summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:27 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:27 +0000
commitc54018b07a9085c0a3aedbc2bd01a85a3b3e20cf (patch)
treef6e1d6fcf9f6db3794c418b2f89ecf9e08ff41c8 /include
parentAdding debian version 2.4.38-3+deb10u10. (diff)
downloadapache2-c54018b07a9085c0a3aedbc2bd01a85a3b3e20cf.tar.xz
apache2-c54018b07a9085c0a3aedbc2bd01a85a3b3e20cf.zip
Merging upstream version 2.4.59.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--include/ap_config_auto.h.in194
-rw-r--r--include/ap_expr.h4
-rw-r--r--include/ap_mmn.h79
-rw-r--r--include/ap_mpm.h103
-rw-r--r--include/ap_regex.h23
-rw-r--r--include/ap_release.h4
-rw-r--r--include/http_config.h43
-rw-r--r--include/http_connection.h15
-rw-r--r--include/http_core.h61
-rw-r--r--include/http_protocol.h104
-rw-r--r--include/http_request.h22
-rw-r--r--include/http_ssl.h317
-rw-r--r--include/http_vhost.h13
-rw-r--r--include/httpd.h279
-rw-r--r--include/mod_auth.h2
-rw-r--r--include/mpm_common.h9
-rw-r--r--include/scoreboard.h9
-rw-r--r--include/util_fcgi.h2
-rw-r--r--include/util_ldap.h3
-rw-r--r--include/util_script.h2
-rw-r--r--include/util_time.h4
21 files changed, 1169 insertions, 123 deletions
diff --git a/include/ap_config_auto.h.in b/include/ap_config_auto.h.in
index ff93e54..b4de75a 100644
--- a/include/ap_config_auto.h.in
+++ b/include/ap_config_auto.h.in
@@ -52,15 +52,18 @@
/* Using autoconf to configure Apache */
#undef AP_USING_AUTOCONF
-/* Define to 1 if you have the `arc4random_buf' function. */
+/* Define to 1 if you have the 'arc4random_buf' function. */
#undef HAVE_ARC4RANDOM_BUF
-/* Define to 1 if you have the `bindprocessor' function. */
+/* Define to 1 if you have the 'bindprocessor' function. */
#undef HAVE_BINDPROCESSOR
/* Define to 1 if you have the <bstring.h> header file. */
#undef HAVE_BSTRING_H
+/* Define if crypt() supports SHA-2 hashes */
+#undef HAVE_CRYPT_SHA2
+
/* Define if curl is available */
#undef HAVE_CURL
@@ -73,31 +76,31 @@
/* Define to 1 if you have the <distcache/dc_client.h> header file. */
#undef HAVE_DISTCACHE_DC_CLIENT_H
-/* Define to 1 if you have the `ENGINE_init' function. */
+/* Define to 1 if you have the 'ENGINE_init' function. */
#undef HAVE_ENGINE_INIT
-/* Define to 1 if you have the `ENGINE_load_builtin_engines' function. */
+/* Define to 1 if you have the 'ENGINE_load_builtin_engines' function. */
#undef HAVE_ENGINE_LOAD_BUILTIN_ENGINES
-/* Define to 1 if you have the `epoll_create' function. */
+/* Define to 1 if you have the 'epoll_create' function. */
#undef HAVE_EPOLL_CREATE
-/* Define to 1 if you have the `fopen64' function. */
+/* Define to 1 if you have the 'fopen64' function. */
#undef HAVE_FOPEN64
-/* Define to 1 if you have the `getgrnam' function. */
+/* Define to 1 if you have the 'getgrnam' function. */
#undef HAVE_GETGRNAM
-/* Define to 1 if you have the `getloadavg' function. */
+/* Define to 1 if you have the 'getloadavg' function. */
#undef HAVE_GETLOADAVG
-/* Define to 1 if you have the `getpgid' function. */
+/* Define to 1 if you have the 'getpgid' function. */
#undef HAVE_GETPGID
-/* Define to 1 if you have the `getpwnam' function. */
+/* Define to 1 if you have the 'getpwnam' function. */
#undef HAVE_GETPWNAM
-/* Define if you have gettid() */
+/* Define to 1 if you have the 'gettid' function. */
#undef HAVE_GETTID
/* Define if struct tm has a tm_gmtoff field */
@@ -106,7 +109,7 @@
/* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H
-/* Define to 1 if you have the `initgroups' function. */
+/* Define to 1 if you have the 'initgroups' function. */
#undef HAVE_INITGROUPS
/* Define to 1 if you have the <inttypes.h> header file. */
@@ -115,17 +118,17 @@
/* Define if jansson is available */
#undef HAVE_JANSSON
-/* Define to 1 if you have the `killpg' function. */
+/* Define to 1 if you have the 'killpg' function. */
#undef HAVE_KILLPG
-/* Define to 1 if you have the `kqueue' function. */
+/* Define to 1 if you have the 'kqueue' function. */
#undef HAVE_KQUEUE
/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
+/* Define to 1 if you have the <minix/config.h> header file. */
+#undef HAVE_MINIX_CONFIG_H
/* Define if nghttp2 is available */
#undef HAVE_NGHTTP2
@@ -133,22 +136,31 @@
/* Define to 1 if you have the <nghttp2/nghttp2.h> header file. */
#undef HAVE_NGHTTP2_NGHTTP2_H
+/* Define to 1 if you have the 'nghttp2_option_set_no_closed_streams'
+ function. */
+#undef HAVE_NGHTTP2_OPTION_SET_NO_CLOSED_STREAMS
+
+/* Define to 1 if you have the
+ 'nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation'
+ function. */
+#undef HAVE_NGHTTP2_OPTION_SET_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION
+
/* Define to 1 if you have the
- `nghttp2_session_callbacks_set_on_invalid_header_callback' function. */
+ 'nghttp2_session_callbacks_set_on_invalid_header_callback' function. */
#undef HAVE_NGHTTP2_SESSION_CALLBACKS_SET_ON_INVALID_HEADER_CALLBACK
-/* Define to 1 if you have the `nghttp2_session_change_stream_priority'
+/* Define to 1 if you have the 'nghttp2_session_change_stream_priority'
function. */
#undef HAVE_NGHTTP2_SESSION_CHANGE_STREAM_PRIORITY
-/* Define to 1 if you have the `nghttp2_session_get_stream_local_window_size'
+/* Define to 1 if you have the 'nghttp2_session_get_stream_local_window_size'
function. */
#undef HAVE_NGHTTP2_SESSION_GET_STREAM_LOCAL_WINDOW_SIZE
-/* Define to 1 if you have the `nghttp2_session_server_new2' function. */
+/* Define to 1 if you have the 'nghttp2_session_server_new2' function. */
#undef HAVE_NGHTTP2_SESSION_SERVER_NEW2
-/* Define to 1 if you have the `nghttp2_stream_get_weight' function. */
+/* Define to 1 if you have the 'nghttp2_stream_get_weight' function. */
#undef HAVE_NGHTTP2_STREAM_GET_WEIGHT
/* Define if OpenSSL is available */
@@ -157,33 +169,45 @@
/* Define to 1 if you have the <openssl/engine.h> header file. */
#undef HAVE_OPENSSL_ENGINE_H
-/* Define to 1 if you have the `port_create' function. */
+/* Define to 1 if you have the 'OPENSSL_init_ssl' function. */
+#undef HAVE_OPENSSL_INIT_SSL
+
+/* Detected PCRE2 */
+#undef HAVE_PCRE2
+
+/* Define to 1 if you have the 'port_create' function. */
#undef HAVE_PORT_CREATE
-/* Define to 1 if you have the `prctl' function. */
+/* Define to 1 if you have the 'prctl' function. */
#undef HAVE_PRCTL
/* Define to 1 if you have the <priv.h> header file. */
#undef HAVE_PRIV_H
-/* Define to 1 if you have the `pthread_kill' function. */
+/* Define to 1 if you have the 'pthread_kill' function. */
#undef HAVE_PTHREAD_KILL
/* Define to 1 if you have the <pwd.h> header file. */
#undef HAVE_PWD_H
-/* Define to 1 if you have the `RAND_egd' function. */
+/* Define to 1 if you have the 'RAND_egd' function. */
#undef HAVE_RAND_EGD
-/* Define to 1 if you have the `setsid' function. */
+/* Define if rustls is available */
+#undef HAVE_RUSTLS
+
+/* Define to 1 if you have the 'setsid' function. */
#undef HAVE_SETSID
-/* Define to 1 if you have the `SSL_CTX_new' function. */
+/* Define to 1 if you have the 'SSL_CTX_new' function. */
#undef HAVE_SSL_CTX_NEW
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
+/* Define to 1 if you have the <stdio.h> header file. */
+#undef HAVE_STDIO_H
+
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
@@ -193,9 +217,18 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
-/* Define to 1 if you have the `syslog' function. */
+/* Define to 1 if you have the 'syslog' function. */
#undef HAVE_SYSLOG
+/* Define if systemd is supported */
+#undef HAVE_SYSTEMD
+
+/* Define to 1 if you have the <systemd/sd-daemon.h> header file. */
+#undef HAVE_SYSTEMD_SD_DAEMON_H
+
+/* Define if you have gettid() via syscall() */
+#undef HAVE_SYS_GETTID
+
/* Define to 1 if you have the <sys/ipc.h> header file. */
#undef HAVE_SYS_IPC_H
@@ -235,18 +268,21 @@
/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
#undef HAVE_SYS_WAIT_H
-/* Define to 1 if you have the `timegm' function. */
+/* Define to 1 if you have the 'timegm' function. */
#undef HAVE_TIMEGM
-/* Define to 1 if you have the `times' function. */
+/* Define to 1 if you have the 'times' function. */
#undef HAVE_TIMES
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
-/* Define to 1 if you have the `vsyslog' function. */
+/* Define to 1 if you have the 'vsyslog' function. */
#undef HAVE_VSYSLOG
+/* Define to 1 if you have the <wchar.h> header file. */
+#undef HAVE_WCHAR_H
+
/* Root directory of the Apache install area */
#undef HTTPD_ROOT
@@ -274,45 +310,107 @@
/* This platform doesn't suffer from the thundering herd problem */
#undef SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C89 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Path to suexec binary */
#undef SUEXEC_BIN
-/* Enable extensions on AIX 3, Interix. */
+/* Enable extensions on AIX, Interix, z/OS. */
#ifndef _ALL_SOURCE
# undef _ALL_SOURCE
#endif
+/* Enable general extensions on macOS. */
+#ifndef _DARWIN_C_SOURCE
+# undef _DARWIN_C_SOURCE
+#endif
+/* Enable general extensions on Solaris. */
+#ifndef __EXTENSIONS__
+# undef __EXTENSIONS__
+#endif
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# undef _GNU_SOURCE
#endif
-/* Enable threading extensions on Solaris. */
+/* Enable X/Open compliant socket functions that do not require linking
+ with -lxnet on HP-UX 11.11. */
+#ifndef _HPUX_ALT_XOPEN_SOCKET_API
+# undef _HPUX_ALT_XOPEN_SOCKET_API
+#endif
+/* Identify the host operating system as Minix.
+ This macro does not affect the system headers' behavior.
+ A future release of Autoconf may stop defining this macro. */
+#ifndef _MINIX
+# undef _MINIX
+#endif
+/* Enable general extensions on NetBSD.
