summaryrefslogtreecommitdiffstats
path: root/server/core.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:30 +0000
commit6beeb1b708550be0d4a53b272283e17e5e35fe17 (patch)
tree1ce8673d4aaa948e5554000101f46536a1e4cc29 /server/core.c
parentInitial commit. (diff)
downloadapache2-6beeb1b708550be0d4a53b272283e17e5e35fe17.tar.xz
apache2-6beeb1b708550be0d4a53b272283e17e5e35fe17.zip
Adding upstream version 2.4.57.upstream/2.4.57
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'server/core.c')
-rw-r--r--server/core.c5675
1 files changed, 5675 insertions, 0 deletions
diff --git a/server/core.c b/server/core.c
new file mode 100644
index 0000000..e1493fd
--- /dev/null
+++ b/server/core.c
@@ -0,0 +1,5675 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "apr.h"
+#include "apr_strings.h"
+#include "apr_lib.h"
+#include "apr_fnmatch.h"
+#include "apr_hash.h"
+#include "apr_thread_proc.h" /* for RLIMIT stuff */
+#include "apr_random.h"
+
+#include "apr_version.h"
+#if APR_MAJOR_VERSION < 2
+#include "apu_version.h"
+#endif
+
+#define APR_WANT_IOVEC
+#define APR_WANT_STRFUNC
+#define APR_WANT_MEMFUNC
+#include "apr_want.h"
+
+#include "ap_config.h"
+#include "httpd.h"
+#include "http_config.h"
+#include "http_core.h"
+#include "http_protocol.h" /* For index_of_response(). Grump. */
+#include "http_request.h"
+#include "http_ssl.h"
+#include "http_vhost.h"
+#include "http_main.h" /* For the default_handler below... */
+#include "http_log.h"
+#include "util_md5.h"
+#include "http_connection.h"
+#include "apr_buckets.h"
+#include "util_filter.h"
+#include "util_ebcdic.h"
+#include "util_mutex.h"
+#include "util_time.h"
+#include "mpm_common.h"
+#include "scoreboard.h"
+#include "mod_core.h"
+#include "mod_proxy.h"
+#include "ap_listen.h"
+#include "ap_regex.h"
+
+#include "mod_so.h" /* for ap_find_loaded_module_symbol */
+
+#if defined(RLIMIT_CPU) || defined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined(RLIMIT_AS) || defined (RLIMIT_NPROC)
+#include "unixd.h"
+#endif
+#if APR_HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+/* LimitRequestBody handling */
+#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
+#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */
+
+/* LimitXMLRequestBody handling */
+#define AP_LIMIT_UNSET ((long) -1)
+#define AP_DEFAULT_LIMIT_XML_BODY ((apr_size_t)1000000)
+/* Hard limit for ap_escape_html2() */
+#define AP_MAX_LIMIT_XML_BODY ((apr_size_t)(APR_SIZE_MAX / 6 - 1))
+
+#define AP_MIN_SENDFILE_BYTES (256)
+
+/* maximum include nesting level */
+#ifndef AP_MAX_INCLUDE_DEPTH
+#define AP_MAX_INCLUDE_DEPTH (128)
+#endif
+
+/* valid in core-conf, but not in runtime r->used_path_info */
+#define AP_ACCEPT_PATHINFO_UNSET 3
+
+#define AP_CONTENT_MD5_OFF 0
+#define AP_CONTENT_MD5_ON 1
+#define AP_CONTENT_MD5_UNSET 2
+
+#define AP_FLUSH_MAX_THRESHOLD 65535
+#define AP_FLUSH_MAX_PIPELINED 4
+
+APR_HOOK_STRUCT(
+ APR_HOOK_LINK(get_mgmt_items)
+ APR_HOOK_LINK(insert_network_bucket)
+)
+
+AP_IMPLEMENT_HOOK_RUN_ALL(int, get_mgmt_items,
+ (apr_pool_t *p, const char *val, apr_hash_t *ht),
+ (p, val, ht), OK, DECLINED)
+
+AP_IMPLEMENT_HOOK_RUN_FIRST(apr_status_t, insert_network_bucket,
+ (conn_rec *c, apr_bucket_brigade *bb,
+ apr_socket_t *socket),
+ (c, bb, socket), AP_DECLINED)
+
+/* Server core module... This module provides support for really basic
+ * server operations, including options and commands which control the
+ * operation of other modules. Consider this the bureaucracy module.
+ *
+ * The core module also defines handlers, etc., to handle just enough
+ * to allow a server with the core module ONLY to actually serve documents.
+ *
+ * This file could almost be mod_core.c, except for the stuff which affects
+ * the http_conf_globals.
+ */
+
+/* we know core's module_index is 0 */
+#undef APLOG_MODULE_INDEX
+#define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
+
+/* Handles for core filters */
+AP_DECLARE_DATA ap_filter_rec_t *ap_subreq_core_filter_handle;
+AP_DECLARE_DATA ap_filter_rec_t *ap_core_output_filter_handle;
+AP_DECLARE_DATA ap_filter_rec_t *ap_content_length_filter_handle;
+AP_DECLARE_DATA ap_filter_rec_t *ap_core_input_filter_handle;
+
+/* Provide ap_document_root_check storage and default value = true */
+AP_DECLARE_DATA int ap_document_root_check = 1;
+
+/* magic pointer for ErrorDocument xxx "default" */
+static char errordocument_default;
+
+/* Global state allocated out of pconf: variables here MUST be
+ * cleared/reset in reset_config(), a pconf cleanup, to avoid the
+ * variable getting reused after the pool is cleared. */
+static apr_array_header_t *saved_server_config_defines = NULL;
+static apr_table_t *server_config_defined_vars = NULL;
+AP_DECLARE_DATA const char *ap_runtime_dir = NULL;
+
+AP_DECLARE_DATA int ap_main_state = AP_SQ_MS_INITIAL_STARTUP;
+AP_DECLARE_DATA int ap_run_mode = AP_SQ_RM_UNKNOWN;
+AP_DECLARE_DATA int ap_config_generation = 0;
+
+static void *create_core_dir_config(apr_pool_t *a, char *dir)
+{
+ core_dir_config *conf;
+
+ conf = (core_dir_config *)apr_pcalloc(a, sizeof(core_dir_config));
+
+ /* conf->r and conf->d[_*] are initialized by dirsection() or left NULL */
+
+ conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_SYM_LINKS;
+ conf->opts_add = conf->opts_remove = OPT_NONE;
+ conf->override = OR_UNSET|OR_NONE;
+ conf->override_opts = OPT_UNSET | OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
+
+ conf->content_md5 = AP_CONTENT_MD5_UNSET;
+ conf->accept_path_info = AP_ACCEPT_PATHINFO_UNSET;
+
+ conf->use_canonical_name = USE_CANONICAL_NAME_UNSET;
+ conf->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_UNSET;
+
+ conf->hostname_lookups = HOSTNAME_LOOKUP_UNSET;
+
+ /*
+ * left as NULL (we use apr_pcalloc):
+ * conf->limit_cpu = NULL;
+ * conf->limit_mem = NULL;
+ * conf->limit_nproc = NULL;
+ * conf->sec_file = NULL;
+ * conf->sec_if = NULL;
+ */
+
+ conf->limit_req_body = AP_LIMIT_REQ_BODY_UNSET;
+ conf->limit_xml_body = AP_LIMIT_UNSET;
+
+ conf->server_signature = srv_sig_unset;
+
+ conf->add_default_charset = ADD_DEFAULT_CHARSET_UNSET;
+ conf->add_default_charset_name = DEFAULT_ADD_DEFAULT_CHARSET_NAME;
+
+ /* Overriding all negotiation
+ * Set NULL by apr_pcalloc:
+ * conf->mime_type = NULL;
+ * conf->handler = NULL;
+ * conf->output_filters = NULL;
+ * conf->input_filters = NULL;
+ */
+
+ /*
+ * Flag for use of inodes in ETags.
+ */
+ conf->etag_bits = ETAG_UNSET;
+ conf->etag_add = ETAG_UNSET;
+ conf->etag_remove = ETAG_UNSET;
+
+ conf->enable_mmap = ENABLE_MMAP_UNSET;
+ conf->enable_sendfile = ENABLE_SENDFILE_UNSET;
+ conf->allow_encoded_slashes = 0;
+ conf->decode_encoded_slashes = 0;
+
+ conf->max_ranges = AP_MAXRANGES_UNSET;
+ conf->max_overlaps = AP_MAXRANGES_UNSET;
+ conf->max_reversals = AP_MAXRANGES_UNSET;
+
+ conf->cgi_pass_auth = AP_CGI_PASS_AUTH_UNSET;
+ conf->qualify_redirect_url = AP_CORE_CONFIG_UNSET;
+
+ return (void *)conf;
+}
+
+static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
+{
+ core_dir_config *base = (core_dir_config *)basev;
+ core_dir_config *new = (core_dir_config *)newv;
+ core_dir_config *conf;
+
+ /* Create this conf by duplicating the base, replacing elements
+ * (or creating copies for merging) where new-> values exist.
+ */
+ conf = (core_dir_config *)apr_pmemdup(a, base, sizeof(core_dir_config));
+
+ conf->d = new->d;
+ conf->d_is_fnmatch = new->d_is_fnmatch;
+ conf->d_components = new->d_components;
+ conf->r = new->r;
+ conf->refs = new->refs;
+ conf->condition = new->condition;
+
+ if (new->opts & OPT_UNSET) {
+ /* there was no explicit setting of new->opts, so we merge
+ * preserve the invariant (opts_add & opts_remove) == 0
+ */
+ conf->opts_add = (conf->opts_add & ~new->opts_remove) | new->opts_add;
+ conf->opts_remove = (conf->opts_remove & ~new->opts_add)
+ | new->opts_remove;
+ conf->opts = (conf->opts & ~conf->opts_remove) | conf->opts_add;
+
+ /* If Includes was enabled with exec in the base config, but
+ * was enabled without exec in the new config, then disable
+ * exec in the merged set. */
+ if (((base->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC))
+ == (OPT_INCLUDES|OPT_INC_WITH_EXEC))
+ && ((new->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC))
+ == OPT_INCLUDES)) {
+ conf->opts &= ~OPT_INC_WITH_EXEC;
+ }
+ }
+ else {
+ /* otherwise we just copy, because an explicit opts setting
+ * overrides all earlier +/- modifiers
+ */
+ conf->opts = new->opts;
+ conf->opts_add = new->opts_add;
+ conf->opts_remove = new->opts_remove;
+ }
+
+ if (!(new->override & OR_UNSET)) {
+ conf->override = new->override;
+ }
+
+ if (!(new->override_opts & OPT_UNSET)) {
+ conf->override_opts = new->override_opts;
+ }
+
+ if (new->override_list != NULL) {
+ conf->override_list = new->override_list;
+ }
+
+ if (conf->response_code_exprs == NULL) {
+ conf->response_code_exprs = new->response_code_exprs;
+ }
+ else if (new->response_code_exprs != NULL) {
+ conf->response_code_exprs = apr_hash_overlay(a,
+ new->response_code_exprs, conf->response_code_exprs);
+ }
+ /* Otherwise we simply use the base->response_code_exprs array
+ */
+
+ if (new->hostname_lookups != HOSTNAME_LOOKUP_UNSET) {
+ conf->hostname_lookups = new->hostname_lookups;
+ }
+
+ if (new->content_md5 != AP_CONTENT_MD5_UNSET) {
+ conf->content_md5 = new->content_md5;
+ }
+
+ if (new->accept_path_info != AP_ACCEPT_PATHINFO_UNSET) {
+ conf->accept_path_info = new->accept_path_info;
+ }
+
+ if (new->use_canonical_name != USE_CANONICAL_NAME_UNSET) {
+ conf->use_canonical_name = new->use_canonical_name;
+ }
+
+ if (new->use_canonical_phys_port != USE_CANONICAL_PHYS_PORT_UNSET) {
+ conf->use_canonical_phys_port = new->use_canonical_phys_port;
+ }
+
+#ifdef RLIMIT_CPU
+ if (new->limit_cpu) {
+ conf->limit_cpu = new->limit_cpu;
+ }
+#endif
+
+#if defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_AS)
+ if (new->limit_mem) {
+ conf->limit_mem = new->limit_mem;
+ }
+#endif
+
+#ifdef RLIMIT_NPROC
+ if (new->limit_nproc) {
+ conf->limit_nproc = new->limit_nproc;
+ }
+#endif
+
+ if (new->limit_req_body != AP_LIMIT_REQ_BODY_UNSET) {
+ conf->limit_req_body = new->limit_req_body;
+ }
+
+ if (new->limit_xml_body != AP_LIMIT_UNSET)
+ conf->limit_xml_body = new->limit_xml_body;
+
+ if (!conf->sec_file) {
+ conf->sec_file = new->sec_file;
+ }
+ else if (new->sec_file) {
+ /* If we merge, the merge-result must have its own array
+ */
+ conf->sec_file = apr_array_append(a, base->sec_file, new->sec_file);
+ }
+ /* Otherwise we simply use the base->sec_file array
+ */
+
+ if (!conf->sec_if) {
+ conf->sec_if = new->sec_if;
+ }
+ else if (new->sec_if) {
+ /* If we merge, the merge-result must have its own array
+ */
+ conf->sec_if = apr_array_append(a, base->sec_if, new->sec_if);
+ }
+ /* Otherwise we simply use the base->sec_if array
+ */
+
+ if (new->server_signature != srv_sig_unset) {
+ conf->server_signature = new->server_signature;
+ }
+
+ if (new->add_default_charset != ADD_DEFAULT_CHARSET_UNSET) {
+ conf->add_default_charset = new->add_default_charset;
+ conf->add_default_charset_name = new->add_default_charset_name;
+ }
+
+ /* Overriding all negotiation
+ */
+ if (new->mime_type) {
+ conf->mime_type = new->mime_type;
+ }
+
+ if (new->handler) {
+ conf->handler = new->handler;
+ }
+ if (new->expr_handler) {
+ conf->expr_handler = new->expr_handler;
+ }
+
+ if (new->output_filters) {
+ conf->output_filters = new->output_filters;
+ }
+
+ if (new->input_filters) {
+ conf->input_filters = new->input_filters;
+ }
+
+ /*
+ * Now merge the setting of the FileETag directive.
+ */
+ if (new->etag_bits == ETAG_UNSET) {
+ conf->etag_add =
+ (conf->etag_add & (~ new->etag_remove)) | new->etag_add;
+ conf->etag_remove =
+ (conf->etag_remove & (~ new->etag_add)) | new->etag_remove;
+ conf->etag_bits =
+ (conf->etag_bits & (~ conf->etag_remove)) | conf->etag_add;
+ }
+ else {
+ conf->etag_bits = new->etag_bits;
+ conf->etag_add = new->etag_add;
+ conf->etag_remove = new->etag_remove;
+ }
+
+ if (conf->etag_bits != ETAG_NONE) {
+ conf->etag_bits &= (~ ETAG_NONE);
+ }
+
+ if (new->enable_mmap != ENABLE_MMAP_UNSET) {
+ conf->enable_mmap = new->enable_mmap;
+ }
+
+ if (new->enable_sendfile != ENABLE_SENDFILE_UNSET) {
+ conf->enable_sendfile = new->enable_sendfile;
+ }
+
+ if (new->read_buf_size) {
+ conf->read_buf_size = new->read_buf_size;
+ }
+ else {
+ conf->read_buf_size = base->read_buf_size;
+ }
+
+ conf->allow_encoded_slashes = new->allow_encoded_slashes;
+ conf->decode_encoded_slashes = new->decode_encoded_slashes;
+
+ if (new->log) {
+ if (!conf->log) {
+ conf->log = new->log;
+ }
+ else {
+ conf->log = ap_new_log_config(a, new->log);
+ ap_merge_log_config(base->log, conf->log);
+ }
+ }
+
+ conf->max_ranges = new->max_ranges != AP_MAXRANGES_UNSET ? new->max_ranges : base->max_ranges;
+ conf->max_overlaps = new->max_overlaps != AP_MAXRANGES_UNSET ? new->max_overlaps : base->max_overlaps;
+ conf->max_reversals = new->max_reversals != AP_MAXRANGES_UNSET ? new->max_reversals : base->max_reversals;
+
+ conf->cgi_pass_auth = new->cgi_pass_auth != AP_CGI_PASS_AUTH_UNSET ? new->cgi_pass_auth : base->cgi_pass_auth;
+
+ if (new->cgi_var_rules) {
+ if (!conf->cgi_var_rules) {
+ conf->cgi_var_rules = new->cgi_var_rules;
+ }
+ else {
+ conf->cgi_var_rules = apr_hash_overlay(a, new->cgi_var_rules, conf->cgi_var_rules);
+ }
+ }
+
+ AP_CORE_MERGE_FLAG(qualify_redirect_url, conf, base, new);
+
+ return (void*)conf;
+}
+
+#if APR_HAS_SO_ACCEPTFILTER
+#ifndef ACCEPT_FILTER_NAME
+#define ACCEPT_FILTER_NAME "httpready"
+#ifdef __FreeBSD_version
+#if __FreeBSD_version < 411000 /* httpready broken before 4.1.1 */
+#undef ACCEPT_FILTER_NAME
+#define ACCEPT_FILTER_NAME "dataready"
+#endif
+#endif
+#endif
+#endif
+
+static void *create_core_server_config(apr_pool_t *a, server_rec *s)
+{
+ core_server_config *conf;
+ int is_virtual = s->is_virtual;
+
+ conf = (core_server_config *)apr_pcalloc(a, sizeof(core_server_config));
+
+ /* global-default / global-only settings */
+
+ if (!is_virtual) {
+ conf->ap_document_root = DOCUMENT_LOCATION;
+ conf->access_name = DEFAULT_ACCESS_FNAME;
+
+ /* A mapping only makes sense in the global context */
+ conf->accf_map = apr_table_make(a, 5);
+#if APR_HAS_SO_ACCEPTFILTER
+ apr_table_setn(conf->accf_map, "http", ACCEPT_FILTER_NAME);
+ apr_table_setn(conf->accf_map, "https", "dataready");
+#elif defined(WIN32)
+ /* 'data' is disabled on Windows due to a DoS vuln (PR 59970) */
+ apr_table_setn(conf->accf_map, "http", "connect");
+ apr_table_setn(conf->accf_map, "https", "connect");
+#else
+ apr_table_setn(conf->accf_map, "http", "data");
+ apr_table_setn(conf->accf_map, "https", "data");
+#endif
+
+ conf->flush_max_threshold = AP_FLUSH_MAX_THRESHOLD;
+ conf->flush_max_pipelined = AP_FLUSH_MAX_PIPELINED;
+ }
+ else {
+ conf->flush_max_pipelined = -1;
+ }
+
+ /* initialization, no special case for global context */
+
+ conf->sec_dir = apr_array_make(a, 40, sizeof(ap_conf_vector_t *));
+ conf->sec_url = apr_array_make(a, 40, sizeof(ap_conf_vector_t *));
+
+ /* pcalloc'ed - we have NULL's/0's
+ conf->gprof_dir = NULL;
+
+ ** recursion stopper; 0 == unset
+ conf->redirect_limit = 0;
+ conf->subreq_limit = 0;
+
+ conf->protocol = NULL;
+ */
+
+ conf->trace_enable = AP_TRACE_UNSET;
+
+ conf->protocols = apr_array_make(a, 5, sizeof(const char *));
+ conf->protocols_honor_order = -1;
+ conf->merge_slashes = AP_CORE_CONFIG_UNSET;
+
+ conf->strict_host_check= AP_CORE_CONFIG_UNSET;
+
+ return (void *)conf;
+}
+
+static void *merge_core_server_configs(apr_pool_t *p, void *basev, void *virtv)
+{
+ core_server_config *base = (core_server_config *)basev;
+ core_server_config *virt = (core_server_config *)virtv;
+ core_server_config *conf = (core_server_config *)
+ apr_pmemdup(p, base, sizeof(core_server_config));
+
+ if (virt->ap_document_root)
+ conf->ap_document_root = virt->ap_document_root;
+
+ if (virt->access_name)
+ conf->access_name = virt->access_name;
+
+ /* XXX optimize to keep base->sec_ pointers if virt->sec_ array is empty */
+ conf->sec_dir = apr_array_append(p, base->sec_dir, virt->sec_dir);
+ conf->sec_url = apr_array_append(p, base->sec_url, virt->sec_url);
+
+ if (virt->redirect_limit)
+ conf->redirect_limit = virt->redirect_limit;
+
+ if (virt->subreq_limit)
+ conf->subreq_limit = virt->subreq_limit;
+
+ if (virt->trace_enable != AP_TRACE_UNSET)
+ conf->trace_enable = virt->trace_enable;
+
+ if (virt->http09_enable != AP_HTTP09_UNSET)
+ conf->http09_enable = virt->http09_enable;
+
+ if (virt->http_conformance != AP_HTTP_CONFORMANCE_UNSET)
+ conf->http_conformance = virt->http_conformance;
+
+ if (virt->http_methods != AP_HTTP_METHODS_UNSET)
+ conf->http_methods = virt->http_methods;
+
+ /* no action for virt->accf_map, not allowed per-vhost */
+
+ if (virt->protocol)
+ conf->protocol = virt->protocol;
+
+ if (virt->gprof_dir)
+ conf->gprof_dir = virt->gprof_dir;
+
+ if (virt->error_log_format)
+ conf->error_log_format = virt->error_log_format;
+
+ if (virt->error_log_conn)
+ conf->error_log_conn = virt->error_log_conn;
+
+ if (virt->error_log_req)
+ conf->error_log_req = virt->error_log_req;
+
+ conf->merge_trailers = (virt->merge_trailers != AP_MERGE_TRAILERS_UNSET)
+ ? virt->merge_trailers
+ : base->merge_trailers;
+
+ conf->protocols = ((virt->protocols->nelts > 0)?
