diff options
Diffstat (limited to 'debian/perl-framework/t/conf')
| -rw-r--r-- | debian/perl-framework/t/conf/core.conf.in | 40 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/extra.conf.in | 251 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/http2.conf.in | 105 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/include.conf.in | 5 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/proxy.conf.in | 74 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/ssl/proxyssl.conf.in | 61 | ||||
| -rw-r--r-- | debian/perl-framework/t/conf/ssl/ssl.conf.in | 20 |
7 files changed, 404 insertions, 152 deletions
diff --git a/debian/perl-framework/t/conf/core.conf.in b/debian/perl-framework/t/conf/core.conf.in index 10e411f..c82f375 100644 --- a/debian/perl-framework/t/conf/core.conf.in +++ b/debian/perl-framework/t/conf/core.conf.in @@ -2,10 +2,11 @@ # will be converted to a set of NVH'es on the same dynamic port, so they # are collected here. +MaxMemFree 1 <VirtualHost strict-default:core> ServerName default-strict - <IfVersion >= 2.5.1> + <IfVersion >= 2.4.49> # StrictHostCheck can only be configure globally or in a "default" vhost StrictHostCheck ON </IfVersion> @@ -15,3 +16,40 @@ ServerAlias nvh-strict-alias # Implicitly StrictHostCheck ON from default VH above </VirtualHost> + +# MergeSlashes +<IfVersion >= 2.4.39> + <VirtualHost merge-default:core> + ServerName merge-default + <Directory @DocumentRoot@/authz_core/> + require all granted + </Directory> + <LocationMatch ^/authz_core/a/b/c/index.html> + require all denied + </LocationMatch> + </virtualHost> + <VirtualHost merge-disabled:core> + ServerName merge-disabled + MergeSlashes OFF + <Directory @DocumentRoot@/authz_core/> + require all granted + </Directory> + <LocationMatch ^/authz_core/a/b/c/index.html> + require all denied + </LocationMatch> + <LocationMatch ^/authz_core/a//b/c/index.html> + require all denied + </LocationMatch> + <Location /authz_core/a/b/d> + require all denied + </Location> + <ifModule rewrite_module> + <Location /CVE-2020-1927/> + RewriteEngine ON + RewriteCond %{REQUEST_URI} (.+)/$ + RewriteRule ^ %1 [L] + </Location> + </ifModule> + </virtualHost> +</IfVersion> + diff --git a/debian/perl-framework/t/conf/extra.conf.in b/debian/perl-framework/t/conf/extra.conf.in index abb699f..2719985 100644 --- a/debian/perl-framework/t/conf/extra.conf.in +++ b/debian/perl-framework/t/conf/extra.conf.in @@ -97,6 +97,7 @@ AddLanguage fr .fr AddLanguage de .de AddLanguage fu .fu + AddLanguage zh-TW .zh-TW AddHandler type-map .var </IfModule> @@ -111,22 +112,27 @@ <Directory @SERVERROOT@/htdocs/modules/negotiation/en> Options +MultiViews - LanguagePriority en fr de fu + LanguagePriority en fr de fu zh-TW </Directory> <Directory @SERVERROOT@/htdocs/modules/negotiation/de> Options +MultiViews - LanguagePriority de en fr fu + LanguagePriority de en fr fu zh-TW </Directory> <Directory @SERVERROOT@/htdocs/modules/negotiation/fr> Options +MultiViews - LanguagePriority fr en de fu + LanguagePriority fr en de fu zh-TW </Directory> <Directory @SERVERROOT@/htdocs/modules/negotiation/fu> Options +MultiViews - LanguagePriority fu fr en de + LanguagePriority fu fr en de zh-TW + </Directory> + + <Directory @SERVERROOT@/htdocs/modules/negotiation/zh-TW> + Options +MultiViews + LanguagePriority zh-TW fr fu en de </Directory> <IfDefine APACHE2> @@ -248,7 +254,7 @@ ### Proxy pass-through to env.pl RewriteRule ^/modules/rewrite/proxy2/(.