+ ap_expr_info_t *expr_info = apr_pcalloc(ctx->pool, sizeof (*expr_info));
const char *err;
int ret;
backref_t *re = ctx->intern->re;
ap_expr_eval_ctx_t *eval_ctx = ctx->intern->expr_eval_ctx;
- expr_info.filename = ctx->r->filename;
- expr_info.line_number = 0;
- expr_info.module_index = APLOG_MODULE_INDEX;
- expr_info.flags = AP_EXPR_FLAG_RESTRICTED;
- err = ap_expr_parse(ctx->r->pool, ctx->r->pool, &expr_info, expr,
+ expr_info->filename = ctx->r->filename;
+ expr_info->line_number = 0;
+ expr_info->module_index = APLOG_MODULE_INDEX;
+ expr_info->flags = AP_EXPR_FLAG_RESTRICTED;
+ err = ap_expr_parse(ctx->r->pool, ctx->r->pool, expr_info, expr,
include_expr_lookup);
if (err) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, APLOGNO(01337)
@@ -1634,7 +1634,7 @@ static int parse_ap_expr(include_ctx_t *ctx, const char *expr, int *was_error)
eval_ctx->re_source = &re->source;
}
- eval_ctx->info = &expr_info;
+ eval_ctx->info = expr_info;
ret = ap_expr_exec_ctx(eval_ctx);
if (ret < 0) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, APLOGNO(01338)
diff --git a/modules/filters/mod_ratelimit.c b/modules/filters/mod_ratelimit.c
index a2e9bd0..64283c7 100644
--- a/modules/filters/mod_ratelimit.c
+++ b/modules/filters/mod_ratelimit.c
@@ -35,12 +35,13 @@ typedef struct rl_ctx_t
{
int speed;
int chunk_size;
+ int burst;
rl_state_e state;
apr_bucket_brigade *tmpbb;
apr_bucket_brigade *holdingbb;
} rl_ctx_t;
-#if 0
+#if defined(RLFDEBUG)
static void brigade_dump(request_rec *r, apr_bucket_brigade *bb)
{
apr_bucket *e;
@@ -53,7 +54,7 @@ static void brigade_dump(request_rec *r, apr_bucket_brigade *bb)
}
}
-#endif
+#endif /* RLFDEBUG */
static apr_status_t
rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
@@ -71,10 +72,12 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
return APR_ECONNABORTED;
}
+ /* Set up our rl_ctx_t on first use */
if (ctx == NULL) {
const char *rl = NULL;
int ratelimit;
+ int burst = 0;
/* no subrequests. */
if (f->r->main != NULL) {
@@ -82,6 +85,7 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
return ap_pass_brigade(f->next, bb);
}
+ /* Configuration: rate limit */
rl = apr_table_get(f->r->subprocess_env, "rate-limit");
if (rl == NULL) {
@@ -93,15 +97,29 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
ratelimit = atoi(rl) * 1024;
if (ratelimit <= 0) {
/* remove ourselves */
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, f->r,
+ APLOGNO(03488) "rl: disabling: rate-limit = %s (too high?)", rl);
ap_remove_output_filter(f);
return ap_pass_brigade(f->next, bb);
}
- /* first run, init stuff */
+ /* Configuration: optional initial burst */
+ rl = apr_table_get(f->r->subprocess_env, "rate-initial-burst");
+ if (rl != NULL) {
+ burst = atoi(rl) * 1024;
+ if (burst <= 0) {
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, f->r,
+ APLOGNO(03489) "rl: disabling burst: rate-initial-burst = %s (too high?)", rl);
+ burst = 0;
+ }
+ }
+
+ /* Set up our context */
ctx = apr_palloc(f->r->pool, sizeof(rl_ctx_t));
f->ctx = ctx;
ctx->state = RATE_LIMIT;
ctx->speed = ratelimit;
+ ctx->burst = burst;
/* calculate how many bytes / interval we want to send */
/* speed is bytes / second, so, how many (speed / 1000 % interval) */
@@ -183,7 +201,15 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
apr_brigade_length(bb, 1, &len);
- rv = apr_brigade_partition(bb, ctx->chunk_size, &stop_point);
+ /*
+ * Pull next chunk of data; the initial amount is our
+ * burst allotment (if any) plus a chunk. All subsequent
+ * iterations are just chunks with whatever remaining
+ * burst amounts we have left (in case not done in the
+ * first bucket).
+ */
+ rv = apr_brigade_partition(bb,
+ ctx->chunk_size + ctx->burst, &stop_point);
if (rv != APR_SUCCESS && rv != APR_INCOMPLETE) {
ctx->state = RATE_ERROR;
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, f->r, APLOGNO(01456)
@@ -207,15 +233,33 @@ rate_limit_filter(ap_filter_t *f, apr_bucket_brigade *input_bb)
APR_BRIGADE_INSERT_TAIL(ctx->tmpbb, fb);
-#if 0
+ /*
+ * Adjust the burst amount depending on how much
+ * we've done up to now.
+ */
+ if (ctx->burst) {
+ len = ctx->burst;
+ apr_brigade_length(ctx->tmpbb, 1, &len);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, f->r,
+ APLOGNO(03485) "rl: burst %d; len %"APR_OFF_T_FMT, ctx->burst, len);
+ if (len < ctx->burst) {
+ ctx->burst -= len;
+ }
+ else {
+ ctx->burst = 0;
+ }
+ }
+
+#if defined(RLFDEBUG)
brigade_dump(f->r, ctx->tmpbb);
brigade_dump(f->r, bb);
-#endif
+#endif /* RLFDEBUG */
rv = ap_pass_brigade(f->next, ctx->tmpbb);
apr_brigade_cleanup(ctx->tmpbb);
if (rv != APR_SUCCESS) {
+ /* Most often, user disconnects from stream */
ctx->state = RATE_ERROR;
ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, f->r, APLOGNO(01457)
"rl: brigade pass failed.");
diff --git a/modules/filters/mod_reqtimeout.c b/modules/filters/mod_reqtimeout.c
index ed99c68..538e9b1 100644
--- a/modules/filters/mod_reqtimeout.c
+++ b/modules/filters/mod_reqtimeout.c
@@ -417,8 +417,8 @@ static int reqtimeout_before_body(request_rec *r)
reqtimeout_con_cfg *ccfg =
ap_get_module_config(r->connection->conn_config, &reqtimeout_module);
- if (ccfg == NULL || r->method_number == M_CONNECT) {
- /* either disabled for this connection or a CONNECT request */
+ if (ccfg == NULL) {
+ /* not configured for this connection */
return OK;
}
cfg = ap_get_module_config(r->connection->base_server->module_config,
@@ -428,7 +428,11 @@ static int reqtimeout_before_body(request_rec *r)
ccfg->timeout_at = 0;
ccfg->max_timeout_at = 0;
ccfg->type = "body";
- if (cfg->body_timeout != UNSET) {
+ if (r->method_number == M_CONNECT) {
+ /* disabled for a CONNECT request */
+ ccfg->new_timeout = 0;
+ }
+ else if (cfg->body_timeout != UNSET) {
ccfg->new_timeout = cfg->body_timeout;
ccfg->new_max_timeout = cfg->body_max_timeout;
ccfg->min_rate = cfg->body_min_rate;
diff --git a/modules/filters/regexp.c b/modules/filters/regexp.c
index ba118a6..4acccca 100644
--- a/modules/filters/regexp.c
+++ b/modules/filters/regexp.c
@@ -30,7 +30,7 @@
#include "apr.h"
#include "apr_lib.h"
-#ifdef APR_HAVE_LIMITS_H
+#if APR_HAVE_LIMITS_H
#include <limits.h>
#endif
#if APR_HAVE_STDLIB_H
diff --git a/modules/generators/mod_cgid.c b/modules/generators/mod_cgid.c
index edc2524..1148467 100644
--- a/modules/generators/mod_cgid.c
+++ b/modules/generators/mod_cgid.c
@@ -1298,8 +1298,8 @@ static void discard_script_output(apr_bucket_brigade *bb)
struct cleanup_script_info {
request_rec *r;
- unsigned long conn_id;
cgid_server_conf *conf;
+ pid_t pid;
};
static apr_status_t dead_yet(pid_t pid, apr_interval_time_t max_wait)
@@ -1351,25 +1351,19 @@ static apr_status_t cleanup_nonchild_process(request_rec *r, pid_t pid)
return APR_EGENERAL;
}
-static apr_status_t cleanup_script(void *vptr)
-{
- struct cleanup_script_info *info = vptr;
- int sd;
- int rc;
+static apr_status_t get_cgi_pid(request_rec *r, cgid_server_conf *conf, pid_t *pid) {
cgid_req_t req = {0};
- pid_t pid;
apr_status_t stat;
+ int rc, sd;
- rc = connect_to_daemon(&sd, info->r, info->conf);
+ rc = connect_to_daemon(&sd, r, conf);
if (rc != OK) {
return APR_EGENERAL;
}
- /* we got a socket, and there is already a cleanup registered for it */
-
req.req_type = GETPID_REQ;
req.ppid = parent_pid;
- req.conn_id = info->r->connection->id;
+ req.conn_id = r->connection->id;
stat = sock_write(sd, &req, sizeof(req));
if (stat != APR_SUCCESS) {
@@ -1377,18 +1371,26 @@ static apr_status_t cleanup_script(void *vptr)
}
/* wait for pid of script */
- stat = sock_read(sd, &pid, sizeof(pid));
+ stat = sock_read(sd, pid, sizeof(*pid));
if (stat != APR_SUCCESS) {
return stat;
}
if (pid == 0) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, info->r, APLOGNO(01261)
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01261)
"daemon couldn't find CGI process for connection %lu",
- info->conn_id);
+ r->connection->id);
return APR_EGENERAL;
}
- return cleanup_nonchild_process(info->r, pid);
+
+ return APR_SUCCESS;
+}
+
+
+static apr_status_t cleanup_script(void *vptr)
+{
+ struct cleanup_script_info *info = vptr;
+ return cleanup_nonchild_process(info->r, info->pid);
}
static int cgid_handler(request_rec *r)
@@ -1486,12 +1488,19 @@ static int cgid_handler(request_rec *r)
}
info = apr_palloc(r->pool, sizeof(struct cleanup_script_info));
- info->r = r;
- info->conn_id = r->connection->id;
info->conf = conf;
- apr_pool_cleanup_register(r->pool, info,
+ info->r = r;
+ rv = get_cgi_pid(r, conf, &(info->pid));
+
+ if (APR_SUCCESS == rv){
+ apr_pool_cleanup_register(r->pool, info,
cleanup_script,
apr_pool_cleanup_null);
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, "error determining cgi PID");
+ }
+
/* We are putting the socket discriptor into an apr_file_t so that we can
* use a pipe bucket to send the data to the client. APR will create
* a cleanup for the apr_file_t which will close the socket, so we'll
@@ -1816,6 +1825,7 @@ static int include_cmd(include_ctx_t *ctx, ap_filter_t *f,
cgid_dirconf *dc = ap_get_module_config(r->per_dir_config, &cgid_module);
struct cleanup_script_info *info;
+ apr_status_t rv;
add_ssi_vars(r);
env = ap_create_environment(r->pool, r->subprocess_env);
@@ -1827,13 +1837,22 @@ static int include_cmd(include_ctx_t *ctx, ap_filter_t *f,
send_req(sd, r, command, env, SSI_REQ);
info = apr_palloc(r->pool, sizeof(struct cleanup_script_info));
- info->r = r;
- info->conn_id = r->connection->id;
info->conf = conf;
- /* for this type of request, the script is invoked through an
- * intermediate shell process... cleanup_script is only able
- * to knock out the shell process, not the actual script
- */
+ info->r = r;
+ rv = get_cgi_pid(r, conf, &(info->pid));
+ if (APR_SUCCESS == rv) {
+ /* for this type of request, the script is invoked through an
+ * intermediate shell process... cleanup_script is only able
+ * to knock out the shell process, not the actual script
+ */
+ apr_pool_cleanup_register(r->pool, info,
+ cleanup_script,
+ apr_pool_cleanup_null);
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, "error determining cgi PID (for SSI)");
+ }
+
apr_pool_cleanup_register(r->pool, info,
cleanup_script,
apr_pool_cleanup_null);
diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
index 4ff9df1..12801f9 100644
--- a/modules/generators/mod_status.c
+++ b/modules/generators/mod_status.c
@@ -195,7 +195,7 @@ static int status_handler(request_rec *r)
long req_time;
int short_report;
int no_table_report;
- worker_score *ws_record = apr_palloc(r->pool, sizeof *ws_record);
+ worker_score *ws_record;
process_score *ps_record;
char *stat_buffer;
pid_t *pid_buffer, worker_pid;
@@ -293,6 +293,8 @@ static int status_handler(request_rec *r)
}
}
+ ws_record = apr_palloc(r->pool, sizeof *ws_record);
+
for (i = 0; i < server_limit; ++i) {
#ifdef HAVE_TIMES
clock_t proc_tu = 0, proc_ts = 0, proc_tcu = 0, proc_tcs = 0;
@@ -529,7 +531,7 @@ static int status_handler(request_rec *r)
if (is_async) {
int write_completion = 0, lingering_close = 0, keep_alive = 0,
- connections = 0;
+ connections = 0, stopping = 0, procs = 0;
/*
* These differ from 'busy' and 'ready' in how gracefully finishing
* threads are counted. XXX: How to make this clear in the html?
@@ -537,13 +539,15 @@ static int status_handler(request_rec *r)
int busy_workers = 0, idle_workers = 0;
if (!short_report)
ap_rputs("\n\n<table rules=\"all\" cellpadding=\"1%\">\n"
- "<tr><th rowspan=\"2\">PID</th>"
+ "<tr><th rowspan=\"2\">Slot</th>"
+ "<th rowspan=\"2\">PID</th>"
+ "<th rowspan=\"2\">Stopping</th>"
"<th colspan=\"2\">Connections</th>\n"
"<th colspan=\"2\">Threads</th>"
- "<th colspan=\"4\">Async connections</th></tr>\n"
+ "<th colspan=\"3\">Async connections</th></tr>\n"
"<tr><th>total</th><th>accepting</th>"
- "<th>busy</th><th>idle</th><th>writing</th>"
- "<th>keep-alive</th><th>closing</th></tr>\n", r);
+ "<th>busy</th><th>idle</th>"
+ "<th>writing</th><th>keep-alive</th><th>closing</th></tr>\n", r);
for (i = 0; i < server_limit; ++i) {
ps_record = ap_get_scoreboard_process(i);
if (ps_record->pid) {
@@ -553,26 +557,45 @@ static int status_handler(request_rec *r)
lingering_close += ps_record->lingering_close;
busy_workers += thread_busy_buffer[i];
idle_workers += thread_idle_buffer[i];
- if (!short_report)
- ap_rprintf(r, "<tr><td>%" APR_PID_T_FMT "</td><td>%u</td>"
- "<td>%s</td><td>%u</td><td>%u</td>"
+ if (!short_report) {
+ const char *dying = "no";
+ const char *old = "";
+ if (ps_record->quiescing) {
+ dying = "yes";
+ stopping++;
+ }
+ if (ps_record->generation != mpm_generation)
+ old = " (old gen)";
+ procs++;
+ ap_rprintf(r, "<tr><td>%u</td><td>%" APR_PID_T_FMT "</td>"
+ "<td>%s%s</td>"
+ "<td>%u</td><td>%s</td>"
+ "<td>%u</td><td>%u</td>"
"<td>%u</td><td>%u</td><td>%u</td>"
"</tr>\n",
- ps_record->pid, ps_record->connections,
+ i, ps_record->pid,
+ dying, old,
+ ps_record->connections,
ps_record->not_accepting ? "no" : "yes",
- thread_busy_buffer[i], thread_idle_buffer[i],
+ thread_busy_buffer[i],
+ thread_idle_buffer[i],
ps_record->write_completion,
ps_record->keep_alive,
ps_record->lingering_close);
+ }
}
}
if (!short_report) {
- ap_rprintf(r, "<tr><td>Sum</td><td>%d</td><td> </td><td>%d</td>"
- "<td>%d</td><td>%d</td><td>%d</td><td>%d</td>"
+ ap_rprintf(r, "<tr><td>Sum</td>"
+ "<td>%d</td><td>%d</td>"
+ "<td>%d</td><td> </td>"
+ "<td>%d</td><td>%d</td>"
+ "<td>%d</td><td>%d</td><td>%d</td>"
"</tr>\n</table>\n",
- connections, busy_workers, idle_workers,
+ procs, stopping,
+ connections,
+ busy_workers, idle_workers,
write_completion, keep_alive, lingering_close);
-
}
else {
ap_rprintf(r, "ConnsTotal: %d\n"
@@ -621,7 +644,7 @@ static int status_handler(request_rec *r)
"\"<b><code>G</code></b>\" Gracefully finishing,<br /> \n"
"\"<b><code>I</code></b>\" Idle cleanup of worker, \n"
"\"<b><code>.</code></b>\" Open slot with no current process<br />\n"
- "<p />\n", r);
+ "</p>\n", r);
if (!ap_extended_status) {
int j;
int k = 0;
diff --git a/modules/http/http_core.c b/modules/http/http_core.c
index 57404e6..f395bcc 100644
--- a/modules/http/http_core.c
+++ b/modules/http/http_core.c
@@ -66,7 +66,7 @@ static const char *set_keep_alive_timeout(cmd_parms *cmd, void *dummy,
* set for the main server, because if no http_module directive is used
* for a vhost, it will inherit the http_srv_cfg from the main server.
* However keep_alive_timeout_set helps determine whether the vhost should
- * use its own configured timeout or the one from the vhost delared first
+ * use its own configured timeout or the one from the vhost declared first
* on the same IP:port (ie. c->base_server, and the legacy behaviour).
*/
if (cmd->server->is_virtual) {
diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c
index ed8749f..f6a19ae 100644
--- a/modules/http/http_filters.c
+++ b/modules/http/http_filters.c
@@ -126,14 +126,15 @@ static apr_status_t bail_out_on_error(http_ctx_t *ctx,
/**
* Parse a chunk line with optional extension, detect overflow.
- * There are two error cases:
- * 1) If the conversion would require too many bits, APR_EGENERAL is returned.
- * 2) If the conversion used the correct number of bits, but an overflow
+ * There are several error cases:
+ * 1) If the chunk link is misformatted, APR_EINVAL is returned.
+ * 2) If the conversion would require too many bits, APR_EGENERAL is returned.
+ * 3) If the conversion used the correct number of bits, but an overflow
* caused only the sign bit to flip, then APR_ENOSPC is returned.
- * In general, any negative number can be considered an overflow error.
+ * A negative chunk length always indicates an overflow error.
*/
static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer,
- apr_size_t len, int linelimit)
+ apr_size_t len, int linelimit, int strict)
{
apr_size_t i = 0;
@@ -146,6 +147,12 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer,
if (ctx->state == BODY_CHUNK_END
|| ctx->state == BODY_CHUNK_END_LF) {
if (c == LF) {
+ if (strict && (ctx->state != BODY_CHUNK_END_LF)) {
+ /*
+ * CR missing before LF.
+ */
+ return APR_EINVAL;
+ }
ctx->state = BODY_CHUNK;
}
else if (c == CR && ctx->state == BODY_CHUNK_END) {
@@ -153,7 +160,7 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer,
}
else {
/*
- * LF expected.
+ * CRLF expected.
*/
return APR_EINVAL;
}
@@ -180,6 +187,12 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer,
}
if (c == LF) {
+ if (strict && (ctx->state != BODY_CHUNK_LF)) {
+ /*
+ * CR missing before LF.
+ */
+ return APR_EINVAL;
+ }
if (ctx->remaining) {
ctx->state = BODY_CHUNK_DATA;
}
@@ -201,14 +214,17 @@ static apr_status_t parse_chunk_size(http_ctx_t *ctx, const char *buffer,
}
else if (ctx->state == BODY_CHUNK_EXT) {
/*
- * Control chars (but tabs) are invalid.
+ * Control chars (excluding tabs) are invalid.
+ * TODO: more precisely limit input
*/
if (c != '\t' && apr_iscntrl(c)) {
return APR_EINVAL;
}
}
else if (c == ' ' || c == '\t') {
- /* Be lenient up to 10 BWS (term from rfc7230 - 3.2.3).
+ /* Be lenient up to 10 implied *LWS, a legacy of RFC 2616,
+ * and noted as errata to RFC7230;
+ * https://www.rfc-editor.org/errata_search.php?rfc=7230&eid=4667
*/
ctx->state = BODY_CHUNK_CR;
if (++ctx->chunk_bws > 10) {
@@ -324,7 +340,10 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
ap_input_mode_t mode, apr_read_type_e block,
apr_off_t readbytes)
{
- core_server_config *conf;
+ core_server_config *conf =
+ (core_server_config *) ap_get_module_config(f->r->server->module_config,
+ &core_module);
+ int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
apr_bucket *e;
http_ctx_t *ctx = f->ctx;
apr_status_t rv;
@@ -332,9 +351,6 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
apr_bucket_brigade *bb;
int again;
- conf = (core_server_config *)
- ap_get_module_config(f->r->server->module_config, &core_module);
-
/* just get out of the way of things we don't want. */
if (mode != AP_MODE_READBYTES && mode != AP_MODE_GETLINE) {
return ap_get_brigade(f->next, b, mode, block, readbytes);
@@ -526,7 +542,7 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
if (rv == APR_SUCCESS) {
parsing = 1;
rv = parse_chunk_size(ctx, buffer, len,
- f->r->server->limit_req_fieldsize);
+ f->r->server->limit_req_fieldsize, strict);
}
if (rv != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_INFO, rv, f->r, APLOGNO(01590)
@@ -668,14 +684,82 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
return APR_SUCCESS;
}
+struct check_header_ctx {
+ request_rec *r;
+ int strict;
+};
+
+/* check a single header, to be used with apr_table_do() */
+static int check_header(void *arg, const char *name, const char *val)
+{
+ struct check_header_ctx *ctx = arg;
+ const char *test;
+
+ if (name[0] == '\0') {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, APLOGNO(02428)
+ "Empty response header name, aborting request");
+ return 0;
+ }
+
+ if (ctx->strict) {
+ test = ap_scan_http_token(name);
+ }
+ else {
+ test = ap_scan_vchar_obstext(name);
+ }
+ if (*test) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, APLOGNO(02429)
+ "Response header name '%s' contains invalid "
+ "characters, aborting request",
+ name);
+ return 0;
+ }
+
+ test = ap_scan_http_field_content(val);
+ if (*test) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, APLOGNO(02430)
+ "Response header '%s' value of '%s' contains invalid "
+ "characters, aborting request",
+ name, val);
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Check headers for HTTP conformance
+ * @return 1 if ok, 0 if bad
+ */
+static APR_INLINE int check_headers(request_rec *r)
+{
+ struct check_header_ctx ctx;
+ core_server_config *conf =
+ ap_get_core_module_config(r->server->module_config);
+
+ ctx.r = r;
+ ctx.strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
+ return apr_table_do(check_header, &ctx, r->headers_out, NULL) &&
+ apr_table_do(check_header, &ctx, r->err_headers_out, NULL);
+}
+
+static int check_headers_recursion(request_rec *r)
+{
+ void *check = NULL;
+ apr_pool_userdata_get(&check, "check_headers_recursion", r->pool);
+ if (check) {
+ return 1;
+ }
+ apr_pool_userdata_setn("true", "check_headers_recursion", NULL, r->pool);
+ return 0;
+}
+
typedef struct header_struct {
apr_pool_t *pool;
apr_bucket_brigade *bb;
} header_struct;
/* Send a single HTTP header field to the client. Note that this function
- * is used in calls to table_do(), so their interfaces are co-dependent.
- * In other words, don't change this one without checking table_do in alloc.c.
+ * is used in calls to apr_table_do(), so don't change its interface.
* It returns true unless there was a write error of some kind.
*/
static int form_header_field(header_struct *h,
@@ -776,8 +860,7 @@ static void fixup_vary(request_rec *r)
* its comma-separated fieldname values, and then add them to varies
* if not already present in the array.
*/
- apr_table_do((int (*)(void *, const char *, const char *))uniq_field_values,
- (void *) varies, r->headers_out, "Vary", NULL);
+ apr_table_do(uniq_field_values, varies, r->headers_out, "Vary", NULL);
/* If we found any, replace old Vary fields with unique-ified value */
@@ -1160,6 +1243,7 @@ AP_DECLARE_NONSTD(int) ap_send_http_trace(request_rec *r)
typedef struct header_filter_ctx {
int headers_sent;
+ int headers_error;
} header_filter_ctx;
AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
@@ -1175,19 +1259,23 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
header_filter_ctx *ctx = f->ctx;
const char *ctype;
ap_bucket_error *eb = NULL;
+ apr_bucket *eos = NULL;
AP_DEBUG_ASSERT(!r->main);
- if (r->header_only) {
- if (!ctx) {
- ctx = f->ctx = apr_pcalloc(r->pool, sizeof(header_filter_ctx));
- }
- else if (ctx->headers_sent) {
+ if (!ctx) {
+ ctx = f->ctx = apr_pcalloc(r->pool, sizeof(header_filter_ctx));
+ }
+ if (ctx->headers_sent) {
+ /* Eat body if response must not have one. */
+ if (r->header_only || r->status == HTTP_NO_CONTENT) {
apr_brigade_cleanup(b);
- return OK;
+ return APR_SUCCESS;
}
}
-
+ else if (!ctx->headers_error && !check_headers(r)) {
+ ctx->headers_error = 1;
+ }
for (e = APR_BRIGADE_FIRST(b);
e != APR_BRIGADE_SENTINEL(b);
e = APR_BUCKET_NEXT(e))
@@ -1204,10 +1292,44 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
ap_remove_output_filter(f);
return ap_pass_brigade(f->next, b);
}
+ if (ctx->headers_error && APR_BUCKET_IS_EOS(e)) {
+ eos = e;
+ }
}
- if (eb) {
- int status;
+ if (ctx->headers_error) {
+ if (!eos) {
+ /* Eat body until EOS */
+ apr_brigade_cleanup(b);
+ return APR_SUCCESS;
+ }
+ /* We may come back here from ap_die() below,
+ * so clear anything from this response.
+ */
+ ctx->headers_error = 0;
+ apr_table_clear(r->headers_out);
+ apr_table_clear(r->err_headers_out);
+
+ /* Don't recall ap_die() if we come back here (from its own internal
+ * redirect or error response), otherwise we can end up in infinite
+ * recursion; better fall through with 500, minimal headers and an
+ * empty body (EOS only).
+ */
+ if (!check_headers_recursion(r)) {
+ apr_brigade_cleanup(b);
+ ap_die(HTTP_INTERNAL_SERVER_ERROR, r);
+ return AP_FILTER_ERROR;
+ }
+ APR_BUCKET_REMOVE(eos);
+ apr_brigade_cleanup(b);
+ APR_BRIGADE_INSERT_TAIL(b, eos);
+ r->status = HTTP_INTERNAL_SERVER_ERROR;
+ r->content_type = r->content_encoding = NULL;
+ r->content_languages = NULL;
+ ap_set_content_length(r, 0);
+ }
+ else if (eb) {
+ int status;
status = eb->status;
apr_brigade_cleanup(b);
ap_die(status, r);
@@ -1264,6 +1386,10 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
apr_table_unset(r->headers_out, "Content-Length");
}
+ if (r->status == HTTP_NO_CONTENT) {
+ apr_table_unset(r->headers_out, "Content-Length");
+ }
+
ctype = ap_make_content_type(r, r->content_type);
if (ctype) {
apr_table_setn(r->headers_out, "Content-Type", ctype);
@@ -1295,7 +1421,7 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
}
/*
- * Control cachability for non-cachable responses if not already set by
+ * Control cachability for non-cacheable responses if not already set by
* some other part of the server configuration.
*/
if (r->no_cache && !apr_table_get(r->headers_out, "Expires")) {
@@ -1352,11 +1478,11 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
terminate_header(b2);
ap_pass_brigade(f->next, b2);
+ ctx->headers_sent = 1;
- if (r->header_only) {
+ if (r->header_only || r->status == HTTP_NO_CONTENT) {
apr_brigade_cleanup(b);
- ctx->headers_sent = 1;
- return OK;
+ return APR_SUCCESS;
}
r->sent_bodyct = 1; /* Whatever follows is real body stuff... */
@@ -1392,22 +1518,22 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_http_header_filter(ap_filter_t *f,
AP_DECLARE(int) ap_map_http_request_error(apr_status_t rv, int status)
{
switch (rv) {
- case AP_FILTER_ERROR: {
+ case AP_FILTER_ERROR:
return AP_FILTER_ERROR;
- }
- case APR_ENOSPC: {
+
+ case APR_ENOSPC:
return HTTP_REQUEST_ENTITY_TOO_LARGE;
- }
- case APR_ENOTIMPL: {
+
+ case APR_ENOTIMPL:
return HTTP_NOT_IMPLEMENTED;
- }
- case APR_ETIMEDOUT: {
+
+ case APR_TIMEUP:
+ case APR_ETIMEDOUT:
return HTTP_REQUEST_TIME_OUT;
- }
- default: {
+
+ default:
return status;
}
- }
}
/* In HTTP/1.1, any method can have a body. However, most GET handlers
diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c
index 582d87e..7c46577 100644
--- a/modules/http/http_protocol.c
+++ b/modules/http/http_protocol.c
@@ -688,8 +688,11 @@ AP_DECLARE(void) ap_method_registry_init(apr_pool_t *p)
apr_pool_cleanup_null);
/* put all the standard methods into the registry hash to ease the
- mapping operations between name and number */
+ * mapping operations between name and number
+ * HEAD is a special-instance of the GET method and shares the same ID
+ */
register_one_method(p, "GET", M_GET);
+ register_one_method(p, "HEAD", M_GET);
register_one_method(p, "PUT", M_PUT);
register_one_method(p, "POST", M_POST);
register_one_method(p, "DELETE", M_DELETE);
diff --git a/modules/http/http_request.c b/modules/http/http_request.c
index 5b2c1e8..3f5393e 100644
--- a/modules/http/http_request.c
+++ b/modules/http/http_request.c
@@ -228,41 +228,51 @@ AP_DECLARE(void) ap_die(int type, request_rec *r)
ap_die_r(type, r, r->status);
}
-static void check_pipeline(conn_rec *c, apr_bucket_brigade *bb)
+AP_DECLARE(apr_status_t) ap_check_pipeline(conn_rec *c, apr_bucket_brigade *bb,
+ unsigned int max_blank_lines)
{
- apr_status_t rv;
- int num_blank_lines = DEFAULT_LIMIT_BLANK_LINES;
+ apr_status_t rv = APR_EOF;
ap_input_mode_t mode = AP_MODE_SPECULATIVE;
+ unsigned int num_blank_lines = 0;
apr_size_t cr = 0;
char buf[2];
- c->data_in_input_filters = 0;
while (c->keepalive != AP_CONN_CLOSE && !c->aborted) {
apr_size_t len = cr + 1;
apr_brigade_cleanup(bb);
rv = ap_get_brigade(c->input_filters, bb, mode,
APR_NONBLOCK_READ, len);
- if (rv != APR_SUCCESS || APR_BRIGADE_EMPTY(bb)) {
- /*
- * Error or empty brigade: There is no data present in the input
- * filter
- */
+ if (rv != APR_SUCCESS || APR_BRIGADE_EMPTY(bb) || !max_blank_lines) {
if (mode == AP_MODE_READBYTES) {
/* Unexpected error, stop with this connection */
ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(02967)
"Can't consume pipelined empty lines");
c->keepalive = AP_CONN_CLOSE;
+ rv = APR_EGENERAL;
+ }
+ else if (rv != APR_SUCCESS || APR_BRIGADE_EMPTY(bb)) {
+ if (rv != APR_SUCCESS && !APR_STATUS_IS_EAGAIN(rv)) {
+ /* Pipe is dead */
+ c->keepalive = AP_CONN_CLOSE;
+ }
+ else {
+ /* Pipe is up and empty */
+ rv = APR_EAGAIN;
+ }
+ }
+ else {
+ apr_off_t n = 0;
+ /* Single read asked, (non-meta-)data available? */
+ rv = apr_brigade_length(bb, 0, &n);
+ if (rv == APR_SUCCESS && n <= 0) {
+ rv = APR_EAGAIN;
+ }
}
break;
}
- /* Ignore trailing blank lines (which must not be interpreted as
- * pipelined requests) up to the limit, otherwise we would block
- * on the next read without flushing data, and hence possibly delay
- * pending response(s) until the next/real request comes in or the
- * keepalive timeout expires.
- */
+ /* Lookup and consume blank lines */
rv = apr_brigade_flatten(bb, buf, &len);
if (rv != APR_SUCCESS || len != cr + 1) {
int log_level;
@@ -270,14 +280,15 @@ static void check_pipeline(conn_rec *c, apr_bucket_brigade *bb)
/* Unexpected error, stop with this connection */
c->keepalive = AP_CONN_CLOSE;
log_level = APLOG_ERR;
+ rv = APR_EGENERAL;
}
else {
/* Let outside (non-speculative/blocking) read determine
* where this possible failure comes from (metadata,
- * morphed EOF socket => empty bucket? debug only here).
+ * morphed EOF socket, ...). Debug only here.
*/
- c->data_in_input_filters = 1;
log_level = APLOG_DEBUG;
+ rv = APR_SUCCESS;
}
ap_log_cerror(APLOG_MARK, log_level, rv, c, APLOGNO(02968)
"Can't check pipelined data");
@@ -285,40 +296,47 @@ static void check_pipeline(conn_rec *c, apr_bucket_brigade *bb)
}
if (mode == AP_MODE_READBYTES) {
+ /* [CR]LF consumed, try next */
mode = AP_MODE_SPECULATIVE;
cr = 0;
}
else if (cr) {
AP_DEBUG_ASSERT(len == 2 && buf[0] == APR_ASCII_CR);
if (buf[1] == APR_ASCII_LF) {
+ /* consume this CRLF */
mode = AP_MODE_READBYTES;
- num_blank_lines--;
+ num_blank_lines++;
}
else {
- c->data_in_input_filters = 1;
+ /* CR(?!LF) is data */
break;
}
}
else {
if (buf[0] == APR_ASCII_LF) {
+ /* consume this LF */
mode = AP_MODE_READBYTES;
- num_blank_lines--;
+ num_blank_lines++;
}
else if (buf[0] == APR_ASCII_CR) {
cr = 1;
}
else {
- c->data_in_input_filters = 1;
+ /* Not [CR]LF, some data */
break;
}
}
- /* Enough blank lines with this connection?
- * Stop and don't recycle it.
- */
- if (num_blank_lines < 0) {
+ if (num_blank_lines > max_blank_lines) {
+ /* Enough blank lines with this connection,
+ * stop and don't recycle it.
+ */
c->keepalive = AP_CONN_CLOSE;
+ rv = APR_NOTFOUND;
+ break;
}
}
+
+ return rv;
}
@@ -327,6 +345,7 @@ AP_DECLARE(void) ap_process_request_after_handler(request_rec *r)
apr_bucket_brigade *bb;
apr_bucket *b;
conn_rec *c = r->connection;
+ apr_status_t rv;
/* Send an EOR bucket through the output filter chain. When
* this bucket is destroyed, the request will be logged and
@@ -351,8 +370,15 @@ AP_DECLARE(void) ap_process_request_after_handler(request_rec *r)
* already by the EOR bucket's cleanup function.
*/
- check_pipeline(c, bb);
+ /* Check pipeline consuming blank lines, they must not be interpreted as
+ * the next pipelined request, otherwise we would block on the next read
+ * without flushing data, and hence possibly delay pending response(s)
+ * until the next/real request comes in or the keepalive timeout expires.
+ */
+ rv = ap_check_pipeline(c, bb, DEFAULT_LIMIT_BLANK_LINES);
+ c->data_in_input_filters = (rv == APR_SUCCESS);
apr_brigade_destroy(bb);
+
if (c->cs)
c->cs->state = (c->aborted) ? CONN_STATE_LINGER
: CONN_STATE_WRITE_COMPLETION;
@@ -685,8 +711,17 @@ AP_DECLARE(void) ap_internal_fast_redirect(request_rec *rr, request_rec *r)
update_r_in_filters(r->output_filters, rr, r);
if (r->main) {
- ap_add_output_filter_handle(ap_subreq_core_filter_handle,
- NULL, r, r->connection);
+ ap_filter_t *next = r->output_filters;
+ while (next && (next != r->proto_output_filters)) {
+ if (next->frec == ap_subreq_core_filter_handle) {
+ break;
+ }
+ next = next->next;
+ }
+ if (!next || next == r->proto_output_filters) {
+ ap_add_output_filter_handle(ap_subreq_core_filter_handle,
+ NULL, r, r->connection);
+ }
}
else {
/*
diff --git a/modules/http2/NWGNUmod_http2 b/modules/http2/NWGNUmod_http2
index e9c48a4..10974a7 100644
--- a/modules/http2/NWGNUmod_http2
+++ b/modules/http2/NWGNUmod_http2
@@ -199,7 +199,7 @@ FILES_nlm_objs = \
$(OBJDIR)/h2_ngn_shed.o \
$(OBJDIR)/h2_push.o \
$(OBJDIR)/h2_request.o \
- $(OBJDIR)/h2_response.o \
+ $(OBJDIR)/h2_headers.o \
$(OBJDIR)/h2_session.o \
$(OBJDIR)/h2_stream.o \
$(OBJDIR)/h2_switch.o \
@@ -355,25 +355,6 @@ $(OBJDIR)/mod_http2.imp : NWGNUmod_http2
@echo $(DL)GEN $@$(DL)
@echo $(DL) (HTTP2)$(DL) > $@
@echo $(DL) http2_module,$(DL) >> $@
- @echo $(DL) h2_ihash_add,$(DL) >> $@
- @echo $(DL) h2_ihash_clear,$(DL) >> $@
- @echo $(DL) h2_ihash_count,$(DL) >> $@
- @echo $(DL) h2_ihash_create,$(DL) >> $@
- @echo $(DL) h2_ihash_empty,$(DL) >> $@
- @echo $(DL) h2_ihash_iter,$(DL) >> $@
- @echo $(DL) h2_ihash_remove,$(DL) >> $@
- @echo $(DL) h2_iq_add,$(DL) >> $@
- @echo $(DL) h2_iq_create,$(DL) >> $@
- @echo $(DL) h2_iq_remove,$(DL) >> $@
- @echo $(DL) h2_log2,$(DL) >> $@
- @echo $(DL) h2_proxy_res_ignore_header,$(DL) >> $@
- @echo $(DL) h2_headers_add_h1,$(DL) >> $@
- @echo $(DL) h2_req_create,$(DL) >> $@
- @echo $(DL) h2_req_createn,$(DL) >> $@
- @echo $(DL) h2_req_make,$(DL) >> $@
- @echo $(DL) h2_util_camel_case_header,$(DL) >> $@
- @echo $(DL) h2_util_frame_print,$(DL) >> $@
- @echo $(DL) h2_util_ngheader_make_req,$(DL) >> $@
@echo $(DL) nghttp2_is_fatal,$(DL) >> $@
@echo $(DL) nghttp2_option_del,$(DL) >> $@
@echo $(DL) nghttp2_option_new,$(DL) >> $@
@@ -400,6 +381,7 @@ $(OBJDIR)/mod_http2.imp : NWGNUmod_http2
@echo $(DL) nghttp2_session_want_write,$(DL) >> $@
@echo $(DL) nghttp2_strerror,$(DL) >> $@
@echo $(DL) nghttp2_submit_goaway,$(DL) >> $@
+ @echo $(DL) nghttp2_submit_ping,$(DL) >> $@
@echo $(DL) nghttp2_submit_request,$(DL) >> $@
@echo $(DL) nghttp2_submit_rst_stream,$(DL) >> $@
@echo $(DL) nghttp2_submit_settings,$(DL) >> $@
diff --git a/modules/http2/NWGNUproxyht2 b/modules/http2/NWGNUproxyht2
index 7153d08..ca44ad7 100644
--- a/modules/http2/NWGNUproxyht2
+++ b/modules/http2/NWGNUproxyht2
@@ -182,6 +182,7 @@ TARGET_lib = \
FILES_nlm_objs = \
$(OBJDIR)/mod_proxy_http2.o \
$(OBJDIR)/h2_proxy_session.o \
+ $(OBJDIR)/h2_proxy_util.o \
$(EOLIST)
#
diff --git a/modules/http2/README.h2 b/modules/http2/README.h2
index 399086b..f2956f3 100644
--- a/modules/http2/README.h2
+++ b/modules/http2/README.h2
@@ -60,7 +60,7 @@ TLS CONFIGURATION
If you want to use HTTP/2 with a browser, most modern browsers will support
it without further configuration. However, browsers so far only support
-HTTP/2 over TLS and are expecially picky about the certificate and
+HTTP/2 over TLS and are especially picky about the certificate and
encryption ciphers used.
Server admins may look for up-to-date information about "modern" TLS
diff --git a/modules/http2/config2.m4 b/modules/http2/config2.m4
index a77ad80..ceb1835 100644
--- a/modules/http2/config2.m4
+++ b/modules/http2/config2.m4
@@ -30,11 +30,11 @@ h2_ctx.lo dnl
h2_filter.lo dnl
h2_from_h1.lo dnl
h2_h2.lo dnl
+h2_headers.lo dnl
h2_mplx.lo dnl
h2_ngn_shed.lo dnl
h2_push.lo dnl
h2_request.lo dnl
-h2_response.lo dnl
h2_session.lo dnl
h2_stream.lo dnl
h2_switch.lo dnl
@@ -154,6 +154,9 @@ dnl # nghttp2 >= 1.3.0: access to stream weights
dnl # nghttp2 >= 1.5.0: changing stream priorities
AC_CHECK_FUNCS([nghttp2_session_change_stream_priority],
[APR_ADDTO(MOD_CPPFLAGS, ["-DH2_NG2_CHANGE_PRIO"])], [])
+dnl # nghttp2 >= 1.14.0: invalid header callback
+ AC_CHECK_FUNCS([nghttp2_session_callbacks_set_on_invalid_header_callback],
+ [APR_ADDTO(MOD_CPPFLAGS, ["-DH2_NG2_INVALID_HEADER_CB"])], [])
else
AC_MSG_WARN([nghttp2 version is too old])
fi
diff --git a/modules/http2/h2.h b/modules/http2/h2.h
index 9075b00..2b80e1b 100644
--- a/modules/http2/h2.h
+++ b/modules/http2/h2.h
@@ -47,13 +47,14 @@ extern const char *H2_MAGIC_TOKEN;
#define H2_HEADER_PATH_LEN 5
#define H2_CRLF "\r\n"
+/* Max data size to write so it fits inside a TLS record */
+#define H2_DATA_CHUNK_SIZE ((16*1024) - 100 - 9)
+
/* Maximum number of padding bytes in a frame, rfc7540 */
#define H2_MAX_PADLEN 256
/* Initial default window size, RFC 7540 ch. 6.5.2 */
#define H2_INITIAL_WINDOW_SIZE ((64*1024)-1)
-#define H2_HTTP_2XX(a) ((a) >= 200 && (a) < 300)
-
#define H2_STREAM_CLIENT_INITIATED(id) (id&0x01)
#define H2_ALEN(a) (sizeof(a)/sizeof((a)[0]))
@@ -95,17 +96,16 @@ typedef enum {
H2_SESSION_ST_IDLE, /* nothing to write, expecting data inc */
H2_SESSION_ST_BUSY, /* read/write without stop */
H2_SESSION_ST_WAIT, /* waiting for tasks reporting back */
- H2_SESSION_ST_LOCAL_SHUTDOWN, /* we announced GOAWAY */
- H2_SESSION_ST_REMOTE_SHUTDOWN, /* client announced GOAWAY */
} h2_session_state;
typedef struct h2_session_props {
- apr_uint32_t accepted_max; /* the highest remote stream id was/will be handled */
- apr_uint32_t completed_max; /* the highest remote stream completed */
- apr_uint32_t emitted_count; /* the number of local streams sent */
- apr_uint32_t emitted_max; /* the highest local stream id sent */
- apr_uint32_t error; /* the last session error encountered */
+ int accepted_max; /* the highest remote stream id was/will be handled */
+ int completed_max; /* the highest remote stream completed */
+ int emitted_count; /* the number of local streams sent */
+ int emitted_max; /* the highest local stream id sent */
+ int error; /* the last session error encountered */
unsigned int accepting : 1; /* if the session is accepting new streams */
+ unsigned int shutdown : 1; /* if the final GOAWAY has been sent */
} h2_session_props;
@@ -116,37 +116,23 @@ typedef struct h2_session_props {
typedef struct h2_request h2_request;
struct h2_request {
- int id; /* stream id */
- int initiated_on; /* initiating stream id (PUSH) or 0 */
-
const char *method; /* pseudo header values, see ch. 8.1.2.3 */
const char *scheme;
const char *authority;
const char *path;
-
apr_table_t *headers;
- apr_table_t *trailers;
apr_time_t request_time;
- apr_off_t content_length;
-
- unsigned int chunked : 1; /* iff requst body needs to be forwarded as chunked */
- unsigned int eoh : 1; /* iff end-of-headers has been seen and request is complete */
- unsigned int body : 1; /* iff this request has a body */
+ unsigned int chunked : 1; /* iff requst body needs to be forwarded as chunked */
unsigned int serialize : 1; /* iff this request is written in HTTP/1.1 serialization */
- unsigned int push_policy; /* which push policy to use for this request */
};
-typedef struct h2_response h2_response;
+typedef struct h2_headers h2_headers;
-struct h2_response {
- int stream_id;
- int rst_error;
- int http_status;
- apr_off_t content_length;
+struct h2_headers {
+ int status;
apr_table_t *headers;
- apr_table_t *trailers;
- const char *sos_filter;
+ apr_table_t *notes;
};
typedef apr_status_t h2_io_data_cb(void *ctx, const char *data, apr_off_t len);
@@ -155,7 +141,7 @@ typedef int h2_stream_pri_cmp(int stream_id1, int stream_id2, void *ctx);
/* Note key to attach connection task id to conn_rec/request_rec instances */
-#define H2_TASK_ID_NOTE "http2-task-id"
-
+#define H2_TASK_ID_NOTE "http2-task-id"
+#define H2_FILTER_DEBUG_NOTE "http2-debug"
#endif /* defined(__mod_h2__h2__) */
diff --git a/modules/http2/h2_alt_svc.c b/modules/http2/h2_alt_svc.c
index 24a8b1f..3dee9df 100644
--- a/modules/http2/h2_alt_svc.c
+++ b/modules/http2/h2_alt_svc.c
@@ -86,7 +86,7 @@ static int h2_alt_svc_handler(request_rec *r)
return DECLINED;
}
- cfg = h2_config_rget(r);
+ cfg = h2_config_sget(r->server);
if (r->hostname && cfg && cfg->alt_svcs && cfg->alt_svcs->nelts > 0) {
const char *alt_svc_used = apr_table_get(r->headers_in, "Alt-Svc-Used");
if (!alt_svc_used) {
diff --git a/modules/http2/h2_bucket_beam.c b/modules/http2/h2_bucket_beam.c
index cf2cb84..9b9c3b3 100644
--- a/modules/http2/h2_bucket_beam.c
+++ b/modules/http2/h2_bucket_beam.c
@@ -21,6 +21,7 @@
#include <apr_thread_cond.h>
#include <httpd.h>
+#include <http_protocol.h>
#include <http_log.h>
#include "h2_private.h"
@@ -138,25 +139,6 @@ static apr_bucket *h2_beam_bucket_create(h2_bucket_beam *beam,
return h2_beam_bucket_make(b, beam, bred, n);
}
-/*static apr_status_t beam_bucket_setaside(apr_bucket *b, apr_pool_t *pool)
-{
- apr_status_t status = APR_SUCCESS;
- h2_beam_proxy *d = b->data;
- if (d->bred) {
- const char *data;
- apr_size_t len;
-
- status = apr_bucket_read(d->bred, &data, &len, APR_BLOCK_READ);
- if (status == APR_SUCCESS) {
- b = apr_bucket_heap_make(b, (char *)data + b->start, b->length, NULL);
- if (b == NULL) {
- return APR_ENOMEM;
- }
- }
- }
- return status;
-}*/
-
const apr_bucket_type_t h2_bucket_type_beam = {
"BEAM", 5, APR_BUCKET_DATA,
beam_bucket_destroy,
@@ -169,7 +151,36 @@ const apr_bucket_type_t h2_bucket_type_beam = {
/*******************************************************************************
* h2_blist, a brigade without allocations
******************************************************************************/
+
+static apr_array_header_t *beamers;
+void h2_register_bucket_beamer(h2_bucket_beamer *beamer)
+{
+ if (!beamers) {
+ beamers = apr_array_make(apr_hook_global_pool, 10,
+ sizeof(h2_bucket_beamer*));
+ }
+ APR_ARRAY_PUSH(beamers, h2_bucket_beamer*) = beamer;
+}
+
+static apr_bucket *h2_beam_bucket(h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src)
+{
+ apr_bucket *b = NULL;
+ int i;
+ if (beamers) {
+ for (i = 0; i < beamers->nelts && b == NULL; ++i) {
+ h2_bucket_beamer *beamer;
+
+ beamer = APR_ARRAY_IDX(beamers, i, h2_bucket_beamer*);
+ b = beamer(beam, dest, src);
+ }
+ }
+ return b;
+}
+
+
apr_size_t h2_util_bl_print(char *buffer, apr_size_t bmax,
const char *tag, const char *sep,
h2_blist *bl)
@@ -223,12 +234,34 @@ static void leave_yellow(h2_bucket_beam *beam, h2_beam_lock *pbl)
}
}
-static apr_off_t calc_buffered(h2_bucket_beam *beam)
+static void report_consumption(h2_bucket_beam *beam, int force)
+{
+ if (force || beam->received_bytes != beam->reported_consumed_bytes) {
+ if (beam->consumed_fn) {
+ beam->consumed_fn(beam->consumed_ctx, beam, beam->received_bytes
+ - beam->reported_consumed_bytes);
+ }
+ beam->reported_consumed_bytes = beam->received_bytes;
+ }
+}
+
+static void report_production(h2_bucket_beam *beam, int force)
{
- apr_off_t len = 0;
+ if (force || beam->sent_bytes != beam->reported_produced_bytes) {
+ if (beam->produced_fn) {
+ beam->produced_fn(beam->produced_ctx, beam, beam->sent_bytes
+ - beam->reported_produced_bytes);
+ }
+ beam->reported_produced_bytes = beam->sent_bytes;
+ }
+}
+
+static apr_size_t calc_buffered(h2_bucket_beam *beam)
+{
+ apr_size_t len = 0;
apr_bucket *b;
- for (b = H2_BLIST_FIRST(&beam->red);
- b != H2_BLIST_SENTINEL(&beam->red);
+ for (b = H2_BLIST_FIRST(&beam->send_list);
+ b != H2_BLIST_SENTINEL(&beam->send_list);
b = APR_BUCKET_NEXT(b)) {
if (b->length == ((apr_size_t)-1)) {
/* do not count */
@@ -243,14 +276,14 @@ static apr_off_t calc_buffered(h2_bucket_beam *beam)
return len;
}
-static void r_purge_reds(h2_bucket_beam *beam)
+static void r_purge_sent(h2_bucket_beam *beam)
{
- apr_bucket *bred;
- /* delete all red buckets in purge brigade, needs to be called
- * from red thread only */
- while (!H2_BLIST_EMPTY(&beam->purge)) {
- bred = H2_BLIST_FIRST(&beam->purge);
- apr_bucket_delete(bred);
+ apr_bucket *b;
+ /* delete all sender buckets in purge brigade, needs to be called
+ * from sender thread only */
+ while (!H2_BLIST_EMPTY(&beam->purge_list)) {
+ b = H2_BLIST_FIRST(&beam->purge_list);
+ apr_bucket_delete(b);
}
}
@@ -274,16 +307,18 @@ static apr_status_t wait_cond(h2_bucket_beam *beam, apr_thread_mutex_t *lock)
}
static apr_status_t r_wait_space(h2_bucket_beam *beam, apr_read_type_e block,
- h2_beam_lock *pbl, apr_off_t *premain)
+ h2_beam_lock *pbl, apr_size_t *premain)
{
*premain = calc_space_left(beam);
while (!beam->aborted && *premain <= 0
&& (block == APR_BLOCK_READ) && pbl->mutex) {
- apr_status_t status = wait_cond(beam, pbl->mutex);
+ apr_status_t status;
+ report_production(beam, 1);
+ status = wait_cond(beam, pbl->mutex);
if (APR_STATUS_IS_TIMEUP(status)) {
return status;
}
- r_purge_reds(beam);
+ r_purge_sent(beam);
*premain = calc_space_left(beam);
}
return beam->aborted? APR_ECONNABORTED : APR_SUCCESS;
@@ -298,34 +333,34 @@ static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy)
/* even when beam buckets are split, only the one where
* refcount drops to 0 will call us */
H2_BPROXY_REMOVE(proxy);
- /* invoked from green thread, the last beam bucket for the red
- * bucket bred is about to be destroyed.
+ /* invoked from receiver thread, the last beam bucket for the send
+ * bucket is about to be destroyed.
* remove it from the hold, where it should be now */
if (proxy->bred) {
- for (b = H2_BLIST_FIRST(&beam->hold);
- b != H2_BLIST_SENTINEL(&beam->hold);
+ for (b = H2_BLIST_FIRST(&beam->hold_list);
+ b != H2_BLIST_SENTINEL(&beam->hold_list);
b = APR_BUCKET_NEXT(b)) {
if (b == proxy->bred) {
break;
}
}
- if (b != H2_BLIST_SENTINEL(&beam->hold)) {
+ if (b != H2_BLIST_SENTINEL(&beam->hold_list)) {
/* bucket is in hold as it should be, mark this one
* and all before it for purging. We might have placed meta
* buckets without a green proxy into the hold before it
* and schedule them for purging now */
- for (b = H2_BLIST_FIRST(&beam->hold);
- b != H2_BLIST_SENTINEL(&beam->hold);
+ for (b = H2_BLIST_FIRST(&beam->hold_list);
+ b != H2_BLIST_SENTINEL(&beam->hold_list);
b = next) {
next = APR_BUCKET_NEXT(b);
if (b == proxy->bred) {
APR_BUCKET_REMOVE(b);
- H2_BLIST_INSERT_TAIL(&beam->purge, b);
+ H2_BLIST_INSERT_TAIL(&beam->purge_list, b);
break;
}
else if (APR_BUCKET_IS_METADATA(b)) {
APR_BUCKET_REMOVE(b);
- H2_BLIST_INSERT_TAIL(&beam->purge, b);
+ H2_BLIST_INSERT_TAIL(&beam->purge_list, b);
}
else {
/* another data bucket before this one in hold. this
@@ -338,16 +373,16 @@ static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy)
}
else {
/* it should be there unless we screwed up */
- ap_log_perror(APLOG_MARK, APLOG_WARNING, 0, beam->red_pool,
+ ap_log_perror(APLOG_MARK, APLOG_WARNING, 0, beam->send_pool,
APLOGNO(03384) "h2_beam(%d-%s): emitted bucket not "
"in hold, n=%d", beam->id, beam->tag,
(int)proxy->n);
- AP_DEBUG_ASSERT(!proxy->bred);
+ ap_assert(!proxy->bred);
}
}
/* notify anyone waiting on space to become available */
if (!bl.mutex) {
- r_purge_reds(beam);
+ r_purge_sent(beam);
}
else if (beam->m_cond) {
apr_thread_cond_broadcast(beam->m_cond);
@@ -356,28 +391,6 @@ static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy)
}
}
-static void report_consumption(h2_bucket_beam *beam, int force)
-{
- if (force || beam->received_bytes != beam->reported_consumed_bytes) {
- if (beam->consumed_fn) {
- beam->consumed_fn(beam->consumed_ctx, beam, beam->received_bytes
- - beam->reported_consumed_bytes);
- }
- beam->reported_consumed_bytes = beam->received_bytes;
- }
-}
-
-static void report_production(h2_bucket_beam *beam, int force)
-{
- if (force || beam->sent_bytes != beam->reported_produced_bytes) {
- if (beam->produced_fn) {
- beam->produced_fn(beam->produced_ctx, beam, beam->sent_bytes
- - beam->reported_produced_bytes);
- }
- beam->reported_produced_bytes = beam->sent_bytes;
- }
-}
-
static void h2_blist_cleanup(h2_blist *bl)
{
apr_bucket *e;
@@ -399,13 +412,38 @@ static apr_status_t beam_close(h2_bucket_beam *beam)
return APR_SUCCESS;
}
-static apr_status_t beam_cleanup(void *data)
+static void beam_set_send_pool(h2_bucket_beam *beam, apr_pool_t *pool);
+static void beam_set_recv_pool(h2_bucket_beam *beam, apr_pool_t *pool);
+
+static apr_status_t beam_recv_cleanup(void *data)
{
h2_bucket_beam *beam = data;
-
- beam_close(beam);
- r_purge_reds(beam);
- h2_blist_cleanup(&beam->red);
+ /* receiver pool has gone away, clear references */
+ beam->recv_buffer = NULL;
+ beam->recv_pool = NULL;
+ return APR_SUCCESS;
+}
+
+static void beam_set_recv_pool(h2_bucket_beam *beam, apr_pool_t *pool)
+{
+ /* if the beam owner is the sender, monitor receiver pool lifetime */
+ if (beam->owner == H2_BEAM_OWNER_SEND && beam->recv_pool != pool) {
+ if (beam->recv_pool) {
+ apr_pool_cleanup_kill(beam->recv_pool, beam, beam_recv_cleanup);
+ }
+ beam->recv_pool = pool;
+ if (beam->recv_pool) {
+ apr_pool_pre_cleanup_register(beam->recv_pool, beam, beam_recv_cleanup);
+ }
+ }
+}
+
+static apr_status_t beam_send_cleanup(void *data)
+{
+ h2_bucket_beam *beam = data;
+ /* sender has gone away, clear up all references to its memory */
+ r_purge_sent(beam);
+ h2_blist_cleanup(&beam->send_list);
report_consumption(beam, 0);
while (!H2_BPROXY_LIST_EMPTY(&beam->proxies)) {
h2_beam_proxy *proxy = H2_BPROXY_LIST_FIRST(&beam->proxies);
@@ -413,40 +451,101 @@ static apr_status_t beam_cleanup(void *data)
proxy->beam = NULL;
proxy->bred = NULL;
}
- h2_blist_cleanup(&beam->purge);
- h2_blist_cleanup(&beam->hold);
-
+ h2_blist_cleanup(&beam->purge_list);
+ h2_blist_cleanup(&beam->hold_list);
+ beam->send_pool = NULL;
return APR_SUCCESS;
}
+static void beam_set_send_pool(h2_bucket_beam *beam, apr_pool_t *pool)
+{
+ /* if the beam owner is the receiver, monitor sender pool lifetime */
+ if (beam->owner == H2_BEAM_OWNER_RECV && beam->send_pool != pool) {
+ if (beam->send_pool) {
+ apr_pool_cleanup_kill(beam->send_pool, beam, beam_send_cleanup);
+ }
+ beam->send_pool = pool;
+ if (beam->send_pool) {
+ apr_pool_pre_cleanup_register(beam->send_pool, beam, beam_send_cleanup);
+ }
+ }
+}
+
+static apr_status_t beam_cleanup(void *data)
+{
+ h2_bucket_beam *beam = data;
+ apr_status_t status = APR_SUCCESS;
+ /* owner of the beam is going away, depending on its role, cleanup
+ * strategies differ. */
+ beam_close(beam);
+ switch (beam->owner) {
+ case H2_BEAM_OWNER_SEND:
+ status = beam_send_cleanup(beam);
+ beam->recv_buffer = NULL;
+ beam->recv_pool = NULL;
+ break;
+ case H2_BEAM_OWNER_RECV:
+ if (beam->recv_buffer) {
+ apr_brigade_destroy(beam->recv_buffer);
+ }
+ beam->recv_buffer = NULL;
+ beam->recv_pool = NULL;
+ if (!H2_BLIST_EMPTY(&beam->send_list)) {
+ ap_assert(beam->send_pool);
+ }
+ if (beam->send_pool) {
+ /* sender has not cleaned up, its pool still lives.
+ * this is normal if the sender uses cleanup via a bucket
+ * such as the BUCKET_EOR for requests. In that case, the
+ * beam should have lost its mutex protection, meaning
+ * it is no longer used multi-threaded and we can safely
+ * purge all remaining sender buckets. */
+ apr_pool_cleanup_kill(beam->send_pool, beam, beam_send_cleanup);
+ ap_assert(!beam->m_enter);
+ beam_send_cleanup(beam);
+ }
+ ap_assert(H2_BPROXY_LIST_EMPTY(&beam->proxies));
+ ap_assert(H2_BLIST_EMPTY(&beam->send_list));
+ ap_assert(H2_BLIST_EMPTY(&beam->hold_list));
+ ap_assert(H2_BLIST_EMPTY(&beam->purge_list));
+ break;
+ default:
+ ap_assert(NULL);
+ break;
+ }
+ return status;
+}
+
apr_status_t h2_beam_destroy(h2_bucket_beam *beam)
{
- apr_pool_cleanup_kill(beam->red_pool, beam, beam_cleanup);
+ apr_pool_cleanup_kill(beam->pool, beam, beam_cleanup);
return beam_cleanup(beam);
}
-apr_status_t h2_beam_create(h2_bucket_beam **pbeam, apr_pool_t *red_pool,
+apr_status_t h2_beam_create(h2_bucket_beam **pbeam, apr_pool_t *pool,
int id, const char *tag,
+ h2_beam_owner_t owner,
apr_size_t max_buf_size)
{
h2_bucket_beam *beam;
apr_status_t status = APR_SUCCESS;
- beam = apr_pcalloc(red_pool, sizeof(*beam));
+ beam = apr_pcalloc(pool, sizeof(*beam));
if (!beam) {
return APR_ENOMEM;
}
beam->id = id;
beam->tag = tag;
- H2_BLIST_INIT(&beam->red);
- H2_BLIST_INIT(&beam->hold);
- H2_BLIST_INIT(&beam->purge);
+ beam->pool = pool;
+ beam->owner = owner;
+ H2_BLIST_INIT(&beam->send_list);
+ H2_BLIST_INIT(&beam->hold_list);
+ H2_BLIST_INIT(&beam->purge_list);
H2_BPROXY_LIST_INIT(&beam->proxies);
- beam->red_pool = red_pool;
beam->max_buf_size = max_buf_size;
+ apr_pool_pre_cleanup_register(pool, beam, beam_cleanup);
- apr_pool_pre_cleanup_register(red_pool, beam, beam_cleanup);
*pbeam = beam;
return status;
@@ -516,10 +615,12 @@ void h2_beam_abort(h2_bucket_beam *beam)
h2_beam_lock bl;
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- r_purge_reds(beam);
- h2_blist_cleanup(&beam->red);
- beam->aborted = 1;
- report_consumption(beam, 0);
+ if (!beam->aborted) {
+ beam->aborted = 1;
+ r_purge_sent(beam);
+ h2_blist_cleanup(&beam->send_list);
+ report_consumption(beam, 0);
+ }
if (beam->m_cond) {
apr_thread_cond_broadcast(beam->m_cond);
}
@@ -532,7 +633,7 @@ apr_status_t h2_beam_close(h2_bucket_beam *beam)
h2_beam_lock bl;
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- r_purge_reds(beam);
+ r_purge_sent(beam);
beam_close(beam);
report_consumption(beam, 0);
leave_yellow(beam, &bl);
@@ -540,22 +641,15 @@ apr_status_t h2_beam_close(h2_bucket_beam *beam)
return beam->aborted? APR_ECONNABORTED : APR_SUCCESS;
}
-apr_status_t h2_beam_shutdown(h2_bucket_beam *beam, apr_read_type_e block,
- int clear_buffers)
+apr_status_t h2_beam_wait_empty(h2_bucket_beam *beam, apr_read_type_e block)
{
apr_status_t status;
h2_beam_lock bl;
if ((status = enter_yellow(beam, &bl)) == APR_SUCCESS) {
- if (clear_buffers) {
- r_purge_reds(beam);
- h2_blist_cleanup(&beam->red);
- }
- beam_close(beam);
-
- while (status == APR_SUCCESS
- && (!H2_BPROXY_LIST_EMPTY(&beam->proxies)
- || (beam->green && !APR_BRIGADE_EMPTY(beam->green)))) {
+ while (status == APR_SUCCESS
+ && !H2_BLIST_EMPTY(&beam->send_list)
+ && !H2_BPROXY_LIST_EMPTY(&beam->proxies)) {
if (block == APR_NONBLOCK_READ || !bl.mutex) {
status = APR_EAGAIN;
break;
@@ -570,39 +664,49 @@ apr_status_t h2_beam_shutdown(h2_bucket_beam *beam, apr_read_type_e block,
return status;
}
+static void move_to_hold(h2_bucket_beam *beam,
+ apr_bucket_brigade *red_brigade)
+{
+ apr_bucket *b;
+ while (red_brigade && !APR_BRIGADE_EMPTY(red_brigade)) {
+ b = APR_BRIGADE_FIRST(red_brigade);
+ APR_BUCKET_REMOVE(b);
+ H2_BLIST_INSERT_TAIL(&beam->send_list, b);
+ }
+}
+
static apr_status_t append_bucket(h2_bucket_beam *beam,
- apr_bucket *bred,
+ apr_bucket *b,
apr_read_type_e block,
- apr_pool_t *pool,
h2_beam_lock *pbl)
{
const char *data;
apr_size_t len;
- apr_off_t space_left = 0;
+ apr_size_t space_left = 0;
apr_status_t status;
- if (APR_BUCKET_IS_METADATA(bred)) {
- if (APR_BUCKET_IS_EOS(bred)) {
+ if (APR_BUCKET_IS_METADATA(b)) {
+ if (APR_BUCKET_IS_EOS(b)) {
beam->closed = 1;
}
- APR_BUCKET_REMOVE(bred);
- H2_BLIST_INSERT_TAIL(&beam->red, bred);
+ APR_BUCKET_REMOVE(b);
+ H2_BLIST_INSERT_TAIL(&beam->send_list, b);
return APR_SUCCESS;
}
- else if (APR_BUCKET_IS_FILE(bred)) {
+ else if (APR_BUCKET_IS_FILE(b)) {
/* file bucket lengths do not really count */
}
else {
space_left = calc_space_left(beam);
- if (space_left > 0 && bred->length == ((apr_size_t)-1)) {
+ if (space_left > 0 && b->length == ((apr_size_t)-1)) {
const char *data;
- status = apr_bucket_read(bred, &data, &len, APR_BLOCK_READ);
+ status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ);
if (status != APR_SUCCESS) {
return status;
}
}
- if (space_left < bred->length) {
+ if (space_left < b->length) {
status = r_wait_space(beam, block, pbl, &space_left);
if (status != APR_SUCCESS) {
return status;
@@ -620,33 +724,30 @@ static apr_status_t append_bucket(h2_bucket_beam *beam,
* its pool/bucket_alloc from a foreign thread and that will
* corrupt. */
status = APR_ENOTIMPL;
- if (beam->closed && bred->length > 0) {
- status = APR_EOF;
- }
- else if (APR_BUCKET_IS_TRANSIENT(bred)) {
+ if (APR_BUCKET_IS_TRANSIENT(b)) {
/* this takes care of transient buckets and converts them
* into heap ones. Other bucket types might or might not be
* affected by this. */
- status = apr_bucket_setaside(bred, pool);
+ status = apr_bucket_setaside(b, beam->send_pool);
}
- else if (APR_BUCKET_IS_HEAP(bred)) {
+ else if (APR_BUCKET_IS_HEAP(b)) {
/* For heap buckets read from a green thread is fine. The
* data will be there and live until the bucket itself is
* destroyed. */
status = APR_SUCCESS;
}
- else if (APR_BUCKET_IS_POOL(bred)) {
+ else if (APR_BUCKET_IS_POOL(b)) {
/* pool buckets are bastards that register at pool cleanup
* to morph themselves into heap buckets. That may happen anytime,
* even after the bucket data pointer has been read. So at
* any time inside the green thread, the pool bucket memory
* may disappear. yikes. */
- status = apr_bucket_read(bred, &data, &len, APR_BLOCK_READ);
+ status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ);
if (status == APR_SUCCESS) {
- apr_bucket_heap_make(bred, data, len, NULL);
+ apr_bucket_heap_make(b, data, len, NULL);
}
}
- else if (APR_BUCKET_IS_FILE(bred)) {
+ else if (APR_BUCKET_IS_FILE(b)) {
/* For file buckets the problem is their internal readpool that
* is used on the first read to allocate buffer/mmap.
* Since setting aside a file bucket will de-register the
@@ -656,14 +757,14 @@ static apr_status_t append_bucket(h2_bucket_beam *beam,
* handles across. The use case for this is to limit the number
* of open file handles and rather use a less efficient beam
* transport. */
- apr_file_t *fd = ((apr_bucket_file *)bred->data)->fd;
+ apr_file_t *fd = ((apr_bucket_file *)b->data)->fd;
int can_beam = 1;
if (beam->last_beamed != fd && beam->can_beam_fn) {
can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd);
}
if (can_beam) {
beam->last_beamed = fd;
- status = apr_bucket_setaside(bred, pool);
+ status = apr_bucket_setaside(b, beam->send_pool);
}
/* else: enter ENOTIMPL case below */
}
@@ -678,12 +779,12 @@ static apr_status_t append_bucket(h2_bucket_beam *beam,
if (space_left < APR_BUCKET_BUFF_SIZE) {
space_left = APR_BUCKET_BUFF_SIZE;
}
- if (space_left < bred->length) {
- apr_bucket_split(bred, space_left);
+ if (space_left < b->length) {
+ apr_bucket_split(b, space_left);
}
- status = apr_bucket_read(bred, &data, &len, APR_BLOCK_READ);
+ status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ);
if (status == APR_SUCCESS) {
- status = apr_bucket_setaside(bred, pool);
+ status = apr_bucket_setaside(b, beam->send_pool);
}
}
@@ -691,9 +792,9 @@ static apr_status_t append_bucket(h2_bucket_beam *beam,
return status;
}
- APR_BUCKET_REMOVE(bred);
- H2_BLIST_INSERT_TAIL(&beam->red, bred);
- beam->sent_bytes += bred->length;
+ APR_BUCKET_REMOVE(b);
+ H2_BLIST_INSERT_TAIL(&beam->send_list, b);
+ beam->sent_bytes += b->length;
return APR_SUCCESS;
}
@@ -702,23 +803,27 @@ apr_status_t h2_beam_send(h2_bucket_beam *beam,
apr_bucket_brigade *red_brigade,
apr_read_type_e block)
{
- apr_bucket *bred;
+ apr_bucket *b;
apr_status_t status = APR_SUCCESS;
h2_beam_lock bl;
/* Called from the red thread to add buckets to the beam */
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- r_purge_reds(beam);
+ r_purge_sent(beam);
+ if (red_brigade) {
+ beam_set_send_pool(beam, red_brigade->p);
+ }
if (beam->aborted) {
+ move_to_hold(beam, red_brigade);
status = APR_ECONNABORTED;
}
else if (red_brigade) {
int force_report = !APR_BRIGADE_EMPTY(red_brigade);
while (!APR_BRIGADE_EMPTY(red_brigade)
&& status == APR_SUCCESS) {
- bred = APR_BRIGADE_FIRST(red_brigade);
- status = append_bucket(beam, bred, block, beam->red_pool, &bl);
+ b = APR_BRIGADE_FIRST(red_brigade);
+ status = append_bucket(beam, b, block, &bl);
}
report_production(beam, force_report);
if (beam->m_cond) {
@@ -746,18 +851,19 @@ apr_status_t h2_beam_receive(h2_bucket_beam *beam,
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
transfer:
if (beam->aborted) {
- if (beam->green && !APR_BRIGADE_EMPTY(beam->green)) {
- apr_brigade_cleanup(beam->green);
+ if (beam->recv_buffer && !APR_BRIGADE_EMPTY(beam->recv_buffer)) {
+ apr_brigade_cleanup(beam->recv_buffer);
}
status = APR_ECONNABORTED;
goto leave;
}
/* transfer enough buckets from our green brigade, if we have one */
- while (beam->green
- && !APR_BRIGADE_EMPTY(beam->green)
+ beam_set_recv_pool(beam, bb->p);
+ while (beam->recv_buffer
+ && !APR_BRIGADE_EMPTY(beam->recv_buffer)
&& (readbytes <= 0 || remain >= 0)) {
- bgreen = APR_BRIGADE_FIRST(beam->green);
+ bgreen = APR_BRIGADE_FIRST(beam->recv_buffer);
if (readbytes > 0 && bgreen->length > 0 && remain <= 0) {
break;
}
@@ -769,8 +875,8 @@ transfer:
/* transfer from our red brigade, transforming red buckets to
* green ones until we have enough */
- while (!H2_BLIST_EMPTY(&beam->red) && (readbytes <= 0 || remain >= 0)) {
- bred = H2_BLIST_FIRST(&beam->red);
+ while (!H2_BLIST_EMPTY(&beam->send_list) && (readbytes <= 0 || remain >= 0)) {
+ bred = H2_BLIST_FIRST(&beam->send_list);
bgreen = NULL;
if (readbytes > 0 && bred->length > 0 && remain <= 0) {
@@ -785,8 +891,10 @@ transfer:
else if (APR_BUCKET_IS_FLUSH(bred)) {
bgreen = apr_bucket_flush_create(bb->bucket_alloc);
}
- else {
- /* put red into hold, no green sent out */
+ else if (AP_BUCKET_IS_ERROR(bred)) {
+ ap_bucket_error *eb = (ap_bucket_error *)bred;
+ bgreen = ap_bucket_error_create(eb->status, eb->data,
+ bb->p, bb->bucket_alloc);
}
}
else if (APR_BUCKET_IS_FILE(bred)) {
@@ -815,7 +923,7 @@ transfer:
remain -= bred->length;
++transferred;
APR_BUCKET_REMOVE(bred);
- H2_BLIST_INSERT_TAIL(&beam->hold, bred);
+ H2_BLIST_INSERT_TAIL(&beam->hold_list, bred);
++transferred;
continue;
}
@@ -832,13 +940,21 @@ transfer:
/* Place the red bucket into our hold, to be destroyed when no
* green bucket references it any more. */
APR_BUCKET_REMOVE(bred);
- H2_BLIST_INSERT_TAIL(&beam->hold, bred);
+ H2_BLIST_INSERT_TAIL(&beam->hold_list, bred);
beam->received_bytes += bred->length;
if (bgreen) {
APR_BRIGADE_INSERT_TAIL(bb, bgreen);
remain -= bgreen->length;
++transferred;
}
+ else {
+ bgreen = h2_beam_bucket(beam, bb, bred);
+ while (bgreen && bgreen != APR_BRIGADE_SENTINEL(bb)) {
+ ++transferred;
+ remain -= bgreen->length;
+ bgreen = APR_BUCKET_NEXT(bgreen);
+ }
+ }
}
if (readbytes > 0 && remain < 0) {
@@ -850,17 +966,17 @@ transfer:
remain -= bgreen->length;
if (remain < 0) {
apr_bucket_split(bgreen, bgreen->length+remain);
- beam->green = apr_brigade_split_ex(bb,
+ beam->recv_buffer = apr_brigade_split_ex(bb,
APR_BUCKET_NEXT(bgreen),
- beam->green);
+ beam->recv_buffer);
break;
}
}
}
if (beam->closed
- && (!beam->green || APR_BRIGADE_EMPTY(beam->green))
- && H2_BLIST_EMPTY(&beam->red)) {
+ && (!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer))
+ && H2_BLIST_EMPTY(&beam->send_list)) {
/* beam is closed and we have nothing more to receive */
if (!beam->close_sent) {
apr_bucket *b = apr_bucket_eos_create(bb->bucket_alloc);
@@ -872,6 +988,9 @@ transfer:
}
if (transferred) {
+ if (beam->m_cond) {
+ apr_thread_cond_broadcast(beam->m_cond);
+ }
status = APR_SUCCESS;
}
else if (beam->closed) {
@@ -885,6 +1004,9 @@ transfer:
goto transfer;
}
else {
+ if (beam->m_cond) {
+ apr_thread_cond_broadcast(beam->m_cond);
+ }
status = APR_EAGAIN;
}
leave:
@@ -937,8 +1059,8 @@ apr_off_t h2_beam_get_buffered(h2_bucket_beam *beam)
h2_beam_lock bl;
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- for (b = H2_BLIST_FIRST(&beam->red);
- b != H2_BLIST_SENTINEL(&beam->red);
+ for (b = H2_BLIST_FIRST(&beam->send_list);
+ b != H2_BLIST_SENTINEL(&beam->send_list);
b = APR_BUCKET_NEXT(b)) {
/* should all have determinate length */
l += b->length;
@@ -955,8 +1077,8 @@ apr_off_t h2_beam_get_mem_used(h2_bucket_beam *beam)
h2_beam_lock bl;
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- for (b = H2_BLIST_FIRST(&beam->red);
- b != H2_BLIST_SENTINEL(&beam->red);
+ for (b = H2_BLIST_FIRST(&beam->send_list);
+ b != H2_BLIST_SENTINEL(&beam->send_list);
b = APR_BUCKET_NEXT(b)) {
if (APR_BUCKET_IS_FILE(b)) {
/* do not count */
@@ -977,16 +1099,23 @@ int h2_beam_empty(h2_bucket_beam *beam)
h2_beam_lock bl;
if (enter_yellow(beam, &bl) == APR_SUCCESS) {
- empty = (H2_BLIST_EMPTY(&beam->red)
- && (!beam->green || APR_BRIGADE_EMPTY(beam->green)));
+ empty = (H2_BLIST_EMPTY(&beam->send_list)
+ && (!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer)));
leave_yellow(beam, &bl);
}
return empty;
}
-int h2_beam_closed(h2_bucket_beam *beam)
+int h2_beam_holds_proxies(h2_bucket_beam *beam)
{
- return beam->closed;
+ int has_proxies = 1;
+ h2_beam_lock bl;
+
+ if (enter_yellow(beam, &bl) == APR_SUCCESS) {
+ has_proxies = !H2_BPROXY_LIST_EMPTY(&beam->proxies);
+ leave_yellow(beam, &bl);
+ }
+ return has_proxies;
}
int h2_beam_was_received(h2_bucket_beam *beam)
@@ -1013,3 +1142,8 @@ apr_size_t h2_beam_get_files_beamed(h2_bucket_beam *beam)
return n;
}
+int h2_beam_no_files(void *ctx, h2_bucket_beam *beam, apr_file_t *file)
+{
+ return 0;
+}
+
diff --git a/modules/http2/h2_bucket_beam.h b/modules/http2/h2_bucket_beam.h
index 5c5d65d..fc6772b 100644
--- a/modules/http2/h2_bucket_beam.h
+++ b/modules/http2/h2_bucket_beam.h
@@ -88,7 +88,7 @@ apr_size_t h2_util_bl_print(char *buffer, apr_size_t bmax,
* Care needs to be taken when terminating the beam. The beam registers at
* the pool it was created with and will cleanup after itself. However, if
* received buckets do still exist, already freed memory might be accessed.
- * The beam does a AP_DEBUG_ASSERT on this condition.
+ * The beam does a assertion on this condition.
*
* The proper way of shutting down a beam is to first make sure there are no
* more green buckets out there, then cleanup the beam to purge eventually
@@ -163,15 +163,29 @@ typedef struct {
typedef int h2_beam_can_beam_callback(void *ctx, h2_bucket_beam *beam,
apr_file_t *file);
+typedef enum {
+ H2_BEAM_OWNER_SEND,
+ H2_BEAM_OWNER_RECV
+} h2_beam_owner_t;
+
+/**
+ * Will deny all transfer of apr_file_t across the beam and force
+ * a data copy instead.
+ */
+int h2_beam_no_files(void *ctx, h2_bucket_beam *beam, apr_file_t *file);
+
struct h2_bucket_beam {
int id;
const char *tag;
- h2_blist red;
- h2_blist hold;
- h2_blist purge;
- apr_bucket_brigade *green;
+ apr_pool_t *pool;
+ h2_beam_owner_t owner;
+ h2_blist send_list;
+ h2_blist hold_list;
+ h2_blist purge_list;
+ apr_bucket_brigade *recv_buffer;
h2_bproxy_list proxies;
- apr_pool_t *red_pool;
+ apr_pool_t *send_pool;
+ apr_pool_t *recv_pool;
apr_size_t max_buf_size;
apr_interval_time_t timeout;
@@ -208,22 +222,23 @@ struct h2_bucket_beam {
* mutex and will be used in multiple threads. It needs a pool allocator
* that is only used inside that same mutex.
*
- * @param pbeam will hold the created beam on return
- * @param red_pool pool usable on red side, beam lifeline
+ * @param pbeam will hold the created beam on return
+ * @param pool pool owning the beam, beam will cleanup when pool released
+ * @param id identifier of the beam
+ * @param tag tag identifying beam for logging
+ * @param owner if the beam is owned by the sender or receiver, e.g. if
+ * the pool owner is using this beam for sending or receiving
* @param buffer_size maximum memory footprint of buckets buffered in beam, or
* 0 for no limitation
- *
- * Call from the red side only.
*/
apr_status_t h2_beam_create(h2_bucket_beam **pbeam,
- apr_pool_t *red_pool,
- int id, const char *tag,
+ apr_pool_t *pool,
+ int id, const char *tag,
+ h2_beam_owner_t owner,
apr_size_t buffer_size);
/**
* Destroys the beam immediately without cleanup.
- *
- * Call from the red side only.
*/
apr_status_t h2_beam_destroy(h2_bucket_beam *beam);
@@ -233,10 +248,10 @@ apr_status_t h2_beam_destroy(h2_bucket_beam *beam);
* All accepted buckets are removed from the given brigade. Will return with
* APR_EAGAIN on non-blocking sends when not all buckets could be accepted.
*
- * Call from the red side only.
+ * Call from the sender side only.
*/
apr_status_t h2_beam_send(h2_bucket_beam *beam,
- apr_bucket_brigade *red_buckets,
+ apr_bucket_brigade *bb,
apr_read_type_e block);
/**
@@ -245,7 +260,7 @@ apr_status_t h2_beam_send(h2_bucket_beam *beam,
* available or the beam has been closed. Non-blocking calls return APR_EAGAIN
* if no data is available.
*
- * Call from the green side only.
+ * Call from the receiver side only.
*/
apr_status_t h2_beam_receive(h2_bucket_beam *beam,
apr_bucket_brigade *green_buckets,
@@ -253,31 +268,27 @@ apr_status_t h2_beam_receive(h2_bucket_beam *beam,
apr_off_t readbytes);
/**
- * Determine if beam is closed. May still contain buffered data.
- *
- * Call from red or green side.
+ * Determine if beam is empty.
*/
-int h2_beam_closed(h2_bucket_beam *beam);
+int h2_beam_empty(h2_bucket_beam *beam);
/**
- * Determine if beam is empty.
- *
- * Call from red or green side.
+ * Determine if beam has handed out proxy buckets that are not destroyed.
*/
-int h2_beam_empty(h2_bucket_beam *beam);
+int h2_beam_holds_proxies(h2_bucket_beam *beam);
/**
* Abort the beam. Will cleanup any buffered buckets and answer all send
* and receives with APR_ECONNABORTED.
*
- * Call from the red side only.
+ * Call from the sender side only.
*/
void h2_beam_abort(h2_bucket_beam *beam);
/**
* Close the beam. Sending an EOS bucket serves the same purpose.
*
- * Call from the red side only.
+ * Call from the sender side only.
*/
apr_status_t h2_beam_close(h2_bucket_beam *beam);
@@ -289,10 +300,9 @@ apr_status_t h2_beam_close(h2_bucket_beam *beam);
* If a timeout is set on the beam, waiting might also time out and
* return APR_ETIMEUP.
*
- * Call from the red side only.
+ * Call from the sender side only.
*/
-apr_status_t h2_beam_shutdown(h2_bucket_beam *beam, apr_read_type_e block,
- int clear_buffers);
+apr_status_t h2_beam_wait_empty(h2_bucket_beam *beam, apr_read_type_e block);
void h2_beam_mutex_set(h2_bucket_beam *beam,
h2_beam_mutex_enter m_enter,
@@ -315,27 +325,27 @@ void h2_beam_buffer_size_set(h2_bucket_beam *beam,
apr_size_t h2_beam_buffer_size_get(h2_bucket_beam *beam);
/**
- * Register a callback to be invoked on the red side with the
- * amount of bytes that have been consumed by the red side, since the
+ * Register a callback to be invoked on the sender side with the
+ * amount of bytes that have been consumed by the receiver, since the
* last callback invocation or reset.
* @param beam the beam to set the callback on
* @param cb the callback or NULL
* @param ctx the context to use in callback invocation
*
- * Call from the red side, callbacks invoked on red side.
+ * Call from the sender side, callbacks invoked on sender side.
*/
void h2_beam_on_consumed(h2_bucket_beam *beam,
h2_beam_io_callback *cb, void *ctx);
/**
- * Register a callback to be invoked on the red side with the
- * amount of bytes that have been consumed by the red side, since the
+ * Register a callback to be invoked on the receiver side with the
+ * amount of bytes that have been produces by the sender, since the
* last callback invocation or reset.
* @param beam the beam to set the callback on
* @param cb the callback or NULL
* @param ctx the context to use in callback invocation
*
- * Call from the red side, callbacks invoked on red side.
+ * Call from the receiver side, callbacks invoked on receiver side.