+ virt->protocols : base->protocols);
+ conf->protocols_honor_order = ((virt->protocols_honor_order < 0)?
+ base->protocols_honor_order :
+ virt->protocols_honor_order);
+ AP_CORE_MERGE_FLAG(merge_slashes, conf, base, virt);
+
+
+ conf->flush_max_threshold = (virt->flush_max_threshold)
+ ? virt->flush_max_threshold
+ : base->flush_max_threshold;
+ conf->flush_max_pipelined = (virt->flush_max_pipelined >= 0)
+ ? virt->flush_max_pipelined
+ : base->flush_max_pipelined;
+
+ conf->strict_host_check = (virt->strict_host_check != AP_CORE_CONFIG_UNSET)
+ ? virt->strict_host_check
+ : base->strict_host_check;
+
+ AP_CORE_MERGE_FLAG(strict_host_check, conf, base, virt);
+
+ return conf;
+}
+
+/* Add per-directory configuration entry (for <directory> section);
+ * these are part of the core server config.
+ */
+
+AP_CORE_DECLARE(void) ap_add_per_dir_conf(server_rec *s, void *dir_config)
+{
+ core_server_config *sconf = ap_get_core_module_config(s->module_config);
+ void **new_space = (void **)apr_array_push(sconf->sec_dir);
+
+ *new_space = dir_config;
+}
+
+AP_CORE_DECLARE(void) ap_add_per_url_conf(server_rec *s, void *url_config)
+{
+ core_server_config *sconf = ap_get_core_module_config(s->module_config);
+ void **new_space = (void **)apr_array_push(sconf->sec_url);
+
+ *new_space = url_config;
+}
+
+AP_CORE_DECLARE(void) ap_add_file_conf(apr_pool_t *p, core_dir_config *conf,
+ void *url_config)
+{
+ void **new_space;
+
+ if (!conf->sec_file)
+ conf->sec_file = apr_array_make(p, 2, sizeof(ap_conf_vector_t *));
+
+ new_space = (void **)apr_array_push(conf->sec_file);
+ *new_space = url_config;
+}
+
+AP_CORE_DECLARE(const char *) ap_add_if_conf(apr_pool_t *p,
+ core_dir_config *conf,
+ void *if_config)
+{
+ void **new_space;
+ core_dir_config *new = ap_get_module_config(if_config, &core_module);
+
+ if (!conf->sec_if) {
+ conf->sec_if = apr_array_make(p, 2, sizeof(ap_conf_vector_t *));
+ }
+ if (new->condition_ifelse & AP_CONDITION_ELSE) {
+ int have_if = 0;
+ if (conf->sec_if->nelts > 0) {
+ core_dir_config *last;
+ ap_conf_vector_t *lastelt = APR_ARRAY_IDX(conf->sec_if,
+ conf->sec_if->nelts - 1,
+ ap_conf_vector_t *);
+ last = ap_get_module_config(lastelt, &core_module);
+ if (last->condition_ifelse & AP_CONDITION_IF)
+ have_if = 1;
+ }
+ if (!have_if)
+ return "<Else> or <ElseIf> section without previous <If> or "
+ "<ElseIf> section in same scope";
+ }
+
+ new_space = (void **)apr_array_push(conf->sec_if);
+ *new_space = if_config;
+ return NULL;
+}
+
+
+/* We need to do a stable sort, qsort isn't stable. So to make it stable
+ * we'll be maintaining the original index into the list, and using it
+ * as the minor key during sorting. The major key is the number of
+ * components (where the root component is zero).
+ */
+struct reorder_sort_rec {
+ ap_conf_vector_t *elt;
+ int orig_index;
+};
+
+static int reorder_sorter(const void *va, const void *vb)
+{
+ const struct reorder_sort_rec *a = va;
+ const struct reorder_sort_rec *b = vb;
+ core_dir_config *core_a;
+ core_dir_config *core_b;
+
+ core_a = ap_get_core_module_config(a->elt);
+ core_b = ap_get_core_module_config(b->elt);
+
+ /* a regex always sorts after a non-regex
+ */
+ if (!core_a->r && core_b->r) {
+ return -1;
+ }
+ else if (core_a->r && !core_b->r) {
+ return 1;
+ }
+
+ /* we always sort next by the number of components
+ */
+ if (core_a->d_components < core_b->d_components) {
+ return -1;
+ }
+ else if (core_a->d_components > core_b->d_components) {
+ return 1;
+ }
+
+ /* They have the same number of components, we now have to compare
+ * the minor key to maintain the original order (from the config.)
+ */
+ return a->orig_index - b->orig_index;
+}
+
+void ap_core_reorder_directories(apr_pool_t *p, server_rec *s)
+{
+ core_server_config *sconf;
+ apr_array_header_t *sec_dir;
+ struct reorder_sort_rec *sortbin;
+ int nelts;
+ ap_conf_vector_t **elts;
+ int i;
+ apr_pool_t *tmp;
+
+ sconf = ap_get_core_module_config(s->module_config);
+ sec_dir = sconf->sec_dir;
+ nelts = sec_dir->nelts;
+ elts = (ap_conf_vector_t **)sec_dir->elts;
+
+ if (!nelts) {
+ /* simple case of already being sorted... */
+ /* We're not checking this condition to be fast... we're checking
+ * it to avoid trying to palloc zero bytes, which can trigger some
+ * memory debuggers to barf
+ */
+ return;
+ }
+
+ /* we have to allocate tmp space to do a stable sort */
+ apr_pool_create(&tmp, p);
+ apr_pool_tag(tmp, "core_reorder_directories");
+ sortbin = apr_palloc(tmp, sec_dir->nelts * sizeof(*sortbin));
+ for (i = 0; i < nelts; ++i) {
+ sortbin[i].orig_index = i;
+ sortbin[i].elt = elts[i];
+ }
+
+ qsort(sortbin, nelts, sizeof(*sortbin), reorder_sorter);
+
+ /* and now copy back to the original array */
+ for (i = 0; i < nelts; ++i) {
+ elts[i] = sortbin[i].elt;
+ }
+
+ apr_pool_destroy(tmp);
+}
+
+/*****************************************************************
+ *
+ * There are some elements of the core config structures in which
+ * other modules have a legitimate interest (this is ugly, but necessary
+ * to preserve NCSA back-compatibility). So, we have a bunch of accessors
+ * here...
+ */
+
+AP_DECLARE(int) ap_allow_options(request_rec *r)
+{
+ core_dir_config *conf =
+ (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ return conf->opts;
+}
+
+AP_DECLARE(int) ap_allow_overrides(request_rec *r)
+{
+ core_dir_config *conf;
+ conf = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ return conf->override;
+}
+
+/*
+ * Optional function coming from mod_authn_core, used for
+ * retrieving the type of authorization
+ */
+static APR_OPTIONAL_FN_TYPE(authn_ap_auth_type) *authn_ap_auth_type;
+
+AP_DECLARE(const char *) ap_auth_type(request_rec *r)
+{
+ if (authn_ap_auth_type) {
+ return authn_ap_auth_type(r);
+ }
+ return NULL;
+}
+
+/*
+ * Optional function coming from mod_authn_core, used for
+ * retrieving the authorization realm
+ */
+static APR_OPTIONAL_FN_TYPE(authn_ap_auth_name) *authn_ap_auth_name;
+
+AP_DECLARE(const char *) ap_auth_name(request_rec *r)
+{
+ if (authn_ap_auth_name) {
+ return authn_ap_auth_name(r);
+ }
+ return NULL;
+}
+
+/*
+ * Optional function coming from mod_access_compat, used to determine how
+ access control interacts with authentication/authorization
+ */
+static APR_OPTIONAL_FN_TYPE(access_compat_ap_satisfies) *access_compat_ap_satisfies;
+
+AP_DECLARE(int) ap_satisfies(request_rec *r)
+{
+ if (access_compat_ap_satisfies) {
+ return access_compat_ap_satisfies(r);
+ }
+ return SATISFY_NOSPEC;
+}
+
+AP_DECLARE(const char *) ap_document_root(request_rec *r) /* Don't use this! */
+{
+ core_server_config *sconf;
+ core_request_config *rconf = ap_get_core_module_config(r->request_config);
+ if (rconf->document_root)
+ return rconf->document_root;
+ sconf = ap_get_core_module_config(r->server->module_config);
+ return sconf->ap_document_root;
+}
+
+AP_DECLARE(const char *) ap_context_prefix(request_rec *r)
+{
+ core_request_config *conf = ap_get_core_module_config(r->request_config);
+ if (conf->context_prefix)
+ return conf->context_prefix;
+ else
+ return "";
+}
+
+AP_DECLARE(const char *) ap_context_document_root(request_rec *r)
+{
+ core_request_config *conf = ap_get_core_module_config(r->request_config);
+ if (conf->context_document_root)
+ return conf->context_document_root;
+ else
+ return ap_document_root(r);
+}
+
+AP_DECLARE(void) ap_set_document_root(request_rec *r, const char *document_root)
+{
+ core_request_config *conf = ap_get_core_module_config(r->request_config);
+ conf->document_root = document_root;
+}
+
+AP_DECLARE(void) ap_set_context_info(request_rec *r, const char *context_prefix,
+ const char *context_document_root)
+{
+ core_request_config *conf = ap_get_core_module_config(r->request_config);
+ if (context_prefix)
+ conf->context_prefix = context_prefix;
+ if (context_document_root)
+ conf->context_document_root = context_document_root;
+}
+
+/* Should probably just get rid of this... the only code that cares is
+ * part of the core anyway (and in fact, it isn't publicised to other
+ * modules).
+ */
+
+char *ap_response_code_string(request_rec *r, int error_index)
+{
+ core_dir_config *dirconf;
+ core_request_config *reqconf = ap_get_core_module_config(r->request_config);
+ const char *err;
+ const char *response;
+ ap_expr_info_t *expr;
+
+ /* check for string registered via ap_custom_response() first */
+ if (reqconf->response_code_strings != NULL
+ && reqconf->response_code_strings[error_index] != NULL) {
+ return reqconf->response_code_strings[error_index];
+ }
+
+ /* check for string specified via ErrorDocument */
+ dirconf = ap_get_core_module_config(r->per_dir_config);
+
+ if (!dirconf->response_code_exprs) {
+ return NULL;
+ }
+
+ expr = apr_hash_get(dirconf->response_code_exprs, &error_index,
+ sizeof(error_index));
+ if (!expr) {
+ return NULL;
+ }
+
+ /* special token to indicate revert back to default */
+ if ((char *) expr == &errordocument_default) {
+ return NULL;
+ }
+
+ err = NULL;
+ response = ap_expr_str_exec(r, expr, &err);
+ if (err) {
+ ap_log_rerror(
+ APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02841) "core: ErrorDocument: can't "
+ "evaluate require expression: %s", err);
+ return NULL;
+ }
+
+ /* alas, duplication required as we return not-const */
+ return apr_pstrdup(r->pool, response);
+}
+
+
+/* Code from Harald Hanche-Olsen <hanche@imf.unit.no> */
+static APR_INLINE int do_double_reverse (int double_reverse,
+ const char *remote_host,
+ apr_sockaddr_t *client_addr,
+ apr_pool_t *pool)
+{
+ apr_sockaddr_t *sa;
+ apr_status_t rv;
+
+ if (double_reverse) {
+ /* already done */
+ return double_reverse;
+ }
+
+ if (remote_host == NULL || remote_host[0] == '\0') {
+ /* single reverse failed, so don't bother */
+ return -1;
+ }
+
+ rv = apr_sockaddr_info_get(&sa, remote_host, APR_UNSPEC, 0, 0, pool);
+ if (rv == APR_SUCCESS) {
+ while (sa) {
+ if (apr_sockaddr_equal(sa, client_addr)) {
+ return 1;
+ }
+
+ sa = sa->next;
+ }
+ }
+
+ return -1;
+}
+
+AP_DECLARE(const char *) ap_get_remote_host(conn_rec *conn, void *dir_config,
+ int type, int *str_is_ip)
+{
+ int hostname_lookups;
+ int ignored_str_is_ip;
+
+ if (!str_is_ip) { /* caller doesn't want to know */
+ str_is_ip = &ignored_str_is_ip;
+ }
+ *str_is_ip = 0;
+
+ /* If we haven't checked the host name, and we want to */
+ if (dir_config) {
+ hostname_lookups = ((core_dir_config *)ap_get_core_module_config(dir_config))
+ ->hostname_lookups;
+
+ if (hostname_lookups == HOSTNAME_LOOKUP_UNSET) {
+ hostname_lookups = HOSTNAME_LOOKUP_OFF;
+ }
+ }
+ else {
+ /* the default */
+ hostname_lookups = HOSTNAME_LOOKUP_OFF;
+ }
+
+ if (type != REMOTE_NOLOOKUP
+ && conn->remote_host == NULL
+ && (type == REMOTE_DOUBLE_REV
+ || hostname_lookups != HOSTNAME_LOOKUP_OFF)) {
+
+ if (apr_getnameinfo(&conn->remote_host, conn->client_addr, 0)
+ == APR_SUCCESS) {
+ ap_str_tolower(conn->remote_host);
+
+ if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) {
+ conn->double_reverse = do_double_reverse(conn->double_reverse,
+ conn->remote_host,
+ conn->client_addr,
+ conn->pool);
+ if (conn->double_reverse != 1) {
+ conn->remote_host = NULL;
+ }
+ }
+ }
+
+ /* if failed, set it to the NULL string to indicate error */
+ if (conn->remote_host == NULL) {
+ conn->remote_host = "";
+ }
+ }
+
+ if (type == REMOTE_DOUBLE_REV) {
+ conn->double_reverse = do_double_reverse(conn->double_reverse,
+ conn->remote_host,
+ conn->client_addr, conn->pool);
+ if (conn->double_reverse == -1) {
+ return NULL;
+ }
+ }
+
+ /*
+ * Return the desired information; either the remote DNS name, if found,
+ * or either NULL (if the hostname was requested) or the IP address
+ * (if any identifier was requested).