+ Enable NetBSD compatibility extensions on Minix. */
+#ifndef _NETBSD_SOURCE
+# undef _NETBSD_SOURCE
+#endif
+/* Enable OpenBSD compatibility extensions on NetBSD.
+ Oddly enough, this does nothing on OpenBSD. */
+#ifndef _OPENBSD_SOURCE
+# undef _OPENBSD_SOURCE
+#endif
+/* Define to 1 if needed for POSIX-compatible behavior. */
+#ifndef _POSIX_SOURCE
+# undef _POSIX_SOURCE
+#endif
+/* Define to 2 if needed for POSIX-compatible behavior. */
+#ifndef _POSIX_1_SOURCE
+# undef _POSIX_1_SOURCE
+#endif
+/* Enable POSIX-compatible threading on Solaris. */
#ifndef _POSIX_PTHREAD_SEMANTICS
# undef _POSIX_PTHREAD_SEMANTICS
#endif
+/* Enable extensions specified by ISO/IEC TS 18661-5:2014. */
+#ifndef __STDC_WANT_IEC_60559_ATTRIBS_EXT__
+# undef __STDC_WANT_IEC_60559_ATTRIBS_EXT__
+#endif
+/* Enable extensions specified by ISO/IEC TS 18661-1:2014. */
+#ifndef __STDC_WANT_IEC_60559_BFP_EXT__
+# undef __STDC_WANT_IEC_60559_BFP_EXT__
+#endif
+/* Enable extensions specified by ISO/IEC TS 18661-2:2015. */
+#ifndef __STDC_WANT_IEC_60559_DFP_EXT__
+# undef __STDC_WANT_IEC_60559_DFP_EXT__
+#endif
+/* Enable extensions specified by C23 Annex F. */
+#ifndef __STDC_WANT_IEC_60559_EXT__
+# undef __STDC_WANT_IEC_60559_EXT__
+#endif
+/* Enable extensions specified by ISO/IEC TS 18661-4:2015. */
+#ifndef __STDC_WANT_IEC_60559_FUNCS_EXT__
+# undef __STDC_WANT_IEC_60559_FUNCS_EXT__
+#endif
+/* Enable extensions specified by C23 Annex H and ISO/IEC TS 18661-3:2015. */
+#ifndef __STDC_WANT_IEC_60559_TYPES_EXT__
+# undef __STDC_WANT_IEC_60559_TYPES_EXT__
+#endif
+/* Enable extensions specified by ISO/IEC TR 24731-2:2010. */
+#ifndef __STDC_WANT_LIB_EXT2__
+# undef __STDC_WANT_LIB_EXT2__
+#endif
+/* Enable extensions specified by ISO/IEC 24747:2009. */
+#ifndef __STDC_WANT_MATH_SPEC_FUNCS__
+# undef __STDC_WANT_MATH_SPEC_FUNCS__
+#endif
/* Enable extensions on HP NonStop. */
#ifndef _TANDEM_SOURCE
# undef _TANDEM_SOURCE
#endif
-/* Enable general extensions on Solaris. */
-#ifndef __EXTENSIONS__
-# undef __EXTENSIONS__
+/* Enable X/Open extensions. Define to 500 only if necessary
+ to make mbstate_t available. */
+#ifndef _XOPEN_SOURCE
+# undef _XOPEN_SOURCE
#endif
-/* Define to 1 if on MINIX. */
-#undef _MINIX
-
-/* Define to 2 if the system does not provide POSIX.1 features except with
- this defined. */
-#undef _POSIX_1_SOURCE
-
-/* Define to 1 if you need to in order for `stat' and other things to work. */
-#undef _POSIX_SOURCE
-
-/* Define to empty if `const' does not conform to ANSI C. */
+/* Define to empty if 'const' does not conform to ANSI C. */
#undef const
/* Define to 'int' if <sys/resource.h> doesn't define it for us */
diff --git a/include/ap_expr.h b/include/ap_expr.h
index 55fff36..8e57fcd 100644
--- a/include/ap_expr.h
+++ b/include/ap_expr.h
@@ -57,7 +57,7 @@ typedef struct {
* operators)
*/
#define AP_EXPR_FLAG_SSL_EXPR_COMPAT 1
-/** Don't add siginificant request headers to the Vary response header */
+/** Don't add significant request headers to the Vary response header */
#define AP_EXPR_FLAG_DONT_VARY 2
/** Don't allow functions/vars that bypass the current request's access
* restrictions or would otherwise leak confidential information.
@@ -282,7 +282,7 @@ typedef struct {
/** Function for looking up the provider function for a variable, operator
* or function in an expression.
- * @param parms The parameter struct, also determins where the result is
+ * @param parms The parameter struct, also determines where the result is
* stored.
* @return OK on success,
* !OK on failure,
diff --git a/include/ap_mmn.h b/include/ap_mmn.h
index 2167baa..6f80ab3 100644
--- a/include/ap_mmn.h
+++ b/include/ap_mmn.h
@@ -523,7 +523,82 @@
* 20120211.82 (2.4.35-dev) Add optional function declaration for
* ap_proxy_balancer_get_best_worker to mod_proxy.h.
* 20120211.83 (2.4.35-dev) Add client64 field to worker_score struct
- *
+ * 20120211.84 (2.4.35-dev) Add ap_no2slash_ex() and merge_slashes to
+ * core_server_conf.
+ * 20120211.85 (2.4.40-dev) add ap_set_conn_count().
+ * 20120211.86 (2.4.40-dev) Add forward_100_continue{,_set} to proxy_dir_conf
+ * 20120211.87 (2.4.40-dev) Add dav_popen_propdb
+ * 20120211.88 (2.4.40-dev) Add ap_dir_nofnmatch() and ap_dir_fnmatch().
+ * 20120211.89 (2.4.42-dev) Add add dns_pool to proxy_conn_pool and define
+ * AP_VOLATILIZE_T.
+ * 20120211.90 (2.4.42-dev) AP_REG_DEFAULT macro in ap_regex.h
+ * 20120211.91 (2.4.42-dev) Add ap_is_chunked() in httpd.h
+ * 20120211.92 (2.4.42-dev) AP_REG_NO_DEFAULT macro in ap_regex.h
+ * 20120211.93 (2.4.44-dev) Add ap_parse_strict_length()
+ * 20120211.94 (2.4.47-dev) Add ap_proxy_define_match_worker()
+ * 20120211.95 (2.4.47-dev) Add proxy check_trans hook
+ * 20120211.96 (2.4.47-dev) Add ap_get_status_line_ex()
+ * 20120211.97 (2.4.47-dev) Add read_buf_size member to core_dir_config,
+ * flush_max_threshold and flush_max_pipelined to
+ * core_server_config, and ap_get_read_buf_size().
+ * 20120211.98 (2.4.47-dev) Add ap_proxy_should_override to mod_proxy.h
+ * 20120211.99 (2.4.47-dev) Add proxy_tunnel_rec, ap_proxy_tunnel_create()
+ * and ap_proxy_tunnel_run() to proxy_util.
+ * 20120211.99 (2.4.47-dev) Add ap_proxy_worker_can_upgrade()
+ * 20120211.100 (2.4.47-dev) Add ap_proxy_prefetch_input(),
+ * ap_proxy_spool_input() and
+ * ap_proxy_read_input().
+ * 20120211.101 (2.4.47-dev) ETAG_DIGEST in http_core.h. struct etag_rec,
+ * ap_make_etag_ex() and ap_set_etag_fd() in
+ * http_protocol.h. ap_request_bnotes_t,
+ * AP_REQUEST_STRONG_ETAG, AP_REQUEST_GET_BNOTE,
+ * AP_REQUEST_SET_BNOTE and AP_REQUEST_IS_STRONG_ETAG
+ * in httpd.h.
+ * 20120211.102 (2.4.47-dev) Add ap_ssl_conn_is_ssl()/ap_ssl_var_lookup() and hooks
+ * 20120211.103 (2.4.47-dev) Add ap_ssl_add_cert_files, ap_ssl_add_fallback_cert_files
+ * and ap_ssl_answer_challenge and hooks.
+ * 20120211.104 (2.4.47-dev) Move ap_ssl_* into new http_ssl.h header file
+ * 20120211.105 (2.4.47-dev) Add ap_ssl_ocsp* hooks and functions to http_ssl.h.
+ * 20120211.106 (2.4.49-dev) Add ap_create_request().
+ * 20120211.107 (2.4.49-dev) Add ap_parse_request_line() and
+ * ap_check_request_header()
+ * 20120211.108 (2.4.49-dev) Add ajp_handle_cping_cpong
+ * 20120211.109 (2.4.49-dev) Add ap_normalize_path(),
+ * pre_translate_name hook and
+ * Add map_encoded_one and map_encoded_all bits to
+ * proxy_server_conf.
+ * 20120211.110 (2.4.49-dev) Add hook child_stopping to get informed that a child
+ * is being shut down.
+ * 20120211.111 (2.4.49-dev) Add dav_get_provider(), dav_open_lockdb(),
+ * dav_close_lockdb() and dav_get_resource() to
+ * mod_dav.h.
+ * 20120211.112 (2.4.49-dev) Add deliver_report and gather_reports hooks.
+ * 20120211.113 (2.4.49-dev) Add method_precondition hook.
+ * 20120211.114 (2.4.49-dev) Add optional balancer_manage function.
+ * 20120211.115 (2.4.49-dev) Add ap_proxy_get_worker_ex() and
+ * ap_proxy_define_worker_ex() to mod_proxy.h
+ * 20120211.116 (2.4.49-dev) add conn_rec->outgoing and ap_ssl_bind_outgoing()
+ * 20120211.117 (2.4.50-dev) Add ap_pre_connection
+ * 20120211.118 (2.4.51-dev) Add ap_unescape_url_ex() and deprecate
+ * AP_NORMALIZE_DROP_PARAMETERS
+ * 20120211.119 (2.4.51-dev) Add dav_validate_root_ns(), dav_find_child_ns(),
+ * dav_find_next_ns(), dav_find_attr_ns() and
+ * dav_find_attr().
+ * 20120211.120 (2.4.51-dev) Add dav_liveprop_elem structure and
+ * dav_get_liveprop_element().
+ * 20120211.121 (2.4.51-dev) Add ap_post_read_request()
+ * 20120211.122 (2.4.51-dev) Add ap_thread_create(), ap_thread_main_create()
+ * and ap_thread_current()
+ * 20120211.123 (2.4.51-dev) Added ap_pcre_version_string(), AP_REG_PCRE_COMPILED
+ * and AP_REG_PCRE_LOADED to ap_regex.h.
+ * 20120211.124 (2.4.51-dev) Add name_ex to struct proxy_worker_shared
+ * 20120211.125 (2.4.55-dev) Export mod_http2.h as public header
+ * 20120211.126 (2.4.55-dev) Add additional hcmethod_t enums and PROXY_WORKER_IS_ERROR
+ * 20120211.127 (2.4.56-dev) Add ap_proxy_canonenc_ex
+ * 20120211.128 (2.4.55-dev) Add AP_CTIME_OPTION_GMTOFF to util_time.h
+ * 20120211.129 (2.4.58-dev) Add ap_get_pollfd_from_conn()
+ * 20120211.130 (2.4.59-dev) Add ap_proxy_determine_address()
+ * 20120211.131 (2.4.59-dev) Add DAV_WALKTYPE_TOLERANT
*/
#define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
@@ -531,7 +606,7 @@
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20120211
#endif
-#define MODULE_MAGIC_NUMBER_MINOR 83 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 131 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a
diff --git a/include/ap_mpm.h b/include/ap_mpm.h
index 71f8f47..e3a58aa 100644
--- a/include/ap_mpm.h
+++ b/include/ap_mpm.h
@@ -88,6 +88,7 @@ extern "C" {
* @param plog the log pool, reset after the config file is read
* @param server_conf the global server config.