*)$ http://@SERVERNAME@:@PORT@/modules/cgi/$1 [L,P] - + ### Pass-through conditional on QUERY_STRING RewriteCond %{QUERY_STRING} horse=trigger RewriteRule ^/modules/rewrite/proxy3/(.*)$ http://@SERVERNAME@:@PORT@/modules/cgi/$1 [L,P] @@ -256,6 +262,42 @@ ### Redirect, server context RewriteRule ^/modules/rewrite/redirect.html$ http://@SERVERNAME@:@PORT@/foobar.html [L,R=301] + RewriteRule ^/modules/rewrite/cookie/$ - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly] + RewriteRule ^/modules/rewrite/cookie/0 - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:0] + RewriteRule ^/modules/rewrite/cookie/false - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:false] + RewriteRule ^/modules/rewrite/cookie/lax - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:lax] + RewriteRule ^/modules/rewrite/cookie/none - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:none] + RewriteRule ^/modules/rewrite/cookie/foo - [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:foo] + + RewriteRule ^/modules/rewrite/escaping/local/(.*) /?$1 + RewriteRule ^/modules/rewrite/escaping/local_b/(.*) /?$1 [B] + RewriteRule ^/modules/rewrite/escaping/local_b_justslash/(.*) /?$1 [B=/] + + RewriteRule ^/modules/rewrite/escaping/qsd-like/(.*) /$1? [R] + RewriteRule ^/modules/rewrite/escaping/qsd-like-plus-qsa/(.*) /$1? [R,QSA] + RewriteRule ^/modules/rewrite/escaping/qsd-like-plus-qsa-qsl/(.*) /$1? [R,QSA,QSL] + + <IfVersion >= 2.4.57> + RewriteRule ^/modules/rewrite/escaping/local_bctls/(.*) /?$1 [BCTLS] + RewriteRule ^/modules/rewrite/escaping/local_bctls_andslash/(.*) /?$1 [B=/,BCTLS] + RewriteRule ^/modules/rewrite/escaping/local_bctls_nospace/(.*) /?$1 "[BCTLS,BNE= ?]" + RewriteRule ^/modules/rewrite/escaping/local_b_noslash/(.*) /?$1 [B,BNE=/] + </IfVersion> + RewriteRule ^/modules/rewrite/escaping/redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R] + RewriteRule ^/modules/rewrite/escaping/redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE] + RewriteRule ^/modules/rewrite/escaping/proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P] + RewriteRule ^/modules/rewrite/escaping/proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P,NE] + <LocationMatch ^/modules/rewrite/escaping/fixups/> + RewriteRule local/(.*) /?$1 + RewriteRule redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R] + RewriteRule redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE] + RewriteRule proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P] + RewriteRule proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P,NE] + </LocationMatch> + + <Location /modules/rewrite/escaping> + Header always set rewritten-query "expr=%{QUERY_STRING}" + </Location> <VirtualHost cve_2011_3368_rewrite> DocumentRoot @SERVERROOT@/htdocs/modules/proxy RewriteEngine On @@ -266,10 +308,10 @@ <IfVersion >= 2.4> <Location /modules/rewrite/pr60478-rewrite-loop> # This pair of RewriteRules will loop but should eventually 500 once we - # reach LimitRequestLine * 2 bytes. (In this case, 128 * 2 = 256.) + # reach LimitRequestLine * 2 bytes. (In this case, @limitrequestline@ * 2 = @limitrequestlinex2@.) RewriteRule ^(.*)X(.