*/
void h2_beam_on_produced(h2_bucket_beam *beam,
h2_beam_io_callback *cb, void *ctx);
@@ -360,4 +370,10 @@ int h2_beam_was_received(h2_bucket_beam *beam);
apr_size_t h2_beam_get_files_beamed(h2_bucket_beam *beam);
+typedef apr_bucket *h2_bucket_beamer(h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src);
+
+void h2_register_bucket_beamer(h2_bucket_beamer *beamer);
+
#endif /* h2_bucket_beam_h */
diff --git a/modules/http2/h2_config.c b/modules/http2/h2_config.c
index 0c1e6c4..669d20e 100644
--- a/modules/http2/h2_config.c
+++ b/modules/http2/h2_config.c
@@ -61,7 +61,9 @@ static h2_config defconf = {
1, /* HTTP/2 server push enabled */
NULL, /* map of content-type to priorities */
256, /* push diary size */
-
+ 0, /* copy files across threads */
+ NULL, /* push list */
+ 0, /* early hints, http status 103 */
};
void h2_config_init(apr_pool_t *pool)
@@ -73,7 +75,6 @@ static void *h2_config_create(apr_pool_t *pool,
const char *prefix, const char *x)
{
h2_config *conf = (h2_config *)apr_pcalloc(pool, sizeof(h2_config));
-
const char *s = x? x : "unknown";
char *name = apr_pstrcat(pool, prefix, "[", s, "]", NULL);
@@ -95,7 +96,9 @@ static void *h2_config_create(apr_pool_t *pool,
conf->h2_push = DEF_VAL;
conf->priorities = NULL;
conf->push_diary_size = DEF_VAL;
-
+ conf->copy_files = DEF_VAL;
+ conf->push_list = NULL;
+ conf->early_hints = DEF_VAL;
return conf;
}
@@ -109,12 +112,11 @@ void *h2_config_create_dir(apr_pool_t *pool, char *x)
return h2_config_create(pool, "dir", x);
}
-void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv)
+static void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv)
{
h2_config *base = (h2_config *)basev;
h2_config *add = (h2_config *)addv;
h2_config *n = (h2_config *)apr_pcalloc(pool, sizeof(h2_config));
-
char *name = apr_pstrcat(pool, "merged[", add->name, ", ", base->name, "]", NULL);
n->name = name;
@@ -141,10 +143,27 @@ void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv)
n->priorities = add->priorities? add->priorities : base->priorities;
}
n->push_diary_size = H2_CONFIG_GET(add, base, push_diary_size);
-
+ n->copy_files = H2_CONFIG_GET(add, base, copy_files);
+ if (add->push_list && base->push_list) {
+ n->push_list = apr_array_append(pool, base->push_list, add->push_list);
+ }
+ else {
+ n->push_list = add->push_list? add->push_list : base->push_list;
+ }
+ n->early_hints = H2_CONFIG_GET(add, base, early_hints);
return n;
}
+void *h2_config_merge_dir(apr_pool_t *pool, void *basev, void *addv)
+{
+ return h2_config_merge(pool, basev, addv);
+}
+
+void *h2_config_merge_svr(apr_pool_t *pool, void *basev, void *addv)
+{
+ return h2_config_merge(pool, basev, addv);
+}
+
int h2_config_geti(const h2_config *conf, h2_config_var_t var)
{
return (int)h2_config_geti64(conf, var);
@@ -185,6 +204,10 @@ apr_int64_t h2_config_geti64(const h2_config *conf, h2_config_var_t var)
return H2_CONFIG_GET(conf, &defconf, h2_push);
case H2_CONF_PUSH_DIARY_SIZE:
return H2_CONFIG_GET(conf, &defconf, push_diary_size);
+ case H2_CONF_COPY_FILES:
+ return H2_CONFIG_GET(conf, &defconf, copy_files);
+ case H2_CONF_EARLY_HINTS:
+ return H2_CONFIG_GET(conf, &defconf, early_hints);
default:
return DEF_VAL;
}
@@ -194,7 +217,7 @@ const h2_config *h2_config_sget(server_rec *s)
{
h2_config *cfg = (h2_config *)ap_get_module_config(s->module_config,
&http2_module);
- AP_DEBUG_ASSERT(cfg);
+ ap_assert(cfg);
return cfg;
}
@@ -500,6 +523,93 @@ static const char *h2_conf_set_push_diary_size(cmd_parms *parms,
return NULL;
}
+static const char *h2_conf_set_copy_files(cmd_parms *parms,
+ void *arg, const char *value)
+{
+ h2_config *cfg = (h2_config *)arg;
+ if (!strcasecmp(value, "On")) {
+ cfg->copy_files = 1;
+ return NULL;
+ }
+ else if (!strcasecmp(value, "Off")) {
+ cfg->copy_files = 0;
+ return NULL;
+ }
+
+ (void)arg;
+ return "value must be On or Off";
+}
+
+static void add_push(apr_pool_t *pool, h2_config *conf, h2_push_res *push)
+{
+ h2_push_res *new;
+ if (!conf->push_list) {
+ conf->push_list = apr_array_make(pool, 10, sizeof(*push));
+ }
+ new = apr_array_push(conf->push_list);
+ new->uri_ref = push->uri_ref;
+ new->critical = push->critical;
+}
+
+static const char *h2_conf_add_push_res(cmd_parms *cmd, void *dirconf,
+ const char *arg1, const char *arg2,
+ const char *arg3)
+{
+ h2_config *dconf = (h2_config*)dirconf ;
+ h2_config *sconf = (h2_config*)h2_config_sget(cmd->server);
+ h2_push_res push;
+ const char *last = arg3;
+
+ memset(&push, 0, sizeof(push));
+ if (!strcasecmp("add", arg1)) {
+ push.uri_ref = arg2;
+ }
+ else {
+ push.uri_ref = arg1;
+ last = arg2;
+ if (arg3) {
+ return "too many parameter";
+ }
+ }
+
+ if (last) {
+ if (!strcasecmp("critical", last)) {
+ push.critical = 1;
+ }
+ else {
+ return "unknown last parameter";
+ }
+ }
+
+ /* server command? set both */
+ if (cmd->path == NULL) {
+ add_push(cmd->pool, sconf, &push);
+ add_push(cmd->pool, dconf, &push);
+ }
+ else {
+ add_push(cmd->pool, dconf, &push);
+ }
+
+ return NULL;
+}
+
+static const char *h2_conf_set_early_hints(cmd_parms *parms,
+ void *arg, const char *value)
+{
+ h2_config *cfg = (h2_config *)h2_config_sget(parms->server);
+ if (!strcasecmp(value, "On")) {
+ cfg->early_hints = 1;
+ return NULL;
+ }
+ else if (!strcasecmp(value, "Off")) {
+ cfg->early_hints = 0;
+ return NULL;
+ }
+
+ (void)arg;
+ return "value must be On or Off";
+}
+
#define AP_END_CMD AP_INIT_TAKE1(NULL, NULL, NULL, RSRC_CONF, NULL)
const command_rec h2_cmds[] = {
@@ -539,6 +649,12 @@ const command_rec h2_cmds[] = {
RSRC_CONF, "define priority of PUSHed resources per content type"),
AP_INIT_TAKE1("H2PushDiarySize", h2_conf_set_push_diary_size, NULL,
RSRC_CONF, "size of push diary"),
+ AP_INIT_TAKE1("H2CopyFiles", h2_conf_set_copy_files, NULL,
+ OR_FILEINFO, "on to perform copy of file data"),
+ AP_INIT_TAKE123("H2PushResource", h2_conf_add_push_res, NULL,
+ OR_FILEINFO, "add a resource to be pushed in this location/on this server."),
+ AP_INIT_TAKE1("H2EarlyHints", h2_conf_set_early_hints, NULL,
+ RSRC_CONF, "on to enable interim status 103 responses"),
AP_END_CMD
};
diff --git a/modules/http2/h2_config.h b/modules/http2/h2_config.h
index 92b222f..1f2fe30 100644
--- a/modules/http2/h2_config.h
+++ b/modules/http2/h2_config.h
@@ -40,10 +40,18 @@ typedef enum {
H2_CONF_TLS_COOLDOWN_SECS,
H2_CONF_PUSH,
H2_CONF_PUSH_DIARY_SIZE,
+ H2_CONF_COPY_FILES,
+ H2_CONF_EARLY_HINTS,
} h2_config_var_t;
struct apr_hash_t;
struct h2_priority;
+struct h2_push_res;
+
+typedef struct h2_push_res {
+ const char *uri_ref;
+ int critical;
+} h2_push_res;
/* Apache httpd module configuration for h2. */
typedef struct h2_config {
@@ -68,14 +76,16 @@ typedef struct h2_config {
struct apr_hash_t *priorities;/* map of content-type to h2_priority records */
int push_diary_size; /* # of entries in push diary */
+ int copy_files; /* if files shall be copied vs setaside on output */
+ apr_array_header_t *push_list;/* list of h2_push_res configurations */
+ int early_hints; /* support status code 103 */
} h2_config;
void *h2_config_create_dir(apr_pool_t *pool, char *x);
+void *h2_config_merge_dir(apr_pool_t *pool, void *basev, void *addv);
void *h2_config_create_svr(apr_pool_t *pool, server_rec *s);
-void *h2_config_merge(apr_pool_t *pool, void *basev, void *addv);
-
-apr_status_t h2_config_apply_header(const h2_config *config, request_rec *r);
+void *h2_config_merge_svr(apr_pool_t *pool, void *basev, void *addv);
extern const command_rec h2_cmds[];
diff --git a/modules/http2/h2_conn.c b/modules/http2/h2_conn.c
index 4ddf1b7..6f3a8cf 100644
--- a/modules/http2/h2_conn.c
+++ b/modules/http2/h2_conn.c
@@ -14,6 +14,7 @@
*/
#include <assert.h>
+#include <apr_strings.h>
#include <ap_mpm.h>
@@ -240,14 +241,14 @@ apr_status_t h2_conn_pre_close(struct h2_ctx *ctx, conn_rec *c)
return status;
}
-conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
- apr_allocator_t *allocator)
+conn_rec *h2_slave_create(conn_rec *master, int slave_id, apr_pool_t *parent)
{
+ apr_allocator_t *allocator;
apr_pool_t *pool;
conn_rec *c;
void *cfg;
- AP_DEBUG_ASSERT(master);
+ ap_assert(master);
ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, master,
"h2_conn(%ld): create slave", master->id);
@@ -256,9 +257,7 @@ conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
* independant of its parent pool in the sense that it can work in
* another thread.
*/
- if (!allocator) {
- apr_allocator_create(&allocator);
- }
+ apr_allocator_create(&allocator);
apr_pool_create_ex(&pool, parent, NULL, allocator);
apr_pool_tag(pool, "h2_slave_conn");
apr_allocator_owner_set(allocator, pool);
@@ -271,8 +270,7 @@ conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
}
memcpy(c, master, sizeof(conn_rec));
-
- /* Replace these */
+
c->master = master;
c->pool = pool;
c->conn_config = ap_create_conn_config(pool);
@@ -284,7 +282,8 @@ conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
c->data_in_output_filters = 0;
c->clogging_input_filters = 1;
c->log = NULL;
- c->log_id = NULL;
+ c->log_id = apr_psprintf(pool, "%ld-%d",
+ master->id, slave_id);
/* Simulate that we had already a request on this connection. */
c->keepalives = 1;
/* We cannot install the master connection socket on the slaves, as
@@ -304,24 +303,17 @@ conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
ap_set_module_config(c->conn_config, h2_conn_mpm_module(), cfg);
}
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
+ "h2_task: creating conn, master=%ld, sid=%ld, logid=%s",
+ master->id, c->id, c->log_id);
return c;
}
-void h2_slave_destroy(conn_rec *slave, apr_allocator_t **pallocator)
+void h2_slave_destroy(conn_rec *slave)
{
- apr_pool_t *parent;
- apr_allocator_t *allocator = apr_pool_allocator_get(slave->pool);
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, slave,
"h2_slave_conn(%ld): destroy (task=%s)", slave->id,
apr_table_get(slave->notes, H2_TASK_ID_NOTE));
- /* Attache the allocator to the parent pool and return it for
- * reuse, otherwise the own is still the slave pool and it will
- * get destroyed with it. */
- parent = apr_pool_parent_get(slave->pool);
- if (pallocator && parent) {
- apr_allocator_owner_set(allocator, parent);
- *pallocator = allocator;
- }
apr_pool_destroy(slave->pool);
}
diff --git a/modules/http2/h2_conn.h b/modules/http2/h2_conn.h
index e52fc8d..7994864 100644
--- a/modules/http2/h2_conn.h
+++ b/modules/http2/h2_conn.h
@@ -31,7 +31,7 @@ apr_status_t h2_conn_setup(struct h2_ctx *ctx, conn_rec *c, request_rec *r);
/**
* Run the HTTP/2 connection in synchronous fashion.
* Return when the HTTP/2 session is done
- * and the connection will close or a fatal error occured.
+ * and the connection will close or a fatal error occurred.
*
* @param ctx the http2 context to run
* @return APR_SUCCESS when session is done.
@@ -66,9 +66,8 @@ typedef enum {
h2_mpm_type_t h2_conn_mpm_type(void);
-conn_rec *h2_slave_create(conn_rec *master, apr_pool_t *parent,
- apr_allocator_t *allocator);
-void h2_slave_destroy(conn_rec *slave, apr_allocator_t **pallocator);
+conn_rec *h2_slave_create(conn_rec *master, int slave_id, apr_pool_t *parent);
+void h2_slave_destroy(conn_rec *slave);
apr_status_t h2_slave_run_pre_connection(conn_rec *slave, apr_socket_t *csd);
void h2_slave_run_connection(conn_rec *slave);
diff --git a/modules/http2/h2_conn_io.c b/modules/http2/h2_conn_io.c
index df4aec1..303860e 100644
--- a/modules/http2/h2_conn_io.c
+++ b/modules/http2/h2_conn_io.c
@@ -120,8 +120,8 @@ static void h2_conn_io_bb_log(conn_rec *c, int stream_id, int level,
line = *buffer? buffer : "(empty)";
}
/* Intentional no APLOGNO */
- ap_log_cerror(APLOG_MARK, level, 0, c, "bb_dump(%ld-%d)-%s: %s",
- c->id, stream_id, tag, line);
+ ap_log_cerror(APLOG_MARK, level, 0, c, "bb_dump(%s)-%s: %s",
+ c->log_id, tag, line);
}
@@ -132,7 +132,7 @@ apr_status_t h2_conn_io_init(h2_conn_io *io, conn_rec *c,
io->output = apr_brigade_create(c->pool, c->bucket_alloc);
io->is_tls = h2_h2_is_tls(c);
io->buffer_output = io->is_tls;
- io->pass_threshold = h2_config_geti64(cfg, H2_CONF_STREAM_MAX_MEM) / 2;
+ io->pass_threshold = (apr_size_t)h2_config_geti64(cfg, H2_CONF_STREAM_MAX_MEM) / 2;
if (io->is_tls) {
/* This is what we start with,
@@ -206,7 +206,7 @@ static apr_status_t read_to_scratch(h2_conn_io *io, apr_bucket *b)
return APR_SUCCESS;
}
- AP_DEBUG_ASSERT(b->length <= (io->ssize - io->slen));
+ ap_assert(b->length <= (io->ssize - io->slen));
if (APR_BUCKET_IS_FILE(b)) {
apr_bucket_file *f = (apr_bucket_file *)b->data;
apr_file_t *fd = f->fd;
@@ -269,9 +269,11 @@ static void check_write_size(h2_conn_io *io)
}
}
-static apr_status_t pass_output(h2_conn_io *io, int flush, int eoc)
+static apr_status_t pass_output(h2_conn_io *io, int flush,
+ h2_session *session_eoc)
{
conn_rec *c = io->c;
+ apr_bucket_brigade *bb = io->output;
apr_bucket *b;
apr_off_t bblen;
apr_status_t status;
@@ -279,28 +281,37 @@ static apr_status_t pass_output(h2_conn_io *io, int flush, int eoc)
append_scratch(io);
if (flush) {
b = apr_bucket_flush_create(c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(io->output, b);
+ APR_BRIGADE_INSERT_TAIL(bb, b);
}
- if (APR_BRIGADE_EMPTY(io->output)) {
+ if (APR_BRIGADE_EMPTY(bb)) {
return APR_SUCCESS;
}
ap_log_cerror(APLOG_MARK, APLOG_TRACE4, 0, c, "h2_conn_io: pass_output");
ap_update_child_status(c->sbh, SERVER_BUSY_WRITE, NULL);
- apr_brigade_length(io->output, 0, &bblen);
+ apr_brigade_length(bb, 0, &bblen);
- h2_conn_io_bb_log(c, 0, APLOG_TRACE2, "master conn pass", io->output);
- status = ap_pass_brigade(c->output_filters, io->output);
+ h2_conn_io_bb_log(c, 0, APLOG_TRACE2, "master conn pass", bb);
+ status = ap_pass_brigade(c->output_filters, bb);
+ if (status == APR_SUCCESS) {
+ io->bytes_written += (apr_size_t)bblen;
+ io->last_write = apr_time_now();
+ }
+ apr_brigade_cleanup(bb);
- /* careful with access after this, as we might have flushed an EOC bucket
- * that de-allocated us all. */
- if (!eoc) {
- apr_brigade_cleanup(io->output);
+ if (session_eoc) {
+ apr_status_t tmp;
+ b = h2_bucket_eoc_create(c->bucket_alloc, session_eoc);
+ APR_BRIGADE_INSERT_TAIL(bb, b);
+ h2_conn_io_bb_log(c, 0, APLOG_TRACE2, "master conn pass", bb);
+ tmp = ap_pass_brigade(c->output_filters, bb);
if (status == APR_SUCCESS) {
- io->bytes_written += (apr_size_t)bblen;
- io->last_write = apr_time_now();
+ status = tmp;
}
+ /* careful with access to io after this, we have flushed an EOC bucket
+ * that de-allocated us all. */
+ apr_brigade_cleanup(bb);
}
if (status != APR_SUCCESS) {
@@ -313,14 +324,12 @@ static apr_status_t pass_output(h2_conn_io *io, int flush, int eoc)
apr_status_t h2_conn_io_flush(h2_conn_io *io)
{
- return pass_output(io, 1, 0);
+ return pass_output(io, 1, NULL);
}
apr_status_t h2_conn_io_write_eoc(h2_conn_io *io, h2_session *session)
{
- apr_bucket *b = h2_bucket_eoc_create(io->c->bucket_alloc, session);
- APR_BRIGADE_INSERT_TAIL(io->output, b);
- return pass_output(io, 1, 1);
+ return pass_output(io, 1, session);
}
apr_status_t h2_conn_io_write(h2_conn_io *io, const char *data, size_t length)
@@ -413,7 +422,7 @@ apr_status_t h2_conn_io_pass(h2_conn_io *io, apr_bucket_brigade *bb)
if (!APR_BRIGADE_EMPTY(io->output)) {
apr_off_t len = h2_brigade_mem_size(io->output);
if (len >= io->pass_threshold) {
- return pass_output(io, 0, 0);
+ return pass_output(io, 0, NULL);
}
}
}
diff --git a/modules/http2/h2_ctx.c b/modules/http2/h2_ctx.c
index 4b596a3..e79b5f8 100644
--- a/modules/http2/h2_ctx.c
+++ b/modules/http2/h2_ctx.c
@@ -27,7 +27,7 @@
static h2_ctx *h2_ctx_create(const conn_rec *c)
{
h2_ctx *ctx = apr_pcalloc(c->pool, sizeof(h2_ctx));
- AP_DEBUG_ASSERT(ctx);
+ ap_assert(ctx);
ap_set_module_config(c->conn_config, &http2_module, ctx);
h2_ctx_server_set(ctx, c->base_server);
return ctx;
@@ -35,7 +35,7 @@ static h2_ctx *h2_ctx_create(const conn_rec *c)
void h2_ctx_clear(const conn_rec *c)
{
- AP_DEBUG_ASSERT(c);
+ ap_assert(c);
ap_set_module_config(c->conn_config, &http2_module, NULL);
}
diff --git a/modules/http2/h2_filter.c b/modules/http2/h2_filter.c
index 33189de..a4ef20d 100644
--- a/modules/http2/h2_filter.c
+++ b/modules/http2/h2_filter.c
@@ -15,14 +15,17 @@
#include <assert.h>
+#include <apr_strings.h>
#include <httpd.h>
#include <http_core.h>
+#include <http_protocol.h>
#include <http_log.h>
#include <http_connection.h>
#include <scoreboard.h>
#include "h2_private.h"
#include "h2.h"
+#include "h2_config.h"
#include "h2_conn_io.h"
#include "h2_ctx.h"
#include "h2_mplx.h"
@@ -30,7 +33,8 @@
#include "h2_task.h"
#include "h2_stream.h"
#include "h2_request.h"
-#include "h2_response.h"
+#include "h2_headers.h"
+#include "h2_stream.h"
#include "h2_session.h"
#include "h2_util.h"
#include "h2_version.h"
@@ -171,30 +175,92 @@ apr_status_t h2_filter_core_input(ap_filter_t* f,
* http2 connection status handler + stream out source
******************************************************************************/
-static const char *H2_SOS_H2_STATUS = "http2-status";
+typedef struct {
+ apr_bucket_refcount refcount;
+ h2_bucket_event_cb *cb;
+ void *ctx;
+} h2_bucket_observer;
+
+static apr_status_t bucket_read(apr_bucket *b, const char **str,
+ apr_size_t *len, apr_read_type_e block)
+{
+ (void)b;
+ (void)block;
+ *str = NULL;
+ *len = 0;
+ return APR_SUCCESS;
+}
-int h2_filter_h2_status_handler(request_rec *r)
+static void bucket_destroy(void *data)
{
- h2_ctx *ctx = h2_ctx_rget(r);
- h2_task *task;
-
- if (strcmp(r->handler, "http2-status")) {
- return DECLINED;
+ h2_bucket_observer *h = data;
+ if (apr_bucket_shared_destroy(h)) {
+ if (h->cb) {
+ h->cb(h->ctx, H2_BUCKET_EV_BEFORE_DESTROY, NULL);
+ }
+ apr_bucket_free(h);
}
- if (r->method_number != M_GET) {
- return DECLINED;
+}
+
+apr_bucket * h2_bucket_observer_make(apr_bucket *b, h2_bucket_event_cb *cb,
+ void *ctx)
+{
+ h2_bucket_observer *br;
+
+ br = apr_bucket_alloc(sizeof(*br), b->list);
+ br->cb = cb;
+ br->ctx = ctx;
+
+ b = apr_bucket_shared_make(b, br, 0, 0);
+ b->type = &h2_bucket_type_observer;
+ return b;
+}
+
+apr_bucket * h2_bucket_observer_create(apr_bucket_alloc_t *list,
+ h2_bucket_event_cb *cb, void *ctx)
+{
+ apr_bucket *b = apr_bucket_alloc(sizeof(*b), list);
+
+ APR_BUCKET_INIT(b);
+ b->free = apr_bucket_free;
+ b->list = list;
+ b = h2_bucket_observer_make(b, cb, ctx);
+ return b;
+}
+
+apr_status_t h2_bucket_observer_fire(apr_bucket *b, h2_bucket_event event)
+{
+ if (H2_BUCKET_IS_OBSERVER(b)) {
+ h2_bucket_observer *l = (h2_bucket_observer *)b->data;
+ return l->cb(l->ctx, event, b);
}
+ return APR_EINVAL;
+}
- task = ctx? h2_ctx_get_task(ctx) : NULL;
- if (task) {
- /* We need to handle the actual output on the main thread, as
- * we need to access h2_session information. */
- apr_table_setn(r->notes, H2_RESP_SOS_NOTE, H2_SOS_H2_STATUS);
- apr_table_setn(r->headers_out, "Content-Type", "application/json");
- r->status = 200;
- return DONE;
+const apr_bucket_type_t h2_bucket_type_observer = {
+ "H2OBS", 5, APR_BUCKET_METADATA,
+ bucket_destroy,
+ bucket_read,
+ apr_bucket_setaside_noop,
+ apr_bucket_split_notimpl,
+ apr_bucket_shared_copy
+};
+
+apr_bucket *h2_bucket_observer_beam(struct h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src)
+{
+ if (H2_BUCKET_IS_OBSERVER(src)) {
+ h2_bucket_observer *l = (h2_bucket_observer *)src->data;
+ apr_bucket *b = h2_bucket_observer_create(dest->bucket_alloc,
+ l->cb, l->ctx);
+ APR_BRIGADE_INSERT_TAIL(dest, b);
+ l->cb = NULL;
+ l->ctx = NULL;
+ h2_bucket_observer_fire(b, H2_BUCKET_EV_BEFORE_MASTER_SEND);
+ return b;
}
- return DECLINED;
+ return NULL;
}
static apr_status_t bbout(apr_bucket_brigade *bb, const char *fmt, ...)
@@ -209,82 +275,257 @@ static apr_status_t bbout(apr_bucket_brigade *bb, const char *fmt, ...)
return rv;
}
-static apr_status_t h2_status_stream_filter(h2_stream *stream)
+static void add_settings(apr_bucket_brigade *bb, h2_session *s, int last)
{
- h2_session *session = stream->session;
- h2_mplx *mplx = session->mplx;
- conn_rec *c = session->c;
- h2_push_diary *diary;
+ h2_mplx *m = s->mplx;
+
+ bbout(bb, " \"settings\": {\n");
+ bbout(bb, " \"SETTINGS_MAX_CONCURRENT_STREAMS\": %d,\n", m->max_streams);
+ bbout(bb, " \"SETTINGS_MAX_FRAME_SIZE\": %d,\n", 16*1024);
+ bbout(bb, " \"SETTINGS_INITIAL_WINDOW_SIZE\": %d,\n",
+ h2_config_geti(s->config, H2_CONF_WIN_SIZE));
+ bbout(bb, " \"SETTINGS_ENABLE_PUSH\": %d\n", h2_session_push_enabled(s));
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+static void add_peer_settings(apr_bucket_brigade *bb, h2_session *s, int last)
+{
+ bbout(bb, " \"peerSettings\": {\n");
+ bbout(bb, " \"SETTINGS_MAX_CONCURRENT_STREAMS\": %d,\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS));
+ bbout(bb, " \"SETTINGS_MAX_FRAME_SIZE\": %d,\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_MAX_FRAME_SIZE));
+ bbout(bb, " \"SETTINGS_INITIAL_WINDOW_SIZE\": %d,\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE));
+ bbout(bb, " \"SETTINGS_ENABLE_PUSH\": %d,\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_ENABLE_PUSH));
+ bbout(bb, " \"SETTINGS_HEADER_TABLE_SIZE\": %d,\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_HEADER_TABLE_SIZE));
+ bbout(bb, " \"SETTINGS_MAX_HEADER_LIST_SIZE\": %d\n",
+ nghttp2_session_get_remote_settings(s->ngh2, NGHTTP2_SETTINGS_MAX_HEADER_LIST_SIZE));
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+typedef struct {
apr_bucket_brigade *bb;
- apr_status_t status;
+ h2_session *s;
+ int idx;
+} stream_ctx_t;
+
+static int add_stream(h2_stream *stream, void *ctx)
+{
+ stream_ctx_t *x = ctx;
+ int32_t flowIn, flowOut;
- if (!stream->response) {
- return APR_EINVAL;
- }
+ flowIn = nghttp2_session_get_stream_effective_local_window_size(x->s->ngh2, stream->id);
+ flowOut = nghttp2_session_get_stream_remote_window_size(x->s->ngh2, stream->id);
+ bbout(x->bb, "%s\n \"%d\": {\n", (x->idx? "," : ""), stream->id);
+ bbout(x->bb, " \"state\": \"%s\",\n", h2_stream_state_str(stream));
+ bbout(x->bb, " \"created\": %f,\n", ((double)stream->created)/APR_USEC_PER_SEC);
+ bbout(x->bb, " \"flowIn\": %d,\n", flowIn);
+ bbout(x->bb, " \"flowOut\": %d,\n", flowOut);
+ bbout(x->bb, " \"dataIn\": %"APR_UINT64_T_FMT",\n", stream->in_data_octets);
+ bbout(x->bb, " \"dataOut\": %"APR_UINT64_T_FMT"\n", stream->out_data_octets);
+ bbout(x->bb, " }");
- if (!stream->buffer) {
- stream->buffer = apr_brigade_create(stream->pool, c->bucket_alloc);
- }
- bb = stream->buffer;
-
- apr_table_unset(stream->response->headers, "Content-Length");
- stream->response->content_length = -1;
+ ++x->idx;
+ return 1;
+}
+
+static void add_streams(apr_bucket_brigade *bb, h2_session *s, int last)
+{
+ stream_ctx_t x;
- bbout(bb, "{\n");
- bbout(bb, " \"HTTP2\": \"on\",\n");
- bbout(bb, " \"H2PUSH\": \"%s\",\n", h2_session_push_enabled(session)? "on" : "off");
- bbout(bb, " \"mod_http2_version\": \"%s\",\n", MOD_HTTP2_VERSION);
- bbout(bb, " \"session_id\": %ld,\n", (long)session->id);
- bbout(bb, " \"streams_max\": %d,\n", (int)session->max_stream_count);
- bbout(bb, " \"this_stream\": %d,\n", stream->id);
- bbout(bb, " \"streams_open\": %d,\n", (int)h2_ihash_count(session->streams));
- bbout(bb, " \"max_stream_started\": %d,\n", mplx->max_stream_started);
- bbout(bb, " \"requests_received\": %d,\n", session->remote.emitted_count);
- bbout(bb, " \"responses_submitted\": %d,\n", session->responses_submitted);
- bbout(bb, " \"streams_reset\": %d, \n", session->streams_reset);
- bbout(bb, " \"pushes_promised\": %d,\n", session->pushes_promised);
- bbout(bb, " \"pushes_submitted\": %d,\n", session->pushes_submitted);
- bbout(bb, " \"pushes_reset\": %d,\n", session->pushes_reset);
+ x.bb = bb;
+ x.s = s;
+ x.idx = 0;
+ bbout(bb, " \"streams\": {");
+ h2_mplx_stream_do(s->mplx, add_stream, &x);
+ bbout(bb, "\n }%s\n", last? "" : ",");
+}
+
+static void add_push(apr_bucket_brigade *bb, h2_session *s,
+ h2_stream *stream, int last)
+{
+ h2_push_diary *diary;
+ apr_status_t status;
- diary = session->push_diary;
+ bbout(bb, " \"push\": {\n");
+ diary = s->push_diary;
if (diary) {
const char *data;
const char *base64_digest;
apr_size_t len;
- status = h2_push_diary_digest_get(diary, stream->pool, 256,
- stream->request->authority, &data, &len);
+ status = h2_push_diary_digest_get(diary, bb->p, 256,
+ stream->request->authority,
+ &data, &len);
if (status == APR_SUCCESS) {
- base64_digest = h2_util_base64url_encode(data, len, stream->pool);
- bbout(bb, " \"cache_digest\": \"%s\",\n", base64_digest);
- }
-
- /* try the reverse for testing purposes */
- status = h2_push_diary_digest_set(diary, stream->request->authority, data, len);
- if (status == APR_SUCCESS) {
- status = h2_push_diary_digest_get(diary, stream->pool, 256,
- stream->request->authority, &data, &len);
- if (status == APR_SUCCESS) {
- base64_digest = h2_util_base64url_encode(data, len, stream->pool);
- bbout(bb, " \"cache_digest^2\": \"%s\",\n", base64_digest);
- }
+ base64_digest = h2_util_base64url_encode(data, len, bb->p);
+ bbout(bb, " \"cacheDigest\": \"%s\",\n", base64_digest);
}
}
- bbout(bb, " \"frames_received\": %ld,\n", (long)session->frames_received);
- bbout(bb, " \"frames_sent\": %ld,\n", (long)session->frames_sent);
- bbout(bb, " \"bytes_received\": %"APR_UINT64_T_FMT",\n", session->io.bytes_read);
- bbout(bb, " \"bytes_sent\": %"APR_UINT64_T_FMT"\n", session->io.bytes_written);
+ bbout(bb, " \"promises\": %d,\n", s->pushes_promised);
+ bbout(bb, " \"submits\": %d,\n", s->pushes_submitted);
+ bbout(bb, " \"resets\": %d\n", s->pushes_reset);
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+static void add_in(apr_bucket_brigade *bb, h2_session *s, int last)
+{
+ bbout(bb, " \"in\": {\n");
+ bbout(bb, " \"requests\": %d,\n", s->remote.emitted_count);
+ bbout(bb, " \"resets\": %d, \n", s->streams_reset);
+ bbout(bb, " \"frames\": %ld,\n", (long)s->frames_received);
+ bbout(bb, " \"octets\": %"APR_UINT64_T_FMT"\n", s->io.bytes_read);
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+static void add_out(apr_bucket_brigade *bb, h2_session *s, int last)
+{
+ bbout(bb, " \"out\": {\n");
+ bbout(bb, " \"responses\": %d,\n", s->responses_submitted);
+ bbout(bb, " \"frames\": %ld,\n", (long)s->frames_sent);
+ bbout(bb, " \"octets\": %"APR_UINT64_T_FMT"\n", s->io.bytes_written);
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+static void add_stats(apr_bucket_brigade *bb, h2_session *s,
+ h2_stream *stream, int last)
+{
+ bbout(bb, " \"stats\": {\n");
+ add_in(bb, s, 0);
+ add_out(bb, s, 0);
+ add_push(bb, s, stream, 1);
+ bbout(bb, " }%s\n", last? "" : ",");
+}
+
+static apr_status_t h2_status_insert(h2_task *task, apr_bucket *b)
+{
+ h2_mplx *m = task->mplx;
+ h2_stream *stream = h2_mplx_stream_get(m, task->stream_id);
+ h2_session *s;
+ conn_rec *c;
+
+ apr_bucket_brigade *bb;
+ apr_bucket *e;
+ int32_t connFlowIn, connFlowOut;
+
+ if (!stream) {
+ /* stream already done */
+ return APR_SUCCESS;
+ }
+ s = stream->session;
+ c = s->c;
+
+ bb = apr_brigade_create(stream->pool, c->bucket_alloc);
+
+ connFlowIn = nghttp2_session_get_effective_local_window_size(s->ngh2);
+ connFlowOut = nghttp2_session_get_remote_window_size(s->ngh2);
+
+ bbout(bb, "{\n");
+ bbout(bb, " \"version\": \"draft-01\",\n");
+ add_settings(bb, s, 0);
+ add_peer_settings(bb, s, 0);
+ bbout(bb, " \"connFlowIn\": %d,\n", connFlowIn);
+ bbout(bb, " \"connFlowOut\": %d,\n", connFlowOut);
+ bbout(bb, " \"sentGoAway\": %d,\n", s->local.shutdown);
+
+ add_streams(bb, s, 0);
+
+ add_stats(bb, s, stream, 1);
bbout(bb, "}\n");
+ while ((e = APR_BRIGADE_FIRST(bb)) != APR_BRIGADE_SENTINEL(bb)) {
+ APR_BUCKET_REMOVE(e);
+ APR_BUCKET_INSERT_AFTER(b, e);
+ b = e;
+ }
+ apr_brigade_destroy(bb);
+
return APR_SUCCESS;
}
-apr_status_t h2_stream_filter(h2_stream *stream)
+static apr_status_t status_event(void *ctx, h2_bucket_event event,
+ apr_bucket *b)
{
- const char *fname = stream->response? stream->response->sos_filter : NULL;
- if (fname && !strcmp(H2_SOS_H2_STATUS, fname)) {
- return h2_status_stream_filter(stream);
+ h2_task *task = ctx;
+
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, task->c->master,
+ "status_event(%s): %d", task->id, event);
+ switch (event) {
+ case H2_BUCKET_EV_BEFORE_MASTER_SEND:
+ h2_status_insert(task, b);
+ break;
+ default:
+ break;
}
return APR_SUCCESS;
}
+int h2_filter_h2_status_handler(request_rec *r)
+{
+ h2_ctx *ctx = h2_ctx_rget(r);
+ conn_rec *c = r->connection;
+ h2_task *task;
+ apr_bucket_brigade *bb;
+ apr_bucket *b;
+ apr_status_t status;
+
+ if (strcmp(r->handler, "http2-status")) {
+ return DECLINED;
+ }
+ if (r->method_number != M_GET && r->method_number != M_POST) {
+ return DECLINED;
+ }
+
+ task = ctx? h2_ctx_get_task(ctx) : NULL;
+ if (task) {
+
+ if ((status = ap_discard_request_body(r)) != OK) {
+ return status;
+ }
+
+ /* We need to handle the actual output on the main thread, as
+ * we need to access h2_session information. */
+ r->status = 200;
+ r->clength = -1;
+ r->chunked = 1;
+ apr_table_unset(r->headers_out, "Content-Length");
+ ap_set_content_type(r, "application/json");
+ apr_table_setn(r->notes, H2_FILTER_DEBUG_NOTE, "on");
+
+ bb = apr_brigade_create(r->pool, c->bucket_alloc);
+ b = h2_bucket_observer_create(c->bucket_alloc, status_event, task);
+ APR_BRIGADE_INSERT_TAIL(bb, b);
+ b = apr_bucket_eos_create(c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, b);
+
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
+ "status_handler(%s): checking for incoming trailers",
+ task->id);
+ if (r->trailers_in && !apr_is_empty_table(r->trailers_in)) {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
+ "status_handler(%s): seeing incoming trailers",
+ task->id);
+ apr_table_setn(r->trailers_out, "h2-trailers-in",
+ apr_itoa(r->pool, 1));
+ }
+
+ status = ap_pass_brigade(r->output_filters, bb);
+ if (status == APR_SUCCESS
+ || r->status != HTTP_OK
+ || c->aborted) {
+ return OK;
+ }
+ else {
+ /* no way to know what type of error occurred */
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, status, r,
+ "status_handler(%s): ap_pass_brigade failed",
+ task->id);
+ return AP_FILTER_ERROR;
+ }
+ }
+ return DECLINED;
+}
+
diff --git a/modules/http2/h2_filter.h b/modules/http2/h2_filter.h
index 5ba7d15..b3e34cc 100644
--- a/modules/http2/h2_filter.h
+++ b/modules/http2/h2_filter.h
@@ -16,6 +16,8 @@
#ifndef __mod_h2__h2_filter__
#define __mod_h2__h2_filter__
+struct h2_bucket_beam;
+struct h2_headers;
struct h2_stream;
struct h2_session;
@@ -43,9 +45,33 @@ apr_status_t h2_filter_core_input(ap_filter_t* filter,
apr_read_type_e block,
apr_off_t readbytes);
-#define H2_RESP_SOS_NOTE "h2-sos-filter"
+/******* observer bucket ******************************************************/
+
+typedef enum {
+ H2_BUCKET_EV_BEFORE_DESTROY,
+ H2_BUCKET_EV_BEFORE_MASTER_SEND
+} h2_bucket_event;
+
+extern const apr_bucket_type_t h2_bucket_type_observer;
+
+typedef apr_status_t h2_bucket_event_cb(void *ctx, h2_bucket_event event, apr_bucket *b);
+
+#define H2_BUCKET_IS_OBSERVER(e) (e->type == &h2_bucket_type_observer)
+
+apr_bucket * h2_bucket_observer_make(apr_bucket *b, h2_bucket_event_cb *cb,
+ void *ctx);
+
+apr_bucket * h2_bucket_observer_create(apr_bucket_alloc_t *list,
+ h2_bucket_event_cb *cb, void *ctx);
+
+apr_status_t h2_bucket_observer_fire(apr_bucket *b, h2_bucket_event event);
+
+apr_bucket *h2_bucket_observer_beam(struct h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src);
+
+/******* /.well-known/h2/state handler ****************************************/
-apr_status_t h2_stream_filter(struct h2_stream *stream);
int h2_filter_h2_status_handler(request_rec *r);
#endif /* __mod_h2__h2_filter__ */
diff --git a/modules/http2/h2_from_h1.c b/modules/http2/h2_from_h1.c
index 0f893ec..108e318 100644
--- a/modules/http2/h2_from_h1.c
+++ b/modules/http2/h2_from_h1.c
@@ -16,6 +16,7 @@
#include <assert.h>
#include <stdio.h>
+#include <apr_date.h>
#include <apr_lib.h>
#include <apr_strings.h>
@@ -28,190 +29,12 @@
#include <util_time.h>
#include "h2_private.h"
-#include "h2_response.h"
+#include "h2_headers.h"
#include "h2_from_h1.h"
#include "h2_task.h"
#include "h2_util.h"
-static void set_state(h2_from_h1 *from_h1, h2_from_h1_state_t state);
-
-h2_from_h1 *h2_from_h1_create(int stream_id, apr_pool_t *pool)
-{
- h2_from_h1 *from_h1 = apr_pcalloc(pool, sizeof(h2_from_h1));
- if (from_h1) {
- from_h1->stream_id = stream_id;
- from_h1->pool = pool;
- from_h1->state = H2_RESP_ST_STATUS_LINE;
- from_h1->hlines = apr_array_make(pool, 10, sizeof(char *));
- }
- return from_h1;
-}
-
-static void set_state(h2_from_h1 *from_h1, h2_from_h1_state_t state)
-{
- if (from_h1->state != state) {
- from_h1->state = state;
- }
-}
-
-h2_response *h2_from_h1_get_response(h2_from_h1 *from_h1)
-{
- return from_h1->response;
-}
-
-static apr_status_t make_h2_headers(h2_from_h1 *from_h1, request_rec *r)
-{
- from_h1->response = h2_response_create(from_h1->stream_id, 0,
- from_h1->http_status,
- from_h1->hlines,
- r->notes,
- from_h1->pool);
- from_h1->content_length = from_h1->response->content_length;
- from_h1->chunked = r->chunked;
-
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection, APLOGNO(03197)
- "h2_from_h1(%d): converted headers, content-length: %d"
- ", chunked=%d",
- from_h1->stream_id, (int)from_h1->content_length,
- (int)from_h1->chunked);
-
- set_state(from_h1, ((from_h1->chunked || from_h1->content_length > 0)?
- H2_RESP_ST_BODY : H2_RESP_ST_DONE));
- /* We are ready to be sent to the client */
- return APR_SUCCESS;
-}
-
-static apr_status_t parse_header(h2_from_h1 *from_h1, ap_filter_t* f,
- char *line) {
- (void)f;
-
- if (line[0] == ' ' || line[0] == '\t') {
- char **plast;
- /* continuation line from the header before this */
- while (line[0] == ' ' || line[0] == '\t') {
- ++line;
- }
-
- plast = apr_array_pop(from_h1->hlines);
- if (plast == NULL) {
- /* not well formed */
- return APR_EINVAL;
- }
- APR_ARRAY_PUSH(from_h1->hlines, const char*) = apr_psprintf(from_h1->pool, "%s %s", *plast, line);
- }
- else {
- /* new header line */
- APR_ARRAY_PUSH(from_h1->hlines, const char*) = apr_pstrdup(from_h1->pool, line);
- }
- return APR_SUCCESS;
-}
-
-static apr_status_t get_line(h2_from_h1 *from_h1, apr_bucket_brigade *bb,
- ap_filter_t* f, char *line, apr_size_t len)
-{
- apr_status_t status;
- if (!from_h1->bb) {
- from_h1->bb = apr_brigade_create(from_h1->pool, f->c->bucket_alloc);
- }
- else {
- apr_brigade_cleanup(from_h1->bb);
- }
- status = apr_brigade_split_line(from_h1->bb, bb,
- APR_BLOCK_READ,
- HUGE_STRING_LEN);
- if (status == APR_SUCCESS) {
- --len;
- status = apr_brigade_flatten(from_h1->bb, line, &len);
- if (status == APR_SUCCESS) {
- /* we assume a non-0 containing line and remove
- * trailing crlf. */
- line[len] = '\0';
- if (len >= 2 && !strcmp(H2_CRLF, line + len - 2)) {
- len -= 2;
- line[len] = '\0';
- }
-
- apr_brigade_cleanup(from_h1->bb);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_from_h1(%d): read line: %s",
- from_h1->stream_id, line);
- }
- }
- return status;
-}
-
-apr_status_t h2_from_h1_read_response(h2_from_h1 *from_h1, ap_filter_t* f,
- apr_bucket_brigade* bb)
-{
- apr_status_t status = APR_SUCCESS;
- char line[HUGE_STRING_LEN];
-
- if ((from_h1->state == H2_RESP_ST_BODY)
- || (from_h1->state == H2_RESP_ST_DONE)) {
- if (from_h1->chunked) {
- /* The httpd core HTTP_HEADER filter has or will install the
- * "CHUNK" output transcode filter, which appears further down
- * the filter chain. We do not want it for HTTP/2.
- * Once we successfully deinstalled it, this filter has no
- * further function and we remove it.
- */
- status = ap_remove_output_filter_byhandle(f->r->output_filters,
- "CHUNK");
- if (status == APR_SUCCESS) {
- ap_remove_output_filter(f);
- }
- }
-
- return ap_pass_brigade(f->next, bb);
- }
-
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_from_h1(%d): read_response", from_h1->stream_id);
-
- while (!APR_BRIGADE_EMPTY(bb) && status == APR_SUCCESS) {
-
- switch (from_h1->state) {
-
- case H2_RESP_ST_STATUS_LINE:
- case H2_RESP_ST_HEADERS:
- status = get_line(from_h1, bb, f, line, sizeof(line));
- if (status != APR_SUCCESS) {
- return status;
- }
- if (from_h1->state == H2_RESP_ST_STATUS_LINE) {
- /* instead of parsing, just take it directly */
- from_h1->http_status = f->r->status;
- from_h1->state = H2_RESP_ST_HEADERS;
- }
- else if (line[0] == '\0') {
- /* end of headers, create the h2_response and
- * pass the rest of the brigade down the filter
- * chain.
- */
- status = make_h2_headers(from_h1, f->r);
- if (from_h1->bb) {
- apr_brigade_destroy(from_h1->bb);
- from_h1->bb = NULL;
- }
- if (!APR_BRIGADE_EMPTY(bb)) {
- return ap_pass_brigade(f->next, bb);
- }
- }
- else {
- status = parse_header(from_h1, f, line);
- }
- break;
-
- default:
- return ap_pass_brigade(f->next, bb);
- }
-
- }
-
- return status;
-}
-
/* This routine is called by apr_table_do and merges all instances of
* the passed field values into a single array that will be further
* processed by some later routine. Originally intended to help split
@@ -280,8 +103,7 @@ static void fix_vary(request_rec *r)
* its comma-separated fieldname values, and then add them to varies
* if not already present in the array.
*/
- apr_table_do((int (*)(void *, const char *, const char *))uniq_field_values,
- (void *) varies, r->headers_out, "Vary", NULL);
+ apr_table_do(uniq_field_values, varies, r->headers_out, "Vary", NULL);
/* If we found any, replace old Vary fields with unique-ified value */
@@ -291,8 +113,8 @@ static void fix_vary(request_rec *r)
}
}
-void h2_from_h1_set_basic_http_header(apr_table_t *headers, request_rec *r,
- apr_pool_t *pool)
+static void set_basic_http_header(apr_table_t *headers, request_rec *r,
+ apr_pool_t *pool)
{
char *date = NULL;
const char *proxy_date = NULL;
@@ -345,7 +167,7 @@ static int copy_header(void *ctx, const char *name, const char *value)
return 1;
}
-static h2_response *create_response(h2_from_h1 *from_h1, request_rec *r)
+static h2_headers *create_response(h2_task *task, request_rec *r)
{
const char *clheader;
const char *ctype;
@@ -450,10 +272,9 @@ static h2_response *create_response(h2_from_h1 *from_h1, request_rec *r)
headers = apr_table_make(r->pool, 10);
- h2_from_h1_set_basic_http_header(headers, r, r->pool);
+ set_basic_http_header(headers, r, r->pool);
if (r->status == HTTP_NOT_MODIFIED) {
- apr_table_do((int (*)(void *, const char *, const char *)) copy_header,
- (void *) headers, r->headers_out,
+ apr_table_do(copy_header, headers, r->headers_out,
"ETag",
"Content-Location",
"Expires",
@@ -467,118 +288,547 @@ static h2_response *create_response(h2_from_h1 *from_h1, request_rec *r)
NULL);
}
else {
- apr_table_do((int (*)(void *, const char *, const char *)) copy_header,
- (void *) headers, r->headers_out, NULL);
+ apr_table_do(copy_header, headers, r->headers_out, NULL);
}
- return h2_response_rcreate(from_h1->stream_id, r, headers, r->pool);
+ return h2_headers_rcreate(r, r->status, headers, r->pool);
}
-apr_status_t h2_response_output_filter(ap_filter_t *f, apr_bucket_brigade *bb)
-{
- h2_task *task = f->ctx;
- h2_from_h1 *from_h1 = task->output.from_h1;
- request_rec *r = f->r;
- apr_bucket *b;
- ap_bucket_error *eb = NULL;
+typedef enum {
+ H2_RP_STATUS_LINE,
+ H2_RP_HEADER_LINE,
+ H2_RP_DONE
+} h2_rp_state_t;
- AP_DEBUG_ASSERT(from_h1 != NULL);
-
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_from_h1(%d): output_filter called", from_h1->stream_id);
-
- if (r->header_only && from_h1->response) {
- /* throw away any data after we have compiled the response */
- apr_brigade_cleanup(bb);
- return OK;
+typedef struct h2_response_parser {
+ h2_rp_state_t state;
+ h2_task *task;
+ int http_status;
+ apr_array_header_t *hlines;
+ apr_bucket_brigade *tmp;
+} h2_response_parser;
+
+static apr_status_t parse_header(h2_response_parser *parser, char *line) {
+ const char *hline;
+ if (line[0] == ' ' || line[0] == '\t') {
+ char **plast;
+ /* continuation line from the header before this */
+ while (line[0] == ' ' || line[0] == '\t') {
+ ++line;
+ }
+
+ plast = apr_array_pop(parser->hlines);
+ if (plast == NULL) {
+ /* not well formed */
+ return APR_EINVAL;
+ }
+ hline = apr_psprintf(parser->task->pool, "%s %s", *plast, line);
+ }
+ else {
+ /* new header line */
+ hline = apr_pstrdup(parser->task->pool, line);
}
+ APR_ARRAY_PUSH(parser->hlines, const char*) = hline;
+ return APR_SUCCESS;
+}
+
+static apr_status_t get_line(h2_response_parser *parser, apr_bucket_brigade *bb,
+ char *line, apr_size_t len)
+{
+ h2_task *task = parser->task;
+ apr_status_t status;
- for (b = APR_BRIGADE_FIRST(bb);
- b != APR_BRIGADE_SENTINEL(bb);
- b = APR_BUCKET_NEXT(b))
- {
- if (AP_BUCKET_IS_ERROR(b) && !eb) {
- eb = b->data;
- continue;
+ if (!parser->tmp) {
+ parser->tmp = apr_brigade_create(task->pool, task->c->bucket_alloc);
+ }
+ status = apr_brigade_split_line(parser->tmp, bb, APR_BLOCK_READ,
+ HUGE_STRING_LEN);
+ if (status == APR_SUCCESS) {
+ --len;
+ status = apr_brigade_flatten(parser->tmp, line, &len);
+ if (status == APR_SUCCESS) {
+ /* we assume a non-0 containing line and remove trailing crlf. */
+ line[len] = '\0';
+ if (len >= 2 && !strcmp(H2_CRLF, line + len - 2)) {
+ len -= 2;
+ line[len] = '\0';
+ apr_brigade_cleanup(parser->tmp);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c,
+ "h2_task(%s): read response line: %s",
+ task->id, line);
+ }
+ else {
+ /* this does not look like a complete line yet */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c,
+ "h2_task(%s): read response, incomplete line: %s",
+ task->id, line);
+ return APR_EAGAIN;
+ }
}
- /*
- * If we see an EOC bucket it is a signal that we should get out
- * of the way doing nothing.
- */
- if (AP_BUCKET_IS_EOC(b)) {
- ap_remove_output_filter(f);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, f->c,
- "h2_from_h1(%d): eoc bucket passed",
- from_h1->stream_id);
- return ap_pass_brigade(f->next, bb);
+ }
+ apr_brigade_cleanup(parser->tmp);
+ return status;
+}
+
+static apr_table_t *make_table(h2_response_parser *parser)
+{
+ h2_task *task = parser->task;
+ apr_array_header_t *hlines = parser->hlines;
+ if (hlines) {
+ apr_table_t *headers = apr_table_make(task->pool, hlines->nelts);
+ int i;
+
+ for (i = 0; i < hlines->nelts; ++i) {
+ char *hline = ((char **)hlines->elts)[i];
+ char *sep = ap_strchr(hline, ':');
+ if (!sep) {
+ ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, task->c,
+ APLOGNO(02955) "h2_task(%s): invalid header[%d] '%s'",
+ task->id, i, (char*)hline);
+ /* not valid format, abort */
+ return NULL;
+ }
+ (*sep++) = '\0';
+ while (*sep == ' ' || *sep == '\t') {
+ ++sep;
+ }
+
+ if (!h2_util_ignore_header(hline)) {
+ apr_table_merge(headers, hline, sep);
+ }
}
+ return headers;
+ }
+ else {
+ return apr_table_make(task->pool, 0);
}
+}
+
+static apr_status_t pass_response(h2_task *task, ap_filter_t *f,
+ h2_response_parser *parser)
+{
+ apr_bucket *b;
+ apr_status_t status;
- if (eb) {
- int st = eb->status;
- apr_brigade_cleanup(bb);
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, APLOGNO(03047)
- "h2_from_h1(%d): err bucket status=%d",
- from_h1->stream_id, st);
- ap_die(st, r);
- return AP_FILTER_ERROR;
+ h2_headers *response = h2_headers_create(parser->http_status,
+ make_table(parser),
+ NULL, task->pool);
+ apr_brigade_cleanup(parser->tmp);
+ b = h2_bucket_headers_create(task->c->bucket_alloc, response);
+ APR_BRIGADE_INSERT_TAIL(parser->tmp, b);
+ b = apr_bucket_flush_create(task->c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(parser->tmp, b);
+ status = ap_pass_brigade(f->next, parser->tmp);
+ apr_brigade_cleanup(parser->tmp);
+
+ /* reset parser for possible next response */
+ parser->state = H2_RP_STATUS_LINE;
+ apr_array_clear(parser->hlines);
+
+ if (response->status >= 200) {
+ task->output.sent_response = 1;
+ }
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c,
+ APLOGNO(03197) "h2_task(%s): passed response %d",
+ task->id, response->status);
+ return status;
+}
+
+static apr_status_t parse_status(h2_task *task, char *line)
+{
+ h2_response_parser *parser = task->output.rparser;
+ int sindex = (apr_date_checkmask(line, "HTTP/#.# ###*")? 9 :
+ (apr_date_checkmask(line, "HTTP/# ###*")? 7 : 0));
+ if (sindex > 0) {
+ int k = sindex + 3;
+ char keepchar = line[k];
+ line[k] = '\0';
+ parser->http_status = atoi(&line[sindex]);
+ line[k] = keepchar;
+ parser->state = H2_RP_HEADER_LINE;
+
+ return APR_SUCCESS;
+ }
+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, task->c, APLOGNO(03467)
+ "h2_task(%s): unable to parse status line: %s",
+ task->id, line);
+ return APR_EINVAL;
+}
+
+apr_status_t h2_from_h1_parse_response(h2_task *task, ap_filter_t *f,
+ apr_bucket_brigade *bb)
+{
+ h2_response_parser *parser = task->output.rparser;
+ char line[HUGE_STRING_LEN];
+ apr_status_t status = APR_SUCCESS;
+
+ if (!parser) {
+ parser = apr_pcalloc(task->pool, sizeof(*parser));
+ parser->task = task;
+ parser->state = H2_RP_STATUS_LINE;
+ parser->hlines = apr_array_make(task->pool, 10, sizeof(char *));
+ task->output.rparser = parser;
}
- from_h1->response = create_response(from_h1, r);
- if (from_h1->response == NULL) {
- ap_log_cerror(APLOG_MARK, APLOG_NOTICE, 0, f->c, APLOGNO(03048)
- "h2_from_h1(%d): unable to create response",
- from_h1->stream_id);
- return APR_ENOMEM;
+ while (!APR_BRIGADE_EMPTY(bb) && status == APR_SUCCESS) {
+ switch (parser->state) {
+ case H2_RP_STATUS_LINE:
+ case H2_RP_HEADER_LINE:
+ status = get_line(parser, bb, line, sizeof(line));
+ if (status == APR_EAGAIN) {
+ /* need more data */
+ return APR_SUCCESS;
+ }
+ else if (status != APR_SUCCESS) {
+ return status;
+ }
+ if (parser->state == H2_RP_STATUS_LINE) {
+ /* instead of parsing, just take it directly */
+ status = parse_status(task, line);
+ }
+ else if (line[0] == '\0') {
+ /* end of headers, pass response onward */
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
+ "h2_task(%s): end of response", task->id);
+ return pass_response(task, f, parser);
+ }
+ else {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
+ "h2_task(%s): response header %s", task->id, line);
+ status = parse_header(parser, line);
+ }
+ break;
+
+ default:
+ return status;
+ }
+ }
+ return status;
+}
+
+apr_status_t h2_filter_headers_out(ap_filter_t *f, apr_bucket_brigade *bb)
+{
+ h2_task *task = f->ctx;
+ request_rec *r = f->r;
+ apr_bucket *b, *bresp, *body_bucket = NULL, *next;
+ ap_bucket_error *eb = NULL;
+ h2_headers *response = NULL;
+
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
+ "h2_task(%s): output_filter called", task->id);
+
+ if (!task->output.sent_response) {
+ /* check, if we need to send the response now. Until we actually
+ * see a DATA bucket or some EOS/EOR, we do not do so. */
+ for (b = APR_BRIGADE_FIRST(bb);
+ b != APR_BRIGADE_SENTINEL(bb);
+ b = APR_BUCKET_NEXT(b))
+ {
+ if (AP_BUCKET_IS_ERROR(b) && !eb) {
+ eb = b->data;
+ }
+ else if (AP_BUCKET_IS_EOC(b)) {
+ /* If we see an EOC bucket it is a signal that we should get out
+ * of the way doing nothing.
+ */
+ ap_remove_output_filter(f);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, f->c,
+ "h2_task(%s): eoc bucket passed", task->id);
+ return ap_pass_brigade(f->next, bb);
+ }
+ else if (!H2_BUCKET_IS_HEADERS(b) && !APR_BUCKET_IS_FLUSH(b)) {
+ body_bucket = b;
+ break;
+ }
+ }
+
+ if (eb) {
+ int st = eb->status;
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, APLOGNO(03047)
+ "h2_task(%s): err bucket status=%d", task->id, st);
+ /* throw everything away and replace it with the error response
+ * generated by ap_die() */
+ apr_brigade_cleanup(bb);
+ ap_die(st, r);
+ return AP_FILTER_ERROR;
+ }
+
+ if (body_bucket) {
+ /* time to insert the response bucket before the body */
+ response = create_response(task, r);
+ if (response == NULL) {
+ ap_log_cerror(APLOG_MARK, APLOG_NOTICE, 0, f->c, APLOGNO(03048)
+ "h2_task(%s): unable to create response", task->id);
+ return APR_ENOMEM;
+ }
+
+ bresp = h2_bucket_headers_create(f->c->bucket_alloc, response);
+ APR_BUCKET_INSERT_BEFORE(body_bucket, bresp);
+ task->output.sent_response = 1;
+ r->sent_bodyct = 1;
+ }
}
if (r->header_only) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_from_h1(%d): header_only, cleanup output brigade",
- from_h1->stream_id);
- apr_brigade_cleanup(bb);
- return OK;
+ "h2_task(%s): header_only, cleanup output brigade",
+ task->id);
+ b = body_bucket? body_bucket : APR_BRIGADE_FIRST(bb);
+ while (b != APR_BRIGADE_SENTINEL(bb)) {
+ next = APR_BUCKET_NEXT(b);
+ if (APR_BUCKET_IS_EOS(b) || AP_BUCKET_IS_EOR(b)) {
+ break;
+ }
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ b = next;
+ }
+ }
+ else if (task->output.sent_response) {
+ /* lets get out of the way, our task is done */
+ ap_remove_output_filter(f);
}
+ return ap_pass_brigade(f->next, bb);
+}
+
+static void make_chunk(h2_task *task, apr_bucket_brigade *bb,
+ apr_bucket *first, apr_off_t chunk_len,
+ apr_bucket *tail)
+{
+ /* Surround the buckets [first, tail[ with new buckets carrying the
+ * HTTP/1.1 chunked encoding format. If tail is NULL, the chunk extends
+ * to the end of the brigade. */
+ char buffer[128];
+ apr_bucket *c;
+ int len;
+
+ len = apr_snprintf(buffer, H2_ALEN(buffer),
+ "%"APR_UINT64_T_HEX_FMT"\r\n", (apr_uint64_t)chunk_len);
+ c = apr_bucket_heap_create(buffer, len, NULL, bb->bucket_alloc);
+ APR_BUCKET_INSERT_BEFORE(first, c);
+ c = apr_bucket_heap_create("\r\n", 2, NULL, bb->bucket_alloc);
+ if (tail) {
+ APR_BUCKET_INSERT_BEFORE(tail, c);
+ }
+ else {
+ APR_BRIGADE_INSERT_TAIL(bb, c);
+ }
+ task->input.chunked_total += chunk_len;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, task->c,
+ "h2_task(%s): added chunk %ld, total %ld",
+ task->id, (long)chunk_len, (long)task->input.chunked_total);
+}
+
+static int ser_header(void *ctx, const char *name, const char *value)
+{
+ apr_bucket_brigade *bb = ctx;
+ apr_brigade_printf(bb, NULL, NULL, "%s: %s\r\n", name, value);
+ return 1;
+}
+
+static apr_status_t read_and_chunk(ap_filter_t *f, h2_task *task,
+ apr_read_type_e block) {
+ request_rec *r = f->r;
+ apr_status_t status = APR_SUCCESS;
+ apr_bucket_brigade *bb = task->input.bbchunk;
- r->sent_bodyct = 1; /* Whatever follows is real body stuff... */
+ if (!bb) {
+ bb = apr_brigade_create(r->pool, f->c->bucket_alloc);
+ task->input.bbchunk = bb;
+ }
- ap_remove_output_filter(f);
- if (APLOGctrace1(f->c)) {
- apr_off_t len = 0;
- apr_brigade_length(bb, 0, &len);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_from_h1(%d): removed header filter, passing brigade "
- "len=%ld", from_h1->stream_id, (long)len);
+ if (APR_BRIGADE_EMPTY(bb)) {
+ apr_bucket *b, *next, *first_data = NULL;
+ apr_bucket_brigade *tmp;
+ apr_off_t bblen = 0;
+
+ /* get more data from the lower layer filters. Always do this
+ * in larger pieces, since we handle the read modes ourself. */
+ status = ap_get_brigade(f->next, bb,
+ AP_MODE_READBYTES, block, 32*1024);
+ if (status == APR_EOF) {
+ if (!task->input.eos) {
+ status = apr_brigade_puts(bb, NULL, NULL, "0\r\n\r\n");
+ task->input.eos = 1;
+ return APR_SUCCESS;
+ }
+ ap_remove_input_filter(f);
+ return status;
+
+ }
+ else if (status != APR_SUCCESS) {
+ return status;
+ }
+
+ for (b = APR_BRIGADE_FIRST(bb);
+ b != APR_BRIGADE_SENTINEL(bb) && !task->input.eos;
+ b = next) {
+ next = APR_BUCKET_NEXT(b);
+ if (APR_BUCKET_IS_METADATA(b)) {
+ if (first_data) {
+ make_chunk(task, bb, first_data, bblen, b);
+ first_data = NULL;
+ }
+
+ if (H2_BUCKET_IS_HEADERS(b)) {
+ h2_headers *headers = h2_bucket_headers_get(b);
+
+ ap_assert(headers);
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
+ "h2_task(%s): receiving trailers", task->id);
+ tmp = apr_brigade_split_ex(bb, b, NULL);
+ if (!apr_is_empty_table(headers->headers)) {
+ status = apr_brigade_puts(bb, NULL, NULL, "0\r\n");
+ apr_table_do(ser_header, bb, headers->headers, NULL);
+ status = apr_brigade_puts(bb, NULL, NULL, "\r\n");
+ }
+ else {
+ status = apr_brigade_puts(bb, NULL, NULL, "0\r\n\r\n");
+ }
+ r->trailers_in = apr_table_clone(r->pool, headers->headers);
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ APR_BRIGADE_CONCAT(bb, tmp);
+ apr_brigade_destroy(tmp);
+ task->input.eos = 1;
+ }
+ else if (APR_BUCKET_IS_EOS(b)) {
+ tmp = apr_brigade_split_ex(bb, b, NULL);
+ status = apr_brigade_puts(bb, NULL, NULL, "0\r\n\r\n");
+ APR_BRIGADE_CONCAT(bb, tmp);
+ apr_brigade_destroy(tmp);
+ task->input.eos = 1;
+ }
+ }
+ else if (b->length == 0) {
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ }
+ else {
+ if (!first_data) {
+ first_data = b;
+ bblen = 0;
+ }
+ bblen += b->length;
+ }
+ }
+
+ if (first_data) {
+ make_chunk(task, bb, first_data, bblen, NULL);
+ }
}
- return ap_pass_brigade(f->next, bb);
+ return status;
}
-apr_status_t h2_response_trailers_filter(ap_filter_t *f, apr_bucket_brigade *bb)
+apr_status_t h2_filter_request_in(ap_filter_t* f,
+ apr_bucket_brigade* bb,
+ ap_input_mode_t mode,
+ apr_read_type_e block,
+ apr_off_t readbytes)
{
h2_task *task = f->ctx;
- h2_from_h1 *from_h1 = task->output.from_h1;
request_rec *r = f->r;
- apr_bucket *b;
+ apr_status_t status = APR_SUCCESS;
+ apr_bucket *b, *next;
+
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, f->r,
+ "h2_task(%s): request filter, exp=%d", task->id, r->expecting_100);
+ if (!task->request->chunked) {
+ status = ap_get_brigade(f->next, bb, mode, block, readbytes);
+ /* pipe data through, just take care of trailers */
+ for (b = APR_BRIGADE_FIRST(bb);
+ b != APR_BRIGADE_SENTINEL(bb); b = next) {
+ next = APR_BUCKET_NEXT(b);
+ if (H2_BUCKET_IS_HEADERS(b)) {
+ h2_headers *headers = h2_bucket_headers_get(b);
+ ap_assert(headers);
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
+ "h2_task(%s): receiving trailers", task->id);
+ r->trailers_in = apr_table_clone(r->pool, headers->headers);
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ ap_remove_input_filter(f);
+ break;
+ }
+ }
+ return status;
+ }
+
+ /* Things are more complicated. The standard HTTP input filter, which
+ * does a lot what we do not want to duplicate, also cares about chunked
+ * transfer encoding and trailers.
+ * We need to simulate chunked encoding for it to be happy.
+ */
+ if ((status = read_and_chunk(f, task, block)) != APR_SUCCESS) {
+ return status;
+ }
+
+ if (mode == AP_MODE_EXHAUSTIVE) {
+ /* return all we have */
+ APR_BRIGADE_CONCAT(bb, task->input.bbchunk);
+ }
+ else if (mode == AP_MODE_READBYTES) {
+ status = h2_brigade_concat_length(bb, task->input.bbchunk, readbytes);
+ }
+ else if (mode == AP_MODE_SPECULATIVE) {
+ status = h2_brigade_copy_length(bb, task->input.bbchunk, readbytes);
+ }
+ else if (mode == AP_MODE_GETLINE) {
+ /* we are reading a single LF line, e.g. the HTTP headers.
+ * this has the nasty side effect to split the bucket, even
+ * though it ends with CRLF and creates a 0 length bucket */
+ status = apr_brigade_split_line(bb, task->input.bbchunk, block,
+ HUGE_STRING_LEN);
+ if (APLOGctrace1(f->c)) {
+ char buffer[1024];
+ apr_size_t len = sizeof(buffer)-1;
+ apr_brigade_flatten(bb, buffer, &len);
+ buffer[len] = 0;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c,
+ "h2_task(%s): getline: %s",
+ task->id, buffer);
+ }
+ }
+ else {
+ /* Hmm, well. There is mode AP_MODE_EATCRLF, but we chose not
+ * to support it. Seems to work. */
+ ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_ENOTIMPL, f->c,
+ APLOGNO(02942)
+ "h2_task, unsupported READ mode %d", mode);
+ status = APR_ENOTIMPL;
+ }
+
+ h2_util_bb_log(f->c, task->stream_id, APLOG_TRACE2, "forwarding input", bb);
+ return status;
+}
+
+apr_status_t h2_filter_trailers_out(ap_filter_t *f, apr_bucket_brigade *bb)
+{
+ h2_task *task = f->ctx;
+ request_rec *r = f->r;
+ apr_bucket *b, *e;
- if (from_h1 && from_h1->response) {
- /* Detect the EOR bucket and forward any trailers that may have
- * been set to our h2_response.
+ if (task && r) {
+ /* Detect the EOS/EOR bucket and forward any trailers that may have
+ * been set to our h2_headers.
*/
for (b = APR_BRIGADE_FIRST(bb);
b != APR_BRIGADE_SENTINEL(bb);
b = APR_BUCKET_NEXT(b))
{
- if (AP_BUCKET_IS_EOR(b)) {
- /* FIXME: need a better test case than this.
- apr_table_setn(r->trailers_out, "X", "1"); */
- if (r->trailers_out && !apr_is_empty_table(r->trailers_out)) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, APLOGNO(03049)
- "h2_from_h1(%d): trailers filter, saving trailers",
- from_h1->stream_id);
- h2_response_set_trailers(from_h1->response,
- apr_table_clone(from_h1->pool,
- r->trailers_out));
- }
+ if ((APR_BUCKET_IS_EOS(b) || AP_BUCKET_IS_EOR(b))
+ && r->trailers_out && !apr_is_empty_table(r->trailers_out)) {
+ h2_headers *headers;
+ apr_table_t *trailers;
+
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c, APLOGNO(03049)
+ "h2_task(%s): sending trailers", task->id);
+ trailers = apr_table_clone(r->pool, r->trailers_out);
+ headers = h2_headers_rcreate(r, HTTP_OK, trailers, r->pool);
+ e = h2_bucket_headers_create(bb->bucket_alloc, headers);
+ APR_BUCKET_INSERT_BEFORE(b, e);
+ apr_table_clear(r->trailers_out);
+ ap_remove_output_filter(f);
break;
}
}
diff --git a/modules/http2/h2_from_h1.h b/modules/http2/h2_from_h1.h
index 71cc35f..1b7160a 100644
--- a/modules/http2/h2_from_h1.h
+++ b/modules/http2/h2_from_h1.h
@@ -30,46 +30,20 @@
* we need to have all handlers and filters involved in request/response
* processing, so this seems to be the way for now.
*/
+struct h2_headers;
+struct h2_task;
-typedef enum {
- H2_RESP_ST_STATUS_LINE, /* parsing http/1 status line */
- H2_RESP_ST_HEADERS, /* parsing http/1 response headers */
- H2_RESP_ST_BODY, /* transferring response body */
- H2_RESP_ST_DONE /* complete response converted */
-} h2_from_h1_state_t;
+apr_status_t h2_from_h1_parse_response(struct h2_task *task, ap_filter_t *f,
+ apr_bucket_brigade *bb);
-struct h2_response;
+apr_status_t h2_filter_headers_out(ap_filter_t *f, apr_bucket_brigade *bb);
-typedef struct h2_from_h1 h2_from_h1;
+apr_status_t h2_filter_request_in(ap_filter_t* f,
+ apr_bucket_brigade* brigade,
+ ap_input_mode_t mode,
+ apr_read_type_e block,
+ apr_off_t readbytes);
-struct h2_from_h1 {
- int stream_id;
- h2_from_h1_state_t state;
- apr_pool_t *pool;
- apr_bucket_brigade *bb;
-
- apr_off_t content_length;
- int chunked;
-
- int http_status;
- apr_array_header_t *hlines;
-
- struct h2_response *response;
-};
-
-
-h2_from_h1 *h2_from_h1_create(int stream_id, apr_pool_t *pool);
-
-apr_status_t h2_from_h1_read_response(h2_from_h1 *from_h1,
- ap_filter_t* f, apr_bucket_brigade* bb);
-
-struct h2_response *h2_from_h1_get_response(h2_from_h1 *from_h1);
-
-apr_status_t h2_response_output_filter(ap_filter_t *f, apr_bucket_brigade *bb);
-
-apr_status_t h2_response_trailers_filter(ap_filter_t *f, apr_bucket_brigade *bb);
-
-void h2_from_h1_set_basic_http_header(apr_table_t *headers, request_rec *r,
- apr_pool_t *pool);
+apr_status_t h2_filter_trailers_out(ap_filter_t *f, apr_bucket_brigade *bb);
#endif /* defined(__mod_h2__h2_from_h1__) */
diff --git a/modules/http2/h2_h2.c b/modules/http2/h2_h2.c
index 825cd77..d174338 100644
--- a/modules/http2/h2_h2.c
+++ b/modules/http2/h2_h2.c
@@ -32,12 +32,15 @@
#include "mod_http2.h"
#include "h2_private.h"
+#include "h2_bucket_beam.h"
#include "h2_stream.h"
#include "h2_task.h"
#include "h2_config.h"
#include "h2_ctx.h"
#include "h2_conn.h"
+#include "h2_filter.h"
#include "h2_request.h"
+#include "h2_headers.h"
#include "h2_session.h"
#include "h2_util.h"
#include "h2_h2.h"
@@ -433,6 +436,7 @@ static int cipher_is_blacklisted(const char *cipher, const char **psource)
static int h2_h2_process_conn(conn_rec* c);
static int h2_h2_pre_close_conn(conn_rec* c);
static int h2_h2_post_read_req(request_rec *r);
+static int h2_h2_late_fixups(request_rec *r);
/*******************************************************************************
* Once per lifetime init, retrieve optional functions
@@ -567,6 +571,11 @@ void h2_h2_register_hooks(void)
* never see the response.
*/
ap_hook_post_read_request(h2_h2_post_read_req, NULL, NULL, APR_HOOK_REALLY_FIRST);
+ ap_hook_fixups(h2_h2_late_fixups, NULL, NULL, APR_HOOK_LAST);
+
+ /* special bucket type transfer through a h2_bucket_beam */
+ h2_register_bucket_beamer(h2_bucket_headers_beam);
+ h2_register_bucket_beamer(h2_bucket_observer_beam);
}
int h2_h2_process_conn(conn_rec* c)
@@ -672,6 +681,32 @@ static int h2_h2_pre_close_conn(conn_rec *c)
return DECLINED;
}
+static void check_push(request_rec *r, const char *tag)
+{
+ const h2_config *conf = h2_config_rget(r);
+ if (!r->expecting_100
+ && conf && conf->push_list && conf->push_list->nelts > 0) {
+ int i, old_status;
+ const char *old_line;
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+ "%s, early announcing %d resources for push",
+ tag, conf->push_list->nelts);
+ for (i = 0; i < conf->push_list->nelts; ++i) {
+ h2_push_res *push = &APR_ARRAY_IDX(conf->push_list, i, h2_push_res);
+ apr_table_addn(r->headers_out, "Link",
+ apr_psprintf(r->pool, "<%s>; rel=preload%s",
+ push->uri_ref, push->critical? "; critical" : ""));
+ }
+ old_status = r->status;
+ old_line = r->status_line;
+ r->status = 103;
+ r->status_line = "103 Early Hints";
+ ap_send_interim_response(r, 1);
+ r->status = old_status;
+ r->status_line = old_line;
+ }
+}
+
static int h2_h2_post_read_req(request_rec *r)
{
/* slave connection? */
@@ -682,33 +717,48 @@ static int h2_h2_post_read_req(request_rec *r)
* that we manipulate filters only once. */
if (task && !task->filters_set) {
ap_filter_t *f;
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE3, 0, r,
+ "h2_task(%s): adding request filters", task->id);
+
+ /* setup the correct filters to process the request for h2 */
+ ap_add_input_filter("H2_REQUEST", task, r, r->connection);
- /* setup the correct output filters to process the response
- * on the proper mod_http2 way. */
- ap_log_rerror(APLOG_MARK, APLOG_TRACE3, 0, r, "adding task output filter");
- if (task->ser_headers) {
- ap_add_output_filter("H1_TO_H2_RESP", task, r, r->connection);
- }
- else {
- /* replace the core http filter that formats response headers
- * in HTTP/1 with our own that collects status and headers */
- ap_remove_output_filter_byhandle(r->output_filters, "HTTP_HEADER");
- ap_add_output_filter("H2_RESPONSE", task, r, r->connection);
- }
+ /* replace the core http filter that formats response headers
+ * in HTTP/1 with our own that collects status and headers */
+ ap_remove_output_filter_byhandle(r->output_filters, "HTTP_HEADER");
+ ap_add_output_filter("H2_RESPONSE", task, r, r->connection);
- /* trailers processing. Incoming trailers are added to this
- * request via our h2 input filter, outgoing trailers
- * in a special h2 out filter. */
for (f = r->input_filters; f; f = f->next) {
- if (!strcmp("H2_TO_H1", f->frec->name)) {
+ if (!strcmp("H2_SLAVE_IN", f->frec->name)) {
f->r = r;
break;
}
}
- ap_add_output_filter("H2_TRAILERS", task, r, r->connection);
+ ap_add_output_filter("H2_TRAILERS_OUT", task, r, r->connection);
task->filters_set = 1;
}
}
return DECLINED;
}
+static int h2_h2_late_fixups(request_rec *r)
+{
+ /* slave connection? */
+ if (r->connection->master) {
+ h2_ctx *ctx = h2_ctx_rget(r);
+ struct h2_task *task = h2_ctx_get_task(ctx);
+ if (task) {
+ /* check if we copy vs. setaside files in this location */
+ task->output.copy_files = h2_config_geti(h2_config_rget(r),
+ H2_CONF_COPY_FILES);
+ if (task->output.copy_files) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
+ "h2_slave_out(%s): copy_files on", task->id);
+ h2_beam_on_file_beam(task->output.beam, h2_beam_no_files, NULL);
+ }
+ check_push(r, "late_fixup");
+ }
+ }
+ return DECLINED;
+}
+
diff --git a/modules/http2/h2_h2.h b/modules/http2/h2_h2.h
index 592001e..fad129a 100644
--- a/modules/http2/h2_h2.h
+++ b/modules/http2/h2_h2.h
@@ -17,7 +17,7 @@
#define __mod_h2__h2_h2__
/**
- * List of ALPN protocol identifiers that we suport in cleartext
+ * List of ALPN protocol identifiers that we support in cleartext
* negotiations. NULL terminated.
*/
extern const char *h2_clear_protos[];
@@ -36,7 +36,7 @@ extern const char *h2_tls_protos[];
const char *h2_h2_err_description(unsigned int h2_error);
/*
- * One time, post config intialization.
+ * One time, post config initialization.
*/
apr_status_t h2_h2_init(apr_pool_t *pool, server_rec *s);
diff --git a/modules/http2/h2_headers.c b/modules/http2/h2_headers.c
new file mode 100644
index 0000000..8add79f
--- /dev/null
+++ b/modules/http2/h2_headers.c
@@ -0,0 +1,161 @@
+/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <assert.h>
+#include <stdio.h>
+
+#include <apr_strings.h>
+
+#include <httpd.h>
+#include <http_core.h>
+#include <http_log.h>
+#include <util_time.h>
+
+#include <nghttp2/nghttp2.h>
+
+#include "h2_private.h"
+#include "h2_h2.h"
+#include "h2_util.h"
+#include "h2_request.h"
+#include "h2_headers.h"
+
+
+typedef struct {
+ apr_bucket_refcount refcount;
+ h2_headers *headers;
+} h2_bucket_headers;
+
+static apr_status_t bucket_read(apr_bucket *b, const char **str,
+ apr_size_t *len, apr_read_type_e block)
+{
+ (void)b;
+ (void)block;
+ *str = NULL;
+ *len = 0;
+ return APR_SUCCESS;
+}
+
+apr_bucket * h2_bucket_headers_make(apr_bucket *b, h2_headers *r)
+{
+ h2_bucket_headers *br;
+
+ br = apr_bucket_alloc(sizeof(*br), b->list);
+ br->headers = r;
+
+ b = apr_bucket_shared_make(b, br, 0, 0);
+ b->type = &h2_bucket_type_headers;
+
+ return b;
+}
+
+apr_bucket * h2_bucket_headers_create(apr_bucket_alloc_t *list,
+ h2_headers *r)
+{
+ apr_bucket *b = apr_bucket_alloc(sizeof(*b), list);
+
+ APR_BUCKET_INIT(b);
+ b->free = apr_bucket_free;
+ b->list = list;
+ b = h2_bucket_headers_make(b, r);
+ return b;
+}
+
+h2_headers *h2_bucket_headers_get(apr_bucket *b)
+{
+ if (H2_BUCKET_IS_HEADERS(b)) {
+ return ((h2_bucket_headers *)b->data)->headers;
+ }
+ return NULL;
+}
+
+const apr_bucket_type_t h2_bucket_type_headers = {
+ "H2HEADERS", 5, APR_BUCKET_METADATA,
+ apr_bucket_destroy_noop,
+ bucket_read,
+ apr_bucket_setaside_noop,
+ apr_bucket_split_notimpl,
+ apr_bucket_shared_copy
+};
+
+apr_bucket *h2_bucket_headers_beam(struct h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src)
+{
+ if (H2_BUCKET_IS_HEADERS(src)) {
+ h2_headers *r = ((h2_bucket_headers *)src->data)->headers;
+ apr_bucket *b = h2_bucket_headers_create(dest->bucket_alloc, r);
+ APR_BRIGADE_INSERT_TAIL(dest, b);
+ return b;
+ }
+ return NULL;
+}
+
+
+h2_headers *h2_headers_create(int status, apr_table_t *headers_in,
+ apr_table_t *notes, apr_pool_t *pool)
+{
+ h2_headers *headers = apr_pcalloc(pool, sizeof(h2_headers));
+ headers->status = status;
+ headers->headers = (headers_in? apr_table_copy(pool, headers_in)
+ : apr_table_make(pool, 5));
+ headers->notes = (notes? apr_table_copy(pool, notes)
+ : apr_table_make(pool, 5));
+ return headers;
+}
+
+h2_headers *h2_headers_rcreate(request_rec *r, int status,
+ apr_table_t *header, apr_pool_t *pool)
+{
+ h2_headers *headers = h2_headers_create(status, header, r->notes, pool);
+ if (headers->status == HTTP_FORBIDDEN) {
+ const char *cause = apr_table_get(r->notes, "ssl-renegotiate-forbidden");
+ if (cause) {
+ /* This request triggered a TLS renegotiation that is now allowed
+ * in HTTP/2. Tell the client that it should use HTTP/1.1 for this.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, headers->status, r,
+ APLOGNO(03061)
+ "h2_headers(%ld): renegotiate forbidden, cause: %s",
+ (long)r->connection->id, cause);
+ headers->status = H2_ERR_HTTP_1_1_REQUIRED;
+ }
+ }
+ return headers;
+}
+
+h2_headers *h2_headers_die(apr_status_t type,
+ const h2_request *req, apr_pool_t *pool)
+{
+ h2_headers *headers;
+ char *date;
+
+ headers = apr_pcalloc(pool, sizeof(h2_headers));
+ headers->status = (type >= 200 && type < 600)? type : 500;
+ headers->headers = apr_table_make(pool, 5);
+ headers->notes = apr_table_make(pool, 5);
+
+ date = apr_palloc(pool, APR_RFC822_DATE_LEN);
+ ap_recent_rfc822_date(date, req? req->request_time : apr_time_now());
+ apr_table_setn(headers->headers, "Date", date);
+ apr_table_setn(headers->headers, "Server", ap_get_server_banner());
+
+ return headers;
+}
+
+int h2_headers_are_response(h2_headers *headers)
+{
+ return headers->status >= 200;
+}
+
diff --git a/modules/http2/h2_headers.h b/modules/http2/h2_headers.h
new file mode 100644
index 0000000..412e93f
--- /dev/null
+++ b/modules/http2/h2_headers.h
@@ -0,0 +1,70 @@
+/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __mod_h2__h2_headers__
+#define __mod_h2__h2_headers__
+
+#include "h2.h"
+
+struct h2_bucket_beam;
+
+extern const apr_bucket_type_t h2_bucket_type_headers;
+
+#define H2_BUCKET_IS_HEADERS(e) (e->type == &h2_bucket_type_headers)
+
+apr_bucket * h2_bucket_headers_make(apr_bucket *b, h2_headers *r);
+
+apr_bucket * h2_bucket_headers_create(apr_bucket_alloc_t *list,
+ h2_headers *r);
+
+h2_headers *h2_bucket_headers_get(apr_bucket *b);
+
+apr_bucket *h2_bucket_headers_beam(struct h2_bucket_beam *beam,
+ apr_bucket_brigade *dest,
+ const apr_bucket *src);
+
+/**
+ * Create the headers from the given status and headers
+ * @param status the headers status
+ * @param header the headers of the headers
+ * @param notes the notes carried by the headers
+ * @param pool the memory pool to use
+ */
+h2_headers *h2_headers_create(int status, apr_table_t *header,
+ apr_table_t *notes, apr_pool_t *pool);
+
+/**
+ * Create the headers from the given request_rec.
+ * @param r the request record which was processed
+ * @param status the headers status
+ * @param header the headers of the headers
+ * @param pool the memory pool to use
+ */
+h2_headers *h2_headers_rcreate(request_rec *r, int status,
+ apr_table_t *header, apr_pool_t *pool);
+
+/**
+ * Create the headers for the given error.
+ * @param stream_id id of the stream to create the headers for
+ * @param type the error code
+ * @param req the original h2_request
+ * @param pool the memory pool to use
+ */
+h2_headers *h2_headers_die(apr_status_t type,
+ const struct h2_request *req, apr_pool_t *pool);
+
+int h2_headers_are_response(h2_headers *headers);
+
+#endif /* defined(__mod_h2__h2_headers__) */
diff --git a/modules/http2/h2_mplx.c b/modules/http2/h2_mplx.c
index 001eb7f..dd9c563 100644
--- a/modules/http2/h2_mplx.c
+++ b/modules/http2/h2_mplx.c
@@ -28,13 +28,13 @@
#include "mod_http2.h"
+#include "h2.h"
#include "h2_private.h"
#include "h2_bucket_beam.h"
#include "h2_config.h"
#include "h2_conn.h"
#include "h2_ctx.h"
#include "h2_h2.h"
-#include "h2_response.h"
#include "h2_mplx.h"
#include "h2_ngn_shed.h"
#include "h2_request.h"
@@ -53,10 +53,10 @@ static void h2_beam_log(h2_bucket_beam *beam, int id, const char *msg,
apr_size_t off = 0;
off += apr_snprintf(buffer+off, H2_ALEN(buffer)-off, "cl=%d, ", beam->closed);
- off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "red", ", ", &beam->red);
- off += h2_util_bb_print(buffer+off, H2_ALEN(buffer)-off, "green", ", ", beam->green);
- off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "hold", ", ", &beam->hold);
- off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "purge", "", &beam->purge);
+ off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "red", ", ", &beam->send_list);
+ off += h2_util_bb_print(buffer+off, H2_ALEN(buffer)-off, "green", ", ", beam->recv_buffer);
+ off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "hold", ", ", &beam->hold_list);
+ off += h2_util_bl_print(buffer+off, H2_ALEN(buffer)-off, "purge", "", &beam->purge_list);
ap_log_cerror(APLOG_MARK, level, 0, c, "beam(%ld-%d): %s %s",
c->id, id, msg, buffer);
@@ -90,14 +90,14 @@ static apr_status_t enter_mutex(h2_mplx *m, int *pacquired)
* This allow recursive entering of the mutex from the saem thread,
* which is what we need in certain situations involving callbacks
*/
- AP_DEBUG_ASSERT(m);
+ ap_assert(m);
apr_threadkey_private_get(&mutex, thread_lock);
if (mutex == m->lock) {
*pacquired = 0;
return APR_SUCCESS;
}
- AP_DEBUG_ASSERT(m->lock);
+ ap_assert(m->lock);
status = apr_thread_mutex_lock(m->lock);
*pacquired = (status == APR_SUCCESS);
if (*pacquired) {
@@ -168,7 +168,7 @@ static int can_beam_file(void *ctx, h2_bucket_beam *beam, apr_file_t *file)
return 0;
}
-static void have_out_data_for(h2_mplx *m, int stream_id);
+static void have_out_data_for(h2_mplx *m, h2_stream *stream, int response);
static void task_destroy(h2_mplx *m, h2_task *task, int called_from_master);
static void check_tx_reservation(h2_mplx *m)
@@ -196,12 +196,21 @@ static int purge_stream(void *ctx, void *val)
{
h2_mplx *m = ctx;
h2_stream *stream = val;
- h2_task *task = h2_ihash_get(m->tasks, stream->id);
- h2_ihash_remove(m->spurge, stream->id);
- h2_stream_destroy(stream);
+ int stream_id = stream->id;
+ h2_task *task;
+
+ /* stream_cleanup clears all buffers and destroys any buckets
+ * that might hold references into task space. Needs to be done
+ * before task destruction, otherwise it will complain. */
+ h2_stream_cleanup(stream);
+
+ task = h2_ihash_get(m->tasks, stream_id);
if (task) {
task_destroy(m, task, 1);
}
+
+ h2_stream_destroy(stream);
+ h2_ihash_remove(m->spurge, stream_id);
return 0;
}
@@ -217,11 +226,17 @@ static void purge_streams(h2_mplx *m)
static void h2_mplx_destroy(h2_mplx *m)
{
- AP_DEBUG_ASSERT(m);
+ conn_rec **pslave;
+ ap_assert(m);
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
"h2_mplx(%ld): destroy, tasks=%d",
m->id, (int)h2_ihash_count(m->tasks));
check_tx_free(m);
+
+ while (m->spare_slaves->nelts > 0) {
+ pslave = (conn_rec **)apr_array_pop(m->spare_slaves);
+ h2_slave_destroy(*pslave);
+ }
if (m->pool) {
apr_pool_destroy(m->pool);
}
@@ -246,7 +261,7 @@ h2_mplx *h2_mplx_create(conn_rec *c, apr_pool_t *parent,
apr_status_t status = APR_SUCCESS;
apr_allocator_t *allocator = NULL;
h2_mplx *m;
- AP_DEBUG_ASSERT(conf);
+ ap_assert(conf);
status = apr_allocator_create(&allocator);
if (status != APR_SUCCESS) {
@@ -286,15 +301,14 @@ h2_mplx *h2_mplx_create(conn_rec *c, apr_pool_t *parent,
m->shold = h2_ihash_create(m->pool, offsetof(h2_stream,id));
m->spurge = h2_ihash_create(m->pool, offsetof(h2_stream,id));
m->q = h2_iq_create(m->pool, m->max_streams);
- m->sready = h2_ihash_create(m->pool, offsetof(h2_stream,id));
- m->sresume = h2_ihash_create(m->pool, offsetof(h2_stream,id));
+ m->readyq = h2_iq_create(m->pool, m->max_streams);
m->tasks = h2_ihash_create(m->pool, offsetof(h2_task,stream_id));
+ m->redo_tasks = h2_ihash_create(m->pool, offsetof(h2_task, stream_id));
m->stream_timeout = stream_timeout;
m->workers = workers;
m->workers_max = workers->max_workers;
- m->workers_def_limit = 4;
- m->workers_limit = m->workers_def_limit;
+ m->workers_limit = 6; /* the original h1 max parallel connections */
m->last_limit_change = m->last_idle_block = apr_time_now();
m->limit_change_interval = apr_time_from_msec(200);
@@ -310,7 +324,7 @@ h2_mplx *h2_mplx_create(conn_rec *c, apr_pool_t *parent,
return m;
}
-apr_uint32_t h2_mplx_shutdown(h2_mplx *m)
+int h2_mplx_shutdown(h2_mplx *m)
{
int acquired, max_stream_started = 0;
@@ -344,7 +358,6 @@ static void task_destroy(h2_mplx *m, h2_task *task, int called_from_master)
{
conn_rec *slave = NULL;
int reuse_slave = 0;
- apr_status_t status;
ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, m->c,
"h2_task(%s): destroy", task->id);
@@ -356,29 +369,20 @@ static void task_destroy(h2_mplx *m, h2_task *task, int called_from_master)
}
}
- /* The pool is cleared/destroyed which also closes all
- * allocated file handles. Give this count back to our
- * file handle pool. */
- if (task->output.beam) {
- m->tx_handles_reserved +=
- h2_beam_get_files_beamed(task->output.beam);
- h2_beam_on_produced(task->output.beam, NULL, NULL);
- status = h2_beam_shutdown(task->output.beam, APR_NONBLOCK_READ, 1);
- if (status != APR_SUCCESS){
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, status, m->c,
- APLOGNO(03385) "h2_task(%s): output shutdown "
- "incomplete", task->id);
- }
- }
+ h2_beam_on_produced(task->output.beam, NULL, NULL);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c,
+ APLOGNO(03385) "h2_task(%s): destroy "
+ "output beam empty=%d, holds proxies=%d",
+ task->id,
+ h2_beam_empty(task->output.beam),
+ h2_beam_holds_proxies(task->output.beam));
slave = task->c;
reuse_slave = ((m->spare_slaves->nelts < m->spare_slaves->nalloc)
&& !task->rst_error);
h2_ihash_remove(m->tasks, task->stream_id);
- if (m->redo_tasks) {
- h2_ihash_remove(m->redo_tasks, task->stream_id);
- }
+ h2_ihash_remove(m->redo_tasks, task->stream_id);
h2_task_destroy(task);
if (slave) {
@@ -387,7 +391,7 @@ static void task_destroy(h2_mplx *m, h2_task *task, int called_from_master)
}
else {
slave->sbh = NULL;
- h2_slave_destroy(slave, NULL);
+ h2_slave_destroy(slave);
}
}
@@ -430,18 +434,16 @@ static void stream_done(h2_mplx *m, h2_stream *stream, int rst_error)
* stream destruction until the task is done.