* @return DONE for shutdown OK otherwise.
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int, mpm, (apr_pool_t *pconf, apr_pool_t *plog, server_rec *server_conf))
@@ -113,42 +114,75 @@ AP_DECLARE(apr_status_t) ap_os_create_privileged_process(
apr_procattr_t *attr,
apr_pool_t *p);
-/* Subtypes/Values for AP_MPMQ_IS_THREADED and AP_MPMQ_IS_FORKED */
-#define AP_MPMQ_NOT_SUPPORTED 0 /* This value specifies that an */
- /* MPM is not capable of */
- /* threading or forking. */
-#define AP_MPMQ_STATIC 1 /* This value specifies that */
- /* an MPM is using a static */
- /* number of threads or daemons */
-#define AP_MPMQ_DYNAMIC 2 /* This value specifies that */
- /* an MPM is using a dynamic */
- /* number of threads or daemons */
-
-/* Values returned for AP_MPMQ_MPM_STATE */
+/** @defgroup mpmq MPM query
+ * @{
+ */
+
+/** @defgroup thrdfrk Subtypes/Values returned for AP_MPMQ_IS_THREADED and AP_MPMQ_IS_FORKED
+ * @ingroup mpmq
+ * @{
+ */
+#define AP_MPMQ_NOT_SUPPORTED 0 /**< This value specifies that an
+ * MPM is not capable of
+ * threading or forking. */
+#define AP_MPMQ_STATIC 1 /**< This value specifies that
+ * an MPM is using a static
+ * number of threads or daemons */
+#define AP_MPMQ_DYNAMIC 2 /**< This value specifies that
+ * an MPM is using a dynamic
+ * number of threads or daemons */
+/** @} */
+
+/** @defgroup qstate Values returned for AP_MPMQ_MPM_STATE
+ * @ingroup mpmq
+ * @{
+ */
#define AP_MPMQ_STARTING 0
#define AP_MPMQ_RUNNING 1
#define AP_MPMQ_STOPPING 2
+/** @} */
-#define AP_MPMQ_MAX_DAEMON_USED 1 /* Max # of daemons used so far */
-#define AP_MPMQ_IS_THREADED 2 /* MPM can do threading */
-#define AP_MPMQ_IS_FORKED 3 /* MPM can do forking */
-#define AP_MPMQ_HARD_LIMIT_DAEMONS 4 /* The compiled max # daemons */
-#define AP_MPMQ_HARD_LIMIT_THREADS 5 /* The compiled max # threads */
-#define AP_MPMQ_MAX_THREADS 6 /* # of threads/child by config */
-#define AP_MPMQ_MIN_SPARE_DAEMONS 7 /* Min # of spare daemons */
-#define AP_MPMQ_MIN_SPARE_THREADS 8 /* Min # of spare threads */
-#define AP_MPMQ_MAX_SPARE_DAEMONS 9 /* Max # of spare daemons */
-#define AP_MPMQ_MAX_SPARE_THREADS 10 /* Max # of spare threads */
-#define AP_MPMQ_MAX_REQUESTS_DAEMON 11 /* Max # of requests per daemon */
-#define AP_MPMQ_MAX_DAEMONS 12 /* Max # of daemons by config */
-#define AP_MPMQ_MPM_STATE 13 /* starting, running, stopping */
-#define AP_MPMQ_IS_ASYNC 14 /* MPM can process async connections */
-#define AP_MPMQ_GENERATION 15 /* MPM generation */
-#define AP_MPMQ_HAS_SERF 16 /* MPM can drive serf internally */
+/** @defgroup qcodes Query codes for ap_mpm_query()
+ * @ingroup mpmq
+ * @{
+ */
+/** Max # of daemons used so far */
+#define AP_MPMQ_MAX_DAEMON_USED 1
+/** MPM can do threading */
+#define AP_MPMQ_IS_THREADED 2
+/** MPM can do forking */
+#define AP_MPMQ_IS_FORKED 3
+/** The compiled max # daemons */
+#define AP_MPMQ_HARD_LIMIT_DAEMONS 4
+/** The compiled max # threads */
+#define AP_MPMQ_HARD_LIMIT_THREADS 5
+/** \# of threads/child by config */
+#define AP_MPMQ_MAX_THREADS 6
+/** Min # of spare daemons */
+#define AP_MPMQ_MIN_SPARE_DAEMONS 7
+/** Min # of spare threads */
+#define AP_MPMQ_MIN_SPARE_THREADS 8
+/** Max # of spare daemons */
+#define AP_MPMQ_MAX_SPARE_DAEMONS 9
+/** Max # of spare threads */
+#define AP_MPMQ_MAX_SPARE_THREADS 10
+/** Max # of requests per daemon */
+#define AP_MPMQ_MAX_REQUESTS_DAEMON 11
+/** Max # of daemons by config */
+#define AP_MPMQ_MAX_DAEMONS 12
+/** starting, running, stopping */
+#define AP_MPMQ_MPM_STATE 13
+/** MPM can process async connections */
+#define AP_MPMQ_IS_ASYNC 14
+/** MPM generation */
+#define AP_MPMQ_GENERATION 15
+/** MPM can drive serf internally */
+#define AP_MPMQ_HAS_SERF 16
+/** @} */
/**
* Query a property of the current MPM.
- * @param query_code One of APM_MPMQ_*
+ * @param query_code One of AP_MPMQ_*
* @param result A location to place the result of the query
* @return APR_EGENERAL if an mpm-query hook has not been registered;
* APR_SUCCESS or APR_ENOTIMPL otherwise
@@ -159,6 +193,7 @@ AP_DECLARE(apr_status_t) ap_os_create_privileged_process(
*/
AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result);
+/** @} */
typedef void (ap_mpm_callback_fn_t)(void *baton);
@@ -191,6 +226,7 @@ typedef enum mpm_child_status {
* scoreboard slot.
* @param state One of the mpm_child_status values. Modules should ignore
* unrecognized values.
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(void,child_status,(server_rec *s, pid_t pid, ap_generation_t gen,
int slot, mpm_child_status state))
@@ -201,6 +237,7 @@ AP_DECLARE_HOOK(void,child_status,(server_rec *s, pid_t pid, ap_generation_t gen
*
* @param s The main server_rec.
* @param gen The server generation which is now completely finished.
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(void,end_generation,(server_rec *s, ap_generation_t gen))
@@ -224,6 +261,14 @@ typedef struct ap_exception_info_t {
pid_t pid;
} ap_exception_info_t;
+/**
+ * Run the fatal_exception hook for each module; this hook is run
+ * from some MPMs in the event of a child process crash, if the
+ * server was built with --enable-exception-hook and the
+ * EnableExceptionHook directive is On.
+ * @param ei information about the exception
+ * @ingroup hooks
+ */
AP_DECLARE_HOOK(int,fatal_exception,(ap_exception_info_t *ei))
#endif /*AP_ENABLE_EXCEPTION_HOOK*/
diff --git a/include/ap_regex.h b/include/ap_regex.h
index 7d8df79..50d5aba 100644
--- a/include/ap_regex.h
+++ b/include/ap_regex.h
@@ -84,7 +84,17 @@ extern "C" {
#define AP_REG_DOLLAR_ENDONLY 0x200 /* '$' matches at end of subject string only */
-#define AP_REG_MATCH "MATCH_" /** suggested prefix for ap_regname */
+#define AP_REG_NO_DEFAULT 0x400 /**< Don't implicitely add AP_REG_DEFAULT options */
+
+#define AP_REG_MATCH "MATCH_" /**< suggested prefix for ap_regname */
+
+#define AP_REG_DEFAULT (AP_REG_DOTALL|AP_REG_DOLLAR_ENDONLY)
+
+/* Arguments for ap_pcre_version_string */
+enum {
+ AP_REG_PCRE_COMPILED = 0, /** PCRE version used during program compilation */
+ AP_REG_PCRE_LOADED /** PCRE version loaded at runtime */
+};
/* Error values: */
enum {
@@ -110,6 +120,15 @@ typedef struct {
/* The functions */
/**
+ * Return PCRE version string.
+ * @param which Either AP_REG_PCRE_COMPILED (PCRE version used
+ * during program compilation) or AP_REG_PCRE_LOADED
+ * (PCRE version used at runtime)
+ * @return The PCRE version string
+ */
+AP_DECLARE(const char *) ap_pcre_version_string(int which);
+
+/**
* Get default compile flags
* @return Bitwise OR of AP_REG_* flags
*/
@@ -182,6 +201,8 @@ AP_DECLARE(apr_size_t) ap_regerror(int errcode, const ap_regex_t *preg,
* Return an array of named regex backreferences
* @param preg The precompiled regex
* @param names The array to which the names will be added
+ * @param prefix An optional prefix to add to the returned names. AP_REG_MATCH
+ * is the recommended prefix.
* @param upper If non zero, uppercase the names
*/
AP_DECLARE(int) ap_regname(const ap_regex_t *preg,
diff --git a/include/ap_release.h b/include/ap_release.h
index c1b1300..827dfc0 100644
--- a/include/ap_release.h
+++ b/include/ap_release.h
@@ -23,7 +23,7 @@
#define AP_RELEASE_H
#define AP_SERVER_COPYRIGHT \
- "Copyright 2019 The Apache Software Foundation."
+ "Copyright 2024 The Apache Software Foundation."
/*
* The below defines the base string of the Server: header. Additional
@@ -43,7 +43,7 @@
#define AP_SERVER_MAJORVERSION_NUMBER 2
#define AP_SERVER_MINORVERSION_NUMBER 4
-#define AP_SERVER_PATCHLEVEL_NUMBER 38
+#define AP_SERVER_PATCHLEVEL_NUMBER 59
#define AP_SERVER_DEVBUILD_BOOLEAN 0
/* Synchronize the above with docs/manual/style/version.ent */
diff --git a/include/http_config.h b/include/http_config.h
index adc5825..8359eb1 100644
--- a/include/http_config.h
+++ b/include/http_config.h
@@ -786,7 +786,7 @@ AP_DECLARE(void) ap_remove_module(module *m);
AP_DECLARE(const char *) ap_add_loaded_module(module *mod, apr_pool_t *p,
const char *s);
/**
- * Remove a module fromthe chained modules list and the list of loaded modules
+ * Remove a module from the chained modules list and the list of loaded modules
* @param mod the module structure of the module to remove
*/
AP_DECLARE(void) ap_remove_loaded_module(module *mod);
@@ -907,7 +907,7 @@ AP_DECLARE(const char *) ap_build_cont_config(apr_pool_t *p,
* @param conf_pool The pconf pool
* @param temp_pool The temporary pool
* @param conftree Place to store the root node of the config tree
- * @return Error string on erro, NULL otherwise
+ * @return Error string on error, NULL otherwise
* @note If conf_pool == temp_pool, ap_build_config() will assume .htaccess
* context and use a lower maximum line length.