+ */
+ if (conn->remote_host != NULL && conn->remote_host[0] != '\0') {
+ return conn->remote_host;
+ }
+ else {
+ if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) {
+ return NULL;
+ }
+ else {
+ *str_is_ip = 1;
+ return conn->client_ip;
+ }
+ }
+}
+
+AP_DECLARE(const char *) ap_get_useragent_host(request_rec *r,
+ int type, int *str_is_ip)
+{
+ conn_rec *conn = r->connection;
+ int hostname_lookups;
+ int ignored_str_is_ip;
+
+ /* Guard here when examining the host before the read_request hook
+ * has populated an r->useragent_addr
+ */
+ if (!r->useragent_addr || (r->useragent_addr == conn->client_addr)) {
+ return ap_get_remote_host(conn, r->per_dir_config, type, str_is_ip);
+ }
+
+ if (!str_is_ip) { /* caller doesn't want to know */
+ str_is_ip = &ignored_str_is_ip;
+ }
+ *str_is_ip = 0;
+
+ hostname_lookups = ((core_dir_config *)
+ ap_get_core_module_config(r->per_dir_config))
+ ->hostname_lookups;
+ if (hostname_lookups == HOSTNAME_LOOKUP_UNSET) {
+ hostname_lookups = HOSTNAME_LOOKUP_OFF;
+ }
+
+ if (type != REMOTE_NOLOOKUP
+ && r->useragent_host == NULL
+ && (type == REMOTE_DOUBLE_REV
+ || hostname_lookups != HOSTNAME_LOOKUP_OFF)) {
+
+ if (apr_getnameinfo(&r->useragent_host, r->useragent_addr, 0)
+ == APR_SUCCESS) {
+ ap_str_tolower(r->useragent_host);
+
+ if (hostname_lookups == HOSTNAME_LOOKUP_DOUBLE) {
+ r->double_reverse = do_double_reverse(r->double_reverse,
+ r->useragent_host,
+ r->useragent_addr,
+ r->pool);
+ if (r->double_reverse != 1) {
+ r->useragent_host = NULL;
+ }
+ }
+ }
+
+ /* if failed, set it to the NULL string to indicate error */
+ if (r->useragent_host == NULL) {
+ r->useragent_host = "";
+ }
+ }
+
+ if (type == REMOTE_DOUBLE_REV) {
+ r->double_reverse = do_double_reverse(r->double_reverse,
+ r->useragent_host,
+ r->useragent_addr, r->pool);
+ if (r->double_reverse == -1) {
+ return NULL;
+ }
+ }
+
+ /*
+ * Return the desired information; either the remote DNS name, if found,
+ * or either NULL (if the hostname was requested) or the IP address
+ * (if any identifier was requested).
+ */
+ if (r->useragent_host != NULL && r->useragent_host[0] != '\0') {
+ return r->useragent_host;
+ }
+ else {
+ if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) {
+ return NULL;
+ }
+ else {
+ *str_is_ip = 1;
+ return r->useragent_ip;
+ }
+ }
+}
+
+/*
+ * Optional function coming from mod_ident, used for looking up ident user
+ */
+static APR_OPTIONAL_FN_TYPE(ap_ident_lookup) *ident_lookup;
+
+AP_DECLARE(const char *) ap_get_remote_logname(request_rec *r)
+{
+ if (r->connection->remote_logname != NULL) {
+ return r->connection->remote_logname;
+ }
+
+ if (ident_lookup) {
+ return ident_lookup(r);
+ }
+
+ return NULL;
+}
+
+/* There are two options regarding what the "name" of a server is. The
+ * "canonical" name as defined by ServerName and Port, or the "client's
+ * name" as supplied by a possible Host: header or full URI.
+ *
+ * The DNS option to UseCanonicalName causes this routine to do a
+ * reverse lookup on the local IP address of the connection and use
+ * that for the ServerName. This makes its value more reliable while
+ * at the same time allowing Demon's magic virtual hosting to work.
+ * The assumption is that DNS lookups are sufficiently quick...
+ * -- fanf 1998-10-03
+ */
+AP_DECLARE(const char *) ap_get_server_name(request_rec *r)
+{
+ conn_rec *conn = r->connection;
+ core_dir_config *d;
+ const char *retval;
+
+ d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ switch (d->use_canonical_name) {
+ case USE_CANONICAL_NAME_ON:
+ retval = r->server->server_hostname;
+ break;
+ case USE_CANONICAL_NAME_DNS:
+ if (conn->local_host == NULL) {
+ if (apr_getnameinfo(&conn->local_host,
+ conn->local_addr, 0) != APR_SUCCESS)
+ conn->local_host = apr_pstrdup(conn->pool,
+ r->server->server_hostname);
+ else {
+ ap_str_tolower(conn->local_host);
+ }
+ }
+ retval = conn->local_host;
+ break;
+ case USE_CANONICAL_NAME_OFF:
+ case USE_CANONICAL_NAME_UNSET:
+ retval = r->hostname ? r->hostname : r->server->server_hostname;
+ break;
+ default:
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00109)
+ "ap_get_server_name: Invalid UCN Option somehow");
+ retval = "localhost";
+ break;
+ }
+ return retval;
+}
+
+/*
+ * Get the current server name from the request for the purposes
+ * of using in a URL. If the server name is an IPv6 literal
+ * address, it will be returned in URL format (e.g., "[fe80::1]").
+ */
+AP_DECLARE(const char *) ap_get_server_name_for_url(request_rec *r)
+{
+ const char *plain_server_name = ap_get_server_name(r);
+
+#if APR_HAVE_IPV6
+ if (ap_strchr_c(plain_server_name, ':')) { /* IPv6 literal? */
+ return apr_pstrcat(r->pool, "[", plain_server_name, "]", NULL);
+ }
+#endif
+ return plain_server_name;
+}
+
+AP_DECLARE(apr_port_t) ap_get_server_port(const request_rec *r)
+{
+ apr_port_t port;
+ core_dir_config *d =
+ (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ switch (d->use_canonical_name) {
+ case USE_CANONICAL_NAME_OFF:
+ case USE_CANONICAL_NAME_DNS:
+ case USE_CANONICAL_NAME_UNSET:
+ if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
+ port = r->parsed_uri.port_str ? r->parsed_uri.port :
+ r->connection->local_addr->port ? r->connection->local_addr->port :
+ r->server->port ? r->server->port :
+ ap_default_port(r);
+ else /* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
+ port = r->parsed_uri.port_str ? r->parsed_uri.port :
+ r->server->port ? r->server->port :
+ ap_default_port(r);
+ break;
+ case USE_CANONICAL_NAME_ON:
+ /* With UseCanonicalName on (and in all versions prior to 1.3)
+ * Apache will use the hostname and port specified in the
+ * ServerName directive to construct a canonical name for the
+ * server. (If no port was specified in the ServerName
+ * directive, Apache uses the port supplied by the client if
+ * any is supplied, and finally the default port for the protocol
+ * used.
+ */
+ if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
+ port = r->server->port ? r->server->port :
+ r->connection->local_addr->port ? r->connection->local_addr->port :
+ ap_default_port(r);
+ else /* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
+ port = r->server->port ? r->server->port :
+ ap_default_port(r);
+ break;
+ default:
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00110)
+ "ap_get_server_port: Invalid UCN Option somehow");
+ port = ap_default_port(r);
+ break;
+ }
+
+ return port;
+}
+
+AP_DECLARE(char *) ap_construct_url(apr_pool_t *p, const char *uri,
+ request_rec *r)
+{
+ unsigned port = ap_get_server_port(r);
+ const char *host = ap_get_server_name_for_url(r);
+
+ if (ap_is_default_port(port, r)) {
+ return apr_pstrcat(p, ap_http_scheme(r), "://", host, uri, NULL);
+ }
+
+ return apr_psprintf(p, "%s://%s:%u%s", ap_http_scheme(r), host, port, uri);
+}
+
+AP_DECLARE(apr_off_t) ap_get_limit_req_body(const request_rec *r)
+{
+ core_dir_config *d =
+ (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ if (d->limit_req_body == AP_LIMIT_REQ_BODY_UNSET) {
+ return AP_DEFAULT_LIMIT_REQ_BODY;
+ }
+
+ return d->limit_req_body;
+}
+
+AP_DECLARE(apr_size_t) ap_get_read_buf_size(const request_rec *r)
+{
+ core_dir_config *d = ap_get_core_module_config(r->per_dir_config);
+
+ return d->read_buf_size ? d->read_buf_size : AP_IOBUFSIZE;
+}
+
+
+/*****************************************************************
+ *
+ * Commands... this module handles almost all of the NCSA httpd.conf
+ * commands, but most of the old srm.conf is in the modules.
+ */
+
+
+/* returns a parent if it matches the given directive */
+static const ap_directive_t * find_parent(const ap_directive_t *dirp,
+ const char *what)
+{
+ while (dirp->parent != NULL) {
+ dirp = dirp->parent;
+
+ /* ### it would be nice to have atom-ized directives */
+ if (ap_cstr_casecmp(dirp->directive, what) == 0)
+ return dirp;
+ }
+
+ return NULL;
+}
+
+AP_DECLARE(const char *) ap_check_cmd_context(cmd_parms *cmd,
+ unsigned forbidden)
+{
+ const char *gt = (cmd->cmd->name[0] == '<'
+ && cmd->cmd->name[strlen(cmd->cmd->name)-1] != '>')
+ ? ">" : "";
+ const ap_directive_t *found;
+
+ if ((forbidden & NOT_IN_VIRTUALHOST) && cmd->server->is_virtual) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,
+ " cannot occur within <VirtualHost> section", NULL);
+ }
+
+ if ((forbidden & NOT_IN_DIR_CONTEXT) && cmd->limited != -1) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,
+ " cannot occur within <Limit> or <LimitExcept> "
+ "section", NULL);
+ }
+
+ if ((forbidden & NOT_IN_HTACCESS) && (cmd->pool == cmd->temp_pool)) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,
+ " cannot occur within htaccess files", NULL);
+ }
+
+ if ((forbidden & NOT_IN_DIR_LOC_FILE) == NOT_IN_DIR_LOC_FILE) {
+ if (cmd->path != NULL) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,
+ " cannot occur within directory context", NULL);
+ }
+ if (cmd->cmd->req_override & EXEC_ON_READ) {
+ /* EXEC_ON_READ must be NOT_IN_DIR_LOC_FILE, if not, it will
+ * (deliberately) segfault below in the individual tests...
+ */
+ return NULL;
+ }
+ }
+
+ if (((forbidden & NOT_IN_DIRECTORY)
+ && ((found = find_parent(cmd->directive, "<Directory"))
+ || (found = find_parent(cmd->directive, "<DirectoryMatch"))))
+ || ((forbidden & NOT_IN_LOCATION)
+ && ((found = find_parent(cmd->directive, "<Location"))
+ || (found = find_parent(cmd->directive, "<LocationMatch"))))
+ || ((forbidden & NOT_IN_FILES)
+ && ((found = find_parent(cmd->directive, "<Files"))
+ || (found = find_parent(cmd->directive, "<FilesMatch"))
+ || (found = find_parent(cmd->directive, "<If"))
+ || (found = find_parent(cmd->directive, "<ElseIf"))
+ || (found = find_parent(cmd->directive, "<Else"))))
+ || ((forbidden & NOT_IN_PROXY)
+ && ((found = find_parent(cmd->directive, "<Proxy"))
+ || (found = find_parent(cmd->directive, "<ProxyMatch"))))) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,
+ " cannot occur within ", found->directive,
+ "> section", NULL);
+ }
+
+ return NULL;
+}
+
+static const char *set_access_name(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ void *sconf = cmd->server->module_config;
+ core_server_config *conf = ap_get_core_module_config(sconf);
+
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ conf->access_name = apr_pstrdup(cmd->pool, arg);
+ return NULL;
+}
+
+AP_DECLARE(const char *) ap_resolve_env(apr_pool_t *p, const char * word)
+{
+# define SMALL_EXPANSION 5
+ struct sll {
+ struct sll *next;
+ const char *string;
+ apr_size_t len;
+ } *result, *current, sresult[SMALL_EXPANSION];
+ char *res_buf, *cp;
+ const char *s, *e, *ep;
+ unsigned spc;
+ apr_size_t outlen;
+
+ s = ap_strchr_c(word, '$');
+ if (!s) {
+ return word;
+ }
+
+ /* well, actually something to do */
+ ep = word + strlen(word);
+ spc = 0;
+ result = current = &(sresult[spc++]);
+ current->next = NULL;
+ current->string = word;
+ current->len = s - word;
+ outlen = current->len;
+
+ do {
+ /* prepare next entry */
+ if (current->len) {
+ current->next = (spc < SMALL_EXPANSION)
+ ? &(sresult[spc++])
+ : (struct sll *)apr_palloc(p,
+ sizeof(*current->next));
+ current = current->next;
+ current->next = NULL;
+ current->len = 0;
+ }
+
+ if (*s == '$') {
+ if (s[1] == '{' && (e = ap_strchr_c(s+2, '}'))) {
+ char *name = apr_pstrmemdup(p, s+2, e-s-2);
+ word = NULL;
+ if (server_config_defined_vars)
+ word = apr_table_get(server_config_defined_vars, name);
+ if (!word)
+ word = apr_pstrdup(p, getenv(name));
+ if (word) {
+ current->string = word;
+ current->len = strlen(word);
+ outlen += current->len;
+ }
+ else {
+ if (ap_strchr(name, ':') == 0)
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, APLOGNO(00111)
+ "Config variable ${%s} is not defined",
+ name);
+ current->string = s;
+ current->len = e - s + 1;
+ outlen += current->len;
+ }
+ s = e + 1;
+ }
+ else {
+ current->string = s++;
+ current->len = 1;
+ ++outlen;
+ }
+ }
+ else {
+ word = s;
+ s = ap_strchr_c(s, '$');
+ current->string = word;
+ current->len = s ? s - word : ep - word;
+ outlen += current->len;
+ }
+ } while (s && *s);
+
+ /* assemble result */
+ res_buf = cp = apr_palloc(p, outlen + 1);
+ do {
+ if (result->len) {
+ memcpy(cp, result->string, result->len);
+ cp += result->len;
+ }
+ result = result->next;
+ } while (result);
+ res_buf[outlen] = '\0';
+
+ return res_buf;
+}
+
+static int reset_config_defines(void *dummy)
+{
+ ap_server_config_defines = saved_server_config_defines;
+ saved_server_config_defines = NULL;
+ server_config_defined_vars = NULL;
+ ap_runtime_dir = NULL;
+ return OK;
+}
+
+/*
+ * Make sure we can revert the effects of Define/UnDefine when restarting.
+ * This function must be called once per loading of the config, before
+ * ap_server_config_defines is changed. This may be during reading of the
+ * config, which is even before the pre_config hook is run (due to
+ * EXEC_ON_READ for Define/UnDefine).
+ */
+static void init_config_defines(apr_pool_t *pconf)
+{
+ saved_server_config_defines = ap_server_config_defines;
+ /* Use apr_array_copy instead of apr_array_copy_hdr because it does not
+ * protect from the way unset_define removes entries.
+ */
+ ap_server_config_defines = apr_array_copy(pconf, ap_server_config_defines);
+}
+
+static const char *set_define(cmd_parms *cmd, void *dummy,
+ const char *name, const char *value)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS);
+ if (err)
+ return err;
+ if (ap_strchr_c(name, ':') != NULL) {
+ return "Variable name must not contain ':'";
+ }
+
+ if (!saved_server_config_defines) {
+ init_config_defines(cmd->pool);
+ }
+ if (!ap_exists_config_define(name)) {
+ *(const char **)apr_array_push(ap_server_config_defines) = name;
+ }
+ if (value) {
+ if (!server_config_defined_vars) {
+ server_config_defined_vars = apr_table_make(cmd->pool, 5);
+ }
+ apr_table_setn(server_config_defined_vars, name, value);
+ }
+
+ return NULL;
+}
+
+static const char *unset_define(cmd_parms *cmd, void *dummy,
+ const char *name)
+{
+ int i;
+ const char **defines;
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS);
+ if (err)
+ return err;
+ if (ap_strchr_c(name, ':') != NULL) {
+ return "Variable name must not contain ':'";
+ }
+
+ if (!saved_server_config_defines) {
+ init_config_defines(cmd->pool);
+ }
+
+ defines = (const char **)ap_server_config_defines->elts;
+ for (i = 0; i < ap_server_config_defines->nelts; i++) {
+ if (strcmp(defines[i], name) == 0) {
+ defines[i] = *(const char **)apr_array_pop(ap_server_config_defines);
+ break;
+ }
+ }
+
+ if (server_config_defined_vars) {
+ apr_table_unset(server_config_defined_vars, name);
+ }
+
+ return NULL;
+}
+
+static const char *generate_error(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ if (!arg || !*arg) {
+ return "The Error directive was used with no message.";
+ }
+
+ if (*arg == '"' || *arg == '\'') { /* strip off quotes */
+ apr_size_t len = strlen(arg);
+ char last = *(arg + len - 1);
+
+ if (*arg == last) {
+ return apr_pstrndup(cmd->pool, arg + 1, len - 2);
+ }
+ }
+
+ return arg;
+}
+
+#ifdef GPROF
+static const char *set_gprof_dir(cmd_parms *cmd, void *dummy, const char *arg)
+{
+ void *sconf = cmd->server->module_config;
+ core_server_config *conf = ap_get_core_module_config(sconf);
+
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ conf->gprof_dir = apr_pstrdup(cmd->pool, arg);
+ return NULL;
+}
+#endif /*GPROF*/
+
+static const char *set_add_default_charset(cmd_parms *cmd,
+ void *d_, const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (!ap_cstr_casecmp(arg, "Off")) {
+ d->add_default_charset = ADD_DEFAULT_CHARSET_OFF;
+ }
+ else if (!ap_cstr_casecmp(arg, "On")) {
+ d->add_default_charset = ADD_DEFAULT_CHARSET_ON;
+ d->add_default_charset_name = DEFAULT_ADD_DEFAULT_CHARSET_NAME;
+ }
+ else {
+ d->add_default_charset = ADD_DEFAULT_CHARSET_ON;
+ d->add_default_charset_name = arg;
+ }
+
+ return NULL;
+}
+
+static const char *set_document_root(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ void *sconf = cmd->server->module_config;
+ core_server_config *conf = ap_get_core_module_config(sconf);
+
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ /* When ap_document_root_check is false; skip all the stuff below */
+ if (!ap_document_root_check) {
+ conf->ap_document_root = arg;
+ return NULL;
+ }
+
+ /* Make it absolute, relative to ServerRoot */
+ arg = ap_server_root_relative(cmd->pool, arg);
+ if (arg == NULL) {
+ return "DocumentRoot must be a directory";
+ }
+
+ /* TODO: ap_configtestonly */
+ if (apr_filepath_merge((char**)&conf->ap_document_root, NULL, arg,
+ APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS
+ || !ap_is_directory(cmd->temp_pool, arg)) {
+ if (cmd->server->is_virtual) {
+ ap_log_perror(APLOG_MARK, APLOG_STARTUP, 0,
+ cmd->pool, APLOGNO(00112)
+ "Warning: DocumentRoot [%s] does not exist",
+ arg);
+ conf->ap_document_root = arg;
+ }
+ else {
+ return apr_psprintf(cmd->pool,
+ "DocumentRoot '%s' is not a directory, or is not readable",
+ arg);
+ }
+ }
+ return NULL;
+}
+
+AP_DECLARE(void) ap_custom_response(request_rec *r, int status,
+ const char *string)
+{
+ core_request_config *conf = ap_get_core_module_config(r->request_config);
+ int idx;
+
+ if (conf->response_code_strings == NULL) {
+ conf->response_code_strings =
+ apr_pcalloc(r->pool,
+ sizeof(*conf->response_code_strings) * RESPONSE_CODES);
+ }
+
+ idx = ap_index_of_response(status);
+
+ conf->response_code_strings[idx] =
+ ((ap_is_url(string) || (*string == '/')) && (*string != '"')) ?