*/
h2_iq_remove(m->q, stream->id);
- h2_ihash_remove(m->sready, stream->id);
- h2_ihash_remove(m->sresume, stream->id);
h2_ihash_remove(m->streams, stream->id);
- if (stream->input) {
- m->tx_handles_reserved += h2_beam_get_files_beamed(stream->input);
- h2_beam_on_consumed(stream->input, NULL, NULL);
- /* Let anyone blocked reading know that there is no more to come */
- h2_beam_abort(stream->input);
- /* Remove mutex after, so that abort still finds cond to signal */
- h2_beam_mutex_set(stream->input, NULL, NULL, NULL);
- }
+
h2_stream_cleanup(stream);
+ m->tx_handles_reserved += h2_beam_get_files_beamed(stream->input);
+ h2_beam_on_consumed(stream->input, NULL, NULL);
+ /* Let anyone blocked reading know that there is no more to come */
+ h2_beam_abort(stream->input);
+ /* Remove mutex after, so that abort still finds cond to signal */
+ h2_beam_mutex_set(stream->input, NULL, NULL, NULL);
+ m->tx_handles_reserved += h2_beam_get_files_beamed(stream->output);
task = h2_ihash_get(m->tasks, stream->id);
if (task) {
@@ -455,7 +457,7 @@ static void stream_done(h2_mplx *m, h2_stream *stream, int rst_error)
}
else {
/* already finished */
- task_destroy(m, task, 0);
+ task_destroy(m, task, 1);
}
}
h2_stream_destroy(stream);
@@ -467,30 +469,51 @@ static int stream_done_iter(void *ctx, void *val)
return 0;
}
+typedef struct {
+ h2_mplx_stream_cb *cb;
+ void *ctx;
+} stream_iter_ctx_t;
+
+static int stream_iter_wrap(void *ctx, void *stream)
+{
+ stream_iter_ctx_t *x = ctx;
+ return x->cb(stream, x->ctx);
+}
+
+apr_status_t h2_mplx_stream_do(h2_mplx *m, h2_mplx_stream_cb *cb, void *ctx)
+{
+ apr_status_t status;
+ int acquired;
+
+ if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
+ stream_iter_ctx_t x;
+ x.cb = cb;
+ x.ctx = ctx;
+ h2_ihash_iter(m->streams, stream_iter_wrap, &x);
+
+ leave_mutex(m, acquired);
+ }
+ return status;
+}
+
static int task_print(void *ctx, void *val)
{
h2_mplx *m = ctx;
h2_task *task = val;
- if (task && task->request) {
+ if (task) {
h2_stream *stream = h2_ihash_get(m->streams, task->stream_id);
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c, /* NO APLOGNO */
- "->03198: h2_stream(%s): %s %s %s -> %s %d"
- "[orph=%d/started=%d/done=%d]",
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, /* NO APLOGNO */
+ "->03198: h2_stream(%s): %s %s %s"
+ "[orph=%d/started=%d/done=%d/frozen=%d]",
task->id, task->request->method,
task->request->authority, task->request->path,
- task->response? "http" : (task->rst_error? "reset" : "?"),
- task->response? task->response->http_status : task->rst_error,
(stream? 0 : 1), task->worker_started,
- task->worker_done);
- }
- else if (task) {
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c, /* NO APLOGNO */
- "->03198: h2_stream(%ld-%d): NULL", m->id, task->stream_id);
+ task->worker_done, task->frozen);
}
else {
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c, /* NO APLOGNO */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, /* NO APLOGNO */
"->03198: h2_stream(%ld-NULL): NULL", m->id);
}
return 1;
@@ -499,13 +522,11 @@ static int task_print(void *ctx, void *val)
static int task_abort_connection(void *ctx, void *val)
{
h2_task *task = val;
- if (task->c) {
- task->c->aborted = 1;
- }
- if (task->input.beam) {
+ if (!task->worker_done) {
+ if (task->c) {
+ task->c->aborted = 1;
+ }
h2_beam_abort(task->input.beam);
- }
- if (task->output.beam) {
h2_beam_abort(task->output.beam);
}
return 1;
@@ -515,117 +536,97 @@ static int report_stream_iter(void *ctx, void *val) {
h2_mplx *m = ctx;
h2_stream *stream = val;
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
- "h2_mplx(%ld-%d): exists, started=%d, scheduled=%d, "
- "submitted=%d, suspended=%d",
+ "h2_mplx(%ld-%d): exists, started=%d, scheduled=%d, ready=%d",
m->id, stream->id, stream->started, stream->scheduled,
- stream->submitted, stream->suspended);
+ h2_stream_is_ready(stream));
return 1;
}
+static int task_done_iter(void *ctx, void *val);
+
apr_status_t h2_mplx_release_and_join(h2_mplx *m, apr_thread_cond_t *wait)
{
apr_status_t status;
int acquired;
+ /* How to shut down a h2 connection:
+ * 1. tell the workers that no more tasks will come from us */
h2_workers_unregister(m->workers, m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
- int i, wait_secs = 5;
+ int i, wait_secs = 60;
- if (!h2_ihash_empty(m->streams) && APLOGctrace1(m->c)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
- "h2_mplx(%ld): release_join with %d streams open, "
- "%d streams resume, %d streams ready, %d tasks",
- m->id, (int)h2_ihash_count(m->streams),
- (int)h2_ihash_count(m->sresume),
- (int)h2_ihash_count(m->sready),
- (int)h2_ihash_count(m->tasks));
- h2_ihash_iter(m->streams, report_stream_iter, m);
- }
-
- /* disable WINDOW_UPDATE callbacks */
+ /* 2. disable WINDOW_UPDATEs and set the mplx to aborted, clear
+ * our TODO list and purge any streams we have collected */
h2_mplx_set_consumed_cb(m, NULL, NULL);
-
- if (!h2_ihash_empty(m->shold)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%ld): start release_join with %d streams in hold",
- m->id, (int)h2_ihash_count(m->shold));
- }
- if (!h2_ihash_empty(m->spurge)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%ld): start release_join with %d streams to purge",
- m->id, (int)h2_ihash_count(m->spurge));
- }
-
+ h2_mplx_abort(m);
h2_iq_clear(m->q);
+ purge_streams(m);
+
+ /* 3. wakeup all sleeping tasks. Mark all still active streams as 'done'.
+ * m->streams has to be empty afterwards with streams either in
+ * a) m->shold because a task is still active
+ * b) m->spurge because task is done, or was not started */
+ h2_ihash_iter(m->tasks, task_abort_connection, m);
apr_thread_cond_broadcast(m->task_thawed);
while (!h2_ihash_iter(m->streams, stream_done_iter, m)) {
/* iterate until all streams have been removed */
}
- AP_DEBUG_ASSERT(h2_ihash_empty(m->streams));
-
- if (!h2_ihash_empty(m->shold)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%ld): 2. release_join with %d streams in hold",
- m->id, (int)h2_ihash_count(m->shold));
- }
- if (!h2_ihash_empty(m->spurge)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%ld): 2. release_join with %d streams to purge",
- m->id, (int)h2_ihash_count(m->spurge));
- }
+ ap_assert(h2_ihash_empty(m->streams));
+
+ /* 4. purge all streams we collected by marking them 'done' */
+ purge_streams(m);
- /* If we still have busy workers, we cannot release our memory
- * pool yet, as tasks have references to us.
- * Any operation on the task slave connection will from now on
- * be errored ECONNRESET/ABORTED, so processing them should fail
- * and workers *should* return in a timely fashion.
- */
+ /* 5. while workers are busy on this connection, meaning they
+ * are processing tasks from this connection, wait on them finishing
+ * to wake us and check again. Eventually, this has to succeed. */
+ m->join_wait = wait;
for (i = 0; m->workers_busy > 0; ++i) {
- h2_ihash_iter(m->tasks, task_abort_connection, m);
-
- m->join_wait = wait;
status = apr_thread_cond_timedwait(wait, m->lock, apr_time_from_sec(wait_secs));
if (APR_STATUS_IS_TIMEUP(status)) {
- if (i > 0) {
- /* Oh, oh. Still we wait for assigned workers to report that
- * they are done. Unless we have a bug, a worker seems to be hanging.
- * If we exit now, all will be deallocated and the worker, once
- * it does return, will walk all over freed memory...
- */
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c, APLOGNO(03198)
- "h2_mplx(%ld): release, waiting for %d seconds now for "
- "%d h2_workers to return, have still %d tasks outstanding",
- m->id, i*wait_secs, m->workers_busy,
- (int)h2_ihash_count(m->tasks));
- if (i == 1) {
- h2_ihash_iter(m->tasks, task_print, m);
- }
- }
- h2_mplx_abort(m);
- apr_thread_cond_broadcast(m->task_thawed);
+ /* This can happen if we have very long running requests
+ * that do not time out on IO. */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, APLOGNO(03198)
+ "h2_mplx(%ld): release, waiting for %d seconds now for "
+ "%d h2_workers to return, have still %d tasks outstanding",
+ m->id, i*wait_secs, m->workers_busy,
+ (int)h2_ihash_count(m->tasks));
+ h2_ihash_iter(m->shold, report_stream_iter, m);
+ h2_ihash_iter(m->tasks, task_print, m);
}
- }
-
- AP_DEBUG_ASSERT(h2_ihash_empty(m->shold));
- if (!h2_ihash_empty(m->spurge)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%ld): 3. release_join %d streams to purge",
- m->id, (int)h2_ihash_count(m->spurge));
purge_streams(m);
}
- AP_DEBUG_ASSERT(h2_ihash_empty(m->spurge));
+ m->join_wait = NULL;
+ /* 6. All workers for this connection are done, we are in
+ * single-threaded processing now effectively. */
+ leave_mutex(m, acquired);
+
if (!h2_ihash_empty(m->tasks)) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, APLOGNO(03056)
- "h2_mplx(%ld): release_join -> destroy, "
- "%d tasks still present",
+ /* when we are here, we lost track of the tasks still present.
+ * this currently happens with mod_proxy_http2 when we shut
+ * down a h2_req_engine with tasks assigned. Since no parallel
+ * processing is going on any more, we just clean them up. */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c, APLOGNO(03056)
+ "h2_mplx(%ld): 3. release_join with %d tasks",
m->id, (int)h2_ihash_count(m->tasks));
+ h2_ihash_iter(m->tasks, task_print, m);
+
+ while (!h2_ihash_iter(m->tasks, task_done_iter, m)) {
+ /* iterate until all tasks have been removed */
+ }
}
- leave_mutex(m, acquired);
+
+ /* 7. With all tasks done, the stream hold should be empty and all
+ * remaining streams are ready for purging */
+ ap_assert(h2_ihash_empty(m->shold));
+ purge_streams(m);
+
+ /* 8. close the h2_req_enginge shed and self destruct */
+ h2_ngn_shed_destroy(m->ngn_shed);
+ m->ngn_shed = NULL;
h2_mplx_destroy(m);
- /* all gone */
}
return status;
}
@@ -634,7 +635,6 @@ void h2_mplx_abort(h2_mplx *m)
{
int acquired;
- AP_DEBUG_ASSERT(m);
if (!m->aborted && enter_mutex(m, &acquired) == APR_SUCCESS) {
m->aborted = 1;
h2_ngn_shed_abort(m->ngn_shed);
@@ -647,7 +647,6 @@ apr_status_t h2_mplx_stream_done(h2_mplx *m, h2_stream *stream)
apr_status_t status = APR_SUCCESS;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
"h2_mplx(%ld-%d): marking stream as done.",
@@ -659,59 +658,88 @@ apr_status_t h2_mplx_stream_done(h2_mplx *m, h2_stream *stream)
return status;
}
+h2_stream *h2_mplx_stream_get(h2_mplx *m, int id)
+{
+ h2_stream *s = NULL;
+ int acquired;
+
+ if ((enter_mutex(m, &acquired)) == APR_SUCCESS) {
+ s = h2_ihash_get(m->streams, id);
+ leave_mutex(m, acquired);
+ }
+ return s;
+}
+
void h2_mplx_set_consumed_cb(h2_mplx *m, h2_mplx_consumed_cb *cb, void *ctx)
{
m->input_consumed = cb;
m->input_consumed_ctx = ctx;
}
-static apr_status_t out_open(h2_mplx *m, int stream_id, h2_response *response)
+static void output_produced(void *ctx, h2_bucket_beam *beam, apr_off_t bytes)
+{
+ h2_mplx *m = ctx;
+ apr_status_t status;
+ h2_stream *stream;
+ int acquired;
+
+ if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
+ stream = h2_ihash_get(m->streams, beam->id);
+ if (stream) {
+ have_out_data_for(m, stream, 0);
+ }
+ leave_mutex(m, acquired);
+ }
+}
+
+static apr_status_t out_open(h2_mplx *m, int stream_id, h2_bucket_beam *beam)
{
apr_status_t status = APR_SUCCESS;
h2_task *task = h2_ihash_get(m->tasks, stream_id);
h2_stream *stream = h2_ihash_get(m->streams, stream_id);
+ apr_size_t beamed_count;
if (!task || !stream) {
return APR_ECONNABORTED;
}
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
- "h2_mplx(%s): open response: %d, rst=%d",
- task->id, response->http_status, response->rst_error);
-
- h2_task_set_response(task, response);
-
- if (task->output.beam) {
- h2_beam_buffer_size_set(task->output.beam, m->stream_max_mem);
- h2_beam_timeout_set(task->output.beam, m->stream_timeout);
- h2_beam_on_consumed(task->output.beam, stream_output_consumed, task);
- m->tx_handles_reserved -= h2_beam_get_files_beamed(task->output.beam);
- h2_beam_on_file_beam(task->output.beam, can_beam_file, m);
- h2_beam_mutex_set(task->output.beam, beam_enter, task->cond, m);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, m->c,
+ "h2_mplx(%s): out open", task->id);
+
+ h2_beam_on_consumed(stream->output, stream_output_consumed, task);
+ h2_beam_on_produced(stream->output, output_produced, m);
+ beamed_count = h2_beam_get_files_beamed(stream->output);
+ if (m->tx_handles_reserved >= beamed_count) {
+ m->tx_handles_reserved -= beamed_count;
}
-
- h2_ihash_add(m->sready, stream);
- if (response && response->http_status < 300) {
- /* we might see some file buckets in the output, see
- * if we have enough handles reserved. */
- check_tx_reservation(m);
+ else {
+ m->tx_handles_reserved = 0;
+ }
+ if (!task->output.copy_files) {
+ h2_beam_on_file_beam(stream->output, can_beam_file, m);
}
- have_out_data_for(m, stream_id);
+
+ /* time to protect the beam against multi-threaded use */
+ h2_beam_mutex_set(stream->output, beam_enter, task->cond, m);
+
+ /* we might see some file buckets in the output, see
+ * if we have enough handles reserved. */
+ check_tx_reservation(m);
+ have_out_data_for(m, stream, 0);
return status;
}
-apr_status_t h2_mplx_out_open(h2_mplx *m, int stream_id, h2_response *response)
+apr_status_t h2_mplx_out_open(h2_mplx *m, int stream_id, h2_bucket_beam *beam)
{
apr_status_t status;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
if (m->aborted) {
status = APR_ECONNABORTED;
}
else {
- status = out_open(m, stream_id, response);
+ status = out_open(m, stream_id, beam);
}
leave_mutex(m, acquired);
}
@@ -732,25 +760,13 @@ static apr_status_t out_close(h2_mplx *m, h2_task *task)
return APR_ECONNABORTED;
}
- if (!task->response && !task->rst_error) {
- /* In case a close comes before a response was created,
- * insert an error one so that our streams can properly reset.
- */
- h2_response *r = h2_response_die(task->stream_id, 500,
- task->request, m->pool);
- status = out_open(m, task->stream_id, r);
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, m->c, APLOGNO(03393)
- "h2_mplx(%s): close, no response, no rst", task->id);
- }
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, m->c,
"h2_mplx(%s): close", task->id);
- if (task->output.beam) {
- status = h2_beam_close(task->output.beam);
- h2_beam_log(task->output.beam, task->stream_id, "out_close", m->c,
- APLOG_TRACE2);
- }
+ status = h2_beam_close(task->output.beam);
+ h2_beam_log(task->output.beam, task->stream_id, "out_close", m->c,
+ APLOG_TRACE2);
output_consumed_signal(m, task);
- have_out_data_for(m, task->stream_id);
+ have_out_data_for(m, stream, 0);
return status;
}
@@ -760,12 +776,11 @@ apr_status_t h2_mplx_out_trywait(h2_mplx *m, apr_interval_time_t timeout,
apr_status_t status;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
if (m->aborted) {
status = APR_ECONNABORTED;
}
- else if (!h2_ihash_empty(m->sready) || !h2_ihash_empty(m->sresume)) {
+ else if (!h2_iq_empty(m->readyq)) {
status = APR_SUCCESS;
}
else {
@@ -784,10 +799,11 @@ apr_status_t h2_mplx_out_trywait(h2_mplx *m, apr_interval_time_t timeout,
return status;
}
-static void have_out_data_for(h2_mplx *m, int stream_id)
+static void have_out_data_for(h2_mplx *m, h2_stream *stream, int response)
{
- (void)stream_id;
- AP_DEBUG_ASSERT(m);
+ ap_assert(m);
+ ap_assert(stream);
+ h2_iq_append(m->readyq, stream->id);
if (m->added_output) {
apr_thread_cond_signal(m->added_output);
}
@@ -798,7 +814,6 @@ apr_status_t h2_mplx_reprioritize(h2_mplx *m, h2_stream_pri_cmp *cmp, void *ctx)
apr_status_t status;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
if (m->aborted) {
status = APR_ECONNABORTED;
@@ -820,32 +835,26 @@ apr_status_t h2_mplx_process(h2_mplx *m, struct h2_stream *stream,
int do_registration = 0;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
if (m->aborted) {
status = APR_ECONNABORTED;
}
else {
h2_ihash_add(m->streams, stream);
- if (stream->response) {
- /* already have a respone, schedule for submit */
- h2_ihash_add(m->sready, stream);
+ if (h2_stream_is_ready(stream)) {
+ h2_iq_append(m->readyq, stream->id);
}
else {
- h2_beam_create(&stream->input, stream->pool, stream->id,
- "input", 0);
if (!m->need_registration) {
m->need_registration = h2_iq_empty(m->q);
}
if (m->workers_busy < m->workers_max) {
do_registration = m->need_registration;
}
- h2_iq_add(m->q, stream->id, cmp, ctx);
-
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, m->c,
- "h2_mplx(%ld-%d): process, body=%d",
- m->c->id, stream->id, stream->request->body);
+ h2_iq_add(m->q, stream->id, cmp, ctx);
}
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, m->c,
+ "h2_mplx(%ld-%d): process", m->c->id, stream->id);
}
leave_mutex(m, acquired);
}
@@ -856,7 +865,7 @@ apr_status_t h2_mplx_process(h2_mplx *m, struct h2_stream *stream,
return status;
}
-static h2_task *pop_task(h2_mplx *m)
+static h2_task *next_stream_task(h2_mplx *m)
{
h2_task *task = NULL;
h2_stream *stream;
@@ -874,13 +883,14 @@ static h2_task *pop_task(h2_mplx *m)
slave = *pslave;
}
else {
- slave = h2_slave_create(m->c, m->pool, NULL);
+ slave = h2_slave_create(m->c, stream->id, m->pool);
new_conn = 1;
}
slave->sbh = m->c->sbh;
slave->aborted = 0;
- task = h2_task_create(slave, stream->request, stream->input, m);
+ task = h2_task_create(slave, stream->id, stream->request,
+ stream->input, stream->output, m);
h2_ihash_add(m->tasks, task);
m->c->keepalives++;
@@ -889,19 +899,20 @@ static h2_task *pop_task(h2_mplx *m)
h2_slave_run_pre_connection(slave, ap_get_conn_socket(slave));
}
stream->started = 1;
+ stream->can_be_cleaned = 0;
task->worker_started = 1;
task->started_at = apr_time_now();
if (sid > m->max_stream_started) {
m->max_stream_started = sid;
}
- if (stream->input) {
- h2_beam_timeout_set(stream->input, m->stream_timeout);
- h2_beam_on_consumed(stream->input, stream_input_consumed, m);
- h2_beam_on_file_beam(stream->input, can_beam_file, m);
- h2_beam_mutex_set(stream->input, beam_enter, task->cond, m);
- }
-
+ h2_beam_timeout_set(stream->input, m->stream_timeout);
+ h2_beam_on_consumed(stream->input, stream_input_consumed, m);
+ h2_beam_on_file_beam(stream->input, can_beam_file, m);
+ h2_beam_mutex_set(stream->input, beam_enter, task->cond, m);
+
+ h2_beam_buffer_size_set(stream->output, m->stream_max_mem);
+ h2_beam_timeout_set(stream->output, m->stream_timeout);
++m->workers_busy;
}
}
@@ -914,13 +925,12 @@ h2_task *h2_mplx_pop_task(h2_mplx *m, int *has_more)
apr_status_t status;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
if (m->aborted) {
*has_more = 0;
}
else {
- task = pop_task(m);
+ task = next_stream_task(m);
*has_more = !h2_iq_empty(m->q);
}
@@ -939,9 +949,6 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
* and the original worker has finished. That means the
* engine may start processing now. */
h2_task_thaw(task);
- /* we do not want the task to block on writing response
- * bodies into the mplx. */
- h2_task_set_io_blocking(task, 0);
apr_thread_cond_broadcast(m->task_thawed);
return;
}
@@ -951,14 +958,11 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
"h2_mplx(%ld): task(%s) done", m->id, task->id);
out_close(m, task);
- stream = h2_ihash_get(m->streams, task->stream_id);
if (ngn) {
apr_off_t bytes = 0;
- if (task->output.beam) {
- h2_beam_send(task->output.beam, NULL, APR_NONBLOCK_READ);
- bytes += h2_beam_get_buffered(task->output.beam);
- }
+ h2_beam_send(task->output.beam, NULL, APR_NONBLOCK_READ);
+ bytes += h2_beam_get_buffered(task->output.beam);
if (bytes > 0) {
/* we need to report consumed and current buffered output
* to the engine. The request will be streamed out or cancelled,
@@ -969,7 +973,8 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
}
if (task->engine) {
- if (!h2_req_engine_is_shutdown(task->engine)) {
+ if (!m->aborted && !task->c->aborted
+ && !h2_req_engine_is_shutdown(task->engine)) {
ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, m->c,
"h2_mplx(%ld): task(%s) has not-shutdown "
"engine(%s)", m->id, task->id,
@@ -978,7 +983,8 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
h2_ngn_shed_done_ngn(m->ngn_shed, task->engine);
}
- if (!m->aborted && stream && m->redo_tasks
+ stream = h2_ihash_get(m->streams, task->stream_id);
+ if (!m->aborted && stream
&& h2_ihash_get(m->redo_tasks, task->stream_id)) {
/* reset and schedule again */
h2_task_redo(task);
@@ -989,10 +995,6 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
task->worker_done = 1;
task->done_at = apr_time_now();
- if (task->output.beam) {
- h2_beam_on_consumed(task->output.beam, NULL, NULL);
- h2_beam_mutex_set(task->output.beam, NULL, NULL, NULL);
- }
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
"h2_mplx(%s): request done, %f ms elapsed", task->id,
(task->done_at - task->started_at) / 1000.0);
@@ -1018,23 +1020,24 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
"h2_mplx(%s): task_done, stream still open",
task->id);
- if (h2_stream_is_suspended(stream)) {
- /* more data will not arrive, resume the stream */
- h2_ihash_add(m->sresume, stream);
- have_out_data_for(m, stream->id);
- }
+ /* more data will not arrive, resume the stream */
+ have_out_data_for(m, stream, 0);
+ h2_beam_on_consumed(stream->output, NULL, NULL);
+ h2_beam_mutex_set(stream->output, NULL, NULL, NULL);
}
else {
/* stream no longer active, was it placed in hold? */
stream = h2_ihash_get(m->shold, task->stream_id);
if (stream) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, m->c,
- "h2_mplx(%s): task_done, stream in hold",
- task->id);
+ "h2_mplx(%s): task_done, stream %d in hold",
+ task->id, stream->id);
/* We cannot destroy the stream here since this is
* called from a worker thread and freeing memory pools
* is only safe in the only thread using it (and its
* parent pool / allocator) */
+ h2_beam_on_consumed(stream->output, NULL, NULL);
+ h2_beam_mutex_set(stream->output, NULL, NULL, NULL);
h2_ihash_remove(m->shold, stream->id);
h2_ihash_add(m->spurge, stream);
}
@@ -1044,14 +1047,16 @@ static void task_done(h2_mplx *m, h2_task *task, h2_req_engine *ngn)
task->id);
task_destroy(m, task, 0);
}
-
- if (m->join_wait) {
- apr_thread_cond_signal(m->join_wait);
- }
}
}
}
+static int task_done_iter(void *ctx, void *val)
+{
+ task_done((h2_mplx*)ctx, val, 0);
+ return 0;
+}
+
void h2_mplx_task_done(h2_mplx *m, h2_task *task, h2_task **ptask)
{
int acquired;
@@ -1059,9 +1064,12 @@ void h2_mplx_task_done(h2_mplx *m, h2_task *task, h2_task **ptask)
if (enter_mutex(m, &acquired) == APR_SUCCESS) {
task_done(m, task, NULL);
--m->workers_busy;
+ if (m->join_wait) {
+ apr_thread_cond_signal(m->join_wait);
+ }
if (ptask) {
/* caller wants another task */
- *ptask = pop_task(m);
+ *ptask = next_stream_task(m);
}
leave_mutex(m, acquired);
}
@@ -1074,15 +1082,19 @@ void h2_mplx_task_done(h2_mplx *m, h2_task *task, h2_task **ptask)
static int latest_repeatable_unsubmitted_iter(void *data, void *val)
{
task_iter_ctx *ctx = data;
+ h2_stream *stream;
h2_task *task = val;
if (!task->worker_done && h2_task_can_redo(task)
&& !h2_ihash_get(ctx->m->redo_tasks, task->stream_id)) {
- /* this task occupies a worker, the response has not been submitted yet,
- * not been cancelled and it is a repeatable request
- * -> it can be re-scheduled later */
- if (!ctx->task || ctx->task->started_at < task->started_at) {
- /* we did not have one or this one was started later */
- ctx->task = task;
+ stream = h2_ihash_get(ctx->m->streams, task->stream_id);
+ if (stream && !h2_stream_is_ready(stream)) {
+ /* this task occupies a worker, the response has not been submitted
+ * yet, not been cancelled and it is a repeatable request
+ * -> it can be re-scheduled later */
+ if (!ctx->task || ctx->task->started_at < task->started_at) {
+ /* we did not have one or this one was started later */
+ ctx->task = task;
+ }
}
}
return 1;
@@ -1125,13 +1137,10 @@ static apr_status_t unschedule_slow_tasks(h2_mplx *m)
h2_task *task;
int n;
- if (!m->redo_tasks) {
- m->redo_tasks = h2_ihash_create(m->pool, offsetof(h2_task, stream_id));
- }
/* Try to get rid of streams that occupy workers. Look for safe requests
* that are repeatable. If none found, fail the connection.
*/
- n = (m->workers_busy - m->workers_limit - h2_ihash_count(m->redo_tasks));
+ n = (m->workers_busy - m->workers_limit - (int)h2_ihash_count(m->redo_tasks));
while (n > 0 && (task = get_latest_repeatable_unsubmitted_task(m))) {
h2_task_rst(task, H2_ERR_CANCEL);
h2_ihash_add(m->redo_tasks, task);
@@ -1249,13 +1258,12 @@ apr_status_t h2_mplx_req_engine_push(const char *ngn_type,
return APR_ECONNABORTED;
}
m = task->mplx;
- task->r = r;
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
h2_stream *stream = h2_ihash_get(m->streams, task->stream_id);
if (stream) {
- status = h2_ngn_shed_push_task(m->ngn_shed, ngn_type, task, einit);
+ status = h2_ngn_shed_push_request(m->ngn_shed, ngn_type, r, einit);
}
else {
status = APR_ECONNABORTED;
@@ -1267,13 +1275,12 @@ apr_status_t h2_mplx_req_engine_push(const char *ngn_type,
apr_status_t h2_mplx_req_engine_pull(h2_req_engine *ngn,
apr_read_type_e block,
- apr_uint32_t capacity,
+ int capacity,
request_rec **pr)
{
h2_ngn_shed *shed = h2_ngn_shed_get_shed(ngn);
h2_mplx *m = h2_ngn_shed_get_ctx(shed);
apr_status_t status;
- h2_task *task = NULL;
int acquired;
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
@@ -1288,26 +1295,26 @@ apr_status_t h2_mplx_req_engine_pull(h2_req_engine *ngn,
* had and, if not, wait a short while before doing the
* blocking, and if unsuccessful, terminating read.
*/
- status = h2_ngn_shed_pull_task(shed, ngn, capacity, 1, &task);
+ status = h2_ngn_shed_pull_request(shed, ngn, capacity, 1, pr);
if (APR_STATUS_IS_EAGAIN(status)) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, m->c,
"h2_mplx(%ld): start block engine pull", m->id);
apr_thread_cond_timedwait(m->task_thawed, m->lock,
apr_time_from_msec(20));
- status = h2_ngn_shed_pull_task(shed, ngn, capacity, 1, &task);
+ status = h2_ngn_shed_pull_request(shed, ngn, capacity, 1, pr);
}
}
else {
- status = h2_ngn_shed_pull_task(shed, ngn, capacity,
- want_shutdown, &task);
+ status = h2_ngn_shed_pull_request(shed, ngn, capacity,
+ want_shutdown, pr);
}
leave_mutex(m, acquired);
}
- *pr = task? task->r : NULL;
return status;
}
-void h2_mplx_req_engine_done(h2_req_engine *ngn, conn_rec *r_conn)
+void h2_mplx_req_engine_done(h2_req_engine *ngn, conn_rec *r_conn,
+ apr_status_t status)
{
h2_task *task = h2_ctx_cget_task(r_conn);
@@ -1318,6 +1325,10 @@ void h2_mplx_req_engine_done(h2_req_engine *ngn, conn_rec *r_conn)
if (enter_mutex(m, &acquired) == APR_SUCCESS) {
ngn_out_update_windows(m, ngn);
h2_ngn_shed_done_task(m->ngn_shed, ngn, task);
+ if (status != APR_SUCCESS && h2_task_can_redo(task)
+ && !h2_ihash_get(m->redo_tasks, task->stream_id)) {
+ h2_ihash_add(m->redo_tasks, task);
+ }
if (task->engine) {
/* cannot report that as done until engine returns */
}
@@ -1343,67 +1354,30 @@ static int update_window(void *ctx, void *val)
apr_status_t h2_mplx_dispatch_master_events(h2_mplx *m,
stream_ev_callback *on_resume,
- stream_ev_callback *on_response,
void *on_ctx)
{
apr_status_t status;
int acquired;
- int streams[32];
+ int ids[100];
h2_stream *stream;
- h2_task *task;
size_t i, n;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, m->c,
"h2_mplx(%ld): dispatch events", m->id);
/* update input windows for streams */
h2_ihash_iter(m->streams, update_window, m);
-
- if (on_response && !h2_ihash_empty(m->sready)) {
- n = h2_ihash_ishift(m->sready, streams, H2_ALEN(streams));
+ if (on_resume && !h2_iq_empty(m->readyq)) {
+ n = h2_iq_mshift(m->readyq, ids, H2_ALEN(ids));
for (i = 0; i < n; ++i) {
- stream = h2_ihash_get(m->streams, streams[i]);
- if (!stream) {
- continue;
+ stream = h2_ihash_get(m->streams, ids[i]);
+ if (stream) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, m->c,
+ "h2_mplx(%ld-%d): on_resume",
+ m->id, stream->id);
+ on_resume(on_ctx, stream);
}
- ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, m->c,
- "h2_mplx(%ld-%d): on_response",
- m->id, stream->id);
- task = h2_ihash_get(m->tasks, stream->id);
- if (task) {
- task->submitted = 1;
- if (task->rst_error) {
- h2_stream_rst(stream, task->rst_error);
- }
- else {
- AP_DEBUG_ASSERT(task->response);
- h2_stream_set_response(stream, task->response, task->output.beam);
- }
- }
- else {
- /* We have the stream ready without a task. This happens
- * when we fail streams early. A response should already
- * be present. */
- AP_DEBUG_ASSERT(stream->response || stream->rst_error);
- }
- status = on_response(on_ctx, stream->id);
- }
- }
-
- if (on_resume && !h2_ihash_empty(m->sresume)) {
- n = h2_ihash_ishift(m->sresume, streams, H2_ALEN(streams));
- for (i = 0; i < n; ++i) {
- stream = h2_ihash_get(m->streams, streams[i]);
- if (!stream) {
- continue;
- }
- ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, m->c,
- "h2_mplx(%ld-%d): on_resume",
- m->id, stream->id);
- h2_stream_set_suspended(stream, 0);
- status = on_resume(on_ctx, stream->id);
}
}
@@ -1412,47 +1386,34 @@ apr_status_t h2_mplx_dispatch_master_events(h2_mplx *m,
return status;
}
-static void output_produced(void *ctx, h2_bucket_beam *beam, apr_off_t bytes)
+apr_status_t h2_mplx_keep_active(h2_mplx *m, int stream_id)
{
- h2_mplx *m = ctx;
apr_status_t status;
- h2_stream *stream;
int acquired;
- AP_DEBUG_ASSERT(m);
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
- stream = h2_ihash_get(m->streams, beam->id);
- if (stream && h2_stream_is_suspended(stream)) {
- h2_ihash_add(m->sresume, stream);
- h2_beam_on_produced(beam, NULL, NULL);
- have_out_data_for(m, beam->id);
+ h2_stream *s = h2_ihash_get(m->streams, stream_id);
+ if (s) {
+ h2_iq_append(m->readyq, stream_id);
}
leave_mutex(m, acquired);
}
+ return status;
}
-apr_status_t h2_mplx_suspend_stream(h2_mplx *m, int stream_id)
+int h2_mplx_awaits_data(h2_mplx *m)
{
apr_status_t status;
- h2_stream *stream;
- h2_task *task;
- int acquired;
-
- AP_DEBUG_ASSERT(m);
+ int acquired, waiting = 1;
+
if ((status = enter_mutex(m, &acquired)) == APR_SUCCESS) {
- stream = h2_ihash_get(m->streams, stream_id);
- if (stream) {
- h2_stream_set_suspended(stream, 1);
- task = h2_ihash_get(m->tasks, stream->id);
- if (stream->started && (!task || task->worker_done)) {
- h2_ihash_add(m->sresume, stream);
- }
- else {
- /* register callback so that we can resume on new output */
- h2_beam_on_produced(task->output.beam, output_produced, m);
- }
+ if (h2_ihash_empty(m->streams)) {
+ waiting = 0;
+ }
+ if (h2_iq_empty(m->q) && h2_ihash_empty(m->tasks)) {
+ waiting = 0;
}
leave_mutex(m, acquired);
}
- return status;
+ return waiting;
}
diff --git a/modules/http2/h2_mplx.h b/modules/http2/h2_mplx.h
index 821e6d6..25e0700 100644
--- a/modules/http2/h2_mplx.h
+++ b/modules/http2/h2_mplx.h
@@ -40,7 +40,6 @@ struct apr_thread_cond_t;
struct h2_bucket_beam;
struct h2_config;
struct h2_ihash_t;
-struct h2_response;
struct h2_task;
struct h2_stream;
struct h2_request;
@@ -76,18 +75,16 @@ struct h2_mplx {
struct h2_ihash_t *spurge; /* all streams done, ready for destroy */
struct h2_iqueue *q; /* all stream ids that need to be started */
- struct h2_ihash_t *sready; /* all streams ready for response */
- struct h2_ihash_t *sresume; /* all streams that can be resumed */
-
+ struct h2_iqueue *readyq; /* all stream ids ready for output */
+
struct h2_ihash_t *tasks; /* all tasks started and not destroyed */
struct h2_ihash_t *redo_tasks; /* all tasks that need to be redone */
- apr_uint32_t max_streams; /* max # of concurrent streams */
- apr_uint32_t max_stream_started; /* highest stream id that started processing */
- apr_uint32_t workers_busy; /* # of workers processing on this mplx */
- apr_uint32_t workers_limit; /* current # of workers limit, dynamic */
- apr_uint32_t workers_def_limit; /* default # of workers limit */
- apr_uint32_t workers_max; /* max, hard limit # of workers in a process */
+ int max_streams; /* max # of concurrent streams */
+ int max_stream_started; /* highest stream id that started processing */
+ int workers_busy; /* # of workers processing on this mplx */
+ int workers_limit; /* current # of workers limit, dynamic */
+ int workers_max; /* max, hard limit # of workers in a process */
apr_time_t last_idle_block; /* last time, this mplx entered IDLE while
* streams were ready */
apr_time_t last_limit_change; /* last time, worker limit changed */
@@ -106,7 +103,7 @@ struct h2_mplx {
struct h2_workers *workers;
int tx_handles_reserved;
- apr_size_t tx_chunk_size;
+ int tx_chunk_size;
h2_mplx_consumed_cb *input_consumed;
void *input_consumed_ctx;
@@ -156,12 +153,16 @@ void h2_mplx_task_done(h2_mplx *m, struct h2_task *task, struct h2_task **ptask)
* but let the ongoing ones finish normally.
* @return the highest stream id being/been processed
*/
-apr_uint32_t h2_mplx_shutdown(h2_mplx *m);
+int h2_mplx_shutdown(h2_mplx *m);
+
+int h2_mplx_is_busy(h2_mplx *m);
/*******************************************************************************
* IO lifetime of streams.
******************************************************************************/
+struct h2_stream *h2_mplx_stream_get(h2_mplx *m, int id);
+
/**
* Notifies mplx that a stream has finished processing.
*
@@ -179,6 +180,8 @@ apr_status_t h2_mplx_stream_done(h2_mplx *m, struct h2_stream *stream);
apr_status_t h2_mplx_out_trywait(h2_mplx *m, apr_interval_time_t timeout,
struct apr_thread_cond_t *iowait);
+apr_status_t h2_mplx_keep_active(h2_mplx *m, int stream_id);
+
/*******************************************************************************
* Stream processing.
******************************************************************************/
@@ -216,19 +219,23 @@ apr_status_t h2_mplx_reprioritize(h2_mplx *m, h2_stream_pri_cmp *cmp, void *ctx)
void h2_mplx_set_consumed_cb(h2_mplx *m, h2_mplx_consumed_cb *cb, void *ctx);
-typedef apr_status_t stream_ev_callback(void *ctx, int stream_id);
+typedef apr_status_t stream_ev_callback(void *ctx, struct h2_stream *stream);
/**
* Dispatch events for the master connection, such as
- * - resume: new output data has arrived for a suspended stream
- * - response: the response for a stream is ready
+ ± @param m the multiplexer
+ * @param on_resume new output data has arrived for a suspended stream
+ * @param ctx user supplied argument to invocation.
*/
apr_status_t h2_mplx_dispatch_master_events(h2_mplx *m,
stream_ev_callback *on_resume,
- stream_ev_callback *on_response,
void *ctx);
-apr_status_t h2_mplx_suspend_stream(h2_mplx *m, int stream_id);
+int h2_mplx_awaits_data(h2_mplx *m);
+
+typedef int h2_mplx_stream_cb(struct h2_stream *s, void *ctx);
+
+apr_status_t h2_mplx_stream_do(h2_mplx *m, h2_mplx_stream_cb *cb, void *ctx);
/*******************************************************************************
* Output handling of streams.
@@ -238,7 +245,7 @@ apr_status_t h2_mplx_suspend_stream(h2_mplx *m, int stream_id);
* Opens the output for the given stream with the specified response.
*/
apr_status_t h2_mplx_out_open(h2_mplx *mplx, int stream_id,
- struct h2_response *response);
+ struct h2_bucket_beam *beam);
/*******************************************************************************
* h2_mplx list Manipulation.
@@ -331,7 +338,7 @@ typedef apr_status_t h2_mplx_req_engine_init(struct h2_req_engine *engine,
const char *id,
const char *type,
apr_pool_t *pool,
- apr_uint32_t req_buffer_size,
+ apr_size_t req_buffer_size,
request_rec *r,
h2_output_consumed **pconsumed,
void **pbaton);
@@ -341,8 +348,9 @@ apr_status_t h2_mplx_req_engine_push(const char *ngn_type,
h2_mplx_req_engine_init *einit);
apr_status_t h2_mplx_req_engine_pull(struct h2_req_engine *ngn,
apr_read_type_e block,
- apr_uint32_t capacity,
+ int capacity,
request_rec **pr);
-void h2_mplx_req_engine_done(struct h2_req_engine *ngn, conn_rec *r_conn);
+void h2_mplx_req_engine_done(struct h2_req_engine *ngn, conn_rec *r_conn,
+ apr_status_t status);
#endif /* defined(__mod_h2__h2_mplx__) */
diff --git a/modules/http2/h2_ngn_shed.c b/modules/http2/h2_ngn_shed.c
index f067642..e0c40cf 100644
--- a/modules/http2/h2_ngn_shed.c
+++ b/modules/http2/h2_ngn_shed.c
@@ -35,7 +35,6 @@
#include "h2_ctx.h"
#include "h2_h2.h"
#include "h2_mplx.h"
-#include "h2_response.h"
#include "h2_request.h"
#include "h2_task.h"
#include "h2_util.h"
@@ -46,6 +45,7 @@ typedef struct h2_ngn_entry h2_ngn_entry;
struct h2_ngn_entry {
APR_RING_ENTRY(h2_ngn_entry) link;
h2_task *task;
+ request_rec *r;
};
#define H2_NGN_ENTRY_NEXT(e) APR_RING_NEXT((e), link)
@@ -72,17 +72,17 @@ struct h2_req_engine {
const char *type; /* name of the engine type */
apr_pool_t *pool; /* pool for engine specific allocations */
conn_rec *c; /* connection this engine is assigned to */
- h2_task *task; /* the task this engine is base on, running in */
+ h2_task *task; /* the task this engine is based on, running in */
h2_ngn_shed *shed;
unsigned int shutdown : 1; /* engine is being shut down */
unsigned int done : 1; /* engine has finished */
APR_RING_HEAD(h2_req_entries, h2_ngn_entry) entries;
- apr_uint32_t capacity; /* maximum concurrent requests */
- apr_uint32_t no_assigned; /* # of assigned requests */
- apr_uint32_t no_live; /* # of live */
- apr_uint32_t no_finished; /* # of finished */
+ int capacity; /* maximum concurrent requests */
+ int no_assigned; /* # of assigned requests */
+ int no_live; /* # of live */
+ int no_finished; /* # of finished */
h2_output_consumed *out_consumed;
void *out_consumed_ctx;
@@ -107,8 +107,8 @@ void h2_req_engine_out_consumed(h2_req_engine *engine, conn_rec *c,
}
h2_ngn_shed *h2_ngn_shed_create(apr_pool_t *pool, conn_rec *c,
- apr_uint32_t default_capacity,
- apr_uint32_t req_buffer_size)
+ int default_capacity,
+ apr_size_t req_buffer_size)
{
h2_ngn_shed *shed;
@@ -144,30 +144,38 @@ void h2_ngn_shed_abort(h2_ngn_shed *shed)
shed->aborted = 1;
}
-static void ngn_add_task(h2_req_engine *ngn, h2_task *task)
+static void ngn_add_task(h2_req_engine *ngn, h2_task *task, request_rec *r)
{
h2_ngn_entry *entry = apr_pcalloc(task->pool, sizeof(*entry));
APR_RING_ELEM_INIT(entry, link);
entry->task = task;
+ entry->r = r;
H2_REQ_ENTRIES_INSERT_TAIL(&ngn->entries, entry);
}
-apr_status_t h2_ngn_shed_push_task(h2_ngn_shed *shed, const char *ngn_type,
- h2_task *task, http2_req_engine_init *einit)
+apr_status_t h2_ngn_shed_push_request(h2_ngn_shed *shed, const char *ngn_type,
+ request_rec *r,
+ http2_req_engine_init *einit)
{
h2_req_engine *ngn;
+ h2_task *task = h2_ctx_rget_task(r);
- AP_DEBUG_ASSERT(shed);
-
+ ap_assert(task);
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, shed->c,
"h2_ngn_shed(%ld): PUSHing request (task=%s)", shed->c->id,
task->id);
- if (task->ser_headers) {
+ if (task->request->serialize) {
/* Max compatibility, deny processing of this */
return APR_EOF;
}
+ if (task->assigned) {
+ --task->assigned->no_assigned;
+ --task->assigned->no_live;
+ task->assigned = NULL;
+ }
+
ngn = apr_hash_get(shed->ngns, ngn_type, APR_HASH_KEY_STRING);
if (ngn && !ngn->shutdown) {
/* this task will be processed in another thread,
@@ -175,11 +183,10 @@ apr_status_t h2_ngn_shed_push_task(h2_ngn_shed *shed, const char *ngn_type,
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
"h2_ngn_shed(%ld): pushing request %s to %s",
shed->c->id, task->id, ngn->id);
- if (!h2_task_is_detached(task)) {
+ if (!h2_task_has_thawed(task)) {
h2_task_freeze(task);
}
- /* FIXME: sometimes ngn is garbage, probly alread freed */
- ngn_add_task(ngn, task);
+ ngn_add_task(ngn, task, r);
ngn->no_assigned++;
return APR_SUCCESS;
}
@@ -202,13 +209,13 @@ apr_status_t h2_ngn_shed_push_task(h2_ngn_shed *shed, const char *ngn_type,
APR_RING_INIT(&newngn->entries, h2_ngn_entry, link);
status = einit(newngn, newngn->id, newngn->type, newngn->pool,
- shed->req_buffer_size, task->r,
+ shed->req_buffer_size, r,
&newngn->out_consumed, &newngn->out_consumed_ctx);
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03395)
"h2_ngn_shed(%ld): create engine %s (%s)",
shed->c->id, newngn->id, newngn->type);
if (status == APR_SUCCESS) {
- AP_DEBUG_ASSERT(task->engine == NULL);
+ ap_assert(task->engine == NULL);
newngn->task = task;
task->engine = newngn;
task->assigned = newngn;
@@ -225,7 +232,7 @@ static h2_ngn_entry *pop_detached(h2_req_engine *ngn)
for (entry = H2_REQ_ENTRIES_FIRST(&ngn->entries);
entry != H2_REQ_ENTRIES_SENTINEL(&ngn->entries);
entry = H2_NGN_ENTRY_NEXT(entry)) {
- if (h2_task_is_detached(entry->task)
+ if (h2_task_has_thawed(entry->task)
|| (entry->task->engine == ngn)) {
/* The task hosting this engine can always be pulled by it.
* For other task, they need to become detached, e.g. no longer
@@ -237,17 +244,17 @@ static h2_ngn_entry *pop_detached(h2_req_engine *ngn)
return NULL;
}
-apr_status_t h2_ngn_shed_pull_task(h2_ngn_shed *shed,
- h2_req_engine *ngn,
- apr_uint32_t capacity,
- int want_shutdown,
- h2_task **ptask)
+apr_status_t h2_ngn_shed_pull_request(h2_ngn_shed *shed,
+ h2_req_engine *ngn,
+ int capacity,
+ int want_shutdown,
+ request_rec **pr)
{
h2_ngn_entry *entry;
- AP_DEBUG_ASSERT(ngn);
- *ptask = NULL;
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, shed->c, APLOGNO(03396)
+ ap_assert(ngn);
+ *pr = NULL;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, shed->c, APLOGNO(03396)
"h2_ngn_shed(%ld): pull task for engine %s, shutdown=%d",
shed->c->id, ngn->id, want_shutdown);
if (shed->aborted) {
@@ -274,7 +281,7 @@ apr_status_t h2_ngn_shed_pull_task(h2_ngn_shed *shed,
"h2_ngn_shed(%ld): pulled request %s for engine %s",
shed->c->id, entry->task->id, ngn->id);
ngn->no_live++;
- *ptask = entry->task;
+ *pr = entry->r;
entry->task->assigned = ngn;
/* task will now run in ngn's own thread. Modules like lua
* seem to require the correct thread set in the conn_rec.
@@ -328,7 +335,7 @@ void h2_ngn_shed_done_ngn(h2_ngn_shed *shed, struct h2_req_engine *ngn)
if (!shed->aborted && !H2_REQ_ENTRIES_EMPTY(&ngn->entries)) {
h2_ngn_entry *entry;
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, shed->c,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, shed->c,
"h2_ngn_shed(%ld): exit engine %s (%s), "
"has still requests queued, shutdown=%d,"
"assigned=%ld, live=%ld, finished=%ld",
@@ -340,15 +347,16 @@ void h2_ngn_shed_done_ngn(h2_ngn_shed *shed, struct h2_req_engine *ngn)
entry != H2_REQ_ENTRIES_SENTINEL(&ngn->entries);
entry = H2_NGN_ENTRY_NEXT(entry)) {
h2_task *task = entry->task;
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, shed->c,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, shed->c,
"h2_ngn_shed(%ld): engine %s has queued task %s, "
"frozen=%d, aborting",
shed->c->id, ngn->id, task->id, task->frozen);
ngn_done_task(shed, ngn, task, 0, 1);
+ task->engine = task->assigned = NULL;
}
}
if (!shed->aborted && (ngn->no_assigned > 1 || ngn->no_live > 1)) {
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, shed->c,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, shed->c,
"h2_ngn_shed(%ld): exit engine %s (%s), "
"assigned=%ld, live=%ld, finished=%ld",
shed->c->id, ngn->id, ngn->type,
@@ -364,3 +372,9 @@ void h2_ngn_shed_done_ngn(h2_ngn_shed *shed, struct h2_req_engine *ngn)
apr_hash_set(shed->ngns, ngn->type, APR_HASH_KEY_STRING, NULL);
ngn->done = 1;
}
+
+void h2_ngn_shed_destroy(h2_ngn_shed *shed)
+{
+ ap_assert(apr_hash_count(shed->ngns) == 0);
+}
+
diff --git a/modules/http2/h2_ngn_shed.h b/modules/http2/h2_ngn_shed.h
index 832dbd3..c6acbae 100644
--- a/modules/http2/h2_ngn_shed.h
+++ b/modules/http2/h2_ngn_shed.h
@@ -28,8 +28,8 @@ struct h2_ngn_shed {
unsigned int aborted : 1;
- apr_uint32_t default_capacity;
- apr_uint32_t req_buffer_size; /* preferred buffer size for responses */
+ int default_capacity;
+ apr_size_t req_buffer_size; /* preferred buffer size for responses */
};
const char *h2_req_engine_get_id(h2_req_engine *engine);
@@ -42,14 +42,16 @@ typedef apr_status_t h2_shed_ngn_init(h2_req_engine *engine,
const char *id,
const char *type,
apr_pool_t *pool,
- apr_uint32_t req_buffer_size,
+ apr_size_t req_buffer_size,
request_rec *r,
h2_output_consumed **pconsumed,
void **pbaton);
h2_ngn_shed *h2_ngn_shed_create(apr_pool_t *pool, conn_rec *c,
- apr_uint32_t default_capactiy,
- apr_uint32_t req_buffer_size);
+ int default_capactiy,
+ apr_size_t req_buffer_size);
+
+void h2_ngn_shed_destroy(h2_ngn_shed *shed);
void h2_ngn_shed_set_ctx(h2_ngn_shed *shed, void *user_ctx);
void *h2_ngn_shed_get_ctx(h2_ngn_shed *shed);
@@ -58,13 +60,13 @@ h2_ngn_shed *h2_ngn_shed_get_shed(struct h2_req_engine *ngn);
void h2_ngn_shed_abort(h2_ngn_shed *shed);
-apr_status_t h2_ngn_shed_push_task(h2_ngn_shed *shed, const char *ngn_type,
- struct h2_task *task,
- h2_shed_ngn_init *init_cb);
+apr_status_t h2_ngn_shed_push_request(h2_ngn_shed *shed, const char *ngn_type,
+ request_rec *r,
+ h2_shed_ngn_init *init_cb);
-apr_status_t h2_ngn_shed_pull_task(h2_ngn_shed *shed, h2_req_engine *pub_ngn,
- apr_uint32_t capacity,
- int want_shutdown, struct h2_task **ptask);
+apr_status_t h2_ngn_shed_pull_request(h2_ngn_shed *shed, h2_req_engine *pub_ngn,
+ int capacity,
+ int want_shutdown, request_rec **pr);
apr_status_t h2_ngn_shed_done_task(h2_ngn_shed *shed,
struct h2_req_engine *ngn,
diff --git a/modules/http2/h2_proxy_session.c b/modules/http2/h2_proxy_session.c
index 79a2e82..25d1eb3 100644
--- a/modules/http2/h2_proxy_session.c
+++ b/modules/http2/h2_proxy_session.c
@@ -35,17 +35,21 @@ typedef struct h2_proxy_stream {
const char *url;
request_rec *r;
- h2_request *req;
+ h2_proxy_request *req;
+ const char *real_server_uri;
+ const char *p_server_uri;
int standalone;
h2_stream_state_t state;
unsigned int suspended : 1;
- unsigned int data_sent : 1;
- unsigned int data_received : 1;
+ unsigned int waiting_on_100 : 1;
+ unsigned int waiting_on_ping : 1;
uint32_t error_code;
apr_bucket_brigade *input;
+ apr_off_t data_sent;
apr_bucket_brigade *output;
+ apr_off_t data_received;
apr_table_t *saves;
} h2_proxy_stream;
@@ -53,6 +57,9 @@ typedef struct h2_proxy_stream {
static void dispatch_event(h2_proxy_session *session, h2_proxys_event_t ev,
int arg, const char *msg);
+static void ping_arrived(h2_proxy_session *session);
+static apr_status_t check_suspended(h2_proxy_session *session);
+static void stream_resume(h2_proxy_stream *stream);
static apr_status_t proxy_session_pre_close(void *theconn)
@@ -64,7 +71,7 @@ static apr_status_t proxy_session_pre_close(void *theconn)
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
"proxy_session(%s): pool cleanup, state=%d, streams=%d",
session->id, session->state,
- (int)h2_ihash_count(session->streams));
+ (int)h2_proxy_ihash_count(session->streams));
session->aborted = 1;
dispatch_event(session, H2_PROXYS_EV_PRE_CLOSE, 0, NULL);
nghttp2_session_del(session->ngh2);
@@ -94,7 +101,7 @@ static int proxy_pass_brigade(apr_bucket_alloc_t *bucket_alloc,
* issues in case of error returned below. */
apr_brigade_cleanup(bb);
if (status != APR_SUCCESS) {
- ap_log_cerror(APLOG_MARK, APLOG_ERR, status, origin, APLOGNO(03357)
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, origin, APLOGNO(03357)
"pass output failed to %pI (%s)",
p_conn->addr, p_conn->hostname);
}
@@ -131,19 +138,64 @@ static int on_frame_recv(nghttp2_session *ngh2, const nghttp2_frame *frame,
void *user_data)
{
h2_proxy_session *session = user_data;
+ h2_proxy_stream *stream;
+ request_rec *r;
int n;
if (APLOGcdebug(session->c)) {
char buffer[256];
- h2_util_frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0]));
+ h2_proxy_util_frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0]));
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03341)
"h2_proxy_session(%s): recv FRAME[%s]",
session->id, buffer);
}
+ session->last_frame_received = apr_time_now();
switch (frame->hd.type) {
case NGHTTP2_HEADERS:
+ stream = nghttp2_session_get_stream_user_data(ngh2, frame->hd.stream_id);
+ if (!stream) {
+ return NGHTTP2_ERR_CALLBACK_FAILURE;
+ }
+ r = stream->r;
+ if (r->status >= 100 && r->status < 200) {
+ /* By default, we will forward all interim responses when
+ * we are sitting on a HTTP/2 connection to the client */
+ int forward = session->h2_front;
+ switch(r->status) {
+ case 100:
+ if (stream->waiting_on_100) {
+ stream->waiting_on_100 = 0;
+ r->status_line = ap_get_status_line(r->status);
+ forward = 1;
+ }
+ break;
+ case 103:
+ /* workaround until we get this into http protocol base
+ * parts. without this, unknown codes are converted to
+ * 500... */
+ r->status_line = "103 Early Hints";
+ break;
+ default:
+ r->status_line = ap_get_status_line(r->status);
+ break;
+ }
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03487)
+ "h2_proxy_session(%s): got interim HEADERS, "
+ "status=%d, will forward=%d",
+ session->id, r->status, forward);
+ if (forward) {
+ ap_send_interim_response(r, 1);
+ }
+ }
+ stream_resume(stream);
+ break;
+ case NGHTTP2_PING:
+ if (session->check_ping) {
+ session->check_ping = 0;
+ ping_arrived(session);
+ }
break;
case NGHTTP2_PUSH_PROMISE:
break;
@@ -174,7 +226,7 @@ static int before_frame_send(nghttp2_session *ngh2,
if (APLOGcdebug(session->c)) {
char buffer[256];
- h2_util_frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0]));
+ h2_proxy_util_frame_print(frame, buffer, sizeof(buffer)/sizeof(buffer[0]));
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03343)
"h2_proxy_session(%s): sent FRAME[%s]",
session->id, buffer);
@@ -188,8 +240,9 @@ static int add_header(void *table, const char *n, const char *v)
return 1;
}
-static void process_proxy_header(request_rec *r, const char *n, const char *v)
+static void process_proxy_header(h2_proxy_stream *stream, const char *n, const char *v)
{
+ request_rec *r = stream->r;
static const struct {
const char *name;
ap_proxy_header_reverse_map_fn func;
@@ -212,6 +265,13 @@ static void process_proxy_header(request_rec *r, const char *n, const char *v)
return;
}
}
+ if (!ap_cstr_casecmp("Link", n)) {
+ dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
+ apr_table_add(r->headers_out, n,
+ h2_proxy_link_reverse_map(r, dconf,
+ stream->real_server_uri, stream->p_server_uri, v));
+ return;
+ }
apr_table_add(r->headers_out, n, v);
}
@@ -240,13 +300,13 @@ static apr_status_t h2_proxy_stream_add_header_out(h2_proxy_stream *stream,
char *hname, *hvalue;
hname = apr_pstrndup(stream->pool, n, nlen);
- h2_util_camel_case_header(hname, nlen);
+ h2_proxy_util_camel_case_header(hname, nlen);
hvalue = apr_pstrndup(stream->pool, v, vlen);
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, stream->session->c,
"h2_proxy_stream(%s-%d): got header %s: %s",
stream->session->id, stream->id, hname, hvalue);
- process_proxy_header(stream->r, hname, hvalue);
+ process_proxy_header(stream, hname, hvalue);
}
return APR_SUCCESS;
}
@@ -320,9 +380,9 @@ static void h2_proxy_stream_end_headers_out(h2_proxy_stream *stream)
}
}
-static int on_data_chunk_recv(nghttp2_session *ngh2, uint8_t flags,
- int32_t stream_id, const uint8_t *data,
- size_t len, void *user_data)
+static int stream_response_data(nghttp2_session *ngh2, uint8_t flags,
+ int32_t stream_id, const uint8_t *data,
+ size_t len, void *user_data)
{
h2_proxy_session *session = user_data;
h2_proxy_stream *stream;
@@ -342,8 +402,8 @@ static int on_data_chunk_recv(nghttp2_session *ngh2, uint8_t flags,
/* last chance to manipulate response headers.
* after this, only trailers */
h2_proxy_stream_end_headers_out(stream);
- stream->data_received = 1;
}
+ stream->data_received += len;
b = apr_bucket_transient_create((const char*)data, len,
stream->r->connection->bucket_alloc);
@@ -353,10 +413,11 @@ static int on_data_chunk_recv(nghttp2_session *ngh2, uint8_t flags,
b = apr_bucket_flush_create(stream->r->connection->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(stream->output, b);
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, stream->r, APLOGNO(03359)
- "h2_proxy_session(%s): pass response data for "
- "stream %d, %d bytes", session->id, stream_id, (int)len);
status = ap_pass_brigade(stream->r->output_filters, stream->output);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, stream->r, APLOGNO(03359)
+ "h2_proxy_session(%s): stream=%d, response DATA %ld, %ld"
+ " total", session->id, stream_id, (long)len,
+ (long)stream->data_received);
if (status != APR_SUCCESS) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, session->c, APLOGNO(03344)
"h2_proxy_session(%s): passing output on stream %d",
@@ -383,7 +444,7 @@ static int on_stream_close(nghttp2_session *ngh2, int32_t stream_id,
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03360)
"h2_proxy_session(%s): stream=%d, closed, err=%d",
session->id, stream_id, error_code);
- stream = h2_ihash_get(session->streams, stream_id);
+ stream = h2_proxy_ihash_get(session->streams, stream_id);
if (stream) {
stream->error_code = error_code;
}
@@ -417,10 +478,10 @@ static int on_header(nghttp2_session *ngh2, const nghttp2_frame *frame,
return 0;
}
-static ssize_t stream_data_read(nghttp2_session *ngh2, int32_t stream_id,
- uint8_t *buf, size_t length,
- uint32_t *data_flags,
- nghttp2_data_source *source, void *user_data)
+static ssize_t stream_request_data(nghttp2_session *ngh2, int32_t stream_id,
+ uint8_t *buf, size_t length,
+ uint32_t *data_flags,
+ nghttp2_data_source *source, void *user_data)
{
h2_proxy_stream *stream;
apr_status_t status = APR_SUCCESS;
@@ -434,7 +495,17 @@ static ssize_t stream_data_read(nghttp2_session *ngh2, int32_t stream_id,
return NGHTTP2_ERR_CALLBACK_FAILURE;
}
- if (APR_BRIGADE_EMPTY(stream->input)) {
+ if (stream->session->check_ping) {
+ /* suspend until we hear from the other side */
+ stream->waiting_on_ping = 1;
+ status = APR_EAGAIN;
+ }
+ else if (stream->r->expecting_100) {
+ /* suspend until the answer comes */
+ stream->waiting_on_100 = 1;
+ status = APR_EAGAIN;
+ }
+ else if (APR_BRIGADE_EMPTY(stream->input)) {
status = ap_get_brigade(stream->r->input_filters, stream->input,
AP_MODE_READBYTES, APR_NONBLOCK_READ,
H2MAX(APR_BUCKET_BUFF_SIZE, length));
@@ -476,10 +547,12 @@ static ssize_t stream_data_read(nghttp2_session *ngh2, int32_t stream_id,
apr_bucket_delete(b);
}
- ap_log_rerror(APLOG_MARK, APLOG_TRACE2, status, stream->r,
- "h2_proxy_stream(%d): request body read %ld bytes, flags=%d",
- stream->id, (long)readlen, (int)*data_flags);
- stream->data_sent = 1;
+ stream->data_sent += readlen;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, stream->r, APLOGNO(03468)
+ "h2_proxy_stream(%d): request DATA %ld, %ld"
+ " total, flags=%d",
+ stream->id, (long)readlen, (long)stream->data_sent,
+ (int)*data_flags);
return readlen;
}
else if (APR_STATUS_IS_EAGAIN(status)) {
@@ -488,7 +561,7 @@ static ssize_t stream_data_read(nghttp2_session *ngh2, int32_t stream_id,
"h2_proxy_stream(%s-%d): suspending",
stream->session->id, stream_id);
stream->suspended = 1;
- h2_iq_add(stream->session->suspended, stream->id, NULL, NULL);
+ h2_proxy_iq_add(stream->session->suspended, stream->id, NULL, NULL);
return NGHTTP2_ERR_DEFERRED;
}
else {
@@ -498,8 +571,30 @@ static ssize_t stream_data_read(nghttp2_session *ngh2, int32_t stream_id,
}
}
+#ifdef H2_NG2_INVALID_HEADER_CB
+static int on_invalid_header_cb(nghttp2_session *ngh2,
+ const nghttp2_frame *frame,
+ const uint8_t *name, size_t namelen,
+ const uint8_t *value, size_t valuelen,
+ uint8_t flags, void *user_data)
+{
+ h2_proxy_session *session = user_data;
+ if (APLOGcdebug(session->c)) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03469)
+ "h2_proxy_session(%s-%d): denying stream with invalid header "
+ "'%s: %s'", session->id, (int)frame->hd.stream_id,
+ apr_pstrndup(session->pool, (const char *)name, namelen),
+ apr_pstrndup(session->pool, (const char *)value, valuelen));
+ }
+ return nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE,
+ frame->hd.stream_id,
+ NGHTTP2_PROTOCOL_ERROR);
+}
+#endif
+
h2_proxy_session *h2_proxy_session_setup(const char *id, proxy_conn_rec *p_conn,
proxy_server_conf *conf,
+ int h2_front,
unsigned char window_bits_connection,
unsigned char window_bits_stream,
h2_proxy_request_done *done)
@@ -520,10 +615,11 @@ h2_proxy_session *h2_proxy_session_setup(const char *id, proxy_conn_rec *p_conn,
session->conf = conf;
session->pool = p_conn->scpool;
session->state = H2_PROXYS_ST_INIT;
+ session->h2_front = h2_front;
session->window_bits_stream = window_bits_stream;
session->window_bits_connection = window_bits_connection;
- session->streams = h2_ihash_create(pool, offsetof(h2_proxy_stream, id));
- session->suspended = h2_iq_create(pool, 5);
+ session->streams = h2_proxy_ihash_create(pool, offsetof(h2_proxy_stream, id));
+ session->suspended = h2_proxy_iq_create(pool, 5);
session->done = done;
session->input = apr_brigade_create(session->pool, session->c->bucket_alloc);
@@ -531,11 +627,14 @@ h2_proxy_session *h2_proxy_session_setup(const char *id, proxy_conn_rec *p_conn,
nghttp2_session_callbacks_new(&cbs);
nghttp2_session_callbacks_set_on_frame_recv_callback(cbs, on_frame_recv);
- nghttp2_session_callbacks_set_on_data_chunk_recv_callback(cbs, on_data_chunk_recv);
+ nghttp2_session_callbacks_set_on_data_chunk_recv_callback(cbs, stream_response_data);
nghttp2_session_callbacks_set_on_stream_close_callback(cbs, on_stream_close);
nghttp2_session_callbacks_set_on_header_callback(cbs, on_header);
nghttp2_session_callbacks_set_before_frame_send_callback(cbs, before_frame_send);
nghttp2_session_callbacks_set_send_callback(cbs, raw_send);
+#ifdef H2_NG2_INVALID_HEADER_CB
+ nghttp2_session_callbacks_set_on_invalid_header_callback(cbs, on_invalid_header_cb);
+#endif
nghttp2_option_new(&option);
nghttp2_option_set_peer_max_concurrent_streams(option, 100);
@@ -549,6 +648,14 @@ h2_proxy_session *h2_proxy_session_setup(const char *id, proxy_conn_rec *p_conn,
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03362)
"setup session for %s", p_conn->hostname);
}
+ else {
+ h2_proxy_session *session = p_conn->data;
+ apr_interval_time_t age = apr_time_now() - session->last_frame_received;
+ if (age > apr_time_from_sec(1)) {
+ session->check_ping = 1;
+ nghttp2_submit_ping(session->ngh2, 0, (const uint8_t *)"nevergonnagiveyouup");
+ }
+ }
return p_conn->data;
}
@@ -603,7 +710,7 @@ static apr_status_t open_stream(h2_proxy_session *session, const char *url,
stream->input = apr_brigade_create(stream->pool, session->c->bucket_alloc);
stream->output = apr_brigade_create(stream->pool, session->c->bucket_alloc);
- stream->req = h2_req_create(1, stream->pool, 0);
+ stream->req = h2_proxy_req_create(1, stream->pool, 0);
status = apr_uri_parse(stream->pool, url, &puri);
if (status != APR_SUCCESS)
@@ -616,13 +723,17 @@ static apr_status_t open_stream(h2_proxy_session *session, const char *url,
/* port info missing and port is not default for scheme: append */
authority = apr_psprintf(stream->pool, "%s:%d", authority, puri.port);
}
+ /* we need this for mapping relative uris in headers ("Link") back
+ * to local uris */
+ stream->real_server_uri = apr_psprintf(stream->pool, "%s://%s", scheme, authority);
+ stream->p_server_uri = apr_psprintf(stream->pool, "%s://%s", puri.scheme, authority);
path = apr_uri_unparse(stream->pool, &puri, APR_URI_UNP_OMITSITEPART);
- h2_req_make(stream->req, stream->pool, r->method, scheme,
+ h2_proxy_req_make(stream->req, stream->pool, r->method, scheme,
authority, path, r->headers_in);
/* Tuck away all already existing cookies */
stream->saves = apr_table_make(r->pool, 2);
- apr_table_do(add_header, stream->saves, r->headers_out,"Set-Cookie", NULL);
+ apr_table_do(add_header, stream->saves, r->headers_out, "Set-Cookie", NULL);
*pstream = stream;
@@ -631,40 +742,45 @@ static apr_status_t open_stream(h2_proxy_session *session, const char *url,
static apr_status_t submit_stream(h2_proxy_session *session, h2_proxy_stream *stream)
{
- h2_ngheader *hd;
+ h2_proxy_ngheader *hd;
nghttp2_data_provider *pp = NULL;
nghttp2_data_provider provider;
- int rv;
+ int rv, may_have_request_body = 1;
apr_status_t status;
- hd = h2_util_ngheader_make_req(stream->pool, stream->req);
+ hd = h2_proxy_util_nghd_make_req(stream->pool, stream->req);
+
+ /* If we expect a 100-continue response, we must refrain from reading
+ any input until we get it. Reading the input will possibly trigger
+ HTTP_IN filter to generate the 100-continue itself. */
+ if (stream->waiting_on_100 || stream->waiting_on_ping) {
+ /* make a small test if we get an EOF/EOS immediately */
+ status = ap_get_brigade(stream->r->input_filters, stream->input,
+ AP_MODE_READBYTES, APR_NONBLOCK_READ,
+ APR_BUCKET_BUFF_SIZE);
+ may_have_request_body = APR_STATUS_IS_EAGAIN(status)
+ || (status == APR_SUCCESS
+ && !APR_BUCKET_IS_EOS(APR_BRIGADE_FIRST(stream->input)));
+ }
- status = ap_get_brigade(stream->r->input_filters, stream->input,
- AP_MODE_READBYTES, APR_NONBLOCK_READ,
- APR_BUCKET_BUFF_SIZE);
- if ((status == APR_SUCCESS && !APR_BUCKET_IS_EOS(APR_BRIGADE_FIRST(stream->input)))
- || APR_STATUS_IS_EAGAIN(status)) {
- /* there might be data coming */
+ if (may_have_request_body) {
provider.source.fd = 0;
provider.source.ptr = NULL;
- provider.read_callback = stream_data_read;
+ provider.read_callback = stream_request_data;
pp = &provider;
}
rv = nghttp2_submit_request(session->ngh2, NULL,
hd->nv, hd->nvlen, pp, stream);
- if (APLOGcdebug(session->c)) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03363)
- "h2_proxy_session(%s): submit %s%s -> %d",
- session->id, stream->req->authority, stream->req->path,
- rv);
- }
-
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03363)
+ "h2_proxy_session(%s): submit %s%s -> %d",
+ session->id, stream->req->authority, stream->req->path,
+ rv);
if (rv > 0) {
stream->id = rv;
stream->state = H2_STREAM_ST_OPEN;
- h2_ihash_add(session->streams, stream);
+ h2_proxy_ihash_add(session->streams, stream);
dispatch_event(session, H2_PROXYS_EV_STREAM_SUBMITTED, rv, NULL);
return APR_SUCCESS;
@@ -747,7 +863,7 @@ static apr_status_t h2_proxy_session_read(h2_proxy_session *session, int block,
AP_MODE_READBYTES,
block? APR_BLOCK_READ : APR_NONBLOCK_READ,
64 * 1024);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, session->c,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, session->c,
"h2_proxy_session(%s): read from conn", session->id);
if (socket && save_timeout != -1) {
apr_socket_timeout_set(socket, save_timeout);
@@ -788,6 +904,18 @@ apr_status_t h2_proxy_session_submit(h2_proxy_session *session,
return status;
}
+static void stream_resume(h2_proxy_stream *stream)
+{
+ h2_proxy_session *session = stream->session;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
+ "h2_proxy_stream(%s-%d): resuming",
+ session->id, stream->id);
+ stream->suspended = 0;
+ h2_proxy_iq_remove(session->suspended, stream->id);
+ nghttp2_session_resume_data(session->ngh2, stream->id);
+ dispatch_event(session, H2_PROXYS_EV_STREAM_RESUMED, 0, NULL);
+}
+
static apr_status_t check_suspended(h2_proxy_session *session)
{
h2_proxy_stream *stream;
@@ -798,17 +926,16 @@ static apr_status_t check_suspended(h2_proxy_session *session)
stream_id = session->suspended->elts[i];
stream = nghttp2_session_get_stream_user_data(session->ngh2, stream_id);
if (stream) {
- status = ap_get_brigade(stream->r->input_filters, stream->input,
- AP_MODE_READBYTES, APR_NONBLOCK_READ,
- APR_BUCKET_BUFF_SIZE);
+ if (stream->waiting_on_100 || stream->waiting_on_ping) {
+ status = APR_EAGAIN;
+ }
+ else {
+ status = ap_get_brigade(stream->r->input_filters, stream->input,
+ AP_MODE_READBYTES, APR_NONBLOCK_READ,
+ APR_BUCKET_BUFF_SIZE);
+ }
if (status == APR_SUCCESS && !APR_BRIGADE_EMPTY(stream->input)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, session->c,
- "h2_proxy_stream(%s-%d): resuming",
- session->id, stream_id);
- stream->suspended = 0;
- h2_iq_remove(session->suspended, stream_id);
- nghttp2_session_resume_data(session->ngh2, stream_id);
- dispatch_event(session, H2_PROXYS_EV_STREAM_RESUMED, 0, NULL);
+ stream_resume(stream);
check_suspended(session);
return APR_SUCCESS;
}
@@ -816,15 +943,14 @@ static apr_status_t check_suspended(h2_proxy_session *session)
ap_log_cerror(APLOG_MARK, APLOG_WARNING, status, session->c,
APLOGNO(03382) "h2_proxy_stream(%s-%d): check input",
session->id, stream_id);
- h2_iq_remove(session->suspended, stream_id);
- dispatch_event(session, H2_PROXYS_EV_STREAM_RESUMED, 0, NULL);
+ stream_resume(stream);
check_suspended(session);
return APR_SUCCESS;
}
}
else {
/* gone? */
- h2_iq_remove(session->suspended, stream_id);
+ h2_proxy_iq_remove(session->suspended, stream_id);
check_suspended(session);
return APR_SUCCESS;
}
@@ -838,7 +964,7 @@ static apr_status_t session_shutdown(h2_proxy_session *session, int reason,
apr_status_t status = APR_SUCCESS;
const char *err = msg;
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
if (!err && reason) {
err = nghttp2_strerror(reason);
}
@@ -893,7 +1019,7 @@ static void ev_init(h2_proxy_session *session, int arg, const char *msg)
{
switch (session->state) {
case H2_PROXYS_ST_INIT:
- if (h2_ihash_empty(session->streams)) {
+ if (h2_proxy_ihash_empty(session->streams)) {
transit(session, "init", H2_PROXYS_ST_IDLE);
}
else {
@@ -1000,7 +1126,7 @@ static void ev_no_io(h2_proxy_session *session, int arg, const char *msg)
* CPU cycles. Ideally, we'd like to do a blocking read, but that
* is not possible if we have scheduled tasks and wait
* for them to produce something. */
- if (h2_ihash_empty(session->streams)) {
+ if (h2_proxy_ihash_empty(session->streams)) {
if (!is_accepting_streams(session)) {
/* We are no longer accepting new streams and have
* finished processing existing ones. Time to leave. */
@@ -1049,16 +1175,19 @@ static void ev_stream_done(h2_proxy_session *session, int stream_id,
if (stream) {
int touched = (stream->data_sent ||
stream_id <= session->last_stream_id);
- int complete = (stream->error_code == 0);
+ apr_status_t status = (stream->error_code == 0)? APR_SUCCESS : APR_EINVAL;
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03364)
"h2_proxy_sesssion(%s): stream(%d) closed "
- "(complete=%d, touched=%d)",
- session->id, stream_id, complete, touched);
+ "(touched=%d, error=%d)",
+ session->id, stream_id, touched, stream->error_code);
- if (complete && !stream->data_received) {
+ if (status != APR_SUCCESS) {
+ stream->r->status = 500;
+ }
+ else if (!stream->data_received) {
apr_bucket *b;
/* if the response had no body, this is the time to flush
- * an empty brigade which will also "write" the resonse
+ * an empty brigade which will also write the resonse
* headers */
h2_proxy_stream_end_headers_out(stream);
stream->data_received = 1;
@@ -1070,10 +1199,10 @@ static void ev_stream_done(h2_proxy_session *session, int stream_id,
}
stream->state = H2_STREAM_ST_CLOSED;
- h2_ihash_remove(session->streams, stream_id);
- h2_iq_remove(session->suspended, stream_id);
+ h2_proxy_ihash_remove(session->streams, stream_id);
+ h2_proxy_iq_remove(session->suspended, stream_id);
if (session->done) {
- session->done(session, stream->r, complete, touched);
+ session->done(session, stream->r, status, touched);
}
}
@@ -1185,6 +1314,21 @@ static void dispatch_event(h2_proxy_session *session, h2_proxys_event_t ev,
}
}
+static int send_loop(h2_proxy_session *session)
+{
+ while (nghttp2_session_want_write(session->ngh2)) {
+ int rv = nghttp2_session_send(session->ngh2);
+ if (rv < 0 && nghttp2_is_fatal(rv)) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
+ "h2_proxy_session(%s): write, rv=%d", session->id, rv);
+ dispatch_event(session, H2_PROXYS_EV_CONN_ERROR, rv, NULL);
+ break;
+ }
+ return 1;
+ }
+ return 0;
+}
+
apr_status_t h2_proxy_session_process(h2_proxy_session *session)
{
apr_status_t status;
@@ -1209,16 +1353,7 @@ run_loop:
case H2_PROXYS_ST_BUSY:
case H2_PROXYS_ST_LOCAL_SHUTDOWN:
case H2_PROXYS_ST_REMOTE_SHUTDOWN:
- while (nghttp2_session_want_write(session->ngh2)) {
- int rv = nghttp2_session_send(session->ngh2);
- if (rv < 0 && nghttp2_is_fatal(rv)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
- "h2_proxy_session(%s): write, rv=%d", session->id, rv);
- dispatch_event(session, H2_PROXYS_EV_CONN_ERROR, rv, NULL);
- break;
- }
- have_written = 1;
- }
+ have_written = send_loop(session);
if (nghttp2_session_want_read(session->ngh2)) {
status = h2_proxy_session_read(session, 0, 0);
@@ -1247,7 +1382,7 @@ run_loop:
}
status = h2_proxy_session_read(session, 1, session->wait_timeout);
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, session->c,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, session->c,
APLOGNO(03365)
"h2_proxy_session(%s): WAIT read, timeout=%fms",
session->id, (float)session->wait_timeout/1000.0);
@@ -1295,28 +1430,71 @@ typedef struct {
h2_proxy_request_done *done;
} cleanup_iter_ctx;
+static int cancel_iter(void *udata, void *val)
+{
+ cleanup_iter_ctx *ctx = udata;
+ h2_proxy_stream *stream = val;
+ nghttp2_submit_rst_stream(ctx->session->ngh2, NGHTTP2_FLAG_NONE,
+ stream->id, 0);
+ return 1;
+}
+
+void h2_proxy_session_cancel_all(h2_proxy_session *session)
+{
+ if (!h2_proxy_ihash_empty(session->streams)) {
+ cleanup_iter_ctx ctx;
+ ctx.session = session;
+ ctx.done = session->done;
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03366)
+ "h2_proxy_session(%s): cancel %d streams",
+ session->id, (int)h2_proxy_ihash_count(session->streams));
+ h2_proxy_ihash_iter(session->streams, cancel_iter, &ctx);
+ session_shutdown(session, 0, NULL);
+ }
+}
+
static int done_iter(void *udata, void *val)
{
cleanup_iter_ctx *ctx = udata;
h2_proxy_stream *stream = val;
- int touched = (!ctx->session->last_stream_id ||
+ int touched = (stream->data_sent ||
stream->id <= ctx->session->last_stream_id);
- ctx->done(ctx->session, stream->r, 0, touched);
+ ctx->done(ctx->session, stream->r, APR_ECONNABORTED, touched);
return 1;
}
void h2_proxy_session_cleanup(h2_proxy_session *session,
h2_proxy_request_done *done)
{
- if (session->streams && !h2_ihash_empty(session->streams)) {
+ if (!h2_proxy_ihash_empty(session->streams)) {
cleanup_iter_ctx ctx;
ctx.session = session;
ctx.done = done;
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03366)
"h2_proxy_session(%s): terminated, %d streams unfinished",
- session->id, (int)h2_ihash_count(session->streams));
- h2_ihash_iter(session->streams, done_iter, &ctx);
- h2_ihash_clear(session->streams);
+ session->id, (int)h2_proxy_ihash_count(session->streams));
+ h2_proxy_ihash_iter(session->streams, done_iter, &ctx);
+ h2_proxy_ihash_clear(session->streams);
+ }
+}
+
+static int ping_arrived_iter(void *udata, void *val)
+{
+ h2_proxy_stream *stream = val;
+ if (stream->waiting_on_ping) {
+ stream->waiting_on_ping = 0;
+ stream_resume(stream);
+ }
+ return 1;
+}
+
+static void ping_arrived(h2_proxy_session *session)
+{
+ if (!h2_proxy_ihash_empty(session->streams)) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03470)
+ "h2_proxy_session(%s): ping arrived, unblocking streams",
+ session->id);
+ h2_proxy_ihash_iter(session->streams, ping_arrived_iter, &session);
}
}
@@ -1347,13 +1525,13 @@ static int win_update_iter(void *udata, void *val)
void h2_proxy_session_update_window(h2_proxy_session *session,
conn_rec *c, apr_off_t bytes)
{
- if (session->streams && !h2_ihash_empty(session->streams)) {
+ if (!h2_proxy_ihash_empty(session->streams)) {
win_update_ctx ctx;
ctx.session = session;
ctx.c = c;
ctx.bytes = bytes;
ctx.updated = 0;
- h2_ihash_iter(session->streams, win_update_iter, &ctx);
+ h2_proxy_ihash_iter(session->streams, win_update_iter, &ctx);
if (!ctx.updated) {
/* could not find the stream any more, possibly closed, update
diff --git a/modules/http2/h2_proxy_session.h b/modules/http2/h2_proxy_session.h
index 7f0a194..c982056 100644
--- a/modules/http2/h2_proxy_session.h
+++ b/modules/http2/h2_proxy_session.h
@@ -20,8 +20,8 @@
#include <nghttp2/nghttp2.h>
-struct h2_iqueue;
-struct h2_ihash_t;
+struct h2_proxy_iqueue;
+struct h2_proxy_ihash_t;
typedef enum {
H2_PROXYS_ST_INIT, /* send initial SETTINGS, etc. */
@@ -52,7 +52,7 @@ typedef enum {
typedef struct h2_proxy_session h2_proxy_session;
typedef void h2_proxy_request_done(h2_proxy_session *s, request_rec *r,
- int complete, int touched);
+ apr_status_t status, int touched);
struct h2_proxy_session {
const char *id;
@@ -63,6 +63,8 @@ struct h2_proxy_session {
nghttp2_session *ngh2; /* the nghttp2 session itself */
unsigned int aborted : 1;
+ unsigned int check_ping : 1;
+ unsigned int h2_front : 1; /* if front-end connection is HTTP/2 */
h2_proxy_request_done *done;
void *user_data;
@@ -73,10 +75,11 @@ struct h2_proxy_session {
h2_proxys_state state;
apr_interval_time_t wait_timeout;
- struct h2_ihash_t *streams;
- struct h2_iqueue *suspended;
+ struct h2_proxy_ihash_t *streams;
+ struct h2_proxy_iqueue *suspended;
apr_size_t remote_max_concurrent;
int last_stream_id; /* last stream id processed by backend, or 0 */
+ apr_time_t last_frame_received;
apr_bucket_brigade *input;
apr_bucket_brigade *output;
@@ -84,6 +87,7 @@ struct h2_proxy_session {
h2_proxy_session *h2_proxy_session_setup(const char *id, proxy_conn_rec *p_conn,
proxy_server_conf *conf,
+ int h2_front,
unsigned char window_bits_connection,
unsigned char window_bits_stream,
h2_proxy_request_done *done);
@@ -101,6 +105,8 @@ apr_status_t h2_proxy_session_submit(h2_proxy_session *s, const char *url,
*/
apr_status_t h2_proxy_session_process(h2_proxy_session *s);
+void h2_proxy_session_cancel_all(h2_proxy_session *s);
+
void h2_proxy_session_cleanup(h2_proxy_session *s, h2_proxy_request_done *done);
void h2_proxy_session_update_window(h2_proxy_session *s,
diff --git a/modules/http2/h2_proxy_util.c b/modules/http2/h2_proxy_util.c
index 839f4a5..b92a876 100644
--- a/modules/http2/h2_proxy_util.c
+++ b/modules/http2/h2_proxy_util.c
@@ -14,20 +14,24 @@
*/
#include <assert.h>
+#include <apr_lib.h>
#include <apr_strings.h>
#include <httpd.h>
#include <http_core.h>
#include <http_log.h>
#include <http_request.h>
+#include <mod_proxy.h>
#include <nghttp2/nghttp2.h>
#include "h2.h"
#include "h2_proxy_util.h"
+APLOG_USE_MODULE(proxy_http2);
+
/* h2_log2(n) iff n is a power of 2 */
-unsigned char h2_log2(apr_uint32_t n)
+unsigned char h2_proxy_log2(int n)
{
int lz = 0;
if (!n) {
@@ -59,7 +63,7 @@ unsigned char h2_log2(apr_uint32_t n)
/*******************************************************************************
* ihash - hash for structs with int identifier
******************************************************************************/
-struct h2_ihash_t {
+struct h2_proxy_ihash_t {
apr_hash_t *hash;
size_t ioff;
};
@@ -69,31 +73,31 @@ static unsigned int ihash(const char *key, apr_ssize_t *klen)
return (unsigned int)(*((int*)key));
}
-h2_ihash_t *h2_ihash_create(apr_pool_t *pool, size_t offset_of_int)
+h2_proxy_ihash_t *h2_proxy_ihash_create(apr_pool_t *pool, size_t offset_of_int)
{
- h2_ihash_t *ih = apr_pcalloc(pool, sizeof(h2_ihash_t));
+ h2_proxy_ihash_t *ih = apr_pcalloc(pool, sizeof(h2_proxy_ihash_t));
ih->hash = apr_hash_make_custom(pool, ihash);
ih->ioff = offset_of_int;
return ih;
}
-size_t h2_ihash_count(h2_ihash_t *ih)
+size_t h2_proxy_ihash_count(h2_proxy_ihash_t *ih)
{
return apr_hash_count(ih->hash);
}
-int h2_ihash_empty(h2_ihash_t *ih)
+int h2_proxy_ihash_empty(h2_proxy_ihash_t *ih)
{
return apr_hash_count(ih->hash) == 0;
}
-void *h2_ihash_get(h2_ihash_t *ih, int id)
+void *h2_proxy_ihash_get(h2_proxy_ihash_t *ih, int id)
{
return apr_hash_get(ih->hash, &id, sizeof(id));
}
typedef struct {
- h2_ihash_iter_t *iter;
+ h2_proxy_ihash_iter_t *iter;
void *ctx;
} iter_ctx;
@@ -104,7 +108,7 @@ static int ihash_iter(void *ctx, const void *key, apr_ssize_t klen,
return ictx->iter(ictx->ctx, (void*)val); /* why is this passed const?*/
}
-int h2_ihash_iter(h2_ihash_t *ih, h2_ihash_iter_t *fn, void *ctx)
+int h2_proxy_ihash_iter(h2_proxy_ihash_t *ih, h2_proxy_ihash_iter_t *fn, void *ctx)
{
iter_ctx ictx;
ictx.iter = fn;
@@ -112,30 +116,30 @@ int h2_ihash_iter(h2_ihash_t *ih, h2_ihash_iter_t *fn, void *ctx)
return apr_hash_do(ihash_iter, &ictx, ih->hash);
}
-void h2_ihash_add(h2_ihash_t *ih, void *val)
+void h2_proxy_ihash_add(h2_proxy_ihash_t *ih, void *val)
{
apr_hash_set(ih->hash, ((char *)val + ih->ioff), sizeof(int), val);
}
-void h2_ihash_remove(h2_ihash_t *ih, int id)
+void h2_proxy_ihash_remove(h2_proxy_ihash_t *ih, int id)
{
apr_hash_set(ih->hash, &id, sizeof(id), NULL);
}
-void h2_ihash_remove_val(h2_ihash_t *ih, void *val)
+void h2_proxy_ihash_remove_val(h2_proxy_ihash_t *ih, void *val)
{
int id = *((int*)((char *)val + ih->ioff));
apr_hash_set(ih->hash, &id, sizeof(id), NULL);
}
-void h2_ihash_clear(h2_ihash_t *ih)
+void h2_proxy_ihash_clear(h2_proxy_ihash_t *ih)
{
apr_hash_clear(ih->hash);
}
typedef struct {
- h2_ihash_t *ih;
+ h2_proxy_ihash_t *ih;
void **buffer;
size_t max;
size_t len;
@@ -151,7 +155,7 @@ static int collect_iter(void *x, void *val)
return 0;
}
-size_t h2_ihash_shift(h2_ihash_t *ih, void **buffer, size_t max)
+size_t h2_proxy_ihash_shift(h2_proxy_ihash_t *ih, void **buffer, size_t max)
{
collect_ctx ctx;
size_t i;
@@ -160,15 +164,15 @@ size_t h2_ihash_shift(h2_ihash_t *ih, void **buffer, size_t max)
ctx.buffer = buffer;
ctx.max = max;
ctx.len = 0;
- h2_ihash_iter(ih, collect_iter, &ctx);
+ h2_proxy_ihash_iter(ih, collect_iter, &ctx);
for (i = 0; i < ctx.len; ++i) {
- h2_ihash_remove_val(ih, buffer[i]);
+ h2_proxy_ihash_remove_val(ih, buffer[i]);
}
return ctx.len;
}
typedef struct {
- h2_ihash_t *ih;
+ h2_proxy_ihash_t *ih;
int *buffer;
size_t max;
size_t len;
@@ -184,7 +188,7 @@ static int icollect_iter(void *x, void *val)
return 0;
}
-size_t h2_ihash_ishift(h2_ihash_t *ih, int *buffer, size_t max)
+size_t h2_proxy_ihash_ishift(h2_proxy_ihash_t *ih, int *buffer, size_t max)
{
icollect_ctx ctx;
size_t i;
@@ -193,9 +197,9 @@ size_t h2_ihash_ishift(h2_ihash_t *ih, int *buffer, size_t max)
ctx.buffer = buffer;
ctx.max = max;
ctx.len = 0;
- h2_ihash_iter(ih, icollect_iter, &ctx);
+ h2_proxy_ihash_iter(ih, icollect_iter, &ctx);
for (i = 0; i < ctx.len; ++i) {
- h2_ihash_remove(ih, buffer[i]);
+ h2_proxy_ihash_remove(ih, buffer[i]);
}
return ctx.len;
}
@@ -204,16 +208,16 @@ size_t h2_ihash_ishift(h2_ihash_t *ih, int *buffer, size_t max)
* iqueue - sorted list of int
******************************************************************************/
-static void iq_grow(h2_iqueue *q, int nlen);
-static void iq_swap(h2_iqueue *q, int i, int j);
-static int iq_bubble_up(h2_iqueue *q, int i, int top,
- h2_iq_cmp *cmp, void *ctx);
-static int iq_bubble_down(h2_iqueue *q, int i, int bottom,
- h2_iq_cmp *cmp, void *ctx);
+static void iq_grow(h2_proxy_iqueue *q, int nlen);
+static void iq_swap(h2_proxy_iqueue *q, int i, int j);
+static int iq_bubble_up(h2_proxy_iqueue *q, int i, int top,
+ h2_proxy_iq_cmp *cmp, void *ctx);
+static int iq_bubble_down(h2_proxy_iqueue *q, int i, int bottom,
+ h2_proxy_iq_cmp *cmp, void *ctx);
-h2_iqueue *h2_iq_create(apr_pool_t *pool, int capacity)
+h2_proxy_iqueue *h2_proxy_iq_create(apr_pool_t *pool, int capacity)
{
- h2_iqueue *q = apr_pcalloc(pool, sizeof(h2_iqueue));
+ h2_proxy_iqueue *q = apr_pcalloc(pool, sizeof(h2_proxy_iqueue));
if (q) {
q->pool = pool;
iq_grow(q, capacity);
@@ -222,18 +226,18 @@ h2_iqueue *h2_iq_create(apr_pool_t *pool, int capacity)
return q;
}
-int h2_iq_empty(h2_iqueue *q)
+int h2_proxy_iq_empty(h2_proxy_iqueue *q)
{
return q->nelts == 0;
}
-int h2_iq_count(h2_iqueue *q)
+int h2_proxy_iq_count(h2_proxy_iqueue *q)
{
return q->nelts;
}
-void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx)
+void h2_proxy_iq_add(h2_proxy_iqueue *q, int sid, h2_proxy_iq_cmp *cmp, void *ctx)
{
int i;
@@ -251,7 +255,7 @@ void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx)
}
}
-int h2_iq_remove(h2_iqueue *q, int sid)
+int h2_proxy_iq_remove(h2_proxy_iqueue *q, int sid)
{
int i;
for (i = 0; i < q->nelts; ++i) {
@@ -271,15 +275,15 @@ int h2_iq_remove(h2_iqueue *q, int sid)
return 0;
}
-void h2_iq_clear(h2_iqueue *q)
+void h2_proxy_iq_clear(h2_proxy_iqueue *q)
{
q->nelts = 0;
}
-void h2_iq_sort(h2_iqueue *q, h2_iq_cmp *cmp, void *ctx)
+void h2_proxy_iq_sort(h2_proxy_iqueue *q, h2_proxy_iq_cmp *cmp, void *ctx)
{
/* Assume that changes in ordering are minimal. This needs,
- * best case, q->nelts - 1 comparisions to check that nothing
+ * best case, q->nelts - 1 comparisons to check that nothing
* changed.