*/
@@ -928,6 +928,21 @@ AP_DECLARE(const char *) ap_walk_config(ap_directive_t *conftree,
ap_conf_vector_t *section_vector);
/**
+ * Convenience function to create a ap_dir_match_t structure from a cmd_parms.
+ *
+ * @param cmd The command.
+ * @param flags Flags to indicate whether optional or recursive.
+ * @param cb Callback for each file found that matches the wildcard. Return NULL on
+ * success, an error string on error.
+ * @param ctx Context for the callback.
+ * @return Structure ap_dir_match_t with fields populated, allocated from the
+ * cmd->temp_pool.
+ */
+AP_DECLARE(ap_dir_match_t *)ap_dir_cfgmatch(cmd_parms *cmd, int flags,
+ const char *(*cb)(ap_dir_match_t *w, const char *fname), void *ctx)
+ __attribute__((nonnull(1,3)));
+
+/**
* @defgroup ap_check_cmd_context Check command context
* @{
*/
@@ -1054,7 +1069,7 @@ AP_DECLARE(void) ap_run_rewrite_args(process_rec *process);
/**
* Run the register hooks function for a specified module
- * @param m The module to run the register hooks function fo
+ * @param m The module to run the register hooks function from
* @param p The pool valid for the lifetime of the module
*/
AP_DECLARE(void) ap_register_hooks(module *m, apr_pool_t *p);
@@ -1283,6 +1298,7 @@ AP_CORE_DECLARE(void *) ap_set_config_vectors(server_rec *server,
* Run the header parser functions for each module
* @param r The current request
* @return OK or DECLINED
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,header_parser,(request_rec *r))
@@ -1292,6 +1308,7 @@ AP_DECLARE_HOOK(int,header_parser,(request_rec *r))
* @param plog The logging streams pool
* @param ptemp The temporary pool
* @return OK or DECLINED on success anything else is a error
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,pre_config,(apr_pool_t *pconf,apr_pool_t *plog,
apr_pool_t *ptemp))
@@ -1303,6 +1320,7 @@ AP_DECLARE_HOOK(int,pre_config,(apr_pool_t *pconf,apr_pool_t *plog,
* @param ptemp The temporary pool
* @param s the server to operate upon
* @return OK or DECLINED on success anything else is a error
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,check_config,(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp, server_rec *s))
@@ -1315,17 +1333,28 @@ AP_DECLARE_HOOK(int,check_config,(apr_pool_t *pconf, apr_pool_t *plog,
* @note To avoid reordering problems due to different buffering, hook
* functions should only apr_file_*() to print to stdout/stderr and
* not simple printf()/fprintf().
- *
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(void,test_config,(apr_pool_t *pconf, server_rec *s))
/**
* Run the post_config function for each module
+ *
+ * The function might be called multiple times. @a pconf, @a plog, and
+ * @a ptemp may be cleared and/or destroyed between calls.
+ *
+ * The function will be called zero or one times with the server's state being
+ * #AP_SQ_MS_CREATE_PRE_CONFIG, and will be called one or more times with
+ * the server's state being #AP_SQ_MS_CREATE_CONFIG.
+ *
+ * @see ap_state_query(), #AP_SQ_MAIN_STATE
+ *
* @param pconf The config pool
* @param plog The logging streams pool
* @param ptemp The temporary pool
* @param s The list of server_recs
* @return OK or DECLINED on success anything else is a error
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,post_config,(apr_pool_t *pconf,apr_pool_t *plog,
apr_pool_t *ptemp,server_rec *s))
@@ -1337,6 +1366,7 @@ AP_DECLARE_HOOK(int,post_config,(apr_pool_t *pconf,apr_pool_t *plog,
* @param ptemp The temporary pool
* @param s The list of server_recs
* @return OK or DECLINED on success anything else is a error
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,open_logs,(apr_pool_t *pconf,apr_pool_t *plog,
apr_pool_t *ptemp,server_rec *s))
@@ -1345,6 +1375,7 @@ AP_DECLARE_HOOK(int,open_logs,(apr_pool_t *pconf,apr_pool_t *plog,
* Run the child_init functions for each module
* @param pchild The child pool
* @param s The list of server_recs in this server
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(void,child_init,(apr_pool_t *pchild, server_rec *s))
@@ -1352,6 +1383,7 @@ AP_DECLARE_HOOK(void,child_init,(apr_pool_t *pchild, server_rec *s))
* Run the handler functions for each module
* @param r The request_rec
* @remark non-wildcard handlers should HOOK_MIDDLE, wildcard HOOK_LAST
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,handler,(request_rec *r))
@@ -1365,6 +1397,7 @@ AP_DECLARE_HOOK(int,handler,(request_rec *r))
* @param lookup_uri Controls whether the caller actually wants content or not.
* lookup is set when the quick_handler is called out of
* ap_sub_req_lookup_uri()
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(int,quick_handler,(request_rec *r, int lookup_uri))
@@ -1372,6 +1405,7 @@ AP_DECLARE_HOOK(int,quick_handler,(request_rec *r, int lookup_uri))
* Retrieve the optional functions for each module.
* This is run immediately before the server starts. Optional functions should
* be registered during the hook registration phase.
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(void,optional_fn_retrieve,(void))
@@ -1388,6 +1422,7 @@ AP_DECLARE_HOOK(void,optional_fn_retrieve,(void))
* APR_ENOENT or APR_ENOTDIR if no htaccess file exists,
* AP_DECLINED to let later modules do the opening,
* any other error code on error.
+ * @ingroup hooks
*/
AP_DECLARE_HOOK(apr_status_t,open_htaccess,
(request_rec *r, const char *dir_name, const char *access_name,
diff --git a/include/http_connection.h b/include/http_connection.h
index 8bc009d..71f02bd 100644
--- a/include/http_connection.h
+++ b/include/http_connection.h
@@ -135,6 +135,21 @@ AP_DECLARE_HOOK(int,process_connection,(conn_rec *c))
*/
AP_DECLARE_HOOK(int,pre_close_connection,(conn_rec *c))
+/**
+ * This is a wrapper around ap_run_pre_connection. In case that
+ * ap_run_pre_connection returns an error it marks the connection as
+ * aborted and ensures that the basic connection setup normally done
+ * by the core module is done in case it was not done so far.
+ * @param c The connection on which the request has been received.
+ * Same as for the pre_connection hook.
+ * @param csd The mechanism on which this connection is to be read.
+ * Most times this will be a socket, but it is up to the module
+ * that accepts the request to determine the exact type.
+ * Same as for the pre_connection hook.
+ * @return The result of ap_run_pre_connection
+ */
+AP_DECLARE(int) ap_pre_connection(conn_rec *c, void *csd);
+
/** End Of Connection (EOC) bucket */
AP_DECLARE_DATA extern const apr_bucket_type_t ap_bucket_type_eoc;
diff --git a/include/http_core.h b/include/http_core.h
index 35df5dc..948034f 100644
--- a/include/http_core.h
+++ b/include/http_core.h
@@ -31,6 +31,7 @@
#include "apr_optional.h"
#include "util_filter.h"
#include "ap_expr.h"
+#include "apr_poll.h"
#include "apr_tables.h"
#include "http_config.h"
@@ -160,7 +161,7 @@ AP_DECLARE(const char *) ap_document_root(request_rec *r);
/**
* Lookup the remote user agent's DNS name or IP address
- * @ingroup get_remote_hostname
+ * @ingroup get_remote_host
* @param req The current request
* @param type The type of lookup to perform. One of:
* <pre>
@@ -254,6 +255,13 @@ AP_DECLARE(const char *) ap_get_server_name_for_url(request_rec *r);
AP_DECLARE(apr_port_t) ap_get_server_port(const request_rec *r);
/**
+ * Get the size of read buffers
+ * @param r The current request
+ * @return The read buffers size
+ */
+AP_DECLARE(apr_size_t) ap_get_read_buf_size(const request_rec *r);
+
+/**
* Return the limit on bytes in request msg body
* @param r The current request
* @return the maximum number of bytes in the request msg body
@@ -482,12 +490,13 @@ typedef unsigned int overrides_t;
*/
typedef unsigned long etag_components_t;
-#define ETAG_UNSET 0
-#define ETAG_NONE (1 << 0)
-#define ETAG_MTIME (1 << 1)
-#define ETAG_INODE (1 << 2)
-#define ETAG_SIZE (1 << 3)
-#define ETAG_ALL (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
+#define ETAG_UNSET 0
+#define ETAG_NONE (1 << 0)
+#define ETAG_MTIME (1 << 1)
+#define ETAG_INODE (1 << 2)
+#define ETAG_SIZE (1 << 3)
+#define ETAG_DIGEST (1 << 4)
+#define ETAG_ALL (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
/* This is the default value used */
#define ETAG_BACKWARD (ETAG_MTIME | ETAG_SIZE)
@@ -672,6 +681,8 @@ typedef struct {
/** Table of rules for building CGI variables, NULL if none configured */
apr_hash_t *cgi_var_rules;
+
+ apr_size_t read_buf_size;
} core_dir_config;
/* macro to implement off by default behaviour */
@@ -740,7 +751,11 @@ typedef struct {
#define AP_HTTP_METHODS_LENIENT 1
#define AP_HTTP_METHODS_REGISTERED 2
char http_methods;
-
+ unsigned int merge_slashes;
+
+ apr_size_t flush_max_threshold;
+ apr_int32_t flush_max_pipelined;
+ unsigned int strict_host_check;
} core_server_config;
/* for AddOutputFiltersByType in core.c */
@@ -769,6 +784,11 @@ AP_DECLARE(void) ap_set_server_protocol(server_rec* s, const char* proto);
typedef struct core_output_filter_ctx core_output_filter_ctx_t;
typedef struct core_filter_ctx core_ctx_t;
+struct core_filter_ctx {
+ apr_bucket_brigade *b;
+ apr_bucket_brigade *tmpbb;
+};
+
typedef struct core_net_rec {
/** Connection to the client */
apr_socket_t *client_socket;
@@ -1041,6 +1061,31 @@ AP_DECLARE(int) ap_state_query(int query_code);
/** only dump some parts of the config */
#define AP_SQ_RM_CONFIG_DUMP 4
+/** Get a apr_pollfd_t populated with descriptor and descriptor type
+ * and the timeout to use for it.
+ * @return APR_ENOTIMPL if not supported for a connection.
+ */
+AP_DECLARE_HOOK(apr_status_t, get_pollfd_from_conn,
+ (conn_rec *c, struct apr_pollfd_t *pfd,
+ apr_interval_time_t *ptimeout))
+
+/**
+ * Pass in a `struct apr_pollfd_t*` and get `desc_type` and `desc`
+ * populated with a suitable value for polling connection input.
+ * For primary connection (c->master == NULL), this will be the connection
+ * socket. For secondary connections this may differ or not be available
+ * at all.
+ * Note that APR_NO_DESC may be set to indicate that the connection
+ * input is already closed.
+ *
+ * @param pfd the pollfd to set the descriptor in
+ * @param ptimeout != NULL to retrieve the timeout in effect
+ * @return ARP_SUCCESS when the information was assigned.