+ apr_pstrdup(r->pool, string) : apr_pstrcat(r->pool, "\"", string, NULL);
+}
+
+static const char *set_error_document(cmd_parms *cmd, void *conf_,
+ const char *errno_str, const char *msg)
+{
+ core_dir_config *conf = conf_;
+ int error_number, index_number, idx500;
+ enum { MSG, LOCAL_PATH, REMOTE_PATH } what = MSG;
+
+ /* 1st parameter should be a 3 digit number, which we recognize;
+ * convert it into an array index
+ */
+ error_number = atoi(errno_str);
+ idx500 = ap_index_of_response(HTTP_INTERNAL_SERVER_ERROR);
+
+ if (error_number == HTTP_INTERNAL_SERVER_ERROR) {
+ index_number = idx500;
+ }
+ else if ((index_number = ap_index_of_response(error_number)) == idx500) {
+ return apr_pstrcat(cmd->pool, "Unsupported HTTP response code ",
+ errno_str, NULL);
+ }
+
+ /* Heuristic to determine second argument. */
+ if (ap_strchr_c(msg,' '))
+ what = MSG;
+ else if (msg[0] == '/')
+ what = LOCAL_PATH;
+ else if (ap_is_url(msg))
+ what = REMOTE_PATH;
+ else
+ what = MSG;
+
+ /* The entry should be ignored if it is a full URL for a 401 error */
+
+ if (error_number == 401 && what == REMOTE_PATH) {
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, cmd->server, APLOGNO(00113)
+ "%s:%d cannot use a full URL in a 401 ErrorDocument "
+ "directive --- ignoring!", cmd->directive->filename, cmd->directive->line_num);
+ }
+ else { /* Store it... */
+ if (conf->response_code_exprs == NULL) {
+ conf->response_code_exprs = apr_hash_make(cmd->pool);
+ }
+
+ if (ap_cstr_casecmp(msg, "default") == 0) {
+ /* special case: ErrorDocument 404 default restores the
+ * canned server error response
+ */
+ apr_hash_set(conf->response_code_exprs,
+ apr_pmemdup(cmd->pool, &index_number, sizeof(index_number)),
+ sizeof(index_number), &errordocument_default);
+ }
+ else {
+ ap_expr_info_t *expr;
+ const char *expr_err = NULL;
+
+ /* hack. Prefix a " if it is a msg; as that is what
+ * http_protocol.c relies on to distinguish between
+ * a msg and a (local) path.
+ */
+ const char *response =
+ (what == MSG) ? apr_pstrcat(cmd->pool, "\"", msg, NULL) :
+ apr_pstrdup(cmd->pool, msg);
+
+ expr = ap_expr_parse_cmd(cmd, response, AP_EXPR_FLAG_STRING_RESULT,
+ &expr_err, NULL);
+
+ if (expr_err) {
+ return apr_pstrcat(cmd->temp_pool,
+ "Cannot parse expression in ErrorDocument: ",
+ expr_err, NULL);
+ }
+
+ apr_hash_set(conf->response_code_exprs,
+ apr_pmemdup(cmd->pool, &index_number, sizeof(index_number)),
+ sizeof(index_number), expr);
+
+ }
+ }
+
+ return NULL;
+}
+
+static const char *set_allow_opts(cmd_parms *cmd, allow_options_t *opts,
+ const char *l)
+{
+ allow_options_t opt;
+ int first = 1;
+
+ char *w, *p = (char *) l;
+ char *tok_state;
+
+ while ((w = apr_strtok(p, ",", &tok_state)) != NULL) {
+
+ if (first) {
+ p = NULL;
+ *opts = OPT_NONE;
+ first = 0;
+ }
+
+ if (!ap_cstr_casecmp(w, "Indexes")) {
+ opt = OPT_INDEXES;
+ }
+ else if (!ap_cstr_casecmp(w, "Includes")) {
+ /* If Includes is permitted, both Includes and
+ * IncludesNOEXEC may be changed. */
+ opt = (OPT_INCLUDES | OPT_INC_WITH_EXEC);
+ }
+ else if (!ap_cstr_casecmp(w, "IncludesNOEXEC")) {
+ opt = OPT_INCLUDES;
+ }
+ else if (!ap_cstr_casecmp(w, "FollowSymLinks")) {
+ opt = OPT_SYM_LINKS;
+ }
+ else if (!ap_cstr_casecmp(w, "SymLinksIfOwnerMatch")) {
+ opt = OPT_SYM_OWNER;
+ }
+ else if (!ap_cstr_casecmp(w, "ExecCGI")) {
+ opt = OPT_EXECCGI;
+ }
+ else if (!ap_cstr_casecmp(w, "MultiViews")) {
+ opt = OPT_MULTI;
+ }
+ else if (!ap_cstr_casecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
+ opt = OPT_MULTI|OPT_EXECCGI;
+ }
+ else if (!ap_cstr_casecmp(w, "None")) {
+ opt = OPT_NONE;
+ }
+ else if (!ap_cstr_casecmp(w, "All")) {
+ opt = OPT_ALL;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
+ }
+
+ *opts |= opt;
+ }
+
+ (*opts) &= (~OPT_UNSET);
+
+ return NULL;
+}
+
+static const char *set_override(cmd_parms *cmd, void *d_, const char *l)
+{
+ core_dir_config *d = d_;
+ char *w;
+ char *k, *v;
+ const char *err;
+
+ /* Throw a warning if we're in <Location> or <Files> */
+ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00114)
+ "Useless use of AllowOverride in line %d of %s.",
+ cmd->directive->line_num, cmd->directive->filename);
+ }
+ if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL)
+ return err;
+
+ d->override = OR_NONE;
+ while (l[0]) {
+ w = ap_getword_conf(cmd->temp_pool, &l);
+
+ k = w;
+ v = strchr(k, '=');
+ if (v) {
+ *v++ = '\0';
+ }
+
+ if (!ap_cstr_casecmp(w, "Limit")) {
+ d->override |= OR_LIMIT;
+ }
+ else if (!ap_cstr_casecmp(k, "Options")) {
+ d->override |= OR_OPTIONS;
+ if (v)
+ set_allow_opts(cmd, &(d->override_opts), v);
+ else
+ d->override_opts = OPT_ALL;
+ }
+ else if (!ap_cstr_casecmp(w, "FileInfo")) {
+ d->override |= OR_FILEINFO;
+ }
+ else if (!ap_cstr_casecmp(w, "AuthConfig")) {
+ d->override |= OR_AUTHCFG;
+ }
+ else if (!ap_cstr_casecmp(w, "Indexes")) {
+ d->override |= OR_INDEXES;
+ }
+ else if (!ap_cstr_casecmp(w, "Nonfatal")) {
+ if (!v) {
+ return apr_pstrcat(cmd->pool, "=Override, =Unknown or =All expected after ", w, NULL);
+ }
+ else if (!ap_cstr_casecmp(v, "Override")) {
+ d->override |= NONFATAL_OVERRIDE;
+ }
+ else if (!ap_cstr_casecmp(v, "Unknown")) {
+ d->override |= NONFATAL_UNKNOWN;
+ }
+ else if (!ap_cstr_casecmp(v, "All")) {
+ d->override |= NONFATAL_ALL;
+ }
+ }
+ else if (!ap_cstr_casecmp(w, "None")) {
+ d->override = OR_NONE;
+ }
+ else if (!ap_cstr_casecmp(w, "All")) {
+ d->override = OR_ALL;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Illegal override option ", w, NULL);
+ }
+
+ d->override &= ~OR_UNSET;
+ }
+
+ return NULL;
+}
+
+static const char *set_cgi_pass_auth(cmd_parms *cmd, void *d_, int flag)
+{
+ core_dir_config *d = d_;
+
+ d->cgi_pass_auth = flag ? AP_CGI_PASS_AUTH_ON : AP_CGI_PASS_AUTH_OFF;
+
+ return NULL;
+}
+
+static const char *set_cgi_var(cmd_parms *cmd, void *d_,
+ const char *var, const char *rule_)
+{
+ core_dir_config *d = d_;
+ char *rule = apr_pstrdup(cmd->pool, rule_);
+
+ ap_str_tolower(rule);
+
+ if (!strcmp(var, "REQUEST_URI")) {
+ if (strcmp(rule, "current-uri") && strcmp(rule, "original-uri")) {
+ return "Valid rules for REQUEST_URI are 'current-uri' and 'original-uri'";
+ }
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Unrecognized CGI variable: \"",
+ var, "\"", NULL);
+ }
+
+ if (!d->cgi_var_rules) {
+ d->cgi_var_rules = apr_hash_make(cmd->pool);
+ }
+ apr_hash_set(d->cgi_var_rules, var, APR_HASH_KEY_STRING, rule);
+ return NULL;
+}
+
+static const char *set_qualify_redirect_url(cmd_parms *cmd, void *d_, int flag)
+{
+ core_dir_config *d = d_;
+
+ d->qualify_redirect_url = flag ? AP_CORE_CONFIG_ON : AP_CORE_CONFIG_OFF;
+
+ return NULL;
+}
+
+static const char *set_core_server_flag(cmd_parms *cmd, void *s_, int flag)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ return ap_set_flag_slot(cmd, conf, flag);
+}
+
+static const char *set_override_list(cmd_parms *cmd, void *d_, int argc, char *const argv[])
+{
+ core_dir_config *d = d_;
+ int i;
+ const char *err;
+
+ /* Throw a warning if we're in <Location> or <Files> */
+ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00115)
+ "Useless use of AllowOverrideList at %s:%d",
+ cmd->directive->filename, cmd->directive->line_num);
+ }
+ if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL)
+ return err;
+
+ d->override_list = apr_table_make(cmd->pool, argc);
+
+ for (i = 0; i < argc; i++) {
+ if (!ap_cstr_casecmp(argv[i], "None")) {
+ if (argc != 1) {
+ return "'None' not allowed with other directives in "
+ "AllowOverrideList";
+ }
+ return NULL;
+ }
+ else {
+ const command_rec *result = NULL;
+ module *mod = ap_top_module;
+
+ result = ap_find_command_in_modules(argv[i], &mod);
+ if (result == NULL) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+ APLOGNO(00116) "Discarding unrecognized "
+ "directive `%s' in AllowOverrideList at %s:%d",
+ argv[i], cmd->directive->filename,
+ cmd->directive->line_num);
+ continue;
+ }
+ else if ((result->req_override & (OR_ALL|ACCESS_CONF)) == 0) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+ APLOGNO(02304) "Discarding directive `%s' not "
+ "allowed in AllowOverrideList at %s:%d",
+ argv[i], cmd->directive->filename,
+ cmd->directive->line_num);
+ continue;
+ }
+ else {
+ apr_table_setn(d->override_list, argv[i], "1");
+ }
+ }
+ }
+
+ return NULL;
+}
+
+static const char *set_options(cmd_parms *cmd, void *d_, const char *l)
+{
+ core_dir_config *d = d_;
+ allow_options_t opt;
+ int first = 1;
+ int merge = 0;
+ int all_none = 0;
+ char action;
+
+ while (l[0]) {
+ char *w = ap_getword_conf(cmd->temp_pool, &l);
+ action = '\0';
+
+ if (*w == '+' || *w == '-') {
+ action = *(w++);
+ if (!merge && !first && !all_none) {
+ return "Either all Options must start with + or -, or no Option may.";
+ }
+ merge = 1;
+ }
+ else if (first) {
+ d->opts = OPT_NONE;
+ }
+ else if (merge) {
+ return "Either all Options must start with + or -, or no Option may.";
+ }
+
+ if (!ap_cstr_casecmp(w, "Indexes")) {
+ opt = OPT_INDEXES;
+ }
+ else if (!ap_cstr_casecmp(w, "Includes")) {
+ opt = (OPT_INCLUDES | OPT_INC_WITH_EXEC);
+ }
+ else if (!ap_cstr_casecmp(w, "IncludesNOEXEC")) {
+ opt = OPT_INCLUDES;
+ }
+ else if (!ap_cstr_casecmp(w, "FollowSymLinks")) {
+ opt = OPT_SYM_LINKS;
+ }
+ else if (!ap_cstr_casecmp(w, "SymLinksIfOwnerMatch")) {
+ opt = OPT_SYM_OWNER;
+ }
+ else if (!ap_cstr_casecmp(w, "ExecCGI")) {
+ opt = OPT_EXECCGI;
+ }
+ else if (!ap_cstr_casecmp(w, "MultiViews")) {
+ opt = OPT_MULTI;
+ }
+ else if (!ap_cstr_casecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
+ opt = OPT_MULTI|OPT_EXECCGI;
+ }
+ else if (!ap_cstr_casecmp(w, "None")) {
+ if (!first) {
+ return "'Options None' must be the first Option given.";
+ }
+ else if (merge) { /* Only works since None may not follow any other option. */
+ return "You may not use 'Options +None' or 'Options -None'.";
+ }
+ opt = OPT_NONE;
+ all_none = 1;
+ }
+ else if (!ap_cstr_casecmp(w, "All")) {
+ if (!first) {
+ return "'Options All' must be the first option given.";
+ }
+ else if (merge) { /* Only works since All may not follow any other option. */
+ return "You may not use 'Options +All' or 'Options -All'.";
+ }
+ opt = OPT_ALL;
+ all_none = 1;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
+ }
+
+ if ( (cmd->override_opts & opt) != opt ) {
+ return apr_pstrcat(cmd->pool, "Option ", w, " not allowed here", NULL);
+ }
+ else if (action == '-') {
+ /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
+ d->opts_remove |= opt;
+ d->opts_add &= ~opt;
+ d->opts &= ~opt;
+ }
+ else if (action == '+') {
+ d->opts_add |= opt;
+ d->opts_remove &= ~opt;
+ d->opts |= opt;
+ }
+ else {
+ d->opts |= opt;
+ }
+
+ first = 0;
+ }
+
+ return NULL;
+}
+
+static const char *set_default_type(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ if ((ap_cstr_casecmp(arg, "off") != 0) && (ap_cstr_casecmp(arg, "none") != 0)) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00117)
+ "Ignoring deprecated use of DefaultType in line %d of %s.",
+ cmd->directive->line_num, cmd->directive->filename);
+ }
+
+ return NULL;
+}
+
+static const char *set_sethandler(cmd_parms *cmd,
+ void *d_,
+ const char *arg_)
+{
+ core_dir_config *dirconf = d_;
+ const char *err;
+ dirconf->expr_handler = ap_expr_parse_cmd(cmd, arg_,
+ AP_EXPR_FLAG_STRING_RESULT,
+ &err, NULL);
+ if (err) {
+ return apr_pstrcat(cmd->pool,
+ "Can't parse expression : ", err, NULL);
+ }
+ return NULL;
+}
+
+/*
+ * Note what data should be used when forming file ETag values.
+ * It would be nicer to do this as an ITERATE, but then we couldn't
+ * remember the +/- state properly.
+ */
+static const char *set_etag_bits(cmd_parms *cmd, void *mconfig,
+ const char *args_p)
+{
+ core_dir_config *cfg;
+ etag_components_t bit;
+ char action;
+ char *token;
+ const char *args;
+ int valid;
+ int first;
+ int explicit;
+
+ cfg = (core_dir_config *)mconfig;
+
+ args = args_p;
+ first = 1;
+ explicit = 0;
+ while (args[0] != '\0') {
+ action = '*';
+ bit = ETAG_UNSET;
+ valid = 1;
+ token = ap_getword_conf(cmd->temp_pool, &args);
+ if ((*token == '+') || (*token == '-')) {
+ action = *token;
+ token++;
+ }
+ else {
+ /*
+ * The occurrence of an absolute setting wipes
+ * out any previous relative ones. The first such
+ * occurrence forgets any inherited ones, too.
+ */
+ if (first) {
+ cfg->etag_bits = ETAG_UNSET;
+ cfg->etag_add = ETAG_UNSET;
+ cfg->etag_remove = ETAG_UNSET;
+ first = 0;
+ }
+ }
+
+ if (ap_cstr_casecmp(token, "None") == 0) {
+ if (action != '*') {
+ valid = 0;
+ }
+ else {
+ cfg->etag_bits = bit = ETAG_NONE;
+ explicit = 1;
+ }
+ }
+ else if (ap_cstr_casecmp(token, "All") == 0) {
+ if (action != '*') {
+ valid = 0;
+ }
+ else {
+ explicit = 1;
+ cfg->etag_bits = bit = ETAG_ALL;
+ }
+ }
+ else if (ap_cstr_casecmp(token, "Size") == 0) {
+ bit = ETAG_SIZE;
+ }
+ else if ((ap_cstr_casecmp(token, "LMTime") == 0)
+ || (ap_cstr_casecmp(token, "MTime") == 0)
+ || (ap_cstr_casecmp(token, "LastModified") == 0)) {
+ bit = ETAG_MTIME;
+ }
+ else if (ap_cstr_casecmp(token, "INode") == 0) {
+ bit = ETAG_INODE;
+ }
+ else if (ap_cstr_casecmp(token, "Digest") == 0) {
+ bit = ETAG_DIGEST;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Unknown keyword '",
+ token, "' for ", cmd->cmd->name,
+ " directive", NULL);
+ }
+
+ if (! valid) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name, " keyword '",
+ token, "' cannot be used with '+' or '-'",
+ NULL);
+ }
+
+ if (action == '+') {
+ /*
+ * Make sure it's in the 'add' list and absent from the
+ * 'subtract' list.