*/
if (q->nelts > 0) {
@@ -304,7 +308,7 @@ void h2_iq_sort(h2_iqueue *q, h2_iq_cmp *cmp, void *ctx)
}
-int h2_iq_shift(h2_iqueue *q)
+int h2_proxy_iq_shift(h2_proxy_iqueue *q)
{
int sid;
@@ -319,7 +323,7 @@ int h2_iq_shift(h2_iqueue *q)
return sid;
}
-static void iq_grow(h2_iqueue *q, int nlen)
+static void iq_grow(h2_proxy_iqueue *q, int nlen)
{
if (nlen > q->nalloc) {
int *nq = apr_pcalloc(q->pool, sizeof(int) * nlen);
@@ -339,15 +343,15 @@ static void iq_grow(h2_iqueue *q, int nlen)
}
}
-static void iq_swap(h2_iqueue *q, int i, int j)
+static void iq_swap(h2_proxy_iqueue *q, int i, int j)
{
int x = q->elts[i];
q->elts[i] = q->elts[j];
q->elts[j] = x;
}
-static int iq_bubble_up(h2_iqueue *q, int i, int top,
- h2_iq_cmp *cmp, void *ctx)
+static int iq_bubble_up(h2_proxy_iqueue *q, int i, int top,
+ h2_proxy_iq_cmp *cmp, void *ctx)
{
int prev;
while (((prev = (q->nalloc + i - 1) % q->nalloc), i != top)
@@ -358,8 +362,8 @@ static int iq_bubble_up(h2_iqueue *q, int i, int top,
return i;
}
-static int iq_bubble_down(h2_iqueue *q, int i, int bottom,
- h2_iq_cmp *cmp, void *ctx)
+static int iq_bubble_down(h2_proxy_iqueue *q, int i, int bottom,
+ h2_proxy_iq_cmp *cmp, void *ctx)
{
int next;
while (((next = (q->nalloc + i + 1) % q->nalloc), i != bottom)
@@ -371,7 +375,7 @@ static int iq_bubble_down(h2_iqueue *q, int i, int bottom,
}
/*******************************************************************************
- * h2_ngheader
+ * h2_proxy_ngheader
******************************************************************************/
#define H2_HD_MATCH_LIT_CS(l, name) \
((strlen(name) == sizeof(l) - 1) && !apr_strnatcasecmp(l, name))
@@ -397,7 +401,7 @@ static int count_header(void *ctx, const char *key, const char *value)
#define NV_ADD_LIT_CS(nv, k, v) add_header(nv, k, sizeof(k) - 1, v, strlen(v))
#define NV_ADD_CS_CS(nv, k, v) add_header(nv, k, strlen(k), v, strlen(v))
-static int add_header(h2_ngheader *ngh,
+static int add_header(h2_proxy_ngheader *ngh,
const char *key, size_t key_len,
const char *value, size_t val_len)
{
@@ -418,23 +422,23 @@ static int add_table_header(void *ctx, const char *key, const char *value)
return 1;
}
-h2_ngheader *h2_util_ngheader_make_req(apr_pool_t *p,
- const struct h2_request *req)
+h2_proxy_ngheader *h2_proxy_util_nghd_make_req(apr_pool_t *p,
+ const h2_proxy_request *req)
{
- h2_ngheader *ngh;
+ h2_proxy_ngheader *ngh;
size_t n;
- AP_DEBUG_ASSERT(req);
- AP_DEBUG_ASSERT(req->scheme);
- AP_DEBUG_ASSERT(req->authority);
- AP_DEBUG_ASSERT(req->path);
- AP_DEBUG_ASSERT(req->method);
+ ap_assert(req);
+ ap_assert(req->scheme);
+ ap_assert(req->authority);
+ ap_assert(req->path);
+ ap_assert(req->method);
n = 4;
apr_table_do(count_header, &n, req->headers, NULL);
- ngh = apr_pcalloc(p, sizeof(h2_ngheader));
+ ngh = apr_pcalloc(p, sizeof(h2_proxy_ngheader));
ngh->nv = apr_pcalloc(p, n * sizeof(nghttp2_nv));
NV_ADD_LIT_CS(ngh, ":scheme", req->scheme);
NV_ADD_LIT_CS(ngh, ":authority", req->authority);
@@ -458,7 +462,6 @@ typedef struct {
#define H2_LIT_ARGS(a) (a),H2_ALEN(a)
static literal IgnoredRequestHeaders[] = {
- H2_DEF_LITERAL("expect"),
H2_DEF_LITERAL("upgrade"),
H2_DEF_LITERAL("connection"),
H2_DEF_LITERAL("keep-alive"),
@@ -485,18 +488,18 @@ static int ignore_header(const literal *lits, size_t llen,
return 0;
}
-static int h2_req_ignore_header(const char *name, size_t len)
+static int h2_proxy_req_ignore_header(const char *name, size_t len)
{
return ignore_header(H2_LIT_ARGS(IgnoredRequestHeaders), name, len);
}
int h2_proxy_res_ignore_header(const char *name, size_t len)
{
- return (h2_req_ignore_header(name, len)
+ return (h2_proxy_req_ignore_header(name, len)
|| ignore_header(H2_LIT_ARGS(IgnoredProxyRespHds), name, len));
}
-void h2_util_camel_case_header(char *s, size_t len)
+void h2_proxy_util_camel_case_header(char *s, size_t len)
{
size_t start = 1;
size_t i;
@@ -528,7 +531,7 @@ static apr_status_t h2_headers_add_h1(apr_table_t *headers, apr_pool_t *pool,
{
char *hname, *hvalue;
- if (h2_req_ignore_header(name, nlen)) {
+ if (h2_proxy_req_ignore_header(name, nlen)) {
return APR_SUCCESS;
}
else if (H2_HD_MATCH_LIT("cookie", name, nlen)) {
@@ -553,20 +556,19 @@ static apr_status_t h2_headers_add_h1(apr_table_t *headers, apr_pool_t *pool,
hname = apr_pstrndup(pool, name, nlen);
hvalue = apr_pstrndup(pool, value, vlen);
- h2_util_camel_case_header(hname, nlen);
+ h2_proxy_util_camel_case_header(hname, nlen);
apr_table_mergen(headers, hname, hvalue);
return APR_SUCCESS;
}
-static h2_request *h2_req_createn(int id, apr_pool_t *pool, const char *method,
+static h2_proxy_request *h2_proxy_req_createn(int id, apr_pool_t *pool, const char *method,
const char *scheme, const char *authority,
const char *path, apr_table_t *header,
int serialize)
{
- h2_request *req = apr_pcalloc(pool, sizeof(h2_request));
+ h2_proxy_request *req = apr_pcalloc(pool, sizeof(h2_proxy_request));
- req->id = id;
req->method = method;
req->scheme = scheme;
req->authority = authority;
@@ -578,9 +580,9 @@ static h2_request *h2_req_createn(int id, apr_pool_t *pool, const char *method,
return req;
}
-h2_request *h2_req_create(int id, apr_pool_t *pool, int serialize)
+h2_proxy_request *h2_proxy_req_create(int id, apr_pool_t *pool, int serialize)
{
- return h2_req_createn(id, pool, NULL, NULL, NULL, NULL, NULL, serialize);
+ return h2_proxy_req_createn(id, pool, NULL, NULL, NULL, NULL, NULL, serialize);
}
typedef struct {
@@ -592,13 +594,13 @@ static int set_h1_header(void *ctx, const char *key, const char *value)
{
h1_ctx *x = ctx;
size_t klen = strlen(key);
- if (!h2_req_ignore_header(key, klen)) {
+ if (!h2_proxy_req_ignore_header(key, klen)) {
h2_headers_add_h1(x->headers, x->pool, key, klen, value, strlen(value));
}
return 1;
}
-apr_status_t h2_req_make(h2_request *req, apr_pool_t *pool,
+apr_status_t h2_proxy_req_make(h2_proxy_request *req, apr_pool_t *pool,
const char *method, const char *scheme,
const char *authority, const char *path,
apr_table_t *headers)
@@ -610,10 +612,10 @@ apr_status_t h2_req_make(h2_request *req, apr_pool_t *pool,
req->authority = authority;
req->path = path;
- AP_DEBUG_ASSERT(req->scheme);
- AP_DEBUG_ASSERT(req->authority);
- AP_DEBUG_ASSERT(req->path);
- AP_DEBUG_ASSERT(req->method);
+ ap_assert(req->scheme);
+ ap_assert(req->authority);
+ ap_assert(req->path);
+ ap_assert(req->method);
x.pool = pool;
x.headers = req->headers;
@@ -625,7 +627,7 @@ apr_status_t h2_req_make(h2_request *req, apr_pool_t *pool,
* frame logging
******************************************************************************/
-int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen)
+int h2_proxy_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen)
{
char scratch[128];
size_t s_len = sizeof(scratch)/sizeof(scratch[0]);
@@ -703,3 +705,351 @@ int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen)
frame->hd.flags, frame->hd.stream_id);
}
}
+
+/*******************************************************************************
+ * link header handling
+ ******************************************************************************/
+
+typedef struct {
+ apr_pool_t *pool;
+ request_rec *r;
+ proxy_dir_conf *conf;
+ const char *s;
+ int slen;
+ int i;
+ const char *server_uri;
+ int su_len;
+ const char *real_backend_uri;
+ int rbu_len;
+ const char *p_server_uri;
+ int psu_len;
+ int link_start;
+ int link_end;
+} link_ctx;
+
+static int attr_char(char c)
+{
+ switch (c) {
+ case '!':
+ case '#':
+ case '$':
+ case '&':
+ case '+':
+ case '-':
+ case '.':
+ case '^':
+ case '_':
+ case '`':
+ case '|':
+ case '~':
+ return 1;
+ default:
+ return apr_isalnum(c);
+ }
+}
+
+static int ptoken_char(char c)
+{
+ switch (c) {
+ case '!':
+ case '#':
+ case '$':
+ case '&':
+ case '\'':
+ case '(':
+ case ')':
+ case '*':
+ case '+':
+ case '-':
+ case '.':
+ case '/':
+ case ':':
+ case '<':
+ case '=':
+ case '>':
+ case '?':
+ case '@':
+ case '[':
+ case ']':
+ case '^':
+ case '_':
+ case '`':
+ case '{':
+ case '|':
+ case '}':
+ case '~':
+ return 1;
+ default:
+ return apr_isalnum(c);
+ }
+}
+
+static int skip_ws(link_ctx *ctx)
+{
+ char c;
+ while (ctx->i < ctx->slen
+ && (((c = ctx->s[ctx->i]) == ' ') || (c == '\t'))) {
+ ++ctx->i;
+ }
+ return (ctx->i < ctx->slen);
+}
+
+static int find_chr(link_ctx *ctx, char c, int *pidx)
+{
+ int j;
+ for (j = ctx->i; j < ctx->slen; ++j) {
+ if (ctx->s[j] == c) {
+ *pidx = j;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int read_chr(link_ctx *ctx, char c)
+{
+ if (ctx->i < ctx->slen && ctx->s[ctx->i] == c) {
+ ++ctx->i;
+ return 1;
+ }
+ return 0;
+}
+
+static int skip_qstring(link_ctx *ctx)
+{
+ if (skip_ws(ctx) && read_chr(ctx, '\"')) {
+ int end;
+ if (find_chr(ctx, '\"', &end)) {
+ ctx->i = end + 1;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int skip_ptoken(link_ctx *ctx)
+{
+ if (skip_ws(ctx)) {
+ int i;
+ for (i = ctx->i; i < ctx->slen && ptoken_char(ctx->s[i]); ++i) {
+ /* nop */
+ }
+ if (i > ctx->i) {
+ ctx->i = i;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+
+static int read_link(link_ctx *ctx)
+{
+ ctx->link_start = ctx->link_end = 0;
+ if (skip_ws(ctx) && read_chr(ctx, '<')) {
+ int end;
+ if (find_chr(ctx, '>', &end)) {
+ ctx->link_start = ctx->i;
+ ctx->link_end = end;
+ ctx->i = end + 1;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int skip_pname(link_ctx *ctx)
+{
+ if (skip_ws(ctx)) {
+ int i;
+ for (i = ctx->i; i < ctx->slen && attr_char(ctx->s[i]); ++i) {
+ /* nop */
+ }
+ if (i > ctx->i) {
+ ctx->i = i;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int skip_pvalue(link_ctx *ctx)
+{
+ if (skip_ws(ctx) && read_chr(ctx, '=')) {
+ if (skip_qstring(ctx) || skip_ptoken(ctx)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int skip_param(link_ctx *ctx)
+{
+ if (skip_ws(ctx) && read_chr(ctx, ';')) {
+ if (skip_pname(ctx)) {
+ skip_pvalue(ctx); /* value is optional */
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int read_sep(link_ctx *ctx)
+{
+ if (skip_ws(ctx) && read_chr(ctx, ',')) {
+ return 1;
+ }
+ return 0;
+}
+
+static size_t subst_str(link_ctx *ctx, int start, int end, const char *ns)
+{
+ int olen, nlen, plen;
+ int delta;
+ char *p;
+
+ olen = end - start;
+ nlen = (int)strlen(ns);
+ delta = nlen - olen;
+ plen = ctx->slen + delta + 1;
+ p = apr_pcalloc(ctx->pool, plen);
+ strncpy(p, ctx->s, start);
+ strncpy(p + start, ns, nlen);
+ strcpy(p + start + nlen, ctx->s + end);
+ ctx->s = p;
+ ctx->slen = (int)strlen(p);
+ if (ctx->i >= end) {
+ ctx->i += delta;
+ }
+ return nlen;
+}
+
+static void map_link(link_ctx *ctx)
+{
+ if (ctx->link_start < ctx->link_end) {
+ char buffer[HUGE_STRING_LEN];
+ int need_len, link_len, buffer_len, prepend_p_server;
+ const char *mapped;
+
+ buffer[0] = '\0';
+ buffer_len = 0;
+ link_len = ctx->link_end - ctx->link_start;
+ need_len = link_len + 1;
+ prepend_p_server = (ctx->s[ctx->link_start] == '/');
+ if (prepend_p_server) {
+ /* common to use relative uris in link header, for mappings
+ * to work need to prefix the backend server uri */
+ need_len += ctx->psu_len;
+ strncpy(buffer, ctx->p_server_uri, sizeof(buffer));
+ buffer_len = ctx->psu_len;
+ }
+ if (need_len > sizeof(buffer)) {
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, ctx->r, APLOGNO(03482)
+ "link_reverse_map uri too long, skipped: %s", ctx->s);
+ return;
+ }
+ strncpy(buffer + buffer_len, ctx->s + ctx->link_start, link_len);
+ buffer_len += link_len;
+ buffer[buffer_len] = '\0';
+ if (!prepend_p_server
+ && strcmp(ctx->real_backend_uri, ctx->p_server_uri)
+ && !strncmp(buffer, ctx->real_backend_uri, ctx->rbu_len)) {
+ /* the server uri and our local proxy uri we use differ, for mapping
+ * to work, we need to use the proxy uri */
+ int path_start = ctx->link_start + ctx->rbu_len;
+ link_len -= ctx->rbu_len;
+ strcpy(buffer, ctx->p_server_uri);
+ strncpy(buffer + ctx->psu_len, ctx->s + path_start, link_len);
+ buffer_len = ctx->psu_len + link_len;
+ buffer[buffer_len] = '\0';
+ }
+ mapped = ap_proxy_location_reverse_map(ctx->r, ctx->conf, buffer);
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, ctx->r,
+ "reverse_map[%s] %s --> %s", ctx->p_server_uri, buffer, mapped);
+ if (mapped != buffer) {
+ if (prepend_p_server) {
+ if (ctx->server_uri == NULL) {
+ ctx->server_uri = ap_construct_url(ctx->pool, "", ctx->r);
+ ctx->su_len = (int)strlen(ctx->server_uri);
+ }
+ if (!strncmp(mapped, ctx->server_uri, ctx->su_len)) {
+ mapped += ctx->su_len;
+ }
+ }
+ subst_str(ctx, ctx->link_start, ctx->link_end, mapped);
+ }
+ }
+}
+
+/* RFC 5988 <https://tools.ietf.org/html/rfc5988#section-6.2.1>
+ Link = "Link" ":" #link-value
+ link-value = "<" URI-Reference ">" *( ";" link-param )
+ link-param = ( ( "rel" "=" relation-types )
+ | ( "anchor" "=" <"> URI-Reference <"> )
+ | ( "rev" "=" relation-types )
+ | ( "hreflang" "=" Language-Tag )
+ | ( "media" "=" ( MediaDesc | ( <"> MediaDesc <"> ) ) )
+ | ( "title" "=" quoted-string )
+ | ( "title*" "=" ext-value )
+ | ( "type" "=" ( media-type | quoted-mt ) )
+ | ( link-extension ) )
+ link-extension = ( parmname [ "=" ( ptoken | quoted-string ) ] )
+ | ( ext-name-star "=" ext-value )
+ ext-name-star = parmname "*" ; reserved for RFC2231-profiled
+ ; extensions. Whitespace NOT
+ ; allowed in between.
+ ptoken = 1*ptokenchar
+ ptokenchar = "!" | "#" | "$" | "%" | "&" | "'" | "("
+ | ")" | "*" | "+" | "-" | "." | "/" | DIGIT
+ | ":" | "<" | "=" | ">" | "?" | "@" | ALPHA
+ | "[" | "]" | "^" | "_" | "`" | "{" | "|"
+ | "}" | "~"
+ media-type = type-name "/" subtype-name
+ quoted-mt = <"> media-type <">
+ relation-types = relation-type
+ | <"> relation-type *( 1*SP relation-type ) <">
+ relation-type = reg-rel-type | ext-rel-type
+ reg-rel-type = LOALPHA *( LOALPHA | DIGIT | "." | "-" )
+ ext-rel-type = URI
+
+ and from <https://tools.ietf.org/html/rfc5987>
+ parmname = 1*attr-char
+ attr-char = ALPHA / DIGIT
+ / "!" / "#" / "$" / "&" / "+" / "-" / "."
+ / "^" / "_" / "`" / "|" / "~"
+ */
+
+const char *h2_proxy_link_reverse_map(request_rec *r,
+ proxy_dir_conf *conf,
+ const char *real_backend_uri,
+ const char *proxy_server_uri,
+ const char *s)
+{
+ link_ctx ctx;
+
+ if (r->proxyreq != PROXYREQ_REVERSE) {
+ return s;
+ }
+ memset(&ctx, 0, sizeof(ctx));
+ ctx.r = r;
+ ctx.pool = r->pool;
+ ctx.conf = conf;
+ ctx.real_backend_uri = real_backend_uri;
+ ctx.rbu_len = (int)strlen(ctx.real_backend_uri);
+ ctx.p_server_uri = proxy_server_uri;
+ ctx.psu_len = (int)strlen(ctx.p_server_uri);
+ ctx.s = s;
+ ctx.slen = (int)strlen(s);
+ while (read_link(&ctx)) {
+ while (skip_param(&ctx)) {
+ /* nop */
+ }
+ map_link(&ctx);
+ if (!read_sep(&ctx)) {
+ break;
+ }
+ }
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
+ "link_reverse_map %s --> %s", s, ctx.s);
+ return ctx.s;
+}
diff --git a/modules/http2/h2_proxy_util.h b/modules/http2/h2_proxy_util.h
index 98f297f..f90d149 100644
--- a/modules/http2/h2_proxy_util.h
+++ b/modules/http2/h2_proxy_util.h
@@ -19,27 +19,27 @@
/*******************************************************************************
* some debugging/format helpers
******************************************************************************/
-struct h2_request;
+struct h2_proxy_request;
struct nghttp2_frame;
-int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen);
+int h2_proxy_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen);
/*******************************************************************************
* ihash - hash for structs with int identifier
******************************************************************************/
-typedef struct h2_ihash_t h2_ihash_t;
-typedef int h2_ihash_iter_t(void *ctx, void *val);
+typedef struct h2_proxy_ihash_t h2_proxy_ihash_t;
+typedef int h2_proxy_ihash_iter_t(void *ctx, void *val);
/**
* Create a hash for structures that have an identifying int member.
* @param pool the pool to use
* @param offset_of_int the offsetof() the int member in the struct
*/
-h2_ihash_t *h2_ihash_create(apr_pool_t *pool, size_t offset_of_int);
+h2_proxy_ihash_t *h2_proxy_ihash_create(apr_pool_t *pool, size_t offset_of_int);
-size_t h2_ihash_count(h2_ihash_t *ih);
-int h2_ihash_empty(h2_ihash_t *ih);
-void *h2_ihash_get(h2_ihash_t *ih, int id);
+size_t h2_proxy_ihash_count(h2_proxy_ihash_t *ih);
+int h2_proxy_ihash_empty(h2_proxy_ihash_t *ih);
+void *h2_proxy_ihash_get(h2_proxy_ihash_t *ih, int id);
/**
* Iterate over the hash members (without defined order) and invoke
@@ -49,26 +49,26 @@ void *h2_ihash_get(h2_ihash_t *ih, int id);
* @param ctx user supplied data passed into each iteration call
* @return 0 if one iteration returned 0, otherwise != 0
*/
-int h2_ihash_iter(h2_ihash_t *ih, h2_ihash_iter_t *fn, void *ctx);
+int h2_proxy_ihash_iter(h2_proxy_ihash_t *ih, h2_proxy_ihash_iter_t *fn, void *ctx);
-void h2_ihash_add(h2_ihash_t *ih, void *val);
-void h2_ihash_remove(h2_ihash_t *ih, int id);
-void h2_ihash_remove_val(h2_ihash_t *ih, void *val);
-void h2_ihash_clear(h2_ihash_t *ih);
+void h2_proxy_ihash_add(h2_proxy_ihash_t *ih, void *val);
+void h2_proxy_ihash_remove(h2_proxy_ihash_t *ih, int id);
+void h2_proxy_ihash_remove_val(h2_proxy_ihash_t *ih, void *val);
+void h2_proxy_ihash_clear(h2_proxy_ihash_t *ih);
-size_t h2_ihash_shift(h2_ihash_t *ih, void **buffer, size_t max);
-size_t h2_ihash_ishift(h2_ihash_t *ih, int *buffer, size_t max);
+size_t h2_proxy_ihash_shift(h2_proxy_ihash_t *ih, void **buffer, size_t max);
+size_t h2_proxy_ihash_ishift(h2_proxy_ihash_t *ih, int *buffer, size_t max);
/*******************************************************************************
* iqueue - sorted list of int with user defined ordering
******************************************************************************/
-typedef struct h2_iqueue {
+typedef struct h2_proxy_iqueue {
int *elts;
int head;
int nelts;
int nalloc;
apr_pool_t *pool;
-} h2_iqueue;
+} h2_proxy_iqueue;
/**
* Comparator for two int to determine their order.
@@ -81,26 +81,26 @@ typedef struct h2_iqueue {
* < 0: s1 should be sorted before s2
* > 0: s2 should be sorted before s1
*/
-typedef int h2_iq_cmp(int i1, int i2, void *ctx);
+typedef int h2_proxy_iq_cmp(int i1, int i2, void *ctx);
/**
* Allocate a new queue from the pool and initialize.
* @param id the identifier of the queue
* @param pool the memory pool
*/
-h2_iqueue *h2_iq_create(apr_pool_t *pool, int capacity);
+h2_proxy_iqueue *h2_proxy_iq_create(apr_pool_t *pool, int capacity);
/**
* Return != 0 iff there are no tasks in the queue.
* @param q the queue to check
*/
-int h2_iq_empty(h2_iqueue *q);
+int h2_proxy_iq_empty(h2_proxy_iqueue *q);
/**
* Return the number of int in the queue.
* @param q the queue to get size on
*/
-int h2_iq_count(h2_iqueue *q);
+int h2_proxy_iq_count(h2_proxy_iqueue *q);
/**
* Add a stream id to the queue.
@@ -110,7 +110,7 @@ int h2_iq_count(h2_iqueue *q);
* @param cmp the comparator for sorting
* @param ctx user data for comparator
*/
-void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx);
+void h2_proxy_iq_add(h2_proxy_iqueue *q, int sid, h2_proxy_iq_cmp *cmp, void *ctx);
/**
* Remove the stream id from the queue. Return != 0 iff task
@@ -119,12 +119,12 @@ void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx);
* @param sid the stream id to remove
* @return != 0 iff task was found in queue
*/
-int h2_iq_remove(h2_iqueue *q, int sid);
+int h2_proxy_iq_remove(h2_proxy_iqueue *q, int sid);
/**
* Remove all entries in the queue.
*/
-void h2_iq_clear(h2_iqueue *q);
+void h2_proxy_iq_clear(h2_proxy_iqueue *q);
/**
* Sort the stream idqueue again. Call if the task ordering
@@ -134,7 +134,7 @@ void h2_iq_clear(h2_iqueue *q);
* @param cmp the comparator for sorting
* @param ctx user data for the comparator
*/
-void h2_iq_sort(h2_iqueue *q, h2_iq_cmp *cmp, void *ctx);
+void h2_proxy_iq_sort(h2_proxy_iqueue *q, h2_proxy_iq_cmp *cmp, void *ctx);
/**
* Get the first stream id from the queue or NULL if the queue is empty.
@@ -143,39 +143,62 @@ void h2_iq_sort(h2_iqueue *q, h2_iq_cmp *cmp, void *ctx);
* @param q the queue to get the first task from
* @return the first stream id of the queue, 0 if empty
*/
-int h2_iq_shift(h2_iqueue *q);
+int h2_proxy_iq_shift(h2_proxy_iqueue *q);
/*******************************************************************************
* common helpers
******************************************************************************/
-/* h2_log2(n) iff n is a power of 2 */
-unsigned char h2_log2(apr_uint32_t n);
+/* h2_proxy_log2(n) iff n is a power of 2 */
+unsigned char h2_proxy_log2(int n);
/*******************************************************************************
* HTTP/2 header helpers
******************************************************************************/
-void h2_util_camel_case_header(char *s, size_t len);
+void h2_proxy_util_camel_case_header(char *s, size_t len);
int h2_proxy_res_ignore_header(const char *name, size_t len);
/*******************************************************************************
* nghttp2 helpers
******************************************************************************/
-typedef struct h2_ngheader {
+typedef struct h2_proxy_ngheader {
nghttp2_nv *nv;
apr_size_t nvlen;
-} h2_ngheader;
-h2_ngheader *h2_util_ngheader_make_req(apr_pool_t *p,
- const struct h2_request *req);
+} h2_proxy_ngheader;
+h2_proxy_ngheader *h2_proxy_util_nghd_make_req(apr_pool_t *p,
+ const struct h2_proxy_request *req);
/*******************************************************************************
- * h2_request helpers
+ * h2_proxy_request helpers
******************************************************************************/
-struct h2_request *h2_req_create(int id, apr_pool_t *pool, int serialize);
-apr_status_t h2_req_make(struct h2_request *req, apr_pool_t *pool,
- const char *method, const char *scheme,
- const char *authority, const char *path,
- apr_table_t *headers);
-
+typedef struct h2_proxy_request h2_proxy_request;
+
+struct h2_proxy_request {
+ const char *method; /* pseudo header values, see ch. 8.1.2.3 */
+ const char *scheme;
+ const char *authority;
+ const char *path;
+
+ apr_table_t *headers;
+
+ apr_time_t request_time;
+
+ unsigned int chunked : 1; /* iff requst body needs to be forwarded as chunked */
+ unsigned int serialize : 1; /* iff this request is written in HTTP/1.1 serialization */
+};
+
+h2_proxy_request *h2_proxy_req_create(int id, apr_pool_t *pool, int serialize);
+apr_status_t h2_proxy_req_make(h2_proxy_request *req, apr_pool_t *pool,
+ const char *method, const char *scheme,
+ const char *authority, const char *path,
+ apr_table_t *headers);
+/*******************************************************************************
+ * reverse mapping for link headers
+ ******************************************************************************/
+const char *h2_proxy_link_reverse_map(request_rec *r,
+ proxy_dir_conf *conf,
+ const char *real_server_uri,
+ const char *proxy_server_uri,
+ const char *s);
#endif /* defined(__mod_h2__h2_proxy_util__) */
diff --git a/modules/http2/h2_push.c b/modules/http2/h2_push.c
index 977fab5..4330d7a 100644
--- a/modules/http2/h2_push.c
+++ b/modules/http2/h2_push.c
@@ -34,7 +34,7 @@
#include "h2_util.h"
#include "h2_push.h"
#include "h2_request.h"
-#include "h2_response.h"
+#include "h2_headers.h"
#include "h2_session.h"
#include "h2_stream.h"
@@ -58,6 +58,7 @@ static const char *policy_str(h2_push_policy policy)
typedef struct {
const h2_request *req;
+ int push_policy;
apr_pool_t *pool;
apr_array_header_t *pushes;
const char *s;
@@ -162,10 +163,10 @@ static char *mk_str(link_ctx *ctx, size_t end)
if (ctx->i < end) {
return apr_pstrndup(ctx->pool, ctx->s + ctx->i, end - ctx->i);
}
- return "";
+ return (char*)"";
}
-static int read_qstring(link_ctx *ctx, char **ps)
+static int read_qstring(link_ctx *ctx, const char **ps)
{
if (skip_ws(ctx) && read_chr(ctx, '\"')) {
size_t end;
@@ -178,7 +179,7 @@ static int read_qstring(link_ctx *ctx, char **ps)
return 0;
}
-static int read_ptoken(link_ctx *ctx, char **ps)
+static int read_ptoken(link_ctx *ctx, const char **ps)
{
if (skip_ws(ctx)) {
size_t i;
@@ -208,7 +209,7 @@ static int read_link(link_ctx *ctx)
return 0;
}
-static int read_pname(link_ctx *ctx, char **pname)
+static int read_pname(link_ctx *ctx, const char **pname)
{
if (skip_ws(ctx)) {
size_t i;
@@ -224,7 +225,7 @@ static int read_pname(link_ctx *ctx, char **pname)
return 0;
}
-static int read_pvalue(link_ctx *ctx, char **pvalue)
+static int read_pvalue(link_ctx *ctx, const char **pvalue)
{
if (skip_ws(ctx) && read_chr(ctx, '=')) {
if (read_qstring(ctx, pvalue) || read_ptoken(ctx, pvalue)) {
@@ -237,7 +238,7 @@ static int read_pvalue(link_ctx *ctx, char **pvalue)
static int read_param(link_ctx *ctx)
{
if (skip_ws(ctx) && read_chr(ctx, ';')) {
- char *name, *value = "";
+ const char *name, *value = "";
if (read_pname(ctx, &name)) {
read_pvalue(ctx, &value); /* value is optional */
apr_table_setn(ctx->params, name, value);
@@ -336,7 +337,7 @@ static int add_push(link_ctx *ctx)
*/
path = apr_uri_unparse(ctx->pool, &uri, APR_URI_UNP_OMITSITEPART);
push = apr_pcalloc(ctx->pool, sizeof(*push));
- switch (ctx->req->push_policy) {
+ switch (ctx->push_policy) {
case H2_PUSH_HEAD:
method = "HEAD";
break;
@@ -346,13 +347,17 @@ static int add_push(link_ctx *ctx)
}
headers = apr_table_make(ctx->pool, 5);
apr_table_do(set_push_header, headers, ctx->req->headers, NULL);
- req = h2_req_createn(0, ctx->pool, method, ctx->req->scheme,
- ctx->req->authority, path, headers,
- ctx->req->serialize);
+ req = h2_req_create(0, ctx->pool, method, ctx->req->scheme,
+ ctx->req->authority, path, headers,
+ ctx->req->serialize);
/* atm, we do not push on pushes */
- h2_request_end_headers(req, ctx->pool, 1, 0);
+ h2_request_end_headers(req, ctx->pool, 1);
push->req = req;
-
+ if (has_param(ctx, "critical")) {
+ h2_priority *prio = apr_pcalloc(ctx->pool, sizeof(*prio));
+ prio->dependency = H2_DEPENDANT_BEFORE;
+ push->priority = prio;
+ }
if (!ctx->pushes) {
ctx->pushes = apr_array_make(ctx->pool, 5, sizeof(h2_push*));
}
@@ -427,10 +432,10 @@ static int head_iter(void *ctx, const char *key, const char *value)
return 1;
}
-apr_array_header_t *h2_push_collect(apr_pool_t *p, const h2_request *req,
- const h2_response *res)
+apr_array_header_t *h2_push_collect(apr_pool_t *p, const h2_request *req,
+ int push_policy, const h2_headers *res)
{
- if (req && req->push_policy != H2_PUSH_NONE) {
+ if (req && push_policy != H2_PUSH_NONE) {
/* Collect push candidates from the request/response pair.
*
* One source for pushes are "rel=preload" link headers
@@ -444,11 +449,13 @@ apr_array_header_t *h2_push_collect(apr_pool_t *p, const h2_request *req,
memset(&ctx, 0, sizeof(ctx));
ctx.req = req;
+ ctx.push_policy = push_policy;
ctx.pool = p;
apr_table_do(head_iter, &ctx, res->headers, NULL);
if (ctx.pushes) {
- apr_table_setn(res->headers, "push-policy", policy_str(req->push_policy));
+ apr_table_setn(res->headers, "push-policy",
+ policy_str(push_policy));
}
return ctx.pushes;
}
@@ -527,9 +534,9 @@ static unsigned int val_apr_hash(const char *str)
static void calc_apr_hash(h2_push_diary *diary, apr_uint64_t *phash, h2_push *push)
{
apr_uint64_t val;
-#if APR_UINT64MAX > APR_UINT_MAX
- val = (val_apr_hash(push->req->scheme) << 32);
- val ^= (val_apr_hash(push->req->authority) << 16);
+#if APR_UINT64_MAX > UINT_MAX
+ val = ((apr_uint64_t)(val_apr_hash(push->req->scheme)) << 32);
+ val ^= ((apr_uint64_t)(val_apr_hash(push->req->authority)) << 16);
val ^= val_apr_hash(push->req->path);
#else
val = val_apr_hash(push->req->scheme);
@@ -552,7 +559,7 @@ static apr_int32_t ceil_power_of_2(apr_int32_t n)
}
static h2_push_diary *diary_create(apr_pool_t *p, h2_push_digest_type dtype,
- apr_size_t N)
+ int N)
{
h2_push_diary *diary = NULL;
@@ -561,7 +568,7 @@ static h2_push_diary *diary_create(apr_pool_t *p, h2_push_digest_type dtype,
diary->NMax = ceil_power_of_2(N);
diary->N = diary->NMax;
- /* the mask we use in value comparision depends on where we got
+ /* the mask we use in value comparison depends on where we got
* the values from. If we calculate them ourselves, we can use
* the full 64 bits.
* If we set the diary via a compressed golomb set, we have less
@@ -587,7 +594,7 @@ static h2_push_diary *diary_create(apr_pool_t *p, h2_push_digest_type dtype,
return diary;
}
-h2_push_diary *h2_push_diary_create(apr_pool_t *p, apr_size_t N)
+h2_push_diary *h2_push_diary_create(apr_pool_t *p, int N)
{
return diary_create(p, H2_PUSH_DIGEST_SHA256, N);
}
@@ -681,7 +688,7 @@ apr_array_header_t *h2_push_diary_update(h2_session *session, apr_array_header_t
apr_array_header_t *h2_push_collect_update(h2_stream *stream,
const struct h2_request *req,
- const struct h2_response *res)
+ const struct h2_headers *res)
{
h2_session *session = stream->session;
const char *cache_digest = apr_table_get(req->headers, "Cache-Digest");
@@ -698,7 +705,7 @@ apr_array_header_t *h2_push_collect_update(h2_stream *stream,
session->id, cache_digest);
}
}
- pushes = h2_push_collect(stream->pool, req, res);
+ pushes = h2_push_collect(stream->pool, req, stream->push_policy, res);
return h2_push_diary_update(stream->session, pushes);
}
@@ -711,9 +718,9 @@ static apr_int32_t h2_log2inv(unsigned char log2)
typedef struct {
h2_push_diary *diary;
unsigned char log2p;
- apr_uint32_t mask_bits;
- apr_uint32_t delta_bits;
- apr_uint32_t fixed_bits;
+ int mask_bits;
+ int delta_bits;
+ int fixed_bits;
apr_uint64_t fixed_mask;
apr_pool_t *pool;
unsigned char *data;
@@ -812,10 +819,10 @@ static apr_status_t gset_encode_next(gset_encoder *encoder, apr_uint64_t pval)
* @param plen on successful return, the length of the binary data
*/
apr_status_t h2_push_diary_digest_get(h2_push_diary *diary, apr_pool_t *pool,
- apr_uint32_t maxP, const char *authority,
+ int maxP, const char *authority,
const char **pdata, apr_size_t *plen)
{
- apr_size_t nelts, N, i;
+ int nelts, N, i;
unsigned char log2n, log2pmax;
gset_encoder encoder;
apr_uint64_t *hashes;
@@ -965,7 +972,7 @@ apr_status_t h2_push_diary_digest_set(h2_push_diary *diary, const char *authorit
{
gset_decoder decoder;
unsigned char log2n, log2p;
- apr_size_t N, i;
+ int N, i;
apr_pool_t *pool = diary->entries->pool;
h2_push_diary_entry e;
apr_status_t status = APR_SUCCESS;
diff --git a/modules/http2/h2_push.h b/modules/http2/h2_push.h
index 62f5a0a..eb122eb 100644
--- a/modules/http2/h2_push.h
+++ b/modules/http2/h2_push.h
@@ -18,13 +18,14 @@
#include "h2.h"
struct h2_request;
-struct h2_response;
+struct h2_headers;
struct h2_ngheader;
struct h2_session;
struct h2_stream;
typedef struct h2_push {
const struct h2_request *req;
+ h2_priority *priority;
} h2_push;
typedef enum {
@@ -38,8 +39,8 @@ typedef void h2_push_digest_calc(h2_push_diary *diary, apr_uint64_t *phash, h2_p
struct h2_push_diary {
apr_array_header_t *entries;
- apr_size_t NMax; /* Maximum for N, should size change be necessary */
- apr_size_t N; /* Current maximum number of entries, power of 2 */
+ int NMax; /* Maximum for N, should size change be necessary */
+ int N; /* Current maximum number of entries, power of 2 */
apr_uint64_t mask; /* mask for relevant bits */
unsigned int mask_bits; /* number of relevant bits */
const char *authority;
@@ -58,7 +59,8 @@ struct h2_push_diary {
*/
apr_array_header_t *h2_push_collect(apr_pool_t *p,
const struct h2_request *req,
- const struct h2_response *res);
+ int push_policy,
+ const struct h2_headers *res);
/**
* Create a new push diary for the given maximum number of entries.
@@ -67,7 +69,7 @@ apr_array_header_t *h2_push_collect(apr_pool_t *p,
* @param N the max number of entries, rounded up to 2^x
* @return the created diary, might be NULL of max_entries is 0
*/
-h2_push_diary *h2_push_diary_create(apr_pool_t *p, apr_size_t N);
+h2_push_diary *h2_push_diary_create(apr_pool_t *p, int N);
/**
* Filters the given pushes against the diary and returns only those pushes
@@ -81,7 +83,7 @@ apr_array_header_t *h2_push_diary_update(struct h2_session *session, apr_array_h
*/
apr_array_header_t *h2_push_collect_update(struct h2_stream *stream,
const struct h2_request *req,
- const struct h2_response *res);
+ const struct h2_headers *res);
/**
* Get a cache digest as described in
* https://datatracker.ietf.org/doc/draft-kazuho-h2-cache-digest/
@@ -94,7 +96,7 @@ apr_array_header_t *h2_push_collect_update(struct h2_stream *stream,
* @param plen on successful return, the length of the binary data
*/
apr_status_t h2_push_diary_digest_get(h2_push_diary *diary, apr_pool_t *p,
- apr_uint32_t maxP, const char *authority,
+ int maxP, const char *authority,
const char **pdata, apr_size_t *plen);
/**
diff --git a/modules/http2/h2_request.c b/modules/http2/h2_request.c
index d213e16..b6f13c4 100644
--- a/modules/http2/h2_request.c
+++ b/modules/http2/h2_request.c
@@ -30,27 +30,44 @@
#include <scoreboard.h>
#include "h2_private.h"
+#include "h2_config.h"
#include "h2_push.h"
#include "h2_request.h"
#include "h2_util.h"
-static apr_status_t inspect_clen(h2_request *req, const char *s)
+typedef struct {
+ apr_table_t *headers;
+ apr_pool_t *pool;
+} h1_ctx;
+
+static int set_h1_header(void *ctx, const char *key, const char *value)
{
- char *end;
- req->content_length = apr_strtoi64(s, &end, 10);
- return (s == end)? APR_EINVAL : APR_SUCCESS;
+ h1_ctx *x = ctx;
+ size_t klen = strlen(key);
+ if (!h2_req_ignore_header(key, klen)) {
+ h2_headers_add_h1(x->headers, x->pool, key, klen, value, strlen(value));
+ }
+ return 1;
}
-apr_status_t h2_request_rwrite(h2_request *req, apr_pool_t *pool,
- request_rec *r)
+apr_status_t h2_request_rcreate(h2_request **preq, apr_pool_t *pool,
+ request_rec *r)
{
- apr_status_t status;
- const char *scheme, *authority;
+ h2_request *req;
+ const char *scheme, *authority, *path;
+ h1_ctx x;
+ *preq = NULL;
scheme = apr_pstrdup(pool, r->parsed_uri.scheme? r->parsed_uri.scheme
: ap_http_scheme(r));
authority = apr_pstrdup(pool, r->hostname);
+ path = apr_uri_unparse(pool, &r->parsed_uri, APR_URI_UNP_OMITSITEPART);
+
+ if (!r->method || !scheme || !r->hostname || !path) {
+ return APR_EINVAL;
+ }
+
if (!ap_strchr_c(authority, ':') && r->server && r->server->port) {
apr_port_t defport = apr_uri_port_of_scheme(scheme);
if (defport != r->server->port) {
@@ -60,11 +77,23 @@ apr_status_t h2_request_rwrite(h2_request *req, apr_pool_t *pool,
}
}
- status = h2_req_make(req, pool, apr_pstrdup(pool, r->method), scheme,
- authority, apr_uri_unparse(pool, &r->parsed_uri,
- APR_URI_UNP_OMITSITEPART),
- r->headers_in);
- return status;
+ req = apr_pcalloc(pool, sizeof(*req));
+ req->method = apr_pstrdup(pool, r->method);
+ req->scheme = scheme;
+ req->authority = authority;
+ req->path = path;
+ req->headers = apr_table_make(pool, 10);
+ if (r->server) {
+ req->serialize = h2_config_geti(h2_config_sget(r->server),
+ H2_CONF_SER_HEADERS);
+ }
+
+ x.pool = pool;
+ x.headers = req->headers;
+ apr_table_do(set_h1_header, &x, r->headers_in, NULL);
+
+ *preq = req;
+ return APR_SUCCESS;
}
apr_status_t h2_request_add_header(h2_request *req, apr_pool_t *pool,
@@ -82,8 +111,7 @@ apr_status_t h2_request_add_header(h2_request *req, apr_pool_t *pool,
if (!apr_is_empty_table(req->headers)) {
ap_log_perror(APLOG_MARK, APLOG_ERR, 0, pool,
APLOGNO(02917)
- "h2_request(%d): pseudo header after request start",
- req->id);
+ "h2_request: pseudo header after request start");
return APR_EGENERAL;
}
@@ -109,8 +137,8 @@ apr_status_t h2_request_add_header(h2_request *req, apr_pool_t *pool,
strncpy(buffer, name, (nlen > 31)? 31 : nlen);
ap_log_perror(APLOG_MARK, APLOG_WARNING, 0, pool,
APLOGNO(02954)
- "h2_request(%d): ignoring unknown pseudo header %s",
- req->id, buffer);
+ "h2_request: ignoring unknown pseudo header %s",
+ buffer);
}
}
else {
@@ -121,16 +149,10 @@ apr_status_t h2_request_add_header(h2_request *req, apr_pool_t *pool,
return status;
}
-apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool,
- int eos, int push)
+apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos)
{
const char *s;
- if (req->eoh) {
- /* already done */
- return APR_SUCCESS;
- }
-
/* rfc7540, ch. 8.1.2.3:
* - if we have :authority, it overrides any Host header
* - :authority MUST be ommited when converting h1->h2, so we
@@ -147,18 +169,8 @@ apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool,
}
s = apr_table_get(req->headers, "Content-Length");
- if (s) {
- if (inspect_clen(req, s) != APR_SUCCESS) {
- ap_log_perror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, pool,
- APLOGNO(02959)
- "h2_request(%d): content-length value not parsed: %s",
- req->id, s);
- return APR_EINVAL;
- }
- }
- else {
+ if (!s) {
/* no content-length given */
- req->content_length = -1;
if (!eos) {
/* We have not seen a content-length and have no eos,
* simulate a chunked encoding for our HTTP/1.1 infrastructure,
@@ -168,68 +180,16 @@ apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool,
apr_table_mergen(req->headers, "Transfer-Encoding", "chunked");
}
else if (apr_table_get(req->headers, "Content-Type")) {
- /* If we have a content-type, but already see eos, no more
+ /* If we have a content-type, but already seen eos, no more
* data will come. Signal a zero content length explicitly.
*/
apr_table_setn(req->headers, "Content-Length", "0");
}
}
- req->eoh = 1;
- h2_push_policy_determine(req, pool, push);
-
- /* In the presence of trailers, force behaviour of chunked encoding */
- s = apr_table_get(req->headers, "Trailer");
- if (s && s[0]) {
- req->trailers = apr_table_make(pool, 5);
- if (!req->chunked) {
- req->chunked = 1;
- apr_table_mergen(req->headers, "Transfer-Encoding", "chunked");
- }
- }
-
- return APR_SUCCESS;
-}
-
-static apr_status_t add_h1_trailer(h2_request *req, apr_pool_t *pool,
- const char *name, size_t nlen,
- const char *value, size_t vlen)
-{
- char *hname, *hvalue;
-
- if (h2_req_ignore_trailer(name, nlen)) {
- return APR_SUCCESS;
- }
-
- hname = apr_pstrndup(pool, name, nlen);
- hvalue = apr_pstrndup(pool, value, vlen);
- h2_util_camel_case_header(hname, nlen);
-
- apr_table_mergen(req->trailers, hname, hvalue);
-
return APR_SUCCESS;
}
-
-apr_status_t h2_request_add_trailer(h2_request *req, apr_pool_t *pool,
- const char *name, size_t nlen,
- const char *value, size_t vlen)
-{
- if (!req->trailers) {
- ap_log_perror(APLOG_MARK, APLOG_DEBUG, APR_EINVAL, pool, APLOGNO(03059)
- "h2_request(%d): unanounced trailers",
- req->id);
- return APR_EINVAL;
- }
- if (nlen == 0 || name[0] == ':') {
- ap_log_perror(APLOG_MARK, APLOG_DEBUG, APR_EINVAL, pool, APLOGNO(03060)
- "h2_request(%d): pseudo header in trailer",
- req->id);
- return APR_EINVAL;
- }
- return add_h1_trailer(req, pool, name, nlen, value, vlen);
-}
-
h2_request *h2_request_clone(apr_pool_t *p, const h2_request *src)
{
h2_request *dst = apr_pmemdup(p, src, sizeof(*dst));
@@ -238,25 +198,24 @@ h2_request *h2_request_clone(apr_pool_t *p, const h2_request *src)
dst->authority = apr_pstrdup(p, src->authority);
dst->path = apr_pstrdup(p, src->path);
dst->headers = apr_table_clone(p, src->headers);
- if (src->trailers) {
- dst->trailers = apr_table_clone(p, src->trailers);
- }
return dst;
}
-request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
+request_rec *h2_request_create_rec(const h2_request *req, conn_rec *c)
{
- request_rec *r;
- apr_pool_t *p;
int access_status = HTTP_OK;
-
- apr_pool_create(&p, conn->pool);
+ const char *rpath;
+ apr_pool_t *p;
+ request_rec *r;
+ const char *s;
+
+ apr_pool_create(&p, c->pool);
apr_pool_tag(p, "request");
r = apr_pcalloc(p, sizeof(request_rec));
- AP_READ_REQUEST_ENTRY((intptr_t)r, (uintptr_t)conn);
+ AP_READ_REQUEST_ENTRY((intptr_t)r, (uintptr_t)c);
r->pool = p;
- r->connection = conn;
- r->server = conn->base_server;
+ r->connection = c;
+ r->server = c->base_server;
r->user = NULL;
r->ap_auth_type = NULL;
@@ -274,9 +233,9 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
r->request_config = ap_create_request_config(r->pool);
/* Must be set before we run create request hook */
- r->proto_output_filters = conn->output_filters;
+ r->proto_output_filters = c->output_filters;
r->output_filters = r->proto_output_filters;
- r->proto_input_filters = conn->input_filters;
+ r->proto_input_filters = c->input_filters;
r->input_filters = r->proto_input_filters;
ap_run_create_request(r);
r->per_dir_config = r->server->lookup_defaults;
@@ -295,10 +254,10 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
*/
r->used_path_info = AP_REQ_DEFAULT_PATH_INFO;
- r->useragent_addr = conn->client_addr;
- r->useragent_ip = conn->client_ip;
+ r->useragent_addr = c->client_addr;
+ r->useragent_ip = c->client_ip;
- ap_run_pre_read_request(r, conn);
+ ap_run_pre_read_request(r, c);
/* Time to populate r with the data we have. */
r->request_time = req->request_time;
@@ -309,12 +268,13 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
r->header_only = 1;
}
- ap_parse_uri(r, req->path);
- r->protocol = "HTTP/2.0";
+ rpath = (req->path ? req->path : "");
+ ap_parse_uri(r, rpath);
+ r->protocol = (char*)"HTTP/2.0";
r->proto_num = HTTP_VERSION(2, 0);
r->the_request = apr_psprintf(r->pool, "%s %s %s",
- r->method, req->path, r->protocol);
+ r->method, rpath, r->protocol);
/* update what we think the virtual host is based on the headers we've
* now read. may update status.
@@ -327,6 +287,17 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
/* we may have switched to another server */
r->per_dir_config = r->server->lookup_defaults;
+ s = apr_table_get(r->headers_in, "Expect");
+ if (s && s[0]) {
+ if (ap_cstr_casecmp(s, "100-continue") == 0) {
+ r->expecting_100 = 1;
+ }
+ else {
+ r->status = HTTP_EXPECTATION_FAILED;
+ ap_send_error_response(r, 0);
+ }
+ }
+
/*
* Add the HTTP_IN filter here to ensure that ap_discard_request_body
* called by ap_die and by ap_send_error_response works correctly on
@@ -341,16 +312,16 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *conn)
/* Request check post hooks failed. An example of this would be a
* request for a vhost where h2 is disabled --> 421.
*/
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, conn, APLOGNO()
- "h2_request(%d): access_status=%d, request_create failed",
- req->id, access_status);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(03367)
+ "h2_request: access_status=%d, request_create failed",
+ access_status);
ap_die(access_status, r);
- ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
+ ap_update_child_status(c->sbh, SERVER_BUSY_LOG, r);
ap_run_log_transaction(r);
r = NULL;
goto traceout;
}
-
+
AP_READ_REQUEST_SUCCESS((uintptr_t)r, (char *)r->method,
(char *)r->uri, (char *)r->server->defn_name,
r->status);
diff --git a/modules/http2/h2_request.h b/modules/http2/h2_request.h
index ba48f4a..faf9791 100644
--- a/modules/http2/h2_request.h
+++ b/modules/http2/h2_request.h
@@ -18,8 +18,8 @@
#include "h2.h"
-apr_status_t h2_request_rwrite(h2_request *req, apr_pool_t *pool,
- request_rec *r);
+apr_status_t h2_request_rcreate(h2_request **preq, apr_pool_t *pool,
+ request_rec *r);
apr_status_t h2_request_add_header(h2_request *req, apr_pool_t *pool,
const char *name, size_t nlen,
@@ -29,8 +29,7 @@ apr_status_t h2_request_add_trailer(h2_request *req, apr_pool_t *pool,
const char *name, size_t nlen,
const char *value, size_t vlen);
-apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool,
- int eos, int push);
+apr_status_t h2_request_end_headers(h2_request *req, apr_pool_t *pool, int eos);
h2_request *h2_request_clone(apr_pool_t *p, const h2_request *src);
diff --git a/modules/http2/h2_response.c b/modules/http2/h2_response.c
deleted file mode 100644
index 4cafd35..0000000
--- a/modules/http2/h2_response.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
-
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <assert.h>
-#include <stdio.h>
-
-#include <apr_strings.h>
-
-#include <httpd.h>
-#include <http_core.h>
-#include <http_log.h>
-#include <util_time.h>
-
-#include <nghttp2/nghttp2.h>
-
-#include "h2_private.h"
-#include "h2_filter.h"
-#include "h2_h2.h"
-#include "h2_util.h"
-#include "h2_request.h"
-#include "h2_response.h"
-
-
-static apr_table_t *parse_headers(apr_array_header_t *hlines, apr_pool_t *pool)
-{
- if (hlines) {
- apr_table_t *headers = apr_table_make(pool, hlines->nelts);
- int i;
-
- for (i = 0; i < hlines->nelts; ++i) {
- char *hline = ((char **)hlines->elts)[i];
- char *sep = ap_strchr(hline, ':');
- if (!sep) {
- ap_log_perror(APLOG_MARK, APLOG_WARNING, APR_EINVAL, pool,
- APLOGNO(02955) "h2_response: invalid header[%d] '%s'",
- i, (char*)hline);
- /* not valid format, abort */
- return NULL;
- }
- (*sep++) = '\0';
- while (*sep == ' ' || *sep == '\t') {
- ++sep;
- }
-
- if (!h2_util_ignore_header(hline)) {
- apr_table_merge(headers, hline, sep);
- }
- }
- return headers;
- }
- else {
- return apr_table_make(pool, 0);
- }
-}
-
-static const char *get_sos_filter(apr_table_t *notes)
-{
- return notes? apr_table_get(notes, H2_RESP_SOS_NOTE) : NULL;
-}
-
-static void check_clen(h2_response *response, request_rec *r, apr_pool_t *pool)
-{
-
- if (r && r->header_only) {
- response->content_length = 0;
- }
- else if (response->headers) {
- const char *s = apr_table_get(response->headers, "Content-Length");
- if (s) {
- char *end;
- response->content_length = apr_strtoi64(s, &end, 10);
- if (s == end) {
- ap_log_perror(APLOG_MARK, APLOG_WARNING, APR_EINVAL,
- pool, APLOGNO(02956)
- "h2_response: content-length"
- " value not parsed: %s", s);
- response->content_length = -1;
- }
- }
- }
-}
-
-static h2_response *h2_response_create_int(int stream_id,
- int rst_error,
- int http_status,
- apr_table_t *headers,
- apr_table_t *notes,
- apr_pool_t *pool)
-{
- h2_response *response;
-
- if (!headers) {
- return NULL;
- }
-
- response = apr_pcalloc(pool, sizeof(h2_response));
- if (response == NULL) {
- return NULL;
- }
-
- response->stream_id = stream_id;
- response->rst_error = rst_error;
- response->http_status = http_status? http_status : 500;
- response->content_length = -1;
- response->headers = headers;
- response->sos_filter = get_sos_filter(notes);
-
- check_clen(response, NULL, pool);
- return response;
-}
-
-
-h2_response *h2_response_create(int stream_id,
- int rst_error,
- int http_status,
- apr_array_header_t *hlines,
- apr_table_t *notes,
- apr_pool_t *pool)
-{
- return h2_response_create_int(stream_id, rst_error, http_status,
- parse_headers(hlines, pool), notes, pool);
-}
-
-h2_response *h2_response_rcreate(int stream_id, request_rec *r,
- apr_table_t *header, apr_pool_t *pool)
-{
- h2_response *response = apr_pcalloc(pool, sizeof(h2_response));
- if (response == NULL) {
- return NULL;
- }
-
- response->stream_id = stream_id;
- response->http_status = r->status;
- response->content_length = -1;
- response->headers = header;
- response->sos_filter = get_sos_filter(r->notes);
-
- check_clen(response, r, pool);
-
- if (response->http_status == HTTP_FORBIDDEN) {
- const char *cause = apr_table_get(r->notes, "ssl-renegotiate-forbidden");
- if (cause) {
- /* This request triggered a TLS renegotiation that is now allowed
- * in HTTP/2. Tell the client that it should use HTTP/1.1 for this.
- */
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, response->http_status, r,
- APLOGNO(03061)
- "h2_response(%ld-%d): renegotiate forbidden, cause: %s",
- (long)r->connection->id, stream_id, cause);
- response->rst_error = H2_ERR_HTTP_1_1_REQUIRED;
- }
- }
-
- return response;
-}
-
-h2_response *h2_response_die(int stream_id, apr_status_t type,
- const struct h2_request *req, apr_pool_t *pool)
-{
- apr_table_t *headers = apr_table_make(pool, 5);
- char *date = NULL;
- int status = (type >= 200 && type < 600)? type : 500;
-
- date = apr_palloc(pool, APR_RFC822_DATE_LEN);
- ap_recent_rfc822_date(date, req->request_time);
- apr_table_setn(headers, "Date", date);
- apr_table_setn(headers, "Server", ap_get_server_banner());
-
- return h2_response_create_int(stream_id, 0, status, headers, NULL, pool);
-}
-
-h2_response *h2_response_clone(apr_pool_t *pool, h2_response *from)
-{
- h2_response *to = apr_pcalloc(pool, sizeof(h2_response));
-
- to->stream_id = from->stream_id;
- to->http_status = from->http_status;
- to->content_length = from->content_length;
- to->sos_filter = from->sos_filter;
- if (from->headers) {
- to->headers = apr_table_clone(pool, from->headers);
- }
- if (from->trailers) {
- to->trailers = apr_table_clone(pool, from->trailers);
- }
- return to;
-}
-
-void h2_response_set_trailers(h2_response *response, apr_table_t *trailers)
-{
- response->trailers = trailers;
-}
-
diff --git a/modules/http2/h2_response.h b/modules/http2/h2_response.h
deleted file mode 100644
index ca57c53..0000000
--- a/modules/http2/h2_response.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
-
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __mod_h2__h2_response__
-#define __mod_h2__h2_response__
-
-#include "h2.h"
-
-/**
- * Create the response from the status and parsed header lines.
- * @param stream_id id of the stream to create the response for
- * @param rst_error error for reset or 0
- * @param http_status http status code of response
- * @param hlines the text lines of the response header
- * @param pool the memory pool to use
- */
-h2_response *h2_response_create(int stream_id,
- int rst_error,
- int http_status,
- apr_array_header_t *hlines,
- apr_table_t *notes,
- apr_pool_t *pool);
-
-/**
- * Create the response from the given request_rec.
- * @param stream_id id of the stream to create the response for
- * @param r the request record which was processed
- * @param header the headers of the response
- * @param pool the memory pool to use
- */
-h2_response *h2_response_rcreate(int stream_id, request_rec *r,
- apr_table_t *header, apr_pool_t *pool);
-
-/**
- * Create the response for the given error.
- * @param stream_id id of the stream to create the response for
- * @param type the error code
- * @param req the original h2_request
- * @param pool the memory pool to use
- */
-h2_response *h2_response_die(int stream_id, apr_status_t type,
- const struct h2_request *req, apr_pool_t *pool);
-
-/**
- * Deep copies the response into a new pool.
- * @param pool the pool to use for the clone
- * @param from the response to clone
- * @return the cloned response
- */
-h2_response *h2_response_clone(apr_pool_t *pool, h2_response *from);
-
-/**
- * Set the trailers in the reponse. Will replace any existing trailers. Will
- * *not* clone the table.
- *
- * @param response the repsone to set the trailers for
- * @param trailers the trailers to set
- */
-void h2_response_set_trailers(h2_response *response, apr_table_t *trailers);
-
-#endif /* defined(__mod_h2__h2_response__) */
diff --git a/modules/http2/h2_session.c b/modules/http2/h2_session.c
index 598df17..44eed63 100644
--- a/modules/http2/h2_session.c
+++ b/modules/http2/h2_session.c
@@ -38,9 +38,8 @@
#include "h2_mplx.h"
#include "h2_push.h"
#include "h2_request.h"
-#include "h2_response.h"
+#include "h2_headers.h"
#include "h2_stream.h"
-#include "h2_from_h1.h"
#include "h2_task.h"
#include "h2_session.h"
#include "h2_util.h"
@@ -75,7 +74,6 @@ static apr_status_t h2_session_receive(void *ctx,
const char *data, apr_size_t len,
apr_size_t *readlen);
-static int is_accepting_streams(h2_session *session);
static void dispatch_event(h2_session *session, h2_session_event_t ev,
int err, const char *msg);
@@ -84,7 +82,6 @@ apr_status_t h2_session_stream_done(h2_session *session, h2_stream *stream)
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
"h2_stream(%ld-%d): EOS bucket cleanup -> done",
session->id, stream->id);
- h2_ihash_remove(session->streams, stream->id);
h2_mplx_stream_done(session->mplx, stream);
dispatch_event(session, H2_SESSION_EV_STREAM_DONE, 0, NULL);
@@ -96,10 +93,9 @@ typedef struct stream_sel_ctx {
h2_stream *candidate;
} stream_sel_ctx;
-static int find_cleanup_stream(void *udata, void *sdata)
+static int find_cleanup_stream(h2_stream *stream, void *ictx)
{
- stream_sel_ctx *ctx = udata;
- h2_stream *stream = sdata;
+ stream_sel_ctx *ctx = ictx;
if (H2_STREAM_CLIENT_INITIATED(stream->id)) {
if (!ctx->session->local.accepting
&& stream->id > ctx->session->local.accepted_max) {
@@ -123,7 +119,7 @@ static void cleanup_streams(h2_session *session)
ctx.session = session;
ctx.candidate = NULL;
while (1) {
- h2_ihash_iter(session->streams, find_cleanup_stream, &ctx);
+ h2_mplx_stream_do(session->mplx, find_cleanup_stream, &ctx);
if (ctx.candidate) {
h2_session_stream_done(session, ctx.candidate);
ctx.candidate = NULL;
@@ -144,9 +140,12 @@ h2_stream *h2_session_open_stream(h2_session *session, int stream_id,
apr_pool_tag(stream_pool, "h2_stream");
stream = h2_stream_open(stream_id, stream_pool, session,
- initiated_on, req);
+ initiated_on);
nghttp2_session_set_stream_user_data(session->ngh2, stream_id, stream);
- h2_ihash_add(session->streams, stream);
+
+ if (req) {
+ h2_stream_set_request(stream, req);
+ }
if (H2_STREAM_CLIENT_INITIATED(stream_id)) {
if (stream_id > session->remote.emitted_max) {
@@ -285,11 +284,6 @@ static int on_data_chunk_recv_cb(nghttp2_session *ngh2, uint8_t flags,
int rv;
(void)flags;
- if (!is_accepting_streams(session)) {
- /* ignore */
- return 0;
- }
-
stream = get_stream(session, stream_id);
if (!stream) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03064)
@@ -398,14 +392,9 @@ static int on_header_cb(nghttp2_session *ngh2, const nghttp2_frame *frame,
apr_status_t status;
(void)flags;
- if (!is_accepting_streams(session)) {
- /* just ignore */
- return 0;
- }
-
stream = get_stream(session, frame->hd.stream_id);
if (!stream) {
- ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, session->c,
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c,
APLOGNO(02920)
"h2_session: stream(%ld-%d): on_header unknown stream",
session->id, (int)frame->hd.stream_id);
@@ -414,7 +403,14 @@ static int on_header_cb(nghttp2_session *ngh2, const nghttp2_frame *frame,
status = h2_stream_add_header(stream, (const char *)name, namelen,
(const char *)value, valuelen);
- if (status != APR_SUCCESS && !stream->response) {
+ if (status == APR_ECONNRESET) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, session->c,
+ "h2-stream(%ld-%d): on_header, reset stream",
+ session->id, stream->id);
+ nghttp2_submit_rst_stream(ngh2, NGHTTP2_FLAG_NONE, stream->id,
+ NGHTTP2_INTERNAL_ERROR);
+ }
+ else if (status != APR_SUCCESS && !h2_stream_is_ready(stream)) {
return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
}
return 0;
@@ -511,7 +507,7 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
session->id, (int)frame->hd.stream_id,
(int)frame->rst_stream.error_code);
stream = get_stream(session, frame->hd.stream_id);
- if (stream && stream->request && stream->request->initiated_on) {
+ if (stream && stream->initiated_on) {
++session->pushes_reset;
}
else {
@@ -519,9 +515,16 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
}
break;
case NGHTTP2_GOAWAY:
- session->remote.accepted_max = frame->goaway.last_stream_id;
- session->remote.error = frame->goaway.error_code;
- dispatch_event(session, H2_SESSION_EV_REMOTE_GOAWAY, 0, NULL);
+ if (frame->goaway.error_code == 0
+ && frame->goaway.last_stream_id == ((1u << 31) - 1)) {
+ /* shutdown notice. Should not come from a client... */
+ session->remote.accepting = 0;
+ }
+ else {
+ session->remote.accepted_max = frame->goaway.last_stream_id;
+ dispatch_event(session, H2_SESSION_EV_REMOTE_GOAWAY,
+ frame->goaway.error_code, NULL);
+ }
break;
default:
if (APLOGctrace2(session->c)) {
@@ -608,6 +611,7 @@ static int on_send_data_cb(nghttp2_session *ngh2,
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, session->c,
"h2_stream(%ld-%d): send_data_cb, reading stream",
session->id, (int)stream_id);
+ apr_brigade_cleanup(session->bbtmp);
return NGHTTP2_ERR_CALLBACK_FAILURE;
}
else if (len != length) {
@@ -615,6 +619,7 @@ static int on_send_data_cb(nghttp2_session *ngh2,
"h2_stream(%ld-%d): send_data_cb, wanted %ld bytes, "
"got %ld from stream",
session->id, (int)stream_id, (long)length, (long)len);
+ apr_brigade_cleanup(session->bbtmp);
return NGHTTP2_ERR_CALLBACK_FAILURE;
}
@@ -625,10 +630,11 @@ static int on_send_data_cb(nghttp2_session *ngh2,
}
status = h2_conn_io_pass(&session->io, session->bbtmp);
-
apr_brigade_cleanup(session->bbtmp);
+
if (status == APR_SUCCESS) {
- stream->data_frames_sent++;
+ stream->out_data_frames++;
+ stream->out_data_octets += length;
return 0;
}
else {
@@ -658,6 +664,27 @@ static int on_frame_send_cb(nghttp2_session *ngh2,
return 0;
}
+#ifdef H2_NG2_INVALID_HEADER_CB
+static int on_invalid_header_cb(nghttp2_session *ngh2,
+ const nghttp2_frame *frame,
+ const uint8_t *name, size_t namelen,
+ const uint8_t *value, size_t valuelen,
+ uint8_t flags, void *user_data)
+{
+ h2_session *session = user_data;
+ if (APLOGcdebug(session->c)) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03456)
+ "h2_session(%ld-%d): denying stream with invalid header "
+ "'%s: %s'", session->id, (int)frame->hd.stream_id,
+ apr_pstrndup(session->pool, (const char *)name, namelen),
+ apr_pstrndup(session->pool, (const char *)value, valuelen));
+ }
+ return nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE,
+ frame->hd.stream_id,
+ NGHTTP2_PROTOCOL_ERROR);
+}
+#endif
+
#define NGH2_SET_CALLBACK(callbacks, name, fn)\
nghttp2_session_callbacks_set_##name##_callback(callbacks, fn)
@@ -680,15 +707,16 @@ static apr_status_t init_callbacks(conn_rec *c, nghttp2_session_callbacks **pcb)
NGH2_SET_CALLBACK(*pcb, on_header, on_header_cb);
NGH2_SET_CALLBACK(*pcb, send_data, on_send_data_cb);
NGH2_SET_CALLBACK(*pcb, on_frame_send, on_frame_send_cb);
-
+#ifdef H2_NG2_INVALID_HEADER_CB
+ NGH2_SET_CALLBACK(*pcb, on_invalid_header, on_invalid_header_cb);
+#endif
return APR_SUCCESS;
}
static void h2_session_destroy(h2_session *session)
{
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
- h2_ihash_clear(session->streams);
if (session->mplx) {
h2_mplx_set_consumed_cb(session->mplx, NULL, NULL);
h2_mplx_release_and_join(session->mplx, session->iowait);
@@ -714,12 +742,35 @@ static void h2_session_destroy(h2_session *session)
}
}
+static apr_status_t h2_session_shutdown_notice(h2_session *session)
+{
+ apr_status_t status;
+
+ ap_assert(session);
+ if (!session->local.accepting) {
+ return APR_SUCCESS;
+ }
+
+ nghttp2_submit_shutdown_notice(session->ngh2);
+ session->local.accepting = 0;
+ status = nghttp2_session_send(session->ngh2);
+ if (status == APR_SUCCESS) {
+ status = h2_conn_io_flush(&session->io);
+ }
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03457)
+ "session(%ld): sent shutdown notice", session->id);
+ return status;
+}
+
static apr_status_t h2_session_shutdown(h2_session *session, int error,
const char *msg, int force_close)
{
apr_status_t status = APR_SUCCESS;
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
+ if (session->local.shutdown) {
+ return APR_SUCCESS;
+ }
if (!msg && error) {
msg = nghttp2_strerror(error);
}
@@ -743,6 +794,8 @@ static apr_status_t h2_session_shutdown(h2_session *session, int error,
nghttp2_submit_goaway(session->ngh2, NGHTTP2_FLAG_NONE,
session->local.accepted_max,
error, (uint8_t*)msg, msg? strlen(msg):0);
+ session->local.accepting = 0;
+ session->local.shutdown = 1;
status = nghttp2_session_send(session->ngh2);
if (status == APR_SUCCESS) {
status = h2_conn_io_flush(&session->io);
@@ -753,6 +806,7 @@ static apr_status_t h2_session_shutdown(h2_session *session, int error,
dispatch_event(session, H2_SESSION_EV_LOCAL_GOAWAY, error, msg);
if (force_close) {
+ apr_brigade_cleanup(session->bbtmp);
h2_mplx_abort(session->mplx);
}
@@ -772,8 +826,7 @@ static apr_status_t session_pool_cleanup(void *data)
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
"session(%ld): pool_cleanup", session->id);
- if (session->state != H2_SESSION_ST_DONE
- && session->state != H2_SESSION_ST_LOCAL_SHUTDOWN) {
+ if (session->state != H2_SESSION_ST_DONE) {
/* Not good. The connection is being torn down and we have
* not sent a goaway. This is considered a protocol error and
* the client has to assume that any streams "in flight" may have
@@ -877,8 +930,6 @@ static h2_session *h2_session_create_int(conn_rec *c,
return NULL;
}
- session->streams = h2_ihash_create(session->pool,
- offsetof(h2_stream, id));
session->mplx = h2_mplx_create(c, session->pool, session->config,
session->s->timeout, workers);
@@ -984,7 +1035,7 @@ static apr_status_t h2_session_start(h2_session *session, int *rv)
size_t slen;
int win_size;
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
/* Start the conversation by submitting our SETTINGS frame */
*rv = 0;
if (session->r) {
@@ -1031,7 +1082,7 @@ static apr_status_t h2_session_start(h2_session *session, int *rv)
return status;
}
- status = h2_stream_set_request(stream, session->r);
+ status = h2_stream_set_request_rec(stream, session->r);
if (status != APR_SUCCESS) {
return status;
}
@@ -1087,6 +1138,10 @@ static apr_status_t h2_session_start(h2_session *session, int *rv)
return status;
}
+static apr_status_t on_stream_headers(h2_session *session, h2_stream *stream,
+ h2_headers *headers, apr_off_t len,
+ int eos);
+
static ssize_t stream_data_cb(nghttp2_session *ng2s,
int32_t stream_id,
uint8_t *buf,
@@ -1100,7 +1155,7 @@ static ssize_t stream_data_cb(nghttp2_session *ng2s,
int eos = 0;
apr_status_t status;
h2_stream *stream;
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
/* The session wants to send more DATA for the stream. We need
* to find out how much of the requested length we can send without
@@ -1120,10 +1175,8 @@ static ssize_t stream_data_cb(nghttp2_session *ng2s,
session->id, (int)stream_id);
return NGHTTP2_ERR_CALLBACK_FAILURE;
}
-
- AP_DEBUG_ASSERT(!h2_stream_is_suspended(stream));
-
- status = h2_stream_out_prepare(stream, &nread, &eos);
+
+ status = h2_stream_out_prepare(stream, &nread, &eos, NULL);
if (nread) {
*data_flags |= NGHTTP2_DATA_FLAG_NO_COPY;
}
@@ -1142,7 +1195,6 @@ static ssize_t stream_data_cb(nghttp2_session *ng2s,
* it. Remember at our h2_stream that we need to do this.
*/
nread = 0;
- h2_mplx_suspend_stream(session->mplx, stream->id);
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03071)
"h2_stream(%ld-%d): suspending",
session->id, (int)stream_id);
@@ -1157,34 +1209,11 @@ static ssize_t stream_data_cb(nghttp2_session *ng2s,
}
if (eos) {
- apr_table_t *trailers = h2_stream_get_trailers(stream);
- if (trailers && !apr_is_empty_table(trailers)) {
- h2_ngheader *nh;
- int rv;
-
- nh = h2_util_ngheader_make(stream->pool, trailers);
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03072)
- "h2_stream(%ld-%d): submit %d trailers",
- session->id, (int)stream_id,(int) nh->nvlen);
- rv = nghttp2_submit_trailer(ng2s, stream->id, nh->nv, nh->nvlen);
- if (rv < 0) {
- nread = rv;
- }
- *data_flags |= NGHTTP2_DATA_FLAG_NO_END_STREAM;
- }
-
*data_flags |= NGHTTP2_DATA_FLAG_EOF;
}
-
return (ssize_t)nread;
}
-typedef struct {
- nghttp2_nv *nv;
- size_t nvlen;
- size_t offset;
-} nvctx_t;
-
struct h2_stream *h2_session_push(h2_session *session, h2_stream *is,
h2_push *push)
{
@@ -1211,6 +1240,7 @@ struct h2_stream *h2_session_push(h2_session *session, h2_stream *is,
stream = h2_session_open_stream(session, nid, is->id, push->req);
if (stream) {
+ h2_session_set_prio(session, stream, push->priority);
status = stream_schedule(session, stream, 1);
if (status != APR_SUCCESS) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, session->c,
@@ -1249,6 +1279,10 @@ apr_status_t h2_session_set_prio(h2_session *session, h2_stream *stream,
#ifdef H2_NG2_CHANGE_PRIO
nghttp2_stream *s_grandpa, *s_parent, *s;
+ if (prio == NULL) {
+ /* we treat this as a NOP */
+ return APR_SUCCESS;
+ }
s = nghttp2_session_find_stream(session->ngh2, stream->id);
if (!s) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
@@ -1260,8 +1294,9 @@ apr_status_t h2_session_set_prio(h2_session *session, h2_stream *stream,
s_parent = nghttp2_stream_get_parent(s);
if (s_parent) {
nghttp2_priority_spec ps;
- int id_parent, id_grandpa, w_parent, w, rv = 0;
- char *ptype = "AFTER";
+ int id_parent, id_grandpa, w_parent, w;
+ int rv = 0;
+ const char *ptype = "AFTER";
h2_dependency dep = prio->dependency;
id_parent = nghttp2_stream_get_stream_id(s_parent);
@@ -1379,63 +1414,49 @@ static apr_status_t h2_session_send(h2_session *session)
}
/**
- * A stream was resumed as new output data arrived.
- */
-static apr_status_t on_stream_resume(void *ctx, int stream_id)
-{
- h2_session *session = ctx;
- h2_stream *stream = get_stream(session, stream_id);
- apr_status_t status = APR_SUCCESS;
-
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
- "h2_stream(%ld-%d): on_resume", session->id, stream_id);
- if (stream) {
- int rv = nghttp2_session_resume_data(session->ngh2, stream_id);
- session->have_written = 1;
- ap_log_cerror(APLOG_MARK, nghttp2_is_fatal(rv)?
- APLOG_ERR : APLOG_DEBUG, 0, session->c,
- APLOGNO(02936)
- "h2_stream(%ld-%d): resuming %s",
- session->id, stream->id, rv? nghttp2_strerror(rv) : "");
- }
- return status;
-}
-
-/**
- * A response for the stream is ready.
+ * headers for the stream are ready.
*/
-static apr_status_t on_stream_response(void *ctx, int stream_id)
+static apr_status_t on_stream_headers(h2_session *session, h2_stream *stream,
+ h2_headers *headers, apr_off_t len,
+ int eos)
{
- h2_session *session = ctx;
- h2_stream *stream = get_stream(session, stream_id);
apr_status_t status = APR_SUCCESS;
- h2_response *response;
int rv = 0;
- AP_DEBUG_ASSERT(session);
+ ap_assert(session);
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
- "h2_stream(%ld-%d): on_response", session->id, stream_id);
- if (!stream) {
- return APR_NOTFOUND;
+ "h2_stream(%ld-%d): on_headers", session->id, stream->id);
+ if (headers->status < 100) {
+ int err = H2_STREAM_RST(stream, headers->status);
+ rv = nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE,
+ stream->id, err);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c,
+ "h2_stream(%ld-%d): unpexected header status %d, stream rst",
+ session->id, stream->id, headers->status);
+ goto leave;
}
-
- response = h2_stream_get_response(stream);
- AP_DEBUG_ASSERT(response || stream->rst_error);
-
- if (stream->submitted) {
- rv = NGHTTP2_PROTOCOL_ERROR;
+ else if (stream->has_response) {
+ h2_ngheader *nh;
+
+ nh = h2_util_ngheader_make(stream->pool, headers->headers);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03072)
+ "h2_stream(%ld-%d): submit %d trailers",
+ session->id, (int)stream->id,(int) nh->nvlen);
+ rv = nghttp2_submit_trailer(session->ngh2, stream->id, nh->nv, nh->nvlen);
+ goto leave;
}
- else if (response && response->headers) {
+ else {
nghttp2_data_provider provider, *pprovider = NULL;
h2_ngheader *ngh;
- const h2_priority *prio;
+ apr_table_t *hout;
+ const char *note;
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03073)
"h2_stream(%ld-%d): submit response %d, REMOTE_WINDOW_SIZE=%u",
- session->id, stream->id, response->http_status,
+ session->id, stream->id, headers->status,
(unsigned int)nghttp2_session_get_stream_remote_window_size(session->ngh2, stream->id));
- if (response->content_length != 0) {
+ if (!eos || len > 0) {
memset(&provider, 0, sizeof(provider));
provider.source.fd = stream->id;
provider.read_callback = stream_data_cb;
@@ -1444,7 +1465,7 @@ static apr_status_t on_stream_response(void *ctx, int stream_id)
/* If this stream is not a pushed one itself,
* and HTTP/2 server push is enabled here,
- * and the response is in the range 200-299 *),
+ * and the response HTTP status is not sth >= 400,
* and the remote side has pushing enabled,
* -> find and perform any pushes on this stream
* *before* we submit the stream response itself.