+ */
+AP_CORE_DECLARE(apr_status_t) ap_get_pollfd_from_conn(conn_rec *c,
+ struct apr_pollfd_t *pfd,
+ apr_interval_time_t *ptimeout);
+
#ifdef __cplusplus
}
#endif
diff --git a/include/http_protocol.h b/include/http_protocol.h
index 11c7b2d..94c481e 100644
--- a/include/http_protocol.h
+++ b/include/http_protocol.h
@@ -54,6 +54,13 @@ AP_DECLARE_DATA extern ap_filter_rec_t *ap_old_write_func;
*/
/**
+ * Read an empty request and set reasonable defaults.
+ * @param c The current connection
+ * @return The new request_rec
+ */
+AP_DECLARE(request_rec *) ap_create_request(conn_rec *c);
+
+/**
* Read a request and fill in the fields.
* @param c The current connection
* @return The new request_rec
@@ -61,6 +68,20 @@ AP_DECLARE_DATA extern ap_filter_rec_t *ap_old_write_func;
request_rec *ap_read_request(conn_rec *c);
/**
+ * Parse and validate the request line.
+ * @param r The current request
+ * @return 1 on success, 0 on failure
+ */
+AP_DECLARE(int) ap_parse_request_line(request_rec *r);
+
+/**
+ * Validate the request header and select vhost.
+ * @param r The current request
+ * @return 1 on success, 0 on failure
+ */
+AP_DECLARE(int) ap_check_request_header(request_rec *r);
+
+/**
* Read the mime-encoded headers.
* @param r The current request
*/
@@ -75,6 +96,13 @@ AP_DECLARE(void) ap_get_mime_headers(request_rec *r);
AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r,
apr_bucket_brigade *bb);
+/**
+ * Run post_read_request hook and validate.
+ * @param r The current request
+ * @return OK or HTTP_...
+ */
+AP_DECLARE(int) ap_post_read_request(request_rec *r);
+
/* Finish up stuff after a request */
/**
@@ -145,6 +173,27 @@ AP_DECLARE(const char *) ap_make_content_type(request_rec *r,
*/
AP_DECLARE(void) ap_setup_make_content_type(apr_pool_t *pool);
+/** A structure with the ingredients for a file based etag */
+typedef struct etag_rec etag_rec;
+
+/**
+ * @brief A structure with the ingredients for a file based etag
+ */
+struct etag_rec {
+ /** Optional vary list validator */
+ const char *vlist_validator;
+ /** Time when the request started */
+ apr_time_t request_time;
+ /** finfo.protection (st_mode) set to zero if no such file */
+ apr_finfo_t *finfo;
+ /** File pathname used when generating a digest */
+ const char *pathname;
+ /** File descriptor used when generating a digest */
+ apr_file_t *fd;
+ /** Force a non-digest etag to be weak */
+ int force_weak;
+};
+
/**
* Construct an entity tag from the resource information. If it's a real
* file, build in some of the file characteristics.
@@ -156,12 +205,27 @@ AP_DECLARE(void) ap_setup_make_content_type(apr_pool_t *pool);
AP_DECLARE(char *) ap_make_etag(request_rec *r, int force_weak);
/**
+ * Construct an entity tag from information provided in the etag_rec
+ * structure.
+ * @param r The current request
+ * @param er The etag record, containing ingredients for the etag.
+ */
+AP_DECLARE(char *) ap_make_etag_ex(request_rec *r, etag_rec *er);
+
+/**
* Set the E-tag outgoing header
* @param r The current request
*/
AP_DECLARE(void) ap_set_etag(request_rec *r);
/**
+ * Set the E-tag outgoing header, with the option of forcing a strong ETag.
+ * @param r The current request
+ * @param fd The file descriptor
+ */
+AP_DECLARE(void) ap_set_etag_fd(request_rec *r, apr_file_t *fd);
+
+/**
* Set the last modified time for the file being sent
* @param r The current request
*/
@@ -411,7 +475,27 @@ AP_DECLARE(int) ap_rwrite(const void *buf, int nbyte, request_rec *r);
*/
static APR_INLINE int ap_rputs(const char *str, request_rec *r)
{
- return ap_rwrite(str, (int)strlen(str), r);
+ apr_size_t len;
+
+ len = strlen(str);
+
+ for (;;) {
+ if (len <= INT_MAX) {
+ return ap_rwrite(str, (int)len, r);
+ }
+ else {
+ int rc;
+
+ rc = ap_rwrite(str, INT_MAX, r);
+ if (rc < 0) {
+ return rc;
+ }
+ else {
+ str += INT_MAX;
+ len -= INT_MAX;
+ }
+ }
+ }
}
/**
@@ -466,6 +550,17 @@ AP_DECLARE(int) ap_index_of_response(int status);
*/
AP_DECLARE(const char *) ap_get_status_line(int status);
+/**
+ * Return the Status-Line for a given status code (excluding the
+ * HTTP-Version field). If an invalid status code is passed,
+ * "500 Internal Server Error" will be returned, whereas an unknown
+ * status will be returned like "xxx Status xxx".
+ * @param p The pool to allocate from when status is unknown
+ * @param status The HTTP status code
+ * @return The Status-Line
+ */
+AP_DECLARE(const char *) ap_get_status_line_ex(apr_pool_t *p, int status);
+
/* Reading a block of data from the client connection (e.g., POST arg) */
/**
@@ -733,7 +828,7 @@ AP_DECLARE_HOOK(const char *,http_scheme,(const request_rec *r))
AP_DECLARE_HOOK(apr_port_t,default_port,(const request_rec *r))
-#define AP_PROTOCOL_HTTP1 "http/1.1"
+#define AP_PROTOCOL_HTTP1 "http/1.1"
/**
* Determine the list of protocols available for a connection/request. This may
@@ -798,8 +893,7 @@ AP_DECLARE_HOOK(int,protocol_propose,(conn_rec *c, request_rec *r,
* @param c The current connection
* @param r The current request or NULL
* @param s The server/virtual host selected
- * @param choices A list of protocol identifiers, normally the clients whishes
- * @param proposals the list of protocol identifiers proposed by the hooks
+ * @param protocol The protocol identifier we try to switch to
* @return OK or DECLINED
* @bug This API or implementation and order of operations should be considered
* experimental and will continue to evolve in future 2.4 releases, with
@@ -1015,6 +1109,8 @@ AP_DECLARE(void) ap_finalize_sub_req_protocol(request_rec *sub_r);
*/
AP_DECLARE(void) ap_send_interim_response(request_rec *r, int send_headers);
+
+
#ifdef __cplusplus
}
#endif
diff --git a/include/http_request.h b/include/http_request.h
index 0013d39..7e8bfad 100644
--- a/include/http_request.h
+++ b/include/http_request.h
@@ -332,14 +332,14 @@ void ap_process_async_request(request_rec *r);
/**
* Kill the current request
- * @param type Why the request is dieing
+ * @param type Why the request is dying
* @param r The current request
*/
AP_DECLARE(void) ap_die(int type, request_rec *r);
/**
* Check whether a connection is still established and has data available,
- * optionnaly consuming blank lines ([CR]LF).
+ * optionally consuming blank lines ([CR]LF).
* @param c The current connection
* @param bb The brigade to filter
* @param max_blank_lines Max number of blank lines to consume, or zero
@@ -364,6 +364,18 @@ AP_DECLARE_HOOK(int,create_request,(request_rec *r))
/**
* This hook allow modules an opportunity to translate the URI into an
+ * actual filename, before URL decoding happens.
+ * @param r The current request
+ * @return DECLINED to let other modules handle the pre-translation,
+ * OK if it was handled and no other module should process it,
+ * DONE if no further transformation should happen on the URI,
+ * HTTP_... in case of error.
+ * @ingroup hooks
+ */
+AP_DECLARE_HOOK(int,pre_translate_name,(request_rec *r))
+
+/**
+ * This hook allow modules an opportunity to translate the URI into an
* actual filename. If no modules do anything special, the server's default
* rules will be followed.
* @param r The current request
@@ -443,7 +455,7 @@ AP_DECLARE_HOOK(int,access_checker,(request_rec *r))
* This hook should be registered with ap_hook_check_access_ex().
*
* @param r the current request
- * @return OK (allow acces), DECLINED (let later modules decide),
+ * @return OK (allow access), DECLINED (let later modules decide),
* or HTTP_... (deny access)
* @ingroup hooks
* @see ap_hook_check_access_ex
@@ -549,7 +561,7 @@ AP_DECLARE_HOOK(void,insert_filter,(request_rec *r))
* This hook allows modules to affect the request immediately after the
* per-directory configuration for the request has been generated.
* @param r The current request
- * @return OK (allow acces), DECLINED (let later modules decide),
+ * @return OK (allow access), DECLINED (let later modules decide),
* or HTTP_... (deny access)
* @ingroup hooks
*/
@@ -589,7 +601,7 @@ AP_DECLARE_DATA extern const apr_bucket_type_t ap_bucket_type_eor;
* @param e The bucket to inspect
* @return true or false
*/
-#define AP_BUCKET_IS_EOR(e) (e->type == &ap_bucket_type_eor)
+#define AP_BUCKET_IS_EOR(e) ((e)->type == &ap_bucket_type_eor)
/**
* Make the bucket passed in an End Of REQUEST (EOR) bucket
diff --git a/include/http_ssl.h b/include/http_ssl.h
new file mode 100644
index 0000000..2e052c5
--- /dev/null
+++ b/include/http_ssl.h
@@ -0,0 +1,317 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file http_ssl.h
+ * @brief SSL protocol handling
+ *
+ * @defgroup APACHE_CORE_PROTO SSL Protocol Handling
+ * @ingroup APACHE_CORE
+ * @{
+ */
+
+#ifndef APACHE_HTTP_SSL_H
+#define APACHE_HTTP_SSL_H
+
+#include "httpd.h"
+#include "apr_portable.h"
+#include "apr_mmap.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct ap_conf_vector_t;
+
+/**
+ * This hook allows modules that manage SSL connection to register their
+ * inquiry function for checking if a connection is using SSL from them.
+ * @param c The current connection
+ * @return OK if the connection is using SSL, DECLINED if not.
+ * @ingroup hooks
+ */
+AP_DECLARE_HOOK(int,ssl_conn_is_ssl,(conn_rec *c))
+
+/**
+ * Return != 0 iff the connection is encrypted with SSL.
+ * @param c the connection
+ */
+AP_DECLARE(int) ap_ssl_conn_is_ssl(conn_rec *c);
+
+/**
+ * This hook declares a connection to be outgoing and the configuration that applies to it.
+ * This hook can be called several times in the lifetime of an outgoing connection, e.g.
+ * when it is re-used in different request contexts. It will at least be called after the
+ * connection was created and before the pre-connection hooks is invoked.
+ * All outgoing-connection hooks are run until one returns something other than DECLINE.
+ * if enable_ssl != 0, a hook that sets up SSL for the connection needs to return OK
+ * to prevent subsequent hooks from doing the same.
+ *
+ * @param c The connection on which requests/data are to be sent.
+ * @param dir_conf The directory configuration in which this connection is being used.
+ * @param enable_ssl If != 0, the SSL protocol should be enabled for this connection.
+ * @return DECLINED, OK when ssl was enabled
+ */
+AP_DECLARE_HOOK(int, ssl_bind_outgoing,
+ (conn_rec *c, struct ap_conf_vector_t *dir_conf, int enable_ssl))
+
+/**
+ * Assures the connection is marked as outgoing and invokes the ssl_bind_outgoing hook.