+ */
+ cfg->etag_add |= bit;
+ cfg->etag_remove &= (~ bit);
+ }
+ else if (action == '-') {
+ cfg->etag_remove |= bit;
+ cfg->etag_add &= (~ bit);
+ }
+ else {
+ /*
+ * Non-relative values wipe out any + or - values
+ * accumulated so far.
+ */
+ cfg->etag_bits |= bit;
+ cfg->etag_add = ETAG_UNSET;
+ cfg->etag_remove = ETAG_UNSET;
+ explicit = 1;
+ }
+ }
+
+ /*
+ * Any setting at all will clear the 'None' and 'Unset' bits.
+ */
+
+ if (cfg->etag_add != ETAG_UNSET) {
+ cfg->etag_add &= (~ ETAG_UNSET);
+ }
+
+ if (cfg->etag_remove != ETAG_UNSET) {
+ cfg->etag_remove &= (~ ETAG_UNSET);
+ }
+
+ if (explicit) {
+ cfg->etag_bits &= (~ ETAG_UNSET);
+
+ if ((cfg->etag_bits & ETAG_NONE) != ETAG_NONE) {
+ cfg->etag_bits &= (~ ETAG_NONE);
+ }
+ }
+
+ return NULL;
+}
+
+static const char *set_enable_mmap(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ d->enable_mmap = ENABLE_MMAP_ON;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ d->enable_mmap = ENABLE_MMAP_OFF;
+ }
+ else {
+ return "parameter must be 'on' or 'off'";
+ }
+
+ return NULL;
+}
+
+static const char *set_enable_sendfile(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ d->enable_sendfile = ENABLE_SENDFILE_ON;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ d->enable_sendfile = ENABLE_SENDFILE_OFF;
+ }
+ else {
+ return "parameter must be 'on' or 'off'";
+ }
+
+ return NULL;
+}
+
+static const char *set_read_buf_size(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+ apr_off_t size;
+ char *end;
+
+ if (apr_strtoff(&size, arg, &end, 10)
+ || *end || size < 0 || size > APR_UINT32_MAX)
+ return apr_pstrcat(cmd->pool,
+ "parameter must be a number between 0 and "
+ APR_STRINGIFY(APR_UINT32_MAX) "): ",
+ arg, NULL);
+
+ d->read_buf_size = (apr_size_t)size;
+
+ return NULL;
+}
+
+static const char *set_flush_max_threshold(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ apr_off_t size;
+ char *end;
+
+ if (apr_strtoff(&size, arg, &end, 10)
+ || *end || size < 0 || size > APR_UINT32_MAX)
+ return apr_pstrcat(cmd->pool,
+ "parameter must be a number between 0 and "
+ APR_STRINGIFY(APR_UINT32_MAX) "): ",
+ arg, NULL);
+
+ conf->flush_max_threshold = (apr_size_t)size;
+
+ return NULL;
+}
+
+static const char *set_flush_max_pipelined(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ apr_off_t num;
+ char *end;
+
+ if (apr_strtoff(&num, arg, &end, 10)
+ || *end || num < -1 || num > APR_INT32_MAX)
+ return apr_pstrcat(cmd->pool,
+ "parameter must be a number between -1 and "
+ APR_STRINGIFY(APR_INT32_MAX) ": ",
+ arg, NULL);
+
+ conf->flush_max_pipelined = (apr_int32_t)num;
+
+ return NULL;
+}
+
+/*
+ * Report a missing-'>' syntax error.
+ */
+static char *unclosed_directive(cmd_parms *cmd)
+{
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive missing closing '>'", NULL);
+}
+
+/*
+ * Report a missing args in '<Foo >' syntax error.
+ */
+static char *missing_container_arg(cmd_parms *cmd)
+{
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive requires additional arguments", NULL);
+}
+
+AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
+ void *dummy,
+ const char *arg)
+{
+ const char *endp = ap_strrchr_c(arg, '>');
+ const char *limited_methods;
+ void *tog = cmd->cmd->cmd_data;
+ apr_int64_t limited = 0;
+ apr_int64_t old_limited = cmd->limited;
+ const char *errmsg;
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ limited_methods = apr_pstrmemdup(cmd->temp_pool, arg, endp - arg);
+
+ if (!limited_methods[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ while (limited_methods[0]) {
+ char *method = ap_getword_conf(cmd->temp_pool, &limited_methods);
+ int methnum;
+
+ /* check for builtin or module registered method number */
+ methnum = ap_method_number_of(method);
+
+ if (methnum == M_TRACE && !tog) {
+ return "TRACE cannot be controlled by <Limit>, see TraceEnable";
+ }
+ else if (methnum == M_INVALID) {
+ /* method has not been registered yet, but resource restriction
+ * is always checked before method handling, so register it.
+ */
+ if (cmd->pool == cmd->temp_pool) {
+ /* In .htaccess, we can't globally register new methods. */
+ return apr_psprintf(cmd->pool, "Could not register method '%s' "
+ "for %s from .htaccess configuration",
+ method, cmd->cmd->name);
+ }
+ methnum = ap_method_register(cmd->pool,
+ apr_pstrdup(cmd->pool, method));
+ }
+
+ limited |= (AP_METHOD_BIT << methnum);
+ }
+
+ /* Killing two features with one function,
+ * if (tog == NULL) <Limit>, else <LimitExcept>
+ */
+ limited = tog ? ~limited : limited;
+
+ if (!(old_limited & limited)) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive excludes all methods", NULL);
+ }
+ else if ((old_limited & limited) == old_limited) {
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive specifies methods already excluded",
+ NULL);
+ }
+
+ cmd->limited &= limited;
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, cmd->context);
+
+ cmd->limited = old_limited;
+
+ return errmsg;
+}
+
+/* XXX: Bogus - need to do this differently (at least OS2/Netware suffer
+ * the same problem!!!
+ * We use this in <DirectoryMatch> and <FilesMatch>, to ensure that
+ * people don't get bitten by wrong-cased regex matches
+ */
+
+#ifdef WIN32
+#define USE_ICASE AP_REG_ICASE
+#else
+#define USE_ICASE 0
+#endif
+
+static const char *dirsection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ int old_overrides = cmd->override;
+ char *old_path = cmd->path;
+ core_dir_config *conf;
+ ap_conf_vector_t *new_dir_conf = ap_create_per_dir_config(cmd->pool);
+ ap_regex_t *r = NULL;
+ const command_rec *thiscmd = cmd->cmd;
+
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
+
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ cmd->override = OR_ALL|ACCESS_CONF;
+
+ if (!strcmp(cmd->path, "~")) {
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ if (!cmd->path)
+ return "<Directory ~ > block must specify a path";
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+ else if (thiscmd->cmd_data) { /* <DirectoryMatch> */
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+ else if (strcmp(cmd->path, "/") != 0)
+ {
+ char *newpath;
+
+ /*
+ * Ensure that the pathname is canonical, and append the trailing /
+ */
+ apr_status_t rv = apr_filepath_merge(&newpath, NULL, cmd->path,
+ APR_FILEPATH_TRUENAME, cmd->pool);
+ if (rv != APR_SUCCESS && rv != APR_EPATHWILD) {
+ return apr_pstrcat(cmd->pool, "<Directory \"", cmd->path,
+ "\"> path is invalid.", NULL);
+ }
+
+ cmd->path = newpath;
+ if (cmd->path[strlen(cmd->path) - 1] != '/')
+ cmd->path = apr_pstrcat(cmd->pool, cmd->path, "/", NULL);
+ }
+
+ /* initialize our config and fetch it */
+ conf = ap_set_config_vectors(cmd->server, new_dir_conf, cmd->path,
+ &core_module, cmd->pool);
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_dir_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ conf->r = r;
+ conf->d = cmd->path;
+ conf->d_is_fnmatch = (apr_fnmatch_test(conf->d) != 0);
+
+ if (r) {
+ conf->refs = apr_array_make(cmd->pool, 8, sizeof(char *));
+ ap_regname(r, conf->refs, AP_REG_MATCH, 1);
+ }
+
+ /* Make this explicit - the "/" root has 0 elements, that is, we
+ * will always merge it, and it will always sort and merge first.
+ * All others are sorted and tested by the number of slashes.
+ */
+ if (strcmp(conf->d, "/") == 0)
+ conf->d_components = 0;
+ else
+ conf->d_components = ap_count_dirs(conf->d);
+
+ ap_add_per_dir_conf(cmd->server, new_dir_conf);
+
+ if (*arg != '\0') {
+ return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name,
+ "> arguments not (yet) supported.", NULL);
+ }
+
+ cmd->path = old_path;
+ cmd->override = old_overrides;
+
+ return NULL;
+}
+
+static const char *urlsection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ int old_overrides = cmd->override;
+ char *old_path = cmd->path;
+ core_dir_config *conf;
+ ap_regex_t *r = NULL;
+ const command_rec *thiscmd = cmd->cmd;
+ ap_conf_vector_t *new_url_conf = ap_create_per_dir_config(cmd->pool);
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
+
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ cmd->override = OR_ALL|ACCESS_CONF;
+
+ if (thiscmd->cmd_data) { /* <LocationMatch> */
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+ else if (!strcmp(cmd->path, "~")) {
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+
+ /* initialize our config and fetch it */
+ conf = ap_set_config_vectors(cmd->server, new_url_conf, cmd->path,
+ &core_module, cmd->pool);
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_url_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ conf->d = apr_pstrdup(cmd->pool, cmd->path); /* No mangling, please */
+ conf->d_is_fnmatch = apr_fnmatch_test(conf->d) != 0;
+ conf->r = r;
+
+ if (r) {
+ conf->refs = apr_array_make(cmd->pool, 8, sizeof(char *));
+ ap_regname(r, conf->refs, AP_REG_MATCH, 1);
+ }
+
+ ap_add_per_url_conf(cmd->server, new_url_conf);
+
+ if (*arg != '\0') {
+ return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name,
+ "> arguments not (yet) supported.", NULL);
+ }
+
+ cmd->path = old_path;
+ cmd->override = old_overrides;
+
+ return NULL;
+}
+
+static const char *filesection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ int old_overrides = cmd->override;
+ char *old_path = cmd->path;
+ core_dir_config *conf;
+ ap_regex_t *r = NULL;
+ const command_rec *thiscmd = cmd->cmd;
+ ap_conf_vector_t *new_file_conf = ap_create_per_dir_config(cmd->pool);
+ const char *err = ap_check_cmd_context(cmd,
+ NOT_IN_LOCATION | NOT_IN_LIMIT);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
+
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ /* Only if not an .htaccess file */
+ if (!old_path) {
+ cmd->override = OR_ALL|ACCESS_CONF;
+ }
+
+ if (thiscmd->cmd_data) { /* <FilesMatch> */
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+ else if (!strcmp(cmd->path, "~")) {
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
+ }
+ else {
+ char *newpath;
+ /* Ensure that the pathname is canonical, but we
+ * can't test the case/aliases without a fixed path */
+ if (apr_filepath_merge(&newpath, "", cmd->path,
+ 0, cmd->pool) != APR_SUCCESS)
+ return apr_pstrcat(cmd->pool, "<Files \"", cmd->path,
+ "\"> is invalid.", NULL);
+ cmd->path = newpath;
+ }
+
+ /* initialize our config and fetch it */
+ conf = ap_set_config_vectors(cmd->server, new_file_conf, cmd->path,
+ &core_module, cmd->pool);
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_file_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ conf->d = cmd->path;
+ conf->d_is_fnmatch = apr_fnmatch_test(conf->d) != 0;
+ conf->r = r;
+
+ if (r) {
+ conf->refs = apr_array_make(cmd->pool, 8, sizeof(char *));
+ ap_regname(r, conf->refs, AP_REG_MATCH, 1);
+ }
+
+ ap_add_file_conf(cmd->pool, (core_dir_config *)mconfig, new_file_conf);
+
+ if (*arg != '\0') {
+ return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name,
+ "> arguments not (yet) supported.", NULL);
+ }
+
+ cmd->path = old_path;
+ cmd->override = old_overrides;
+
+ return NULL;
+}
+
+#define COND_IF ((void *)1)
+#define COND_ELSE ((void *)2)
+#define COND_ELSEIF ((void *)3)
+
+static const char *ifsection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ int old_overrides = cmd->override;
+ char *old_path = cmd->path;
+ core_dir_config *conf;
+ const command_rec *thiscmd = cmd->cmd;
+ ap_conf_vector_t *new_if_conf = ap_create_per_dir_config(cmd->pool);
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
+ const char *condition;
+ const char *expr_err;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
+
+ /*
+ * Set a dummy value so that other directives notice that they are inside
+ * a config section.
+ */
+ cmd->path = "*If";
+ /* Only if not an .htaccess file */
+ if (!old_path) {
+ cmd->override = OR_ALL|ACCESS_CONF;
+ }
+
+ /* initialize our config and fetch it */
+ conf = ap_set_config_vectors(cmd->server, new_if_conf, cmd->path,
+ &core_module, cmd->pool);
+
+ if (cmd->cmd->cmd_data == COND_IF)
+ conf->condition_ifelse = AP_CONDITION_IF;
+ else if (cmd->cmd->cmd_data == COND_ELSEIF)
+ conf->condition_ifelse = AP_CONDITION_ELSEIF;
+ else if (cmd->cmd->cmd_data == COND_ELSE)
+ conf->condition_ifelse = AP_CONDITION_ELSE;
+ else
+ ap_assert(0);
+
+ if (conf->condition_ifelse == AP_CONDITION_ELSE) {
+ if (arg[0])
+ return "<Else> does not take an argument";
+ }
+ else {
+ if (!arg[0])
+ return missing_container_arg(cmd);
+ condition = ap_getword_conf(cmd->pool, &arg);
+ conf->condition = ap_expr_parse_cmd(cmd, condition, 0, &expr_err, NULL);
+ if (expr_err)
+ return apr_psprintf(cmd->pool, "Cannot parse condition clause: %s",
+ expr_err);
+ }
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_if_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ conf->d = cmd->path;
+ conf->d_is_fnmatch = 0;
+ conf->r = NULL;
+
+ errmsg = ap_add_if_conf(cmd->pool, (core_dir_config *)mconfig, new_if_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ if (*arg != '\0') {
+ return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name,
+ "> arguments not supported.", NULL);
+ }
+
+ cmd->path = old_path;
+ cmd->override = old_overrides;
+
+ return NULL;
+}
+
+static module *find_module(server_rec *s, const char *name)
+{
+ module *found = ap_find_linked_module(name);
+
+ /* search prelinked stuff */
+ if (!found) {
+ ap_module_symbol_t *current = ap_prelinked_module_symbols;
+
+ for (; current->name; ++current) {
+ if (!strcmp(current->name, name)) {
+ found = current->modp;
+ break;
+ }
+ }
+ }
+
+ /* search dynamic stuff */
+ if (!found) {
+ APR_OPTIONAL_FN_TYPE(ap_find_loaded_module_symbol) *check_symbol =
+ APR_RETRIEVE_OPTIONAL_FN(ap_find_loaded_module_symbol);
+
+ if (check_symbol) {
+ /*
+ * There are two phases where calling ap_find_loaded_module_symbol
+ * is problematic:
+ *
+ * During reading of the config, ap_server_conf is invalid but s
+ * points to the main server config, if passed from cmd->server
+ * of an EXEC_ON_READ directive.
+ *
+ * During config parsing, s may be a virtual host that would cause
+ * a segfault in mod_so if passed to ap_find_loaded_module_symbol,
+ * because mod_so's server config for vhosts is initialized later.
+ * But ap_server_conf is already set at this time.
+ *
+ * Therefore we use s if it is not virtual and ap_server_conf if
+ * s is virtual.
+ */
+ found = check_symbol(s->is_virtual ? ap_server_conf : s, name);
+ }
+ }
+
+ return found;
+}
+
+/* Callback function type used by start_cond_section. */
+typedef int (*test_cond_section_fn)(cmd_parms *cmd, const char *arg);
+
+/* Implementation of <IfXXXXX>-style conditional sections. Callback
+ * to test condition must be in cmd->info, matching function type
+ * test_cond_section_fn. */
+static const char *start_cond_section(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *endp = ap_strrchr_c(arg, '>');
+ int result, not = (arg[0] == '!');
+ test_cond_section_fn testfn = (test_cond_section_fn)cmd->info;
+ const char *arg1;
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrmemdup(cmd->temp_pool, arg, endp - arg);
+
+ if (not) {
+ arg++;
+ }
+
+ arg1 = ap_getword_conf(cmd->temp_pool, &arg);
+
+ if (!arg1[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ result = testfn(cmd, arg1);
+
+ if ((!not && result) || (not && !result)) {
+ ap_directive_t *parent = NULL;
+ ap_directive_t *current = NULL;
+ const char *retval;
+
+ retval = ap_build_cont_config(cmd->pool, cmd->temp_pool, cmd,
+ &current, &parent, (char *)cmd->cmd->name);
+ *(ap_directive_t **)mconfig = current;
+ return retval;
+ }
+ else {
+ *(ap_directive_t **)mconfig = NULL;
+ return ap_soak_end_container(cmd, (char *)cmd->cmd->name);
+ }
+}
+
+/* Callback to implement <IfModule> test for start_cond_section. */
+static int test_ifmod_section(cmd_parms *cmd, const char *arg)
+{
+ return find_module(cmd->server, arg) != NULL;
+}
+
+AP_DECLARE(int) ap_exists_config_define(const char *name)
+{
+ return ap_array_str_contains(ap_server_config_defines, name);
+}
+
+static int test_ifdefine_section(cmd_parms *cmd, const char *arg)
+{
+ return ap_exists_config_define(arg);
+}
+
+static int test_iffile_section(cmd_parms *cmd, const char *arg)
+{
+ const char *relative;
+ apr_finfo_t sb;
+
+ /*
+ * At least on Windows, if the path we are testing is not valid (for example
+ * a path on a USB key that is not plugged), 'ap_server_root_relative()' will
+ * return NULL. In such a case, consider that the file is not there and that
+ * the section should be skipped.