*)$ $1x$2 # Don't run the test machine out of memory on failure, just stop the loop - RewriteCond expr "util_strlen(%{REQUEST_FILENAME}) -lt 257" + RewriteCond expr "util_strlen(%{REQUEST_FILENAME}) -le @limitrequestlinex2@" RewriteRule X - [N] </Location> </IfVersion> @@ -283,6 +325,8 @@ ProxyPass /reverse/notproxy/ ! ProxyPass /reverse/ http://@SERVERNAME@:@PORT@/ ProxyPassReverse /reverse/ http://@SERVERNAME@:@PORT@/ + ProxyPassMatch ^/reverse-match/(.*)$ http://@SERVERNAME@:@PORT@/$1 + ProxyPassMatch ^/reverse-slash(/.*)?$ http://@SERVERNAME@:@PORT@$1 ProxyPassReverseCookieDomain local remote ProxyPassReverseCookiePath /local /remote <IfVersion >= 2.4.7> @@ -334,12 +378,7 @@ AddHandler cgi-script .sh AddHandler cgi-script .pl ScriptLog @SERVERROOT@/logs/mod_cgi.log - <IfModule mod_cgi.c> - ScriptLogLength 40960 - </IfModule> - <IfModule !mod_cgi.c> - ScriptLogLength 8192 - </IfModule> + ScriptLogLength 40960 ScriptLogBuffer 256 <Directory @SERVERROOT@/htdocs/modules/cgi> @@ -417,6 +456,24 @@ </IfDefine> </IfModule> + +<IfVersion >= 2.5.1> + <Location /redirect_relative/default> + Redirect /out-default + </Location> + <Location /redirect_relative/on> + RedirectRelative ON + Redirect /out-on + </Location> + <Location /redirect_relative/off> + RedirectRelative OFF + Redirect /out-off + </Location> + <Location /redirect_relative/off/fail> + Redirect fail-to-construct-url + </Location> +</IfVersion> + Alias /manual @inherit_documentroot@/manual <Location /manual> Order deny,allow @@ -465,6 +522,14 @@ Alias /manual @inherit_documentroot@/manual <IfModule mod_dir.c> <Directory @SERVERROOT@/htdocs/modules/dir/htaccess> + DirectorySlash OFF + </Directory> + <IfVersion >= 2.5.1> + <Directory @SERVERROOT@/htdocs/modules/dir/htaccess/sub> + DirectorySlash NotFound + </Directory> + </IfVersion> + <Directory @SERVERROOT@/htdocs/modules/dir/htaccess> AllowOverride Indexes </Directory> </IfModule> @@ -506,7 +571,9 @@ Alias /manual @inherit_documentroot@/manual ## <IfModule mod_dav.c> - DAVLockDB @SERVERROOT@/logs/davlock.db + <IfVersion < 2.5.1> + DAVLockDB @SERVERROOT@/logs/davlock.db + </IfVersion> <Directory @SERVERROOT@/htdocs/modules/dav> DAV On @@ -532,7 +599,7 @@ Alias /manual @inherit_documentroot@/manual ## LimitRequest* directive testing ## -LimitRequestLine 128 +LimitRequestLine @limitrequestline@ LimitRequestFieldSize 1024 LimitRequestFields 32 <Directory @SERVERROOT@/htdocs/apache/limits> @@ -739,6 +806,46 @@ LimitRequestFields 32 </IfModule> </IfDefine> +## +## Configuration for t/modules/ldap.t. +## +<IfDefine LDAP> + Alias /modules/ldap/simple @DocumentRoot@ + Alias /modules/ldap/group @DocumentRoot@ + Alias /modules/ldap/refer @DocumentRoot@ + + # Simple user lookup + <Location /modules/ldap/simple> + AuthLDAPURL "ldap://localhost:8389/dc=example,dc=com?uid" + AuthLDAPBindDN "cn=httpd,dc=example,dc=com" + AuthLDAPBindPassword mod_authnz_ldap + AuthType Basic + AuthName ldap-simple@httpd.apache.org + AuthBasicProvider ldap + Require valid-user + </Location> + # Static group configuration + <Location /modules/ldap/group> + AuthLDAPURL "ldap://localhost:8389/dc=example,dc=com?uid" + AuthLDAPBindDN "cn=httpd,dc=example,dc=com" + AuthLDAPBindPassword mod_authnz_ldap + AuthType Basic + AuthName ldap-group@httpd.apache.org + AuthBasicProvider ldap + Require ldap-group cn=Group One,dc=example,dc=com + </Location> + # Referral configuration -- the second user is only found if + # httpd follows the referral. + <Location /modules/ldap/refer> + AuthLDAPURL "ldap://localhost:8389/dc=example,dc=com?uid" + AuthLDAPBindDN "cn=httpd,dc=example,dc=com" + AuthLDAPBindPassword mod_authnz_ldap + AuthType Basic + AuthName ldap-refer@httpd.apache.org + AuthBasicProvider ldap + Require ldap-group cn=Subgroup,ou=dept,dc=example,dc=com + </Location> +</IfDefine> ## ## ErrorDocument handling @@ -828,16 +935,27 @@ LimitRequestFields 32 <Directory @SERVERROOT@/htdocs/modules/filter/bytype> <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE application/xml + AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css </IfModule> <IfModule mod_case_filter.c> AddOutputFilterByType CASEFILTER application/xml + AddOutputFilterByType CASEFILTER text/xml AddOutputFilterByType CASEFILTER text/plain </IfModule> </Directory> </IfModule> ## +## mod_dumpio configuration +## +<IfModule mod_dumpio.c> + DumpIOInput on + DumpIOOutput on + LogLevel dumpio:trace7 +</IfModule> + +## ## LogLevel configuration ## <IfDefine APACHE2> @@ -1061,6 +1179,14 @@ LimitRequestFields 32 LuaHookTranslateName @SERVERROOT@/htdocs/modules/lua/translate.lua translate_name2 # default: LuaInherit parent-first </Location> + + # Filtering tests + LuaOutputFilter LUA_OUTPUT @SERVERROOT@/htdocs/modules/lua/filters.lua output_filter + Alias /modules/lua/filtered @DocumentRoot@ + <Location /modules/lua/filtered/> + SetOutputFilter LUA_OUTPUT + </Location> + </IfModule> # @@ -1255,9 +1381,22 @@ LimitRequestFields 32 <Directory @SERVERROOT@/htdocs/modules/allowmethods> Options +Indexes </Directory> + <IfVersion >= 2.5.1> + <Directory @SERVERROOT@/htdocs/modules/allowmethods/NoPost> + AllowMethods -POST + </Directory> + </IfVersion> <Directory @SERVERROOT@/htdocs/modules/allowmethods/Get> AllowMethods GET </Directory> + <IfVersion >= 2.5.1> + <Directory @SERVERROOT@/htdocs/modules/allowmethods/Get/post> + AllowMethods +POST + </Directory> + <Directory @SERVERROOT@/htdocs/modules/allowmethods/Get/none> + AllowMethods -GET + </Directory> + </IfVersion> <Directory @SERVERROOT@/htdocs/modules/allowmethods/Head> AllowMethods HEAD </Directory> @@ -1318,3 +1457,85 @@ LimitRequestFields 32 CheckCaseOnly on </Directory> </IfModule> + +<IfModule mod_actions.c> + ScriptAlias /cgi_mod_actions @SERVERROOT@/htdocs/modules/cgi + <Location /mod_actions> + SetHandler my-handler + Action my-handler "/cgi_mod_actions/perl_echo.pl" virtual + </Location> + + <Directory @SERVERROOT@/htdocs/modules/actions/action> + AddHandler my-file-type1 .xyz1 + Action my-file-type1 "/cgi_mod_actions/perl_echo.pl" + AddHandler my-file-type2 .xyz2 + Action my-file-type2 "/cgi_mod_actions/perl_echo.pl" virtual + </Directory> + + <Directory @SERVERROOT@/htdocs/modules/actions/script> + Script GET "/cgi_mod_actions/perl_echo.pl" + Script POST "/cgi_mod_actions/perl_post.pl" + </Directory> +</IfModule> + +<IfModule mod_heartbeat.c> + <IfModule mod_heartmonitor.c> + HeartbeatListen 239.0.0.1:27999 + HeartbeatAddress 239.0.0.1:27999 + </IfModule> +</IfModule> + +# +# t/modules/sed.t test config +# +<IfModule mod_sed.c> + AliasMatch /apache/sed/[^/]+/(.