+ * This may be called several times on an outgoing connection with varying dir_conf
+ * values. require_ssl is not allowed to change on the same connection.
+ *
+ * @param c The connection on which requests/data are to be sent.
+ * @param dir_conf The directory configuration in which this connection is being used.
+ * @param require_ssl != 0 iff this connection needs to be secured by SSL/TLS protocol.
+ * @return OK iff ssl was required and is enabled, DECLINED otherwise
+ */
+AP_DECLARE(int) ap_ssl_bind_outgoing(conn_rec *c, struct ap_conf_vector_t *dir_conf,
+ int require_ssl);
+
+/**
+ * Return != 0 iff handlers/hooks for outgoing connections are registered.
+ */
+AP_DECLARE(int) ap_ssl_has_outgoing_handlers(void);
+
+/**
+ * This hook allows modules to look up SSL related variables for a
+ * server/connection/request, depending on what they inquire. Some
+ * variables will only be available for a connection/request, for example.
+ * @param p The pool to allocate a returned value in, MUST be provided
+ * @param s The server to inquire a value for, maybe NULL
+ * @param c The current connection, maybe NULL
+ * @param r The current request, maybe NULL
+ * @param name The name of the variable to retrieve, MUST be provided
+ * @return value or the variable or NULL if not provided/available
+ * @ingroup hooks
+ */
+AP_DECLARE_HOOK(const char *,ssl_var_lookup,
+ (apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, const char *name))
+
+/**
+ * Lookup an SSL related variable for the server/connection/request or a global
+ * value when all those parameters are set to NULL. Pool and name must always be
+ * provided and the returned value (if not NULL) will be allocated from the pool.
+ * @param p The pool to allocate a returned value in, MUST be provided
+ * @param s The server to inquire a value for, maybe NULL
+ * @param c The current connection, maybe NULL
+ * @param r The current request, maybe NULL
+ * @param name The name of the variable to retrieve, MUST be provided
+ * @return value or the variable or NULL if not provided/available
+ */
+AP_DECLARE(const char *) ap_ssl_var_lookup(apr_pool_t *p, server_rec *s,
+ conn_rec *c, request_rec *r,
+ const char *name);
+
+/**
+ * Register to provide certificate/key files for servers. Certificate files are
+ * expected to contain the certificate chain, beginning with the server's certificate,
+ * excluding the trust anchor, in PEM format.
+ * They must be accompanied by a private key file, also in PEM format.
+ *
+ * @param s the server certificates are collected for
+ * @param p the pool to use for allocations
+ * @param cert_files an array of const char* with the path to the certificate chain
+ * @param key_files an array of const char* with the path to the private key file
+ * @return OK if files were added, DECLINED if not, or other for error.
+ */
+
+AP_DECLARE_HOOK(int, ssl_add_cert_files, (server_rec *s, apr_pool_t *p,
+ apr_array_header_t *cert_files,
+ apr_array_header_t *key_files))
+
+/**
+ * Collect certificate/key files from all providers registered. This includes
+ * providers registered at the global 'ssl_add_cert_files', as well as those
+ * installed in the OPTIONAL 'ssl_add_cert_files' hook as may be provided by
+ * ssl modules.
+ *
+ * @param s the server certificates are collected for
+ * @param p the pool to use for allocations
+ * @param cert_files an array of const char* with the path to the certificate chain
+ * @param key_files an array of const char* with the path to the private key file
+ */
+AP_DECLARE(apr_status_t) ap_ssl_add_cert_files(server_rec *s, apr_pool_t *p,
+ apr_array_header_t *cert_files,
+ apr_array_header_t *key_files);
+
+
+/**
+ * Register to provide 'fallback' certificates in case no 'real' certificates
+ * have been configured/added by other providers. Modules using these certificates
+ * are encouraged to answer requests to this server with a 503 response code.
+ *
+ * @param s the server certificates are collected for
+ * @param p the pool to use for allocations
+ * @param cert_files an array of const char* with the path to the certificate chain
+ * @param key_files an array of const char* with the path to the private key file
+ * @return OK if files were added, DECLINED if not, or other for error.
+ */
+AP_DECLARE_HOOK(int, ssl_add_fallback_cert_files, (server_rec *s, apr_pool_t *p,
+ apr_array_header_t *cert_files,
+ apr_array_header_t *key_files))
+
+/**
+ * Collect 'fallback' certificate/key files from all registered providers, either
+ * in the global 'ssl_add_fallback_cert_files' hook or the optional one of similar
+ * name as provided by mod_ssl and sorts.
+ * Certificates obtained this way are commonly self signed, temporary crutches.
+ * To be used to the time it takes to retrieve a 'read', trusted certificate.
+ * A module using fallbacks is encouraged to answer all requests with a 503.
+ *
+ * @param s the server certificates are collected for
+ * @param p the pool to use for allocations
+ * @param cert_files an array of const char* with the path to the certificate chain
+ * @param key_files an array of const char* with the path to the private key file
+ */
+AP_DECLARE(apr_status_t) ap_ssl_add_fallback_cert_files(server_rec *s, apr_pool_t *p,
+ apr_array_header_t *cert_files,
+ apr_array_header_t *key_files);
+
+
+/**
+ * On TLS connections that do not relate to a configured virtual host
+ * allow modules to provide a certificate and key to be used on the connection.
+ *
+ * A Certificate PEM added must be accompanied by a private key PEM. The private
+ * key PEM may be given by a NULL pointer, in which case it is expected to be found in
+ * the certificate PEM string.
+ */
+AP_DECLARE_HOOK(int, ssl_answer_challenge, (conn_rec *c, const char *server_name,
+ const char **pcert_pem, const char **pkey_pem))
+
+/**
+ * Returns != 0 iff the connection is a challenge to the server, for example
+ * as defined in RFC 8555 for the 'tls-alpn-01' domain verification, and needs
+ * a specific certificate as answer in the handshake.
+ *
+ * ALPN protocol negotiation via the hooks 'protocol_propose' and 'protocol_switch'
+ * need to have run before this call is made.
+ *
+ * Certificate PEMs added must be accompanied by a private key PEM. The private
+ * key PEM may be given by a NULL pointer, in which case it is expected to be found in
+ * the certificate PEM string.
+ *
+ * A certificate provided this way needs to replace any other certificates selected
+ * by configuration or 'ssl_add_cert_pems` on this connection.
+ */
+AP_DECLARE(int) ap_ssl_answer_challenge(conn_rec *c, const char *server_name,
+ const char **pcert_pem, const char **pkey_pem);
+
+
+/**
+ * Setup optional functions for ssl related queries so that functions
+ * registered by old-style SSL module functions are interrogated by the
+ * the new ap_is_ssl() and friends. Installs own optional functions, so that
+ * old modules looking for these find one and get the correct results (shadowing).
+ *
+ * Needs to run in core's very early POST_CONFIG hook.
+ * Modules providing such functions register their own optionals during
+ * register_hooks(). Modules using such functions retrieve them often
+ * in their own post-config or in the even later retrieval hook. When shadowing
+ * other modules functions, core's early post-config is a good time.
+ * @param pool The pool to use for allocations
+ */
+AP_DECLARE(void) ap_setup_ssl_optional_fns(apr_pool_t *pool);
+
+/**
+ * Providers of OCSP status responses register at this hook. Installed hooks returning OK
+ * are expected to provide later OCSP responses via a 'ap_ssl_ocsp_get_resp_hook'.
+ * @param s the server being configured
+ * @params p a memory pool to use
+ * @param id opaque data uniquely identifying the certificate, provided by caller
+ * @param pem PEM data of certificate first, followed by PEM of issuer cert
+ * @return OK iff stapling is being provided
+ */
+AP_DECLARE_HOOK(int, ssl_ocsp_prime_hook, (server_rec *s, apr_pool_t *p,
+ const char *id, apr_size_t id_len,
+ const char *pem))
+
+/**
+ * Registering a certificate for Provisioning of OCSP responses. It is the caller's
+ * responsibility to provide a global (apache instance) unique id for the certificate
+ * that is then used later in retrieving the OCSP response.
+ * A certificate can be primed this way more than once, however the same identifier
+ * has to be provided each time (byte-wise same, not pointer same).
+ * The memory pointed to by `id` and `pem` is only valid for the duration of the call.
+ *
+ * @param s the server being configured
+ * @params p a memory pool to use
+ * @param id opaque data uniquely identifying the certificate, provided by caller
+ * @param pem PEM data of certificate first, followed by chain certs, at least the issuer
+ * @return APR_SUCCESS iff OCSP responses will be provided.
+ * APR_ENOENT when no provided was found or took responsibility.
+ */
+AP_DECLARE(apr_status_t) ap_ssl_ocsp_prime(server_rec *s, apr_pool_t *p,
+ const char *id, apr_size_t id_len,
+ const char *pem);
+
+/**
+ * Callback to copy over the OCSP response data. If OCSP response data is not
+ * available, this will be called with NULL, 0 parameters!
+ *
+ * Memory allocation methods and lifetime of data will vary per module and
+ * SSL library used. The caller requesting OCSP data will need to make a copy
+ * for his own use.
+ * Any passed data may only be valid for the duration of the call.
+ */
+typedef void ap_ssl_ocsp_copy_resp(const unsigned char *der, apr_size_t der_len, void *userdata);
+
+/**
+ * Asking for OCSP response DER data for a certificate formerly primed.
+ * @param s the (SNI selected) server of the connection
+ * @param c the connection
+ * @param id identifier for the certifate, as used in ocsp_stapling_prime()
+ * @param cb callback to invoke when response data is available
+ * @param userdata caller supplied data passed to callback
+ * @return OK iff response data has been provided, DECLINED otherwise
+ */
+AP_DECLARE_HOOK(int, ssl_ocsp_get_resp_hook,
+ (server_rec *s, conn_rec *c, const char *id, apr_size_t id_len,
+ ap_ssl_ocsp_copy_resp *cb, void *userdata))
+
+/**
+ * Retrieve the OCSP response data for a previously primed certificate. The id needs
+ * to be byte-wise identical to the one used on priming. If the call return ARP_SUCCESS,
+ * the callback has been invoked with the OCSP response DER data.
+ * Otherwise, a different status code must be returned. Callers in SSL connection
+ * handshakes are encouraged to continue the handshake without OCSP data for
+ * server reliability. The decision to accept or reject a handshake with missing
+ * OCSP stapling data needs to be done by the client.
+ * For similar reasons, providers of responses might return seemingly expired ones
+ * if they were unable to refresh a response in time.
+ *
+ * The memory pointed to by `id` is only valid for the duration of the call.
+ * Also, the DER data passed to the callback is only valid for the duration
+ * of the call.
+ *
+ * @param s the (SNI selected) server of the connection
+ * @param c the connection
+ * @param id identifier for the certifate, as used in ocsp_stapling_prime()
+ * @param cb callback to invoke when response data is available
+ * @param userdata caller supplied data passed to callback
+ * @return APR_SUCCESS iff data has been provided
+ */
+AP_DECLARE(apr_status_t) ap_ssl_ocsp_get_resp(server_rec *s, conn_rec *c,
+ const char *id, apr_size_t id_len,
+ ap_ssl_ocsp_copy_resp *cb, void *userdata);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !APACHE_HTTP_SSL_H */
+/** @} */
diff --git a/include/http_vhost.h b/include/http_vhost.h
index 473c9c7..d2d9c97 100644
--- a/include/http_vhost.h
+++ b/include/http_vhost.h
@@ -100,6 +100,19 @@ AP_DECLARE(void) ap_update_vhost_given_ip(conn_rec *conn);
AP_DECLARE(void) ap_update_vhost_from_headers(request_rec *r);
/**
+ * Updates r->server with the best name-based virtual host match, within
+ * the chain of matching virtual hosts selected by ap_update_vhost_given_ip.