+ */
+ relative = ap_server_root_relative(cmd->temp_pool, arg);
+ return (relative &&
+ (apr_stat(&sb, relative, APR_FINFO_TYPE, cmd->temp_pool) == APR_SUCCESS));
+}
+
+static int test_ifdirective_section(cmd_parms *cmd, const char *arg)
+{
+ return ap_exists_directive(cmd->temp_pool, arg);
+}
+
+static int test_ifsection_section(cmd_parms *cmd, const char *arg)
+{
+ const char *name = apr_pstrcat(cmd->temp_pool, "<", arg, NULL);
+ return ap_exists_directive(cmd->temp_pool, name);
+}
+
+/* httpd.conf commands... beginning with the <VirtualHost> business */
+
+static const char *virtualhost_section(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ server_rec *main_server = cmd->server, *s;
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ apr_pool_t *p = cmd->pool;
+
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
+
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ /* FIXME: There's another feature waiting to happen here -- since you
+ can now put multiple addresses/names on a single <VirtualHost>
+ you might want to use it to group common definitions and then
+ define other "subhosts" with their individual differences. But
+ personally I'd rather just do it with a macro preprocessor. -djg */
+ if (main_server->is_virtual) {
+ return "<VirtualHost> doesn't nest!";
+ }
+
+ errmsg = ap_init_virtual_host(p, arg, main_server, &s);
+ if (errmsg) {
+ return errmsg;
+ }
+
+ s->next = main_server->next;
+ main_server->next = s;
+
+ s->defn_name = cmd->directive->filename;
+ s->defn_line_number = cmd->directive->line_num;
+
+ cmd->server = s;
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd,
+ s->lookup_defaults);
+
+ cmd->server = main_server;
+
+ return errmsg;
+}
+
+static const char *set_regex_default_options(cmd_parms *cmd,
+ void *dummy,
+ const char *arg)
+{
+ const command_rec *thiscmd = cmd->cmd;
+ int cflags, cflag;
+
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL) {
+ return err;
+ }
+
+ cflags = ap_regcomp_get_default_cflags();
+ while (*arg) {
+ const char *name = ap_getword_conf(cmd->pool, &arg);
+ int how = 0;
+
+ if (strcasecmp(name, "none") == 0) {
+ cflags = 0;
+ continue;
+ }
+
+ if (*name == '+') {
+ name++;
+ how = +1;
+ }
+ else if (*name == '-') {
+ name++;
+ how = -1;
+ }
+
+ cflag = ap_regcomp_default_cflag_by_name(name);
+ if (!cflag) {
+ return apr_psprintf(cmd->pool, "%s: option '%s' unknown",
+ thiscmd->name, name);
+ }
+
+ if (how > 0) {
+ cflags |= cflag;
+ }
+ else if (how < 0) {
+ cflags &= ~cflag;
+ }
+ else {
+ cflags = cflag;
+ }
+ }
+ ap_regcomp_set_default_cflags(cflags);
+
+ return NULL;
+}
+
+static const char *set_server_alias(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ if (!cmd->server->names) {
+ return "ServerAlias only used in <VirtualHost>";
+ }
+
+ while (*arg) {
+ char **item, *name = ap_getword_conf(cmd->pool, &arg);
+
+ if (ap_is_matchexp(name)) {
+ item = (char **)apr_array_push(cmd->server->wild_names);
+ }
+ else {
+ item = (char **)apr_array_push(cmd->server->names);
+ }
+
+ *item = name;
+ }
+
+ return NULL;
+}
+
+static const char *set_accf_map(cmd_parms *cmd, void *dummy,
+ const char *iproto, const char* iaccf)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ char* proto;
+ char* accf;
+ if (err != NULL) {
+ return err;
+ }
+
+ proto = apr_pstrdup(cmd->pool, iproto);
+ ap_str_tolower(proto);
+ accf = apr_pstrdup(cmd->pool, iaccf);
+ ap_str_tolower(accf);
+ apr_table_setn(conf->accf_map, proto, accf);
+
+ return NULL;
+}
+
+AP_DECLARE(const char*) ap_get_server_protocol(server_rec* s)
+{
+ core_server_config *conf = ap_get_core_module_config(s->module_config);
+ return conf->protocol;
+}
+
+AP_DECLARE(void) ap_set_server_protocol(server_rec* s, const char* proto)
+{
+ core_server_config *conf = ap_get_core_module_config(s->module_config);
+ conf->protocol = proto;
+}
+
+static const char *set_protocol(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ char* proto;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ proto = apr_pstrdup(cmd->pool, arg);
+ ap_str_tolower(proto);
+ conf->protocol = proto;
+
+ return NULL;
+}
+
+static const char *set_server_string_slot(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ /* This one's pretty generic... */
+
+ int offset = (int)(long)cmd->info;
+ char *struct_ptr = (char *)cmd->server;
+
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ if (err != NULL) {
+ return err;
+ }
+
+ *(const char **)(struct_ptr + offset) = arg;
+ return NULL;
+}
+
+/*
+ * The ServerName directive takes one argument with format
+ * [scheme://]fully-qualified-domain-name[:port], for instance
+ * ServerName www.example.com
+ * ServerName www.example.com:80
+ * ServerName https://www.example.com:443
+ */
+
+static const char *server_hostname_port(cmd_parms *cmd, void *dummy, const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ const char *portstr, *part;
+ char *scheme;
+ int port;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (apr_fnmatch_test(arg))
+ return apr_pstrcat(cmd->temp_pool, "Invalid ServerName \"", arg,
+ "\" use ServerAlias to set multiple server names.", NULL);
+
+ part = ap_strstr_c(arg, "://");
+
+ if (part) {
+ scheme = apr_pstrndup(cmd->pool, arg, part - arg);
+ ap_str_tolower(scheme);
+ cmd->server->server_scheme = (const char *)scheme;
+ part += 3;
+ } else {
+ part = arg;
+ }
+
+ portstr = ap_strchr_c(part, ':');
+ if (portstr) {
+ cmd->server->server_hostname = apr_pstrndup(cmd->pool, part,
+ portstr - part);
+ portstr++;
+ port = atoi(portstr);
+ if (port <= 0 || port >= 65536) { /* 65536 == 1<<16 */
+ return apr_pstrcat(cmd->temp_pool, "The port number \"", arg,
+ "\" is outside the appropriate range "
+ "(i.e., 1..65535).", NULL);
+ }
+ }
+ else {
+ cmd->server->server_hostname = apr_pstrdup(cmd->pool, part);
+ port = 0;
+ }
+
+ cmd->server->port = port;
+ return NULL;
+}
+
+static const char *set_signature_flag(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "On") == 0) {
+ d->server_signature = srv_sig_on;
+ }
+ else if (ap_cstr_casecmp(arg, "Off") == 0) {
+ d->server_signature = srv_sig_off;
+ }
+ else if (ap_cstr_casecmp(arg, "EMail") == 0) {
+ d->server_signature = srv_sig_withmail;
+ }
+ else {
+ return "ServerSignature: use one of: off | on | email";
+ }
+
+ return NULL;
+}
+
+static const char *set_server_root(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if ((apr_filepath_merge((char**)&ap_server_root, NULL, arg,
+ APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS)
+ || !ap_is_directory(cmd->temp_pool, ap_server_root)) {
+ return "ServerRoot must be a valid directory";
+ }
+
+ return NULL;
+}
+
+static const char *set_runtime_dir(cmd_parms *cmd, void *dummy, const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if ((apr_filepath_merge((char**)&ap_runtime_dir, NULL,
+ ap_server_root_relative(cmd->temp_pool, arg),
+ APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS)
+ || !ap_is_directory(cmd->temp_pool, ap_runtime_dir)) {
+ return "DefaultRuntimeDir must be a valid directory, absolute or relative to ServerRoot";
+ }
+
+ return NULL;
+}
+
+static const char *set_timeout(cmd_parms *cmd, void *dummy, const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ cmd->server->timeout = apr_time_from_sec(atoi(arg));
+ return NULL;
+}
+
+static const char *set_allow2f(cmd_parms *cmd, void *d_, const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (0 == ap_cstr_casecmp(arg, "on")) {
+ d->allow_encoded_slashes = 1;
+ d->decode_encoded_slashes = 1; /* for compatibility with 2.0 & 2.2 */
+ } else if (0 == ap_cstr_casecmp(arg, "off")) {
+ d->allow_encoded_slashes = 0;
+ d->decode_encoded_slashes = 0;
+ } else if (0 == ap_cstr_casecmp(arg, "nodecode")) {
+ d->allow_encoded_slashes = 1;
+ d->decode_encoded_slashes = 0;
+ } else {
+ return apr_pstrcat(cmd->pool,
+ cmd->cmd->name, " must be On, Off, or NoDecode",
+ NULL);
+ }
+ return NULL;
+}
+
+static const char *set_hostname_lookups(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (!ap_cstr_casecmp(arg, "on")) {
+ d->hostname_lookups = HOSTNAME_LOOKUP_ON;
+ }
+ else if (!ap_cstr_casecmp(arg, "off")) {
+ d->hostname_lookups = HOSTNAME_LOOKUP_OFF;
+ }
+ else if (!ap_cstr_casecmp(arg, "double")) {
+ d->hostname_lookups = HOSTNAME_LOOKUP_DOUBLE;
+ }
+ else {
+ return "parameter must be 'on', 'off', or 'double'";
+ }
+
+ return NULL;
+}
+
+static const char *set_serverpath(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ cmd->server->path = arg;
+ cmd->server->pathlen = (int)strlen(arg);
+ return NULL;
+}
+
+static const char *set_content_md5(cmd_parms *cmd, void *d_, int arg)
+{
+ core_dir_config *d = d_;
+
+ d->content_md5 = arg ? AP_CONTENT_MD5_ON : AP_CONTENT_MD5_OFF;
+ return NULL;
+}
+
+static const char *set_accept_path_info(cmd_parms *cmd, void *d_, const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ d->accept_path_info = AP_REQ_ACCEPT_PATH_INFO;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ d->accept_path_info = AP_REQ_REJECT_PATH_INFO;
+ }
+ else if (ap_cstr_casecmp(arg, "default") == 0) {
+ d->accept_path_info = AP_REQ_DEFAULT_PATH_INFO;
+ }
+ else {
+ return "AcceptPathInfo must be set to on, off or default";
+ }
+
+ return NULL;
+}
+
+static const char *set_use_canonical_name(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ d->use_canonical_name = USE_CANONICAL_NAME_ON;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ d->use_canonical_name = USE_CANONICAL_NAME_OFF;
+ }
+ else if (ap_cstr_casecmp(arg, "dns") == 0) {
+ d->use_canonical_name = USE_CANONICAL_NAME_DNS;
+ }
+ else {
+ return "parameter must be 'on', 'off', or 'dns'";
+ }
+
+ return NULL;
+}
+
+static const char *set_use_canonical_phys_port(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ d->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_ON;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ d->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_OFF;
+ }
+ else {
+ return "parameter must be 'on' or 'off'";
+ }
+
+ return NULL;
+}
+
+static const char *include_config (cmd_parms *cmd, void *dummy,
+ const char *name)
+{
+ ap_directive_t *conftree = NULL;
+ const char *conffile, *error;
+ unsigned *recursion;
+ int optional = cmd->cmd->cmd_data ? 1 : 0;
+ void *data;
+
+ /* NOTE: ap_include_sentinel is also used by ap_process_resource_config()
+ * during DUMP_INCLUDES; don't change its type or remove it without updating
+ * the other.
+ */
+ apr_pool_userdata_get(&data, "ap_include_sentinel", cmd->pool);
+ if (data) {
+ recursion = data;
+ }
+ else {
+ data = recursion = apr_palloc(cmd->pool, sizeof(*recursion));
+ *recursion = 0;
+ apr_pool_userdata_setn(data, "ap_include_sentinel", NULL, cmd->pool);
+ }
+
+ if (++*recursion > AP_MAX_INCLUDE_DEPTH) {
+ *recursion = 0;
+ return apr_psprintf(cmd->pool, "Exceeded maximum include depth of %u, "
+ "There appears to be a recursion.",
+ AP_MAX_INCLUDE_DEPTH);
+ }
+
+ conffile = ap_server_root_relative(cmd->pool, name);
+ if (!conffile) {
+ *recursion = 0;
+ return apr_pstrcat(cmd->pool, "Invalid Include path ",
+ name, NULL);
+ }
+
+ if (ap_exists_config_define("DUMP_INCLUDES")) {
+ unsigned *line_number;
+
+ /* NOTE: ap_include_lineno is used by ap_process_resource_config()
+ * during DUMP_INCLUDES; don't change its type or remove it without
+ * updating the other.
+ */
+ apr_pool_userdata_get(&data, "ap_include_lineno", cmd->pool);
+ if (data) {
+ line_number = data;
+ } else {
+ data = line_number = apr_palloc(cmd->pool, sizeof(*line_number));
+ apr_pool_userdata_setn(data, "ap_include_lineno", NULL, cmd->pool);
+ }
+
+ *line_number = cmd->config_file->line_number;
+ }
+
+ error = ap_process_fnmatch_configs(cmd->server, conffile, &conftree,
+ cmd->pool, cmd->temp_pool,
+ optional);
+ if (error) {
+ *recursion = 0;
+ return error;
+ }
+
+ *(ap_directive_t **)dummy = conftree;
+
+ /* recursion level done */
+ if (*recursion) {
+ --*recursion;
+ }
+
+ return NULL;
+}
+
+static const char *set_loglevel(cmd_parms *cmd, void *config_, const char *arg_)
+{
+ char *level_str;
+ int level;
+ module *module;
+ char *arg = apr_pstrdup(cmd->temp_pool, arg_);
+ struct ap_logconf *log;
+ const char *err;
+
+ if (cmd->path) {
+ core_dir_config *dconf = config_;
+ if (!dconf->log) {
+ dconf->log = ap_new_log_config(cmd->pool, NULL);
+ }
+ log = dconf->log;
+ }
+ else {
+ log = &cmd->server->log;
+ }
+
+ if (arg == NULL)
+ return "LogLevel requires level keyword or module loglevel specifier";
+
+ level_str = ap_strrchr(arg, ':');
+
+ if (level_str == NULL) {
+ err = ap_parse_log_level(arg, &log->level);
+ if (err != NULL)
+ return err;
+ ap_reset_module_loglevels(log, APLOG_NO_MODULE);
+ ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, cmd->server,
+ "Setting LogLevel for all modules to %s", arg);
+ return NULL;
+ }
+
+ *level_str++ = '\0';
+ if (!*level_str) {
+ return apr_psprintf(cmd->temp_pool, "Module specifier '%s' must be "
+ "followed by a log level keyword", arg);
+ }
+
+ err = ap_parse_log_level(level_str, &level);
+ if (err != NULL)
+ return apr_psprintf(cmd->temp_pool, "%s:%s: %s", arg, level_str, err);
+
+ if ((module = find_module(cmd->server, arg)) == NULL) {
+ char *name = apr_psprintf(cmd->temp_pool, "%s_module", arg);
+ ap_log_error(APLOG_MARK, APLOG_TRACE6, 0, cmd->server,
+ "Cannot find module '%s', trying '%s'", arg, name);
+ module = find_module(cmd->server, name);
+ }
+
+ if (module == NULL) {
+ return apr_psprintf(cmd->temp_pool, "Cannot find module %s", arg);
+ }
+
+ ap_set_module_loglevel(cmd->pool, log, module->module_index, level);
+ ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, cmd->server,
+ "Setting LogLevel for module %s to %s", module->name,
+ level_str);
+
+ return NULL;
+}
+
+AP_DECLARE(const char *) ap_psignature(const char *prefix, request_rec *r)
+{
+ char sport[20];
+ core_dir_config *conf;
+
+ conf = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+ if ((conf->server_signature == srv_sig_off)
+ || (conf->server_signature == srv_sig_unset)) {
+ return "";
+ }
+
+ apr_snprintf(sport, sizeof sport, "%u", (unsigned) ap_get_server_port(r));
+
+ if (conf->server_signature == srv_sig_withmail) {
+ return apr_pstrcat(r->pool, prefix, "<address>",
+ ap_get_server_banner(),
+ " Server at <a href=\"",
+ ap_is_url(r->server->server_admin) ? "" : "mailto:",
+ ap_escape_html(r->pool, r->server->server_admin),
+ "\">",
+ ap_escape_html(r->pool, ap_get_server_name(r)),
+ "</a> Port ", sport,
+ "</address>\n", NULL);
+ }
+
+ return apr_pstrcat(r->pool, prefix, "<address>", ap_get_server_banner(),
+ " Server at ",
+ ap_escape_html(r->pool, ap_get_server_name(r)),
+ " Port ", sport,
+ "</address>\n", NULL);
+}
+
+/*
+ * Handle a request to include the server's OS platform in the Server
+ * response header field (the ServerTokens directive). Unfortunately
+ * this requires a new global in order to communicate the setting back to
+ * http_main so it can insert the information in the right place in the
+ * string.