@@ -1452,50 +1473,64 @@ static apr_status_t on_stream_response(void *ctx, int stream_id)
* headers that get pushed right afterwards.
*
* *) the response code is relevant, as we do not want to
- * make pushes on 401 or 403 codes, neiterh on 301/302
- * and friends. And if we see a 304, we do not push either
+ * make pushes on 401 or 403 codes and friends.
+ * And if we see a 304, we do not push either
* as the client, having this resource in its cache, might
* also have the pushed ones as well.
*/
- if (stream->request && !stream->request->initiated_on
- && H2_HTTP_2XX(response->http_status)
+ if (!stream->initiated_on
+ && !stream->has_response
+ && stream->request && stream->request->method
+ && !strcmp("GET", stream->request->method)
+ && (headers->status < 400)
+ && (headers->status != 304)
&& h2_session_push_enabled(session)) {
- h2_stream_submit_pushes(stream);
+ h2_stream_submit_pushes(stream, headers);
+ }
+
+ if (!stream->pref_priority) {
+ stream->pref_priority = h2_stream_get_priority(stream, headers);
}
+ h2_session_set_prio(session, stream, stream->pref_priority);
- prio = h2_stream_get_priority(stream);
- if (prio) {
- h2_session_set_prio(session, stream, prio);
- /* no showstopper if that fails for some reason */
+ hout = headers->headers;
+ note = apr_table_get(headers->notes, H2_FILTER_DEBUG_NOTE);
+ if (note && !strcmp("on", note)) {
+ int32_t connFlowIn, connFlowOut;
+
+ connFlowIn = nghttp2_session_get_effective_local_window_size(session->ngh2);
+ connFlowOut = nghttp2_session_get_remote_window_size(session->ngh2);
+ hout = apr_table_clone(stream->pool, hout);
+ apr_table_setn(hout, "conn-flow-in",
+ apr_itoa(stream->pool, connFlowIn));
+ apr_table_setn(hout, "conn-flow-out",
+ apr_itoa(stream->pool, connFlowOut));
}
- ngh = h2_util_ngheader_make_res(stream->pool, response->http_status,
- response->headers);
- rv = nghttp2_submit_response(session->ngh2, response->stream_id,
+ if (headers->status == 103
+ && !h2_config_geti(session->config, H2_CONF_EARLY_HINTS)) {
+ /* suppress sending this to the client, it might have triggered
+ * pushes and served its purpose nevertheless */
+ rv = 0;
+ goto leave;
+ }
+
+ ngh = h2_util_ngheader_make_res(stream->pool, headers->status, hout);
+ rv = nghttp2_submit_response(session->ngh2, stream->id,
ngh->nv, ngh->nvlen, pprovider);
- }
- else {
- int err = H2_STREAM_RST(stream, H2_ERR_PROTOCOL_ERROR);
+ stream->has_response = h2_headers_are_response(headers);
+ session->have_written = 1;
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03074)
- "h2_stream(%ld-%d): RST_STREAM, err=%d",
- session->id, stream->id, err);
-
- rv = nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE,
- stream->id, err);
- }
-
- stream->submitted = 1;
- session->have_written = 1;
-
- if (stream->request && stream->request->initiated_on) {
- ++session->pushes_submitted;
- }
- else {
- ++session->responses_submitted;
+ if (stream->initiated_on) {
+ ++session->pushes_submitted;
+ }
+ else {
+ ++session->responses_submitted;
+ }
}
+leave:
if (nghttp2_is_fatal(rv)) {
status = APR_EGENERAL;
dispatch_event(session, H2_SESSION_EV_PROTO_ERROR, rv, nghttp2_strerror(rv));
@@ -1520,6 +1555,56 @@ static apr_status_t on_stream_response(void *ctx, int stream_id)
return status;
}
+/**
+ * A stream was resumed as new response/output data arrived.
+ */
+static apr_status_t on_stream_resume(void *ctx, h2_stream *stream)
+{
+ h2_session *session = ctx;
+ apr_status_t status = APR_EAGAIN;
+ int rv;
+ apr_off_t len = 0;
+ int eos = 0;
+ h2_headers *headers;
+
+ ap_assert(stream);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
+ "h2_stream(%ld-%d): on_resume", session->id, stream->id);
+
+send_headers:
+ headers = NULL;
+ status = h2_stream_out_prepare(stream, &len, &eos, &headers);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, session->c,
+ "h2_stream(%ld-%d): prepared len=%ld, eos=%d",
+ session->id, stream->id, (long)len, eos);
+ if (headers) {
+ status = on_stream_headers(session, stream, headers, len, eos);
+ if (status != APR_SUCCESS || stream->rst_error) {
+ return status;
+ }
+ goto send_headers;
+ }
+ else if (status != APR_EAGAIN) {
+ if (!stream->has_response) {
+ int err = H2_STREAM_RST(stream, H2_ERR_PROTOCOL_ERROR);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03466)
+ "h2_stream(%ld-%d): no response, RST_STREAM, err=%d",
+ session->id, stream->id, err);
+ nghttp2_submit_rst_stream(session->ngh2, NGHTTP2_FLAG_NONE,
+ stream->id, err);
+ return APR_SUCCESS;
+ }
+ rv = nghttp2_session_resume_data(session->ngh2, stream->id);
+ session->have_written = 1;
+ ap_log_cerror(APLOG_MARK, nghttp2_is_fatal(rv)?
+ APLOG_ERR : APLOG_DEBUG, 0, session->c,
+ APLOGNO(02936)
+ "h2_stream(%ld-%d): resuming %s",
+ session->id, stream->id, rv? nghttp2_strerror(rv) : "");
+ }
+ return status;
+}
+
static apr_status_t h2_session_receive(void *ctx, const char *data,
apr_size_t len, apr_size_t *readlen)
{
@@ -1533,7 +1618,7 @@ static apr_status_t h2_session_receive(void *ctx, const char *data,
n = nghttp2_session_mem_recv(session->ngh2, (const uint8_t *)data, len);
if (n < 0) {
if (nghttp2_is_fatal((int)n)) {
- dispatch_event(session, H2_SESSION_EV_PROTO_ERROR, (int)n, nghttp2_strerror(n));
+ dispatch_event(session, H2_SESSION_EV_PROTO_ERROR, (int)n, nghttp2_strerror((int)n));
return APR_EGENERAL;
}
}
@@ -1566,7 +1651,7 @@ static apr_status_t h2_session_read(h2_session *session, int block)
/* successful read, reset our idle timers */
rstatus = APR_SUCCESS;
if (block) {
- /* successfull blocked read, try unblocked to
+ /* successful blocked read, try unblocked to
* get more. */
block = 0;
}
@@ -1600,9 +1685,6 @@ static apr_status_t h2_session_read(h2_session *session, int block)
* status. */
return rstatus;
}
- if (!is_accepting_streams(session)) {
- break;
- }
if ((session->io.bytes_read - read_start) > (64*1024)) {
/* read enough in one go, give write a chance */
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, c,
@@ -1613,48 +1695,12 @@ static apr_status_t h2_session_read(h2_session *session, int block)
return rstatus;
}
-static int unsubmitted_iter(void *ctx, void *val)
-{
- h2_stream *stream = val;
- if (h2_stream_needs_submit(stream)) {
- *((int *)ctx) = 1;
- return 0;
- }
- return 1;
-}
-
-static int has_unsubmitted_streams(h2_session *session)
-{
- int has_unsubmitted = 0;
- h2_ihash_iter(session->streams, unsubmitted_iter, &has_unsubmitted);
- return has_unsubmitted;
-}
-
-static int suspended_iter(void *ctx, void *val)
-{
- h2_stream *stream = val;
- if (h2_stream_is_suspended(stream)) {
- *((int *)ctx) = 1;
- return 0;
- }
- return 1;
-}
-
-static int has_suspended_streams(h2_session *session)
-{
- int has_suspended = 0;
- h2_ihash_iter(session->streams, suspended_iter, &has_suspended);
- return has_suspended;
-}
-
static const char *StateNames[] = {
"INIT", /* H2_SESSION_ST_INIT */
"DONE", /* H2_SESSION_ST_DONE */
"IDLE", /* H2_SESSION_ST_IDLE */
"BUSY", /* H2_SESSION_ST_BUSY */
"WAIT", /* H2_SESSION_ST_WAIT */
- "LSHUTDOWN", /* H2_SESSION_ST_LOCAL_SHUTDOWN */
- "RSHUTDOWN", /* H2_SESSION_ST_REMOTE_SHUTDOWN */
};
static const char *state_name(h2_session_state state)
@@ -1665,18 +1711,6 @@ static const char *state_name(h2_session_state state)
return StateNames[state];
}
-static int is_accepting_streams(h2_session *session)
-{
- switch (session->state) {
- case H2_SESSION_ST_IDLE:
- case H2_SESSION_ST_BUSY:
- case H2_SESSION_ST_WAIT:
- return 1;
- default:
- return 0;
- }
-}
-
static void update_child_status(h2_session *session, int status, const char *msg)
{
/* Assume that we also change code/msg when something really happened and
@@ -1698,7 +1732,12 @@ static void update_child_status(h2_session *session, int status, const char *msg
static void transit(h2_session *session, const char *action, h2_session_state nstate)
{
if (session->state != nstate) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03078)
+ int loglvl = APLOG_DEBUG;
+ if ((session->state == H2_SESSION_ST_BUSY && nstate == H2_SESSION_ST_WAIT)
+ || (session->state == H2_SESSION_ST_WAIT && nstate == H2_SESSION_ST_BUSY)){
+ loglvl = APLOG_TRACE1;
+ }
+ ap_log_cerror(APLOG_MARK, loglvl, 0, session->c, APLOGNO(03078)
"h2_session(%ld): transit [%s] -- %s --> [%s]", session->id,
state_name(session->state), action, state_name(nstate));
session->state = nstate;
@@ -1708,12 +1747,6 @@ static void transit(h2_session *session, const char *action, h2_session_state ns
SERVER_BUSY_KEEPALIVE
: SERVER_BUSY_READ), "idle");
break;
- case H2_SESSION_ST_REMOTE_SHUTDOWN:
- update_child_status(session, SERVER_CLOSING, "remote goaway");
- break;
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- update_child_status(session, SERVER_CLOSING, "local goaway");
- break;
case H2_SESSION_ST_DONE:
update_child_status(session, SERVER_CLOSING, "done");
break;
@@ -1738,39 +1771,22 @@ static void h2_session_ev_init(h2_session *session, int arg, const char *msg)
static void h2_session_ev_local_goaway(h2_session *session, int arg, const char *msg)
{
- session->local.accepting = 0;
cleanup_streams(session);
- switch (session->state) {
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- /* already did that? */
- break;
- case H2_SESSION_ST_IDLE:
- case H2_SESSION_ST_REMOTE_SHUTDOWN:
- /* all done */
- transit(session, "local goaway", H2_SESSION_ST_DONE);
- break;
- default:
- transit(session, "local goaway", H2_SESSION_ST_LOCAL_SHUTDOWN);
- break;
+ if (!session->remote.shutdown) {
+ update_child_status(session, SERVER_CLOSING, "local goaway");
}
+ transit(session, "local goaway", H2_SESSION_ST_DONE);
}
static void h2_session_ev_remote_goaway(h2_session *session, int arg, const char *msg)
{
- session->remote.accepting = 0;
- cleanup_streams(session);
- switch (session->state) {
- case H2_SESSION_ST_REMOTE_SHUTDOWN:
- /* already received that? */
- break;
- case H2_SESSION_ST_IDLE:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- /* all done */
- transit(session, "remote goaway", H2_SESSION_ST_DONE);
- break;
- default:
- transit(session, "remote goaway", H2_SESSION_ST_REMOTE_SHUTDOWN);
- break;
+ if (!session->remote.shutdown) {
+ session->remote.error = arg;
+ session->remote.accepting = 0;
+ session->remote.shutdown = 1;
+ cleanup_streams(session);
+ update_child_status(session, SERVER_CLOSING, "remote goaway");
+ transit(session, "remote goaway", H2_SESSION_ST_DONE);
}
}
@@ -1779,7 +1795,6 @@ static void h2_session_ev_conn_error(h2_session *session, int arg, const char *m
switch (session->state) {
case H2_SESSION_ST_INIT:
case H2_SESSION_ST_DONE:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
/* just leave */
transit(session, "conn error", H2_SESSION_ST_DONE);
break;
@@ -1794,31 +1809,18 @@ static void h2_session_ev_conn_error(h2_session *session, int arg, const char *m
static void h2_session_ev_proto_error(h2_session *session, int arg, const char *msg)
{
- switch (session->state) {
- case H2_SESSION_ST_DONE:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- /* just leave */
- transit(session, "proto error", H2_SESSION_ST_DONE);
- break;
-
- default:
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03402)
- "h2_session(%ld): proto error -> shutdown", session->id);
- h2_session_shutdown(session, arg, msg, 0);
- break;
+ if (!session->local.shutdown) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03402)
+ "h2_session(%ld): proto error -> shutdown", session->id);
+ h2_session_shutdown(session, arg, msg, 0);
}
}
static void h2_session_ev_conn_timeout(h2_session *session, int arg, const char *msg)
{
- switch (session->state) {
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- transit(session, "conn timeout", H2_SESSION_ST_DONE);
- break;
- default:
- h2_session_shutdown(session, arg, msg, 1);
- transit(session, "conn timeout", H2_SESSION_ST_DONE);
- break;
+ transit(session, msg, H2_SESSION_ST_DONE);
+ if (!session->local.shutdown) {
+ h2_session_shutdown(session, arg, msg, 1);
}
}
@@ -1826,8 +1828,6 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
{
switch (session->state) {
case H2_SESSION_ST_BUSY:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- case H2_SESSION_ST_REMOTE_SHUTDOWN:
/* Nothing to READ, nothing to WRITE on the master connection.
* Possible causes:
* - we wait for the client to send us sth
@@ -1837,9 +1837,9 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
"h2_session(%ld): NO_IO event, %d streams open",
session->id, session->open_streams);
+ h2_conn_io_flush(&session->io);
if (session->open_streams > 0) {
- if (has_unsubmitted_streams(session)
- || has_suspended_streams(session)) {
+ if (h2_mplx_awaits_data(session->mplx)) {
/* waiting for at least one stream to produce data */
transit(session, "no io", H2_SESSION_ST_WAIT);
}
@@ -1860,7 +1860,7 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
}
}
}
- else if (is_accepting_streams(session)) {
+ else if (session->local.accepting) {
/* When we have no streams, but accept new, switch to idle */
apr_time_t now = apr_time_now();
transit(session, "no io (keepalive)", H2_SESSION_ST_IDLE);
@@ -1923,26 +1923,17 @@ static void h2_session_ev_mpm_stopping(h2_session *session, int arg, const char
{
switch (session->state) {
case H2_SESSION_ST_DONE:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
/* nop */
break;
default:
- h2_session_shutdown(session, arg, msg, 0);
+ h2_session_shutdown_notice(session);
break;
}
}
static void h2_session_ev_pre_close(h2_session *session, int arg, const char *msg)
{
- switch (session->state) {
- case H2_SESSION_ST_DONE:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- /* nop */
- break;
- default:
- h2_session_shutdown(session, arg, msg, 1);
- break;
- }
+ h2_session_shutdown(session, arg, msg, 1);
}
static void h2_session_ev_stream_open(h2_session *session, int arg, const char *msg)
@@ -2030,6 +2021,7 @@ static void dispatch_event(h2_session *session, h2_session_event_t ev,
}
if (session->state == H2_SESSION_ST_DONE) {
+ apr_brigade_cleanup(session->bbtmp);
h2_mplx_abort(session->mplx);
}
}
@@ -2052,14 +2044,14 @@ apr_status_t h2_session_process(h2_session *session, int async)
c->cs->state = CONN_STATE_WRITE_COMPLETION;
}
- while (1) {
+ while (session->state != H2_SESSION_ST_DONE) {
trace = APLOGctrace3(c);
session->have_read = session->have_written = 0;
- if (!ap_mpm_query(AP_MPMQ_MPM_STATE, &mpm_state)) {
+ if (session->local.accepting
+ && !ap_mpm_query(AP_MPMQ_MPM_STATE, &mpm_state)) {
if (mpm_state == AP_MPMQ_STOPPING) {
dispatch_event(session, H2_SESSION_EV_MPM_STOPPING, 0, NULL);
- break;
}
}
@@ -2088,6 +2080,7 @@ apr_status_t h2_session_process(h2_session *session, int async)
case H2_SESSION_ST_IDLE:
/* make certain, we send everything before we idle */
+ h2_conn_io_flush(&session->io);
if (!session->keep_sync_until && async && !session->open_streams
&& !session->r && session->remote.emitted_count) {
if (trace) {
@@ -2174,12 +2167,18 @@ apr_status_t h2_session_process(h2_session *session, int async)
}
/* continue reading handling */
}
+ else if (APR_STATUS_IS_ECONNABORTED(status)
+ || APR_STATUS_IS_ECONNRESET(status)
+ || APR_STATUS_IS_EOF(status)
+ || APR_STATUS_IS_EBADF(status)) {
+ ap_log_cerror( APLOG_MARK, APLOG_TRACE3, status, c,
+ "h2_session(%ld): input gone", session->id);
+ dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, NULL);
+ }
else {
- if (trace) {
- ap_log_cerror( APLOG_MARK, APLOG_TRACE3, status, c,
- "h2_session(%ld): idle(1 sec timeout) "
- "read failed", session->id);
- }
+ ap_log_cerror( APLOG_MARK, APLOG_TRACE3, status, c,
+ "h2_session(%ld): idle(1 sec timeout) "
+ "read failed", session->id);
dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, "error");
}
}
@@ -2187,8 +2186,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
break;
case H2_SESSION_ST_BUSY:
- case H2_SESSION_ST_LOCAL_SHUTDOWN:
- case H2_SESSION_ST_REMOTE_SHUTDOWN:
if (nghttp2_session_want_read(session->ngh2)) {
ap_update_child_status(session->c->sbh, SERVER_BUSY_READ, NULL);
h2_filter_cin_timeout_set(session->cin, session->s->timeout);
@@ -2212,7 +2209,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
/* trigger window updates, stream resumes and submits */
status = h2_mplx_dispatch_master_events(session->mplx,
on_stream_resume,
- on_stream_response,
session);
if (status != APR_SUCCESS) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, c,
@@ -2247,21 +2243,11 @@ apr_status_t h2_session_process(h2_session *session, int async)
case H2_SESSION_ST_WAIT:
if (session->wait_us <= 0) {
session->wait_us = 10;
- session->start_wait = apr_time_now();
if (h2_conn_io_flush(&session->io) != APR_SUCCESS) {
dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, NULL);
break;
}
}
- else if ((apr_time_now() - session->start_wait) >= session->s->timeout) {
- /* waited long enough */
- if (trace) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE3, APR_TIMEUP, c,
- "h2_session: wait for data");
- }
- dispatch_event(session, H2_SESSION_EV_CONN_TIMEOUT, 0, "timeout");
- break;
- }
else {
/* repeating, increase timer for graceful backoff */
session->wait_us = H2MIN(session->wait_us*2, MAX_WAIT_MICROS);
@@ -2281,7 +2267,7 @@ apr_status_t h2_session_process(h2_session *session, int async)
else if (APR_STATUS_IS_TIMEUP(status)) {
/* go back to checking all inputs again */
transit(session, "wait cycle", session->local.accepting?
- H2_SESSION_ST_BUSY : H2_SESSION_ST_LOCAL_SHUTDOWN);
+ H2_SESSION_ST_BUSY : H2_SESSION_ST_DONE);
}
else if (APR_STATUS_IS_ECONNRESET(status)
|| APR_STATUS_IS_ECONNABORTED(status)) {
@@ -2297,10 +2283,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
}
break;
- case H2_SESSION_ST_DONE:
- status = APR_EOF;
- goto out;
-
default:
ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, c,
APLOGNO(03080)
@@ -2330,11 +2312,12 @@ out:
&& (APR_STATUS_IS_EOF(status)
|| APR_STATUS_IS_ECONNRESET(status)
|| APR_STATUS_IS_ECONNABORTED(status))) {
- dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, NULL);
- }
+ dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, NULL);
+ }
- status = (session->state == H2_SESSION_ST_DONE)? APR_EOF : APR_SUCCESS;
+ status = APR_SUCCESS;
if (session->state == H2_SESSION_ST_DONE) {
+ status = APR_EOF;
if (!session->eoc_written) {
session->eoc_written = 1;
h2_conn_io_write_eoc(&session->io, session);
@@ -2348,6 +2331,7 @@ apr_status_t h2_session_pre_close(h2_session *session, int async)
{
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
"h2_session(%ld): pre_close", session->id);
- dispatch_event(session, H2_SESSION_EV_PRE_CLOSE, 0, "timeout");
+ dispatch_event(session, H2_SESSION_EV_PRE_CLOSE, 0,
+ (session->state == H2_SESSION_ST_IDLE)? "timeout" : NULL);
return APR_SUCCESS;
}
diff --git a/modules/http2/h2_session.h b/modules/http2/h2_session.h
index c5c5b7a..69b7a59 100644
--- a/modules/http2/h2_session.h
+++ b/modules/http2/h2_session.h
@@ -31,7 +31,7 @@
* New incoming HEADER frames are converted into a h2_stream+h2_task instance
* that both represent a HTTP/2 stream, but may have separate lifetimes. This
* allows h2_task to be scheduled in other threads without semaphores
- * all over the place. It allows task memory to be freed independant of
+ * all over the place. It allows task memory to be freed independent of
* session lifetime and sessions may close down while tasks are still running.
*
*
@@ -49,7 +49,6 @@ struct h2_mplx;
struct h2_priority;
struct h2_push;
struct h2_push_diary;
-struct h2_response;
struct h2_session;
struct h2_stream;
struct h2_task;
@@ -87,7 +86,6 @@ typedef struct h2_session {
struct h2_workers *workers; /* for executing stream tasks */
struct h2_filter_cin *cin; /* connection input filter context */
h2_conn_io io; /* io on httpd conn filters */
- struct h2_ihash_t *streams; /* streams handled by this session */
struct nghttp2_session *ngh2; /* the nghttp2 session (internal use) */
h2_session_state state; /* state session is in */
@@ -100,7 +98,7 @@ typedef struct h2_session {
unsigned int flush : 1; /* flushing output necessary */
unsigned int have_read : 1; /* session has read client data */
unsigned int have_written : 1; /* session did write data to client */
- apr_interval_time_t wait_us; /* timout during BUSY_WAIT state, micro secs */
+ apr_interval_time_t wait_us; /* timeout during BUSY_WAIT state, micro secs */
struct h2_push_diary *push_diary; /* remember pushes, avoid duplicates */
@@ -120,7 +118,6 @@ typedef struct h2_session {
apr_size_t max_stream_count; /* max number of open streams */
apr_size_t max_stream_mem; /* max buffer memory for a single stream */
- apr_time_t start_wait; /* Time we started waiting for sth. to happen */
apr_time_t idle_until; /* Time we shut down due to sheer boredom */
apr_time_t keep_sync_until; /* Time we sync wait until passing to async mpm */
@@ -157,7 +154,7 @@ h2_session *h2_session_rcreate(request_rec *r, struct h2_ctx *ctx,
/**
* Process the given HTTP/2 session until it is ended or a fatal
- * error occured.
+ * error occurred.
*
* @param session the sessionm to process
*/
@@ -176,7 +173,7 @@ apr_status_t h2_session_pre_close(h2_session *session, int async);
void h2_session_eoc_callback(h2_session *session);
/**
- * Called when a serious error occured and the session needs to terminate
+ * Called when a serious error occurred and the session needs to terminate
* without further connection io.
* @param session the session to abort
* @param reason the apache status that caused the abort
@@ -188,11 +185,6 @@ void h2_session_abort(h2_session *session, apr_status_t reason);
*/
void h2_session_close(h2_session *session);
-/* Start submitting the response to a stream request. This is possible
- * once we have all the response headers. */
-apr_status_t h2_session_handle_response(h2_session *session,
- struct h2_stream *stream);
-
/**
* Create and register a new stream under the given id.
*
diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c
index a7a6764..3f30949 100644
--- a/modules/http2/h2_stream.c
+++ b/modules/http2/h2_stream.c
@@ -16,6 +16,8 @@
#include <assert.h>
#include <stddef.h>
+#include <apr_strings.h>
+
#include <httpd.h>
#include <http_core.h>
#include <http_connection.h>
@@ -29,11 +31,10 @@
#include "h2_conn.h"
#include "h2_config.h"
#include "h2_h2.h"
-#include "h2_filter.h"
#include "h2_mplx.h"
#include "h2_push.h"
#include "h2_request.h"
-#include "h2_response.h"
+#include "h2_headers.h"
#include "h2_session.h"
#include "h2_stream.h"
#include "h2_task.h"
@@ -53,7 +54,7 @@ static int state_transition[][7] = {
/*CL*/{ 1, 1, 0, 0, 1, 1, 1 },
};
-static void H2_STREAM_OUT_LOG(int lvl, h2_stream *s, char *tag)
+static void H2_STREAM_OUT_LOG(int lvl, h2_stream *s, const char *tag)
{
if (APLOG_C_IS_LEVEL(s->session->c, lvl)) {
conn_rec *c = s->session->c;
@@ -61,9 +62,9 @@ static void H2_STREAM_OUT_LOG(int lvl, h2_stream *s, char *tag)
const char *line = "(null)";
apr_size_t len, bmax = sizeof(buffer)/sizeof(buffer[0]);
- len = h2_util_bb_print(buffer, bmax, tag, "", s->buffer);
- ap_log_cerror(APLOG_MARK, lvl, 0, c, "bb_dump(%ld-%d): %s",
- c->id, s->id, len? buffer : line);
+ len = h2_util_bb_print(buffer, bmax, tag, "", s->out_buffer);
+ ap_log_cerror(APLOG_MARK, lvl, 0, c, "bb_dump(%s): %s",
+ c->log_id, len? buffer : line);
}
}
@@ -150,15 +151,29 @@ static int output_open(h2_stream *stream)
}
}
+static void prep_output(h2_stream *stream) {
+ conn_rec *c = stream->session->c;
+ if (!stream->out_buffer) {
+ stream->out_buffer = apr_brigade_create(stream->pool, c->bucket_alloc);
+ }
+}
+
+static void prepend_response(h2_stream *stream, h2_headers *response)
+{
+ conn_rec *c = stream->session->c;
+ apr_bucket *b;
+
+ prep_output(stream);
+ b = h2_bucket_headers_create(c->bucket_alloc, response);
+ APR_BRIGADE_INSERT_HEAD(stream->out_buffer, b);
+}
+
static apr_status_t stream_pool_cleanup(void *ctx)
{
h2_stream *stream = ctx;
apr_status_t status;
- if (stream->input) {
- h2_beam_destroy(stream->input);
- stream->input = NULL;
- }
+ ap_assert(stream->can_be_cleaned);
if (stream->files) {
apr_file_t *file;
int i;
@@ -175,29 +190,22 @@ static apr_status_t stream_pool_cleanup(void *ctx)
}
h2_stream *h2_stream_open(int id, apr_pool_t *pool, h2_session *session,
- int initiated_on, const h2_request *creq)
+ int initiated_on)
{
- h2_request *req;
h2_stream *stream = apr_pcalloc(pool, sizeof(h2_stream));
- stream->id = id;
- stream->state = H2_STREAM_ST_IDLE;
- stream->pool = pool;
- stream->session = session;
- set_state(stream, H2_STREAM_ST_OPEN);
+ stream->id = id;
+ stream->initiated_on = initiated_on;
+ stream->created = apr_time_now();
+ stream->state = H2_STREAM_ST_IDLE;
+ stream->pool = pool;
+ stream->session = session;
+ stream->can_be_cleaned = 1;
- if (creq) {
- /* take it into out pool and assure correct id's */
- req = h2_request_clone(pool, creq);
- req->id = id;
- req->initiated_on = initiated_on;
- }
- else {
- req = h2_req_create(id, pool,
- h2_config_geti(session->config, H2_CONF_SER_HEADERS));
- }
- stream->request = req;
+ h2_beam_create(&stream->input, pool, id, "input", H2_BEAM_OWNER_SEND, 0);
+ h2_beam_create(&stream->output, pool, id, "output", H2_BEAM_OWNER_RECV, 0);
+ set_state(stream, H2_STREAM_ST_OPEN);
apr_pool_cleanup_register(pool, stream, stream_pool_cleanup,
apr_pool_cleanup_null);
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03082)
@@ -207,31 +215,35 @@ h2_stream *h2_stream_open(int id, apr_pool_t *pool, h2_session *session,
void h2_stream_cleanup(h2_stream *stream)
{
- AP_DEBUG_ASSERT(stream);
- if (stream->buffer) {
- apr_brigade_cleanup(stream->buffer);
- }
- if (stream->input) {
- apr_status_t status;
- status = h2_beam_shutdown(stream->input, APR_NONBLOCK_READ, 1);
- if (status == APR_EAGAIN) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, stream->session->c,
- "h2_stream(%ld-%d): wait on input shutdown",
- stream->session->id, stream->id);
- status = h2_beam_shutdown(stream->input, APR_BLOCK_READ, 1);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, stream->session->c,
- "h2_stream(%ld-%d): input shutdown returned",
- stream->session->id, stream->id);
- }
+ apr_status_t status;
+
+ ap_assert(stream);
+ if (stream->out_buffer) {
+ /* remove any left over output buckets that may still have
+ * references into request pools */
+ apr_brigade_cleanup(stream->out_buffer);
+ }
+ h2_beam_abort(stream->input);
+ status = h2_beam_wait_empty(stream->input, APR_NONBLOCK_READ);
+ if (status == APR_EAGAIN) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, stream->session->c,
+ "h2_stream(%ld-%d): wait on input drain",
+ stream->session->id, stream->id);
+ status = h2_beam_wait_empty(stream->input, APR_BLOCK_READ);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, stream->session->c,
+ "h2_stream(%ld-%d): input drain returned",
+ stream->session->id, stream->id);
}
}
void h2_stream_destroy(h2_stream *stream)
{
- AP_DEBUG_ASSERT(stream);
+ ap_assert(stream);
+ ap_assert(!h2_mplx_stream_get(stream->session->mplx, stream->id));
ap_log_cerror(APLOG_MARK, APLOG_TRACE3, 0, stream->session->c,
"h2_stream(%ld-%d): destroy",
stream->session->id, stream->id);
+ stream->can_be_cleaned = 1;
if (stream->pool) {
apr_pool_destroy(stream->pool);
}
@@ -255,84 +267,125 @@ void h2_stream_rst(h2_stream *stream, int error_code)
stream->rst_error = error_code;
close_input(stream);
close_output(stream);
+ if (stream->out_buffer) {
+ apr_brigade_cleanup(stream->out_buffer);
+ }
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
"h2_stream(%ld-%d): reset, error=%d",
stream->session->id, stream->id, error_code);
}
-struct h2_response *h2_stream_get_response(h2_stream *stream)
-{
- return stream->response;
-}
-
-apr_status_t h2_stream_set_request(h2_stream *stream, request_rec *r)
+apr_status_t h2_stream_set_request_rec(h2_stream *stream, request_rec *r)
{
+ h2_request *req;
apr_status_t status;
- AP_DEBUG_ASSERT(stream);
+
+ ap_assert(stream->request == NULL);
+ ap_assert(stream->rtmp == NULL);
if (stream->rst_error) {
return APR_ECONNRESET;
}
- set_state(stream, H2_STREAM_ST_OPEN);
- status = h2_request_rwrite(stream->request, stream->pool, r);
- stream->request->serialize = h2_config_geti(h2_config_rget(r),
- H2_CONF_SER_HEADERS);
+ status = h2_request_rcreate(&req, stream->pool, r);
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, APLOGNO(03058)
- "h2_request(%d): rwrite %s host=%s://%s%s",
- stream->request->id, stream->request->method,
- stream->request->scheme, stream->request->authority,
- stream->request->path);
-
+ "h2_request(%d): set_request_rec %s host=%s://%s%s",
+ stream->id, req->method, req->scheme, req->authority,
+ req->path);
+ stream->rtmp = req;
return status;
}
+apr_status_t h2_stream_set_request(h2_stream *stream, const h2_request *r)
+{
+ ap_assert(stream->request == NULL);
+ ap_assert(stream->rtmp == NULL);
+ stream->rtmp = h2_request_clone(stream->pool, r);
+ return APR_SUCCESS;
+}
+
+static apr_status_t add_trailer(h2_stream *stream,
+ const char *name, size_t nlen,
+ const char *value, size_t vlen)
+{
+ conn_rec *c = stream->session->c;
+ char *hname, *hvalue;
+
+ if (nlen == 0 || name[0] == ':') {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EINVAL, c, APLOGNO(03060)
+ "h2_request(%ld-%d): pseudo header in trailer",
+ c->id, stream->id);
+ return APR_EINVAL;
+ }
+ if (h2_req_ignore_trailer(name, nlen)) {
+ return APR_SUCCESS;
+ }
+ if (!stream->trailers) {
+ stream->trailers = apr_table_make(stream->pool, 5);
+ }
+ hname = apr_pstrndup(stream->pool, name, nlen);
+ hvalue = apr_pstrndup(stream->pool, value, vlen);
+ h2_util_camel_case_header(hname, nlen);
+ apr_table_mergen(stream->trailers, hname, hvalue);
+
+ return APR_SUCCESS;
+}
+
apr_status_t h2_stream_add_header(h2_stream *stream,
const char *name, size_t nlen,
const char *value, size_t vlen)
{
- AP_DEBUG_ASSERT(stream);
- if (!stream->response) {
- if (name[0] == ':') {
- if ((vlen) > stream->session->s->limit_req_line) {
- /* pseudo header: approximation of request line size check */
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
- "h2_stream(%ld-%d): pseudo header %s too long",
- stream->session->id, stream->id, name);
- return h2_stream_set_error(stream,
- HTTP_REQUEST_URI_TOO_LARGE);
- }
- }
- else if ((nlen + 2 + vlen) > stream->session->s->limit_req_fieldsize) {
- /* header too long */
+ int error = 0;
+ ap_assert(stream);
+
+ if (stream->has_response) {
+ return APR_EINVAL;
+ }
+ ++stream->request_headers_added;
+ if (name[0] == ':') {
+ if ((vlen) > stream->session->s->limit_req_line) {
+ /* pseudo header: approximation of request line size check */
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
- "h2_stream(%ld-%d): header %s too long",
+ "h2_stream(%ld-%d): pseudo header %s too long",
stream->session->id, stream->id, name);
- return h2_stream_set_error(stream,
- HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
+ error = HTTP_REQUEST_URI_TOO_LARGE;
}
-
- if (name[0] != ':') {
- ++stream->request_headers_added;
- if (stream->request_headers_added
- > stream->session->s->limit_req_fields) {
- /* too many header lines */
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
- "h2_stream(%ld-%d): too many header lines",
- stream->session->id, stream->id);
- return h2_stream_set_error(stream,
- HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
- }
+ }
+ else if ((nlen + 2 + vlen) > stream->session->s->limit_req_fieldsize) {
+ /* header too long */
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
+ "h2_stream(%ld-%d): header %s too long",
+ stream->session->id, stream->id, name);
+ error = HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE;
+ }
+
+ if (stream->request_headers_added
+ > stream->session->s->limit_req_fields + 4) {
+ /* too many header lines, include 4 pseudo headers */
+ if (stream->request_headers_added
+ > stream->session->s->limit_req_fields + 4 + 100) {
+ /* yeah, right */
+ return APR_ECONNRESET;
}
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
+ "h2_stream(%ld-%d): too many header lines",
+ stream->session->id, stream->id);
+ error = HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE;
}
if (h2_stream_is_scheduled(stream)) {
- return h2_request_add_trailer(stream->request, stream->pool,
- name, nlen, value, vlen);
+ return add_trailer(stream, name, nlen, value, vlen);
+ }
+ else if (error) {
+ return h2_stream_set_error(stream, error);
}
else {
- if (!input_open(stream)) {
+ if (!stream->rtmp) {
+ stream->rtmp = h2_req_create(stream->id, stream->pool,
+ NULL, NULL, NULL, NULL, NULL, 0);
+ }
+ if (stream->state != H2_STREAM_ST_OPEN) {
return APR_ECONNRESET;
}
- return h2_request_add_header(stream->request, stream->pool,
+ return h2_request_add_header(stream->rtmp, stream->pool,
name, nlen, value, vlen);
}
}
@@ -340,52 +393,58 @@ apr_status_t h2_stream_add_header(h2_stream *stream,
apr_status_t h2_stream_schedule(h2_stream *stream, int eos, int push_enabled,
h2_stream_pri_cmp *cmp, void *ctx)
{
- apr_status_t status;
- AP_DEBUG_ASSERT(stream);
- AP_DEBUG_ASSERT(stream->session);
- AP_DEBUG_ASSERT(stream->session->mplx);
-
- if (!output_open(stream)) {
- return APR_ECONNRESET;
- }
- if (stream->scheduled) {
- return APR_EINVAL;
- }
- if (eos) {
- close_input(stream);
- }
-
- if (stream->response) {
- /* already have a resonse, probably a HTTP error code */
- return h2_mplx_process(stream->session->mplx, stream, cmp, ctx);
- }
+ apr_status_t status = APR_EINVAL;
+ ap_assert(stream);
+ ap_assert(stream->session);
+ ap_assert(stream->session->mplx);
- /* Seeing the end-of-headers, we have everything we need to
- * start processing it.
- */
- status = h2_request_end_headers(stream->request, stream->pool,
- eos, push_enabled);
- if (status == APR_SUCCESS) {
- stream->request->body = !eos;
- stream->scheduled = 1;
- stream->input_remaining = stream->request->content_length;
-
- status = h2_mplx_process(stream->session->mplx, stream, cmp, ctx);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
- "h2_stream(%ld-%d): scheduled %s %s://%s%s",
- stream->session->id, stream->id,
- stream->request->method, stream->request->scheme,
- stream->request->authority, stream->request->path);
- }
- else {
- h2_stream_rst(stream, H2_ERR_INTERNAL_ERROR);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, stream->session->c,
- "h2_stream(%ld-%d): RST=2 (internal err) %s %s://%s%s",
- stream->session->id, stream->id,
- stream->request->method, stream->request->scheme,
- stream->request->authority, stream->request->path);
+ if (!stream->scheduled) {
+ if (eos) {
+ close_input(stream);
+ }
+
+ if (h2_stream_is_ready(stream)) {
+ /* already have a resonse, probably a HTTP error code */
+ return h2_mplx_process(stream->session->mplx, stream, cmp, ctx);
+ }
+ else if (!stream->request && stream->rtmp) {
+ /* This is the common case: a h2_request was being assembled, now
+ * it gets finalized and checked for completness */
+ status = h2_request_end_headers(stream->rtmp, stream->pool, eos);
+ if (status == APR_SUCCESS) {
+ stream->rtmp->serialize = h2_config_geti(stream->session->config,
+ H2_CONF_SER_HEADERS);
+
+ stream->request = stream->rtmp;
+ stream->rtmp = NULL;
+ stream->scheduled = 1;
+
+ stream->push_policy = h2_push_policy_determine(stream->request->headers,
+ stream->pool, push_enabled);
+
+
+ status = h2_mplx_process(stream->session->mplx, stream, cmp, ctx);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
+ "h2_stream(%ld-%d): scheduled %s %s://%s%s "
+ "chunked=%d",
+ stream->session->id, stream->id,
+ stream->request->method, stream->request->scheme,
+ stream->request->authority, stream->request->path,
+ stream->request->chunked);
+ return status;
+ }
+ }
+ else {
+ status = APR_ECONNRESET;
+ }
}
+ h2_stream_rst(stream, H2_ERR_INTERNAL_ERROR);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, stream->session->c,
+ "h2_stream(%ld-%d): RST=2 (internal err) %s %s://%s%s",
+ stream->session->id, stream->id,
+ stream->request->method, stream->request->scheme,
+ stream->request->authority, stream->request->path);
return status;
}
@@ -396,20 +455,31 @@ int h2_stream_is_scheduled(const h2_stream *stream)
apr_status_t h2_stream_close_input(h2_stream *stream)
{
- apr_status_t status = APR_SUCCESS;
-
- AP_DEBUG_ASSERT(stream);
+ conn_rec *c = stream->session->c;
+ apr_status_t status;
+ apr_bucket_brigade *tmp;
+ apr_bucket *b;
+
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
"h2_stream(%ld-%d): closing input",
stream->session->id, stream->id);
-
if (stream->rst_error) {
return APR_ECONNRESET;
}
- if (close_input(stream) && stream->input) {
- status = h2_beam_close(stream->input);
+ tmp = apr_brigade_create(stream->pool, c->bucket_alloc);
+ if (stream->trailers && !apr_is_empty_table(stream->trailers)) {
+ h2_headers *r = h2_headers_create(HTTP_OK, stream->trailers,
+ NULL, stream->pool);
+ b = h2_bucket_headers_create(c->bucket_alloc, r);
+ APR_BRIGADE_INSERT_TAIL(tmp, b);
+ stream->trailers = NULL;
}
+
+ b = apr_bucket_eos_create(c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(tmp, b);
+ status = h2_beam_send(stream->input, tmp, APR_BLOCK_READ);
+ apr_brigade_destroy(tmp);
return status;
}
@@ -418,68 +488,39 @@ apr_status_t h2_stream_write_data(h2_stream *stream,
{
conn_rec *c = stream->session->c;
apr_status_t status = APR_SUCCESS;
+ apr_bucket_brigade *tmp;
- AP_DEBUG_ASSERT(stream);
+ ap_assert(stream);
if (!stream->input) {
return APR_EOF;
}
- if (input_closed(stream) || !stream->request->eoh) {
+ if (input_closed(stream) || !stream->request) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
"h2_stream(%ld-%d): writing denied, closed=%d, eoh=%d",
stream->session->id, stream->id, input_closed(stream),
- stream->request->eoh);
+ stream->request != NULL);
return APR_EINVAL;
}
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
"h2_stream(%ld-%d): add %ld input bytes",
stream->session->id, stream->id, (long)len);
-
- if (!stream->request->chunked) {
- stream->input_remaining -= len;
- if (stream->input_remaining < 0) {
- ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, c,
- APLOGNO(02961)
- "h2_stream(%ld-%d): got %ld more content bytes than announced "
- "in content-length header: %ld",
- stream->session->id, stream->id,
- (long)stream->request->content_length,
- -(long)stream->input_remaining);
- h2_stream_rst(stream, H2_ERR_PROTOCOL_ERROR);
- return APR_ECONNABORTED;
- }
- }
- if (!stream->tmp) {
- stream->tmp = apr_brigade_create(stream->pool, c->bucket_alloc);
- }
- apr_brigade_write(stream->tmp, NULL, NULL, data, len);
+ tmp = apr_brigade_create(stream->pool, c->bucket_alloc);
+ apr_brigade_write(tmp, NULL, NULL, data, len);
+ status = h2_beam_send(stream->input, tmp, APR_BLOCK_READ);
+ apr_brigade_destroy(tmp);
+
+ stream->in_data_frames++;
+ stream->in_data_octets += len;
+
if (eos) {
- APR_BRIGADE_INSERT_TAIL(stream->tmp,
- apr_bucket_eos_create(c->bucket_alloc));
- close_input(stream);
+ return h2_stream_close_input(stream);
}
- status = h2_beam_send(stream->input, stream->tmp, APR_BLOCK_READ);
- apr_brigade_cleanup(stream->tmp);
return status;
}
-void h2_stream_set_suspended(h2_stream *stream, int suspended)
-{
- AP_DEBUG_ASSERT(stream);
- stream->suspended = !!suspended;
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, stream->session->c,
- "h2_stream(%ld-%d): suspended=%d",
- stream->session->id, stream->id, stream->suspended);
-}
-
-int h2_stream_is_suspended(const h2_stream *stream)
-{
- AP_DEBUG_ASSERT(stream);
- return stream->suspended;
-}
-
static apr_status_t fill_buffer(h2_stream *stream, apr_size_t amount)
{
conn_rec *c = stream->session->c;
@@ -489,9 +530,12 @@ static apr_status_t fill_buffer(h2_stream *stream, apr_size_t amount)
if (!stream->output) {
return APR_EOF;
}
- status = h2_beam_receive(stream->output, stream->buffer,
+ status = h2_beam_receive(stream->output, stream->out_buffer,
APR_NONBLOCK_READ, amount);
- /* The buckets we reveive are using the stream->buffer pool as
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, stream->session->c,
+ "h2_stream(%ld-%d): beam_received",
+ stream->session->id, stream->id);
+ /* The buckets we reveive are using the stream->out_buffer pool as
* lifetime which is exactly what we want since this is stream->pool.
*
* However: when we send these buckets down the core output filters, the
@@ -502,8 +546,8 @@ static apr_status_t fill_buffer(h2_stream *stream, apr_size_t amount)
* file. Any split off buckets we sent afterwards will result in a
* APR_EBADF.
*/
- for (b = APR_BRIGADE_FIRST(stream->buffer);
- b != APR_BRIGADE_SENTINEL(stream->buffer);
+ for (b = APR_BRIGADE_FIRST(stream->out_buffer);
+ b != APR_BRIGADE_SENTINEL(stream->out_buffer);
b = APR_BUCKET_NEXT(b)) {
if (APR_BUCKET_IS_FILE(b)) {
apr_bucket_file *f = (apr_bucket_file *)b->data;
@@ -521,77 +565,76 @@ static apr_status_t fill_buffer(h2_stream *stream, apr_size_t amount)
return status;
}
-apr_status_t h2_stream_set_response(h2_stream *stream, h2_response *response,
- h2_bucket_beam *output)
+apr_status_t h2_stream_set_error(h2_stream *stream, int http_status)
{
- apr_status_t status = APR_SUCCESS;
- conn_rec *c = stream->session->c;
+ h2_headers *response;
- if (!output_open(stream)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
- "h2_stream(%ld-%d): output closed",
- stream->session->id, stream->id);
- return APR_ECONNRESET;
+ if (h2_stream_is_ready(stream)) {
+ return APR_EINVAL;
}
-
- stream->response = response;
- stream->output = output;
- stream->buffer = apr_brigade_create(stream->pool, c->bucket_alloc);
-
- h2_stream_filter(stream);
- if (stream->output) {
- status = fill_buffer(stream, 0);
+ if (stream->rtmp) {
+ stream->request = stream->rtmp;
+ stream->rtmp = NULL;
}
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, c,
- "h2_stream(%ld-%d): set_response(%d)",
- stream->session->id, stream->id,
- stream->response->http_status);
- return status;
+ response = h2_headers_die(http_status, stream->request, stream->pool);
+ prepend_response(stream, response);
+ h2_beam_close(stream->output);
+ return APR_SUCCESS;
}
-apr_status_t h2_stream_set_error(h2_stream *stream, int http_status)
+static apr_bucket *get_first_headers_bucket(apr_bucket_brigade *bb)
{
- h2_response *response;
-
- if (stream->submitted) {
- return APR_EINVAL;
+ if (bb) {
+ apr_bucket *b = APR_BRIGADE_FIRST(bb);
+ while (b != APR_BRIGADE_SENTINEL(bb)) {
+ if (H2_BUCKET_IS_HEADERS(b)) {
+ return b;
+ }
+ b = APR_BUCKET_NEXT(b);
+ }
}
- response = h2_response_die(stream->id, http_status, stream->request,
- stream->pool);
- return h2_stream_set_response(stream, response, NULL);
+ return NULL;
}
-static const apr_size_t DATA_CHUNK_SIZE = ((16*1024) - 100 - 9);
-
-apr_status_t h2_stream_out_prepare(h2_stream *stream,
- apr_off_t *plen, int *peos)
+apr_status_t h2_stream_out_prepare(h2_stream *stream, apr_off_t *plen,
+ int *peos, h2_headers **presponse)
{
conn_rec *c = stream->session->c;
apr_status_t status = APR_SUCCESS;
apr_off_t requested;
+ apr_bucket *b, *e;
+ if (presponse) {
+ *presponse = NULL;
+ }
+
if (stream->rst_error) {
*plen = 0;
*peos = 1;
return APR_ECONNRESET;
}
+
+ if (!output_open(stream)) {
+ return APR_ECONNRESET;
+ }
+ prep_output(stream);
if (*plen > 0) {
- requested = H2MIN(*plen, DATA_CHUNK_SIZE);
+ requested = H2MIN(*plen, H2_DATA_CHUNK_SIZE);
}
else {
- requested = DATA_CHUNK_SIZE;
+ requested = H2_DATA_CHUNK_SIZE;
}
*plen = requested;
H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "h2_stream_out_prepare_pre");
- h2_util_bb_avail(stream->buffer, plen, peos);
+ h2_util_bb_avail(stream->out_buffer, plen, peos);
if (!*peos && *plen < requested) {
/* try to get more data */
- status = fill_buffer(stream, (requested - *plen) + DATA_CHUNK_SIZE);
+ status = fill_buffer(stream, (requested - *plen) + H2_DATA_CHUNK_SIZE);
if (APR_STATUS_IS_EOF(status)) {
apr_bucket *eos = apr_bucket_eos_create(c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(stream->buffer, eos);
+ APR_BRIGADE_INSERT_TAIL(stream->out_buffer, eos);
status = APR_SUCCESS;
}
else if (status == APR_EAGAIN) {
@@ -599,20 +642,70 @@ apr_status_t h2_stream_out_prepare(h2_stream *stream,
status = APR_SUCCESS;
}
*plen = requested;
- h2_util_bb_avail(stream->buffer, plen, peos);
+ h2_util_bb_avail(stream->out_buffer, plen, peos);
}
H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "h2_stream_out_prepare_post");
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, c,
- "h2_stream(%ld-%d): prepare, len=%ld eos=%d, trailers=%s",
- c->id, stream->id, (long)*plen, *peos,
- (stream->response && stream->response->trailers)?
- "yes" : "no");
- if (!*peos && !*plen && status == APR_SUCCESS) {
- return APR_EAGAIN;
+
+ b = APR_BRIGADE_FIRST(stream->out_buffer);
+ while (b != APR_BRIGADE_SENTINEL(stream->out_buffer)) {
+ e = APR_BUCKET_NEXT(b);
+ if (APR_BUCKET_IS_FLUSH(b)
+ || (!APR_BUCKET_IS_METADATA(b) && b->length == 0)) {
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ }
+ else {
+ break;
+ }
+ b = e;
}
+
+ b = get_first_headers_bucket(stream->out_buffer);
+ if (b) {
+ /* there are HEADERS to submit */
+ *peos = 0;
+ *plen = 0;
+ if (b == APR_BRIGADE_FIRST(stream->out_buffer)) {
+ if (presponse) {
+ *presponse = h2_bucket_headers_get(b);
+ APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ status = APR_SUCCESS;
+ }
+ else {
+ /* someone needs to retrieve the response first */
+ h2_mplx_keep_active(stream->session->mplx, stream->id);
+ status = APR_EAGAIN;
+ }
+ }
+ else {
+ apr_bucket *e = APR_BRIGADE_FIRST(stream->out_buffer);
+ while (e != APR_BRIGADE_SENTINEL(stream->out_buffer)) {
+ if (e == b) {
+ break;
+ }
+ else if (e->length != (apr_size_t)-1) {
+ *plen += e->length;
+ }
+ e = APR_BUCKET_NEXT(e);
+ }
+ }
+ }
+
+ if (!*peos && !*plen && status == APR_SUCCESS
+ && (!presponse || !*presponse)) {
+ status = APR_EAGAIN;
+ }
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, c,
+ "h2_stream(%ld-%d): prepare, len=%ld eos=%d",
+ c->id, stream->id, (long)*plen, *peos);
return status;
}
+static int is_not_headers(apr_bucket *b)
+{
+ return !H2_BUCKET_IS_HEADERS(b);
+}
apr_status_t h2_stream_read_to(h2_stream *stream, apr_bucket_brigade *bb,
apr_off_t *plen, int *peos)
@@ -623,7 +716,7 @@ apr_status_t h2_stream_read_to(h2_stream *stream, apr_bucket_brigade *bb,
if (stream->rst_error) {
return APR_ECONNRESET;
}
- status = h2_append_brigade(bb, stream->buffer, plen, peos);
+ status = h2_append_brigade(bb, stream->out_buffer, plen, peos, is_not_headers);
if (status == APR_SUCCESS && !*peos && !*plen) {
status = APR_EAGAIN;
}
@@ -639,27 +732,13 @@ int h2_stream_input_is_open(const h2_stream *stream)
return input_open(stream);
}
-int h2_stream_needs_submit(const h2_stream *stream)
-{
- switch (stream->state) {
- case H2_STREAM_ST_OPEN:
- case H2_STREAM_ST_CLOSED_INPUT:
- case H2_STREAM_ST_CLOSED_OUTPUT:
- case H2_STREAM_ST_CLOSED:
- return !stream->submitted;
- default:
- return 0;
- }
-}
-
-apr_status_t h2_stream_submit_pushes(h2_stream *stream)
+apr_status_t h2_stream_submit_pushes(h2_stream *stream, h2_headers *response)
{
apr_status_t status = APR_SUCCESS;
apr_array_header_t *pushes;
int i;
- pushes = h2_push_collect_update(stream, stream->request,
- h2_stream_get_response(stream));
+ pushes = h2_push_collect_update(stream, stream->request, response);
if (pushes && !apr_is_empty_array(pushes)) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, stream->session->c,
"h2_stream(%ld-%d): found %d push candidates",
@@ -678,14 +757,13 @@ apr_status_t h2_stream_submit_pushes(h2_stream *stream)
apr_table_t *h2_stream_get_trailers(h2_stream *stream)
{
- return stream->response? stream->response->trailers : NULL;
+ return NULL;
}
-const h2_priority *h2_stream_get_priority(h2_stream *stream)
+const h2_priority *h2_stream_get_priority(h2_stream *stream,
+ h2_headers *response)
{
- h2_response *response = h2_stream_get_response(stream);
-
- if (response && stream->request && stream->request->initiated_on) {
+ if (response && stream->initiated_on) {
const char *ctype = apr_table_get(response->headers, "content-type");
if (ctype) {
/* FIXME: Not good enough, config needs to come from request->server */
@@ -695,3 +773,38 @@ const h2_priority *h2_stream_get_priority(h2_stream *stream)
return NULL;
}
+const char *h2_stream_state_str(h2_stream *stream)
+{
+ switch (stream->state) {
+ case H2_STREAM_ST_IDLE:
+ return "IDLE";
+ case H2_STREAM_ST_OPEN:
+ return "OPEN";
+ case H2_STREAM_ST_RESV_LOCAL:
+ return "RESERVED_LOCAL";
+ case H2_STREAM_ST_RESV_REMOTE:
+ return "RESERVED_REMOTE";
+ case H2_STREAM_ST_CLOSED_INPUT:
+ return "HALF_CLOSED_REMOTE";
+ case H2_STREAM_ST_CLOSED_OUTPUT:
+ return "HALF_CLOSED_LOCAL";
+ case H2_STREAM_ST_CLOSED:
+ return "CLOSED";
+ default:
+ return "UNKNOWN";
+
+ }
+}
+
+int h2_stream_is_ready(h2_stream *stream)
+{
+ if (stream->has_response) {
+ return 1;
+ }
+ else if (stream->out_buffer && get_first_headers_bucket(stream->out_buffer)) {
+ return 1;
+ }
+ return 0;
+}
+
+
diff --git a/modules/http2/h2_stream.h b/modules/http2/h2_stream.h
index f80f811..adb419e 100644
--- a/modules/http2/h2_stream.h
+++ b/modules/http2/h2_stream.h
@@ -25,16 +25,16 @@
* connection to the client. The h2_session writes to the h2_stream,
* adding HEADERS and DATA and finally an EOS. When headers are done,
* h2_stream is scheduled for handling, which is expected to produce
- * a h2_response.
+ * a h2_headers.
*
- * The h2_response gives the HEADER frames to sent to the client, followed
+ * The h2_headers gives the HEADER frames to sent to the client, followed
* by DATA frames read from the h2_stream until EOS is reached.
*/
struct h2_mplx;
struct h2_priority;
struct h2_request;
-struct h2_response;
+struct h2_headers;
struct h2_session;
struct h2_sos;
struct h2_bucket_beam;
@@ -42,30 +42,38 @@ struct h2_bucket_beam;
typedef struct h2_stream h2_stream;
struct h2_stream {
- int id; /* http2 stream id */
+ int id; /* http2 stream id */
+ int initiated_on; /* initiating stream id (PUSH) or 0 */
+ apr_time_t created; /* when stream was created */
h2_stream_state_t state; /* http/2 state of this stream */
struct h2_session *session; /* the session this stream belongs to */
apr_pool_t *pool; /* the memory pool for this stream */
- struct h2_request *request; /* the request made in this stream */
- struct h2_bucket_beam *input;
+ const struct h2_request *request; /* the request made in this stream */
+ struct h2_request *rtmp; /* request being assembled */
+ apr_table_t *trailers; /* optional incoming trailers */
int request_headers_added; /* number of request headers added */
- struct h2_response *response;
+ struct h2_bucket_beam *input;
struct h2_bucket_beam *output;
- apr_bucket_brigade *buffer;
- apr_bucket_brigade *tmp;
+ apr_bucket_brigade *out_buffer;
apr_array_header_t *files; /* apr_file_t* we collected during I/O */
int rst_error; /* stream error for RST_STREAM */
unsigned int aborted : 1; /* was aborted */
- unsigned int suspended : 1; /* DATA sending has been suspended */
unsigned int scheduled : 1; /* stream has been scheduled */
unsigned int started : 1; /* stream has started processing */
- unsigned int submitted : 1; /* response HEADER has been sent */
+ unsigned int has_response : 1; /* response headers are known */
+ unsigned int push_policy; /* which push policy to use for this request */
+ unsigned int can_be_cleaned : 1; /* stream pool can be cleaned */
- apr_off_t input_remaining; /* remaining bytes on input as advertised via content-length */
- apr_off_t data_frames_sent; /* # of DATA frames sent out for this stream */
+ const h2_priority *pref_priority; /* preferred priority for this stream */
+ apr_off_t out_data_frames; /* # of DATA frames sent */
+ apr_off_t out_data_octets; /* # of DATA octets (payload) sent */
+ apr_off_t in_data_frames; /* # of DATA frames received */
+ apr_off_t in_data_octets; /* # of DATA octets (payload) received */
+
+ const char *sos_filter;
};
@@ -79,7 +87,7 @@ struct h2_stream {
* @return the newly opened stream
*/
h2_stream *h2_stream_open(int id, apr_pool_t *pool, struct h2_session *session,
- int initiated_on, const struct h2_request *req);
+ int initiated_on);
/**
* Cleanup any resources still held by the stream, called by last bucket.
@@ -92,7 +100,7 @@ void h2_stream_eos_destroy(h2_stream *stream);
void h2_stream_destroy(h2_stream *stream);
/**
- * Removes stream from h2_session and destroys it.
+ * Cleanup references into requst processing.
*
* @param stream the stream to cleanup
*/
@@ -107,6 +115,13 @@ void h2_stream_cleanup(h2_stream *stream);
*/
apr_pool_t *h2_stream_detach_pool(h2_stream *stream);
+/**
+ * Initialize stream->request with the given h2_request.
+ *
+ * @param stream stream to write request to
+ * @param r the request with all the meta data
+ */
+apr_status_t h2_stream_set_request(h2_stream *stream, const h2_request *r);
/**
* Initialize stream->request with the given request_rec.
@@ -114,7 +129,7 @@ apr_pool_t *h2_stream_detach_pool(h2_stream *stream);
* @param stream stream to write request to
* @param r the request with all the meta data
*/
-apr_status_t h2_stream_set_request(h2_stream *stream, request_rec *r);
+apr_status_t h2_stream_set_request_rec(h2_stream *stream, request_rec *r);
/*
* Add a HTTP/2 header (including pseudo headers) or trailer
@@ -157,13 +172,13 @@ void h2_stream_rst(h2_stream *stream, int error_code);
/**
* Schedule the stream for execution. All header information must be
- * present. Use the given priority comparision callback to determine
+ * present. Use the given priority comparison callback to determine
* order in queued streams.
*
* @param stream the stream to schedule
* @param eos != 0 iff no more input will arrive
- * @param cmp priority comparision
- * @param ctx context for comparision
+ * @param cmp priority comparison
+ * @param ctx context for comparison
*/
apr_status_t h2_stream_schedule(h2_stream *stream, int eos, int push_enabled,
h2_stream_pri_cmp *cmp, void *ctx);
@@ -175,21 +190,6 @@ apr_status_t h2_stream_schedule(h2_stream *stream, int eos, int push_enabled,
*/
int h2_stream_is_scheduled(const h2_stream *stream);
-struct h2_response *h2_stream_get_response(h2_stream *stream);
-
-/**
- * Set the response for this stream. Invoked when all meta data for
- * the stream response has been collected.
- *
- * @param stream the stream to set the response for
- * @param response the response data for the stream
- * @param bb bucket brigade with output data for the stream. Optional,
- * may be incomplete.
- */
-apr_status_t h2_stream_set_response(h2_stream *stream,
- struct h2_response *response,
- struct h2_bucket_beam *output);
-
/**
* Set the HTTP error status as response.
*/
@@ -204,12 +204,13 @@ apr_status_t h2_stream_set_error(h2_stream *stream, int http_status);
* may be read without blocking
* @param peos (out) != 0 iff end of stream will be reached when reading plen
* bytes (out value).
+ * @param presponse (out) the response of one became available
* @return APR_SUCCESS if out information was computed successfully.
* APR_EAGAIN if not data is available and end of stream has not been
* reached yet.
*/
-apr_status_t h2_stream_out_prepare(h2_stream *stream,
- apr_off_t *plen, int *peos);
+apr_status_t h2_stream_out_prepare(h2_stream *stream, apr_off_t *plen,
+ int *peos, h2_headers **presponse);
/**
* Read a maximum number of bytes into the bucket brigade.
@@ -237,20 +238,6 @@ apr_status_t h2_stream_read_to(h2_stream *stream, apr_bucket_brigade *bb,
apr_table_t *h2_stream_get_trailers(h2_stream *stream);
/**
- * Set the suspended state of the stream.
- * @param stream the stream to change state on
- * @param suspended boolean value if stream is suspended
- */
-void h2_stream_set_suspended(h2_stream *stream, int suspended);
-
-/**
- * Check if the stream has been suspended.
- * @param stream the stream to check
- * @return != 0 iff stream is suspended.
- */
-int h2_stream_is_suspended(const h2_stream *stream);
-
-/**
* Check if the stream has open input.
* @param stream the stream to check
* @return != 0 iff stream has open input.
@@ -258,23 +245,29 @@ int h2_stream_is_suspended(const h2_stream *stream);
int h2_stream_input_is_open(const h2_stream *stream);
/**
- * Check if the stream has not submitted a response or RST yet.
- * @param stream the stream to check
- * @return != 0 iff stream has not submitted a response or RST.
- */
-int h2_stream_needs_submit(const h2_stream *stream);
-
-/**
* Submit any server push promises on this stream and schedule
* the tasks connection with these.
*
* @param stream the stream for which to submit
*/
-apr_status_t h2_stream_submit_pushes(h2_stream *stream);
+apr_status_t h2_stream_submit_pushes(h2_stream *stream, h2_headers *response);
/**
* Get priority information set for this stream.
*/
-const struct h2_priority *h2_stream_get_priority(h2_stream *stream);
+const struct h2_priority *h2_stream_get_priority(h2_stream *stream,
+ h2_headers *response);
+
+/**
+ * Return a textual representation of the stream state as in RFC 7540
+ * nomenclator, all caps, underscores.
+ */
+const char *h2_stream_state_str(h2_stream *stream);
+
+/**
+ * Determine if stream is ready for submitting a response or a RST
+ * @param stream the stream to check
+ */
+int h2_stream_is_ready(h2_stream *stream);
#endif /* defined(__mod_h2__h2_stream__) */
diff --git a/modules/http2/h2_stream_set.c b/modules/http2/h2_stream_set.c
deleted file mode 100644
index aa0f8c6..0000000
--- a/modules/http2/h2_stream_set.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
-
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <assert.h>
-#include <stddef.h>
-
-#include <apr_hash.h>
-#include <apr_strings.h>
-
-#include <httpd.h>
-#include <http_log.h>
-
-#include "h2_private.h"
-#include "h2_stream.h"
-#include "h2_stream_set.h"
-
-
-struct h2_stream_set {
- apr_hash_t *hash;
-};
-
-static unsigned int stream_hash(const char *key, apr_ssize_t *klen)
-{
- return (unsigned int)(*((int*)key));
-}
-
-h2_stream_set *h2_stream_set_create(apr_pool_t *pool, int max)
-{
- h2_stream_set *sp = apr_pcalloc(pool, sizeof(h2_stream_set));
- sp->hash = apr_hash_make_custom(pool, stream_hash);
-
- return sp;
-}
-
-void h2_stream_set_destroy(h2_stream_set *sp)
-{
- (void)sp;
-}
-
-h2_stream *h2_stream_set_get(h2_stream_set *sp, int stream_id)
-{
- return apr_hash_get(sp->hash, &stream_id, sizeof(stream_id));
-}
-
-void h2_stream_set_add(h2_stream_set *sp, h2_stream *stream)
-{
- apr_hash_set(sp->hash, &stream->id, sizeof(stream->id), stream);
-}
-
-void h2_stream_set_remove(h2_stream_set *sp, int stream_id)
-{
- apr_hash_set(sp->hash, &stream_id, sizeof(stream_id), NULL);
-}
-
-int h2_stream_set_is_empty(h2_stream_set *sp)
-{
- return apr_hash_count(sp->hash) == 0;
-}
-
-apr_size_t h2_stream_set_size(h2_stream_set *sp)
-{
- return apr_hash_count(sp->hash);
-}
-
-typedef struct {
- h2_stream_set_iter_fn *iter;
- void *ctx;
-} iter_ctx;
-
-static int hash_iter(void *ctx, const void *key, apr_ssize_t klen,
- const void *val)
-{
- iter_ctx *ictx = ctx;
- return ictx->iter(ictx->ctx, (h2_stream*)val);
-}
-
-void h2_stream_set_iter(h2_stream_set *sp,
- h2_stream_set_iter_fn *iter, void *ctx)
-{
- iter_ctx ictx;
- ictx.iter = iter;
- ictx.ctx = ctx;
- apr_hash_do(hash_iter, &ictx, sp->hash);
-}
-
-static int unsubmitted_iter(void *ctx, h2_stream *stream)
-{
- if (h2_stream_needs_submit(stream)) {
- *((int *)ctx) = 1;
- return 0;
- }
- return 1;
-}
-
-int h2_stream_set_has_unsubmitted(h2_stream_set *sp)
-{
- int has_unsubmitted = 0;
- h2_stream_set_iter(sp, unsubmitted_iter, &has_unsubmitted);
- return has_unsubmitted;
-}
-
-static int input_open_iter(void *ctx, h2_stream *stream)
-{
- if (h2_stream_input_is_open(stream)) {
- *((int *)ctx) = 1;
- return 0;
- }
- return 1;
-}
-
-int h2_stream_set_has_open_input(h2_stream_set *sp)
-{
- int has_input_open = 0;
- h2_stream_set_iter(sp, input_open_iter, &has_input_open);
- return has_input_open;
-}
-
-static int suspended_iter(void *ctx, h2_stream *stream)
-{
- if (h2_stream_is_suspended(stream)) {
- *((int *)ctx) = 1;
- return 0;
- }
- return 1;
-}
-
-int h2_stream_set_has_suspended(h2_stream_set *sp)
-{
- int has_suspended = 0;
- h2_stream_set_iter(sp, suspended_iter, &has_suspended);
- return has_suspended;
-}
-
diff --git a/modules/http2/h2_stream_set.h b/modules/http2/h2_stream_set.h
deleted file mode 100644
index d0041c4..0000000
--- a/modules/http2/h2_stream_set.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
-
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __mod_h2__h2_stream_set__
-#define __mod_h2__h2_stream_set__
-
-/**
- * A set of h2_stream instances. Allows lookup by stream id
- * and other criteria.
- */
-
-typedef h2_stream *h2_stream_set_match_fn(void *ctx, h2_stream *stream);
-typedef int h2_stream_set_iter_fn(void *ctx, h2_stream *stream);
-
-typedef struct h2_stream_set h2_stream_set;
-
-
-h2_stream_set *h2_stream_set_create(apr_pool_t *pool, int max);
-
-void h2_stream_set_destroy(h2_stream_set *sp);
-
-void h2_stream_set_add(h2_stream_set *sp, h2_stream *stream);
-
-h2_stream *h2_stream_set_get(h2_stream_set *sp, int stream_id);
-
-void h2_stream_set_remove(h2_stream_set *sp, int stream_id);
-
-void h2_stream_set_iter(h2_stream_set *sp,
- h2_stream_set_iter_fn *iter, void *ctx);
-
-int h2_stream_set_is_empty(h2_stream_set *sp);
-
-apr_size_t h2_stream_set_size(h2_stream_set *sp);
-
-int h2_stream_set_has_unsubmitted(h2_stream_set *sp);
-int h2_stream_set_has_open_input(h2_stream_set *sp);
-int h2_stream_set_has_suspended(h2_stream_set *sp);
-
-#endif /* defined(__mod_h2__h2_stream_set__) */
diff --git a/modules/http2/h2_switch.h b/modules/http2/h2_switch.h
index 3d9c628..10cee96 100644
--- a/modules/http2/h2_switch.h
+++ b/modules/http2/h2_switch.h
@@ -17,7 +17,7 @@
#define __mod_h2__h2_switch__
/*
- * One time, post config intialization.
+ * One time, post config initialization.
*/
apr_status_t h2_switch_init(apr_pool_t *pool, server_rec *s);
diff --git a/modules/http2/h2_task.c b/modules/http2/h2_task.c
index 381d0b1..1419aab 100644
--- a/modules/http2/h2_task.c
+++ b/modules/http2/h2_task.c
@@ -42,12 +42,28 @@
#include "h2_h2.h"
#include "h2_mplx.h"
#include "h2_request.h"
+#include "h2_headers.h"
#include "h2_session.h"
#include "h2_stream.h"
#include "h2_task.h"
#include "h2_worker.h"
#include "h2_util.h"
+static void H2_TASK_OUT_LOG(int lvl, h2_task *task, apr_bucket_brigade *bb,
+ const char *tag)
+{
+ if (APLOG_C_IS_LEVEL(task->c, lvl)) {
+ conn_rec *c = task->c;
+ char buffer[4 * 1024];
+ const char *line = "(null)";
+ apr_size_t len, bmax = sizeof(buffer)/sizeof(buffer[0]);
+
+ len = h2_util_bb_print(buffer, bmax, tag, "", bb);
+ ap_log_cerror(APLOG_MARK, lvl, 0, c, "bb_dump(%s): %s",
+ task->id, len? buffer : line);
+ }
+}
+
/*******************************************************************************
* task input handling
******************************************************************************/
@@ -59,107 +75,164 @@ static int input_ser_header(void *ctx, const char *name, const char *value)
return 1;
}
-static void make_chunk(h2_task *task, apr_bucket_brigade *bb,
- apr_bucket *first, apr_uint64_t chunk_len,
- apr_bucket *tail)
+/*******************************************************************************
+ * task output handling
+ ******************************************************************************/
+
+static apr_status_t open_output(h2_task *task)
{
- /* Surround the buckets [first, tail[ with new buckets carrying the
- * HTTP/1.1 chunked encoding format. If tail is NULL, the chunk extends
- * to the end of the brigade. */
- char buffer[128];
- apr_bucket *c;
- int len;
-
- len = apr_snprintf(buffer, H2_ALEN(buffer),
- "%"APR_UINT64_T_HEX_FMT"\r\n", chunk_len);
- c = apr_bucket_heap_create(buffer, len, NULL, bb->bucket_alloc);
- APR_BUCKET_INSERT_BEFORE(first, c);
- c = apr_bucket_heap_create("\r\n", 2, NULL, bb->bucket_alloc);
- if (tail) {
- APR_BUCKET_INSERT_BEFORE(tail, c);
- }
- else {
- APR_BRIGADE_INSERT_TAIL(bb, c);
- }
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c, APLOGNO(03348)
+ "h2_task(%s): open output to %s %s %s",
+ task->id, task->request->method,
+ task->request->authority,
+ task->request->path);
+ task->output.opened = 1;
+ return h2_mplx_out_open(task->mplx, task->stream_id, task->output.beam);
}
-static apr_status_t input_handle_eos(h2_task *task, request_rec *r,
- apr_bucket *b)
+static apr_status_t send_out(h2_task *task, apr_bucket_brigade* bb, int block)
{
- apr_status_t status = APR_SUCCESS;
- apr_bucket_brigade *bb = task->input.bb;
- apr_table_t *t = task->request? task->request->trailers : NULL;
-
- if (task->input.chunked) {
- task->input.tmp = apr_brigade_split_ex(bb, b, task->input.tmp);
- if (t && !apr_is_empty_table(t)) {
- status = apr_brigade_puts(bb, NULL, NULL, "0\r\n");
- apr_table_do(input_ser_header, task, t, NULL);
- status = apr_brigade_puts(bb, NULL, NULL, "\r\n");
- }
- else {
- status = apr_brigade_puts(bb, NULL, NULL, "0\r\n\r\n");
+ apr_off_t written, left;
+ apr_status_t status;
+
+ apr_brigade_length(bb, 0, &written);
+ H2_TASK_OUT_LOG(APLOG_TRACE2, task, bb, "h2_task send_out");
+ /* engines send unblocking */
+ status = h2_beam_send(task->output.beam, bb,
+ block? APR_BLOCK_READ : APR_NONBLOCK_READ);
+ if (APR_STATUS_IS_EAGAIN(status)) {
+ apr_brigade_length(bb, 0, &left);
+ written -= left;
+ status = APR_SUCCESS;
+ }
+ if (status == APR_SUCCESS) {
+ if (h2_task_logio_add_bytes_out) {
+ h2_task_logio_add_bytes_out(task->c, written);
}
- APR_BRIGADE_CONCAT(bb, task->input.tmp);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, task->c,
+ "h2_task(%s): send_out done", task->id);
}
- else if (r && t && !apr_is_empty_table(t)){
- /* trailers passed in directly. */
- apr_table_overlap(r->trailers_in, t, APR_OVERLAP_TABLES_SET);
+ else {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c,
+ "h2_task(%s): send_out (%ld bytes)",
+ task->id, (long)written);
}
- task->input.eos_written = 1;
return status;
}
-static apr_status_t input_append_eos(h2_task *task, request_rec *r)
+/* Bring the data from the brigade (which represents the result of the
+ * request_rec out filter chain) into the h2_mplx for further sending
+ * on the master connection.
+ */
+static apr_status_t slave_out(h2_task *task, ap_filter_t* f,
+ apr_bucket_brigade* bb)
{
+ apr_bucket *b;
apr_status_t status = APR_SUCCESS;
- apr_bucket_brigade *bb = task->input.bb;
- apr_table_t *t = task->request? task->request->trailers : NULL;
-
- if (task->input.chunked) {
- if (t && !apr_is_empty_table(t)) {
- status = apr_brigade_puts(bb, NULL, NULL, "0\r\n");
- apr_table_do(input_ser_header, task, t, NULL);
- status = apr_brigade_puts(bb, NULL, NULL, "\r\n");
+ int flush = 0, blocking;
+
+ if (task->frozen) {
+ h2_util_bb_log(task->c, task->stream_id, APLOG_TRACE2,
+ "frozen task output write, ignored", bb);
+ while (!APR_BRIGADE_EMPTY(bb)) {
+ b = APR_BRIGADE_FIRST(bb);
+ if (AP_BUCKET_IS_EOR(b)) {
+ APR_BUCKET_REMOVE(b);
+ task->eor = b;
+ }
+ else {
+ apr_bucket_delete(b);
+ }
}
- else {
- status = apr_brigade_puts(bb, NULL, NULL, "0\r\n\r\n");
+ return APR_SUCCESS;
+ }
+
+ /* we send block once we opened the output, so someone is there
+ * reading it *and* the task is not assigned to a h2_req_engine */
+ blocking = (!task->assigned && task->output.opened);
+ if (!task->output.opened) {
+ for (b = APR_BRIGADE_FIRST(bb);
+ b != APR_BRIGADE_SENTINEL(bb);
+ b = APR_BUCKET_NEXT(b)) {
+ if (APR_BUCKET_IS_FLUSH(b)) {
+ flush = 1;
+ break;
+ }
+ }
+ }
+
+ if (task->output.bb && !APR_BRIGADE_EMPTY(task->output.bb)) {
+ /* still have data buffered from previous attempt.
+ * setaside and append new data and try to pass the complete data */
+ if (!APR_BRIGADE_EMPTY(bb)) {
+ status = ap_save_brigade(f, &task->output.bb, &bb, task->pool);
+ }
+ if (status == APR_SUCCESS) {
+ status = send_out(task, task->output.bb, blocking);
+ }
+ }
+ else {
+ /* no data buffered here, try to pass the brigade directly */
+ status = send_out(task, bb, blocking);
+ if (status == APR_SUCCESS && !APR_BRIGADE_EMPTY(bb)) {
+ /* could not write all, buffer the rest */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03405)
+ "h2_slave_out(%s): saving brigade",
+ task->id);
+ status = ap_save_brigade(f, &task->output.bb, &bb, task->pool);
+ flush = 1;
}
}
- else if (r && t && !apr_is_empty_table(t)){
- /* trailers passed in directly. */
- apr_table_overlap(r->trailers_in, t, APR_OVERLAP_TABLES_SET);
+
+ if (status == APR_SUCCESS && !task->output.opened && flush) {
+ /* got a flush or could not write all, time to tell someone to read */
+ status = open_output(task);
}
- APR_BRIGADE_INSERT_TAIL(bb, apr_bucket_eos_create(bb->bucket_alloc));
- task->input.eos_written = 1;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, task->c,
+ "h2_slave_out(%s): slave_out leave", task->id);
return status;
}
-static apr_status_t input_read(h2_task *task, ap_filter_t* f,
- apr_bucket_brigade* bb, ap_input_mode_t mode,
- apr_read_type_e block, apr_off_t readbytes)
+static apr_status_t output_finish(h2_task *task)
{
+ if (!task->output.opened) {
+ return open_output(task);
+ }
+ return APR_SUCCESS;
+}
+
+/*******************************************************************************
+ * task slave connection filters
+ ******************************************************************************/
+
+static apr_status_t h2_filter_slave_in(ap_filter_t* f,
+ apr_bucket_brigade* bb,
+ ap_input_mode_t mode,
+ apr_read_type_e block,
+ apr_off_t readbytes)
+{
+ h2_task *task;
apr_status_t status = APR_SUCCESS;
- apr_bucket *b, *next, *first_data;
- apr_off_t bblen = 0;
+ apr_bucket *b, *next;
+ apr_off_t bblen;
+ apr_size_t rmax;
+ task = h2_ctx_cget_task(f->c);
+ ap_assert(task);
+ rmax = ((readbytes <= APR_SIZE_MAX)? (apr_size_t)readbytes : APR_SIZE_MAX);
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_task(%s): read, mode=%d, block=%d, readbytes=%ld",
+ "h2_slave_in(%s): read, mode=%d, block=%d, readbytes=%ld",
task->id, mode, block, (long)readbytes);
if (mode == AP_MODE_INIT) {
return ap_get_brigade(f->c->input_filters, bb, mode, block, readbytes);
}
- if (f->c->aborted || !task->request) {
+ if (f->c->aborted) {
return APR_ECONNABORTED;
}
if (!task->input.bb) {
- if (!task->input.eos_written) {
- input_append_eos(task, f->r);
- return APR_SUCCESS;
- }
return APR_EOF;
}
@@ -173,12 +246,11 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
}
}
- while (APR_BRIGADE_EMPTY(task->input.bb) && !task->input.eos) {
+ while (APR_BRIGADE_EMPTY(task->input.bb)) {
/* Get more input data for our request. */
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c,
- "h2_task(%s): get more data from mplx, block=%d, "
- "readbytes=%ld, queued=%ld",
- task->id, block, (long)readbytes, (long)bblen);
+ "h2_slave_in(%s): get more data from mplx, block=%d, "
+ "readbytes=%ld", task->id, block, (long)readbytes);
/* Override the block mode we get called with depending on the input's
* setting. */
@@ -191,7 +263,7 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
}
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, f->c,
- "h2_task(%s): read returned", task->id);
+ "h2_slave_in(%s): read returned", task->id);
if (APR_STATUS_IS_EAGAIN(status)
&& (mode == AP_MODE_GETLINE || block == APR_BLOCK_READ)) {
/* chunked input handling does not seem to like it if we
@@ -200,61 +272,24 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
status = APR_SUCCESS;
}
else if (APR_STATUS_IS_EOF(status)) {
- task->input.eos = 1;
+ break;
}
else if (status != APR_SUCCESS) {
return status;
}
- /* Inspect the buckets received, detect EOS and apply
- * chunked encoding if necessary */
h2_util_bb_log(f->c, task->stream_id, APLOG_TRACE2,
"input.beam recv raw", task->input.bb);
- first_data = NULL;
- bblen = 0;
- for (b = APR_BRIGADE_FIRST(task->input.bb);
- b != APR_BRIGADE_SENTINEL(task->input.bb); b = next) {
- next = APR_BUCKET_NEXT(b);
- if (APR_BUCKET_IS_METADATA(b)) {
- if (first_data && task->input.chunked) {
- make_chunk(task, task->input.bb, first_data, bblen, b);
- first_data = NULL;
- bblen = 0;
- }
- if (APR_BUCKET_IS_EOS(b)) {
- task->input.eos = 1;
- input_handle_eos(task, f->r, b);
- h2_util_bb_log(f->c, task->stream_id, APLOG_TRACE2,
- "input.bb after handle eos",
- task->input.bb);
- }
- }
- else if (b->length == 0) {
- apr_bucket_delete(b);
- }
- else {
- if (!first_data) {
- first_data = b;
- }
- bblen += b->length;
- }
- }
- if (first_data && task->input.chunked) {
- make_chunk(task, task->input.bb, first_data, bblen, NULL);
- }
-
if (h2_task_logio_add_bytes_in) {
+ apr_brigade_length(bb, 0, &bblen);
h2_task_logio_add_bytes_in(f->c, bblen);
}
}
- if (task->input.eos) {
- if (!task->input.eos_written) {
- input_append_eos(task, f->r);
- }
- if (APR_BRIGADE_EMPTY(task->input.bb)) {
- return APR_EOF;
- }
+ /* Inspect the buckets received, detect EOS and apply
+ * chunked encoding if necessary */
+ if (status == APR_EOF && APR_BRIGADE_EMPTY(task->input.bb)) {
+ return APR_EOF;
}
h2_util_bb_log(f->c, task->stream_id, APLOG_TRACE2,
@@ -262,7 +297,7 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
if (APR_BRIGADE_EMPTY(task->input.bb)) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, f->c,
- "h2_task(%s): no data", task->id);
+ "h2_slave_in(%s): no data", task->id);
return (block == APR_NONBLOCK_READ)? APR_EAGAIN : APR_EOF;
}
@@ -271,10 +306,10 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
APR_BRIGADE_CONCAT(bb, task->input.bb);
}
else if (mode == AP_MODE_READBYTES) {
- status = h2_brigade_concat_length(bb, task->input.bb, readbytes);
+ status = h2_brigade_concat_length(bb, task->input.bb, rmax);
}
else if (mode == AP_MODE_SPECULATIVE) {
- status = h2_brigade_copy_length(bb, task->input.bb, readbytes);
+ status = h2_brigade_copy_length(bb, task->input.bb, rmax);
}
else if (mode == AP_MODE_GETLINE) {
/* we are reading a single LF line, e.g. the HTTP headers.
@@ -288,7 +323,7 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
apr_brigade_flatten(bb, buffer, &len);
buffer[len] = 0;
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c,
- "h2_task(%s): getline: %s",
+ "h2_slave_in(%s): getline: %s",
task->id, buffer);
}
}
@@ -296,240 +331,61 @@ static apr_status_t input_read(h2_task *task, ap_filter_t* f,
/* Hmm, well. There is mode AP_MODE_EATCRLF, but we chose not
* to support it. Seems to work. */
ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_ENOTIMPL, f->c,
- APLOGNO(02942)
- "h2_task, unsupported READ mode %d", mode);
+ APLOGNO(03472)
+ "h2_slave_in(%s), unsupported READ mode %d",
+ task->id, mode);
status = APR_ENOTIMPL;
}
if (APLOGctrace1(f->c)) {
apr_brigade_length(bb, 0, &bblen);
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, f->c,
- "h2_task(%s): return %ld data bytes",
- task->id, (long)bblen);
+ "h2_slave_in(%s): %ld data bytes", task->id, (long)bblen);
}
return status;
}
-/*******************************************************************************
- * task output handling
- ******************************************************************************/
-
-static apr_status_t open_response(h2_task *task)
+static apr_status_t h2_filter_slave_output(ap_filter_t* filter,
+ apr_bucket_brigade* brigade)
{
- h2_response *response;
- response = h2_from_h1_get_response(task->output.from_h1);
- if (!response) {
- /* This happens currently when ap_die(status, r) is invoked
- * by a read request filter. */
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c, APLOGNO(03204)
- "h2_task(%s): write without response for %s %s %s",
- task->id,
- task->request->method,
- task->request->authority,
- task->request->path);
- task->c->aborted = 1;
- return APR_ECONNABORTED;
- }
-
- if (h2_task_logio_add_bytes_out) {
- /* count headers as if we'd do a HTTP/1.1 serialization */
- task->output.written = h2_util_table_bytes(response->headers, 3)+1;
- h2_task_logio_add_bytes_out(task->c, task->output.written);
- }
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c, APLOGNO(03348)
- "h2_task(%s): open response to %s %s %s",
- task->id, task->request->method,
- task->request->authority,
- task->request->path);
- return h2_mplx_out_open(task->mplx, task->stream_id, response);
-}
-
-static apr_status_t send_out(h2_task *task, apr_bucket_brigade* bb)
-{
- apr_off_t written, left;
+ h2_task *task = h2_ctx_cget_task(filter->c);
apr_status_t status;
-
- apr_brigade_length(bb, 0, &written);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
- "h2_task(%s): write response body (%ld bytes)",
- task->id, (long)written);
- status = h2_beam_send(task->output.beam, bb,
- task->blocking? APR_BLOCK_READ
- : APR_NONBLOCK_READ);
- if (APR_STATUS_IS_EAGAIN(status)) {
- apr_brigade_length(bb, 0, &left);
- written -= left;
- status = APR_SUCCESS;
- }
- if (status == APR_SUCCESS) {
- task->output.written += written;
- if (h2_task_logio_add_bytes_out) {
- h2_task_logio_add_bytes_out(task->c, written);
- }
+ ap_assert(task);
+ status = slave_out(task, filter, brigade);
+ if (status != APR_SUCCESS) {
+ h2_task_rst(task, H2_ERR_INTERNAL_ERROR);
}
return status;
}
-/* Bring the data from the brigade (which represents the result of the
- * request_rec out filter chain) into the h2_mplx for further sending
- * on the master connection.