+ * @param r The current request
+ * @param require_match 1 to return an HTTP error if the requested hostname is
+ * not explicitly matched to a VirtualHost.
+ * @return return HTTP_OK unless require_match was specified and the requested
+ * hostname did not match any ServerName, ServerAlias, or VirtualHost
+ * address-spec.
+ */
+AP_DECLARE(int) ap_update_vhost_from_headers_ex(request_rec *r, int require_match);
+
+
+/**
* Match the host in the header with the hostname of the server for this
* request.
* @param r The current request
diff --git a/include/httpd.h b/include/httpd.h
index 65392f8..799cf97 100644
--- a/include/httpd.h
+++ b/include/httpd.h
@@ -47,6 +47,7 @@
#include "ap_release.h"
#include "apr.h"
+#include "apr_version.h"
#include "apr_general.h"
#include "apr_tables.h"
#include "apr_pools.h"
@@ -308,7 +309,7 @@ extern "C" {
#define AP_MAX_REG_MATCH 10
/**
- * APR_HAS_LARGE_FILES introduces the problem of spliting sendfile into
+ * APR_HAS_LARGE_FILES introduces the problem of splitting sendfile into
* multiple buckets, no greater than MAX(apr_size_t), and more granular
* than that in case the brigade code/filters attempt to read it directly.
* ### 16mb is an invention, no idea if it is reasonable.
@@ -595,7 +596,7 @@ AP_DECLARE(const char *) ap_get_server_built(void);
#define M_CONNECT 4
#define M_OPTIONS 5
#define M_TRACE 6 /** RFC 2616: HTTP */
-#define M_PATCH 7 /** no rfc(!) ### remove this one? */
+#define M_PATCH 7 /** RFC 5789: PATCH Method for HTTP */
#define M_PROPFIND 8 /** RFC 2518: WebDAV */
#define M_PROPPATCH 9 /* : */
#define M_MKCOL 10
@@ -645,6 +646,49 @@ struct ap_method_list_t {
/** the array used for extension methods */
apr_array_header_t *method_list;
};
+/** @} */
+
+/**
+ * @defgroup bnotes Binary notes recognized by the server
+ * @ingroup APACHE_CORE_DAEMON
+ * @{
+ *
+ * @brief Binary notes recognized by the server.
+ */
+
+/**
+ * The type used for request binary notes.
+ */
+typedef apr_uint64_t ap_request_bnotes_t;
+
+/**
+ * These constants represent bitmasks for notes associated with this
+ * request. There are space for 64 bits in the apr_uint64_t.
+ *
+ */
+#define AP_REQUEST_STRONG_ETAG 1 >> 0
+
+/**
+ * This is a convenience macro to ease with getting specific request
+ * binary notes.
+ */
+#define AP_REQUEST_GET_BNOTE(r, mask) \
+ ((mask) & ((r)->bnotes))
+
+/**
+ * This is a convenience macro to ease with setting specific request
+ * binary notes.
+ */
+#define AP_REQUEST_SET_BNOTE(r, mask, val) \
+ (r)->bnotes = (((r)->bnotes & ~(mask)) | (val))
+
+/**
+ * Returns true if the strong etag flag is set for this request.
+ */
+#define AP_REQUEST_IS_STRONG_ETAG(r) \
+ AP_REQUEST_GET_BNOTE((r), AP_REQUEST_STRONG_ETAG)
+/** @} */
+
/**
* @defgroup module_magic Module Magic mime types
@@ -667,9 +711,9 @@ struct ap_method_list_t {
#if !APR_CHARSET_EBCDIC
/** linefeed */
#define LF 10
-/** carrige return */
+/** carriage return */
#define CR 13
-/** carrige return /Line Feed Combo */
+/** carriage return /Line Feed Combo */
#define CRLF "\015\012"
#else /* APR_CHARSET_EBCDIC */
/* For platforms using the EBCDIC charset, the transition ASCII->EBCDIC is done
@@ -719,7 +763,7 @@ struct ap_method_list_t {
/*
* Things which may vary per file-lookup WITHIN a request ---
* e.g., state of MIME config. Basically, the name of an object, info
- * about the object, and any other info we may ahve which may need to
+ * about the object, and any other info we may have which may need to
* change as we go poking around looking for it (e.g., overridden by
* .htaccess files).
*
@@ -826,7 +870,9 @@ struct request_rec {
int proto_num;
/** Protocol string, as given to us, or HTTP/0.9 */
char *protocol;
- /** Host, as set by full URI or Host: */
+ /** Host, as set by full URI or Host: header.
+ * For literal IPv6 addresses, this does NOT include the surrounding [ ]
+ */
const char *hostname;
/** Time when the request started */
@@ -1060,6 +1106,11 @@ struct request_rec {
* 1 yes/success
*/
int double_reverse;
+ /** Request flags associated with this request. Use
+ * AP_REQUEST_GET_FLAGS() and AP_REQUEST_SET_FLAGS() to access
+ * the elements of this field.
+ */
+ ap_request_bnotes_t bnotes;
};
/**
@@ -1188,6 +1239,8 @@ struct conn_rec {
/** The "real" master connection. NULL if I am the master. */
conn_rec *master;
+
+ int outgoing;
};
/**
@@ -1282,7 +1335,7 @@ struct server_rec {
/** MIME type info, etc., before we start checking per-directory info */
struct ap_conf_vector_t *lookup_defaults;
- /** The name of the server */
+ /** The path to the config file that the server was defined in */
const char *defn_name;
/** The line of the config file that the server was defined on */
unsigned defn_line_number;
@@ -1689,6 +1742,18 @@ AP_DECLARE(int) ap_unescape_url(char *url);
*/
AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
+#define AP_UNESCAPE_URL_KEEP_UNRESERVED (1u << 0)
+#define AP_UNESCAPE_URL_FORBID_SLASHES (1u << 1)
+#define AP_UNESCAPE_URL_KEEP_SLASHES (1u << 2)
+
+/**
+ * Unescape a URL, with options
+ * @param url The url to unescape
+ * @param flags Bitmask of AP_UNESCAPE_URL_* flags
+ * @return 0 on success, non-zero otherwise
+ */
+AP_DECLARE(int) ap_unescape_url_ex(char *url, unsigned int flags);
+
/**
* Unescape an application/x-www-form-urlencoded string
* @param query The query to unescape
@@ -1697,12 +1762,37 @@ AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
AP_DECLARE(int) ap_unescape_urlencoded(char *query);
/**
- * Convert all double slashes to single slashes
- * @param name The string to convert
+ * Convert all double slashes to single slashes, except where significant
+ * to the filesystem on the current platform.
+ * @param name The string to convert, assumed to be a filesystem path
*/
AP_DECLARE(void) ap_no2slash(char *name);
/**
+ * Convert all double slashes to single slashes, except where significant
+ * to the filesystem on the current platform.
+ * @param name The string to convert
+ * @param is_fs_path if set to 0, the significance of any double-slashes is
+ * ignored.
+ */
+AP_DECLARE(void) ap_no2slash_ex(char *name, int is_fs_path);
+
+#define AP_NORMALIZE_ALLOW_RELATIVE (1u << 0)
+#define AP_NORMALIZE_NOT_ABOVE_ROOT (1u << 1)
+#define AP_NORMALIZE_DECODE_UNRESERVED (1u << 2)
+#define AP_NORMALIZE_MERGE_SLASHES (1u << 3)
+#define AP_NORMALIZE_DROP_PARAMETERS (0) /* deprecated */
+
+/**
+ * Remove all ////, /./ and /xx/../ substrings from a path, and more
+ * depending on passed in flags.
+ * @param path The path to normalize
+ * @param flags bitmask of AP_NORMALIZE_* flags
+ * @return non-zero on success
+ */
+AP_DECLARE(int) ap_normalize_path(char *path, unsigned int flags);
+
+/**
* Remove all ./ and xx/../ substrings from a file name. Also remove
* any leading ../ or /../ substrings.
* @param name the file name to parse
@@ -2041,6 +2131,15 @@ AP_DECLARE(char *) ap_append_pid(apr_pool_t *p, const char *string,
const char *delim);
/**
+ * Parse a length string with decimal characters only, no leading sign nor
+ * trailing character, like Content-Length or (Content-)Range headers.
+ * @param len The parsed length (apr_off_t)
+ * @param str The string to parse
+ * @return 1 (success), 0 (failure)
+ */
+AP_DECLARE(int) ap_parse_strict_length(apr_off_t *len, const char *str);
+
+/**
* Parse a given timeout parameter string into an apr_interval_time_t value.
* The unit of the time interval is given as postfix string to the numeric
* string. Currently the following units are understood:
@@ -2312,6 +2411,71 @@ AP_DECLARE(void *) ap_realloc(void *ptr, size_t size)
AP_FN_ATTR_WARN_UNUSED_RESULT
AP_FN_ATTR_ALLOC_SIZE(2);
+#if APR_HAS_THREADS
+
+#if APR_VERSION_AT_LEAST(1,8,0) && !defined(AP_NO_THREAD_LOCAL)
+
+/**
+ * APR 1.8+ implement those already.
+ */
+#if APR_HAS_THREAD_LOCAL
+#define AP_HAS_THREAD_LOCAL 1
+#define AP_THREAD_LOCAL APR_THREAD_LOCAL
+#else
+#define AP_HAS_THREAD_LOCAL 0
+#endif
+#define ap_thread_create apr_thread_create
+#define ap_thread_current apr_thread_current
+#define ap_thread_current_create apr_thread_current_create
+#define ap_thread_current_after_fork apr_thread_current_after_fork
+
+#else /* APR_VERSION_AT_LEAST(1,8,0) && !defined(AP_NO_THREAD_LOCAL) */
+
+#ifndef AP_NO_THREAD_LOCAL
+/**
+ * AP_THREAD_LOCAL keyword mapping the compiler's.