+ */
+
+static char *server_banner = NULL;
+static int banner_locked = 0;
+static const char *server_description = NULL;
+
+enum server_token_type {
+ SrvTk_MAJOR, /* eg: Apache/2 */
+ SrvTk_MINOR, /* eg. Apache/2.0 */
+ SrvTk_MINIMAL, /* eg: Apache/2.0.41 */
+ SrvTk_OS, /* eg: Apache/2.0.41 (UNIX) */
+ SrvTk_FULL, /* eg: Apache/2.0.41 (UNIX) PHP/4.2.2 FooBar/1.2b */
+ SrvTk_PRODUCT_ONLY /* eg: Apache */
+};
+static enum server_token_type ap_server_tokens = SrvTk_FULL;
+
+static apr_status_t reset_banner(void *dummy)
+{
+ banner_locked = 0;
+ ap_server_tokens = SrvTk_FULL;
+ server_banner = NULL;
+ server_description = NULL;
+ return APR_SUCCESS;
+}
+
+AP_DECLARE(void) ap_get_server_revision(ap_version_t *version)
+{
+ version->major = AP_SERVER_MAJORVERSION_NUMBER;
+ version->minor = AP_SERVER_MINORVERSION_NUMBER;
+ version->patch = AP_SERVER_PATCHLEVEL_NUMBER;
+ version->add_string = AP_SERVER_ADD_STRING;
+}
+
+AP_DECLARE(const char *) ap_get_server_description(void)
+{
+ return server_description ? server_description :
+ AP_SERVER_BASEVERSION " (" PLATFORM ")";
+}
+
+AP_DECLARE(const char *) ap_get_server_banner(void)
+{
+ return server_banner ? server_banner : AP_SERVER_BASEVERSION;
+}
+
+AP_DECLARE(void) ap_add_version_component(apr_pool_t *pconf, const char *component)
+{
+ if (! banner_locked) {
+ /*
+ * If the version string is null, register our cleanup to reset the
+ * pointer on pool destruction. We also know that, if NULL,
+ * we are adding the original SERVER_BASEVERSION string.
+ */
+ if (server_banner == NULL) {
+ apr_pool_cleanup_register(pconf, NULL, reset_banner,
+ apr_pool_cleanup_null);
+ server_banner = apr_pstrdup(pconf, component);
+ }
+ else {
+ /*
+ * Tack the given component identifier to the end of
+ * the existing string.
+ */
+ server_banner = apr_pstrcat(pconf, server_banner, " ",
+ component, NULL);
+ }
+ }
+ server_description = apr_pstrcat(pconf, server_description, " ",
+ component, NULL);
+}
+
+/*
+ * This routine adds the real server base identity to the banner string,
+ * and then locks out changes until the next reconfig.
+ */
+static void set_banner(apr_pool_t *pconf)
+{
+ if (ap_server_tokens == SrvTk_PRODUCT_ONLY) {
+ ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT);
+ }
+ else if (ap_server_tokens == SrvTk_MINIMAL) {
+ ap_add_version_component(pconf, AP_SERVER_BASEVERSION);
+ }
+ else if (ap_server_tokens == SrvTk_MINOR) {
+ ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MINORREVISION);
+ }
+ else if (ap_server_tokens == SrvTk_MAJOR) {
+ ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MAJORVERSION);
+ }
+ else {
+ ap_add_version_component(pconf, AP_SERVER_BASEVERSION " (" PLATFORM ")");
+ }
+
+ /*
+ * Lock the server_banner string if we're not displaying
+ * the full set of tokens
+ */
+ if (ap_server_tokens != SrvTk_FULL) {
+ banner_locked++;
+ }
+ server_description = AP_SERVER_BASEVERSION " (" PLATFORM ")";
+}
+
+static const char *set_serv_tokens(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (!ap_cstr_casecmp(arg, "OS")) {
+ ap_server_tokens = SrvTk_OS;
+ }
+ else if (!ap_cstr_casecmp(arg, "Min") || !ap_cstr_casecmp(arg, "Minimal")) {
+ ap_server_tokens = SrvTk_MINIMAL;
+ }
+ else if (!ap_cstr_casecmp(arg, "Major")) {
+ ap_server_tokens = SrvTk_MAJOR;
+ }
+ else if (!ap_cstr_casecmp(arg, "Minor") ) {
+ ap_server_tokens = SrvTk_MINOR;
+ }
+ else if (!ap_cstr_casecmp(arg, "Prod") || !ap_cstr_casecmp(arg, "ProductOnly")) {
+ ap_server_tokens = SrvTk_PRODUCT_ONLY;
+ }
+ else if (!ap_cstr_casecmp(arg, "Full")) {
+ ap_server_tokens = SrvTk_FULL;
+ }
+ else {
+ return "ServerTokens takes 1 argument: 'Prod(uctOnly)', 'Major', 'Minor', 'Min(imal)', 'OS', or 'Full'";
+ }
+
+ return NULL;
+}
+
+static const char *set_limit_req_line(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ int lim;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ lim = atoi(arg);
+ if (lim < 0) {
+ return apr_pstrcat(cmd->temp_pool, "LimitRequestLine \"", arg,
+ "\" must be a non-negative integer", NULL);
+ }
+
+ cmd->server->limit_req_line = lim;
+ return NULL;
+}
+
+static const char *set_limit_req_fieldsize(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ int lim;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ lim = atoi(arg);
+ if (lim < 0) {
+ return apr_pstrcat(cmd->temp_pool, "LimitRequestFieldsize \"", arg,
+ "\" must be a non-negative integer",
+ NULL);
+ }
+
+ cmd->server->limit_req_fieldsize = lim;
+ return NULL;
+}
+
+static const char *set_limit_req_fields(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+ int lim;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ lim = atoi(arg);
+ if (lim < 0) {
+ return apr_pstrcat(cmd->temp_pool, "LimitRequestFields \"", arg,
+ "\" must be a non-negative integer (0 = no limit)",
+ NULL);
+ }
+
+ cmd->server->limit_req_fields = lim;
+ return NULL;
+}
+
+static const char *set_limit_req_body(cmd_parms *cmd, void *conf_,
+ const char *arg)
+{
+ core_dir_config *conf = conf_;
+ char *errp;
+
+ if (APR_SUCCESS != apr_strtoff(&conf->limit_req_body, arg, &errp, 10)) {
+ return "LimitRequestBody argument is not parsable.";
+ }
+ if (*errp || conf->limit_req_body < 0) {
+ return "LimitRequestBody requires a non-negative integer.";
+ }
+
+ return NULL;
+}
+
+static const char *set_limit_xml_req_body(cmd_parms *cmd, void *conf_,
+ const char *arg)
+{
+ core_dir_config *conf = conf_;
+
+ conf->limit_xml_body = atol(arg);
+ if (conf->limit_xml_body < 0)
+ return "LimitXMLRequestBody requires a non-negative integer.";
+
+ /* zero is AP_MAX_LIMIT_XML_BODY (implicitly) */
+ if ((apr_size_t)conf->limit_xml_body > AP_MAX_LIMIT_XML_BODY)
+ return apr_psprintf(cmd->pool, "LimitXMLRequestBody must not exceed "
+ "%" APR_SIZE_T_FMT, AP_MAX_LIMIT_XML_BODY);
+
+ return NULL;
+}
+
+static const char *set_max_ranges(cmd_parms *cmd, void *conf_, const char *arg)
+{
+ core_dir_config *conf = conf_;
+ int val = 0;
+
+ if (!ap_cstr_casecmp(arg, "none")) {
+ val = AP_MAXRANGES_NORANGES;
+ }
+ else if (!ap_cstr_casecmp(arg, "default")) {
+ val = AP_MAXRANGES_DEFAULT;
+ }
+ else if (!ap_cstr_casecmp(arg, "unlimited")) {
+ val = AP_MAXRANGES_UNLIMITED;
+ }
+ else {
+ val = atoi(arg);
+ if (val <= 0)
+ return "MaxRanges requires 'none', 'default', 'unlimited' or "
+ "a positive integer";
+ }
+
+ conf->max_ranges = val;
+
+ return NULL;
+}
+
+static const char *set_max_overlaps(cmd_parms *cmd, void *conf_, const char *arg)
+{
+ core_dir_config *conf = conf_;
+ int val = 0;
+
+ if (!ap_cstr_casecmp(arg, "none")) {
+ val = AP_MAXRANGES_NORANGES;
+ }
+ else if (!ap_cstr_casecmp(arg, "default")) {
+ val = AP_MAXRANGES_DEFAULT;
+ }
+ else if (!ap_cstr_casecmp(arg, "unlimited")) {
+ val = AP_MAXRANGES_UNLIMITED;
+ }
+ else {
+ val = atoi(arg);
+ if (val <= 0)
+ return "MaxRangeOverlaps requires 'none', 'default', 'unlimited' or "
+ "a positive integer";
+ }
+
+ conf->max_overlaps = val;
+
+ return NULL;
+}
+
+static const char *set_max_reversals(cmd_parms *cmd, void *conf_, const char *arg)
+{
+ core_dir_config *conf = conf_;
+ int val = 0;
+
+ if (!ap_cstr_casecmp(arg, "none")) {
+ val = AP_MAXRANGES_NORANGES;
+ }
+ else if (!ap_cstr_casecmp(arg, "default")) {
+ val = AP_MAXRANGES_DEFAULT;
+ }
+ else if (!ap_cstr_casecmp(arg, "unlimited")) {
+ val = AP_MAXRANGES_UNLIMITED;
+ }
+ else {
+ val = atoi(arg);
+ if (val <= 0)
+ return "MaxRangeReversals requires 'none', 'default', 'unlimited' or "
+ "a positive integer";
+ }
+
+ conf->max_reversals = val;
+
+ return NULL;
+}
+
+AP_DECLARE(apr_size_t) ap_get_limit_xml_body(const request_rec *r)
+{
+ core_dir_config *conf;
+
+ conf = ap_get_core_module_config(r->per_dir_config);
+ if (conf->limit_xml_body == AP_LIMIT_UNSET)
+ return AP_DEFAULT_LIMIT_XML_BODY;
+ if (conf->limit_xml_body == 0)
+ return AP_MAX_LIMIT_XML_BODY;
+
+ return (apr_size_t)conf->limit_xml_body;
+}
+
+#if !defined (RLIMIT_CPU) || !(defined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined(RLIMIT_AS)) || !defined (RLIMIT_NPROC)
+static const char *no_set_limit(cmd_parms *cmd, void *conf_,
+ const char *arg, const char *arg2)
+{
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server, APLOGNO(00118)
+ "%s not supported on this platform", cmd->cmd->name);
+
+ return NULL;
+}
+#endif
+
+#ifdef RLIMIT_CPU
+static const char *set_limit_cpu(cmd_parms *cmd, void *conf_,
+ const char *arg, const char *arg2)
+{
+ core_dir_config *conf = conf_;
+
+ ap_unixd_set_rlimit(cmd, &conf->limit_cpu, arg, arg2, RLIMIT_CPU);
+ return NULL;
+}
+#endif
+
+#if defined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined(RLIMIT_AS)
+static const char *set_limit_mem(cmd_parms *cmd, void *conf_,
+ const char *arg, const char * arg2)
+{
+ core_dir_config *conf = conf_;
+
+#if defined(RLIMIT_AS)
+ ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2 ,RLIMIT_AS);
+#elif defined(RLIMIT_DATA)
+ ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2, RLIMIT_DATA);
+#elif defined(RLIMIT_VMEM)
+ ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2, RLIMIT_VMEM);
+#endif
+
+ return NULL;
+}
+#endif
+
+#ifdef RLIMIT_NPROC
+static const char *set_limit_nproc(cmd_parms *cmd, void *conf_,
+ const char *arg, const char * arg2)
+{
+ core_dir_config *conf = conf_;
+
+ ap_unixd_set_rlimit(cmd, &conf->limit_nproc, arg, arg2, RLIMIT_NPROC);
+ return NULL;
+}
+#endif
+
+static const char *set_recursion_limit(cmd_parms *cmd, void *dummy,
+ const char *arg1, const char *arg2)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ int limit = atoi(arg1);
+
+ if (limit <= 0) {
+ return "The recursion limit must be greater than zero.";
+ }
+ if (limit < 4) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00119)
+ "Limiting internal redirects to very low numbers may "
+ "cause normal requests to fail.");
+ }
+
+ conf->redirect_limit = limit;
+
+ if (arg2) {
+ limit = atoi(arg2);
+
+ if (limit <= 0) {
+ return "The recursion limit must be greater than zero.";
+ }
+ if (limit < 4) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00120)
+ "Limiting the subrequest depth to a very low level may"
+ " cause normal requests to fail.");
+ }
+ }
+
+ conf->subreq_limit = limit;
+
+ return NULL;
+}
+
+static void log_backtrace(const request_rec *r)
+{
+ const request_rec *top = r;
+
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00121)
+ "r->uri = %s", r->uri ? r->uri : "(unexpectedly NULL)");
+
+ while (top && (top->prev || top->main)) {
+ if (top->prev) {
+ top = top->prev;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00122)
+ "redirected from r->uri = %s",
+ top->uri ? top->uri : "(unexpectedly NULL)");
+ }
+
+ if (!top->prev && top->main) {
+ top = top->main;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00123)
+ "subrequested from r->uri = %s",
+ top->uri ? top->uri : "(unexpectedly NULL)");
+ }
+ }
+}
+
+/*
+ * check whether redirect limit is reached
+ */
+AP_DECLARE(int) ap_is_recursion_limit_exceeded(const request_rec *r)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(r->server->module_config);
+ const request_rec *top = r;
+ int redirects = 0, subreqs = 0;
+ int rlimit = conf->redirect_limit
+ ? conf->redirect_limit
+ : AP_DEFAULT_MAX_INTERNAL_REDIRECTS;
+ int slimit = conf->subreq_limit
+ ? conf->subreq_limit
+ : AP_DEFAULT_MAX_SUBREQ_DEPTH;
+
+
+ while (top->prev || top->main) {
+ if (top->prev) {
+ if (++redirects >= rlimit) {
+ /* uuh, too much. */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00124)
+ "Request exceeded the limit of %d internal "
+ "redirects due to probable configuration error. "
+ "Use 'LimitInternalRecursion' to increase the "
+ "limit if necessary. Use 'LogLevel debug' to get "
+ "a backtrace.", rlimit);
+
+ /* post backtrace */
+ log_backtrace(r);
+
+ /* return failure */
+ return 1;
+ }
+
+ top = top->prev;
+ }
+
+ if (!top->prev && top->main) {
+ if (++subreqs >= slimit) {
+ /* uuh, too much. */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00125)
+ "Request exceeded the limit of %d subrequest "
+ "nesting levels due to probable configuration "
+ "error. Use 'LimitInternalRecursion' to increase "
+ "the limit if necessary. Use 'LogLevel debug' to "
+ "get a backtrace.", slimit);
+
+ /* post backtrace */
+ log_backtrace(r);
+
+ /* return failure */
+ return 1;
+ }
+
+ top = top->main;
+ }
+ }
+
+ /* recursion state: ok */
+ return 0;
+}
+
+static const char *set_trace_enable(cmd_parms *cmd, void *dummy,
+ const char *arg1)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+
+ if (ap_cstr_casecmp(arg1, "on") == 0) {
+ conf->trace_enable = AP_TRACE_ENABLE;
+ }
+ else if (ap_cstr_casecmp(arg1, "off") == 0) {
+ conf->trace_enable = AP_TRACE_DISABLE;
+ }
+ else if (ap_cstr_casecmp(arg1, "extended") == 0) {
+ conf->trace_enable = AP_TRACE_EXTENDED;
+ }
+ else {
+ return "TraceEnable must be one of 'on', 'off', or 'extended'";
+ }
+
+ return NULL;
+}
+
+static const char *set_protocols(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ const char **np;
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+
+ if (err) {
+ return err;
+ }
+
+ np = (const char **)apr_array_push(conf->protocols);
+ *np = arg;
+
+ return NULL;
+}
+
+static const char *set_protocols_honor_order(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_CONTEXT);
+
+ if (err) {
+ return err;
+ }
+
+ if (ap_cstr_casecmp(arg, "on") == 0) {
+ conf->protocols_honor_order = 1;
+ }
+ else if (ap_cstr_casecmp(arg, "off") == 0) {
+ conf->protocols_honor_order = 0;
+ }
+ else {
+ return "ProtocolsHonorOrder must be 'on' or 'off'";
+ }
+
+ return NULL;
+}
+
+static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+
+ if (strcasecmp(arg, "allow0.9") == 0)
+ conf->http09_enable |= AP_HTTP09_ENABLE;
+ else if (strcasecmp(arg, "require1.0") == 0)
+ conf->http09_enable |= AP_HTTP09_DISABLE;
+ else if (strcasecmp(arg, "strict") == 0)
+ conf->http_conformance |= AP_HTTP_CONFORMANCE_STRICT;
+ else if (strcasecmp(arg, "unsafe") == 0)
+ conf->http_conformance |= AP_HTTP_CONFORMANCE_UNSAFE;
+ else if (strcasecmp(arg, "registeredmethods") == 0)
+ conf->http_methods |= AP_HTTP_METHODS_REGISTERED;
+ else if (strcasecmp(arg, "lenientmethods") == 0)
+ conf->http_methods |= AP_HTTP_METHODS_LENIENT;
+ else
+ return "HttpProtocolOptions accepts "
+ "'Unsafe' or 'Strict' (default), "
+ "'RegisteredMethods' or 'LenientMethods' (default), and "
+ "'Require1.0' or 'Allow0.9' (default)";
+
+ if ((conf->http09_enable & AP_HTTP09_ENABLE)
+ && (conf->http09_enable & AP_HTTP09_DISABLE))
+ return "HttpProtocolOptions 'Allow0.9' and 'Require1.0'"
+ " are mutually exclusive";
+
+ if ((conf->http_conformance & AP_HTTP_CONFORMANCE_STRICT)
+ && (conf->http_conformance & AP_HTTP_CONFORMANCE_UNSAFE))