*) @DocumentRoot@/$1 + + <Location /apache/sed-echo> + SetHandler echo_post + SetInputFilter sed + </Location> + + <Location /apache/sed/> + AddOutputFilter sed .html + </Location> + + <Location /apache/sed/out-foo> + OutputSed "s/foo/bar/g" + </Location> + <Location /apache/sed-echo/input> + InputSed "s/foo/bar/g" + </Location> + <Location /apache/sed-echo/out-foo-grow> + SetOutputFilter sed + OutputSed "s/foo/barbarbarbar/g" + </Location> +</IfModule> + +# +# t/apache/pr64339.t test configuration +# +<IfModule mod_xml2enc.c> + <IfModule mod_proxy_html.c> + <IfModule mod_proxy.c> + Alias /modules/xml2enc/back @SERVERROOT@/htdocs/modules/xml2enc + Alias /modules/xml2enc/back/iso @SERVERROOT@/htdocs/modules/xml2enc + <Location /modules/xml2enc/back> + AddType application/foo+xml fooxml + AddType application/notreallyxml notxml + AddType application/xml xml + AddType text/html isohtml + AddCharset ISO-8859-1 .isohtml + AddCharset UTF-8 .xml + AddCharset UTF-8 .fooxml + </Location> + <Location /modules/xml2enc/front> + ProxyHTMLEnable on + # mod_proxy_html needs some configuration. + ProxyHTMLURLMap / /blah + ProxyHTMLLinks a href + ProxyPass http://@SERVERNAME@:@PORT@/modules/xml2enc/back + </Location> + </IfModule> + </IfModule> +</IfModule> diff --git a/debian/perl-framework/t/conf/http2.conf.in b/debian/perl-framework/t/conf/http2.conf.in deleted file mode 100644 index 2e6ca67..0000000 --- a/debian/perl-framework/t/conf/http2.conf.in +++ /dev/null @@ -1,105 +0,0 @@ -## -## mod_http2 test config -## - -<IfDefine APACHE2> - <IfModule http2_module> - - LogLevel http2:debug - - <VirtualHost h2c> - Protocols h2c http/1.1 - - <IfModule @CGI_MODULE@> - <Directory @SERVERROOT@/htdocs/modules/h2> - Options +ExecCGI - AddHandler cgi-script .pl - - </Directory> - </IfModule> - - <Location /modules/h2/hello.pl> - </Location> - <IfModule mod_rewrite.c> - RewriteEngine on - RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] - </IfModule> - - </VirtualHost> - - <IfModule @ssl_module@> - - <VirtualHost @SERVERNAME@:h2> - Protocols h2 http/1.1 - H2Direct on - - SSLEngine on - SSLCACertificateFile @SSLCA@/asf/certs/ca.crt - SSLCACertificatePath @ServerRoot@/conf/ssl - SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl - SSLCARevocationCheck chain - - # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations - # - SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK - SSLProtocol All -SSLv2 -SSLv3 - SSLOptions +StdEnvVars - - <IfVersion >= 2.4.18> - # need this off as long as we ran on old openssl - H2ModernTLSOnly off - </IfVersion> - - <IfModule @CGI_MODULE@> - <Directory @SERVERROOT@/htdocs/modules/h2> - Options +ExecCGI - AddHandler cgi-script .pl - </Directory> - </IfModule> - - <Location /modules/h2/hello.pl> - </Location> - <IfModule mod_rewrite.c> - RewriteEngine on - RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] - </IfModule> - - </VirtualHost> - - <VirtualHost noh2.example.org:h2> - Protocols http/1.1 - H2Direct off - </VirtualHost> - - <VirtualHost test.example.org:h2> - Protocols h2 http/1.1 - H2Direct on - - SSLEngine on - SSLCACertificateFile @SSLCA@/asf/certs/ca.crt - SSLCACertificatePath @ServerRoot@/conf/ssl - SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl - SSLCARevocationCheck chain - - # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations - # - SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK - SSLProtocol All -SSLv2 -SSLv3 - SSLOptions +StdEnvVars - - </VirtualHost> - - <VirtualHost test2.example.org:h2> - Protocols http/1.1 h2 - H2Direct on - </VirtualHost> - - <VirtualHost test-ser.example.org:h2> - </VirtualHost> - - </ifModule> - - </IfModule> - -</IfDefine> - diff --git a/debian/perl-framework/t/conf/include.conf.in b/debian/perl-framework/t/conf/include.conf.in index 7e686b9..349f565 100644 --- a/debian/perl-framework/t/conf/include.conf.in +++ b/debian/perl-framework/t/conf/include.conf.in @@ -46,6 +46,11 @@ Options Includes </Directory> + <Directory @SERVERROOT@/htdocs/modules/include/mod_request> + Options Includes + KeptBodySize 32 + </Directory> + <IfDefine APACHE2> <IfModule mod_bucketeer.c> <Directory @SERVERROOT@/htdocs/modules/include/bucketeer> diff --git a/debian/perl-framework/t/conf/proxy.conf.in b/debian/perl-framework/t/conf/proxy.conf.in index 5f740cd..a199ca8 100644 --- a/debian/perl-framework/t/conf/proxy.conf.in +++ b/debian/perl-framework/t/conf/proxy.conf.in @@ -6,6 +6,11 @@ ProxyRequests On </VirtualHost> + <IfVersion >= 2.4.49> + # Test the mapping. + ProxyPass /mapping http://@SERVERNAME@:@PORT@/servlet mapping=servlet + </IfVersion> + </IfModule> <IfModule mod_proxy_hcheck.c> @@ -24,51 +29,51 @@ </VirtualHost> <VirtualHost proxy_http_balancer> + + <IfModule mod_lbmethod_byrequests.c> <Proxy balancer://foo1> BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL1_PORT@ loadfactor=1 BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL2_PORT@ loadfactor=1 </Proxy> + ProxySet balancer://foo1 lbmethod=byrequests + <Location /baltest1> + ProxyPass balancer://foo1/ + </Location> + </IfModule> + <IfModule mod_lbmethod_bytraffic.c> <Proxy balancer://foo2> BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL1_PORT@ loadfactor=1 BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL2_PORT@ loadfactor=1 </Proxy> + ProxySet balancer://foo2 lbmethod=bytraffic + <Location /baltest2> + ProxyPass balancer://foo2/ + </Location> + </IfModule> + <IfModule mod_lbmethod_bybusyness.c> <Proxy balancer://foo3> BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL1_PORT@ loadfactor=1 BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL2_PORT@ loadfactor=1 </Proxy> + ProxySet balancer://foo3 lbmethod=bybusyness + <Location /baltest3> + ProxyPass balancer://foo3/ + </Location> + </IfModule> + <IfModule mod_lbmethod_heartbeat.c> <Proxy balancer://foo4> BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL1_PORT@ loadfactor=1 BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL2_PORT@ loadfactor=1 </Proxy> - - ProxySet balancer://foo1 lbmethod=byrequests - ProxySet balancer://foo2 lbmethod=bytraffic - ProxySet balancer://foo3 lbmethod=bybusyness - <IfVersion >= 2.3.0> - ProxySet balancer://foo4 lbmethod=heartbeat - </IfVersion> - - <Location /baltest1> - ProxyPass balancer://foo1/ - </Location> - - <Location /baltest2> - ProxyPass balancer://foo2/ - </Location> - - <Location /baltest3> - ProxyPass balancer://foo3/ + ProxySet balancer://foo4 lbmethod=heartbeat + <Location /baltest4> + # TODO heartbeat needs additional configuration to have it work + ProxyPass balancer://foo4/ </Location> - - <IfVersion >= 2.3.0> - <Location /baltest4> - # TODO heartbeat needs additional configuration to have it work - ProxyPass balancer://foo4/ - </Location> - </IfVersion> + </IfModule> ## PR 45434 tests <Proxy balancer://pr45434> @@ -78,6 +83,22 @@ ProxyPass /pr45434 balancer://pr45434/alias ProxyPassReverse /pr45434 balancer://pr45434/alias + <Proxy balancer://failover> + BalancerMember http://@SERVERNAME@:@NextAvailablePort@ loadfactor=1 retry=1ms + BalancerMember http://@SERVERNAME@:@PROXY_HTTP_BAL1_PORT@ loadfactor=1 status=H + </Proxy> + ProxyPassMatch ^/baltest_echo_post balancer://failover/echo_post + + ## Test "dynamic balancer + <Proxy balancer://dynproxy> + ProxySet growth=10 + </Proxy> + <Location /balancer-manager> + SetHandler balancer-manager + Allow from all + </Location> + ProxyPass /dynproxy balancer://dynproxy/ + </VirtualHost> </IfModule> @@ -161,6 +182,9 @@ </VirtualHost> + + ProxyPass /proxy/wsoc ws://@SERVERNAME@:@PORT@/modules/lua/websockets.lua + </IfModule> <IfModule mod_rewrite.c> diff --git a/debian/perl-framework/t/conf/ssl/proxyssl.conf.in b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in index dc18fdf..161385b 100644 --- a/debian/perl-framework/t/conf/ssl/proxyssl.conf.in +++ b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in @@ -51,6 +51,66 @@ ProxyPass / https://@proxyssl_url@/ ProxyPassReverse / https://@proxyssl_url@/ + + ProxyPass /proxy/wsoc wss://localhost:@proxy_https_https_port@/modules/lua/websockets.lua + </VirtualHost> + + #here we can test http <-> https using SSLProxyMachine* inside <Proxy> + <VirtualHost proxy_http_https_proxy_section> + #these are not on by default in the 1.x based mod_ssl + <IfDefine APACHE2> + SSLProxyEngine On + + SSLProxyProtocol All + SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyCACertificatePath @ServerRoot@/conf/ssl + SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl + <IfVersion >= 2.3.15> + SSLProxyCARevocationCheck chain + </IfVersion> + SSLProxyVerify on + SSLProxyVerifyDepth 10 + </IfDefine> + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + <IfDefine APACHE2> + <Proxy https://@proxyssl_url@> + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + </Proxy> + </IfDefine> + </VirtualHost> + + + #here we can test https <-> https using SSLProxyMachine* inside <Proxy> + <VirtualHost proxy_https_https_proxy_section> + SSLEngine on + + #these are not on by default in the 1.x based mod_ssl + <IfDefine APACHE2> + SSLProxyEngine On + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyVerify on + SSLProxyCARevocationPath @SSLCA@/asf/crl + <IfVersion >= 2.3.15> + SSLProxyCARevocationCheck chain + </IfVersion> + </IfDefine> + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + <IfDefine APACHE2> + <Proxy https://@proxyssl_url@> + # ensure that client_ok.pem is picked first: + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + </Proxy> + </IfDefine> </VirtualHost> #here we can test https <-> http @@ -60,7 +120,6 @@ ProxyPass / http://@servername@:@port@/ ProxyPassReverse / http://@servername@:@port@/ </VirtualHost> - </IfModule> </IfModule> diff --git a/debian/perl-framework/t/conf/ssl/ssl.conf.in b/debian/perl-framework/t/conf/ssl/ssl.conf.in index f796b34..6fadf33 100644 --- a/debian/perl-framework/t/conf/ssl/ssl.conf.in +++ b/debian/perl-framework/t/conf/ssl/ssl.conf.in @@ -5,11 +5,12 @@ AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl - SSLSessionCache none - #XXX: would be nice to test these - #SSLSessionCache shm:@ServerRoot@/logs/ssl_scache(512000) - #SSLSessionCache dbm:@ServerRoot@/logs/ssl_scache - #SSLSessionCacheTimeout 300 + <IfDefine TEST_SSL_SESSCACHE> + SSLSessionCache ${SSL_SESSCACHE} + </IfDefine> + <IfDefine !TEST_SSL_SESSCACHE> + SSLSessionCache none + </IfDefine> <IfVersion < 2.3.4> #SSLMutex file:@ServerRoot@/logs/ssl_mutex @@ -87,6 +88,15 @@ SSLVerifyDepth 10 </Location> + # t/ssl/pha.t + <Location /require/small> + SSLVerifyClient require + SSLVerifyDepth 10 + + SSLRenegBufferSize 10 + </Location> + Alias /require/small @DocumentRoot@/modules/cgi + #t/ssl/require.t Alias /require/asf @DocumentRoot@ Alias /require/snakeoil @DocumentRoot@ |