- */
-static apr_status_t output_write(h2_task *task, ap_filter_t* f,
- apr_bucket_brigade* bb)
+static apr_status_t h2_filter_parse_h1(ap_filter_t* f, apr_bucket_brigade* bb)
{
- apr_bucket *b;
- apr_status_t status = APR_SUCCESS;
- int flush = 0;
-
- if (APR_BRIGADE_EMPTY(bb)) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
- "h2_task(%s): empty write", task->id);
- return APR_SUCCESS;
- }
-
- if (task->frozen) {
- h2_util_bb_log(task->c, task->stream_id, APLOG_TRACE2,
- "frozen task output write, ignored", bb);
- while (!APR_BRIGADE_EMPTY(bb)) {
- b = APR_BRIGADE_FIRST(bb);
- if (AP_BUCKET_IS_EOR(b)) {
- APR_BUCKET_REMOVE(b);
- task->eor = b;
- }
- else {
- apr_bucket_delete(b);
- }
- }
- return APR_SUCCESS;
- }
-
- if (!task->output.beam) {
- h2_beam_create(&task->output.beam, task->pool,
- task->stream_id, "output", 0);
- }
-
- /* Attempt to write saved brigade first */
- if (task->output.bb && !APR_BRIGADE_EMPTY(task->output.bb)) {
- status = send_out(task, task->output.bb);
- if (status != APR_SUCCESS) {
- return status;
- }
- }
+ h2_task *task = h2_ctx_cget_task(f->c);
+ apr_status_t status;
- /* If there is nothing saved (anymore), try to write the brigade passed */
- if ((!task->output.bb || APR_BRIGADE_EMPTY(task->output.bb))
- && !APR_BRIGADE_EMPTY(bb)) {
- /* check if we have a flush before the end-of-request */
- if (!task->output.response_open) {
- for (b = APR_BRIGADE_FIRST(bb);
- b != APR_BRIGADE_SENTINEL(bb);
- b = APR_BUCKET_NEXT(b)) {
- if (AP_BUCKET_IS_EOR(b)) {
- break;
- }
- else if (APR_BUCKET_IS_FLUSH(b)) {
- flush = 1;
- }
- }
- }
-
- status = send_out(task, bb);
- if (status != APR_SUCCESS) {
+ ap_assert(task);
+ /* There are cases where we need to parse a serialized http/1.1
+ * response. One example is a 100-continue answer in serialized mode
+ * or via a mod_proxy setup */
+ while (!task->output.sent_response) {
+ status = h2_from_h1_parse_response(task, f, bb);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, f->c,
+ "h2_task(%s): parsed response", task->id);
+ if (APR_BRIGADE_EMPTY(bb) || status != APR_SUCCESS) {
return status;
}
}
- /* If the passed brigade is not empty, save it before return */
- if (!APR_BRIGADE_EMPTY(bb)) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03405)
- "h2_task(%s): could not write all, saving brigade",
- task->id);
- if (!task->output.bb) {
- task->output.bb = apr_brigade_create(task->pool,
- task->c->bucket_alloc);
- }
- return ap_save_brigade(f, &task->output.bb, &bb, task->pool);
- }
-
- if (!task->output.response_open
- && (flush || h2_beam_get_mem_used(task->output.beam) > (32*1024))) {
- /* if we have enough buffered or we got a flush bucket, open
- * the response now. */
- status = open_response(task);
- task->output.response_open = 1;
- }
-
- return status;
-}
-
-static apr_status_t output_finish(h2_task *task)
-{
- apr_status_t status = APR_SUCCESS;
-
- if (!task->output.response_open) {
- status = open_response(task);
- task->output.response_open = 1;
- }
- return status;
-}
-
-/*******************************************************************************
- * task slave connection filters
- ******************************************************************************/
-
-static apr_status_t h2_filter_stream_input(ap_filter_t* filter,
- apr_bucket_brigade* brigade,
- ap_input_mode_t mode,
- apr_read_type_e block,
- apr_off_t readbytes)
-{
- h2_task *task = h2_ctx_cget_task(filter->c);
- AP_DEBUG_ASSERT(task);
- return input_read(task, filter, brigade, mode, block, readbytes);
-}
-
-static apr_status_t h2_filter_stream_output(ap_filter_t* filter,
- apr_bucket_brigade* brigade)
-{
- h2_task *task = h2_ctx_cget_task(filter->c);
- AP_DEBUG_ASSERT(task);
- return output_write(task, filter, brigade);
-}
-
-static apr_status_t h2_filter_read_response(ap_filter_t* filter,
- apr_bucket_brigade* bb)
-{
- h2_task *task = h2_ctx_cget_task(filter->c);
- AP_DEBUG_ASSERT(task);
- if (!task->output.from_h1) {
- return APR_ECONNABORTED;
- }
- return h2_from_h1_read_response(task->output.from_h1, filter, bb);
+ return ap_pass_brigade(f->next, bb);
}
/*******************************************************************************
* task things
******************************************************************************/
-void h2_task_set_response(h2_task *task, h2_response *response)
-{
- AP_DEBUG_ASSERT(response);
- AP_DEBUG_ASSERT(!task->response);
- /* we used to clone the response into out own pool. But
- * we have much tighter control over the EOR bucket nowadays,
- * so just use the instance given */
- task->response = response;
- if (response->rst_error) {
- h2_task_rst(task, response->rst_error);
- }
-}
-
-
int h2_task_can_redo(h2_task *task) {
- if (task->submitted
- || (task->input.beam && h2_beam_was_received(task->input.beam))
- || !task->request) {
+ if (h2_beam_was_received(task->input.beam)) {
/* cannot repeat that. */
return 0;
}
@@ -540,17 +396,14 @@ int h2_task_can_redo(h2_task *task) {
void h2_task_redo(h2_task *task)
{
- task->response = NULL;
task->rst_error = 0;
}
void h2_task_rst(h2_task *task, int error)
{
task->rst_error = error;
- if (task->input.beam) {
- h2_beam_abort(task->input.beam);
- }
- if (task->output.beam) {
+ h2_beam_abort(task->input.beam);
+ if (!task->worker_done) {
h2_beam_abort(task->output.beam);
}
if (task->c) {
@@ -582,15 +435,18 @@ void h2_task_register_hooks(void)
ap_hook_process_connection(h2_task_process_conn,
NULL, NULL, APR_HOOK_FIRST);
- ap_register_output_filter("H2_RESPONSE", h2_response_output_filter,
- NULL, AP_FTYPE_PROTOCOL);
- ap_register_input_filter("H2_TO_H1", h2_filter_stream_input,
+ ap_register_input_filter("H2_SLAVE_IN", h2_filter_slave_in,
NULL, AP_FTYPE_NETWORK);
- ap_register_output_filter("H1_TO_H2", h2_filter_stream_output,
+ ap_register_output_filter("H2_SLAVE_OUT", h2_filter_slave_output,
NULL, AP_FTYPE_NETWORK);
- ap_register_output_filter("H1_TO_H2_RESP", h2_filter_read_response,
+ ap_register_output_filter("H2_PARSE_H1", h2_filter_parse_h1,
+ NULL, AP_FTYPE_NETWORK);
+
+ ap_register_input_filter("H2_REQUEST", h2_filter_request_in,
+ NULL, AP_FTYPE_PROTOCOL);
+ ap_register_output_filter("H2_RESPONSE", h2_filter_headers_out,
NULL, AP_FTYPE_PROTOCOL);
- ap_register_output_filter("H2_TRAILERS", h2_response_trailers_filter,
+ ap_register_output_filter("H2_TRAILERS_OUT", h2_filter_trailers_out,
NULL, AP_FTYPE_PROTOCOL);
}
@@ -616,40 +472,41 @@ static int h2_task_pre_conn(conn_rec* c, void *arg)
if (h2_ctx_is_task(ctx)) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
"h2_h2, pre_connection, found stream task");
-
- /* Add our own, network level in- and output filters.
- */
- ap_add_input_filter("H2_TO_H1", NULL, NULL, c);
- ap_add_output_filter("H1_TO_H2", NULL, NULL, c);
+ ap_add_input_filter("H2_SLAVE_IN", NULL, NULL, c);
+ ap_add_output_filter("H2_PARSE_H1", NULL, NULL, c);
+ ap_add_output_filter("H2_SLAVE_OUT", NULL, NULL, c);
}
return OK;
}
-h2_task *h2_task_create(conn_rec *c, const h2_request *req,
- h2_bucket_beam *input, h2_mplx *mplx)
+h2_task *h2_task_create(conn_rec *c, int stream_id, const h2_request *req,
+ h2_bucket_beam *input, h2_bucket_beam *output,
+ h2_mplx *mplx)
{
apr_pool_t *pool;
h2_task *task;
+ ap_assert(mplx);
+ ap_assert(c);
+ ap_assert(req);
+
apr_pool_create(&pool, c->pool);
task = apr_pcalloc(pool, sizeof(h2_task));
if (task == NULL) {
ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_ENOMEM, c,
APLOGNO(02941) "h2_task(%ld-%d): create stream task",
- c->id, req->id);
+ c->id, stream_id);
return NULL;
}
-
- task->id = apr_psprintf(pool, "%ld-%d", c->id, req->id);
- task->stream_id = req->id;
+ task->id = apr_psprintf(pool, "%ld-%d", c->master->id, stream_id);
+ task->stream_id = stream_id;
task->c = c;
task->mplx = mplx;
task->c->keepalives = mplx->c->keepalives;
task->pool = pool;
task->request = req;
- task->ser_headers = req->serialize;
- task->blocking = 1;
task->input.beam = input;
+ task->output.beam = output;
apr_thread_cond_create(&task->cond, pool);
@@ -659,10 +516,6 @@ h2_task *h2_task_create(conn_rec *c, const h2_request *req,
void h2_task_destroy(h2_task *task)
{
- if (task->output.beam) {
- h2_beam_destroy(task->output.beam);
- task->output.beam = NULL;
- }
if (task->eor) {
apr_bucket_destroy(task->eor);
}
@@ -671,42 +524,53 @@ void h2_task_destroy(h2_task *task)
}
}
-void h2_task_set_io_blocking(h2_task *task, int blocking)
-{
- task->blocking = blocking;
-}
-
-apr_status_t h2_task_do(h2_task *task, apr_thread_t *thread)
+apr_status_t h2_task_do(h2_task *task, apr_thread_t *thread, int worker_id)
{
- AP_DEBUG_ASSERT(task);
-
- task->input.block = APR_BLOCK_READ;
- task->input.chunked = task->request->chunked;
- task->input.eos = !task->request->body;
- if (task->input.eos && !task->input.chunked && !task->ser_headers) {
- /* We do not serialize/chunk and have eos already, no need to
- * create a bucket brigade. */
- task->input.bb = NULL;
- task->input.eos_written = 1;
- }
- else {
- task->input.bb = apr_brigade_create(task->pool, task->c->bucket_alloc);
- if (task->ser_headers) {
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
- "h2_task(%s): serialize request %s %s",
- task->id, task->request->method, task->request->path);
- apr_brigade_printf(task->input.bb, NULL,
- NULL, "%s %s HTTP/1.1\r\n",
- task->request->method, task->request->path);
- apr_table_do(input_ser_header, task, task->request->headers, NULL);
- apr_brigade_puts(task->input.bb, NULL, NULL, "\r\n");
+ ap_assert(task);
+
+ if (task->c->master) {
+ /* Each conn_rec->id is supposed to be unique at a point in time. Since
+ * some modules (and maybe external code) uses this id as an identifier
+ * for the request_rec they handle, it needs to be unique for slave
+ * connections also.
+ * The connection id is generated by the MPM and most MPMs use the formula
+ * id := (child_num * max_threads) + thread_num
+ * which means that there is a maximum id of about
+ * idmax := max_child_count * max_threads
+ * If we assume 2024 child processes with 2048 threads max, we get
+ * idmax ~= 2024 * 2048 = 2 ** 22
+ * On 32 bit systems, we have not much space left, but on 64 bit systems
+ * (and higher?) we can use the upper 32 bits without fear of collision.
+ * 32 bits is just what we need, since a connection can only handle so
+ * many streams.
+ */
+ int slave_id, free_bits;
+
+ if (sizeof(unsigned long) >= 8) {
+ free_bits = 32;
+ slave_id = task->stream_id;
}
- if (task->input.eos) {
- input_append_eos(task, NULL);
+ else {
+ /* Assume we have a more limited number of threads/processes
+ * and h2 workers on a 32-bit system. Use the worker instead
+ * of the stream id. */
+ free_bits = 8;
+ slave_id = worker_id;
}
+ task->c->id = (task->c->master->id << free_bits)^slave_id;
}
- task->output.from_h1 = h2_from_h1_create(task->stream_id, task->pool);
+ task->input.bb = apr_brigade_create(task->pool, task->c->bucket_alloc);
+ if (task->request->serialize) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
+ "h2_task(%s): serialize request %s %s",
+ task->id, task->request->method, task->request->path);
+ apr_brigade_printf(task->input.bb, NULL,
+ NULL, "%s %s HTTP/1.1\r\n",
+ task->request->method, task->request->path);
+ apr_table_do(input_ser_header, task, task->request->headers, NULL);
+ apr_brigade_puts(task->input.bb, NULL, NULL, "\r\n");
+ }
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, task->c,
"h2_task(%s): process connection", task->id);
@@ -744,13 +608,16 @@ static apr_status_t h2_task_process_request(h2_task *task, conn_rec *c)
}
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
"h2_task(%s): start process_request", task->id);
+
ap_process_request(r);
if (task->frozen) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
"h2_task(%s): process_request frozen", task->id);
}
- ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
- "h2_task(%s): process_request done", task->id);
+ else {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
+ "h2_task(%s): process_request done", task->id);
+ }
/* After the call to ap_process_request, the
* request pool will have been deleted. We set
@@ -786,7 +653,7 @@ static int h2_task_process_conn(conn_rec* c)
ctx = h2_ctx_get(c, 0);
if (h2_ctx_is_task(ctx)) {
- if (!ctx->task->ser_headers) {
+ if (!ctx->task->request->serialize) {
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
"h2_h2, processing request directly");
h2_task_process_request(ctx->task, c);
@@ -819,11 +686,11 @@ apr_status_t h2_task_thaw(h2_task *task)
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, task->c, APLOGNO(03407)
"h2_task(%s), thawed", task->id);
}
- task->detached = 1;
+ task->thawed = 1;
return APR_SUCCESS;
}
-int h2_task_is_detached(h2_task *task)
+int h2_task_has_thawed(h2_task *task)
{
- return task->detached;
+ return task->thawed;
}
diff --git a/modules/http2/h2_task.h b/modules/http2/h2_task.h
index 010005a..a8f0f2c 100644
--- a/modules/http2/h2_task.h
+++ b/modules/http2/h2_task.h
@@ -44,7 +44,7 @@ struct h2_mplx;
struct h2_task;
struct h2_req_engine;
struct h2_request;
-struct h2_response;
+struct h2_response_parser;
struct h2_worker;
typedef struct h2_task h2_task;
@@ -56,37 +56,32 @@ struct h2_task {
apr_pool_t *pool;
const struct h2_request *request;
- struct h2_response *response;
+ int rst_error; /* h2 related stream abort error */
struct {
struct h2_bucket_beam *beam;
- apr_bucket_brigade *bb;
- apr_bucket_brigade *tmp;
- apr_read_type_e block;
- unsigned int chunked : 1;
unsigned int eos : 1;
- unsigned int eos_written : 1;
+ apr_bucket_brigade *bb;
+ apr_bucket_brigade *bbchunk;
+ apr_off_t chunked_total;
} input;
struct {
struct h2_bucket_beam *beam;
- struct h2_from_h1 *from_h1;
- unsigned int response_open : 1;
- apr_off_t written;
+ unsigned int opened : 1;
+ unsigned int sent_response : 1;
+ unsigned int copy_files : 1;
+ struct h2_response_parser *rparser;
apr_bucket_brigade *bb;
} output;
struct h2_mplx *mplx;
struct apr_thread_cond_t *cond;
- int rst_error; /* h2 related stream abort error */
unsigned int filters_set : 1;
- unsigned int ser_headers : 1;
unsigned int frozen : 1;
- unsigned int blocking : 1;
- unsigned int detached : 1;
- unsigned int submitted : 1; /* response has been submitted to client */
- unsigned int worker_started : 1; /* h2_worker started processing for this io */
- unsigned int worker_done : 1; /* h2_worker finished for this io */
+ unsigned int thawed : 1;
+ unsigned int worker_started : 1; /* h2_worker started processing */
+ unsigned int worker_done : 1; /* h2_worker finished */
apr_time_t started_at; /* when processing started */
apr_time_t done_at; /* when processing was done */
@@ -94,17 +89,17 @@ struct h2_task {
struct h2_req_engine *engine; /* engine hosted by this task */
struct h2_req_engine *assigned; /* engine that task has been assigned to */
- request_rec *r; /* request being processed in this task */
};
-h2_task *h2_task_create(conn_rec *c, const struct h2_request *req,
- struct h2_bucket_beam *input, struct h2_mplx *mplx);
+h2_task *h2_task_create(conn_rec *c, int stream_id,
+ const struct h2_request *req,
+ struct h2_bucket_beam *input,
+ struct h2_bucket_beam *output,
+ struct h2_mplx *mplx);
void h2_task_destroy(h2_task *task);
-apr_status_t h2_task_do(h2_task *task, apr_thread_t *thread);
-
-void h2_task_set_response(h2_task *task, struct h2_response *response);
+apr_status_t h2_task_do(h2_task *task, apr_thread_t *thread, int worker_id);
void h2_task_redo(h2_task *task);
int h2_task_can_redo(h2_task *task);
@@ -125,8 +120,6 @@ extern APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *h2_task_logio_add_bytes_out
apr_status_t h2_task_freeze(h2_task *task);
apr_status_t h2_task_thaw(h2_task *task);
-int h2_task_is_detached(h2_task *task);
-
-void h2_task_set_io_blocking(h2_task *task, int blocking);
+int h2_task_has_thawed(h2_task *task);
#endif /* defined(__mod_h2__h2_task__) */
diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c
index 8d1060e..d800b40 100644
--- a/modules/http2/h2_util.c
+++ b/modules/http2/h2_util.c
@@ -27,7 +27,7 @@
#include "h2_util.h"
/* h2_log2(n) iff n is a power of 2 */
-unsigned char h2_log2(apr_uint32_t n)
+unsigned char h2_log2(int n)
{
int lz = 0;
if (!n) {
@@ -440,10 +440,12 @@ void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx)
{
int i;
+ if (h2_iq_contains(q, sid)) {
+ return;
+ }
if (q->nelts >= q->nalloc) {
iq_grow(q, q->nalloc * 2);
}
-
i = (q->head + q->nelts) % q->nalloc;
q->elts[i] = sid;
++q->nelts;
@@ -454,6 +456,11 @@ void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx)
}
}
+void h2_iq_append(h2_iqueue *q, int sid)
+{
+ h2_iq_add(q, sid, NULL, NULL);
+}
+
int h2_iq_remove(h2_iqueue *q, int sid)
{
int i;
@@ -522,6 +529,18 @@ int h2_iq_shift(h2_iqueue *q)
return sid;
}
+size_t h2_iq_mshift(h2_iqueue *q, int *pint, size_t max)
+{
+ int i;
+ for (i = 0; i < max; ++i) {
+ pint[i] = h2_iq_shift(q);
+ if (pint[i] == 0) {
+ break;
+ }
+ }
+ return i;
+}
+
static void iq_grow(h2_iqueue *q, int nlen)
{
if (nlen > q->nalloc) {
@@ -573,6 +592,17 @@ static int iq_bubble_down(h2_iqueue *q, int i, int bottom,
return i;
}
+int h2_iq_contains(h2_iqueue *q, int sid)
+{
+ int i;
+ for (i = 0; i < q->nelts; ++i) {
+ if (sid == q->elts[(q->head + i) % q->nalloc]) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
/*******************************************************************************
* h2_util for apt_table_t
******************************************************************************/
@@ -618,7 +648,7 @@ static apr_status_t last_not_included(apr_bucket_brigade *bb,
{
apr_bucket *b;
apr_status_t status = APR_SUCCESS;
- int files_allowed = pfile_buckets_allowed? *pfile_buckets_allowed : 0;
+ int files_allowed = pfile_buckets_allowed? (int)*pfile_buckets_allowed : 0;
if (maxlen >= 0) {
/* Find the bucket, up to which we reach maxlen/mem bytes */
@@ -653,8 +683,8 @@ static apr_status_t last_not_included(apr_bucket_brigade *bb,
* unless we do not move the file buckets */
--files_allowed;
}
- else if (maxlen < b->length) {
- apr_bucket_split(b, maxlen);
+ else if (maxlen < (apr_off_t)b->length) {
+ apr_bucket_split(b, (apr_size_t)maxlen);
maxlen = 0;
}
else {
@@ -852,7 +882,7 @@ apr_status_t h2_util_bb_readx(apr_bucket_brigade *bb,
if (data_len > avail) {
apr_bucket_split(b, avail);
- data_len = avail;
+ data_len = (apr_size_t)avail;
}
if (consume) {
@@ -903,11 +933,11 @@ apr_size_t h2_util_bucket_print(char *buffer, apr_size_t bmax,
off += apr_snprintf(buffer+off, bmax-off, "eor");
}
else {
- off += apr_snprintf(buffer+off, bmax-off, "meta(unknown)");
+ off += apr_snprintf(buffer+off, bmax-off, "%s", b->type->name);
}
}
else {
- const char *btype = "data";
+ const char *btype = b->type->name;
if (APR_BUCKET_IS_FILE(b)) {
btype = "file";
}
@@ -972,7 +1002,8 @@ apr_size_t h2_util_bb_print(char *buffer, apr_size_t bmax,
apr_status_t h2_append_brigade(apr_bucket_brigade *to,
apr_bucket_brigade *from,
apr_off_t *plen,
- int *peos)
+ int *peos,
+ h2_bucket_gate *should_append)
{
apr_bucket *e;
apr_off_t len = 0, remain = *plen;
@@ -983,7 +1014,10 @@ apr_status_t h2_append_brigade(apr_bucket_brigade *to,
while (!APR_BRIGADE_EMPTY(from)) {
e = APR_BRIGADE_FIRST(from);
- if (APR_BUCKET_IS_METADATA(e)) {
+ if (!should_append(e)) {
+ goto leave;
+ }
+ else if (APR_BUCKET_IS_METADATA(e)) {
if (APR_BUCKET_IS_EOS(e)) {
*peos = 1;
apr_bucket_delete(e);
@@ -1002,9 +1036,9 @@ apr_status_t h2_append_brigade(apr_bucket_brigade *to,
if (remain < e->length) {
if (remain <= 0) {
- return APR_SUCCESS;
+ goto leave;
}
- apr_bucket_split(e, remain);
+ apr_bucket_split(e, (apr_size_t)remain);
}
}
@@ -1013,7 +1047,7 @@ apr_status_t h2_append_brigade(apr_bucket_brigade *to,
len += e->length;
remain -= e->length;
}
-
+leave:
*plen = len;
return APR_SUCCESS;
}
@@ -1126,11 +1160,11 @@ h2_ngheader *h2_util_ngheader_make_req(apr_pool_t *p,
h2_ngheader *ngh;
size_t n;
- AP_DEBUG_ASSERT(req);
- AP_DEBUG_ASSERT(req->scheme);
- AP_DEBUG_ASSERT(req->authority);
- AP_DEBUG_ASSERT(req->path);
- AP_DEBUG_ASSERT(req->method);
+ ap_assert(req);
+ ap_assert(req->scheme);
+ ap_assert(req->authority);
+ ap_assert(req->path);
+ ap_assert(req->method);
n = 4;
apr_table_do(count_header, &n, req->headers, NULL);
@@ -1160,7 +1194,7 @@ typedef struct {
#define H2_LIT_ARGS(a) (a),H2_ALEN(a)
static literal IgnoredRequestHeaders[] = {
- H2_DEF_LITERAL("expect"),
+/*H2_DEF_LITERAL("expect"),*/
H2_DEF_LITERAL("upgrade"),
H2_DEF_LITERAL("connection"),
H2_DEF_LITERAL("keep-alive"),
@@ -1194,15 +1228,12 @@ static literal IgnoredResponseTrailers[] = {
H2_DEF_LITERAL("www-authenticate"),
H2_DEF_LITERAL("proxy-authenticate"),
};
-static literal IgnoredProxyRespHds[] = {
- H2_DEF_LITERAL("alt-svc"),
-};
static int ignore_header(const literal *lits, size_t llen,
const char *name, size_t nlen)
{
const literal *lit;
- int i;
+ size_t i;
for (i = 0; i < llen; ++i) {
lit = &lits[i];
@@ -1229,12 +1260,6 @@ int h2_res_ignore_trailer(const char *name, size_t len)
return ignore_header(H2_LIT_ARGS(IgnoredResponseTrailers), name, len);
}
-int h2_proxy_res_ignore_header(const char *name, size_t len)
-{
- return (h2_req_ignore_header(name, len)
- || ignore_header(H2_LIT_ARGS(IgnoredProxyRespHds), name, len));
-}
-
apr_status_t h2_headers_add_h1(apr_table_t *headers, apr_pool_t *pool,
const char *name, size_t nlen,
const char *value, size_t vlen)
@@ -1276,13 +1301,12 @@ apr_status_t h2_headers_add_h1(apr_table_t *headers, apr_pool_t *pool,
* h2 request handling
******************************************************************************/
-h2_request *h2_req_createn(int id, apr_pool_t *pool, const char *method,
- const char *scheme, const char *authority,
- const char *path, apr_table_t *header, int serialize)
+h2_request *h2_req_create(int id, apr_pool_t *pool, const char *method,
+ const char *scheme, const char *authority,
+ const char *path, apr_table_t *header, int serialize)
{
h2_request *req = apr_pcalloc(pool, sizeof(h2_request));
- req->id = id;
req->method = method;
req->scheme = scheme;
req->authority = authority;
@@ -1294,49 +1318,6 @@ h2_request *h2_req_createn(int id, apr_pool_t *pool, const char *method,
return req;
}
-h2_request *h2_req_create(int id, apr_pool_t *pool, int serialize)
-{
- return h2_req_createn(id, pool, NULL, NULL, NULL, NULL, NULL, serialize);
-}
-
-typedef struct {
- apr_table_t *headers;
- apr_pool_t *pool;
-} h1_ctx;
-
-static int set_h1_header(void *ctx, const char *key, const char *value)
-{
- h1_ctx *x = ctx;
- size_t klen = strlen(key);
- if (!h2_req_ignore_header(key, klen)) {
- h2_headers_add_h1(x->headers, x->pool, key, klen, value, strlen(value));
- }
- return 1;
-}
-
-apr_status_t h2_req_make(h2_request *req, apr_pool_t *pool,
- const char *method, const char *scheme,
- const char *authority, const char *path,
- apr_table_t *headers)
-{
- h1_ctx x;
-
- req->method = method;
- req->scheme = scheme;
- req->authority = authority;
- req->path = path;
-
- AP_DEBUG_ASSERT(req->scheme);
- AP_DEBUG_ASSERT(req->authority);
- AP_DEBUG_ASSERT(req->path);
- AP_DEBUG_ASSERT(req->method);
-
- x.pool = pool;
- x.headers = req->headers;
- apr_table_do(set_h1_header, &x, headers, NULL);
- return APR_SUCCESS;
-}
-
/*******************************************************************************
* frame logging
******************************************************************************/
@@ -1423,11 +1404,11 @@ int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen)
/*******************************************************************************
* push policy
******************************************************************************/
-void h2_push_policy_determine(struct h2_request *req, apr_pool_t *p, int push_enabled)
+int h2_push_policy_determine(apr_table_t *headers, apr_pool_t *p, int push_enabled)
{
h2_push_policy policy = H2_PUSH_NONE;
if (push_enabled) {
- const char *val = apr_table_get(req->headers, "accept-push-policy");
+ const char *val = apr_table_get(headers, "accept-push-policy");
if (val) {
if (ap_find_token(p, val, "fast-load")) {
policy = H2_PUSH_FAST_LOAD;
@@ -1450,6 +1431,6 @@ void h2_push_policy_determine(struct h2_request *req, apr_pool_t *p, int push_en
policy = H2_PUSH_DEFAULT;
}
}
- req->push_policy = policy;
+ return policy;
}
diff --git a/modules/http2/h2_util.h b/modules/http2/h2_util.h
index 7cae0ac..7b92553 100644
--- a/modules/http2/h2_util.h
+++ b/modules/http2/h2_util.h
@@ -116,7 +116,7 @@ int h2_iq_count(h2_iqueue *q);
/**
* Add a stream id to the queue.
*
- * @param q the queue to append the task to
+ * @param q the queue to append the id to
* @param sid the stream id to add
* @param cmp the comparator for sorting
* @param ctx user data for comparator
@@ -124,6 +124,14 @@ int h2_iq_count(h2_iqueue *q);
void h2_iq_add(h2_iqueue *q, int sid, h2_iq_cmp *cmp, void *ctx);
/**
+ * Append the id to the queue if not already present.
+ *
+ * @param q the queue to append the id to
+ * @param sid the id to append
+ */
+void h2_iq_append(h2_iqueue *q, int sid);
+
+/**
* Remove the stream id from the queue. Return != 0 iff task
* was found in queue.
* @param q the task queue
@@ -148,19 +156,38 @@ void h2_iq_clear(h2_iqueue *q);
void h2_iq_sort(h2_iqueue *q, h2_iq_cmp *cmp, void *ctx);
/**
- * Get the first stream id from the queue or NULL if the queue is empty.
- * The task will be removed.
+ * Get the first id from the queue or 0 if the queue is empty.
+ * The id is being removed.
*
- * @param q the queue to get the first task from
- * @return the first stream id of the queue, 0 if empty
+ * @param q the queue to get the first id from
+ * @return the first id of the queue, 0 if empty
*/
int h2_iq_shift(h2_iqueue *q);
+/**
+ * Get the first max ids from the queue. All these ids will be removed.
+ *
+ * @param q the queue to get the first task from
+ * @param pint the int array to receive the values
+ * @param max the maximum number of ids to shift
+ * @return the actual number of ids shifted
+ */
+size_t h2_iq_mshift(h2_iqueue *q, int *pint, size_t max);
+
+/**
+ * Determine if int is in the queue already
+ *
+ * @parm q the queue
+ * @param sid the integer id to check for
+ * @return != 0 iff sid is already in the queue
+ */
+int h2_iq_contains(h2_iqueue *q, int sid);
+
/*******************************************************************************
* common helpers
******************************************************************************/
/* h2_log2(n) iff n is a power of 2 */
-unsigned char h2_log2(apr_uint32_t n);
+unsigned char h2_log2(int n);
/**
* Count the bytes that all key/value pairs in a table have
@@ -191,18 +218,18 @@ const char *h2_util_first_token_match(apr_pool_t *pool, const char *s,
int h2_req_ignore_header(const char *name, size_t len);
int h2_req_ignore_trailer(const char *name, size_t len);
int h2_res_ignore_trailer(const char *name, size_t len);
-int h2_proxy_res_ignore_header(const char *name, size_t len);
/**
* Set the push policy for the given request. Takes request headers into
* account, see draft https://tools.ietf.org/html/draft-ruellan-http-accept-push-policy-00
* for details.
*
- * @param req the request to determine the policy for
+ * @param headers the http headers to inspect
* @param p the pool to use
* @param push_enabled if HTTP/2 server push is generally enabled for this request
+ * @return the push policy desired
*/
-void h2_push_policy_determine(struct h2_request *req, apr_pool_t *p, int push_enabled);
+int h2_push_policy_determine(apr_table_t *headers, apr_pool_t *p, int push_enabled);
/*******************************************************************************
* base64 url encoding, different table from normal base64
@@ -261,16 +288,10 @@ apr_status_t h2_headers_add_h1(apr_table_t *headers, apr_pool_t *pool,
* h2_request helpers
******************************************************************************/
-struct h2_request *h2_req_createn(int id, apr_pool_t *pool, const char *method,
- const char *scheme, const char *authority,
- const char *path, apr_table_t *header,
- int serialize);
-struct h2_request *h2_req_create(int id, apr_pool_t *pool, int serialize);
-
-apr_status_t h2_req_make(struct h2_request *req, apr_pool_t *pool,
- const char *method, const char *scheme,
- const char *authority, const char *path,
- apr_table_t *headers);
+struct h2_request *h2_req_create(int id, apr_pool_t *pool, const char *method,
+ const char *scheme, const char *authority,
+ const char *path, apr_table_t *header,
+ int serialize);
/*******************************************************************************
* apr brigade helpers
@@ -358,14 +379,15 @@ do { \
const char *line = "(null)"; \
apr_size_t len, bmax = sizeof(buffer)/sizeof(buffer[0]); \
len = h2_util_bb_print(buffer, bmax, (tag), "", (bb)); \
- ap_log_cerror(APLOG_MARK, level, 0, (c), "bb_dump(%ld-%d): %s", \
- (c)->id, (int)(sid), (len? buffer : line)); \
+ ap_log_cerror(APLOG_MARK, level, 0, (c), "bb_dump(%s): %s", \
+ (c)->log_id, (len? buffer : line)); \
} while(0)
+typedef int h2_bucket_gate(apr_bucket *b);
/**
* Transfer buckets from one brigade to another with a limit on the
- * maximum amount of bytes transfered. Does no setaside magic, lifetime
+ * maximum amount of bytes transferred. Does no setaside magic, lifetime
* of brigades must fit.
* @param to brigade to transfer buckets to
* @param from brigades to remove buckets from
@@ -375,7 +397,8 @@ do { \
apr_status_t h2_append_brigade(apr_bucket_brigade *to,
apr_bucket_brigade *from,
apr_off_t *plen,
- int *peos);
+ int *peos,
+ h2_bucket_gate *should_append);
/**
* Get an approximnation of the memory footprint of the given
diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h
index abf69c1..46906d6 100644
--- a/modules/http2/h2_version.h
+++ b/modules/http2/h2_version.h
@@ -26,7 +26,7 @@
* @macro
* Version number of the http2 module as c string
*/
-#define MOD_HTTP2_VERSION "1.5.11"
+#define MOD_HTTP2_VERSION "1.8.3"
/**
* @macro
@@ -34,7 +34,7 @@
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_HTTP2_VERSION_NUM 0x01050b
+#define MOD_HTTP2_VERSION_NUM 0x010803
#endif /* mod_h2_h2_version_h */
diff --git a/modules/http2/h2_worker.c b/modules/http2/h2_worker.c
index 44feac1..84e8f98 100644
--- a/modules/http2/h2_worker.c
+++ b/modules/http2/h2_worker.c
@@ -43,7 +43,7 @@ static void* APR_THREAD_FUNC execute(apr_thread_t *thread, void *wctx)
worker->get_next(worker, worker->ctx, &task, &sticky);
while (task) {
- h2_task_do(task, thread);
+ h2_task_do(task, thread, worker->id);
/* report the task done and maybe get another one from the same
* mplx (= master connection), if we can be sticky.
*/
diff --git a/modules/http2/h2_workers.c b/modules/http2/h2_workers.c
index 2a15999..1dcfb2f 100644
--- a/modules/http2/h2_workers.c
+++ b/modules/http2/h2_workers.c
@@ -243,8 +243,8 @@ h2_workers *h2_workers_create(server_rec *s, apr_pool_t *server_pool,
h2_workers *workers;
apr_pool_t *pool;
- AP_DEBUG_ASSERT(s);
- AP_DEBUG_ASSERT(server_pool);
+ ap_assert(s);
+ ap_assert(server_pool);
/* let's have our own pool that will be parent to all h2_worker
* instances we create. This happens in various threads, but always
diff --git a/modules/http2/mod_http2.c b/modules/http2/mod_http2.c
index 480917a..e0a4b90 100644
--- a/modules/http2/mod_http2.c
+++ b/modules/http2/mod_http2.c
@@ -47,10 +47,10 @@ static void h2_hooks(apr_pool_t *pool);
AP_DECLARE_MODULE(http2) = {
STANDARD20_MODULE_STUFF,
- NULL,
- NULL,
+ h2_config_create_dir, /* func to create per dir config */
+ h2_config_merge_dir, /* func to merge per dir config */
h2_config_create_svr, /* func to create per server config */
- h2_config_merge, /* func to merge per server config */
+ h2_config_merge_svr, /* func to merge per server config */
h2_cmds, /* command handlers */
h2_hooks
};
@@ -60,6 +60,7 @@ static int h2_h2_fixups(request_rec *r);
typedef struct {
unsigned int change_prio : 1;
unsigned int sha256 : 1;
+ unsigned int inv_headers : 1;
} features;
static features myfeats;
@@ -84,16 +85,17 @@ static int h2_post_config(apr_pool_t *p, apr_pool_t *plog,
const char *mod_h2_init_key = "mod_http2_init_counter";
nghttp2_info *ngh2;
apr_status_t status;
- const char *sep = "";
(void)plog;(void)ptemp;
#ifdef H2_NG2_CHANGE_PRIO
myfeats.change_prio = 1;
- sep = "+";
#endif
#ifdef H2_OPENSSL
myfeats.sha256 = 1;
#endif
+#ifdef H2_NG2_INVALID_HEADER_CB
+ myfeats.inv_headers = 1;
+#endif
apr_pool_userdata_get(&data, mod_h2_init_key, s->process->pool);
if ( data == NULL ) {
@@ -108,8 +110,9 @@ static int h2_post_config(apr_pool_t *p, apr_pool_t *plog,
ap_log_error( APLOG_MARK, APLOG_INFO, 0, s, APLOGNO(03090)
"mod_http2 (v%s, feats=%s%s%s, nghttp2 %s), initializing...",
MOD_HTTP2_VERSION,
- myfeats.change_prio? "CHPRIO" : "", sep,
- myfeats.sha256? "SHA256" : "",
+ myfeats.change_prio? "CHPRIO" : "",
+ myfeats.sha256? "+SHA256" : "",
+ myfeats.inv_headers? "+INVHD" : "",
ngh2? ngh2->version_str : "unknown");
switch (h2_conn_mpm_type()) {
@@ -157,15 +160,16 @@ static apr_status_t http2_req_engine_push(const char *ngn_type,
static apr_status_t http2_req_engine_pull(h2_req_engine *ngn,
apr_read_type_e block,
- apr_uint32_t capacity,
+ int capacity,
request_rec **pr)
{
return h2_mplx_req_engine_pull(ngn, block, capacity, pr);
}
-static void http2_req_engine_done(h2_req_engine *ngn, conn_rec *r_conn)
+static void http2_req_engine_done(h2_req_engine *ngn, conn_rec *r_conn,
+ apr_status_t status)
{
- h2_mplx_req_engine_done(ngn, r_conn);
+ h2_mplx_req_engine_done(ngn, r_conn, status);
}
/* Runs once per created child process. Perform any process
@@ -230,8 +234,11 @@ static const char *val_H2_PUSH(apr_pool_t *p, server_rec *s,
if (ctx) {
if (r) {
h2_task *task = h2_ctx_get_task(ctx);
- if (task && task->request->push_policy != H2_PUSH_NONE) {
- return "on";
+ if (task) {
+ h2_stream *stream = h2_mplx_stream_get(task->mplx, task->stream_id);
+ if (stream && stream->push_policy != H2_PUSH_NONE) {
+ return "on";
+ }
}
}
else if (c && h2_session_push_enabled(ctx->session)) {
@@ -265,7 +272,10 @@ static const char *val_H2_PUSHED_ON(apr_pool_t *p, server_rec *s,
if (ctx) {
h2_task *task = h2_ctx_get_task(ctx);
if (task && !H2_STREAM_CLIENT_INITIATED(task->stream_id)) {
- return apr_itoa(p, task->request->initiated_on);
+ h2_stream *stream = h2_mplx_stream_get(task->mplx, task->stream_id);
+ if (stream) {
+ return apr_itoa(p, stream->initiated_on);
+ }
}
}
return "";
@@ -334,7 +344,7 @@ static char *http2_var_lookup(apr_pool_t *p, server_rec *s,
return (char *)vdef->lookup(p, s, c, r, ctx);
}
}
- return "";
+ return (char*)"";
}
static int h2_h2_fixups(request_rec *r)
diff --git a/modules/http2/mod_http2.dep b/modules/http2/mod_http2.dep
index 6e1a2b1..70953c8 100644
--- a/modules/http2/mod_http2.dep
+++ b/modules/http2/mod_http2.dep
@@ -454,7 +454,6 @@
".\h2_private.h"\
".\h2_push.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_session.h"\
".\h2_stream.h"\
".\h2_task.h"\
@@ -517,7 +516,6 @@
".\h2.h"\
".\h2_from_h1.h"\
".\h2_private.h"\
- ".\h2_response.h"\
".\h2_task.h"\
".\h2_util.h"\
@@ -648,7 +646,6 @@
".\h2_mplx.h"\
".\h2_private.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_task.h"\
".\h2_util.h"\
@@ -753,7 +750,6 @@
".\h2_ngn_shed.h"\
".\h2_private.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_stream.h"\
".\h2_task.h"\
".\h2_util.h"\
@@ -815,7 +811,6 @@
".\h2_ngn_shed.h"\
".\h2_private.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_task.h"\
".\h2_util.h"\
".\mod_http2.h"\
@@ -870,7 +865,6 @@
".\h2_private.h"\
".\h2_push.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_session.h"\
".\h2_stream.h"\
".\h2_util.h"\
@@ -937,58 +931,6 @@
".\h2_util.h"\
-./h2_response.c : \
- "..\..\include\ap_config.h"\
- "..\..\include\ap_config_layout.h"\
- "..\..\include\ap_expr.h"\
- "..\..\include\ap_hooks.h"\
- "..\..\include\ap_mmn.h"\
- "..\..\include\ap_regex.h"\
- "..\..\include\ap_release.h"\
- "..\..\include\apache_noprobes.h"\
- "..\..\include\http_config.h"\
- "..\..\include\http_core.h"\
- "..\..\include\http_log.h"\
- "..\..\include\httpd.h"\
- "..\..\include\os.h"\
- "..\..\include\util_cfgtree.h"\
- "..\..\include\util_filter.h"\
- "..\..\include\util_time.h"\
- "..\..\srclib\apr-util\include\apr_buckets.h"\
- "..\..\srclib\apr-util\include\apr_hooks.h"\
- "..\..\srclib\apr-util\include\apr_optional.h"\
- "..\..\srclib\apr-util\include\apr_optional_hooks.h"\
- "..\..\srclib\apr-util\include\apr_uri.h"\
- "..\..\srclib\apr-util\include\apu.h"\
- "..\..\srclib\apr\include\apr.h"\
- "..\..\srclib\apr\include\apr_allocator.h"\
- "..\..\srclib\apr\include\apr_errno.h"\
- "..\..\srclib\apr\include\apr_file_info.h"\
- "..\..\srclib\apr\include\apr_file_io.h"\
- "..\..\srclib\apr\include\apr_general.h"\
- "..\..\srclib\apr\include\apr_hash.h"\
- "..\..\srclib\apr\include\apr_inherit.h"\
- "..\..\srclib\apr\include\apr_mmap.h"\
- "..\..\srclib\apr\include\apr_network_io.h"\
- "..\..\srclib\apr\include\apr_poll.h"\
- "..\..\srclib\apr\include\apr_pools.h"\
- "..\..\srclib\apr\include\apr_ring.h"\
- "..\..\srclib\apr\include\apr_strings.h"\
- "..\..\srclib\apr\include\apr_tables.h"\
- "..\..\srclib\apr\include\apr_thread_mutex.h"\
- "..\..\srclib\apr\include\apr_thread_proc.h"\
- "..\..\srclib\apr\include\apr_time.h"\
- "..\..\srclib\apr\include\apr_user.h"\
- "..\..\srclib\apr\include\apr_want.h"\
- ".\h2.h"\
- ".\h2_filter.h"\
- ".\h2_h2.h"\
- ".\h2_private.h"\
- ".\h2_request.h"\
- ".\h2_response.h"\
- ".\h2_util.h"\
-
-
./h2_session.c : \
"..\..\include\ap_config.h"\
"..\..\include\ap_config_layout.h"\
@@ -1054,7 +996,6 @@
".\h2_private.h"\
".\h2_push.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_session.h"\
".\h2_stream.h"\
".\h2_task.h"\
@@ -1117,7 +1058,6 @@
".\h2_private.h"\
".\h2_push.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_session.h"\
".\h2_stream.h"\
".\h2_task.h"\
@@ -1361,7 +1301,6 @@
".\h2_mplx.h"\
".\h2_private.h"\
".\h2_request.h"\
- ".\h2_response.h"\
".\h2_session.h"\
".\h2_stream.h"\
".\h2_task.h"\
diff --git a/modules/http2/mod_http2.dsp b/modules/http2/mod_http2.dsp
index 9494148..f266074 100644
--- a/modules/http2/mod_http2.dsp
+++ b/modules/http2/mod_http2.dsp
@@ -161,7 +161,7 @@ SOURCE=./h2_request.c
# End Source File
# Begin Source File
-SOURCE=./h2_response.c
+SOURCE=./h2_headers.c
# End Source File
# Begin Source File
diff --git a/modules/http2/mod_http2.h b/modules/http2/mod_http2.h
index 3073579..f0cc956 100644
--- a/modules/http2/mod_http2.h
+++ b/modules/http2/mod_http2.h
@@ -49,7 +49,7 @@ typedef apr_status_t http2_req_engine_init(h2_req_engine *engine,
const char *id,
const char *type,
apr_pool_t *pool,
- apr_uint32_t req_buffer_size,
+ apr_size_t req_buffer_size,
request_rec *r,
http2_output_consumed **pconsumed,
void **pbaton);
@@ -75,8 +75,9 @@ APR_DECLARE_OPTIONAL_FN(apr_status_t,
/**
* Get a new request for processing in this engine.
* @param engine the engine which is done processing the slave
- * @param timeout wait a maximum amount of time for a new slave, 0 will not wait
- * @param pslave the slave connection that needs processing or NULL
+ * @param block if call should block waiting for request to come
+ * @param capacity how many parallel requests are acceptable
+ * @param pr the request that needs processing or NULL
* @return APR_SUCCESS if new request was assigned
* APR_EAGAIN if no new request is available
* APR_EOF if engine may shut down, as no more request will be scheduled
@@ -85,9 +86,10 @@ APR_DECLARE_OPTIONAL_FN(apr_status_t,
APR_DECLARE_OPTIONAL_FN(apr_status_t,
http2_req_engine_pull, (h2_req_engine *engine,
apr_read_type_e block,
- apr_uint32_t capacity,
+ int capacity,
request_rec **pr));
APR_DECLARE_OPTIONAL_FN(void,
http2_req_engine_done, (h2_req_engine *engine,
- conn_rec *rconn));
+ conn_rec *rconn,
+ apr_status_t status));
#endif
diff --git a/modules/http2/mod_http2.mak b/modules/http2/mod_http2.mak
index 7f8b30c..388df95 100644
--- a/modules/http2/mod_http2.mak
+++ b/modules/http2/mod_http2.mak
@@ -60,11 +60,11 @@ CLEAN :
- at erase "$(INTDIR)\h2_filter.obj"
- at erase "$(INTDIR)\h2_from_h1.obj"
- at erase "$(INTDIR)\h2_h2.obj"
+ - at erase "$(INTDIR)\h2_headers.obj"
- at erase "$(INTDIR)\h2_mplx.obj"
- at erase "$(INTDIR)\h2_ngn_shed.obj"
- at erase "$(INTDIR)\h2_push.obj"
- at erase "$(INTDIR)\h2_request.obj"
- - at erase "$(INTDIR)\h2_response.obj"
- at erase "$(INTDIR)\h2_session.obj"
- at erase "$(INTDIR)\h2_stream.obj"
- at erase "$(INTDIR)\h2_switch.obj"
@@ -139,11 +139,11 @@ LINK32_OBJS= \
"$(INTDIR)\h2_filter.obj" \
"$(INTDIR)\h2_from_h1.obj" \
"$(INTDIR)\h2_h2.obj" \
+ "$(INTDIR)\h2_headers.obj" \
"$(INTDIR)\h2_mplx.obj" \
"$(INTDIR)\h2_ngn_shed.obj" \
"$(INTDIR)\h2_push.obj" \
"$(INTDIR)\h2_request.obj" \
- "$(INTDIR)\h2_response.obj" \
"$(INTDIR)\h2_session.obj" \
"$(INTDIR)\h2_stream.obj" \
"$(INTDIR)\h2_switch.obj" \
@@ -210,11 +210,11 @@ CLEAN :
- at erase "$(INTDIR)\h2_filter.obj"
- at erase "$(INTDIR)\h2_from_h1.obj"
- at erase "$(INTDIR)\h2_h2.obj"
+ - at erase "$(INTDIR)\h2_headers.obj"
- at erase "$(INTDIR)\h2_mplx.obj"
- at erase "$(INTDIR)\h2_ngn_shed.obj"
- at erase "$(INTDIR)\h2_push.obj"
- at erase "$(INTDIR)\h2_request.obj"
- - at erase "$(INTDIR)\h2_response.obj"
- at erase "$(INTDIR)\h2_session.obj"
- at erase "$(INTDIR)\h2_stream.obj"
- at erase "$(INTDIR)\h2_switch.obj"
@@ -289,11 +289,11 @@ LINK32_OBJS= \
"$(INTDIR)\h2_filter.obj" \
"$(INTDIR)\h2_from_h1.obj" \
"$(INTDIR)\h2_h2.obj" \
+ "$(INTDIR)\h2_headers.obj" \
"$(INTDIR)\h2_mplx.obj" \
"$(INTDIR)\h2_ngn_shed.obj" \
"$(INTDIR)\h2_push.obj" \
"$(INTDIR)\h2_request.obj" \
- "$(INTDIR)\h2_response.obj" \
"$(INTDIR)\h2_session.obj" \
"$(INTDIR)\h2_stream.obj" \
"$(INTDIR)\h2_switch.obj" \
@@ -472,6 +472,11 @@ SOURCE=./h2_h2.c
"$(INTDIR)\h2_h2.obj" : $(SOURCE) "$(INTDIR)"
+SOURCE=./h2_headers.c
+
+"$(INTDIR)\h2_headers.obj" : $(SOURCE) "$(INTDIR)"
+
+
SOURCE=./h2_mplx.c
"$(INTDIR)\h2_mplx.obj" : $(SOURCE) "$(INTDIR)"
@@ -492,11 +497,6 @@ SOURCE=./h2_request.c
"$(INTDIR)\h2_request.obj" : $(SOURCE) "$(INTDIR)"
-SOURCE=./h2_response.c
-
-"$(INTDIR)\h2_response.obj" : $(SOURCE) "$(INTDIR)"
-
-
SOURCE=./h2_session.c
"$(INTDIR)\h2_session.obj" : $(SOURCE) "$(INTDIR)"
diff --git a/modules/http2/mod_proxy_http2.c b/modules/http2/mod_proxy_http2.c
index df1d781..1e2affa 100644
--- a/modules/http2/mod_proxy_http2.c
+++ b/modules/http2/mod_proxy_http2.c
@@ -44,9 +44,10 @@ static apr_status_t (*req_engine_push)(const char *name, request_rec *r,
http2_req_engine_init *einit);
static apr_status_t (*req_engine_pull)(h2_req_engine *engine,
apr_read_type_e block,
- apr_uint32_t capacity,
+ int capacity,
request_rec **pr);
-static void (*req_engine_done)(h2_req_engine *engine, conn_rec *r_conn);
+static void (*req_engine_done)(h2_req_engine *engine, conn_rec *r_conn,
+ apr_status_t status);
typedef struct h2_proxy_ctx {
conn_rec *owner;
@@ -63,9 +64,9 @@ typedef struct h2_proxy_ctx {
const char *engine_id;
const char *engine_type;
apr_pool_t *engine_pool;
- apr_uint32_t req_buffer_size;
+ apr_size_t req_buffer_size;
request_rec *next;
- apr_size_t capacity;
+ int capacity;
unsigned standalone : 1;
unsigned is_ssl : 1;
@@ -168,7 +169,7 @@ static int proxy_http2_canon(request_rec *r, char *url)
path = url; /* this is the raw path */
}
else {
- path = ap_proxy_canonenc(r->pool, url, strlen(url),
+ path = ap_proxy_canonenc(r->pool, url, (int)strlen(url),
enc_path, 0, r->proxyreq);
search = r->args;
}
@@ -210,7 +211,7 @@ static apr_status_t proxy_engine_init(h2_req_engine *engine,
const char *id,
const char *type,
apr_pool_t *pool,
- apr_uint32_t req_buffer_size,
+ apr_size_t req_buffer_size,
request_rec *r,
http2_output_consumed **pconsumed,
void **pctx)
@@ -270,46 +271,45 @@ static apr_status_t add_request(h2_proxy_session *session, request_rec *r)
}
static void request_done(h2_proxy_session *session, request_rec *r,
- int complete, int touched)
+ apr_status_t status, int touched)
{
h2_proxy_ctx *ctx = session->user_data;
const char *task_id = apr_table_get(r->connection->notes, H2_TASK_ID_NOTE);
-
- if (!complete && !touched) {
- /* untouched request, need rescheduling */
- if (req_engine_push && is_h2 && is_h2(ctx->owner)) {
- if (req_engine_push(ctx->engine_type, r, NULL) == APR_SUCCESS) {
- /* push to engine */
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection,
- APLOGNO(03369)
- "h2_proxy_session(%s): rescheduled request %s",
- ctx->engine_id, task_id);
- return;
+
+ if (status != APR_SUCCESS) {
+ if (!touched) {
+ /* untouched request, need rescheduling */
+ if (req_engine_push && is_h2 && is_h2(ctx->owner)) {
+ if (req_engine_push(ctx->engine_type, r, NULL) == APR_SUCCESS) {
+ /* push to engine */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection,
+ APLOGNO(03369)
+ "h2_proxy_session(%s): rescheduled request %s",
+ ctx->engine_id, task_id);
+ return;
+ }
}
}
+ else {
+ const char *uri;
+ uri = apr_uri_unparse(r->pool, &r->parsed_uri, 0);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, r->connection,
+ APLOGNO(03471) "h2_proxy_session(%s): request %s -> %s "
+ "not complete, was touched",
+ ctx->engine_id, task_id, uri);
+ }
}
- if (r == ctx->rbase && complete) {
- ctx->r_status = APR_SUCCESS;
+ if (r == ctx->rbase) {
+ ctx->r_status = (status == APR_SUCCESS)? APR_SUCCESS : HTTP_SERVICE_UNAVAILABLE;
}
- if (complete) {
- if (req_engine_done && ctx->engine) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection,
- APLOGNO(03370)
- "h2_proxy_session(%s): finished request %s",
- ctx->engine_id, task_id);
- req_engine_done(ctx->engine, r->connection);
- }
- }
- else {
- if (req_engine_done && ctx->engine) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, r->connection,
- APLOGNO(03371)
- "h2_proxy_session(%s): failed request %s",
- ctx->engine_id, task_id);
- req_engine_done(ctx->engine, r->connection);
- }
+ if (req_engine_done && ctx->engine) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, r->connection,
+ APLOGNO(03370)
+ "h2_proxy_session(%s): finished request %s",
+ ctx->engine_id, task_id);
+ req_engine_done(ctx->engine, r->connection, status);
}
}
@@ -323,7 +323,7 @@ static apr_status_t next_request(h2_proxy_ctx *ctx, int before_leave)
status = req_engine_pull(ctx->engine, before_leave?
APR_BLOCK_READ: APR_NONBLOCK_READ,
ctx->capacity, &ctx->next);
- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, ctx->owner,
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, ctx->owner,
"h2_proxy_engine(%s): pulled request (%s) %s",
ctx->engine_id,
before_leave? "before leave" : "regular",
@@ -335,14 +335,17 @@ static apr_status_t next_request(h2_proxy_ctx *ctx, int before_leave)
static apr_status_t proxy_engine_run(h2_proxy_ctx *ctx) {
apr_status_t status = OK;
+ int h2_front;
/* Step Four: Send the Request in a new HTTP/2 stream and
* loop until we got the response or encounter errors.
*/
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctx->owner,
"eng(%s): setup session", ctx->engine_id);
- ctx->session = h2_proxy_session_setup(ctx->engine_id, ctx->p_conn, ctx->conf,
- 30, h2_log2(ctx->req_buffer_size),
+ h2_front = is_h2? is_h2(ctx->owner) : 0;
+ ctx->session = h2_proxy_session_setup(ctx->engine_id, ctx->p_conn, ctx->conf,
+ h2_front, 30,
+ h2_proxy_log2((int)ctx->req_buffer_size),
request_done);
if (!ctx->session) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctx->owner,
@@ -367,7 +370,7 @@ static apr_status_t proxy_engine_run(h2_proxy_ctx *ctx) {
/* ongoing processing, call again */
if (ctx->session->remote_max_concurrent > 0
&& ctx->session->remote_max_concurrent != ctx->capacity) {
- ctx->capacity = ctx->session->remote_max_concurrent;
+ ctx->capacity = (int)ctx->session->remote_max_concurrent;
}
s2 = next_request(ctx, 0);
if (s2 == APR_ECONNABORTED) {
@@ -375,10 +378,15 @@ static apr_status_t proxy_engine_run(h2_proxy_ctx *ctx) {
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, s2, ctx->owner,
APLOGNO(03374) "eng(%s): pull request",
ctx->engine_id);
- status = s2;
+ /* give notice that we're leaving and cancel all ongoing
+ * streams. */
+ next_request(ctx, 1);
+ h2_proxy_session_cancel_all(ctx->session);
+ h2_proxy_session_process(ctx->session);
+ status = ctx->r_status = APR_SUCCESS;
break;
}
- if (!ctx->next && h2_ihash_empty(ctx->session->streams)) {
+ if (!ctx->next && h2_proxy_ihash_empty(ctx->session->streams)) {
break;
}
}
@@ -561,7 +569,7 @@ run_connect:
* backend->hostname. */
if (ap_proxy_connect_backend(ctx->proxy_func, ctx->p_conn, ctx->worker,
ctx->server)) {
- ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctx->owner, APLOGNO(03352)
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctx->owner, APLOGNO(03352)
"H2: failed to make connection to backend: %s",
ctx->p_conn->hostname);
goto cleanup;
@@ -569,29 +577,27 @@ run_connect:
/* Step Three: Create conn_rec for the socket we have open now. */
if (!ctx->p_conn->connection) {
- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, ctx->owner, APLOGNO(03353)
- "setup new connection: is_ssl=%d %s %s %s",
- ctx->p_conn->is_ssl, ctx->p_conn->ssl_hostname,
- locurl, ctx->p_conn->hostname);
if ((status = ap_proxy_connection_create(ctx->proxy_func, ctx->p_conn,
ctx->owner,
ctx->server)) != OK) {
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, ctx->owner, APLOGNO(03353)
+ "setup new connection: is_ssl=%d %s %s %s",
+ ctx->p_conn->is_ssl, ctx->p_conn->ssl_hostname,
+ locurl, ctx->p_conn->hostname);
goto cleanup;
}
- /*
- * On SSL connections set a note on the connection what CN is
- * requested, such that mod_ssl can check if it is requested to do
- * so.
- */
- if (ctx->p_conn->ssl_hostname) {
- apr_table_setn(ctx->p_conn->connection->notes,
- "proxy-request-hostname", ctx->p_conn->ssl_hostname);
- }
-
- if (ctx->is_ssl) {
- apr_table_setn(ctx->p_conn->connection->notes,
- "proxy-request-alpn-protos", "h2");
+ if (!ctx->p_conn->data) {
+ /* New conection: set a note on the connection what CN is
+ * requested and what protocol we want */
+ if (ctx->p_conn->ssl_hostname) {
+ apr_table_setn(ctx->p_conn->connection->notes,
+ "proxy-request-hostname", ctx->p_conn->ssl_hostname);
+ }
+ if (ctx->is_ssl) {
+ apr_table_setn(ctx->p_conn->connection->notes,
+ "proxy-request-alpn-protos", "h2");
+ }
}
}
diff --git a/modules/ldap/util_ldap_cache_mgr.c b/modules/ldap/util_ldap_cache_mgr.c
index 2389b5d..4a0cc97 100644
--- a/modules/ldap/util_ldap_cache_mgr.c
+++ b/modules/ldap/util_ldap_cache_mgr.c
@@ -497,7 +497,7 @@ void *util_ald_cache_insert(util_ald_cache_t *cache, void *payload)
}
}
- /* Take a copy of the payload before proceeeding. */
+ /* Take a copy of the payload before proceeding. */
tmp_payload = (*cache->copy)(cache, payload);
if (tmp_payload == NULL) {
/*
diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c
index b6dc9ff..4270b3f 100644
--- a/modules/loggers/mod_log_config.c
+++ b/modules/loggers/mod_log_config.c
@@ -39,7 +39,7 @@
* the request will be logged to the log file(s) defined outside
* the virtual host section. If a TransferLog or CustomLog directive
* appears in the VirtualHost section, the log files defined outside
- * the VirtualHost will _not_ be used. This makes this module compatable
+ * the VirtualHost will _not_ be used. This makes this module compatible
* with the CLF and config log modules, where the use of TransferLog
* inside the VirtualHost section overrides its use outside.
*
diff --git a/modules/lua/mod_lua.c b/modules/lua/mod_lua.c
index cc2f00f..3add436 100644
--- a/modules/lua/mod_lua.c
+++ b/modules/lua/mod_lua.c
@@ -905,7 +905,7 @@ typedef struct cr_ctx
} cr_ctx;
-/* Okay, this deserves a little explaination -- in order for the errors that lua
+/* Okay, this deserves a little explanation -- in order for the errors that lua
* generates to be 'accuarate', including line numbers, we basically inject
* N line number new lines into the 'top' of the chunk reader.....
*
@@ -1956,6 +1956,7 @@ static void *create_dir_config(apr_pool_t *p, char *dir)
cfg->codecache = AP_LUA_CACHE_UNSET;
cfg->vm_min = 0;
cfg->vm_max = 0;
+ cfg->inherit = AP_LUA_INHERIT_UNSET;
return cfg;
}
diff --git a/modules/mappers/mod_actions.c b/modules/mappers/mod_actions.c
index c311a3b..2a67a27 100644
--- a/modules/mappers/mod_actions.c
+++ b/modules/mappers/mod_actions.c
@@ -118,7 +118,7 @@ static const char *set_script(cmd_parms *cmd, void *m_v,
}
else {
/* ap_method_register recognizes already registered methods,
- * so don't bother to check its previous existence explicitely.
+ * so don't bother to check its previous existence explicitly.
*/
methnum = ap_method_register(cmd->pool, method);
}
diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c
index 71fc0a9..b008f5c 100644
--- a/modules/mappers/mod_negotiation.c
+++ b/modules/mappers/mod_negotiation.c
@@ -2252,7 +2252,7 @@ static int variant_has_language(var_rec *variant, const char *lang)
}
/* check for environment variables 'no-gzip' and
- * 'gzip-only-text/html' to get a behaviour similiar
+ * 'gzip-only-text/html' to get a behaviour similar
* to mod_deflate
*/
static int discard_variant_by_env(var_rec *variant, int discard)
@@ -2775,7 +2775,7 @@ static int setup_choice_response(request_rec *r, negotiation_state *neg,
* see that Vary header yet at this point in the control flow.
* This won't cause any cache consistency problems _unless_ the
* CGI script also returns a Cache-Control header marking the
- * response as cachable. This needs to be fixed, also there are
+ * response as cacheable. This needs to be fixed, also there are
* problems if a CGI returns an Etag header which also need to be
* fixed.
*/
@@ -3127,7 +3127,7 @@ static int handle_multi(request_rec *r)
ap_internal_fast_redirect(sub_req, r);
/* give no advise for time on this subrequest. Perhaps we
- * should tally the last mtime amoung all variants, and date
+ * should tally the last mtime among all variants, and date
* the most recent, but that could confuse the proxies.
*/
r->mtime = 0;
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
index 7b2737c..dcf7988 100644
--- a/modules/mappers/mod_rewrite.c
+++ b/modules/mappers/mod_rewrite.c
@@ -4077,7 +4077,7 @@ static int apply_rewrite_rule(rewriterule_entry *p, rewrite_ctx *ctx)
/* Ok, we already know the pattern has matched, but we now
* additionally have to check for all existing preconditions
* (RewriteCond) which have to be also true. We do this at
- * this very late stage to avoid unnessesary checks which
+ * this very late stage to avoid unnecessary checks which
* would slow down the rewriting engine.
*/
rewriteconds = p->rewriteconds;
@@ -4295,6 +4295,17 @@ static int apply_rewrite_list(request_rec *r, apr_array_header_t *rewriterules,
rc = apply_rewrite_rule(p, ctx);
if (rc) {
+
+ /* Catch looping rules with pathinfo growing unbounded */
+ if ( strlen( r->filename ) > 2*r->server->limit_req_line ) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "RewriteRule '%s' and URI '%s' "
+ "exceeded maximum length (%d)",
+ p->pattern, r->uri, 2*r->server->limit_req_line );
+ r->status = HTTP_INTERNAL_SERVER_ERROR;
+ return ACTION_STATUS;
+ }
+
/* Regardless of what we do next, we've found a match. Check to see
* if any of the request header fields were involved, and add them
* to the Vary field of the response.
@@ -4871,7 +4882,7 @@ static int hook_fixup(request_rec *r)
/*
* Do the Options check after engine check, so
- * the user is able to explicitely turn RewriteEngine Off.
+ * the user is able to explicitly turn RewriteEngine Off.
*/
if (!(ap_allow_options(r) & (OPT_SYM_LINKS | OPT_SYM_OWNER))) {
/* FollowSymLinks is mandatory! */
@@ -4886,7 +4897,7 @@ static int hook_fixup(request_rec *r)
/*
* remember the current filename before rewriting for later check
* to prevent deadlooping because of internal redirects
- * on final URL/filename which can be equal to the inital one.
+ * on final URL/filename which can be equal to the initial one.
* also, we'll restore original r->filename if we decline this
* request
*/
diff --git a/modules/metadata/mod_env.c b/modules/metadata/mod_env.c
index 5a98c80..e3e1d4e 100644
--- a/modules/metadata/mod_env.c
+++ b/modules/metadata/mod_env.c
@@ -63,7 +63,7 @@ static void *merge_env_dir_configs(apr_pool_t *p, void *basev, void *addv)
* table_set( res->vars, $element.key, $element.val );
*
* add->unsetenv already removed the vars from add->vars,
- * if they preceeded the UnsetEnv directive.
+ * if they preceded the UnsetEnv directive.
*/
res->vars = apr_table_copy(p, base->vars);
res->unsetenv = NULL;
diff --git a/modules/metadata/mod_headers.c b/modules/metadata/mod_headers.c
index 210b2bb..1ea970d 100644
--- a/modules/metadata/mod_headers.c
+++ b/modules/metadata/mod_headers.c
@@ -666,13 +666,15 @@ static const char *process_regexp(header_entry *hdr, const char *value,
return ret;
}
-static int echo_header(echo_do *v, const char *key, const char *val)
+static int echo_header(void *v, const char *key, const char *val)
{
+ edit_do *ed = v;
+
/* If the input header (key) matches the regex, echo it intact to
* r->headers_out.
*/
- if (!ap_regexec(v->hdr->regex, key, 0, NULL, 0)) {
- apr_table_add(v->r->headers_out, key, val);
+ if (!ap_regexec(ed->hdr->regex, key, 0, NULL, 0)) {
+ apr_table_add(ed->r->headers_out, key, val);
}
return 1;
@@ -808,8 +810,7 @@ static int do_headers_fixup(request_rec *r, apr_table_t *headers,
case hdr_echo:
v.r = r;
v.hdr = hdr;
- apr_table_do((int (*) (void *, const char *, const char *))
- echo_header, (void *) &v, r->headers_in, NULL);
+ apr_table_do(echo_header, &v, r->headers_in, NULL);
break;
case hdr_edit:
case hdr_edit_r:
diff --git a/modules/metadata/mod_mime_magic.c b/modules/metadata/mod_mime_magic.c
index 693ceca..22dadaf 100644
--- a/modules/metadata/mod_mime_magic.c
+++ b/modules/metadata/mod_mime_magic.c
@@ -161,7 +161,7 @@ struct magic {
unsigned char hl[4]; /* 2 bytes of a fixed-endian "long" */
} value; /* either number or string */
unsigned long mask; /* mask before comparison with value */
- char nospflag; /* supress space character */
+ char nospflag; /* suppress space character */
/* NOTE: this string is suspected of overrunning - find it! */
char desc[MAXDESC]; /* description */
diff --git a/modules/metadata/mod_remoteip.c b/modules/metadata/mod_remoteip.c
index 0a1dfac..28e01df 100644
--- a/modules/metadata/mod_remoteip.c
+++ b/modules/metadata/mod_remoteip.c
@@ -255,7 +255,7 @@ static int remoteip_modify_request(request_rec *r)
}
remote = apr_pstrdup(r->pool, remote);
- temp_sa = c->client_addr;
+ temp_sa = r->useragent_addr ? r->useragent_addr : c->client_addr;
while (remote) {
diff --git a/modules/metadata/mod_version.c b/modules/metadata/mod_version.c
index 7bf369b..688cd8d 100644
--- a/modules/metadata/mod_version.c
+++ b/modules/metadata/mod_version.c
@@ -49,7 +49,7 @@
* = / == match; regex must be surrounded by slashes
* ~ match; regex MAY NOT be surrounded by slashes
*
- * Note that all operators may be preceeded by an exclamation mark
+ * Note that all operators may be preceded by an exclamation mark
* (without spaces) in order to reverse their meaning.
*
*/
diff --git a/modules/proxy/NWGNUproxy b/modules/proxy/NWGNUproxy
index d90f2e2..d731c5a 100644
--- a/modules/proxy/NWGNUproxy
+++ b/modules/proxy/NWGNUproxy
@@ -256,6 +256,7 @@ $(OBJDIR)/mod_proxy.imp: NWGNUproxy
@echo $(DL)# Exports of mod_proxy$(DL)> $@
@echo $(DL) (AP$(VERSION_MAJMIN))$(DL)>> $@
@echo $(DL) proxy_module,$(DL)>> $@
+ @echo $(DL) proxy_hcmethods,$(DL)>> $@
@echo $(DL) proxy_hook_canon_handler,$(DL)>> $@
@echo $(DL) proxy_hook_get_canon_handler,$(DL)>> $@
@echo $(DL) proxy_hook_get_post_request,$(DL)>> $@
@@ -277,6 +278,7 @@ $(OBJDIR)/mod_proxy.imp: NWGNUproxy
@echo $(DL) ap_proxy_c2hex,$(DL)>> $@
@echo $(DL) ap_proxy_canon_netloc,$(DL)>> $@
@echo $(DL) ap_proxy_canonenc,$(DL)>> $@
+ @echo $(DL) ap_proxy_check_connection,$(DL)>> $@
@echo $(DL) ap_proxy_checkproxyblock,$(DL)>> $@
@echo $(DL) ap_proxy_checkproxyblock2,$(DL)>> $@
@echo $(DL) ap_proxy_conn_is_https,$(DL)>> $@
@@ -312,6 +314,7 @@ $(OBJDIR)/mod_proxy.imp: NWGNUproxy
@echo $(DL) ap_proxy_set_wstatus,$(DL)>> $@
@echo $(DL) ap_proxy_share_balancer,$(DL)>> $@
@echo $(DL) ap_proxy_share_worker,$(DL)>> $@
+ @echo $(DL) ap_proxy_show_hcmethod,$(DL)>> $@
@echo $(DL) ap_proxy_ssl_connection_cleanup,$(DL)>> $@
@echo $(DL) ap_proxy_ssl_disable,$(DL)>> $@
@echo $(DL) ap_proxy_ssl_enable,$(DL)>> $@
diff --git a/modules/cache/NWGNUsocachmem b/modules/proxy/NWGNUproxyhcheck
similarity index 84%
copy from modules/cache/NWGNUsocachmem
copy to modules/proxy/NWGNUproxyhcheck
index d8d10d8..d200650 100644
--- a/modules/cache/NWGNUsocachmem
+++ b/modules/proxy/NWGNUproxyhcheck
@@ -1,22 +1,15 @@
#
-# Declare the sub-directories to be built here
+# Make sure all needed macro's are defined
#
-SUBDIRS = \
- $(EOLIST)
-
#
-# Get the 'head' of the build environment. This includes default targets and
-# paths to tools
+# Get the 'head' of the build environment if necessary. This includes default
+# targets and paths to tools
#
+ifndef EnvironmentDefined
include $(AP_WORK)/build/NWGNUhead.inc
-
-#
-# build this level's files
-#
-# Make sure all needed macro's are defined
-#
+endif
#
# These directories will be at the beginning of the include list, followed by
@@ -25,8 +18,8 @@ include $(AP_WORK)/build/NWGNUhead.inc
XINCDIRS += \
$(APR)/include \
$(APRUTIL)/include \
- $(AP_WORK)/include \
- $(AP_WORK)/server/mpm/netware \
+ $(SRC)/include \
+ $(STDMOD)/core \
$(NWOS) \
$(EOLIST)
@@ -99,19 +92,19 @@ endif
# This is used by the link 'name' directive to name the nlm. If left blank
# TARGET_nlm (see below) will be used.
#
-NLM_NAME = socachemem
+NLM_NAME = proxyhcheck
#
# This is used by the link '-desc ' directive.
# If left blank, NLM_NAME will be used.
#
-NLM_DESCRIPTION = Apache $(VERSION_STR) Socache Memory Module
+NLM_DESCRIPTION = Apache $(VERSION_STR) Proxy Health Check Module
#
# This is used by the '-threadname' directive. If left blank,
# NLM_NAME Thread will be used.
#
-NLM_THREAD_NAME = socachemem
+NLM_THREAD_NAME = Proxy Health Module
#
# If this is specified, it will override VERSION value in
@@ -122,7 +115,7 @@ NLM_VERSION =
#
# If this is specified, it will override the default of 64K
#
-NLM_STACK_SIZE = 65536
+NLM_STACK_SIZE = 8192
#
@@ -141,7 +134,7 @@ NLM_EXIT_SYM =
NLM_CHECK_SYM =
#
-# If this is specified it will be used by the link '-flags' directive
+# If these are specified it will be used by the link '-flags' directive
#
NLM_FLAGS =
@@ -153,28 +146,21 @@ NLM_FLAGS =
XDCDATA =
#
-# Declare all target files (you must add your files here)
-#
-
-#
# If there is an NLM target, put it here
#
-TARGET_nlm = \
- $(OBJDIR)/$(NLM_NAME).nlm \
- $(EOLIST)
+TARGET_nlm = $(OBJDIR)/$(NLM_NAME).nlm
#
# If there is an LIB target, put it here
#
-TARGET_lib = \
- $(EOLIST)
+TARGET_lib =
#
# These are the OBJ files needed to create the NLM target above.
# Paths must all use the '/' character
#
FILES_nlm_objs = \
- $(OBJDIR)/mod_socache_memcache.o \
+ $(OBJDIR)/mod_proxy_hcheck.o \
$(EOLIST)
#
@@ -190,8 +176,9 @@ FILES_nlm_libs = \
# These will be added as a module command in the link.opt file.
#
FILES_nlm_modules = \
- Apache2 \
- Libc \
+ libc \
+ aprlib \
+ proxy \
$(EOLIST)
#
@@ -216,13 +203,20 @@ FILES_nlm_Ximports = \
@libc.imp \
@aprlib.imp \
@httpd.imp \
+ @mod_proxy.imp \
+ $(EOLIST)
+
+# Don't link with Winsock if standard sockets are being used
+ifndef USE_STDSOCKETS
+FILES_nlm_Ximports += @ws2nlm.imp \
$(EOLIST)
+endif
#
# Any symbols exported to here
#
FILES_nlm_exports = \
- socache_memcache_module \
+ proxy_hcheck_module \
$(EOLIST)
#
@@ -250,11 +244,11 @@ install :: nlms FORCE
# Any specialized rules here
#
+vpath %.c ../arch/netware
+
#
# Include the 'tail' makefile that has targets that depend on variables defined
# in this makefile
#
include $(APBUILD)/NWGNUtail.inc
-
-
diff --git a/modules/proxy/config.m4 b/modules/proxy/config.m4
index ebb13f0..a0915c6 100644
--- a/modules/proxy/config.m4
+++ b/modules/proxy/config.m4
@@ -50,7 +50,7 @@ APACHE_MODULE(proxy_ftp, Apache proxy FTP module. Requires --enable-proxy., $pr
APACHE_MODULE(proxy_http, Apache proxy HTTP module. Requires --enable-proxy., $proxy_http_objs, , most, , proxy)
APACHE_MODULE(proxy_fcgi, Apache proxy FastCGI module. Requires --enable-proxy., $proxy_fcgi_objs, , most, , proxy)
APACHE_MODULE(proxy_scgi, Apache proxy SCGI module. Requires --enable-proxy., $proxy_scgi_objs, , most, , proxy)
-APACHE_MODULE(proxy_fdpass, Apache proxy to Unix Daemon Socket module. Requires --enable-proxy., $proxy_fdpass_objs, , , [
+APACHE_MODULE(proxy_fdpass, Apache proxy to Unix Daemon Socket module. Requires --enable-proxy., $proxy_fdpass_objs, , most, [
AC_CHECK_DECL(CMSG_DATA,,, [
#include <sys/types.h>
#include <sys/socket.h>
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
index cdcda4f..d6e6500 100644
--- a/modules/proxy/mod_proxy.c
+++ b/modules/proxy/mod_proxy.c
@@ -649,9 +649,18 @@ PROXY_DECLARE(int) ap_proxy_trans_match(request_rec *r, struct proxy_alias *ent,
fake = ent->fake;
real = ent->real;
}
+
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r, APLOGNO(03461)
+ "attempting to match URI path '%s' against %s '%s' for "
+ "proxying", r->uri, (ent->regex ? "pattern" : "prefix"),
+ fake);
+
if (ent->regex) {
if (!ap_regexec(ent->regex, r->uri, AP_MAX_REG_MATCH, regm, 0)) {
if ((real[0] == '!') && (real[1] == '\0')) {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03462)
+ "proxying is explicitly disabled for URI path "
+ "'%s'; declining", r->uri);
return DECLINED;
}
/* test that we haven't reduced the URI */
@@ -695,6 +704,9 @@ PROXY_DECLARE(int) ap_proxy_trans_match(request_rec *r, struct proxy_alias *ent,
if (len != 0) {
if ((real[0] == '!') && (real[1] == '\0')) {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03463)
+ "proxying is explicitly disabled for URI path "
+ "'%s'; declining", r->uri);
return DECLINED;
}
if (nocanon && len != alias_match(r->unparsed_uri, ent->fake)) {
@@ -723,6 +735,11 @@ PROXY_DECLARE(int) ap_proxy_trans_match(request_rec *r, struct proxy_alias *ent,
if (ent->flags & PROXYPASS_NOQUERY) {
apr_table_setn(r->notes, "proxy-noquery", "1");
}
+
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03464)
+ "URI path '%s' matches proxy handler '%s'", r->uri,
+ found);
+
return OK;
}
@@ -754,18 +771,29 @@ static int proxy_trans(request_rec *r)
*/
dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
-
+ conf = (proxy_server_conf *) ap_get_module_config(r->server->module_config,
+ &proxy_module);
/* short way - this location is reverse proxied? */
if (dconf->alias) {
int rv = ap_proxy_trans_match(r, dconf->alias, dconf);
+ if (OK == rv) {
+ /* Got a hit. Need to make sure it's not explicitly declined */
+ if (conf->aliases->nelts) {
+ ent = (struct proxy_alias *) conf->aliases->elts;
+ for (i = 0; i < conf->aliases->nelts; i++) {
+ int rv = ap_proxy_trans_match(r, &ent[i], dconf);
+ if (DECLINED == rv) {
+ return DECLINED;
+ }
+ }
+ }
+ return OK;
+ }
if (DONE != rv) {
return rv;
}
}
- conf = (proxy_server_conf *) ap_get_module_config(r->server->module_config,
- &proxy_module);
-
/* long way - walk the list of aliases, find a match */
if (conf->aliases->nelts) {
ent = (struct proxy_alias *) conf->aliases->elts;
@@ -1255,16 +1283,24 @@ cleanup:
* the error page on the proxy or if the error was not generated by the
* backend itself but by the proxy e.g. a bad gateway) in order to give
* ap_proxy_post_request a chance to act correctly on the status code.
+ * But only do the above if access_status is not OK and not DONE, because
+ * in this case r->status might contain the true status and overwriting
+ * it with OK or DONE would be wrong.
*/
- saved_status = r->status;
- r->status = access_status;
- ap_proxy_post_request(worker, balancer, r, conf);
- /*
- * Only restore r->status if it has not been changed by
- * ap_proxy_post_request as we assume that this change was intentional.
- */
- if (r->status == access_status) {
- r->status = saved_status;
+ if ((access_status != OK) && (access_status != DONE)) {
+ saved_status = r->status;
+ r->status = access_status;
+ ap_proxy_post_request(worker, balancer, r, conf);
+ /*
+ * Only restore r->status if it has not been changed by
+ * ap_proxy_post_request as we assume that this change was intentional.
+ */
+ if (r->status == access_status) {
+ r->status = saved_status;
+ }
+ }
+ else {
+ ap_proxy_post_request(worker, balancer, r, conf);
}
proxy_run_request_status(&access_status, r);
diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
index f1413c5..281a776 100644
--- a/modules/proxy/mod_proxy.h
+++ b/modules/proxy/mod_proxy.h
@@ -271,6 +271,10 @@ typedef struct {
unsigned int inreslist:1; /* connection in apr_reslist? */
const char *uds_path; /* Unix domain socket path */
const char *ssl_hostname;/* Hostname (SNI) in use by SSL connection */
+ apr_bucket_brigade *tmp_bb;/* Temporary brigade created with the connection
+ * and its scpool/bucket_alloc (NULL before),
+ * must be left cleaned when used (locally).
+ */
} proxy_conn_rec;
typedef struct {
@@ -374,7 +378,7 @@ typedef struct {
unsigned int fnv;
} proxy_hashes ;
-/* Runtime worker status informations. Shared in scoreboard */
+/* Runtime worker status information. Shared in scoreboard */
/* The addition of member uds_path in 2.4.7 was an incompatible API change. */
typedef struct {
char name[PROXY_WORKER_MAX_NAME_SIZE];
@@ -580,7 +584,7 @@ APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, fixups, (request_rec *r))
/**
* pre request hook.
* It will return the most suitable worker at the moment
- * and coresponding balancer.
+ * and corresponding balancer.
* The url is rewritten from balancer://cluster/uri to scheme://host:port/uri
* and then the scheme_handler is called.
*
@@ -632,6 +636,7 @@ PROXY_DECLARE(int) ap_proxy_checkproxyblock2(request_rec *r, proxy_server_conf *
PROXY_DECLARE(int) ap_proxy_pre_http_request(conn_rec *c, request_rec *r);
/* DEPRECATED (will be replaced with ap_proxy_connect_backend */
PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, request_rec *);
+/* DEPRECATED (will be replaced with ap_proxy_check_connection */
PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn,
request_rec *r);
PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
@@ -763,7 +768,7 @@ PROXY_DECLARE(char *) ap_proxy_update_balancer(apr_pool_t *p,
* @param url url containing balancer name
* @param alias alias/fake-path to this balancer
* @param do_malloc true if shared struct should be malloced
- * @return error message or NULL if successfull
+ * @return error message or NULL if successful
*/
PROXY_DECLARE(char *) ap_proxy_define_balancer(apr_pool_t *p,
proxy_balancer **balancer,
@@ -916,6 +921,28 @@ PROXY_DECLARE(int) ap_proxy_acquire_connection(const char *proxy_function,
PROXY_DECLARE(int) ap_proxy_release_connection(const char *proxy_function,
proxy_conn_rec *conn,
server_rec *s);
+
+#define PROXY_CHECK_CONN_EMPTY (1 << 0)
+/**
+ * Check a connection to the backend
+ * @param scheme calling proxy scheme (http, ajp, ...)
+ * @param conn acquired connection
+ * @param server current server record
+ * @param max_blank_lines how many blank lines to consume,
+ * or zero for none (considered data)
+ * @param flags PROXY_CHECK_* bitmask
+ * @return APR_SUCCESS: connection established,
+ * APR_ENOTEMPTY: connection established with data,
+ * APR_ENOSOCKET: not connected,
+ * APR_EINVAL: worker in error state (unusable),
+ * other: connection closed/aborted (remotely)
+ */
+PROXY_DECLARE(apr_status_t) ap_proxy_check_connection(const char *scheme,
+ proxy_conn_rec *conn,
+ server_rec *server,
+ unsigned max_blank_lines,
+ int flags);
+
/**
* Make a connection to the backend
* @param proxy_function calling proxy scheme (http, ajp, ...)
diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c
index 0014a7c..051724e 100644
--- a/modules/proxy/mod_proxy_ajp.c
+++ b/modules/proxy/mod_proxy_ajp.c
@@ -141,7 +141,7 @@ static apr_off_t get_content_length(request_rec * r)
* XXX: AJP Auto Flushing
*
* When processing CMD_AJP13_SEND_BODY_CHUNK AJP messages we will do a poll
- * with FLUSH_WAIT miliseconds timeout to determine if more data is currently
+ * with FLUSH_WAIT milliseconds timeout to determine if more data is currently
* available at the backend. If there is no more data available, we flush
* the data to the client by adding a flush bucket to the brigade we pass
* up the filter chain.
@@ -358,7 +358,7 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
}
return HTTP_INTERNAL_SERVER_ERROR;
}
- /* parse the reponse */
+ /* parse the response */
result = ajp_parse_type(r, conn->data);
output_brigade = apr_brigade_create(p, r->connection->bucket_alloc);
@@ -769,7 +769,10 @@ static int proxy_ajp_handler(request_rec *r, proxy_worker *worker,
break;
/* Step Two: Make the Connection */
- if (ap_proxy_connect_backend(scheme, backend, worker, r->server)) {
+ if (ap_proxy_check_connection(scheme, backend, r->server, 0,
+ PROXY_CHECK_CONN_EMPTY)
+ && ap_proxy_connect_backend(scheme, backend, worker,
+ r->server)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00896)
"failed to make connection to backend: %s",
backend->hostname);
diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c
index 69ad5dc..ec9f103 100644
--- a/modules/proxy/mod_proxy_balancer.c
+++ b/modules/proxy/mod_proxy_balancer.c
@@ -212,7 +212,8 @@ static char *get_cookie_param(request_rec *r, const char *name)
/* Find the worker that has the 'route' defined
*/
static proxy_worker *find_route_worker(proxy_balancer *balancer,
- const char *route, request_rec *r)
+ const char *route, request_rec *r,
+ int recursion)
{
int i;
int checking_standby;
@@ -249,10 +250,15 @@ static proxy_worker *find_route_worker(proxy_balancer *balancer,
* This enables to safely remove the member from the
* balancer. Of course you will need some kind of
* session replication between those two remote.
+ * Also check that we haven't gone thru all the
+ * balancer members by means of redirects.
+ * This should avoid redirect cycles.
*/
- if (*worker->s->redirect) {
+ if ((*worker->s->redirect)
+ && (recursion < balancer->workers->nelts)) {
proxy_worker *rworker = NULL;
- rworker = find_route_worker(balancer, worker->s->redirect, r);
+ rworker = find_route_worker(balancer, worker->s->redirect,
+ r, recursion + 1);
/* Check if the redirect worker is usable */
if (rworker && !PROXY_WORKER_IS_USABLE(rworker)) {
/*
@@ -315,7 +321,7 @@ static proxy_worker *find_session_route(proxy_balancer *balancer,
/* We have a route in path or in cookie
* Find the worker that has this route defined.