+ */
+#if defined(__cplusplus) && __cplusplus >= 201103L
+#define AP_THREAD_LOCAL thread_local
+#elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112 && \
+ (!defined(__GNUC__) || \
+ __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 9))
+#define AP_THREAD_LOCAL _Thread_local
+#elif defined(__GNUC__) /* works for clang too */
+#define AP_THREAD_LOCAL __thread
+#elif defined(WIN32) && defined(_MSC_VER)
+#define AP_THREAD_LOCAL __declspec(thread)
+#endif
+#endif /* ndef AP_NO_THREAD_LOCAL */
+
+#ifndef AP_THREAD_LOCAL
+#define AP_HAS_THREAD_LOCAL 0
+#define ap_thread_create apr_thread_create
+#else /* AP_THREAD_LOCAL */
+#define AP_HAS_THREAD_LOCAL 1
+AP_DECLARE(apr_status_t) ap_thread_create(apr_thread_t **thread,
+ apr_threadattr_t *attr,
+ apr_thread_start_t func,
+ void *data, apr_pool_t *pool);
+#endif /* AP_THREAD_LOCAL */
+
+AP_DECLARE(apr_status_t) ap_thread_current_create(apr_thread_t **current,
+ apr_threadattr_t *attr,
+ apr_pool_t *pool);
+AP_DECLARE(void) ap_thread_current_after_fork(void);
+AP_DECLARE(apr_thread_t *) ap_thread_current(void);
+
+#endif /* APR_VERSION_AT_LEAST(1,8,0) && !defined(AP_NO_THREAD_LOCAL) */
+
+AP_DECLARE(apr_status_t) ap_thread_main_create(apr_thread_t **thread,
+ apr_pool_t *pool);
+
+#else /* APR_HAS_THREADS */
+
+#define AP_HAS_THREAD_LOCAL 0
+
+#endif /* APR_HAS_THREADS */
+
/**
* Get server load params
* @param ld struct to populate: -1 in fields means error
@@ -2335,7 +2499,7 @@ AP_DECLARE(void) ap_bin2hex(const void *src, apr_size_t srclen, char *dest);
/**
* Short function to execute a command and return the first line of
- * output minus \r \n. Useful for "obscuring" passwords via exec calls
+ * output minus \\r \\n. Useful for "obscuring" passwords via exec calls
* @param p the pool to allocate from
* @param cmd the command to execute
* @param argv the arguments to pass to the cmd
@@ -2397,6 +2561,101 @@ AP_DECLARE(int) ap_cstr_casecmp(const char *s1, const char *s2);
*/
AP_DECLARE(int) ap_cstr_casecmpn(const char *s1, const char *s2, apr_size_t n);
+/**
+ * Default flags for ap_dir_*fnmatch().
+ */
+#define AP_DIR_FLAG_NONE 0
+
+/**
+ * If set, wildcards that match no files or directories will be ignored, otherwise
+ * an error is triggered.
+ */
+#define AP_DIR_FLAG_OPTIONAL 1
+
+/**
+ * If set, and the wildcard resolves to a directory, recursively find all files
+ * below that directory, otherwise return the directory.
+ */
+#define AP_DIR_FLAG_RECURSIVE 2
+
+/**
+ * Structure to provide the state of a directory match.
+ */
+typedef struct ap_dir_match_t ap_dir_match_t;
+
+/**
+ * Concrete structure to provide the state of a directory match.
+ */
+struct ap_dir_match_t {
+ /** Pool to use for allocating the result */
+ apr_pool_t *p;
+ /** Temporary pool used for directory traversal */
+ apr_pool_t *ptemp;
+ /** Prefix for log messages */
+ const char *prefix;
+ /** Callback for each file found that matches the wildcard. Return NULL on success, an error string on error. */
+ const char *(*cb)(ap_dir_match_t *w, const char *fname);
+ /** Context for the callback */
+ void *ctx;
+ /** Flags to indicate whether optional or recursive */
+ int flags;
+ /** Recursion depth safety check */
+ unsigned int depth;
+};
+
+/**
+ * Search for files given a non wildcard filename with non native separators.
+ *
+ * If the provided filename points at a file, the callback within ap_dir_match_t is
+ * triggered for that file, and this function returns the result of the callback.
+ *
+ * If the provided filename points at a directory, and recursive within ap_dir_match_t
+ * is true, the callback will be triggered for every file found recursively beneath
+ * that directory, otherwise the callback is triggered once for the directory itself.
+ * This function returns the result of the callback.
+ *
+ * If the provided path points to neither a file nor a directory, and optional within
+ * ap_dir_match_t is true, this function returns NULL. If optional within ap_dir_match_t
+ * is false, this function will return an error string indicating that the path does not
+ * exist.
+ *
+ * @param w Directory match structure containing callback and context.
+ * @param fname The name of the file or directory, with non native separators.
+ * @return NULL on success, or a string describing the error.
+ */
+AP_DECLARE(const char *)ap_dir_nofnmatch(ap_dir_match_t *w, const char *fname)
+ __attribute__((nonnull(1,2)));
+
+/**
+ * Search for files given a wildcard filename with non native separators.
+ *
+ * If the filename contains a wildcard, all files and directories that match the wildcard
+ * will be returned.
+ *
+ * ap_dir_nofnmatch() is called for each directory and file found, and the callback
+ * within ap_dir_match_t triggered as described above.
+ *
+ * Wildcards may appear in both directory and file components in the path, and
+ * wildcards may appear more than once.
+ *
+ * @param w Directory match structure containing callback and context.
+ * @param path Path prefix for search, with non native separators and no wildcards.
+ * @param fname The name of the file or directory, with non native separators and
+ * optional wildcards.
+ * @return NULL on success, or a string describing the error.
+ */
+AP_DECLARE(const char *)ap_dir_fnmatch(ap_dir_match_t *w, const char *path,
+ const char *fname) __attribute__((nonnull(1,3)));
+
+/**
+ * Determine if the final Transfer-Encoding is "chunked".
+ *
+ * @param p The pool to allocate from
+ * @param line the header field-value to scan
+ * @return 1 if the last Transfer-Encoding is "chunked", else 0
+ */
+AP_DECLARE(int) ap_is_chunked(apr_pool_t *p, const char *line);
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mod_auth.h b/include/mod_auth.h
index 9b9561e..639b97f 100644
--- a/include/mod_auth.h
+++ b/include/mod_auth.h
@@ -123,7 +123,7 @@ typedef struct {
} authz_provider;
/* ap_authn_cache_store: Optional function for authn providers
- * to enable cacheing their lookups with mod_authn_cache
+ * to enable caching their lookups with mod_authn_cache
* @param r The request rec
* @param module Module identifier
* @param user User name to authenticate
diff --git a/include/mpm_common.h b/include/mpm_common.h
index 1284a7a..539d640 100644
--- a/include/mpm_common.h
+++ b/include/mpm_common.h
@@ -452,6 +452,15 @@ AP_DECLARE_HOOK(void, suspend_connection,
AP_DECLARE_HOOK(void, resume_connection,
(conn_rec *c, request_rec *r))
+/**
+ * Notification that the child is stopping. If graceful, ongoing
+ * requests will be served.
+ * @param pchild The child pool
+ * @param graceful != 0 iff this is a graceful shutdown.
+ */
+AP_DECLARE_HOOK(void, child_stopping,
+ (apr_pool_t *pchild, int graceful))
+
/* mutex type string for accept mutex, if any; MPMs should use the
* same mutex type for ease of configuration
*/
diff --git a/include/scoreboard.h b/include/scoreboard.h
index 9376da2..0142aa9 100644
--- a/include/scoreboard.h
+++ b/include/scoreboard.h
@@ -66,7 +66,7 @@ extern "C" {
#define SERVER_IDLE_KILL 10 /* Server is cleaning up idle children. */
#define SERVER_NUM_STATUS 11 /* number of status settings */
-/* Type used for generation indicies. Startup and every restart cause a
+/* Type used for generation indices. Startup and every restart cause a
* new generation of children to be spawned. Children within the same
* generation share the same configuration information -- pointers to stuff
* created at config time in the parent are valid across children. However,
@@ -148,12 +148,14 @@ struct process_score {
apr_uint32_t lingering_close; /* async connections in lingering close */
apr_uint32_t keep_alive; /* async connections in keep alive */
apr_uint32_t suspended; /* connections suspended by some module */
- int bucket; /* Listener bucket used by this child */
+ int bucket; /* Listener bucket used by this child; this field is DEPRECATED
+ * and no longer updated by the MPMs (i.e. always zero).
+ */
};
/* Scoreboard is now in 'local' memory, since it isn't updated once created,
* even in forked architectures. Child created-processes (non-fork) will
- * set up these indicies into the (possibly relocated) shmem records.
+ * set up these indices into the (possibly relocated) shmem records.
*/
typedef struct {
global_score *global;
@@ -174,6 +176,7 @@ apr_status_t ap_cleanup_scoreboard(void *d);
*/
AP_DECLARE(int) ap_exists_scoreboard_image(void);
AP_DECLARE(void) ap_increment_counts(ap_sb_handle_t *sbh, request_rec *r);
+AP_DECLARE(void) ap_set_conn_count(ap_sb_handle_t *sb, request_rec *r, unsigned short conn_count);
AP_DECLARE(apr_status_t) ap_reopen_scoreboard(apr_pool_t *p, apr_shm_t **shm, int detached);
AP_DECLARE(void) ap_init_scoreboard(void *shared_score);
diff --git a/include/util_fcgi.h b/include/util_fcgi.h
index 849fdee..66af75a 100644
--- a/include/util_fcgi.h
+++ b/include/util_fcgi.h
@@ -16,7 +16,7 @@
/**
* @file util_fcgi.h
- * @brief FastCGI protocol defitions and support routines
+ * @brief FastCGI protocol definitions and support routines
*
* @defgroup APACHE_CORE_FASTCGI FastCGI Tools
* @ingroup APACHE_CORE
diff --git a/include/util_ldap.h b/include/util_ldap.h
index f7cd736..edb8a81 100644
--- a/include/util_ldap.h
+++ b/include/util_ldap.h
@@ -32,7 +32,6 @@
#if APR_MAJOR_VERSION < 2
/* The LDAP API is currently only present in APR 1.x */
#include "apr_ldap.h"
-#include "apr_ldap_rebind.h"
#else
#define APR_HAS_LDAP 0
#endif
@@ -135,7 +134,7 @@ typedef struct util_ldap_connection_t {
apr_pool_t *rebind_pool; /* frequently cleared pool for rebind data */
int must_rebind; /* The connection was last bound with other then binddn/bindpw */
request_rec *r; /* request_rec used to find this util_ldap_connection_t */
- apr_time_t last_backend_conn; /* the approximate time of the last backend LDAP requst */
+ apr_time_t last_backend_conn; /* the approximate time of the last backend LDAP request */
} util_ldap_connection_t;
typedef struct util_ldap_config_t {
diff --git a/include/util_script.h b/include/util_script.h
index 3566bd3..0557c7f 100644
--- a/include/util_script.h
+++ b/include/util_script.h
@@ -225,6 +225,8 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
*/
AP_DECLARE(void) ap_args_to_table(request_rec *r, apr_table_t **table);
+#define AP_TRUST_CGILIKE_CL_ENVVAR "ap_trust_cgilike_cl"
+
#ifdef __cplusplus
}
#endif
diff --git a/include/util_time.h b/include/util_time.h
index 2cd2833..9208218 100644
--- a/include/util_time.h
+++ b/include/util_time.h
@@ -47,6 +47,8 @@ extern "C" {
#define AP_CTIME_OPTION_USEC 0x1
/* Use more compact ISO 8601 format */
#define AP_CTIME_OPTION_COMPACT 0x2
+/* Add timezone offset from GMT ([+-]hhmm) */
+#define AP_CTIME_OPTION_GMTOFF 0x4
/**
@@ -95,7 +97,7 @@ AP_DECLARE(apr_status_t) ap_recent_ctime(char *date_str, apr_time_t t);
* @param option Additional formatting options (AP_CTIME_OPTION_*).
* @param len Pointer to an int containing the length of the provided buffer.
* On successful return it contains the number of bytes written to the
- * buffer.
+ * buffer (including trailing NUL byte).
* @return APR_SUCCESS iff successful, APR_ENOMEM if buffer was to short.
*/
AP_DECLARE(apr_status_t) ap_recent_ctime_ex(char *date_str, apr_time_t t,