*/
- worker = find_route_worker(balancer, *route, r);
+ worker = find_route_worker(balancer, *route, r, 1);
if (worker && strcmp(*route, worker->s->route)) {
/*
* Notice that the route of the worker chosen is different from
diff --git a/modules/proxy/mod_proxy_connect.c b/modules/proxy/mod_proxy_connect.c
index 6e32af0..1984342 100644
--- a/modules/proxy/mod_proxy_connect.c
+++ b/modules/proxy/mod_proxy_connect.c
@@ -119,7 +119,7 @@ static int allowed_port(connect_conf *conf, int port)
int i;
port_range *list = (port_range *) conf->allowed_connect_ports->elts;
- if (apr_is_empty_array(conf->allowed_connect_ports)){
+ if (apr_is_empty_array(conf->allowed_connect_ports)) {
return port == APR_URI_HTTPS_DEFAULT_PORT
|| port == APR_URI_SNEWS_DEFAULT_PORT;
}
@@ -158,7 +158,7 @@ static int proxy_connect_handler(request_rec *r, proxy_worker *worker,
conn_rec *backconn;
int done = 0;
- apr_bucket_brigade *bb_front = apr_brigade_create(p, c->bucket_alloc);
+ apr_bucket_brigade *bb_front;
apr_bucket_brigade *bb_back;
apr_status_t rv;
apr_size_t nbytes;
@@ -227,9 +227,9 @@ static int proxy_connect_handler(request_rec *r, proxy_worker *worker,
connectname, connectport);
/* Check if it is an allowed port */
- if(!allowed_port(c_conf, uri.port)) {
- return ap_proxyerror(r, HTTP_FORBIDDEN,
- "Connect to remote machine blocked");
+ if (!allowed_port(c_conf, uri.port)) {
+ return ap_proxyerror(r, HTTP_FORBIDDEN,
+ "Connect to remote machine blocked");
}
/*
@@ -315,6 +315,7 @@ static int proxy_connect_handler(request_rec *r, proxy_worker *worker,
backconn->local_addr->port));
+ bb_front = apr_brigade_create(p, c->bucket_alloc);
bb_back = apr_brigade_create(p, backconn->bucket_alloc);
/* If we are connecting through a remote proxy, we need to pass
diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c
index 19047ff..76d381b 100644
--- a/modules/proxy/mod_proxy_fcgi.c
+++ b/modules/proxy/mod_proxy_fcgi.c
@@ -253,7 +253,6 @@ static apr_status_t send_environment(proxy_conn_rec *conn, request_rec *r,
apr_status_t rv;
apr_size_t avail_len, len, required_len;
int next_elem, starting_elem;
- char *proxyfilename = r->filename;
fcgi_req_config_t *rconf = ap_get_module_config(r->request_config, &proxy_fcgi_module);
if (rconf) {
@@ -272,6 +271,13 @@ static apr_status_t send_environment(proxy_conn_rec *conn, request_rec *r,
else if (!strncmp(r->filename, "proxy:fcgi://", 13)) {
newfname = apr_pstrdup(r->pool, r->filename+13);
}
+ /* Query string in environment only */
+ if (newfname && r->args && *r->args) {
+ char *qs = strrchr(newfname, '?');
+ if (qs && !strcmp(qs+1, r->args)) {
+ *qs = '\0';
+ }
+ }
if (newfname) {
newfname = ap_strchr(newfname, '/');
@@ -282,8 +288,6 @@ static apr_status_t send_environment(proxy_conn_rec *conn, request_rec *r,
ap_add_common_vars(r);
ap_add_cgi_vars(r);
- r->filename = proxyfilename;
-
/* XXX are there any FastCGI specific env vars we need to send? */
/* XXX mod_cgi/mod_cgid use ap_create_environment here, which fills in
@@ -654,22 +658,32 @@ recv_again:
rv = ap_pass_brigade(r->output_filters, ob);
if (rv != APR_SUCCESS) {
*err = "passing headers brigade to output filters";
+ break;
}
- else if (status == HTTP_NOT_MODIFIED) {
- /* The 304 response MUST NOT contain
- * a message-body, ignore it. */
+ else if (status == HTTP_NOT_MODIFIED
+ || status == HTTP_PRECONDITION_FAILED) {
+ /* Special 'status' cases handled:
+ * 1) HTTP 304 response MUST NOT contain
+ * a message-body, ignore it.
+ * 2) HTTP 412 response.
+ * The break is not added since there might
+ * be more bytes to read from the FCGI
+ * connection. Even if the message-body is
+ * ignored (and the EOS bucket has already
+ * been sent) we want to avoid subsequent
+ * bogus reads. */
ignore_body = 1;
}
else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01070)
"Error parsing script headers");
rv = APR_EINVAL;
+ break;
}
- break;
}
- if (conf->error_override &&
- ap_is_HTTP_ERROR(r->status)) {
+ if (conf->error_override
+ && ap_is_HTTP_ERROR(r->status) && ap_is_initial_req(r)) {
/*
* set script_error_status to discard
* everything after the headers
@@ -939,7 +953,10 @@ static int proxy_fcgi_handler(request_rec *r, proxy_worker *worker,
}
/* Step Two: Make the Connection */
- if (ap_proxy_connect_backend(FCGI_SCHEME, backend, worker, r->server)) {
+ if (ap_proxy_check_connection(FCGI_SCHEME, backend, r->server, 0,
+ PROXY_CHECK_CONN_EMPTY)
+ && ap_proxy_connect_backend(FCGI_SCHEME, backend, worker,
+ r->server)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01079)
"failed to make connection to backend: %s",
backend->hostname);
diff --git a/modules/proxy/mod_proxy_hcheck.c b/modules/proxy/mod_proxy_hcheck.c
index 6606652..0dee1b4 100644
--- a/modules/proxy/mod_proxy_hcheck.c
+++ b/modules/proxy/mod_proxy_hcheck.c
@@ -426,6 +426,8 @@ static proxy_worker *hc_get_hcworker(sctx_t *ctx, proxy_worker *worker,
PROXY_STRNCPY(hc->s->name, wptr);
PROXY_STRNCPY(hc->s->hostname, worker->s->hostname);
PROXY_STRNCPY(hc->s->scheme, worker->s->scheme);
+ PROXY_STRNCPY(hc->s->hcuri, worker->s->hcuri);
+ PROXY_STRNCPY(hc->s->hcexpr, worker->s->hcexpr);
hc->hash.def = hc->s->hash.def = ap_proxy_hashfunc(hc->s->name, PROXY_HASHFUNC_DEFAULT);
hc->hash.fnv = hc->s->hash.fnv = ap_proxy_hashfunc(hc->s->name, PROXY_HASHFUNC_FNV);
hc->s->port = port;
@@ -775,7 +777,7 @@ static apr_status_t hc_check_http(sctx_t *ctx, apr_pool_t *ptemp, proxy_worker *
return backend_cleanup("HCOH", backend, ctx->s, status);
}
-static void *hc_check(apr_thread_t *thread, void *b)
+static void * APR_THREAD_FUNC hc_check(apr_thread_t *thread, void *b)
{
baton_t *baton = (baton_t *)b;
sctx_t *ctx = baton->ctx;
diff --git a/modules/proxy/mod_proxy_hcheck.dep b/modules/proxy/mod_proxy_hcheck.dep
new file mode 100644
index 0000000..008ee64
--- /dev/null
+++ b/modules/proxy/mod_proxy_hcheck.dep
@@ -0,0 +1,5 @@
+# Microsoft Developer Studio Generated Dependency File, included by mod_proxy_hcheck.mak
+
+..\..\build\win32\httpd.rc : \
+ "..\..\include\ap_release.h"\
+
diff --git a/modules/proxy/mod_proxy_hcheck.dsp b/modules/proxy/mod_proxy_hcheck.dsp
new file mode 100644
index 0000000..73aaf2b
--- /dev/null
+++ b/modules/proxy/mod_proxy_hcheck.dsp
@@ -0,0 +1,123 @@
+# Microsoft Developer Studio Project File - Name="mod_proxy_hcheck" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
+
+CFG=mod_proxy_hcheck - Win32 Release
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE
+!MESSAGE NMAKE /f "mod_proxy_hcheck.mak".
+!MESSAGE
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "mod_proxy_hcheck.mak" CFG="mod_proxy_hcheck - Win32 Release"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "mod_proxy_hcheck - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "mod_proxy_hcheck - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+MTL=midl.exe
+RSC=rc.exe
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c
+# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../core" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_proxy_hcheck_src" /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x409 /fo"Release/mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /d "NDEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /out:".\Release\mod_proxy_hcheck.so" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so
+# ADD LINK32 kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Release\mod_proxy_hcheck.so" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so /opt:ref
+# Begin Special Build Tool
+TargetPath=.\Release\mod_proxy_hcheck.so
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2
+# End Special Build Tool
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c
+# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../core" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_proxy_hcheck_src" /FD /c
+# ADD BASE MTL /nologo /D "_DEBUG" /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x409 /fo"Debug/mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /d "_DEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Debug\mod_proxy_hcheck.so" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so
+# ADD LINK32 kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Debug\mod_proxy_hcheck.so" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so
+# Begin Special Build Tool
+TargetPath=.\Debug\mod_proxy_hcheck.so
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2
+# End Special Build Tool
+
+!ENDIF
+
+# Begin Target
+
+# Name "mod_proxy_hcheck - Win32 Release"
+# Name "mod_proxy_hcheck - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90"
+# Begin Source File
+
+SOURCE=.\mod_proxy_hcheck.c
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter ".h"
+# Begin Source File
+
+SOURCE=.\mod_proxy.h
+# End Source File
+# End Group
+# Begin Source File
+
+SOURCE=..\..\build\win32\httpd.rc
+# End Source File
+# End Target
+# End Project
diff --git a/modules/proxy/mod_proxy_hcheck.mak b/modules/proxy/mod_proxy_hcheck.mak
new file mode 100644
index 0000000..dc0d758
--- /dev/null
+++ b/modules/proxy/mod_proxy_hcheck.mak
@@ -0,0 +1,380 @@
+# Microsoft Developer Studio Generated NMAKE File, Based on mod_proxy_hcheck.dsp
+!IF "$(CFG)" == ""
+CFG=mod_proxy_hcheck - Win32 Release
+!MESSAGE No configuration specified. Defaulting to mod_proxy_hcheck - Win32 Release.
+!ENDIF
+
+!IF "$(CFG)" != "mod_proxy_hcheck - Win32 Release" && "$(CFG)" != "mod_proxy_hcheck - Win32 Debug"
+!MESSAGE Invalid configuration "$(CFG)" specified.
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "mod_proxy_hcheck.mak" CFG="mod_proxy_hcheck - Win32 Release"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "mod_proxy_hcheck - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "mod_proxy_hcheck - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE
+!ERROR An invalid configuration is specified.
+!ENDIF
+
+!IF "$(OS)" == "Windows_NT"
+NULL=
+!ELSE
+NULL=nul
+!ENDIF
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+OUTDIR=.\Release
+INTDIR=.\Release
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\Release
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\mod_proxy_hcheck.so" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "mod_proxy - Win32 Release" "libhttpd - Win32 Release" "libaprutil - Win32 Release" "libapr - Win32 Release" "$(OUTDIR)\mod_proxy_hcheck.so" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - Win32 ReleaseCLEAN" "libaprutil - Win32 ReleaseCLEAN" "libhttpd - Win32 ReleaseCLEAN" "mod_proxy - Win32 ReleaseCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ - at erase "$(INTDIR)\mod_proxy_hcheck.obj"
+ - at erase "$(INTDIR)\mod_proxy_hcheck.res"
+ - at erase "$(INTDIR)\mod_proxy_hcheck_src.idb"
+ - at erase "$(INTDIR)\mod_proxy_hcheck_src.pdb"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.exp"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.lib"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.pdb"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.so"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MD /W3 /Zi /O2 /Oy- /I "../core" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_hcheck_src" /FD /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /d "NDEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\mod_proxy_hcheck.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\mod_proxy_hcheck.pdb" /debug /out:"$(OUTDIR)\mod_proxy_hcheck.so" /implib:"$(OUTDIR)\mod_proxy_hcheck.lib" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so /opt:ref
+LINK32_OBJS= \
+ "$(INTDIR)\mod_proxy_hcheck.obj" \
+ "$(INTDIR)\mod_proxy_hcheck.res" \
+ "..\..\srclib\apr\Release\libapr-1.lib" \
+ "..\..\srclib\apr-util\Release\libaprutil-1.lib" \
+ "..\..\Release\libhttpd.lib" \
+ "$(OUTDIR)\mod_proxy.lib"
+
+"$(OUTDIR)\mod_proxy_hcheck.so" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\Release\mod_proxy_hcheck.so
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\Release
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\mod_proxy_hcheck.so"
+ if exist .\Release\mod_proxy_hcheck.so.manifest mt.exe -manifest .\Release\mod_proxy_hcheck.so.manifest -outputresource:.\Release\mod_proxy_hcheck.so;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+OUTDIR=.\Debug
+INTDIR=.\Debug
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0"
+
+ALL : "$(OUTDIR)\mod_proxy_hcheck.so" "$(DS_POSTBUILD_DEP)"
+
+!ELSE
+
+ALL : "mod_proxy - Win32 Debug" "libhttpd - Win32 Debug" "libaprutil - Win32 Debug" "libapr - Win32 Debug" "$(OUTDIR)\mod_proxy_hcheck.so" "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+!IF "$(RECURSE)" == "1"
+CLEAN :"libapr - Win32 DebugCLEAN" "libaprutil - Win32 DebugCLEAN" "libhttpd - Win32 DebugCLEAN" "mod_proxy - Win32 DebugCLEAN"
+!ELSE
+CLEAN :
+!ENDIF
+ - at erase "$(INTDIR)\mod_proxy_hcheck.obj"
+ - at erase "$(INTDIR)\mod_proxy_hcheck.res"
+ - at erase "$(INTDIR)\mod_proxy_hcheck_src.idb"
+ - at erase "$(INTDIR)\mod_proxy_hcheck_src.pdb"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.exp"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.lib"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.pdb"
+ - at erase "$(OUTDIR)\mod_proxy_hcheck.so"
+
+"$(OUTDIR)" :
+ if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MDd /W3 /Zi /Od /I "../core" /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\mod_proxy_hcheck_src" /FD /EHsc /c
+
+.c{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.obj::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.c{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cpp{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+.cxx{$(INTDIR)}.sbr::
+ $(CPP) @<<
+ $(CPP_PROJ) $<
+<<
+
+MTL=midl.exe
+MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32
+RSC=rc.exe
+RSC_PROJ=/l 0x409 /fo"$(INTDIR)\mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /d "_DEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache"
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\mod_proxy_hcheck.bsc"
+BSC32_SBRS= \
+
+LINK32=link.exe
+LINK32_FLAGS=kernel32.lib ws2_32.lib mswsock.lib /nologo /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\mod_proxy_hcheck.pdb" /debug /out:"$(OUTDIR)\mod_proxy_hcheck.so" /implib:"$(OUTDIR)\mod_proxy_hcheck.lib" /base:@..\..\os\win32\BaseAddr.ref,mod_proxy_hcheck.so
+LINK32_OBJS= \
+ "$(INTDIR)\mod_proxy_hcheck.obj" \
+ "$(INTDIR)\mod_proxy_hcheck.res" \
+ "..\..\srclib\apr\Debug\libapr-1.lib" \
+ "..\..\srclib\apr-util\Debug\libaprutil-1.lib" \
+ "..\..\Debug\libhttpd.lib" \
+ "$(OUTDIR)\mod_proxy.lib"
+
+"$(OUTDIR)\mod_proxy_hcheck.so" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+ $(LINK32) @<<
+ $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+
+TargetPath=.\Debug\mod_proxy_hcheck.so
+SOURCE="$(InputPath)"
+PostBuild_Desc=Embed .manifest
+DS_POSTBUILD_DEP=$(INTDIR)\postbld.dep
+
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+"$(DS_POSTBUILD_DEP)" : "$(OUTDIR)\mod_proxy_hcheck.so"
+ if exist .\Debug\mod_proxy_hcheck.so.manifest mt.exe -manifest .\Debug\mod_proxy_hcheck.so.manifest -outputresource:.\Debug\mod_proxy_hcheck.so;2
+ echo Helper for Post-build step > "$(DS_POSTBUILD_DEP)"
+
+!ENDIF
+
+
+!IF "$(NO_EXTERNAL_DEPS)" != "1"
+!IF EXISTS("mod_proxy_hcheck.dep")
+!INCLUDE "mod_proxy_hcheck.dep"
+!ELSE
+!MESSAGE Warning: cannot find "mod_proxy_hcheck.dep"
+!ENDIF
+!ENDIF
+
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release" || "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+SOURCE=.\mod_proxy_hcheck.c
+
+"$(INTDIR)\mod_proxy_hcheck.obj" : $(SOURCE) "$(INTDIR)"
+
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+"libapr - Win32 Release" :
+ cd ".\..\..\srclib\apr"
+ $(MAKE) /$(MAKEFLAGS) /F .\libapr.mak CFG="libapr - Win32 Release"
+ cd "..\..\modules\proxy"
+
+"libapr - Win32 ReleaseCLEAN" :
+ cd ".\..\..\srclib\apr"
+ $(MAKE) /$(MAKEFLAGS) /F .\libapr.mak CFG="libapr - Win32 Release" RECURSE=1 CLEAN
+ cd "..\..\modules\proxy"
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+"libapr - Win32 Debug" :
+ cd ".\..\..\srclib\apr"
+ $(MAKE) /$(MAKEFLAGS) /F .\libapr.mak CFG="libapr - Win32 Debug"
+ cd "..\..\modules\proxy"
+
+"libapr - Win32 DebugCLEAN" :
+ cd ".\..\..\srclib\apr"
+ $(MAKE) /$(MAKEFLAGS) /F .\libapr.mak CFG="libapr - Win32 Debug" RECURSE=1 CLEAN
+ cd "..\..\modules\proxy"
+
+!ENDIF
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+"libaprutil - Win32 Release" :
+ cd ".\..\..\srclib\apr-util"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Release"
+ cd "..\..\modules\proxy"
+
+"libaprutil - Win32 ReleaseCLEAN" :
+ cd ".\..\..\srclib\apr-util"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Release" RECURSE=1 CLEAN
+ cd "..\..\modules\proxy"
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+"libaprutil - Win32 Debug" :
+ cd ".\..\..\srclib\apr-util"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Debug"
+ cd "..\..\modules\proxy"
+
+"libaprutil - Win32 DebugCLEAN" :
+ cd ".\..\..\srclib\apr-util"
+ $(MAKE) /$(MAKEFLAGS) /F ".\libaprutil.mak" CFG="libaprutil - Win32 Debug" RECURSE=1 CLEAN
+ cd "..\..\modules\proxy"
+
+!ENDIF
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+"libhttpd - Win32 Release" :
+ cd ".\..\.."
+ $(MAKE) /$(MAKEFLAGS) /F .\libhttpd.mak CFG="libhttpd - Win32 Release"
+ cd ".\modules\proxy"
+
+"libhttpd - Win32 ReleaseCLEAN" :
+ cd ".\..\.."
+ $(MAKE) /$(MAKEFLAGS) /F .\libhttpd.mak CFG="libhttpd - Win32 Release" RECURSE=1 CLEAN
+ cd ".\modules\proxy"
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+"libhttpd - Win32 Debug" :
+ cd ".\..\.."
+ $(MAKE) /$(MAKEFLAGS) /F .\libhttpd.mak CFG="libhttpd - Win32 Debug"
+ cd ".\modules\proxy"
+
+"libhttpd - Win32 DebugCLEAN" :
+ cd ".\..\.."
+ $(MAKE) /$(MAKEFLAGS) /F .\libhttpd.mak CFG="libhttpd - Win32 Debug" RECURSE=1 CLEAN
+ cd ".\modules\proxy"
+
+!ENDIF
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+"mod_proxy - Win32 Release" :
+ cd "."
+ $(MAKE) /$(MAKEFLAGS) /F .\mod_proxy.mak CFG="mod_proxy - Win32 Release"
+ cd "."
+
+"mod_proxy - Win32 ReleaseCLEAN" :
+ cd "."
+ $(MAKE) /$(MAKEFLAGS) /F .\mod_proxy.mak CFG="mod_proxy - Win32 Release" RECURSE=1 CLEAN
+ cd "."
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+"mod_proxy - Win32 Debug" :
+ cd "."
+ $(MAKE) /$(MAKEFLAGS) /F .\mod_proxy.mak CFG="mod_proxy - Win32 Debug"
+ cd "."
+
+"mod_proxy - Win32 DebugCLEAN" :
+ cd "."
+ $(MAKE) /$(MAKEFLAGS) /F .\mod_proxy.mak CFG="mod_proxy - Win32 Debug" RECURSE=1 CLEAN
+ cd "."
+
+!ENDIF
+
+SOURCE=..\..\build\win32\httpd.rc
+
+!IF "$(CFG)" == "mod_proxy_hcheck - Win32 Release"
+
+
+"$(INTDIR)\mod_proxy_hcheck.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /i "\build6\hcheck\build\win32" /d "NDEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache" $(SOURCE)
+
+
+!ELSEIF "$(CFG)" == "mod_proxy_hcheck - Win32 Debug"
+
+
+"$(INTDIR)\mod_proxy_hcheck.res" : $(SOURCE) "$(INTDIR)"
+ $(RSC) /l 0x409 /fo"$(INTDIR)\mod_proxy_hcheck.res" /i "../../include" /i "../../srclib/apr/include" /i "\build6\hcheck\build\win32" /d "_DEBUG" /d BIN_NAME="mod_proxy_hcheck.so" /d LONG_NAME="proxy_hcheck_module for Apache" $(SOURCE)
+
+
+!ENDIF
+
+
+!ENDIF
+
diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c
index de8b8c8..d343aa7 100644
--- a/modules/proxy/mod_proxy_http.c
+++ b/modules/proxy/mod_proxy_http.c
@@ -1188,7 +1188,7 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
const char *buf;
char keepchar;
apr_bucket *e;
- apr_bucket_brigade *bb, *tmp_bb;
+ apr_bucket_brigade *bb;
apr_bucket_brigade *pass_bb;
int len, backasswards;
int interim_response = 0; /* non-zero whilst interim 1xx responses
@@ -1244,16 +1244,17 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
backend->r->proxyreq = PROXYREQ_RESPONSE;
apr_table_setn(r->notes, "proxy-source-port", apr_psprintf(r->pool, "%hu",
origin->local_addr->port));
- tmp_bb = apr_brigade_create(p, c->bucket_alloc);
do {
apr_status_t rc;
apr_brigade_cleanup(bb);
- rc = ap_proxygetline(tmp_bb, buffer, sizeof(buffer), backend->r, 0, &len);
+ rc = ap_proxygetline(backend->tmp_bb, buffer, sizeof(buffer),
+ backend->r, 0, &len);
if (len == 0) {
/* handle one potential stray CRLF */
- rc = ap_proxygetline(tmp_bb, buffer, sizeof(buffer), backend->r, 0, &len);
+ rc = ap_proxygetline(backend->tmp_bb, buffer, sizeof(buffer),
+ backend->r, 0, &len);
}
if (len <= 0) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r, APLOGNO(01102)
@@ -1908,13 +1909,8 @@ static int proxy_http_handler(request_rec *r, proxy_worker *worker,
worker, r->server)) != OK)
goto cleanup;
-
backend->is_ssl = is_ssl;
- if (is_ssl) {
- ap_proxy_ssl_connection_cleanup(backend, r);
- }
-
/*
* In the case that we are handling a reverse proxy connection and this
* is not a request that is coming over an already kept alive connection
@@ -1939,7 +1935,10 @@ static int proxy_http_handler(request_rec *r, proxy_worker *worker,
break;
/* Step Two: Make the Connection */
- if (ap_proxy_connect_backend(proxy_function, backend, worker, r->server)) {
+ if (ap_proxy_check_connection(proxy_function, backend, r->server, 1,
+ PROXY_CHECK_CONN_EMPTY)
+ && ap_proxy_connect_backend(proxy_function, backend, worker,
+ r->server)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01114)
"HTTP: failed to make connection to backend: %s",
backend->hostname);
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 0d2c856..6444b68 100644
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -1305,6 +1305,7 @@ PROXY_DECLARE(apr_status_t) ap_proxy_initialize_balancer(proxy_balancer *balance
static void socket_cleanup(proxy_conn_rec *conn)
{
conn->sock = NULL;
+ conn->tmp_bb = NULL;
conn->connection = NULL;
conn->ssl_hostname = NULL;
apr_pool_clear(conn->scpool);
@@ -1405,10 +1406,10 @@ static apr_status_t connection_cleanup(void *theconn)
return APR_SUCCESS;
}
+/* DEPRECATED */
PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn,
request_rec *r)
{
- apr_bucket_brigade *bb;
apr_status_t rv;
/*
@@ -1420,22 +1421,21 @@ PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn
* processed. We don't expect any data to be in the returned brigade.
*/
if (conn->sock && conn->connection) {
- bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
- rv = ap_get_brigade(conn->connection->input_filters, bb,
+ rv = ap_get_brigade(conn->connection->input_filters, conn->tmp_bb,
AP_MODE_READBYTES, APR_NONBLOCK_READ,
HUGE_STRING_LEN);
- if ((rv != APR_SUCCESS) && !APR_STATUS_IS_EAGAIN(rv)) {
- socket_cleanup(conn);
- }
- if (!APR_BRIGADE_EMPTY(bb)) {
+ if (!APR_BRIGADE_EMPTY(conn->tmp_bb)) {
apr_off_t len;
- rv = apr_brigade_length(bb, 0, &len);
+ rv = apr_brigade_length(conn->tmp_bb, 0, &len);
ap_log_rerror(APLOG_MARK, APLOG_TRACE3, rv, r,
"SSL cleanup brigade contained %"
APR_OFF_T_FMT " bytes of data.", len);
+ apr_brigade_cleanup(conn->tmp_bb);
+ }
+ if ((rv != APR_SUCCESS) && !APR_STATUS_IS_EAGAIN(rv)) {
+ socket_cleanup(conn);
}
- apr_brigade_destroy(bb);
}
return APR_SUCCESS;
}
@@ -1798,13 +1798,13 @@ PROXY_DECLARE(apr_status_t) ap_proxy_initialize_worker(proxy_worker *worker, ser
if (worker->s->smax == -1 || worker->s->smax > worker->s->hmax) {
worker->s->smax = worker->s->hmax;
}
- /* Set min to be lower then smax */
+ /* Set min to be lower than smax */
if (worker->s->min > worker->s->smax) {
worker->s->min = worker->s->smax;
}
}
else {
- /* This will supress the apr_reslist creation */
+ /* This will suppress the apr_reslist creation */
worker->s->min = worker->s->smax = worker->s->hmax = 0;
}
}
@@ -2328,7 +2328,7 @@ ap_proxy_determine_connection(apr_pool_t *p, request_rec *r,
}
/*
- * Worker can have the single constant backend adress.
+ * Worker can have the single constant backend address.
* The single DNS lookup is used once per worker.
* If dynamic change is needed then set the addr to NULL
* inside dynamic config to force the lookup.
@@ -2638,13 +2638,103 @@ PROXY_DECLARE(apr_status_t) ap_proxy_connect_uds(apr_socket_t *sock,
#endif
}
+PROXY_DECLARE(apr_status_t) ap_proxy_check_connection(const char *scheme,
+ proxy_conn_rec *conn,
+ server_rec *server,
+ unsigned max_blank_lines,
+ int flags)
+{
+ apr_status_t rv = APR_SUCCESS;
+ proxy_worker *worker = conn->worker;
+
+ if (!PROXY_WORKER_IS_USABLE(worker)) {
+ /*
+ * The worker is in error likely done by a different thread / process
+ * e.g. for a timeout or bad status. We should respect this and should
+ * not continue with a connection via this worker even if we got one.
+ */
+ rv = APR_EINVAL;
+ }
+ else if (conn->connection) {
+ /* We have a conn_rec, check the full filter stack for things like
+ * SSL alert/shutdown, filters aside data...
+ */
+ rv = ap_check_pipeline(conn->connection, conn->tmp_bb,
+ max_blank_lines);
+ apr_brigade_cleanup(conn->tmp_bb);
+ if (rv == APR_SUCCESS) {
+ /* Some data available, the caller might not want them. */
+ if (flags & PROXY_CHECK_CONN_EMPTY) {
+ rv = APR_ENOTEMPTY;
+ }
+ }
+ else if (APR_STATUS_IS_EAGAIN(rv)) {
+ /* Filter chain is OK and empty, yet we can't determine from
+ * ap_check_pipeline (actually ap_core_input_filter) whether
+ * an empty non-blocking read is EAGAIN or EOF on the socket
+ * side (it's always SUCCESS), so check it explicitely here.
+ */
+ if (ap_proxy_is_socket_connected(conn->sock)) {
+ rv = APR_SUCCESS;
+ }
+ else {
+ rv = APR_EPIPE;
+ }
+ }
+ }
+ else if (conn->sock) {
+ /* For modules working with sockets directly, check it. */
+ if (!ap_proxy_is_socket_connected(conn->sock)) {
+ rv = APR_EPIPE;
+ }
+ }
+ else {
+ rv = APR_ENOSOCKET;
+ }
+
+ if (rv == APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_TRACE2, 0, server,
+ "%s: reusing backend connection %pI<>%pI",
+ scheme, conn->connection->local_addr,
+ conn->connection->client_addr);
+ }
+ else if (conn->sock) {
+ /* This clears conn->scpool (and associated data), so backup and
+ * restore any ssl_hostname for this connection set earlier by
+ * ap_proxy_determine_connection().
+ */
+ char ssl_hostname[PROXY_WORKER_RFC1035_NAME_SIZE];
+ if (rv == APR_EINVAL
+ || !conn->ssl_hostname
+ || PROXY_STRNCPY(ssl_hostname, conn->ssl_hostname)) {
+ ssl_hostname[0] = '\0';
+ }
+
+ socket_cleanup(conn);
+ if (rv != APR_ENOTEMPTY) {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, server, APLOGNO(00951)
+ "%s: backend socket is disconnected.", scheme);
+ }
+ else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, server, APLOGNO(03408)
+ "%s: reusable backend connection is not empty: "
+ "forcibly closed", scheme);
+ }
+
+ if (ssl_hostname[0]) {
+ conn->ssl_hostname = apr_pstrdup(conn->scpool, ssl_hostname);
+ }
+ }
+
+ return rv;
+}
+
PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
proxy_conn_rec *conn,
proxy_worker *worker,
server_rec *s)
{
apr_status_t rv;
- int connected = 0;
int loglevel;
apr_sockaddr_t *backend_addr = conn->addr;
/* the local address to use for the outgoing connection */
@@ -2654,29 +2744,12 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
proxy_server_conf *conf =
(proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
- if (conn->sock) {
- if (!(connected = ap_proxy_is_socket_connected(conn->sock))) {
- /* This clears conn->scpool (and associated data), so backup and
- * restore any ssl_hostname for this connection set earlier by
- * ap_proxy_determine_connection().
- */
- char ssl_hostname[PROXY_WORKER_RFC1035_NAME_SIZE];
- if (!conn->ssl_hostname || PROXY_STRNCPY(ssl_hostname,
- conn->ssl_hostname)) {
- ssl_hostname[0] = '\0';
- }
-
- socket_cleanup(conn);
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(00951)
- "%s: backend socket is disconnected.",
- proxy_function);
-
- if (ssl_hostname[0]) {
- conn->ssl_hostname = apr_pstrdup(conn->scpool, ssl_hostname);
- }
- }
+ rv = ap_proxy_check_connection(proxy_function, conn, s, 0, 0);
+ if (rv == APR_EINVAL) {
+ return DECLINED;
}
- while ((backend_addr || conn->uds_path) && !connected) {
+
+ while (rv != APR_SUCCESS && (backend_addr || conn->uds_path)) {
#if APR_HAVE_SYS_UN_H
if (conn->uds_path)
{
@@ -2848,9 +2921,8 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
}
}
}
-
- connected = 1;
}
+
if (PROXY_WORKER_IS_USABLE(worker)) {
/*
* Put the entire worker to error state if
@@ -2858,7 +2930,7 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
* Although some connections may be alive
* no further connections to the worker could be made
*/
- if (!connected) {
+ if (rv != APR_SUCCESS) {
if (!(worker->s->status & PROXY_WORKER_IGNORE_ERRORS)) {
worker->s->error_time = apr_time_now();
worker->s->status |= PROXY_WORKER_IN_ERROR;
@@ -2879,7 +2951,6 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
worker->s->error_time = 0;
worker->s->retries = 0;
}
- return connected ? OK : DECLINED;
}
else {
/*
@@ -2887,11 +2958,13 @@ PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
* e.g. for a timeout or bad status. We should respect this and should
* not continue with a connection via this worker even if we got one.
*/
- if (connected) {
+ if (rv == APR_SUCCESS) {
socket_cleanup(conn);
}
- return DECLINED;
+ rv = APR_EINVAL;
}
+
+ return rv == APR_SUCCESS ? OK : DECLINED;
}
static apr_status_t connection_shutdown(void *theconn)
@@ -2936,6 +3009,7 @@ PROXY_DECLARE(int) ap_proxy_connection_create(const char *proxy_function,
}
bucket_alloc = apr_bucket_alloc_create(conn->scpool);
+ conn->tmp_bb = apr_brigade_create(conn->scpool, bucket_alloc);
/*
* The socket is now open, create a new backend server connection
*/
@@ -3469,7 +3543,7 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
*
* The HTTP/1.1 Via: header is designed for passing client
* information through proxies to a server, and should be used in
- * a forward proxy configuation instead of X-Forwarded-*. See the
+ * a forward proxy configuration instead of X-Forwarded-*. See the
* ProxyVia option for details.
*/
if (dconf->add_forwarded_headers) {
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index 0b472a2..ff4c9a6 100644
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -299,15 +299,16 @@ static apr_status_t ap_session_set(request_rec * r, session_rec * z,
return APR_SUCCESS;
}
-static int identity_count(int *count, const char *key, const char *val)
+static int identity_count(void *v, const char *key, const char *val)
{
+ int *count = v;
*count += strlen(key) * 3 + strlen(val) * 3 + 1;
return 1;
}
-static int identity_concat(char *buffer, const char *key, const char *val)
+static int identity_concat(void *v, const char *key, const char *val)
{
- char *slider = buffer;
+ char *slider = v;
int length = strlen(slider);
slider += length;
if (length) {
@@ -344,11 +345,9 @@ static apr_status_t session_identity_encode(request_rec * r, session_rec * z)
char *expiry = apr_psprintf(z->pool, "%" APR_INT64_T_FMT, z->expiry);
apr_table_setn(z->entries, SESSION_EXPIRY, expiry);
}
- apr_table_do((int (*) (void *, const char *, const char *))
- identity_count, &length, z->entries, NULL);
+ apr_table_do(identity_count, &length, z->entries, NULL);
buffer = apr_pcalloc(r->pool, length + 1);
- apr_table_do((int (*) (void *, const char *, const char *))
- identity_concat, buffer, z->entries, NULL);
+ apr_table_do(identity_concat, buffer, z->entries, NULL);
z->encoded = buffer;
return OK;
diff --git a/modules/session/mod_session_crypto.c b/modules/session/mod_session_crypto.c
index 4d65bb8..9231a5e 100644
--- a/modules/session/mod_session_crypto.c
+++ b/modules/session/mod_session_crypto.c
@@ -18,6 +18,7 @@
#include "apu_version.h"
#include "apr_base64.h" /* for apr_base64_decode et al */
#include "apr_lib.h"
+#include "apr_md5.h"
#include "apr_strings.h"
#include "http_log.h"
#include "http_core.h"
@@ -57,6 +58,146 @@ typedef struct {
int library_set;
} session_crypto_conf;
+/* Wrappers around apr_siphash24() and apr_crypto_equals(),
+ * available in APU-1.6/APR-2.0 only.
+ */
+#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 6)
+
+#include "apr_siphash.h"
+
+#define AP_SIPHASH_DSIZE APR_SIPHASH_DSIZE
+#define AP_SIPHASH_KSIZE APR_SIPHASH_KSIZE
+#define ap_siphash24_auth apr_siphash24_auth
+
+#define ap_crypto_equals apr_crypto_equals
+
+#else
+
+#define AP_SIPHASH_DSIZE 8
+#define AP_SIPHASH_KSIZE 16
+
+#define ROTL64(x, n) (((x) << (n)) | ((x) >> (64 - (n))))
+
+#define U8TO64_LE(p) \
+ (((apr_uint64_t)((p)[0]) ) | \
+ ((apr_uint64_t)((p)[1]) << 8) | \
+ ((apr_uint64_t)((p)[2]) << 16) | \
+ ((apr_uint64_t)((p)[3]) << 24) | \
+ ((apr_uint64_t)((p)[4]) << 32) | \
+ ((apr_uint64_t)((p)[5]) << 40) | \
+ ((apr_uint64_t)((p)[6]) << 48) | \
+ ((apr_uint64_t)((p)[7]) << 56))
+
+#define U64TO8_LE(p, v) \
+do { \
+ (p)[0] = (unsigned char)((v) ); \
+ (p)[1] = (unsigned char)((v) >> 8); \
+ (p)[2] = (unsigned char)((v) >> 16); \
+ (p)[3] = (unsigned char)((v) >> 24); \
+ (p)[4] = (unsigned char)((v) >> 32); \
+ (p)[5] = (unsigned char)((v) >> 40); \
+ (p)[6] = (unsigned char)((v) >> 48); \
+ (p)[7] = (unsigned char)((v) >> 56); \
+} while (0)
+
+#define SIPROUND() \
+do { \
+ v0 += v1; v1=ROTL64(v1,13); v1 ^= v0; v0=ROTL64(v0,32); \
+ v2 += v3; v3=ROTL64(v3,16); v3 ^= v2; \
+ v0 += v3; v3=ROTL64(v3,21); v3 ^= v0; \
+ v2 += v1; v1=ROTL64(v1,17); v1 ^= v2; v2=ROTL64(v2,32); \
+} while(0)
+
+static apr_uint64_t ap_siphash24(const void *src, apr_size_t len,
+ const unsigned char key[AP_SIPHASH_KSIZE])
+{
+ const unsigned char *ptr, *end;
+ apr_uint64_t v0, v1, v2, v3, m;
+ apr_uint64_t k0, k1;
+ unsigned int rem;
+
+ k0 = U8TO64_LE(key + 0);
+ k1 = U8TO64_LE(key + 8);
+ v3 = k1 ^ (apr_uint64_t)0x7465646279746573ULL;
+ v2 = k0 ^ (apr_uint64_t)0x6c7967656e657261ULL;
+ v1 = k1 ^ (apr_uint64_t)0x646f72616e646f6dULL;
+ v0 = k0 ^ (apr_uint64_t)0x736f6d6570736575ULL;
+
+ rem = (unsigned int)(len & 0x7);
+ for (ptr = src, end = ptr + len - rem; ptr < end; ptr += 8) {
+ m = U8TO64_LE(ptr);
+ v3 ^= m;
+ SIPROUND();
+ SIPROUND();
+ v0 ^= m;
+ }
+ m = (apr_uint64_t)(len & 0xff) << 56;
+ switch (rem) {
+ case 7: m |= (apr_uint64_t)ptr[6] << 48;
+ case 6: m |= (apr_uint64_t)ptr[5] << 40;
+ case 5: m |= (apr_uint64_t)ptr[4] << 32;
+ case 4: m |= (apr_uint64_t)ptr[3] << 24;
+ case 3: m |= (apr_uint64_t)ptr[2] << 16;
+ case 2: m |= (apr_uint64_t)ptr[1] << 8;
+ case 1: m |= (apr_uint64_t)ptr[0];
+ case 0: break;
+ }
+ v3 ^= m;
+ SIPROUND();
+ SIPROUND();
+ v0 ^= m;
+
+ v2 ^= 0xff;
+ SIPROUND();
+ SIPROUND();
+ SIPROUND();
+ SIPROUND();
+
+ return v0 ^ v1 ^ v2 ^ v3;
+}
+
+static void ap_siphash24_auth(unsigned char out[AP_SIPHASH_DSIZE],
+ const void *src, apr_size_t len,
+ const unsigned char key[AP_SIPHASH_KSIZE])
+{
+ apr_uint64_t h;
+ h = ap_siphash24(src, len, key);
+ U64TO8_LE(out, h);
+}
+
+static int ap_crypto_equals(const void *buf1, const void *buf2,
+ apr_size_t size)
+{
+ const unsigned char *p1 = buf1;
+ const unsigned char *p2 = buf2;
+ unsigned char diff = 0;
+ apr_size_t i;
+
+ for (i = 0; i < size; ++i) {
+ diff |= p1[i] ^ p2[i];
+ }
+
+ return 1 & ((diff - 1) >> 8);
+}
+
+#endif
+
+static void compute_auth(const void *src, apr_size_t len,
+ const char *passphrase, apr_size_t passlen,
+ unsigned char auth[AP_SIPHASH_DSIZE])
+{
+ unsigned char key[APR_MD5_DIGESTSIZE];
+
+ /* XXX: if we had a way to get the raw bytes from an apr_crypto_key_t
+ * we could use them directly (not available in APR-1.5.x).
+ * MD5 is 128bit too, so use it to get a suitable siphash key
+ * from the passphrase.
+ */
+ apr_md5(key, passphrase, passlen);
+
+ ap_siphash24_auth(auth, src, len, key);
+}
+
/**
* Initialise the encryption as per the current config.
*
@@ -128,21 +269,14 @@ static apr_status_t encrypt_string(request_rec * r, const apr_crypto_t *f,
apr_crypto_block_t *block = NULL;
unsigned char *encrypt = NULL;
unsigned char *combined = NULL;
- apr_size_t encryptlen, tlen;
+ apr_size_t encryptlen, tlen, combinedlen;
char *base64;
apr_size_t blockSize = 0;
const unsigned char *iv = NULL;
apr_uuid_t salt;
apr_crypto_block_key_type_e *cipher;
const char *passphrase;
-
- /* by default, return an empty string */
- *out = "";
-
- /* don't attempt to encrypt an empty string, trying to do so causes a segfault */
- if (!in || !*in) {
- return APR_SUCCESS;
- }
+ apr_size_t passlen;
/* use a uuid as a salt value, and prepend it to our result */
apr_uuid_get(&salt);
@@ -152,9 +286,9 @@ static apr_status_t encrypt_string(request_rec * r, const apr_crypto_t *f,
}
/* encrypt using the first passphrase in the list */
- passphrase = APR_ARRAY_IDX(dconf->passphrases, 0, char *);
- res = apr_crypto_passphrase(&key, &ivSize, passphrase,
- strlen(passphrase),
+ passphrase = APR_ARRAY_IDX(dconf->passphrases, 0, const char *);
+ passlen = strlen(passphrase);
+ res = apr_crypto_passphrase(&key, &ivSize, passphrase, passlen,
(unsigned char *) (&salt), sizeof(apr_uuid_t),
*cipher, APR_MODE_CBC, 1, 4096, f, r->pool);
if (APR_STATUS_IS_ENOKEY(res)) {
@@ -183,8 +317,9 @@ static apr_status_t encrypt_string(request_rec * r, const apr_crypto_t *f,
}
/* encrypt the given string */
- res = apr_crypto_block_encrypt(&encrypt, &encryptlen, (unsigned char *)in,
- strlen(in), block);
+ res = apr_crypto_block_encrypt(&encrypt, &encryptlen,
+ (const unsigned char *)in, strlen(in),
+ block);
if (APR_SUCCESS != res) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01830)
"apr_crypto_block_encrypt failed");
@@ -198,18 +333,20 @@ static apr_status_t encrypt_string(request_rec * r, const apr_crypto_t *f,
}
encryptlen += tlen;
- /* prepend the salt and the iv to the result */
- combined = apr_palloc(r->pool, ivSize + encryptlen + sizeof(apr_uuid_t));
- memcpy(combined, &salt, sizeof(apr_uuid_t));
- memcpy(combined + sizeof(apr_uuid_t), iv, ivSize);
- memcpy(combined + sizeof(apr_uuid_t) + ivSize, encrypt, encryptlen);
-
- /* base64 encode the result */
- base64 = apr_palloc(r->pool, apr_base64_encode_len(ivSize + encryptlen +
- sizeof(apr_uuid_t) + 1)
- * sizeof(char));
- apr_base64_encode(base64, (const char *) combined,
- ivSize + encryptlen + sizeof(apr_uuid_t));
+ /* prepend the salt and the iv to the result (keep room for the MAC) */
+ combinedlen = AP_SIPHASH_DSIZE + sizeof(apr_uuid_t) + ivSize + encryptlen;
+ combined = apr_palloc(r->pool, combinedlen);
+ memcpy(combined + AP_SIPHASH_DSIZE, &salt, sizeof(apr_uuid_t));
+ memcpy(combined + AP_SIPHASH_DSIZE + sizeof(apr_uuid_t), iv, ivSize);
+ memcpy(combined + AP_SIPHASH_DSIZE + sizeof(apr_uuid_t) + ivSize,
+ encrypt, encryptlen);
+ /* authenticate the whole salt+IV+ciphertext with a leading MAC */
+ compute_auth(combined + AP_SIPHASH_DSIZE, combinedlen - AP_SIPHASH_DSIZE,
+ passphrase, passlen, combined);
+
+ /* base64 encode the result (APR handles the trailing '\0') */
+ base64 = apr_palloc(r->pool, apr_base64_encode_len(combinedlen));
+ apr_base64_encode(base64, (const char *) combined, combinedlen);
*out = base64;
return res;
@@ -234,6 +371,7 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
char *decoded;
apr_size_t blockSize = 0;
apr_crypto_block_key_type_e *cipher;
+ unsigned char auth[AP_SIPHASH_DSIZE];
int i = 0;
/* strip base64 from the string */
@@ -241,6 +379,13 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
decodedlen = apr_base64_decode(decoded, in);
decoded[decodedlen] = '\0';
+ /* sanity check - decoded too short? */
+ if (decodedlen < (AP_SIPHASH_DSIZE + sizeof(apr_uuid_t))) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, APLOGNO()
+ "too short to decrypt, aborting");
+ return APR_ECRYPT;
+ }
+
res = crypt_init(r, f, &cipher, dconf);
if (res != APR_SUCCESS) {
return res;
@@ -249,14 +394,25 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
/* try each passphrase in turn */
for (; i < dconf->passphrases->nelts; i++) {
const char *passphrase = APR_ARRAY_IDX(dconf->passphrases, i, char *);
- apr_size_t len = decodedlen;
- char *slider = decoded;
+ apr_size_t passlen = strlen(passphrase);
+ apr_size_t len = decodedlen - AP_SIPHASH_DSIZE;
+ unsigned char *slider = (unsigned char *)decoded + AP_SIPHASH_DSIZE;
+
+ /* Verify authentication of the whole salt+IV+ciphertext by computing
+ * the MAC and comparing it (timing safe) with the one in the payload.
+ */
+ compute_auth(slider, len, passphrase, passlen, auth);
+ if (!ap_crypto_equals(auth, decoded, AP_SIPHASH_DSIZE)) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO()
+ "auth does not match, skipping");
+ continue;
+ }
/* encrypt using the first passphrase in the list */
- res = apr_crypto_passphrase(&key, &ivSize, passphrase,
- strlen(passphrase),
- (unsigned char *)decoded, sizeof(apr_uuid_t),
- *cipher, APR_MODE_CBC, 1, 4096, f, r->pool);
+ res = apr_crypto_passphrase(&key, &ivSize, passphrase, passlen,
+ slider, sizeof(apr_uuid_t),
+ *cipher, APR_MODE_CBC, 1, 4096,
+ f, r->pool);
if (APR_STATUS_IS_ENOKEY(res)) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01832)
"the passphrase '%s' was empty", passphrase);
@@ -279,7 +435,7 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
}
/* sanity check - decoded too short? */
- if (decodedlen < (sizeof(apr_uuid_t) + ivSize)) {
+ if (len < (sizeof(apr_uuid_t) + ivSize)) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, APLOGNO(01836)
"too short to decrypt, skipping");
res = APR_ECRYPT;
@@ -290,8 +446,8 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
slider += sizeof(apr_uuid_t);
len -= sizeof(apr_uuid_t);
- res = apr_crypto_block_decrypt_init(&block, &blockSize, (unsigned char *)slider, key,
- r->pool);
+ res = apr_crypto_block_decrypt_init(&block, &blockSize, slider, key,
+ r->pool);
if (APR_SUCCESS != res) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01837)
"apr_crypto_block_decrypt_init failed");
@@ -304,7 +460,7 @@ static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,
/* decrypt the given string */
res = apr_crypto_block_decrypt(&decrypted, &decryptedlen,
- (unsigned char *)slider, len, block);
+ slider, len, block);
if (res) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01838)
"apr_crypto_block_decrypt failed");
diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c
index 4f0eeea..04258de 100644
--- a/modules/slotmem/mod_slotmem_shm.c
+++ b/modules/slotmem/mod_slotmem_shm.c
@@ -753,7 +753,7 @@ static const ap_slotmem_provider_t storage = {
&slotmem_fgrab
};
-/* make the storage usuable from outside */
+/* make the storage usable from outside */
static const ap_slotmem_provider_t *slotmem_shm_getstorage(void)
{
return (&storage);
diff --git a/modules/ssl/README b/modules/ssl/README
index c46377f..5fc7312 100644
--- a/modules/ssl/README
+++ b/modules/ssl/README
@@ -59,7 +59,7 @@ DATA STRUCTURES
For an overview how these are related and chained together have a look at the
page in README.dsov.{fig,ps}. It contains overview diagrams for those data
structures. It's designed for DIN A4 paper size, but you can easily generate
- a smaller version inside XFig by specifing a magnification on the Export
+ a smaller version inside XFig by specifying a magnification on the Export
panel.
INCOMPATIBILITIES
@@ -81,7 +81,7 @@ MAJOR CHANGES
o The DBM based session cache is now based on APR's DBM API only.
o The shared memory based session cache is now based on APR's APIs.
o SSL I/O is now implemented in terms of filters rather than BUFF
- o Eliminated ap_global_ctx. Storing Persistant information in
+ o Eliminated ap_global_ctx. Storing Persistent information in
process_rec->pool->user_data. The ssl_pphrase_Handle_CB() and
ssl_config_global_* () functions have an extra parameter now -
"server_rec *" - which is used to retrieve the SSLModConfigRec.
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 9adca48..cb3efa2 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -924,7 +924,7 @@ static apr_status_t ssl_init_ctx_cert_chain(server_rec *s,
* SSLCACertificateFile and also use client authentication mod_ssl
* would accept all clients also issued by this CA. Obviously this
* isn't what we want in this situation. So this feature here exists
- * to allow one to explicity configure CA certificates which are
+ * to allow one to explicitly configure CA certificates which are
* used only for the server certificate chain.
*/
if (!chain) {
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index ea23193..82953ad 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -218,7 +218,7 @@ static int bio_filter_out_write(BIO *bio, const char *in, int inl)
*
* Historically, this flush call was performed only for an SSLv2
* connection or for a proxy connection. Calling _out_flush can
- * be expensive in cases where requests/reponses are pipelined,
+ * be expensive in cases where requests/responses are pipelined,
* so limit the performance impact to handshake time.
*/
#if OPENSSL_VERSION_NUMBER < 0x0009080df
@@ -602,6 +602,11 @@ static apr_status_t ssl_io_input_read(bio_filter_in_ctx_t *inctx,
break;
}
+ /* We rely on SSL_get_error() after the read, which requires an empty
+ * error queue before the read in order to work properly.
+ */
+ ERR_clear_error();
+
/* SSL_read may not read because we haven't taken enough data
* from the stack. This is where we want to consider all of
* the blocking and SPECULATIVE semantics
@@ -779,6 +784,11 @@ static apr_status_t ssl_filter_write(ap_filter_t *f,
return APR_EGENERAL;
}
+ /* We rely on SSL_get_error() after the write, which requires an empty error
+ * queue before the write in order to work properly.
+ */
+ ERR_clear_error();
+
outctx = (bio_filter_out_ctx_t *)filter_ctx->pbioWrite->ptr;
res = SSL_write(filter_ctx->pssl, (unsigned char *)data, len);
@@ -1250,6 +1260,11 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter_ctx_t *filter_ctx)
return APR_SUCCESS;
}
+ /* We rely on SSL_get_error() after the accept, which requires an empty
+ * error queue before the accept in order to work properly.
+ */
+ ERR_clear_error();
+
if ((n = SSL_accept(filter_ctx->pssl)) <= 0) {
bio_filter_in_ctx_t *inctx = (bio_filter_in_ctx_t *)
(filter_ctx->pbioRead->ptr);
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 8b6149d..d4459a2 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -884,7 +884,14 @@ int ssl_hook_Access(request_rec *r)
cert = SSL_get_peer_certificate(ssl);
- if (!cert_stack && cert) {
+ if (!cert_stack || (sk_X509_num(cert_stack) == 0)) {
+ if (!cert) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02222)
+ "Cannot find peer certificate chain");
+
+ return HTTP_FORBIDDEN;
+ }
+
/* client cert is in the session cache, but there is
* no chain, since ssl3_get_client_certificate()
* sk_X509_shift-ed the peer cert out of the chain.
@@ -894,13 +901,6 @@ int ssl_hook_Access(request_rec *r)
sk_X509_push(cert_stack, cert);
}
- if (!cert_stack || (sk_X509_num(cert_stack) == 0)) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02222)
- "Cannot find peer certificate chain");
-
- return HTTP_FORBIDDEN;
- }
-
if (!(cert_store ||
(cert_store = SSL_CTX_get_cert_store(ctx))))
{
@@ -1017,7 +1017,7 @@ int ssl_hook_Access(request_rec *r)
return HTTP_FORBIDDEN;
}
- /* Full renegotiation successfull, we now have handshaken with
+ /* Full renegotiation successful, we now have handshaken with
* this server's parameters.
*/
sslconn->server = r->server;
@@ -1159,7 +1159,7 @@ int ssl_hook_Access(request_rec *r)
* Fake a Basic authentication from the X509 client certificate.
*
* This must be run fairly early on to prevent a real authentication from
- * occuring, in particular it must be run before anything else that
+ * occurring, in particular it must be run before anything else that
* authenticates a user. This means that the Module statement for this
* module should be LAST in the Configuration file.
*/
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 093a69b..6b14a55 100644
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -1083,7 +1083,7 @@ apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer,
}
count = X509_get_ext_count(xs);
- /* Create an array large enough to accomodate every extension. This is
+ /* Create an array large enough to accommodate every extension. This is
* likely overkill, but safe.
*/
array = apr_array_make(p, count, sizeof(char *));
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 7f6f9fd..7813e41 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -57,7 +57,7 @@
/* The #ifdef macros are only defined AFTER including the above
* therefore we cannot include these system files at the top :-(
*/
-#ifdef APR_HAVE_STDLIB_H
+#if APR_HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if APR_HAVE_SYS_TIME_H
diff --git a/os/bs2000/ebcdic.c b/os/bs2000/ebcdic.c
index dd5ef54..7ec0076 100644
--- a/os/bs2000/ebcdic.c
+++ b/os/bs2000/ebcdic.c
@@ -25,7 +25,7 @@ Within the POSIX subsystem, the same character set was chosen as in
"native BS2000", namely EBCDIC.
EBCDIC Table. (Yes, in EBCDIC, the letters 'a'..'z' are not contiguous!)
-This apr_table_t is bijective, i.e. there are no ambigous or duplicate characters
+This apr_table_t is bijective, i.e. there are no ambiguous or duplicate characters
00 00 01 02 03 85 09 86 7f 87 8d 8e 0b 0c 0d 0e 0f *................*
10 10 11 12 13 8f 0a 08 97 18 19 9c 9d 1c 1d 1e 1f *................*
20 80 81 82 83 84 92 17 1b 88 89 8a 8b 8c 05 06 07 *................*
diff --git a/os/netware/pre_nw.h b/os/netware/pre_nw.h
index dcb1145..eef1f6f 100644
--- a/os/netware/pre_nw.h
+++ b/os/netware/pre_nw.h
@@ -55,7 +55,7 @@
#endif
#endif
-/* C9X defintion used by MSL C++ library */
+/* C9X definition used by MSL C++ library */
#define DECIMAL_DIG 17
/* some code may want to use the MS convention for long long */
diff --git a/os/win32/BaseAddr.ref b/os/win32/BaseAddr.ref
index 5ca4dce..7ad338e 100644
--- a/os/win32/BaseAddr.ref
+++ b/os/win32/BaseAddr.ref
@@ -128,3 +128,4 @@ mod_optional_hook_import.so 0x70BE0000 0x00010000
mod_authnz_fcgi.so 0x70BF0000 0x00020000
mod_http2.so 0x70C10000 0x00030000
mod_proxy_http2.so 0x70C40000 0x00020000
+mod_proxy_hcheck.so 0x70C60000 0x00020000
diff --git a/os/win32/ap_regkey.c b/os/win32/ap_regkey.c
index e080ab4..13c2377 100644
--- a/os/win32/ap_regkey.c
+++ b/os/win32/ap_regkey.c
@@ -488,7 +488,7 @@ AP_DECLARE(apr_status_t) ap_regkey_value_array_get(apr_array_header_t **result,
#if APR_HAS_ANSI_FS
ELSE_WIN_OS_IS_ANSI
{
- /* Small possiblity the array is either unterminated
+ /* Small possibility the array is either unterminated
* or single NULL terminated. Avert.
*/
buf = (char *)value;
diff --git a/server/config.c b/server/config.c
index 7c7a1e0..61daeaf 100644
--- a/server/config.c
+++ b/server/config.c
@@ -15,7 +15,7 @@
*/
/*
- * http_config.c: once was auxillary functions for reading httpd's config
+ * http_config.c: once was auxiliary functions for reading httpd's config
* file and converting filenames into a namespace
*
* Rob McCool
@@ -737,7 +737,7 @@ AP_DECLARE(void) ap_remove_loaded_module(module *mod)
*
* Note: 1. We cannot determine if the module was successfully
* removed by ap_remove_module().
- * 2. We have not to complain explicity when the module
+ * 2. We have not to complain explicitly when the module
* is not found because ap_remove_module() did it
* for us already.
*/
@@ -1326,7 +1326,7 @@ static const char *ap_walk_config_sub(const ap_directive_t *current,
if (retval != NULL && strcmp(retval, DECLINE_CMD) != 0) {
/* If the directive in error has already been set, don't
* replace it. Otherwise, an error inside a container
- * will be reported as occuring on the first line of the
+ * will be reported as occurring on the first line of the
* container.
*/
if (!parms->err_directive) {
diff --git a/server/core.c b/server/core.c
index e8c1ef6..20fa583 100644
--- a/server/core.c
+++ b/server/core.c
@@ -453,6 +453,10 @@ static void *create_core_server_config(apr_pool_t *a, server_rec *s)
#if APR_HAS_SO_ACCEPTFILTER
apr_table_setn(conf->accf_map, "http", ACCEPT_FILTER_NAME);
apr_table_setn(conf->accf_map, "https", "dataready");
+#elif defined(WIN32)
+ /* 'data' is disabled on Windows due to a DoS vuln (PR 59970) */
+ apr_table_setn(conf->accf_map, "http", "connect");
+ apr_table_setn(conf->accf_map, "https", "connect");
#else
apr_table_setn(conf->accf_map, "http", "data");
apr_table_setn(conf->accf_map, "https", "data");
@@ -515,6 +519,15 @@ static void *merge_core_server_configs(apr_pool_t *p, void *basev, void *virtv)
if (virt->trace_enable != AP_TRACE_UNSET)
conf->trace_enable = virt->trace_enable;
+ if (virt->http09_enable != AP_HTTP09_UNSET)
+ conf->http09_enable = virt->http09_enable;
+
+ if (virt->http_conformance != AP_HTTP_CONFORMANCE_UNSET)
+ conf->http_conformance = virt->http_conformance;
+
+ if (virt->http_methods != AP_HTTP_METHODS_UNSET)
+ conf->http_methods = virt->http_methods;
+
/* no action for virt->accf_map, not allowed per-vhost */
if (virt->protocol)
@@ -2336,7 +2349,7 @@ static const char *dirsection(cmd_parms *cmd, void *mconfig, const char *arg)
return "Regex could not be compiled";
}
}
- else if (!strcmp(cmd->path, "/") == 0)
+ else if (strcmp(cmd->path, "/") != 0)
{
char *newpath;
@@ -3891,6 +3904,57 @@ static const char *set_protocols_honor_order(cmd_parms *cmd, void *dummy,
return NULL;
}
+static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+
+ if (strcasecmp(arg, "allow0.9") == 0)
+ conf->http09_enable |= AP_HTTP09_ENABLE;
+ else if (strcasecmp(arg, "require1.0") == 0)
+ conf->http09_enable |= AP_HTTP09_DISABLE;
+ else if (strcasecmp(arg, "strict") == 0)
+ conf->http_conformance |= AP_HTTP_CONFORMANCE_STRICT;
+ else if (strcasecmp(arg, "unsafe") == 0)
+ conf->http_conformance |= AP_HTTP_CONFORMANCE_UNSAFE;
+ else if (strcasecmp(arg, "registeredmethods") == 0)
+ conf->http_methods |= AP_HTTP_METHODS_REGISTERED;
+ else if (strcasecmp(arg, "lenientmethods") == 0)
+ conf->http_methods |= AP_HTTP_METHODS_LENIENT;
+ else
+ return "HttpProtocolOptions accepts "
+ "'Unsafe' or 'Strict' (default), "
+ "'RegisteredMethods' or 'LenientMethods' (default), and "
+ "'Require1.0' or 'Allow0.9' (default)";
+
+ if ((conf->http09_enable & AP_HTTP09_ENABLE)
+ && (conf->http09_enable & AP_HTTP09_DISABLE))
+ return "HttpProtocolOptions 'Allow0.9' and 'Require1.0'"
+ " are mutually exclusive";
+
+ if ((conf->http_conformance & AP_HTTP_CONFORMANCE_STRICT)
+ && (conf->http_conformance & AP_HTTP_CONFORMANCE_UNSAFE))
+ return "HttpProtocolOptions 'Strict' and 'Unsafe'"
+ " are mutually exclusive";
+
+ if ((conf->http_methods & AP_HTTP_METHODS_REGISTERED)
+ && (conf->http_methods & AP_HTTP_METHODS_LENIENT))
+ return "HttpProtocolOptions 'RegisteredMethods' and 'LenientMethods'"
+ " are mutually exclusive";
+
+ return NULL;
+}
+
+static const char *set_http_method(cmd_parms *cmd, void *conf, const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL)
+ return err;
+ ap_method_register(cmd->pool, arg);
+ return NULL;
+}
+
static apr_hash_t *errorlog_hash;
static int log_constant_item(const ap_errorlog_info *info, const char *arg,
@@ -4415,6 +4479,12 @@ AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF,
AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL, RSRC_CONF,
"'off' (default) or 'on' to respect given order of protocols, "
"by default the client specified order determines selection"),
+AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL, RSRC_CONF,
+ "'Allow0.9' or 'Require1.0' (default); "
+ "'RegisteredMethods' or 'LenientMethods' (default); "
+ "'Unsafe' or 'Strict' (default). Sets HTTP acceptance rules"),
+AP_INIT_ITERATE("RegisterHttpMethod", set_http_method, NULL, RSRC_CONF,
+ "Registers non-standard HTTP methods"),
{ NULL }
};
diff --git a/server/gen_test_char.c b/server/gen_test_char.c
index e25238f..48ae6f4 100644
--- a/server/gen_test_char.c
+++ b/server/gen_test_char.c
@@ -16,11 +16,11 @@
#ifdef CROSS_COMPILE
+#include <ctype.h>
#define apr_isalnum(c) (isalnum(((unsigned char)(c))))
#define apr_isalpha(c) (isalpha(((unsigned char)(c))))
#define apr_iscntrl(c) (iscntrl(((unsigned char)(c))))
#define apr_isprint(c) (isprint(((unsigned char)(c))))
-#include <ctype.h>
#define APR_HAVE_STDIO_H 1
#define APR_HAVE_STRING_H 1
@@ -52,11 +52,13 @@
#define T_ESCAPE_LOGITEM (0x10)
#define T_ESCAPE_FORENSIC (0x20)
#define T_ESCAPE_URLENCODED (0x40)
+#define T_HTTP_CTRLS (0x80)
+#define T_VCHAR_OBSTEXT (0x100)
int main(int argc, char *argv[])
{
unsigned c;
- unsigned char flags;
+ unsigned short flags;
printf("/* this file is automatically generated by gen_test_char, "
"do not edit */\n"
@@ -67,19 +69,23 @@ int main(int argc, char *argv[])
"#define T_ESCAPE_LOGITEM (%u)\n"
"#define T_ESCAPE_FORENSIC (%u)\n"
"#define T_ESCAPE_URLENCODED (%u)\n"
+ "#define T_HTTP_CTRLS (%u)\n"
+ "#define T_VCHAR_OBSTEXT (%u)\n"
"\n"
- "static const unsigned char test_char_table[256] = {",
+ "static const unsigned short test_char_table[256] = {",
T_ESCAPE_SHELL_CMD,
T_ESCAPE_PATH_SEGMENT,
T_OS_ESCAPE_PATH,
T_HTTP_TOKEN_STOP,
T_ESCAPE_LOGITEM,
T_ESCAPE_FORENSIC,
- T_ESCAPE_URLENCODED);
+ T_ESCAPE_URLENCODED,
+ T_HTTP_CTRLS,
+ T_VCHAR_OBSTEXT);
for (c = 0; c < 256; ++c) {
flags = 0;
- if (c % 20 == 0)
+ if (c % 8 == 0)
printf("\n ");
/* escape_shell_cmd */
@@ -90,7 +96,7 @@ int main(int argc, char *argv[])
* since Win32/OS2 use carets or doubled-double quotes,
* and neither lf nor cr can be escaped. We escape unix
* specific as well, to assure that cross-compiled unix
- * applications behave similiarly when invoked on win32/os2.
+ * applications behave similarly when invoked on win32/os2.
*
* Rem please keep in-sync with apr's list in win32/filesys.c
*/
@@ -107,7 +113,7 @@ int main(int argc, char *argv[])
flags |= T_ESCAPE_PATH_SEGMENT;
}
- if (!apr_isalnum(c) && !strchr("$-_.+!*'(),:@&=/~", c)) {
+ if (!apr_isalnum(c) && !strchr("$-_.+!*'(),:;@&=/~", c)) {
flags |= T_OS_ESCAPE_PATH;
}
@@ -115,11 +121,32 @@ int main(int argc, char *argv[])
flags |= T_ESCAPE_URLENCODED;
}
- /* these are the "tspecials" (RFC2068) or "separators" (RFC2616) */
- if (c && (apr_iscntrl(c) || strchr(" \t()<>@,;:\\\"/[]?={}", c))) {
+ /* Stop for any non-'token' character, including ctrls, obs-text,
+ * and "tspecials" (RFC2068) a.k.a. "separators" (RFC2616), which
+ * is easer to express as characters remaining in the ASCII token set
+ */
+ if (!c || !(apr_isalnum(c) || strchr("!#$%&'*+-.^_`|~", c))) {
flags |= T_HTTP_TOKEN_STOP;
}
+ /* Catch CTRLs other than VCHAR, HT and SP, and obs-text (RFC7230 3.2)
+ * This includes only the C0 plane, not C1 (which is obs-text itself.)
+ * XXX: We should verify that all ASCII C0 ctrls/DEL corresponding to
+ * the current EBCDIC translation are captured, and ASCII C1 ctrls
+ * corresponding are all permitted (as they fall under obs-text rule)
+ */
+ if (!c || (apr_iscntrl(c) && c != '\t')) {
+ flags |= T_HTTP_CTRLS;
+ }
+
+ /* From RFC3986, the specific sets of gen-delims, sub-delims (2.2),
+ * and unreserved (2.3) that are possible somewhere within a URI.
+ * Spec requires all others to be %XX encoded, including obs-text.
+ */
+ if (c && !apr_iscntrl(c) && c != ' ') {
+ flags |= T_VCHAR_OBSTEXT;
+ }
+
/* For logging, escape all control characters,
* double quotes (because they delimit the request in the log file)
* backslashes (because we use backslash for escaping)
@@ -137,7 +164,7 @@ int main(int argc, char *argv[])
flags |= T_ESCAPE_FORENSIC;
}
- printf("%u%c", flags, (c < 255) ? ',' : ' ');
+ printf("0x%03x%c", flags, (c < 255) ? ',' : ' ');
}
printf("\n};\n");
diff --git a/server/listen.c b/server/listen.c
index 1d9be83..98cd117 100644
--- a/server/listen.c
+++ b/server/listen.c
@@ -763,7 +763,7 @@ AP_DECLARE(void) ap_listen_pre_config(void)
/* Check once whether or not SO_REUSEPORT is supported. */
if (ap_have_so_reuseport < 0) {
/* This is limited to Linux with defined SO_REUSEPORT (ie. 3.9+) for
- * now since the implementation evenly distributes connections accross
+ * now since the implementation evenly distributes connections across
* all the listening threads/processes.
*
* *BSDs have SO_REUSEPORT too but with a different semantic: the first
diff --git a/server/mpm/event/event.c b/server/mpm/event/event.c
index baeb5a7..c133c1a 100644
--- a/server/mpm/event/event.c
+++ b/server/mpm/event/event.c
@@ -160,15 +160,18 @@
#endif
#define WORKER_FACTOR_SCALE 16 /* scale factor to allow fractional values */
static unsigned int worker_factor = DEFAULT_WORKER_FACTOR * WORKER_FACTOR_SCALE;
-
-static int threads_per_child = 0; /* Worker threads per child */
-static int ap_daemons_to_start = 0;
-static int min_spare_threads = 0;
-static int max_spare_threads = 0;
-static int ap_daemons_limit = 0;
-static int max_workers = 0;
-static int server_limit = 0;
-static int thread_limit = 0;
+ /* AsyncRequestWorkerFactor * 16 */
+
+static int threads_per_child = 0; /* ThreadsPerChild */
+static int ap_daemons_to_start = 0; /* StartServers */
+static int min_spare_threads = 0; /* MinSpareThreads */
+static int max_spare_threads = 0; /* MaxSpareThreads */
+static int active_daemons_limit = 0; /* MaxRequestWorkers / ThreadsPerChild */
+static int active_daemons = 0; /* workers that still active, i.e. are
+ not shutting down gracefully */
+static int max_workers = 0; /* MaxRequestWorkers */
+static int server_limit = 0; /* ServerLimit */
+static int thread_limit = 0; /* ThreadLimit */
static int had_healthy_child = 0;
static int dying = 0;
static int workers_may_exit = 0;
@@ -181,6 +184,8 @@ static apr_uint32_t connection_count = 0; /* Number of open connections */
static apr_uint32_t lingering_count = 0; /* Number of connections in lingering close */
static apr_uint32_t suspended_count = 0; /* Number of suspended connections */
static apr_uint32_t clogged_count = 0; /* Number of threads processing ssl conns */
+static apr_uint32_t threads_shutdown = 0; /* Number of threads that have shutdown
+ early during graceful termination */
static int resource_shortage = 0;
static fd_queue_t *worker_queue;
static fd_queue_info_t *worker_queue_info;
@@ -288,9 +293,8 @@ static apr_pollset_t *event_pollset;
/* The structure used to pass unique initialization info to each thread */
typedef struct
{
- int pid;
- int tid;
- int sd;
+ int pslot; /* process slot */
+ int tslot; /* worker slot of the thread */
} proc_info;
/* Structure used to pass information to the thread responsible for
@@ -335,6 +339,14 @@ typedef struct event_retained_data {
* scoreboard.
*/
int max_daemons_limit;
+
+ /*
+ * All running workers, active and shutting down, including those that
+ * may be left from before a graceful restart.
+ * Not kept up-to-date when shutdown is pending.
+ */
+ int total_daemons;
+
/*
* idle_spawn_rate is the number of children that will be spawned on the
* next maintenance cycle if there aren't enough idle servers. It is
@@ -347,7 +359,7 @@ typedef struct event_retained_data {
#endif
int hold_off_on_exponential_spawning;
/*
- * Current number of listeners buckets and maximum reached accross
+ * Current number of listeners buckets and maximum reached across
* restarts (to size retained data according to dynamic num_buckets,
* eg. idle_spawn_rate).
*/
@@ -548,7 +560,7 @@ static int event_query(int query_code, int *result, apr_status_t *rv)
*result = ap_max_requests_per_child;
break;
case AP_MPMQ_MAX_DAEMONS:
- *result = ap_daemons_limit;
+ *result = active_daemons_limit;
break;
case AP_MPMQ_MPM_STATE:
*result = mpm_state;
@@ -585,27 +597,6 @@ static void event_note_child_started(int slot, pid_t pid)
retained->my_generation, slot, MPM_CHILD_STARTED);
}
-static void event_note_child_lost_slot(int slot, pid_t newpid)
-{
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(00458)
- "pid %" APR_PID_T_FMT " taking over scoreboard slot from "
- "%" APR_PID_T_FMT "%s",
- newpid,
- ap_scoreboard_image->parent[slot].pid,
- ap_scoreboard_image->parent[slot].quiescing ?
- " (quiescing)" : "");
- ap_run_child_status(ap_server_conf,
- ap_scoreboard_image->parent[slot].pid,
- ap_scoreboard_image->parent[slot].generation,
- slot, MPM_CHILD_LOST_SLOT);
- /* Don't forget about this exiting child process, or we
- * won't be able to kill it if it doesn't exit by the
- * time the server is shut down.
- */
- ap_register_extra_mpm_process(ap_scoreboard_image->parent[slot].pid,
- ap_scoreboard_image->parent[slot].generation);
-}
-
static const char *event_get_name(void)
{
return "event";
@@ -911,6 +902,8 @@ static int start_lingering_close_nonblocking(event_conn_state_t *cs)
|| apr_socket_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS) {
apr_socket_close(csd);
ap_push_pool(worker_queue_info, cs->p);
+ if (dying)
+ ap_queue_interrupt_one(worker_queue);
return 0;
}
return start_lingering_close_common(cs, 0);
@@ -934,6 +927,8 @@ static int stop_lingering_close(event_conn_state_t *cs)
AP_DEBUG_ASSERT(0);
}
ap_push_pool(worker_queue_info, cs->p);
+ if (dying)
+ ap_queue_interrupt_one(worker_queue);
return 0;
}
@@ -1219,6 +1214,9 @@ static void close_listeners(int process_slot, int *closed)
}
/* wake up the main thread */
kill(ap_my_pid, SIGTERM);
+
+ ap_free_idle_pools(worker_queue_info);
+ ap_queue_interrupt_all(worker_queue);
}
}
@@ -1439,6 +1437,8 @@ static void process_lingering_close(event_conn_state_t *cs, const apr_pollfd_t *
TO_QUEUE_ELEM_INIT(cs);
ap_push_pool(worker_queue_info, cs->p);
+ if (dying)
+ ap_queue_interrupt_one(worker_queue);
}
/* call 'func' for all elements of 'q' with timeout less than 'timeout_time'.
@@ -1518,7 +1518,7 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
timer_event_t *te;
apr_status_t rc;
proc_info *ti = dummy;
- int process_slot = ti->pid;
+ int process_slot = ti->pslot;
apr_pool_t *tpool = apr_thread_pool_get(thd);
void *csd = NULL;
apr_pool_t *ptrans; /* Pool for per-transaction stuff */
@@ -1584,6 +1584,12 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
*keepalive_q->total,
apr_atomic_read32(&lingering_count),
apr_atomic_read32(&suspended_count));
+ if (dying) {
+ ap_log_error(APLOG_MARK, APLOG_TRACE6, 0, ap_server_conf,
+ "%u/%u workers shutdown",
+ apr_atomic_read32(&threads_shutdown),
+ threads_per_child);
+ }
apr_thread_mutex_unlock(timeout_mutex);
}
}
@@ -1818,11 +1824,12 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
/* If all workers are busy, we kill older keep-alive connections so that they
* may connect to another process.
*/
- if (workers_were_busy && *keepalive_q->total) {
- ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, ap_server_conf,
- "All workers are busy, will close %d keep-alive "
- "connections",
- *keepalive_q->total);
+ if ((workers_were_busy || dying) && *keepalive_q->total) {
+ if (!dying)
+ ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, ap_server_conf,
+ "All workers are busy, will close %d keep-alive "
+ "connections",
+ *keepalive_q->total);
process_timeout_queue(keepalive_q, 0,
start_lingering_close_nonblocking);
}
@@ -1869,6 +1876,34 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
return NULL;
}
+/*
+ * During graceful shutdown, if there are more running worker threads than
+ * open connections, exit one worker thread.
+ *
+ * return 1 if thread should exit, 0 if it should continue running.
+ */
+static int worker_thread_should_exit_early(void)
+{
+ for (;;) {
+ apr_uint32_t conns = apr_atomic_read32(&connection_count);
+ apr_uint32_t dead = apr_atomic_read32(&threads_shutdown);
+ apr_uint32_t newdead;
+
+ AP_DEBUG_ASSERT(dead <= threads_per_child);
+ if (conns >= threads_per_child - dead)
+ return 0;
+
+ newdead = dead + 1;
+ if (apr_atomic_cas32(&threads_shutdown, newdead, dead) == dead) {
+ /*
+ * No other thread has exited in the mean time, safe to exit
+ * this one.
+ */
+ return 1;
+ }
+ }
+}
+
/* XXX For ungraceful termination/restart, we definitely don't want to
* wait for active connections to finish but we may want to wait
* for idle workers to get out of the queue code and release mutexes,
@@ -1879,8 +1914,8 @@ static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
static void *APR_THREAD_FUNC worker_thread(apr_thread_t * thd, void *dummy)
{
proc_info *ti = dummy;
- int process_slot = ti->pid;
- int thread_slot = ti->tid;
+ int process_slot = ti->pslot;
+ int thread_slot = ti->tslot;
apr_socket_t *csd = NULL;
event_conn_state_t *cs;
apr_pool_t *ptrans; /* Pool for per-transaction stuff */
@@ -1916,6 +1951,9 @@ static void *APR_THREAD_FUNC worker_thread(apr_thread_t * thd, void *dummy)
if (workers_may_exit) {
break;
}
+ if (dying && worker_thread_should_exit_early()) {
+ break;
+ }
te = NULL;
rv = ap_queue_pop_something(worker_queue, &csd, &cs, &ptrans, &te);
@@ -1993,9 +2031,8 @@ static void create_listener_thread(thread_starter * ts)
apr_status_t rv;
my_info = (proc_info *) ap_malloc(sizeof(proc_info));
- my_info->pid = my_child_num;
- my_info->tid = -1; /* listener thread doesn't have a thread slot */
- my_info->sd = 0;
+ my_info->pslot = my_child_num;
+ my_info->tslot = -1; /* listener thread doesn't have a thread slot */
rv = apr_thread_create(&ts->listener, thread_attr, listener_thread,
my_info, pchild);
if (rv != APR_SUCCESS) {
@@ -2065,7 +2102,7 @@ static void *APR_THREAD_FUNC start_threads(apr_thread_t * thd, void *dummy)
}
/* Create the main pollset */
- for (i = 0; i < sizeof(good_methods) / sizeof(void*); i++) {
+ for (i = 0; i < sizeof(good_methods) / sizeof(good_methods[0]); i++) {
rv = apr_pollset_create_ex(&event_pollset,
threads_per_child*2, /* XXX don't we need more, to handle
* connections in K-A or lingering
@@ -2103,14 +2140,13 @@ static void *APR_THREAD_FUNC start_threads(apr_thread_t * thd, void *dummy)
int status =
ap_scoreboard_image->servers[my_child_num][i].status;
- if (status != SERVER_GRACEFUL && status != SERVER_DEAD) {
+ if (status != SERVER_DEAD) {
continue;
}
my_info = (proc_info *) ap_malloc(sizeof(proc_info));
- my_info->pid = my_child_num;
- my_info->tid = i;
- my_info->sd = 0;
+ my_info->pslot = my_child_num;
+ my_info->tslot = i;
/* We are creating threads right now */
ap_update_child_status_from_indexes(my_child_num, i,
@@ -2411,6 +2447,15 @@ static int make_child(server_rec * s, int slot, int bucket)
retained->max_daemons_limit = slot + 1;
}
+ if (ap_scoreboard_image->parent[slot].pid != 0) {
+ /* XXX replace with assert or remove ? */
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(03455)
+ "BUG: Scoreboard slot %d should be empty but is "
+ "in use by pid %" APR_PID_T_FMT,
+ slot, ap_scoreboard_image->parent[slot].pid);
+ return -1;
+ }
+
if (one_process) {
my_bucket = &all_buckets[0];
@@ -2464,17 +2509,12 @@ static int make_child(server_rec * s, int slot, int bucket)
return -1;
}
- if (ap_scoreboard_image->parent[slot].pid != 0) {
- /* This new child process is squatting on the scoreboard
- * entry owned by an exiting child process, which cannot
- * exit until all active requests complete.
- */
- event_note_child_lost_slot(slot, pid);
- }
ap_scoreboard_image->parent[slot].quiescing = 0;
ap_scoreboard_image->parent[slot].not_accepting = 0;
ap_scoreboard_image->parent[slot].bucket = bucket;
event_note_child_started(slot, pid);
+ active_daemons++;
+ retained->total_daemons++;
return 0;
}
@@ -2483,7 +2523,7 @@ static void startup_children(int number_to_start)
{
int i;
- for (i = 0; number_to_start && i < ap_daemons_limit; ++i) {
+ for (i = 0; number_to_start && i < server_limit; ++i) {
if (ap_scoreboard_image->parent[i].pid != 0) {
continue;
}
@@ -2497,34 +2537,22 @@ static void startup_children(int number_to_start)
static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
{
int i, j;
- int idle_thread_count;
+ int idle_thread_count = 0;
worker_score *ws;
process_score *ps;
- int free_length;
- int totally_free_length = 0;
+ int free_length = 0;
int free_slots[MAX_SPAWN_RATE];
- int last_non_dead;
- int total_non_dead;
+ int last_non_dead = -1;
int active_thread_count = 0;
- /* initialize the free_list */
- free_length = 0;
-
- idle_thread_count = 0;
- last_non_dead = -1;
- total_non_dead = 0;
-
- for (i = 0; i < ap_daemons_limit; ++i) {
+ for (i = 0; i < server_limit; ++i) {
/* Initialization to satisfy the compiler. It doesn't know
* that threads_per_child is always > 0 */
int status = SERVER_DEAD;
- int any_dying_threads = 0;
- int any_dead_threads = 0;
- int all_dead_threads = 1;
int child_threads_active = 0;
if (i >= retained->max_daemons_limit &&
- totally_free_length == retained->idle_spawn_rate[child_bucket]) {
+ free_length == retained->idle_spawn_rate[child_bucket]) {
/* short cut if all active processes have been examined and
* enough empty scoreboard slots have been found
*/
@@ -2532,25 +2560,17 @@ static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
break;
}
ps = &ap_scoreboard_image->parent[i];
- for (j = 0; j < threads_per_child; j++) {
- ws = &ap_scoreboard_image->servers[i][j];
- status = ws->status;
-
- /* XXX any_dying_threads is probably no longer needed GLA */
- any_dying_threads = any_dying_threads ||
- (status == SERVER_GRACEFUL);
- any_dead_threads = any_dead_threads || (status == SERVER_DEAD);
- all_dead_threads = all_dead_threads &&
- (status == SERVER_DEAD || status == SERVER_GRACEFUL);
-
- /* We consider a starting server as idle because we started it
- * at least a cycle ago, and if it still hasn't finished starting
- * then we're just going to swamp things worse by forking more.
- * So we hopefully won't need to fork more if we count it.
- * This depends on the ordering of SERVER_READY and SERVER_STARTING.
- */
- if (ps->pid != 0) { /* XXX just set all_dead_threads in outer
- for loop if no pid? not much else matters */
+ if (ps->pid != 0) {
+ for (j = 0; j < threads_per_child; j++) {
+ ws = &ap_scoreboard_image->servers[i][j];
+ status = ws->status;
+
+ /* We consider a starting server as idle because we started it
+ * at least a cycle ago, and if it still hasn't finished starting
+ * then we're just going to swamp things worse by forking more.
+ * So we hopefully won't need to fork more if we count it.
+ * This depends on the ordering of SERVER_READY and SERVER_STARTING.
+ */
if (status <= SERVER_READY && !ps->quiescing && !ps->not_accepting
&& ps->generation == retained->my_generation
&& ps->bucket == child_bucket)
@@ -2561,39 +2581,13 @@ static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
++child_threads_active;
}
}
+ last_non_dead = i;
}
active_thread_count += child_threads_active;
- if (any_dead_threads
- && totally_free_length < retained->idle_spawn_rate[child_bucket]
- && free_length < MAX_SPAWN_RATE / num_buckets
- && (!ps->pid /* no process in the slot */
- || ps->quiescing)) { /* or at least one is going away */
- if (all_dead_threads) {
- /* great! we prefer these, because the new process can
- * start more threads sooner. So prioritize this slot
- * by putting it ahead of any slots with active threads.
- *
- * first, make room by moving a slot that's potentially still
- * in use to the end of the array
- */
- free_slots[free_length] = free_slots[totally_free_length];
- free_slots[totally_free_length++] = i;
- }
- else {
- /* slot is still in use - back of the bus
- */
- free_slots[free_length] = i;
- }
- ++free_length;
- }
- else if (child_threads_active == threads_per_child) {
+ if (!ps->pid && free_length < retained->idle_spawn_rate[child_bucket])
+ free_slots[free_length++] = i;
+ else if (child_threads_active == threads_per_child)
had_healthy_child = 1;
- }
- /* XXX if (!ps->quiescing) is probably more reliable GLA */
- if (!any_dying_threads) {
- last_non_dead = i;
- ++total_non_dead;
- }
}
if (retained->sick_child_detected) {
@@ -2621,32 +2615,56 @@ static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
retained->max_daemons_limit = last_non_dead + 1;
- if (idle_thread_count > max_spare_threads / num_buckets) {
- /* Kill off one child */
- ap_mpm_podx_signal(all_buckets[child_bucket].pod,
- AP_MPM_PODX_GRACEFUL);
- retained->idle_spawn_rate[child_bucket] = 1;
+ if (idle_thread_count > max_spare_threads / num_buckets)
+ {
+ /*
+ * Child processes that we ask to shut down won't die immediately
+ * but may stay around for a long time when they finish their
+ * requests. If the server load changes many times, many such
+ * gracefully finishing processes may accumulate, filling up the
+ * scoreboard. To avoid running out of scoreboard entries, we
+ * don't shut down more processes when the total number of processes
+ * is high.
+ *
+ * XXX It would be nice if we could
+ * XXX - kill processes without keepalive connections first
+ * XXX - tell children to stop accepting new connections, and
+ * XXX depending on server load, later be able to resurrect them
+ * or kill them
+ */
+ if (retained->total_daemons <= active_daemons_limit &&
+ retained->total_daemons < server_limit) {
+ /* Kill off one child */
+ ap_mpm_podx_signal(all_buckets[child_bucket].pod,
+ AP_MPM_PODX_GRACEFUL);
+ retained->idle_spawn_rate[child_bucket] = 1;
+ active_daemons--;
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_TRACE5, 0, ap_server_conf,
+ "Not shutting down child: total daemons %d / "
+ "active limit %d / ServerLimit %d",
+ retained->total_daemons, active_daemons_limit,
+ server_limit);
+ }
}
else if (idle_thread_count < min_spare_threads / num_buckets) {
- /* terminate the free list */
- if (free_length == 0) { /* scoreboard is full, can't fork */
-
- if (active_thread_count >= ap_daemons_limit * threads_per_child) {
- if (!retained->maxclients_reported) {
- /* only report this condition once */
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(00484)
- "server reached MaxRequestWorkers setting, "
- "consider raising the MaxRequestWorkers "
- "setting");
- retained->maxclients_reported = 1;
- }
- }
- else {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(00485)
- "scoreboard is full, not at MaxRequestWorkers");
+ if (active_thread_count >= max_workers) {
+ if (!retained->maxclients_reported) {
+ /* only report this condition once */
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO(00484)
+ "server reached MaxRequestWorkers setting, "
+ "consider raising the MaxRequestWorkers "
+ "setting");
+ retained->maxclients_reported = 1;
}
retained->idle_spawn_rate[child_bucket] = 1;
}
+ else if (free_length == 0) { /* scoreboard is full, can't fork */
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, APLOGNO()
+ "scoreboard is full, not at MaxRequestWorkers."
+ "Increase ServerLimit.");
+ retained->idle_spawn_rate[child_bucket] = 1;
+ }
else {
if (free_length > retained->idle_spawn_rate[child_bucket]) {
free_length = retained->idle_spawn_rate[child_bucket];
@@ -2657,10 +2675,17 @@ static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
"to increase StartServers, ThreadsPerChild "
"or Min/MaxSpareThreads), "
"spawning %d children, there are around %d idle "
- "threads, and %d total children", free_length,
- idle_thread_count, total_non_dead);
+ "threads, %d active children, and %d children "
+ "that are shutting down", free_length,
+ idle_thread_count, active_daemons,
+ retained->total_daemons);
}
for (i = 0; i < free_length; ++i) {
+ ap_log_error(APLOG_MARK, APLOG_TRACE5, 0, ap_server_conf,
+ "Spawning new child: slot %d active / "
+ "total daemons: %d/%d",
+ free_slots[i], active_daemons,
+ retained->total_daemons);
make_child(ap_server_conf, free_slots[i], child_bucket);
}
/* the next time around we want to spawn twice as many if this
@@ -2682,7 +2707,6 @@ static void perform_idle_server_maintenance(int child_bucket, int num_buckets)
static void server_main_loop(int remaining_children_to_start, int num_buckets)
{
- ap_generation_t old_gen;
int child_slot;
apr_exit_why_e exitwhy;
int status, processed_status;
@@ -2706,6 +2730,10 @@ static void server_main_loop(int remaining_children_to_start, int num_buckets)
== retained->my_generation) {
shutdown_pending = 1;
child_fatal = 1;
+ /*
+ * total_daemons counting will be off now, but as we
+ * are shutting down, that is not an issue anymore.
+ */
return;
}
else {
@@ -2732,13 +2760,16 @@ static void server_main_loop(int remaining_children_to_start, int num_buckets)
event_note_child_killed(child_slot, 0, 0);
ps = &ap_scoreboard_image->parent[child_slot];
+ if (!ps->quiescing)
+ active_daemons--;
ps->quiescing = 0;
+ /* NOTE: We don't dec in the (child_slot < 0) case! */
+ retained->total_daemons--;
if (processed_status == APEXIT_CHILDSICK) {
/* resource shortage, minimize the fork rate */
retained->idle_spawn_rate[ps->bucket] = 1;
}
- else if (remaining_children_to_start
- && child_slot < ap_daemons_limit) {
+ else if (remaining_children_to_start) {
/* we're still doing a 1-for-1 replacement of dead
* children with new children
*/
@@ -2746,24 +2777,12 @@ static void server_main_loop(int remaining_children_to_start, int num_buckets)
--remaining_children_to_start;
}
}
- else if (ap_unregister_extra_mpm_process(pid.pid, &old_gen) == 1) {
-
- event_note_child_killed(-1, /* already out of the scoreboard */
- pid.pid, old_gen);
- if (processed_status == APEXIT_CHILDSICK
- && old_gen == retained->my_generation) {
- /* resource shortage, minimize the fork rate */
- for (i = 0; i < num_buckets; i++) {
- retained->idle_spawn_rate[i] = 1;
- }
- }
#if APR_HAS_OTHER_CHILD
- }
else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH,
status) == 0) {
/* handled */
-#endif
}
+#endif
else if (retained->is_graceful) {
/* Great, we've probably just lost a slot in the
* scoreboard. Somehow we don't know about this child.
@@ -2825,12 +2844,12 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
/* Don't thrash since num_buckets depends on the
* system and the number of online CPU cores...
*/
- if (ap_daemons_limit < num_buckets)
- ap_daemons_limit = num_buckets;
+ if (active_daemons_limit < num_buckets)
+ active_daemons_limit = num_buckets;
if (ap_daemons_to_start < num_buckets)
ap_daemons_to_start = num_buckets;
/* We want to create as much children at a time as the number of buckets,
- * so to optimally accept connections (evenly distributed accross buckets).
+ * so to optimally accept connections (evenly distributed across buckets).
* Thus min_spare_threads should at least maintain num_buckets children,
* and max_spare_threads allow num_buckets more children w/o triggering
* immediately (e.g. num_buckets idle threads margin, one per bucket).
@@ -2850,8 +2869,8 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
* supposed to start up without the 1 second penalty between each fork.
*/
remaining_children_to_start = ap_daemons_to_start;
- if (remaining_children_to_start > ap_daemons_limit) {
- remaining_children_to_start = ap_daemons_limit;
+ if (remaining_children_to_start > active_daemons_limit) {
+ remaining_children_to_start = active_daemons_limit;
}
if (!retained->is_graceful) {
startup_children(remaining_children_to_start);
@@ -2881,7 +2900,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
* Kill child processes, tell them to call child_exit, etc...
*/
for (i = 0; i < num_buckets; i++) {
- ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit,
+ ap_mpm_podx_killpg(all_buckets[i].pod, active_daemons_limit,
AP_MPM_PODX_RESTART);
}
ap_reclaim_child_processes(1, /* Start with SIGTERM */
@@ -2905,7 +2924,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
/* Close our listeners, and then ask our children to do same */
ap_close_listeners();
for (i = 0; i < num_buckets; i++) {
- ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit,
+ ap_mpm_podx_killpg(all_buckets[i].pod, active_daemons_limit,
AP_MPM_PODX_GRACEFUL);
}
ap_relieve_child_processes(event_note_child_killed);
@@ -2933,7 +2952,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
ap_relieve_child_processes(event_note_child_killed);
active_children = 0;
- for (index = 0; index < ap_daemons_limit; ++index) {
+ for (index = 0; index < retained->max_daemons_limit; ++index) {
if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
active_children = 1;
/* Having just one child is enough to stay around */
@@ -2948,7 +2967,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
* really dead.
*/
for (i = 0; i < num_buckets; i++) {
- ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit,
+ ap_mpm_podx_killpg(all_buckets[i].pod, active_daemons_limit,
AP_MPM_PODX_RESTART);
}
ap_reclaim_child_processes(1, event_note_child_killed);
@@ -2977,7 +2996,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
" received. Doing graceful restart");
/* wake up the children...time to die. But we'll have more soon */
for (i = 0; i < num_buckets; i++) {
- ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit,
+ ap_mpm_podx_killpg(all_buckets[i].pod, active_daemons_limit,
AP_MPM_PODX_GRACEFUL);
}
@@ -2992,7 +3011,7 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
* pthreads are stealing signals from us left and right.
*/
for (i = 0; i < num_buckets; i++) {
- ap_mpm_podx_killpg(all_buckets[i].pod, ap_daemons_limit,
+ ap_mpm_podx_killpg(all_buckets[i].pod, active_daemons_limit,
AP_MPM_PODX_RESTART);
}
@@ -3002,6 +3021,8 @@ static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
"SIGHUP received. Attempting to restart");
}
+ active_daemons = 0;
+
return OK;
}
@@ -3215,9 +3236,9 @@ static int event_pre_config(apr_pool_t * pconf, apr_pool_t * plog,
max_spare_threads = DEFAULT_MAX_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
server_limit = DEFAULT_SERVER_LIMIT;
thread_limit = DEFAULT_THREAD_LIMIT;
- ap_daemons_limit = server_limit;
+ active_daemons_limit = server_limit;
threads_per_child = DEFAULT_THREADS_PER_CHILD;
- max_workers = ap_daemons_limit * threads_per_child;
+ max_workers = active_daemons_limit * threads_per_child;
had_healthy_child = 0;
ap_extended_status = 0;
@@ -3426,10 +3447,10 @@ static int event_check_config(apr_pool_t *p, apr_pool_t *plog,
max_workers = threads_per_child;
}
- ap_daemons_limit = max_workers / threads_per_child;
+ active_daemons_limit = max_workers / threads_per_child;
if (max_workers % threads_per_child) {
- int tmp_max_workers = ap_daemons_limit * threads_per_child;
+ int tmp_max_workers = active_daemons_limit * threads_per_child;
if (startup) {
ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00513)
@@ -3437,7 +3458,7 @@ static int event_check_config(apr_pool_t *p, apr_pool_t *plog,
"multiple of ThreadsPerChild of %d, decreasing to nearest "
"multiple %d, for a maximum of %d servers.",
max_workers, threads_per_child, tmp_max_workers,
- ap_daemons_limit);
+ active_daemons_limit);
} else {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(00514)
"MaxRequestWorkers of %d is not an integer multiple "
@@ -3448,25 +3469,25 @@ static int event_check_config(apr_pool_t *p, apr_pool_t *plog,
max_workers = tmp_max_workers;
}
- if (ap_daemons_limit > server_limit) {
+ if (active_daemons_limit > server_limit) {
if (startup) {
ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00515)
"WARNING: MaxRequestWorkers of %d would require %d servers "
"and would exceed ServerLimit of %d, decreasing to %d. "
"To increase, please see the ServerLimit directive.",
- max_workers, ap_daemons_limit, server_limit,
+ max_workers, active_daemons_limit, server_limit,
server_limit * threads_per_child);
} else {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(00516)
"MaxRequestWorkers of %d would require %d servers and "
"exceed ServerLimit of %d, decreasing to %d",
- max_workers, ap_daemons_limit, server_limit,
+ max_workers, active_daemons_limit, server_limit,
server_limit * threads_per_child);
}
- ap_daemons_limit = server_limit;
+ active_daemons_limit = server_limit;
}
- /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */
+ /* ap_daemons_to_start > active_daemons_limit checked in ap_mpm_run() */
if (ap_daemons_to_start < 1) {
if (startup) {
ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL, APLOGNO(00517)
diff --git a/server/mpm/event/fdqueue.c b/server/mpm/event/fdqueue.c
index 343146f..64b318d 100644
--- a/server/mpm/event/fdqueue.c
+++ b/server/mpm/event/fdqueue.c
@@ -280,6 +280,19 @@ void ap_pop_pool(apr_pool_t ** recycled_pool, fd_queue_info_t * queue_info)
}
}
+void ap_free_idle_pools(fd_queue_info_t *queue_info)
+{
+ apr_pool_t *p;
+
+ queue_info->max_recycled_pools = 0;
+ do {
+ ap_pop_pool(&p, queue_info);
+ if (p != NULL)
+ apr_pool_destroy(p);
+ } while (p != NULL);
+}
+
+
apr_status_t ap_queue_info_term(fd_queue_info_t * queue_info)
{
apr_status_t rv;
@@ -477,17 +490,30 @@ apr_status_t ap_queue_pop_something(fd_queue_t * queue, apr_socket_t ** sd,
return rv;
}
-apr_status_t ap_queue_interrupt_all(fd_queue_t * queue)
+static apr_status_t queue_interrupt(fd_queue_t * queue, int all)
{
apr_status_t rv;
if ((rv = apr_thread_mutex_lock(queue->one_big_mutex)) != APR_SUCCESS) {
return rv;
}
- apr_thread_cond_broadcast(queue->not_empty);
+ if (all)
+ apr_thread_cond_broadcast(queue->not_empty);
+ else
+ apr_thread_cond_signal(queue->not_empty);
return apr_thread_mutex_unlock(queue->one_big_mutex);
}
+apr_status_t ap_queue_interrupt_all(fd_queue_t * queue)
+{
+ return queue_interrupt(queue, 1);
+}
+
+apr_status_t ap_queue_interrupt_one(fd_queue_t * queue)
+{
+ return queue_interrupt(queue, 0);
+}
+
apr_status_t ap_queue_term(fd_queue_t * queue)
{
apr_status_t rv;
diff --git a/server/mpm/event/fdqueue.h b/server/mpm/event/fdqueue.h
index 955816b..37be684 100644
--- a/server/mpm/event/fdqueue.h
+++ b/server/mpm/event/fdqueue.h
@@ -52,6 +52,7 @@ apr_status_t ap_queue_info_wait_for_idler(fd_queue_info_t * queue_info,
int *had_to_block);
apr_status_t ap_queue_info_term(fd_queue_info_t * queue_info);
apr_uint32_t ap_queue_info_get_idlers(fd_queue_info_t * queue_info);
+void ap_free_idle_pools(fd_queue_info_t *queue_info);
struct fd_queue_elem_t
{
@@ -98,6 +99,7 @@ apr_status_t ap_queue_pop_something(fd_queue_t * queue, apr_socket_t ** sd,
event_conn_state_t ** ecs, apr_pool_t ** p,
timer_event_t ** te);
apr_status_t ap_queue_interrupt_all(fd_queue_t * queue);
+apr_status_t ap_queue_interrupt_one(fd_queue_t * queue);
apr_status_t ap_queue_term(fd_queue_t * queue);
#endif /* FDQUEUE_H */
diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c
index 273126a..8bb46a3 100644
--- a/server/mpm/prefork/prefork.c
+++ b/server/mpm/prefork/prefork.c
@@ -703,7 +703,7 @@ static void child_main(int child_num_arg, int child_bucket)
SAFE_ACCEPT(accept_mutex_off()); /* unlock after "accept" */
if (status == APR_EGENERAL) {
- /* resource shortage or should-not-occur occured */
+ /* resource shortage or should-not-occur occurred */
clean_child_exit(APEXIT_CHILDSICK);
}
else if (status != APR_SUCCESS) {
diff --git a/server/mpm/winnt/child.c b/server/mpm/winnt/child.c
index dee35df..94a1438 100644
--- a/server/mpm/winnt/child.c
+++ b/server/mpm/winnt/child.c
@@ -136,10 +136,17 @@ static void mpm_recycle_completion_context(winnt_conn_ctx_t *context)
* state so -don't- close it.
*/
if (context) {
+ HANDLE saved_event;
+
apr_pool_clear(context->ptrans);
context->ba = apr_bucket_alloc_create(context->ptrans);
context->next = NULL;
+
+ saved_event = context->overlapped.hEvent;
+ memset(&context->overlapped, 0, sizeof(context->overlapped));
+ context->overlapped.hEvent = saved_event;
ResetEvent(context->overlapped.hEvent);
+
apr_thread_mutex_lock(qlock);
if (qtail) {
qtail->next = context;
@@ -323,8 +330,13 @@ static unsigned int __stdcall winnt_accept(void *lr_)
"no known accept filter. Using 'none' instead",
lr->protocol);
}
- else if (strcmp(accf_name, "data") == 0)
- accf = 2;
+ else if (strcmp(accf_name, "data") == 0) {
+ accf = 1;
+ accf_name = "connect";
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
+ APLOGNO(03458) "winnt_accept: 'data' accept filter is no "
+ "longer supported. Using 'connect' instead");
+ }
else if (strcmp(accf_name, "connect") == 0)
accf = 1;
else if (strcmp(accf_name, "none") == 0)
@@ -350,7 +362,7 @@ static unsigned int __stdcall winnt_accept(void *lr_)
}
#endif
- if (accf > 0) /* 'data' or 'connect' */
+ if (accf > 0) /* 'connect' */
{
if (WSAIoctl(nlsd, SIO_GET_EXTENSION_FUNCTION_POINTER,
&GuidAcceptEx, sizeof GuidAcceptEx,
@@ -376,7 +388,7 @@ static unsigned int __stdcall winnt_accept(void *lr_)
}
else /* accf == 0, 'none' */
{
-reinit: /* target of data or connect upon too many AcceptEx failures */
+reinit: /* target of connect upon too many AcceptEx failures */
/* last, low priority event is a not yet accepted connection */
events[0] = exit_event;
@@ -421,9 +433,8 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
}
}
- if (accf > 0) /* Either 'connect' or 'data' */
+ if (accf > 0) /* 'connect' */
{
- DWORD len;
char *buf;
/* Create and initialize the accept socket */
@@ -453,20 +464,12 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
continue;
}
- if (accf == 2) { /* 'data' */
- len = APR_BUCKET_BUFF_SIZE;
- buf = apr_bucket_alloc(len, context->ba);
- len -= PADDED_ADDR_SIZE * 2;
- }
- else /* (accf == 1) 'connect' */ {
- len = 0;
- buf = context->buff;
- }
+ buf = context->buff;
/* AcceptEx on the completion context. The completion context will be
* signaled when a connection is accepted.
*/
- if (!lpfnAcceptEx(nlsd, context->accept_socket, buf, len,
+ if (!lpfnAcceptEx(nlsd, context->accept_socket, buf, 0,
PADDED_ADDR_SIZE, PADDED_ADDR_SIZE, &BytesRead,
&context->overlapped)) {
rv = apr_get_netos_error();
@@ -476,8 +479,6 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
* 1) the client disconnects early
* 2) handshake was incomplete
*/
- if (accf == 2)
- apr_bucket_free(buf);
closesocket(context->accept_socket);
context->accept_socket = INVALID_SOCKET;
continue;
@@ -492,8 +493,6 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
* 3) the dynamic address / adapter has changed
* Give five chances, then fall back on AcceptFilter 'none'
*/
- if (accf == 2)
- apr_bucket_free(buf);
closesocket(context->accept_socket);
context->accept_socket = INVALID_SOCKET;
++err_count;
@@ -513,8 +512,6 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
}
else if ((rv != APR_FROM_OS_ERROR(ERROR_IO_PENDING)) &&
(rv != APR_FROM_OS_ERROR(WSA_IO_PENDING))) {
- if (accf == 2)
- apr_bucket_free(buf);
closesocket(context->accept_socket);
context->accept_socket = INVALID_SOCKET;
++err_count;
@@ -555,14 +552,10 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
/* exit_event triggered or event handle was closed */
closesocket(context->accept_socket);
context->accept_socket = INVALID_SOCKET;
- if (accf == 2)
- apr_bucket_free(buf);
break;
}
if (context->accept_socket == INVALID_SOCKET) {
- if (accf == 2)
- apr_bucket_free(buf);
continue;
}
}
@@ -585,28 +578,9 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
/* Get the local & remote address
* TODO; error check
*/
- lpfnGetAcceptExSockaddrs(buf, len, PADDED_ADDR_SIZE, PADDED_ADDR_SIZE,
+ lpfnGetAcceptExSockaddrs(buf, 0, PADDED_ADDR_SIZE, PADDED_ADDR_SIZE,
&context->sa_server, &context->sa_server_len,
&context->sa_client, &context->sa_client_len);
-
- /* For 'data', craft a bucket for our data result
- * and pass to worker_main as context->overlapped.Pointer
- */
- if (accf == 2 && BytesRead)
- {
- apr_bucket *b;
- b = apr_bucket_heap_create(buf, APR_BUCKET_BUFF_SIZE,
- apr_bucket_free, context->ba);
- /* Adjust the bucket to refer to the actual bytes read */
- b->length = BytesRead;
- context->overlapped.Pointer = b;
- }
- else {
- if (accf == 2) {
- apr_bucket_free(buf);
- }
- context->overlapped.Pointer = NULL;
- }
}
else /* (accf = 0) e.g. 'none' */
{
@@ -680,7 +654,6 @@ reinit: /* target of data or connect upon too many AcceptEx failures */
* os_sock_make and os_sock_put that it does not query).
*/
WSAEventSelect(context->accept_socket, 0, 0);
- context->overlapped.Pointer = NULL;
err_count = 0;
context->sa_server_len = sizeof(context->buff) / 2;
@@ -785,24 +758,6 @@ static winnt_conn_ctx_t *winnt_get_connection(winnt_conn_ctx_t *context)
return context;
}
-apr_status_t winnt_insert_network_bucket(conn_rec *c,
- apr_bucket_brigade *bb,
- apr_socket_t *socket)
-{
- apr_bucket *e;
- winnt_conn_ctx_t *context = ap_get_module_config(c->conn_config,
- &mpm_winnt_module);
- if (context == NULL || (e = context->overlapped.Pointer) == NULL)
- return AP_DECLINED;
-
- /* seed the brigade with AcceptEx read heap bucket */
- APR_BRIGADE_INSERT_HEAD(bb, e);
- /* also seed the brigade with the client socket. */
- e = apr_bucket_socket_create(socket, c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(bb, e);
- return APR_SUCCESS;
-}
-
/*
* worker_main()
* Main entry point for the worker threads. Worker threads block in
@@ -816,8 +771,6 @@ static DWORD __stdcall worker_main(void *thread_num_val)
winnt_conn_ctx_t *context = NULL;
int thread_num = (int)thread_num_val;
ap_sb_handle_t *sbh;
- apr_bucket *e;
- int rc;
conn_rec *c;
apr_int32_t disconnected;
@@ -843,8 +796,6 @@ static DWORD __stdcall worker_main(void *thread_num_val)
}
}
- e = context->overlapped.Pointer;
-
ap_create_sb_handle(&sbh, context->ptrans, 0, thread_num);
c = ap_run_create_connection(context->ptrans, ap_server_conf,
context->sock, thread_num, sbh,
@@ -853,9 +804,6 @@ static DWORD __stdcall worker_main(void *thread_num_val)
if (!c) {
/* ap_run_create_connection closes the socket on failure */
context->accept_socket = INVALID_SOCKET;
- if (e) {
- apr_bucket_free(e);
- }
continue;
}
@@ -863,26 +811,7 @@ static DWORD __stdcall worker_main(void *thread_num_val)
apr_os_thread_put(&thd, &osthd, context->ptrans);
c->current_thread = thd;
- /* follow ap_process_connection(c, context->sock) logic
- * as it left us no chance to reinject our first data bucket.
- */
- ap_update_vhost_given_ip(c);
-
- rc = ap_run_pre_connection(c, context->sock);
- if (rc != OK && rc != DONE) {
- c->aborted = 1;
- }
-
- if (e && c->aborted) {
- apr_bucket_free(e);
- }
- else {
- ap_set_module_config(c->conn_config, &mpm_winnt_module, context);
- }
-
- if (!c->aborted) {
- ap_run_process_connection(c);
- }
+ ap_process_connection(c, context->sock);
apr_socket_opt_get(context->sock, APR_SO_DISCONNECTED, &disconnected);
diff --git a/server/mpm/winnt/mpm_winnt.c b/server/mpm/winnt/mpm_winnt.c
index e0f0784..2487e45 100644
--- a/server/mpm/winnt/mpm_winnt.c
+++ b/server/mpm/winnt/mpm_winnt.c
@@ -1004,7 +1004,7 @@ static void winnt_rewrite_args(process_rec *process)
* -k config
* -k uninstall
* -k stop
- * -k shutdown (same as -k stop). Maintained for backward compatability.
+ * -k shutdown (same as -k stop). Maintained for backward compatibility.
*
* We can't leave this phase until we know our identity
* and modify the command arguments appropriately.
@@ -1050,7 +1050,7 @@ static void winnt_rewrite_args(process_rec *process)
my_pid = GetCurrentProcessId();
parent_pid = (DWORD) atol(pid);
- /* Prevent holding open the (nonexistant) console */
+ /* Prevent holding open the (nonexistent) console */
ap_real_exit_code = 0;
/* The parent gave us stdin, we need to remember this
@@ -1769,8 +1769,6 @@ static void winnt_hooks(apr_pool_t *p)
ap_hook_mpm(winnt_run, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_mpm_query(winnt_query, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_mpm_get_name(winnt_get_name, NULL, NULL, APR_HOOK_MIDDLE);
- ap_hook_insert_network_bucket(winnt_insert_network_bucket, NULL, NULL,
- APR_HOOK_MIDDLE);
}
AP_DECLARE_MODULE(mpm_winnt) = {
diff --git a/server/mpm/winnt/mpm_winnt.h b/server/mpm/winnt/mpm_winnt.h
index 8fb595b..22ba001 100644
--- a/server/mpm/winnt/mpm_winnt.h
+++ b/server/mpm/winnt/mpm_winnt.h
@@ -91,9 +91,6 @@ void hold_console_open_on_error(void);
/* From child.c: */
void child_main(apr_pool_t *pconf, DWORD parent_pid);
-apr_status_t winnt_insert_network_bucket(conn_rec *c,
- apr_bucket_brigade *bb,
- apr_socket_t *socket);
#endif /* APACHE_MPM_WINNT_H */
/** @} */
diff --git a/server/mpm/winnt/service.c b/server/mpm/winnt/service.c
index 457ff8c..22f044d 100644
--- a/server/mpm/winnt/service.c
+++ b/server/mpm/winnt/service.c
@@ -104,7 +104,7 @@ static APR_INLINE SC_HANDLE OpenSCManager(const void *lpMachine,
*
* If ap_real_exit_code is reset to 0, it will not be set or trigger this
* behavior on exit. All service and child processes are expected to
- * reset this flag to zero to avoid undesireable side effects.
+ * reset this flag to zero to avoid undesirable side effects.
*/
AP_DECLARE_DATA int ap_real_exit_code = 1;
diff --git a/server/mpm/worker/worker.c b/server/mpm/worker/worker.c
index d0ed604..73c33bf 100644
--- a/server/mpm/worker/worker.c
+++ b/server/mpm/worker/worker.c
@@ -168,7 +168,7 @@ typedef struct worker_retained_data {
#endif
int hold_off_on_exponential_spawning;
/*
- * Current number of listeners buckets and maximum reached accross
+ * Current number of listeners buckets and maximum reached across
* restarts (to size retained data according to dynamic num_buckets,
* eg. idle_spawn_rate).
*/
@@ -1837,7 +1837,7 @@ static int worker_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
if (ap_daemons_to_start < num_buckets)
ap_daemons_to_start = num_buckets;
/* We want to create as much children at a time as the number of buckets,
- * so to optimally accept connections (evenly distributed accross buckets).
+ * so to optimally accept connections (evenly distributed across buckets).
* Thus min_spare_threads should at least maintain num_buckets children,
* and max_spare_threads allow num_buckets more children w/o triggering
* immediately (e.g. num_buckets idle threads margin, one per bucket).
diff --git a/server/mpm_unix.c b/server/mpm_unix.c
index 1a7f935..dce10a7 100644
--- a/server/mpm_unix.c
+++ b/server/mpm_unix.c
@@ -63,7 +63,13 @@
#undef APLOG_MODULE_INDEX
#define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
-typedef enum {DO_NOTHING, SEND_SIGTERM, SEND_SIGKILL, GIVEUP} action_t;
+typedef enum {
+ DO_NOTHING,
+ SEND_SIGTERM,
+ SEND_SIGTERM_NOLOG,
+ SEND_SIGKILL,
+ GIVEUP
+} action_t;
typedef struct extra_process_t {
struct extra_process_t *next;
@@ -142,6 +148,8 @@ static int reclaim_one_pid(pid_t pid, action_t action)
" still did not exit, "
"sending a SIGTERM",
pid);
+ /* FALLTHROUGH */
+ case SEND_SIGTERM_NOLOG:
kill(pid, SIGTERM);
break;
@@ -193,6 +201,7 @@ AP_DECLARE(void) ap_reclaim_child_processes(int terminate,
* children but take no action against
* stragglers
*/
+ {SEND_SIGTERM_NOLOG, 0}, /* skipped if terminate == 0 */
{SEND_SIGTERM, apr_time_from_sec(3)},
{SEND_SIGTERM, apr_time_from_sec(5)},
{SEND_SIGTERM, apr_time_from_sec(7)},
@@ -202,19 +211,21 @@ AP_DECLARE(void) ap_reclaim_child_processes(int terminate,
int cur_action; /* index of action we decided to take this
* iteration
*/
- int next_action = 1; /* index of first real action */
+ int next_action = terminate ? 1 : 2; /* index of first real action */
ap_mpm_query(AP_MPMQ_MAX_DAEMON_USED, &max_daemons);
do {
- apr_sleep(waittime);
- /* don't let waittime get longer than 1 second; otherwise, we don't
- * react quickly to the last child exiting, and taking action can
- * be delayed
- */
- waittime = waittime * 4;
- if (waittime > apr_time_from_sec(1)) {
- waittime = apr_time_from_sec(1);
+ if (action_table[next_action].action_time > 0) {
+ apr_sleep(waittime);
+ /* don't let waittime get longer than 1 second; otherwise, we don't
+ * react quickly to the last child exiting, and taking action can
+ * be delayed
+ */
+ waittime = waittime * 4;
+ if (waittime > apr_time_from_sec(1)) {
+ waittime = apr_time_from_sec(1);
+ }
}
/* see what action to take, if any */
@@ -787,7 +798,10 @@ int ap_signal_server(int *exit_status, apr_pool_t *pconf)
status = "httpd (no pid file) not running";
}
else {
- if (kill(otherpid, 0) == 0) {
+ /* With containerization, httpd may get the same PID at each startup,
+ * handle it as if it were not running (it obviously can't).
+ */
+ if (otherpid != getpid() && kill(otherpid, 0) == 0) {
running = 1;
status = apr_psprintf(pconf,
"httpd (pid %" APR_PID_T_FMT ") already "
diff --git a/server/protocol.c b/server/protocol.c
index 88d0f99..63b358d 100644
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -191,6 +191,10 @@ AP_DECLARE(apr_time_t) ap_rationalize_mtime(request_rec *r, apr_time_t mtime)
/* Get a line of protocol input, including any continuation lines
* caused by MIME folding (or broken clients) if fold != 0, and place it
* in the buffer s, of size n bytes, without the ending newline.
+ *
+ * Pulls from r->proto_input_filters instead of r->input_filters for
+ * stricter protocol adherence and better input filter behavior during
+ * chunked trailer processing (for http).
*
* If s is NULL, ap_rgetline_core will allocate necessary memory from r->pool.
*
@@ -200,7 +204,7 @@ AP_DECLARE(apr_time_t) ap_rationalize_mtime(request_rec *r, apr_time_t mtime)
* APR_ENOSPC is returned if there is not enough buffer space.
* Other errors may be returned on other errors.
*
- * The LF is *not* returned in the buffer. Therefore, a *read of 0
+ * The [CR]LF are *not* returned in the buffer. Therefore, a *read of 0
* indicates that an empty line was read.
*
* Notes: Because the buffer uses 1 char for NUL, the most we can return is
@@ -211,13 +215,15 @@ AP_DECLARE(apr_time_t) ap_rationalize_mtime(request_rec *r, apr_time_t mtime)
*/
AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
apr_size_t *read, request_rec *r,
- int fold, apr_bucket_brigade *bb)
+ int flags, apr_bucket_brigade *bb)
{
apr_status_t rv;
apr_bucket *e;
apr_size_t bytes_handled = 0, current_alloc = 0;
char *pos, *last_char = *s;
int do_alloc = (*s == NULL), saw_eos = 0;
+ int fold = flags & AP_GETLINE_FOLD;
+ int crlf = flags & AP_GETLINE_CRLF;
/*
* Initialize last_char as otherwise a random value will be compared
@@ -229,13 +235,15 @@ AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
for (;;) {
apr_brigade_cleanup(bb);
- rv = ap_get_brigade(r->input_filters, bb, AP_MODE_GETLINE,
+ rv = ap_get_brigade(r->proto_input_filters, bb, AP_MODE_GETLINE,
APR_BLOCK_READ, 0);
if (rv != APR_SUCCESS) {
return rv;
}
- /* Something horribly wrong happened. Someone didn't block! */
+ /* Something horribly wrong happened. Someone didn't block!
+ * (this also happens at the end of each keepalive connection)
+ */
if (APR_BRIGADE_EMPTY(bb)) {
return APR_EGENERAL;
}
@@ -321,6 +329,13 @@ AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
}
}
+ if (crlf && (last_char <= *s || last_char[-1] != APR_ASCII_CR)) {
+ *last_char = '\0';
+ bytes_handled = last_char - *s;
+ *read = bytes_handled;
+ return APR_EINVAL;
+ }
+
/* Now NUL-terminate the string at the end of the line;
* if the last-but-one character is a CR, terminate there */
if (last_char > *s && last_char[-1] == APR_ASCII_CR) {
@@ -343,7 +358,7 @@ AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
apr_brigade_cleanup(bb);
/* We only care about the first byte. */
- rv = ap_get_brigade(r->input_filters, bb, AP_MODE_SPECULATIVE,
+ rv = ap_get_brigade(r->proto_input_filters, bb, AP_MODE_SPECULATIVE,
APR_BLOCK_READ, 1);
if (rv != APR_SUCCESS) {
return rv;
@@ -394,7 +409,8 @@ AP_DECLARE(apr_status_t) ap_rgetline_core(char **s, apr_size_t n,
*/
if (do_alloc) {
tmp = NULL;
- } else {
+ }
+ else {
/* We're null terminated. */
tmp = last_char;
}
@@ -464,7 +480,7 @@ AP_DECLARE(apr_status_t) ap_rgetline(char **s, apr_size_t n,
}
#endif
-AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int fold)
+AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int flags)
{
char *tmp_s = s;
apr_status_t rv;
@@ -472,7 +488,7 @@ AP_DECLARE(int) ap_getline(char *s, int n, request_rec *r, int fold)
apr_bucket_brigade *tmp_bb;
tmp_bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
- rv = ap_rgetline(&tmp_s, n, &len, r, fold, tmp_bb);
+ rv = ap_rgetline(&tmp_s, n, &len, r, flags, tmp_bb);
apr_brigade_destroy(tmp_bb);
/* Map the out-of-space condition to the old API. */
@@ -552,16 +568,29 @@ AP_CORE_DECLARE(void) ap_parse_uri(request_rec *r, const char *uri)
}
}
-static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
+/* get the length of the field name for logging, but no more than 80 bytes */
+#define LOG_NAME_MAX_LEN 80
+static int field_name_len(const char *field)
{
- const char *ll;
- const char *uri;
- const char *pro;
+ const char *end = ap_strchr_c(field, ':');
+ if (end == NULL || end - field > LOG_NAME_MAX_LEN)
+ return LOG_NAME_MAX_LEN;
+ return end - field;
+}
- unsigned int major = 1, minor = 0; /* Assume HTTP/1.0 if non-"HTTP" protocol */
- char http[5];
+static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
+{
+ enum {
+ rrl_none, rrl_badmethod, rrl_badwhitespace, rrl_excesswhitespace,
+ rrl_missinguri, rrl_baduri, rrl_badprotocol, rrl_trailingtext,
+ rrl_badmethod09, rrl_reject09
+ } deferred_error = rrl_none;
+ char *ll;
+ char *uri;
apr_size_t len;
int num_blank_lines = DEFAULT_LIMIT_BLANK_LINES;
+ core_server_config *conf = ap_get_core_module_config(r->server->module_config);
+ int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
/* Read past empty lines until we get a real request line,
* a read error, the connection closes (EOF), or we timeout.
@@ -586,7 +615,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
*/
r->the_request = NULL;
rv = ap_rgetline(&(r->the_request), (apr_size_t)(r->server->limit_req_line + 2),
- &len, r, 0, bb);
+ &len, r, strict ? AP_GETLINE_CRLF : 0, bb);
if (rv != APR_SUCCESS) {
r->request_time = apr_time_now();
@@ -596,7 +625,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
* happen if it exceeds the configured limit for a request-line.
*/
if (APR_STATUS_IS_ENOSPC(rv)) {
- r->status = HTTP_REQUEST_URI_TOO_LARGE;
+ r->status = HTTP_REQUEST_URI_TOO_LARGE;
}
else if (APR_STATUS_IS_TIMEUP(rv)) {
r->status = HTTP_REQUEST_TIME_OUT;
@@ -617,58 +646,266 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
}
r->request_time = apr_time_now();
- ll = r->the_request;
- r->method = ap_getword_white(r->pool, &ll);
- uri = ap_getword_white(r->pool, &ll);
+ r->method = r->the_request;
- if (!*r->method || !*uri) {
- r->status = HTTP_BAD_REQUEST;
- r->proto_num = HTTP_VERSION(1,0);
- r->protocol = apr_pstrdup(r->pool, "HTTP/1.0");
- return 0;
+ /* If there is whitespace before a method, skip it and mark in error */
+ if (apr_isspace(*r->method)) {
+ deferred_error = rrl_badwhitespace;
+ for ( ; apr_isspace(*r->method); ++r->method)
+ ;
+ }
+
+ /* Scan the method up to the next whitespace, ensure it contains only
+ * valid http-token characters, otherwise mark in error
+ */
+ if (strict) {
+ ll = (char*) ap_scan_http_token(r->method);
+ }
+ else {
+ ll = (char*) ap_scan_vchar_obstext(r->method);
+ }
+
+ if (((ll == r->method) || (*ll && !apr_isspace(*ll)))
+ && deferred_error == rrl_none) {
+ deferred_error = rrl_badmethod;
+ ll = strpbrk(ll, "\t\n\v\f\r ");
+ }
+
+ /* Verify method terminated with a single SP, or mark as specific error */
+ if (!ll) {
+ if (deferred_error == rrl_none)
+ deferred_error = rrl_missinguri;
+ r->protocol = uri = "";
+ len = 0;
+ goto rrl_done;
+ }
+ else if (strict && ll[0] && apr_isspace(ll[1])
+ && deferred_error == rrl_none) {
+ deferred_error = rrl_excesswhitespace;
+ }
+
+ /* Advance uri pointer over leading whitespace, NUL terminate the method
+ * If non-SP whitespace is encountered, mark as specific error
+ */
+ for (uri = ll; apr_isspace(*uri); ++uri)
+ if (*uri != ' ' && deferred_error == rrl_none)
+ deferred_error = rrl_badwhitespace;
+ *ll = '\0';
+
+ if (!*uri && deferred_error == rrl_none)
+ deferred_error = rrl_missinguri;
+
+ /* Scan the URI up to the next whitespace, ensure it contains no raw
+ * control characters, otherwise mark in error
+ */
+ ll = (char*) ap_scan_vchar_obstext(uri);
+ if (ll == uri || (*ll && !apr_isspace(*ll))) {
+ deferred_error = rrl_baduri;
+ ll = strpbrk(ll, "\t\n\v\f\r ");
}
- /* Provide quick information about the request method as soon as known */
+ /* Verify URI terminated with a single SP, or mark as specific error */
+ if (!ll) {
+ r->protocol = "";
+ len = 0;
+ goto rrl_done;
+ }
+ else if (strict && ll[0] && apr_isspace(ll[1])
+ && deferred_error == rrl_none) {
+ deferred_error = rrl_excesswhitespace;
+ }
+ /* Advance protocol pointer over leading whitespace, NUL terminate the uri
+ * If non-SP whitespace is encountered, mark as specific error
+ */
+ for (r->protocol = ll; apr_isspace(*r->protocol); ++r->protocol)
+ if (*r->protocol != ' ' && deferred_error == rrl_none)
+ deferred_error = rrl_badwhitespace;
+ *ll = '\0';
+
+ /* Scan the protocol up to the next whitespace, validation comes later */
+ if (!(ll = (char*) ap_scan_vchar_obstext(r->protocol))) {
+ len = strlen(r->protocol);
+ goto rrl_done;
+ }
+ len = ll - r->protocol;
+
+ /* Advance over trailing whitespace, if found mark in error,
+ * determine if trailing text is found, unconditionally mark in error,
+ * finally NUL terminate the protocol string
+ */
+ if (*ll && !apr_isspace(*ll)) {
+ deferred_error = rrl_badprotocol;
+ }
+ else if (strict && *ll) {
+ deferred_error = rrl_excesswhitespace;
+ }
+ else {
+ for ( ; apr_isspace(*ll); ++ll)
+ if (*ll != ' ' && deferred_error == rrl_none)
+ deferred_error = rrl_badwhitespace;
+ if (*ll && deferred_error == rrl_none)
+ deferred_error = rrl_trailingtext;
+ }
+ *((char *)r->protocol + len) = '\0';
+
+rrl_done:
+ /* For internal integrety and palloc efficiency, reconstruct the_request
+ * in one palloc, using only single SP characters, per spec.
+ */
+ r->the_request = apr_pstrcat(r->pool, r->method, *uri ? " " : NULL, uri,
+ *r->protocol ? " " : NULL, r->protocol, NULL);
+
+ if (len == 8
+ && r->protocol[0] == 'H' && r->protocol[1] == 'T'
+ && r->protocol[2] == 'T' && r->protocol[3] == 'P'
+ && r->protocol[4] == '/' && apr_isdigit(r->protocol[5])
+ && r->protocol[6] == '.' && apr_isdigit(r->protocol[7])
+ && r->protocol[5] != '0') {
+ r->assbackwards = 0;
+ r->proto_num = HTTP_VERSION(r->protocol[5] - '0', r->protocol[7] - '0');
+ }
+ else if (len == 8
+ && (r->protocol[0] == 'H' || r->protocol[0] == 'h')
+ && (r->protocol[1] == 'T' || r->protocol[1] == 't')
+ && (r->protocol[2] == 'T' || r->protocol[2] == 't')
+ && (r->protocol[3] == 'P' || r->protocol[3] == 'p')
+ && r->protocol[4] == '/' && apr_isdigit(r->protocol[5])
+ && r->protocol[6] == '.' && apr_isdigit(r->protocol[7])
+ && r->protocol[5] != '0') {
+ r->assbackwards = 0;
+ r->proto_num = HTTP_VERSION(r->protocol[5] - '0', r->protocol[7] - '0');
+ if (strict && deferred_error == rrl_none)
+ deferred_error = rrl_badprotocol;
+ else
+ memcpy((char*)r->protocol, "HTTP", 4);
+ }
+ else if (r->protocol[0]) {
+ r->proto_num = HTTP_VERSION(0, 9);
+ /* Defer setting the r->protocol string till error msg is composed */
+ if (deferred_error == rrl_none)
+ deferred_error = rrl_badprotocol;
+ }
+ else {
+ r->assbackwards = 1;
+ r->protocol = apr_pstrdup(r->pool, "HTTP/0.9");
+ r->proto_num = HTTP_VERSION(0, 9);
+ }
+
+ /* Determine the method_number and parse the uri prior to invoking error
+ * handling, such that these fields are available for subsitution
+ */
r->method_number = ap_method_number_of(r->method);
- if (r->method_number == M_GET && r->method[0] == 'H') {
+ if (r->method_number == M_GET && r->method[0] == 'H')
r->header_only = 1;
- }
ap_parse_uri(r, uri);
- if (r->status != HTTP_OK) {
- r->proto_num = HTTP_VERSION(1,0);
- r->protocol = apr_pstrdup(r->pool, "HTTP/1.0");
+
+ /* With the request understood, we can consider HTTP/0.9 specific errors */
+ if (r->proto_num == HTTP_VERSION(0, 9) && deferred_error == rrl_none) {
+ if (conf->http09_enable == AP_HTTP09_DISABLE)
+ deferred_error = rrl_reject09;
+ else if (strict && (r->method_number != M_GET || r->header_only))
+ deferred_error = rrl_badmethod09;
+ }
+
+ /* Now that the method, uri and protocol are all processed,
+ * we can safely resume any deferred error reporting
+ */
+ if (deferred_error != rrl_none) {
+ if (deferred_error == rrl_badmethod)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03445)
+ "HTTP Request Line; Invalid method token: '%.*s'",
+ field_name_len(r->method), r->method);
+ else if (deferred_error == rrl_badmethod09)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03444)
+ "HTTP Request Line; Invalid method token: '%.*s'"
+ " (only GET is allowed for HTTP/0.9 requests)",
+ field_name_len(r->method), r->method);
+ else if (deferred_error == rrl_missinguri)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03446)
+ "HTTP Request Line; Missing URI");
+ else if (deferred_error == rrl_baduri)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03454)
+ "HTTP Request Line; URI incorrectly encoded: '%.*s'",
+ field_name_len(r->uri), r->uri);
+ else if (deferred_error == rrl_badwhitespace)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03447)
+ "HTTP Request Line; Invalid whitespace");
+ else if (deferred_error == rrl_excesswhitespace)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03448)
+ "HTTP Request Line; Excess whitespace "
+ "(disallowed by HttpProtocolOptions Strict");
+ else if (deferred_error == rrl_trailingtext)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03449)
+ "HTTP Request Line; Extraneous text found '%.*s' "
+ "(perhaps whitespace was injected?)",
+ field_name_len(ll), ll);
+ else if (deferred_error == rrl_reject09)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02401)
+ "HTTP Request Line; Rejected HTTP/0.9 request");
+ else if (deferred_error == rrl_badprotocol)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02418)
+ "HTTP Request Line; Unrecognized protocol '%.*s' "
+ "(perhaps whitespace was injected?)",
+ field_name_len(r->protocol), r->protocol);
+ r->status = HTTP_BAD_REQUEST;
+ goto rrl_failed;
+ }
+
+ if (conf->http_methods == AP_HTTP_METHODS_REGISTERED
+ && r->method_number == M_INVALID) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02423)
+ "HTTP Request Line; Unrecognized HTTP method: '%.*s' "
+ "(disallowed by RegisteredMethods)",
+ field_name_len(r->method), r->method);
+ r->status = HTTP_NOT_IMPLEMENTED;
+ /* This can't happen in an HTTP/0.9 request, we verified GET above */
return 0;
}
- if (ll[0]) {
- r->assbackwards = 0;
- pro = ll;
- len = strlen(ll);
- } else {
- r->assbackwards = 1;
- pro = "HTTP/0.9";
- len = 8;
+ if (r->status != HTTP_OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03450)
+ "HTTP Request Line; Unable to parse URI: '%.*s'",
+ field_name_len(r->uri), r->uri);
+ goto rrl_failed;
}
- r->protocol = apr_pstrmemdup(r->pool, pro, len);
- /* Avoid sscanf in the common case */
- if (len == 8
- && pro[0] == 'H' && pro[1] == 'T' && pro[2] == 'T' && pro[3] == 'P'
- && pro[4] == '/' && apr_isdigit(pro[5]) && pro[6] == '.'
- && apr_isdigit(pro[7])) {
- r->proto_num = HTTP_VERSION(pro[5] - '0', pro[7] - '0');
- }
- else if (3 == sscanf(r->protocol, "%4s/%u.%u", http, &major, &minor)
- && (strcasecmp("http", http) == 0)
- && (minor < HTTP_VERSION(1, 0)) ) /* don't allow HTTP/0.1000 */
- r->proto_num = HTTP_VERSION(major, minor);
- else
- r->proto_num = HTTP_VERSION(1, 0);
+ if (strict) {
+ if (r->parsed_uri.fragment) {
+ /* RFC3986 3.5: no fragment */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02421)
+ "HTTP Request Line; URI must not contain a fragment");
+ r->status = HTTP_BAD_REQUEST;
+ goto rrl_failed;
+ }
+ if (r->parsed_uri.user || r->parsed_uri.password) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02422)
+ "HTTP Request Line; URI must not contain a "
+ "username/password");
+ r->status = HTTP_BAD_REQUEST;
+ goto rrl_failed;
+ }
+ }
return 1;
+
+rrl_failed:
+ if (r->proto_num == HTTP_VERSION(0, 9)) {
+ /* Send all parsing and protocol error response with 1.x behavior,
+ * and reserve 505 errors for actual HTTP protocols presented.
+ * As called out in RFC7230 3.5, any errors parsing the protocol
+ * from the request line are nearly always misencoded HTTP/1.x
+ * requests. Only a valid 0.9 request with no parsing errors
+ * at all may be treated as a simple request, if allowed.
+ */
+ r->assbackwards = 0;
+ r->connection->keepalive = AP_CONN_CLOSE;
+ r->proto_num = HTTP_VERSION(1, 0);
+ r->protocol = apr_pstrdup(r->pool, "HTTP/1.0");
+ }
+ return 0;
}
static int table_do_fn_check_lengths(void *r_, const char *key,
@@ -680,26 +917,13 @@ static int table_do_fn_check_lengths(void *r_, const char *key,
r->status = HTTP_BAD_REQUEST;
apr_table_setn(r->notes, "error-notes",
- apr_pstrcat(r->pool, "Size of a request header field "
- "after merging exceeds server limit.<br />"
- "\n<pre>\n",
- ap_escape_html(r->pool, key),
- "</pre>\n", NULL));
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00560) "Request header "
- "exceeds LimitRequestFieldSize after merging: %s", key);
+ "Size of a request header field exceeds server limit.");
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00560) "Request "
+ "header exceeds LimitRequestFieldSize after merging: %.*s",
+ field_name_len(key), key);
return 0;
}
-/* get the length of the field name for logging, but no more than 80 bytes */
-#define LOG_NAME_MAX_LEN 80
-static int field_name_len(const char *field)
-{
- const char *end = ap_strchr_c(field, ':');
- if (end == NULL || end - field > LOG_NAME_MAX_LEN)
- return LOG_NAME_MAX_LEN;
- return end - field;
-}
-
AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb)
{
char *last_field = NULL;
@@ -710,6 +934,8 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
apr_size_t len;
int fields_read = 0;
char *tmp_field;
+ core_server_config *conf = ap_get_core_module_config(r->server->module_config);
+ int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
/*
* Read header lines until we get the empty separator line, a read error,
@@ -717,11 +943,10 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
*/
while(1) {
apr_status_t rv;
- int folded = 0;
field = NULL;
rv = ap_rgetline(&field, r->server->limit_req_fieldsize + 2,
- &len, r, 0, bb);
+ &len, r, strict ? AP_GETLINE_CRLF : 0, bb);
if (rv != APR_SUCCESS) {
if (APR_STATUS_IS_TIMEUP(rv)) {
@@ -738,156 +963,218 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
* exceeds the configured limit for a field size.
*/
if (rv == APR_ENOSPC) {
- const char *field_escaped;
- if (field && len) {
- /* ensure ap_escape_html will terminate correctly */
- field[len - 1] = '\0';
- field_escaped = ap_escape_html(r->pool, field);
- }
- else {
- field_escaped = field = "";
- }
-
apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Size of a request header field "
- "exceeds server limit.<br />\n"
- "<pre>\n%.*s\n</pre>\n",
- field_name_len(field_escaped),
- field_escaped));
+ "Size of a request header field "
+ "exceeds server limit.");
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00561)
"Request header exceeds LimitRequestFieldSize%s"
"%.*s",
- *field ? ": " : "",
- field_name_len(field), field);
+ (field && *field) ? ": " : "",
+ (field) ? field_name_len(field) : 0,
+ (field) ? field : "");
}
return;
}
- if (last_field != NULL) {
- if ((len > 0) && ((*field == '\t') || *field == ' ')) {
- /* This line is a continuation of the preceding line(s),
- * so append it to the line that we've set aside.
- * Note: this uses a power-of-two allocator to avoid
- * doing O(n) allocs and using O(n^2) space for
- * continuations that span many many lines.
- */
- apr_size_t fold_len = last_len + len + 1; /* trailing null */
+ /* For all header values, and all obs-fold lines, the presence of
+ * additional whitespace is a no-op, so collapse trailing whitespace
+ * to save buffer allocation and optimize copy operations.
+ * Do not remove the last single whitespace under any condition.
+ */
+ while (len > 1 && (field[len-1] == '\t' || field[len-1] == ' ')) {
+ field[--len] = '\0';
+ }
- if (fold_len >= (apr_size_t)(r->server->limit_req_fieldsize)) {
- const char *field_escaped;
+ if (*field == '\t' || *field == ' ') {
- r->status = HTTP_BAD_REQUEST;
- /* report what we have accumulated so far before the
- * overflow (last_field) as the field with the problem
- */
- field_escaped = ap_escape_html(r->pool, last_field);
- apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Size of a request header field "
- "after folding "
- "exceeds server limit.<br />\n"
- "<pre>\n%.*s\n</pre>\n",
- field_name_len(field_escaped),
- field_escaped));
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00562)
- "Request header exceeds LimitRequestFieldSize "
- "after folding: %.*s",
- field_name_len(last_field), last_field);
- return;
- }
+ /* Append any newly-read obs-fold line onto the preceding
+ * last_field line we are processing
+ */
+ apr_size_t fold_len;
+
+ if (last_field == NULL) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03442)
+ "Line folding encountered before first"
+ " header line");
+ return;
+ }
+
+ if (field[1] == '\0') {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03443)
+ "Empty folded line encountered");
+ return;
+ }
+
+ /* Leading whitespace on an obs-fold line can be
+ * similarly discarded */
+ while (field[1] == '\t' || field[1] == ' ') {
+ ++field; --len;
+ }
+ /* This line is a continuation of the preceding line(s),
+ * so append it to the line that we've set aside.
+ * Note: this uses a power-of-two allocator to avoid
+ * doing O(n) allocs and using O(n^2) space for
+ * continuations that span many many lines.
+ */
+ fold_len = last_len + len + 1; /* trailing null */
+
+ if (fold_len >= (apr_size_t)(r->server->limit_req_fieldsize)) {
+ r->status = HTTP_BAD_REQUEST;
+ /* report what we have accumulated so far before the
+ * overflow (last_field) as the field with the problem
+ */
+ apr_table_setn(r->notes, "error-notes",
+ "Size of a request header field "
+ "exceeds server limit.");
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00562)
+ "Request header exceeds LimitRequestFieldSize "
+ "after folding: %.*s",
+ field_name_len(last_field), last_field);
+ return;
+ }
+
+ if (fold_len > alloc_len) {
+ char *fold_buf;
+ alloc_len += alloc_len;
if (fold_len > alloc_len) {
- char *fold_buf;
- alloc_len += alloc_len;
- if (fold_len > alloc_len) {
- alloc_len = fold_len;
- }
- fold_buf = (char *)apr_palloc(r->pool, alloc_len);
- memcpy(fold_buf, last_field, last_len);
- last_field = fold_buf;
+ alloc_len = fold_len;
}
- memcpy(last_field + last_len, field, len +1); /* +1 for nul */
- last_len += len;
- folded = 1;
+ fold_buf = (char *)apr_palloc(r->pool, alloc_len);
+ memcpy(fold_buf, last_field, last_len);
+ last_field = fold_buf;
}
- else /* not a continuation line */ {
+ memcpy(last_field + last_len, field, len +1); /* +1 for nul */
+ /* Replace obs-fold w/ SP per RFC 7230 3.2.4 */
+ last_field[last_len] = ' ';
+ last_len += len;
- if (r->server->limit_req_fields
+ /* We've appended this obs-fold line to last_len, proceed to
+ * read the next input line
+ */
+ continue;
+ }
+ else if (last_field != NULL) {
+
+ /* Process the previous last_field header line with all obs-folded
+ * segments already concatinated (this is not operating on the
+ * most recently read input line).
+ */
+
+ if (r->server->limit_req_fields
&& (++fields_read > r->server->limit_req_fields)) {
- r->status = HTTP_BAD_REQUEST;
- apr_table_setn(r->notes, "error-notes",
- "The number of request header fields "
- "exceeds this server's limit.");
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00563)
- "Number of request headers exceeds "
- "LimitRequestFields");
- return;
- }
+ r->status = HTTP_BAD_REQUEST;
+ apr_table_setn(r->notes, "error-notes",
+ "The number of request header fields "
+ "exceeds this server's limit.");
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00563)
+ "Number of request headers exceeds "
+ "LimitRequestFields");
+ return;
+ }
- if (!(value = strchr(last_field, ':'))) { /* Find ':' or */
- r->status = HTTP_BAD_REQUEST; /* abort bad request */
- apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Request header field is "
- "missing ':' separator.<br />\n"
- "<pre>\n%.*s</pre>\n",
- (int)LOG_NAME_MAX_LEN,
- ap_escape_html(r->pool,
- last_field)));
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00564)
+ if (!strict)
+ {
+ /* Not Strict ('Unsafe' mode), using the legacy parser */
+
+ if (!(value = strchr(last_field, ':'))) { /* Find ':' or */
+ r->status = HTTP_BAD_REQUEST; /* abort bad request */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00564)
"Request header field is missing ':' "
"separator: %.*s", (int)LOG_NAME_MAX_LEN,
last_field);
return;
}
- tmp_field = value - 1; /* last character of field-name */
+ /* last character of field-name */
+ tmp_field = value - (value > last_field ? 1 : 0);
*value++ = '\0'; /* NUL-terminate at colon */
+ if (strpbrk(last_field, "\t\n\v\f\r ")) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03452)
+ "Request header field name presented"
+ " invalid whitespace");
+ return;
+ }
+
while (*value == ' ' || *value == '\t') {
- ++value; /* Skip to start of value */
+ ++value; /* Skip to start of value */
}
- /* Strip LWS after field-name: */
- while (tmp_field > last_field
- && (*tmp_field == ' ' || *tmp_field == '\t')) {
- *tmp_field-- = '\0';
+ if (strpbrk(value, "\n\v\f\r")) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03451)
+ "Request header field value presented"
+ " bad whitespace");
+ return;
+ }
+
+ if (tmp_field == last_field) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03453)
+ "Request header field name was empty");
+ return;
}
+ }
+ else /* Using strict RFC7230 parsing */
+ {
+ /* Ensure valid token chars before ':' per RFC 7230 3.2.4 */
+ value = (char *)ap_scan_http_token(last_field);
+ if ((value == last_field) || *value != ':') {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02426)
+ "Request header field name is malformed: "
+ "%.*s", (int)LOG_NAME_MAX_LEN, last_field);
+ return;
+ }
+
+ *value++ = '\0'; /* NUL-terminate last_field name at ':' */
- /* Strip LWS after field-value: */
- tmp_field = last_field + last_len - 1;
- while (tmp_field > value
- && (*tmp_field == ' ' || *tmp_field == '\t')) {
- *tmp_field-- = '\0';
+ while (*value == ' ' || *value == '\t') {
+ ++value; /* Skip LWS of value */
}
- apr_table_addn(r->headers_in, last_field, value);
+ /* Find invalid, non-HT ctrl char, or the trailing NULL */
+ tmp_field = (char *)ap_scan_http_field_content(value);
- /* reset the alloc_len so that we'll allocate a new
- * buffer if we have to do any more folding: we can't
- * use the previous buffer because its contents are
- * now part of r->headers_in
+ /* Reject value for all garbage input (CTRLs excluding HT)
+ * e.g. only VCHAR / SP / HT / obs-text are allowed per
+ * RFC7230 3.2.6 - leave all more explicit rule enforcement
+ * for specific header handler logic later in the cycle
*/
- alloc_len = 0;
+ if (*tmp_field != '\0') {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02427)
+ "Request header value is malformed: "
+ "%.*s", (int)LOG_NAME_MAX_LEN, value);
+ return;
+ }
+ }
+
+ apr_table_addn(r->headers_in, last_field, value);
- } /* end if current line is not a continuation starting with tab */
+ /* This last_field header is now stored in headers_in,
+ * resume processing of the current input line.
+ */
}
- /* Found a blank line, stop. */
+ /* Found the terminating empty end-of-headers line, stop. */
if (len == 0) {
break;
}
- /* Keep track of this line so that we can parse it on
- * the next loop iteration. (In the folded case, last_field
- * has been updated already.)
+ /* Keep track of this new header line so that we can extend it across
+ * any obs-fold or parse it on the next loop iteration. We referenced
+ * our previously allocated buffer in r->headers_in,
+ * so allocate a fresh buffer if required.
*/
- if (!folded) {
- last_field = field;
- last_len = len;
- }
+ alloc_len = 0;
+ last_field = field;
+ last_len = len;
}
/* Combine multiple message-header fields with the same
@@ -912,7 +1199,7 @@ request_rec *ap_read_request(conn_rec *conn)
request_rec *r;
apr_pool_t *p;
const char *expect;
- int access_status = HTTP_OK;
+ int access_status;
apr_bucket_brigade *tmp_bb;
apr_socket_t *csd;
apr_interval_time_t cur_timeout;
@@ -971,16 +1258,19 @@ request_rec *ap_read_request(conn_rec *conn)
/* Get the request... */
if (!read_request_line(r, tmp_bb)) {
- if (r->status == HTTP_REQUEST_URI_TOO_LARGE
- || r->status == HTTP_BAD_REQUEST) {
+ switch (r->status) {
+ case HTTP_REQUEST_URI_TOO_LARGE:
+ case HTTP_BAD_REQUEST:
+ case HTTP_VERSION_NOT_SUPPORTED:
+ case HTTP_NOT_IMPLEMENTED:
if (r->status == HTTP_REQUEST_URI_TOO_LARGE) {
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00565)
"request failed: client's request-line exceeds LimitRequestLine (longer than %d)",
r->server->limit_req_line);
}
else if (r->method == NULL) {
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00566)
- "request failed: invalid characters in URI");
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00566)
+ "request failed: malformed request line");
}
access_status = r->status;
r->status = HTTP_OK;
@@ -990,19 +1280,17 @@ request_rec *ap_read_request(conn_rec *conn)
r = NULL;
apr_brigade_destroy(tmp_bb);
goto traceout;
- }
- else if (r->status == HTTP_REQUEST_TIME_OUT) {
+ case HTTP_REQUEST_TIME_OUT:
ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, NULL);
- if (!r->connection->keepalives) {
+ if (!r->connection->keepalives)
ap_run_log_transaction(r);
- }
apr_brigade_destroy(tmp_bb);
goto traceout;
+ default:
+ apr_brigade_destroy(tmp_bb);
+ r = NULL;
+ goto traceout;
}
-
- apr_brigade_destroy(tmp_bb);
- r = NULL;
- goto traceout;
}
/* We may have been in keep_alive_timeout mode, so toggle back
@@ -1021,7 +1309,7 @@ request_rec *ap_read_request(conn_rec *conn)
ap_get_mime_headers_core(r, tmp_bb);
if (r->status != HTTP_OK) {
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00567)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00567)
"request failed: error reading the headers");
ap_send_error_response(r, 0);
ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
@@ -1040,7 +1328,7 @@ request_rec *ap_read_request(conn_rec *conn)
*/
if (!(strcasecmp(tenc, "chunked") == 0 /* fast path */
|| ap_find_last_token(r->pool, tenc, "chunked"))) {
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(02539)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02539)
"client sent unknown Transfer-Encoding "
"(%s): %s", tenc, r->uri);
r->status = HTTP_BAD_REQUEST;
@@ -1061,25 +1349,6 @@ request_rec *ap_read_request(conn_rec *conn)
apr_table_unset(r->headers_in, "Content-Length");
}
}
- else {
- if (r->header_only) {
- /*
- * Client asked for headers only with HTTP/0.9, which doesn't send
- * headers! Have to dink things just to make sure the error message
- * comes through...
- */
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00568)
- "client sent invalid HTTP/0.9 request: HEAD %s",
- r->uri);
- r->header_only = 0;
- r->status = HTTP_BAD_REQUEST;
- ap_send_error_response(r, 0);
- ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
- ap_run_log_transaction(r);
- apr_brigade_destroy(tmp_bb);
- goto traceout;
- }
- }
apr_brigade_destroy(tmp_bb);
@@ -1087,6 +1356,7 @@ request_rec *ap_read_request(conn_rec *conn)
* now read. may update status.
*/
ap_update_vhost_from_headers(r);
+ access_status = r->status;
/* Toggle to the Host:-based vhost's timeout mode to fetch the
* request body and send the response body, if needed.
@@ -1110,7 +1380,7 @@ request_rec *ap_read_request(conn_rec *conn)
* a Host: header, and the server MUST respond with 400 if it doesn't.
*/
access_status = HTTP_BAD_REQUEST;
- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00569)
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00569)
"client sent HTTP/1.1 request without hostname "
"(see RFC2616 section 14.23): %s", r->uri);
}
diff --git a/server/request.c b/server/request.c
index eecc026..9377836 100644
--- a/server/request.c
+++ b/server/request.c
@@ -1960,6 +1960,8 @@ static request_rec *make_sub_request(const request_rec *r,
/* start with the same set of output filters */
if (next_filter) {
+ ap_filter_t *scan = next_filter;
+
/* while there are no input filters for a subrequest, we will
* try to insert some, so if we don't have valid data, the code
* will seg fault.
@@ -1968,8 +1970,16 @@ static request_rec *make_sub_request(const request_rec *r,
rnew->proto_input_filters = r->proto_input_filters;
rnew->output_filters = next_filter;
rnew->proto_output_filters = r->proto_output_filters;
- ap_add_output_filter_handle(ap_subreq_core_filter_handle,
- NULL, rnew, rnew->connection);
+ while (scan && (scan != r->proto_output_filters)) {
+ if (scan->frec == ap_subreq_core_filter_handle) {
+ break;
+ }
+ scan = scan->next;
+ }
+ if (!scan || scan == r->proto_output_filters) {
+ ap_add_output_filter_handle(ap_subreq_core_filter_handle,
+ NULL, rnew, rnew->connection);
+ }
}
else {
/* If NULL - we are expecting to be internal_fast_redirect'ed
diff --git a/server/scoreboard.c b/server/scoreboard.c
index 8e3403f..d83a849 100644
--- a/server/scoreboard.c
+++ b/server/scoreboard.c
@@ -399,7 +399,7 @@ AP_DECLARE(int) ap_find_child_by_pid(apr_proc_t *pid)
int i;
int max_daemons_limit = 0;
- ap_mpm_query(AP_MPMQ_MAX_DAEMONS, &max_daemons_limit);
+ ap_mpm_query(AP_MPMQ_MAX_DAEMON_USED, &max_daemons_limit);
for (i = 0; i < max_daemons_limit; ++i) {
if (ap_scoreboard_image->parent[i].pid == pid->pid) {
diff --git a/server/util.c b/server/util.c
index 06da789..fba34bd 100644
--- a/server/util.c
+++ b/server/util.c
@@ -79,7 +79,7 @@
* char in here and get it to work, because if char is signed then it
* will first be sign extended.
*/
-#define TEST_CHAR(c, f) (test_char_table[(unsigned)(c)] & (f))
+#define TEST_CHAR(c, f) (test_char_table[(unsigned char)(c)] & (f))
/* Win32/NetWare/OS2 need to check for both forward and back slashes
* in ap_getparents() and ap_escape_url.
@@ -1525,7 +1525,7 @@ AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p,
while (!string_end) {
const unsigned char c = (unsigned char)*cur;
- if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP) && c != '\0') {
+ if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP)) {
/* Non-separator character; we are finished with leading
* whitespace. We must never have encountered any trailing
* whitespace before the delimiter (comma) */
@@ -1593,6 +1593,37 @@ AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p,
return NULL;
}
+/* Scan a string for HTTP VCHAR/obs-text characters including HT and SP
+ * (as used in header values, for example, in RFC 7230 section 3.2)
+ * returning the pointer to the first non-HT ASCII ctrl character.
+ */
+AP_DECLARE(const char *) ap_scan_http_field_content(const char *ptr)
+{
+ for ( ; !TEST_CHAR(*ptr, T_HTTP_CTRLS); ++ptr) ;
+
+ return ptr;
+}
+
+/* Scan a string for HTTP token characters, returning the pointer to
+ * the first non-token character.
+ */
+AP_DECLARE(const char *) ap_scan_http_token(const char *ptr)
+{
+ for ( ; !TEST_CHAR(*ptr, T_HTTP_TOKEN_STOP); ++ptr) ;
+
+ return ptr;
+}
+
+/* Scan a string for visible ASCII (0x21-0x7E) or obstext (0x80+)
+ * and return a pointer to the first ctrl/space character encountered.
+ */
+AP_DECLARE(const char *) ap_scan_vchar_obstext(const char *ptr)
+{
+ for ( ; TEST_CHAR(*ptr, T_VCHAR_OBSTEXT); ++ptr) ;
+
+ return ptr;
+}
+
/* Retrieve a token, spacing over it and returning a pointer to
* the first non-white byte afterwards. Note that these tokens
* are delimited by semis and commas; and can also be delimited
diff --git a/server/util_cookies.c b/server/util_cookies.c
index 5139aec..82a514f 100644
--- a/server/util_cookies.c
+++ b/server/util_cookies.c
@@ -174,8 +174,9 @@ AP_DECLARE(apr_status_t) ap_cookie_remove2(request_rec * r, const char *name2, c
* $path or other attributes following our cookie if present. If we end
* up with an empty cookie, remove the whole header.
*/
-static int extract_cookie_line(ap_cookie_do * v, const char *key, const char *val)
+static int extract_cookie_line(void *varg, const char *key, const char *val)
{
+ ap_cookie_do *v = varg;
char *last1, *last2;
char *cookie = apr_pstrdup(v->r->pool, val);
const char *name = apr_pstrcat(v->r->pool, v->name ? v->name : "", "=", NULL);
@@ -252,8 +253,7 @@ AP_DECLARE(apr_status_t) ap_cookie_read(request_rec * r, const char *name, const
v.duplicated = 0;
v.name = name;
- apr_table_do((int (*) (void *, const char *, const char *))
- extract_cookie_line, (void *) &v, r->headers_in,
+ apr_table_do(extract_cookie_line, &v, r->headers_in,
"Cookie", "Cookie2", NULL);
if (v.duplicated) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00011) LOG_PREFIX
diff --git a/server/util_script.c b/server/util_script.c
index 308e009..4121ae0 100644
--- a/server/util_script.c
+++ b/server/util_script.c
@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
else if (!strcasecmp(hdrs[i].key, "Content-length")) {
apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val);
}
+ /* HTTP_PROXY collides with a popular envvar used to configure
+ * proxies, don't let clients set/override it. But, if you must...
+ */
+#ifndef SECURITY_HOLE_PASS_PROXY
+ else if (!ap_cstr_casecmp(hdrs[i].key, "Proxy")) {
+ ;
+ }
+#endif
/*
* You really don't want to disable this check, since it leaves you
* wide open to CGIs stealing passwords and people viewing them
diff --git a/server/vhost.c b/server/vhost.c
index b8b25e6..1896595 100644
--- a/server/vhost.c
+++ b/server/vhost.c
@@ -228,7 +228,7 @@ const char *ap_parse_vhost_addrs(apr_pool_t *p,
server_addr_rec **addrs;
const char *err;
- /* start the list of addreses */
+ /* start the list of addresses */
addrs = &s->addrs;
while (hostname[0]) {
err = get_addresses(p, ap_getword_conf(p, &hostname), &addrs, s->port);
@@ -574,7 +574,7 @@ AP_DECLARE(void) ap_fini_vhost_config(apr_pool_t *p, server_rec *main_s)
/* The next things to go into the hash table are the virtual hosts
* themselves. They're listed off of main_s->next in the reverse
- * order they occured in the config file, so we insert them at
+ * order they occurred in the config file, so we insert them at
* the iphash_table_tail but don't advance the tail.
*/
@@ -687,6 +687,116 @@ static int vhost_check_config(apr_pool_t *p, apr_pool_t *plog,
* run-time vhost matching functions
*/
+static apr_status_t fix_hostname_v6_literal(request_rec *r, char *host)
+{
+ char *dst;
+ int double_colon = 0;
+
+ for (dst = host; *dst; dst++) {
+ if (apr_isxdigit(*dst)) {
+ if (apr_isupper(*dst)) {
+ *dst = apr_tolower(*dst);
+ }
+ }
+ else if (*dst == ':') {
+ if (*(dst + 1) == ':') {
+ if (double_colon)
+ return APR_EINVAL;
+ double_colon = 1;
+ }
+ else if (*(dst + 1) == '.') {
+ return APR_EINVAL;
+ }
+ }
+ else if (*dst == '.') {
+ /* For IPv4-mapped IPv6 addresses like ::FFFF:129.144.52.38 */
+ if (*(dst + 1) == ':' || *(dst + 1) == '.')
+ return APR_EINVAL;
+ }
+ else {
+ return APR_EINVAL;
+ }
+ }
+ return APR_SUCCESS;
+}
+
+static apr_status_t fix_hostname_non_v6(request_rec *r, char *host)
+{
+ char *dst;
+
+ for (dst = host; *dst; dst++) {
+ if (apr_islower(*dst)) {
+ /* leave char unchanged */
+ }
+ else if (*dst == '.') {
+ if (*(dst + 1) == '.') {
+ return APR_EINVAL;
+ }
+ }
+ else if (apr_isupper(*dst)) {
+ *dst = apr_tolower(*dst);
+ }
+ else if (*dst == '/' || *dst == '\\') {
+ return APR_EINVAL;
+ }
+ }
+ /* strip trailing gubbins */
+ if (dst > host && dst[-1] == '.') {
+ dst[-1] = '\0';
+ }
+ return APR_SUCCESS;
+}
+
+/*
+ * If strict mode ever becomes the default, this should be folded into
+ * fix_hostname_non_v6()
+ */
+static apr_status_t strict_hostname_check(request_rec *r, char *host)
+{
+ char *ch;
+ int is_dotted_decimal = 1, leading_zeroes = 0, dots = 0;
+
+ for (ch = host; *ch; ch++) {
+ if (!apr_isascii(*ch)) {
+ goto bad;
+ }
+ else if (apr_isalpha(*ch) || *ch == '-') {
+ is_dotted_decimal = 0;
+ }
+ else if (ch[0] == '.') {
+ dots++;
+ if (ch[1] == '0' && apr_isdigit(ch[2]))
+ leading_zeroes = 1;
+ }
+ else if (!apr_isdigit(*ch)) {
+ /* also takes care of multiple Host headers by denying commas */
+ goto bad;
+ }
+ }
+ if (is_dotted_decimal) {
+ if (host[0] == '.' || (host[0] == '0' && apr_isdigit(host[1])))
+ leading_zeroes = 1;
+ if (leading_zeroes || dots != 3) {
+ /* RFC 3986 7.4 */
+ goto bad;
+ }
+ }
+ else {
+ /* The top-level domain must start with a letter (RFC 1123 2.1) */
+ while (ch > host && *ch != '.')
+ ch--;
+ if (ch[0] == '.' && ch[1] != '\0' && !apr_isalpha(ch[1]))
+ goto bad;
+ }
+ return APR_SUCCESS;
+
+bad:
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02415)
+ "[strict] Invalid host name '%s'%s%.6s",
+ host, *ch ? ", problem near: " : "", ch);
+ return APR_EINVAL;
+}
+
/* Lowercase and remove any trailing dot and/or :port from the hostname,
* and check that it is sane.
*
@@ -700,79 +810,90 @@ static int vhost_check_config(apr_pool_t *p, apr_pool_t *plog,
* Instead we just check for filesystem metacharacters: directory
* separators / and \ and sequences of more than one dot.
*/
-static void fix_hostname(request_rec *r)
+static int fix_hostname(request_rec *r, const char *host_header,
+ unsigned http_conformance)
{
+ const char *src;
char *host, *scope_id;
- char *dst;
apr_port_t port;
apr_status_t rv;
const char *c;
+ int is_v6literal = 0;
+ int strict = (http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
- /* According to RFC 2616, Host header field CAN be blank. */
- if (!*r->hostname) {
- return;
+ src = host_header ? host_header : r->hostname;
+
+ /* According to RFC 2616, Host header field CAN be blank */
+ if (!*src) {
+ return is_v6literal;
}
/* apr_parse_addr_port will interpret a bare integer as a port
* which is incorrect in this context. So treat it separately.
*/
- for (c = r->hostname; apr_isdigit(*c); ++c);
- if (!*c) { /* pure integer */
- return;
+ for (c = src; apr_isdigit(*c); ++c);
+ if (!*c) {
+ /* pure integer */
+ if (strict) {
+ /* RFC 3986 7.4 */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02416)
+ "[strict] purely numeric host names not allowed: %s",
+ src);
+ goto bad_nolog;
+ }
+ r->hostname = src;
+ return is_v6literal;
}
- rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool);
- if (rv != APR_SUCCESS || scope_id) {
- goto bad;
+ if (host_header) {
+ rv = apr_parse_addr_port(&host, &scope_id, &port, src, r->pool);
+ if (rv != APR_SUCCESS || scope_id)
+ goto bad;
+ if (port) {
+ /* Don't throw the Host: header's port number away:
+ save it in parsed_uri -- ap_get_server_port() needs it! */
+ /* @@@ XXX there should be a better way to pass the port.
+ * Like r->hostname, there should be a r->portno
+ */
+ r->parsed_uri.port = port;
+ r->parsed_uri.port_str = apr_itoa(r->pool, (int)port);
+ }
+ if (host_header[0] == '[')
+ is_v6literal = 1;
}
-
- if (port) {
- /* Don't throw the Host: header's port number away:
- save it in parsed_uri -- ap_get_server_port() needs it! */
- /* @@@ XXX there should be a better way to pass the port.
- * Like r->hostname, there should be a r->portno
+ else {
+ /*
+ * Already parsed, surrounding [ ] (if IPv6 literal) and :port have
+ * already been removed.
*/
- r->parsed_uri.port = port;
- r->parsed_uri.port_str = apr_itoa(r->pool, (int)port);
+ host = apr_pstrdup(r->pool, r->hostname);
+ if (ap_strchr(host, ':') != NULL)
+ is_v6literal = 1;
}
- /* if the hostname is an IPv6 numeric address string, it was validated
- * already; otherwise, further validation is needed
- */
- if (r->hostname[0] != '[') {
- for (dst = host; *dst; dst++) {
- if (apr_islower(*dst)) {
- /* leave char unchanged */
- }
- else if (*dst == '.') {
- if (*(dst + 1) == '.') {
- goto bad;
- }
- }
- else if (apr_isupper(*dst)) {
- *dst = apr_tolower(*dst);
- }
- else if (*dst == '/' || *dst == '\\') {
- goto bad;
- }
- }
- /* strip trailing gubbins */
- if (dst > host && dst[-1] == '.') {
- dst[-1] = '\0';
- }
+ if (is_v6literal) {
+ rv = fix_hostname_v6_literal(r, host);
}
+ else {
+ rv = fix_hostname_non_v6(r, host);
+ if (strict && rv == APR_SUCCESS)
+ rv = strict_hostname_check(r, host);
+ }
+ if (rv != APR_SUCCESS)
+ goto bad;
+
r->hostname = host;
- return;
+ return is_v6literal;
bad:
- r->status = HTTP_BAD_REQUEST;
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00550)
"Client sent malformed Host header: %s",
- r->hostname);
- return;
+ src);
+bad_nolog:
+ r->status = HTTP_BAD_REQUEST;
+ return is_v6literal;
}
-
/* return 1 if host matches ServerName or ServerAliases */
static int matches_aliases(server_rec *s, const char *host)
{
@@ -982,15 +1103,76 @@ static void check_serverpath(request_rec *r)
}
}
+static APR_INLINE const char *construct_host_header(request_rec *r,
+ int is_v6literal)
+{
+ struct iovec iov[5];
+ apr_size_t nvec = 0;
+ /*
+ * We cannot use ap_get_server_name/port here, because we must
+ * ignore UseCanonicalName/Port.
+ */
+ if (is_v6literal) {
+ iov[nvec].iov_base = "[";
+ iov[nvec].iov_len = 1;
+ nvec++;
+ }
+ iov[nvec].iov_base = (void *)r->hostname;
+ iov[nvec].iov_len = strlen(r->hostname);
+ nvec++;
+ if (is_v6literal) {
+ iov[nvec].iov_base = "]";
+ iov[nvec].iov_len = 1;
+ nvec++;
+ }
+ if (r->parsed_uri.port_str) {
+ iov[nvec].iov_base = ":";
+ iov[nvec].iov_len = 1;
+ nvec++;
+ iov[nvec].iov_base = r->parsed_uri.port_str;
+ iov[nvec].iov_len = strlen(r->parsed_uri.port_str);
+ nvec++;
+ }
+ return apr_pstrcatv(r->pool, iov, nvec, NULL);
+}
AP_DECLARE(void) ap_update_vhost_from_headers(request_rec *r)
{
- /* must set this for HTTP/1.1 support */
- if (r->hostname || (r->hostname = apr_table_get(r->headers_in, "Host"))) {
- fix_hostname(r);
- if (r->status != HTTP_OK)
- return;
+ core_server_config *conf = ap_get_core_module_config(r->server->module_config);
+ const char *host_header = apr_table_get(r->headers_in, "Host");
+ int is_v6literal = 0;
+ int have_hostname_from_url = 0;
+
+ if (r->hostname) {
+ /*
+ * If there was a host part in the Request-URI, ignore the 'Host'
+ * header.
+ */
+ have_hostname_from_url = 1;
+ is_v6literal = fix_hostname(r, NULL, conf->http_conformance);
+ }
+ else if (host_header != NULL) {
+ is_v6literal = fix_hostname(r, host_header, conf->http_conformance);
}
+ if (r->status != HTTP_OK)
+ return;
+
+ if (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE) {
+ /*
+ * If we have both hostname from an absoluteURI and a Host header,
+ * we must ignore the Host header (RFC 2616 5.2).
+ * To enforce this, we reset the Host header to the value from the
+ * request line.
+ */
+ if (have_hostname_from_url && host_header != NULL) {
+ const char *repl = construct_host_header(r, is_v6literal);
+ apr_table_set(r->headers_in, "Host", repl);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02417)
+ "Replacing host header '%s' with host '%s' given "
+ "in the request uri", host_header, repl);
+ }
+ }
+
/* check if we tucked away a name_chain */
if (r->connection->vhost_lookup_data) {
if (r->hostname)
diff --git a/support/ab.c b/support/ab.c
index 902b102..072d2e6 100644
--- a/support/ab.c
+++ b/support/ab.c
@@ -194,6 +194,9 @@ typedef STACK_OF(X509) X509_STACK_TYPE;
#ifdef SSL_OP_NO_TLSv1_2
#define HAVE_TLSV1_X
#endif
+#if !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name)
+#define HAVE_TLSEXT
+#endif
#endif
#include <math.h>
@@ -310,7 +313,7 @@ int isproxy = 0;
apr_interval_time_t aprtimeout = apr_time_from_sec(30); /* timeout value */
/* overrides for ab-generated common headers */
-int opt_host = 0; /* was an optional "Host:" header specified? */
+const char *opt_host; /* which optional "Host:" header specified, if any */
int opt_useragent = 0; /* was an optional "User-Agent:" header specified? */
int opt_accept = 0; /* was an optional "Accept:" header specified? */
/*
@@ -343,6 +346,10 @@ SSL_CTX *ssl_ctx;
char *ssl_cipher = NULL;
char *ssl_info = NULL;
BIO *bio_out,*bio_err;
+#ifdef HAVE_TLSEXT
+int tls_use_sni = 1; /* used by default, -I disables it */
+const char *tls_sni = NULL; /* 'opt_host' if any, 'hostname' otherwise */
+#endif
#endif
apr_time_t start, lasttime, stoptime;
@@ -864,6 +871,11 @@ static void output_results(int sig)
if (is_ssl && ssl_info) {
printf("SSL/TLS Protocol: %s\n", ssl_info);
}
+#ifdef HAVE_TLSEXT
+ if (is_ssl && tls_sni) {
+ printf("TLS Server Name: %s\n", tls_sni);
+ }
+#endif
#endif
printf("\n");
printf("Document Path: %s\n", path);
@@ -1332,6 +1344,11 @@ static void start_connect(struct connection * c)
BIO_set_callback(bio, ssl_print_cb);
BIO_set_callback_arg(bio, (void *)bio_err);
}
+#ifdef HAVE_TLSEXT
+ if (tls_sni) {
+ SSL_set_tlsext_host_name(c->ssl, tls_sni);
+ }
+#endif
} else {
c->ssl = NULL;
}
@@ -1710,6 +1727,18 @@ static void test(void)
/* Header overridden, no need to add, as it is already in hdrs */
}
+#ifdef HAVE_TLSEXT
+ if (is_ssl && tls_use_sni) {
+ apr_ipsubnet_t *ip;
+ if (((tls_sni = opt_host) || (tls_sni = hostname)) &&
+ (!*tls_sni || apr_ipsubnet_create(&ip, tls_sni, NULL,
+ cntxt) == APR_SUCCESS)) {
+ /* IP not allowed in TLS SNI extension */
+ tls_sni = NULL;
+ }
+ }
+#endif
+
if (!opt_useragent) {
/* User-Agent: header not overridden, add default value to hdrs */
hdrs = apr_pstrcat(cntxt, hdrs, "User-Agent: ApacheBench/", AP_AB_BASEREVISION, "\r\n", NULL);
@@ -1926,14 +1955,14 @@ static void test(void)
static void copyright(void)
{
if (!use_html) {
- printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1748469 $>");
+ printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1757674 $>");
printf("Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n");
printf("Licensed to The Apache Software Foundation, http://www.apache.org/\n");
printf("\n");
}
else {
printf("<p>\n");
- printf(" This is ApacheBench, Version %s <i><%s></i><br>\n", AP_AB_BASEREVISION, "$Revision: 1748469 $");
+ printf(" This is ApacheBench, Version %s <i><%s></i><br>\n", AP_AB_BASEREVISION, "$Revision: 1757674 $");
printf(" Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n");
printf(" Licensed to The Apache Software Foundation, http://www.apache.org/<br>\n");
printf("</p>\n<p>\n");
@@ -2009,6 +2038,9 @@ static void usage(const char *progname)
#define TLS1_X_HELP_MSG ""
#endif
+#ifdef HAVE_TLSEXT
+ fprintf(stderr, " -I Disable TLS Server Name Indication (SNI) extension\n");
+#endif
fprintf(stderr, " -Z ciphersuite Specify SSL/TLS cipher suite (See openssl ciphers)\n");
fprintf(stderr, " -f protocol Specify SSL/TLS protocol\n");
fprintf(stderr, " (" SSL2_HELP_MSG SSL3_HELP_MSG "TLS1" TLS1_X_HELP_MSG " or ALL)\n");
@@ -2172,7 +2204,7 @@ int main(int argc, const char * const argv[])
myhost = NULL; /* 0.0.0.0 or :: */
apr_getopt_init(&opt, cntxt, argc, argv);
- while ((status = apr_getopt(opt, "n:c:t:s:b:T:p:u:v:lrkVhwix:y:z:C:H:P:A:g:X:de:SqB:m:"
+ while ((status = apr_getopt(opt, "n:c:t:s:b:T:p:u:v:lrkVhwiIx:y:z:C:H:P:A:g:X:de:SqB:m:"
#ifdef USE_SSL
"Z:f:"
#endif
@@ -2291,7 +2323,16 @@ int main(int argc, const char * const argv[])
* allow override of some of the common headers that ab adds
*/
if (strncasecmp(opt_arg, "Host:", 5) == 0) {
- opt_host = 1;
+ char *host;
+ apr_size_t len;
+ opt_arg += 5;
+ while (apr_isspace(*opt_arg))
+ opt_arg++;
+ len = strlen(opt_arg);
+ host = strdup(opt_arg);
+ while (len && apr_isspace(host[len-1]))
+ host[--len] = '\0';
+ opt_host = host;
} else if (strncasecmp(opt_arg, "Accept:", 7) == 0) {
opt_accept = 1;
} else if (strncasecmp(opt_arg, "User-Agent:", 11) == 0) {
@@ -2355,10 +2396,16 @@ int main(int argc, const char * const argv[])
#ifndef OPENSSL_NO_SSL2
} else if (strncasecmp(opt_arg, "SSL2", 4) == 0) {
meth = SSLv2_client_method();
+#ifdef HAVE_TLSEXT
+ tls_use_sni = 0;
+#endif
#endif
#ifndef OPENSSL_NO_SSL3
} else if (strncasecmp(opt_arg, "SSL3", 4) == 0) {
meth = SSLv3_client_method();
+#ifdef HAVE_TLSEXT
+ tls_use_sni = 0;
+#endif
#endif
#ifdef HAVE_TLSV1_X
} else if (strncasecmp(opt_arg, "TLS1.1", 6) == 0) {
@@ -2370,6 +2417,11 @@ int main(int argc, const char * const argv[])
meth = TLSv1_client_method();
}
break;
+#ifdef HAVE_TLSEXT
+ case 'I':
+ tls_use_sni = 0;
+ break;
+#endif
#endif
}
}
diff --git a/support/checkgid.c b/support/checkgid.c
index 2a918b2..29de650 100644
--- a/support/checkgid.c
+++ b/support/checkgid.c
@@ -15,7 +15,7 @@
*/
/*
- * Given one or more group identifers on the command line (e.g.,
+ * Given one or more group identifiers on the command line (e.g.,
* "httpd" or "#-1"), figure out whether they'll be valid for
* the server to use at run-time.
*
diff --git a/support/htcacheclean.c b/support/htcacheclean.c
index 92d09e1..8692377 100644
--- a/support/htcacheclean.c
+++ b/support/htcacheclean.c
@@ -1046,9 +1046,9 @@ static void purge(char *path, apr_pool_t *pool, apr_off_t max,
return;
}
- /* process remaining entries oldest to newest, the check for an emtpy
+ /* process remaining entries oldest to newest, the check for an empty
* ring actually isn't necessary except when the compiler does
- * corrupt 64bit arithmetics which happend to me once, so better safe
+ * corrupt 64bit arithmetics which happened to me once, so better safe
* than sorry
*/
while (!((!s.max || s.sum <= s.max) && (!s.inodes || s.nodes <= s.inodes))
diff --git a/support/logresolve.c b/support/logresolve.c
index 71dca45..87df4e8 100644
--- a/support/logresolve.c
+++ b/support/logresolve.c
@@ -258,7 +258,7 @@ int main(int argc, const char * const argv[])
resolves++;
/* From here on our we cache each result, even if it was not
- * succesful
+ * successful
*/
cachesize++;
diff --git a/support/logresolve.pl.in b/support/logresolve.pl.in
index 9fd7cef..2cd212d 100644
--- a/support/logresolve.pl.in
+++ b/support/logresolve.pl.in
@@ -41,7 +41,7 @@
# logfile lines processed per hour compared to ~45,000 per hour
# with 'logresolve'.
#
-# I haven't yet seen any noticable reduction in the percentage of IPs
+# I haven't yet seen any noticeable reduction in the percentage of IPs
# that fail to get resolved. Your mileage will no doubt vary. 5s is long
# enough to wait IMO.
#
@@ -207,7 +207,7 @@ sub nslookup {
# do the hostname lookup inside an eval. The eval will use the
# already configured SIGnal handler and drop out of the {} block
- # regardless of whether the alarm occured or not.
+ # regardless of whether the alarm occurred or not.
eval {
alarm($TIMEOUT);
$hostname = gethostbyaddr(gethostbyname($ip), AF_INET);
diff --git a/test/make_sni.sh b/test/make_sni.sh
index e76d2da..b8b651d 100644
--- a/test/make_sni.sh
+++ b/test/make_sni.sh
@@ -82,7 +82,7 @@ do
done
if [ $# = 1 ]; then
- echo "Aborted - just specifing one vhost makes no sense for SNI testing. Go wild !"
+ echo "Aborted - just specifying one vhost makes no sense for SNI testing. Go wild !"
exit 1
fi
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list