+ return "HttpProtocolOptions 'Strict' and 'Unsafe'"
+ " are mutually exclusive";
+
+ if ((conf->http_methods & AP_HTTP_METHODS_REGISTERED)
+ && (conf->http_methods & AP_HTTP_METHODS_LENIENT))
+ return "HttpProtocolOptions 'RegisteredMethods' and 'LenientMethods'"
+ " are mutually exclusive";
+
+ return NULL;
+}
+
+static const char *set_http_method(cmd_parms *cmd, void *conf, const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL)
+ return err;
+ ap_method_register(cmd->pool, arg);
+ return NULL;
+}
+
+static apr_hash_t *errorlog_hash;
+
+static int log_constant_item(const ap_errorlog_info *info, const char *arg,
+ char *buf, int buflen)
+{
+ char *end = apr_cpystrn(buf, arg, buflen);
+ return end - buf;
+}
+
+static char *parse_errorlog_misc_string(apr_pool_t *p,
+ ap_errorlog_format_item *it,
+ const char **sa)
+{
+ const char *s;
+ char scratch[MAX_STRING_LEN];
+ char *d = scratch;
+ /*
+ * non-leading white space terminates this string to allow the next field
+ * separator to be inserted
+ */
+ int at_start = 1;
+
+ it->func = log_constant_item;
+ s = *sa;
+
+ while (*s && *s != '%' && (*s != ' ' || at_start) && d < scratch + MAX_STRING_LEN) {
+ if (*s != '\\') {
+ if (*s != ' ') {
+ at_start = 0;
+ }
+ *d++ = *s++;
+ }
+ else {
+ s++;
+ switch (*s) {
+ case 'r':
+ *d++ = '\r';
+ s++;
+ break;
+ case 'n':
+ *d++ = '\n';
+ s++;
+ break;
+ case 't':
+ *d++ = '\t';
+ s++;
+ break;
+ case '\0':
+ /* handle end of string */
+ *d++ = '\\';
+ break;
+ default:
+ /* copy next char verbatim */
+ *d++ = *s++;
+ break;
+ }
+ }
+ }
+ *d = '\0';
+ it->arg = apr_pstrdup(p, scratch);
+
+ *sa = s;
+ return NULL;
+}
+
+static char *parse_errorlog_item(apr_pool_t *p, ap_errorlog_format_item *it,
+ const char **sa)
+{
+ const char *s = *sa;
+ ap_errorlog_handler *handler;
+ int i;
+
+ if (*s != '%') {
+ if (*s == ' ') {
+ it->flags |= AP_ERRORLOG_FLAG_FIELD_SEP;
+ }
+ return parse_errorlog_misc_string(p, it, sa);
+ }
+
+ ++s;
+
+ if (*s == ' ') {
+ /* percent-space (% ) is a field separator */
+ it->flags |= AP_ERRORLOG_FLAG_FIELD_SEP;
+ *sa = ++s;
+ /* recurse */
+ return parse_errorlog_item(p, it, sa);
+ }
+ else if (*s == '%') {
+ it->arg = "%";
+ it->func = log_constant_item;
+ *sa = ++s;
+ return NULL;
+ }
+
+ while (*s) {
+ switch (*s) {
+ case '{':
+ ++s;
+ it->arg = ap_getword(p, &s, '}');
+ break;
+ case '+':
+ ++s;
+ it->flags |= AP_ERRORLOG_FLAG_REQUIRED;
+ break;
+ case '-':
+ ++s;
+ it->flags |= AP_ERRORLOG_FLAG_NULL_AS_HYPHEN;
+ break;
+ case '0':
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ case '8':
+ case '9':
+ i = *s - '0';
+ while (apr_isdigit(*++s))
+ i = i * 10 + (*s) - '0';
+ it->min_loglevel = i;
+ break;
+ case 'M':
+ it->func = NULL;
+ it->flags |= AP_ERRORLOG_FLAG_MESSAGE;
+ *sa = ++s;
+ return NULL;
+ default:
+ handler = (ap_errorlog_handler *)apr_hash_get(errorlog_hash, s, 1);
+ if (!handler) {
+ char dummy[2];
+
+ dummy[0] = *s;
+ dummy[1] = '\0';
+ return apr_pstrcat(p, "Unrecognized error log format directive %",
+ dummy, NULL);
+ }
+ it->func = handler->func;
+ *sa = ++s;
+ return NULL;
+ }
+ }
+
+ return "Ran off end of error log format parsing args to some directive";
+}
+
+static apr_array_header_t *parse_errorlog_string(apr_pool_t *p,
+ const char *s,
+ const char **err,
+ int is_main_fmt)
+{
+ apr_array_header_t *a = apr_array_make(p, 30,
+ sizeof(ap_errorlog_format_item));
+ char *res;
+ int seen_msg_fmt = 0;
+
+ while (s && *s) {
+ ap_errorlog_format_item *item =
+ (ap_errorlog_format_item *)apr_array_push(a);
+ memset(item, 0, sizeof(*item));
+ res = parse_errorlog_item(p, item, &s);
+ if (res) {
+ *err = res;
+ return NULL;
+ }
+ if (item->flags & AP_ERRORLOG_FLAG_MESSAGE) {
+ if (!is_main_fmt) {
+ *err = "%M cannot be used in once-per-request or "
+ "once-per-connection formats";
+ return NULL;
+ }
+ seen_msg_fmt = 1;
+ }
+ if (is_main_fmt && item->flags & AP_ERRORLOG_FLAG_REQUIRED) {
+ *err = "The '+' flag cannot be used in the main error log format";
+ return NULL;
+ }
+ if (!is_main_fmt && item->min_loglevel) {
+ *err = "The loglevel cannot be used as a condition in "
+ "once-per-request or once-per-connection formats";
+ return NULL;
+ }
+ if (item->min_loglevel > APLOG_TRACE8) {
+ *err = "The specified loglevel modifier is out of range";
+ return NULL;
+ }
+ }
+
+ if (is_main_fmt && !seen_msg_fmt) {
+ *err = "main ErrorLogFormat must contain message format string '%M'";
+ return NULL;
+ }
+
+ return a;
+}
+
+static const char *set_errorlog_format(cmd_parms *cmd, void *dummy,
+ const char *arg1, const char *arg2)
+{
+ const char *err_string = NULL;
+ core_server_config *conf =
+ ap_get_core_module_config(cmd->server->module_config);
+
+ if (!arg2) {
+ conf->error_log_format = parse_errorlog_string(cmd->pool, arg1,
+ &err_string, 1);
+ }
+ else if (!ap_cstr_casecmp(arg1, "connection")) {
+ if (!conf->error_log_conn) {
+ conf->error_log_conn = apr_array_make(cmd->pool, 5,
+ sizeof(apr_array_header_t *));
+ }
+
+ if (*arg2) {
+ apr_array_header_t **e;
+ e = (apr_array_header_t **) apr_array_push(conf->error_log_conn);
+ *e = parse_errorlog_string(cmd->pool, arg2, &err_string, 0);
+ }
+ }
+ else if (!ap_cstr_casecmp(arg1, "request")) {
+ if (!conf->error_log_req) {
+ conf->error_log_req = apr_array_make(cmd->pool, 5,
+ sizeof(apr_array_header_t *));
+ }
+
+ if (*arg2) {
+ apr_array_header_t **e;
+ e = (apr_array_header_t **) apr_array_push(conf->error_log_req);
+ *e = parse_errorlog_string(cmd->pool, arg2, &err_string, 0);
+ }
+ }
+ else {
+ err_string = "ErrorLogFormat type must be one of request, connection";
+ }
+
+ return err_string;
+}
+
+AP_DECLARE(void) ap_register_errorlog_handler(apr_pool_t *p, char *tag,
+ ap_errorlog_handler_fn_t *handler,
+ int flags)
+{
+ ap_errorlog_handler *log_struct = apr_palloc(p, sizeof(*log_struct));
+ log_struct->func = handler;
+ log_struct->flags = flags;
+
+ apr_hash_set(errorlog_hash, tag, 1, (const void *)log_struct);
+}
+
+
+static const char *set_merge_trailers(cmd_parms *cmd, void *dummy, int arg)
+{
+ core_server_config *conf = ap_get_module_config(cmd->server->module_config,
+ &core_module);
+ conf->merge_trailers = (arg ? AP_MERGE_TRAILERS_ENABLE :
+ AP_MERGE_TRAILERS_DISABLE);
+
+ return NULL;
+}
+
+/* Note --- ErrorDocument will now work from .htaccess files.
+ * The AllowOverride of Fileinfo allows webmasters to turn it off
+ */
+
+static const command_rec core_cmds[] = {
+
+/* Old access config file commands */
+
+AP_INIT_RAW_ARGS("<Directory", dirsection, NULL, RSRC_CONF,
+ "Container for directives affecting resources located in the specified "
+ "directories"),
+AP_INIT_RAW_ARGS("<Location", urlsection, NULL, RSRC_CONF,
+ "Container for directives affecting resources accessed through the "
+ "specified URL paths"),
+AP_INIT_RAW_ARGS("<VirtualHost", virtualhost_section, NULL, RSRC_CONF,
+ "Container to map directives to a particular virtual host, takes one or "
+ "more host addresses"),
+AP_INIT_RAW_ARGS("<Files", filesection, NULL, OR_ALL,
+ "Container for directives affecting files matching specified patterns"),
+AP_INIT_RAW_ARGS("<Limit", ap_limit_section, NULL, OR_LIMIT | OR_AUTHCFG,
+ "Container for authentication directives when accessed using specified HTTP "
+ "methods"),
+AP_INIT_RAW_ARGS("<LimitExcept", ap_limit_section, (void*)1,
+ OR_LIMIT | OR_AUTHCFG,
+ "Container for authentication directives to be applied when any HTTP "
+ "method other than those specified is used to access the resource"),
+AP_INIT_RAW_ARGS("<IfModule", start_cond_section, (void *)test_ifmod_section,
+ EXEC_ON_READ | OR_ALL,
+ "Container for directives based on existence of specified modules"),
+AP_INIT_RAW_ARGS("<IfDefine", start_cond_section, (void *)test_ifdefine_section,
+ EXEC_ON_READ | OR_ALL,
+ "Container for directives based on existence of command line defines"),
+AP_INIT_RAW_ARGS("<IfFile", start_cond_section, (void *)test_iffile_section,
+ EXEC_ON_READ | OR_ALL,
+ "Container for directives based on existence of files on disk"),
+AP_INIT_RAW_ARGS("<IfDirective", start_cond_section, (void *)test_ifdirective_section,
+ EXEC_ON_READ | OR_ALL,
+ "Container for directives based on existence of named directive"),
+AP_INIT_RAW_ARGS("<IfSection", start_cond_section, (void *)test_ifsection_section,
+ EXEC_ON_READ | OR_ALL,
+ "Container for directives based on existence of named section"),
+AP_INIT_RAW_ARGS("<DirectoryMatch", dirsection, (void*)1, RSRC_CONF,
+ "Container for directives affecting resources located in the "
+ "specified directories"),
+AP_INIT_RAW_ARGS("<LocationMatch", urlsection, (void*)1, RSRC_CONF,
+ "Container for directives affecting resources accessed through the "
+ "specified URL paths"),
+AP_INIT_RAW_ARGS("<FilesMatch", filesection, (void*)1, OR_ALL,
+ "Container for directives affecting files matching specified patterns"),
+#ifdef GPROF
+AP_INIT_TAKE1("GprofDir", set_gprof_dir, NULL, RSRC_CONF,
+ "Directory to plop gmon.out files"),
+#endif
+AP_INIT_TAKE1("AddDefaultCharset", set_add_default_charset, NULL, OR_FILEINFO,
+ "The name of the default charset to add to any Content-Type without one or 'Off' to disable"),
+AP_INIT_TAKE1("AcceptPathInfo", set_accept_path_info, NULL, OR_FILEINFO,
+ "Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference"),
+AP_INIT_TAKE12("Define", set_define, NULL, EXEC_ON_READ|ACCESS_CONF|RSRC_CONF,
+ "Define a variable, optionally to a value. Same as passing -D to the command line."),
+AP_INIT_TAKE1("UnDefine", unset_define, NULL, EXEC_ON_READ|ACCESS_CONF|RSRC_CONF,
+ "Undefine the existence of a variable. Undo a Define."),
+AP_INIT_RAW_ARGS("Error", generate_error, NULL, OR_ALL,
+ "Generate error message from within configuration"),
+AP_INIT_RAW_ARGS("<If", ifsection, COND_IF, OR_ALL,
+ "Container for directives to be conditionally applied"),
+AP_INIT_RAW_ARGS("<ElseIf", ifsection, COND_ELSEIF, OR_ALL,
+ "Container for directives to be conditionally applied"),
+AP_INIT_RAW_ARGS("<Else", ifsection, COND_ELSE, OR_ALL,
+ "Container for directives to be conditionally applied"),
+
+/* Old resource config file commands */
+
+AP_INIT_RAW_ARGS("AccessFileName", set_access_name, NULL, RSRC_CONF,
+ "Name(s) of per-directory config files (default: .htaccess)"),
+AP_INIT_TAKE1("DocumentRoot", set_document_root, NULL, RSRC_CONF,
+ "Root directory of the document tree"),
+AP_INIT_TAKE2("ErrorDocument", set_error_document, NULL, OR_FILEINFO,
+ "Change responses for HTTP errors"),
+AP_INIT_RAW_ARGS("AllowOverride", set_override, NULL, ACCESS_CONF,
+ "Controls what groups of directives can be configured by per-directory "
+ "config files"),
+AP_INIT_TAKE_ARGV("AllowOverrideList", set_override_list, NULL, ACCESS_CONF,
+ "Controls what individual directives can be configured by per-directory "
+ "config files"),
+AP_INIT_RAW_ARGS("Options", set_options, NULL, OR_OPTIONS,
+ "Set a number of attributes for a given directory"),
+AP_INIT_TAKE1("DefaultType", set_default_type, NULL, OR_FILEINFO,
+ "the default media type for otherwise untyped files (DEPRECATED)"),
+AP_INIT_RAW_ARGS("FileETag", set_etag_bits, NULL, OR_FILEINFO,
+ "Specify components used to construct a file's ETag"),
+AP_INIT_TAKE1("EnableMMAP", set_enable_mmap, NULL, OR_FILEINFO,
+ "Controls whether memory-mapping may be used to read files"),
+AP_INIT_TAKE1("EnableSendfile", set_enable_sendfile, NULL, OR_FILEINFO,
+ "Controls whether sendfile may be used to transmit files"),
+AP_INIT_TAKE1("ReadBufferSize", set_read_buf_size, NULL, ACCESS_CONF|RSRC_CONF,
+ "Size (in bytes) of the memory buffers used to read data"),
+AP_INIT_TAKE1("FlushMaxThreshold", set_flush_max_threshold, NULL, RSRC_CONF,
+ "Maximum threshold above which pending data are flushed to the network"),
+AP_INIT_TAKE1("FlushMaxPipelined", set_flush_max_pipelined, NULL, RSRC_CONF,
+ "Maximum number of pipelined responses (pending) above which they are "
+ "flushed to the network"),
+
+/* Old server config file commands */
+
+AP_INIT_TAKE1("Protocol", set_protocol, NULL, RSRC_CONF,
+ "Set the Protocol for httpd to use."),
+AP_INIT_TAKE2("AcceptFilter", set_accf_map, NULL, RSRC_CONF,
+ "Set the Accept Filter to use for a protocol"),
+AP_INIT_TAKE1("Port", ap_set_deprecated, NULL, RSRC_CONF,
+ "Port was replaced with Listen in Apache 2.0"),
+AP_INIT_TAKE1("HostnameLookups", set_hostname_lookups, NULL,
+ ACCESS_CONF|RSRC_CONF,
+ "\"on\" to enable, \"off\" to disable reverse DNS lookups, or \"double\" to "
+ "enable double-reverse DNS lookups"),
+AP_INIT_TAKE1("ServerAdmin", set_server_string_slot,
+ (void *)APR_OFFSETOF(server_rec, server_admin), RSRC_CONF,
+ "The email address of the server administrator"),
+AP_INIT_TAKE1("ServerName", server_hostname_port, NULL, RSRC_CONF,
+ "The hostname and port of the server"),
+AP_INIT_TAKE1("ServerSignature", set_signature_flag, NULL, OR_ALL,
+ "En-/disable server signature (on|off|email)"),
+AP_INIT_TAKE1("ServerRoot", set_server_root, NULL, RSRC_CONF | EXEC_ON_READ,
+ "Common directory of server-related files (logs, confs, etc.)"),
+AP_INIT_TAKE1("DefaultRuntimeDir", set_runtime_dir, NULL, RSRC_CONF | EXEC_ON_READ,
+ "Common directory for run-time files (shared memory, locks, etc.)"),
+AP_INIT_TAKE1("ErrorLog", set_server_string_slot,
+ (void *)APR_OFFSETOF(server_rec, error_fname), RSRC_CONF,
+ "The filename of the error log"),
+AP_INIT_TAKE12("ErrorLogFormat", set_errorlog_format, NULL, RSRC_CONF,
+ "Format string for the ErrorLog"),
+AP_INIT_RAW_ARGS("ServerAlias", set_server_alias, NULL, RSRC_CONF,
+ "A name or names alternately used to access the server"),
+AP_INIT_TAKE1("ServerPath", set_serverpath, NULL, RSRC_CONF,
+ "The pathname the server can be reached at"),
+AP_INIT_TAKE1("Timeout", set_timeout, NULL, RSRC_CONF,
+ "Timeout duration (sec)"),
+AP_INIT_FLAG("ContentDigest", set_content_md5, NULL, OR_OPTIONS,
+ "whether or not to send a Content-MD5 header with each request"),
+AP_INIT_TAKE1("UseCanonicalName", set_use_canonical_name, NULL,
+ RSRC_CONF|ACCESS_CONF,
+ "How to work out the ServerName : Port when constructing URLs"),
+AP_INIT_TAKE1("UseCanonicalPhysicalPort", set_use_canonical_phys_port, NULL,
+ RSRC_CONF|ACCESS_CONF,
+ "Whether to use the physical Port when constructing URLs"),
+/* TODO: RlimitFoo should all be part of mod_cgi, not in the core */
+/* TODO: ListenBacklog in MPM */
+AP_INIT_TAKE1("Include", include_config, NULL,
+ (RSRC_CONF | ACCESS_CONF | EXEC_ON_READ),
+ "Name(s) of the config file(s) to be included; fails if the wildcard does "
+ "not match at least one file"),
+AP_INIT_TAKE1("IncludeOptional", include_config, (void*)1,
+ (RSRC_CONF | ACCESS_CONF | EXEC_ON_READ),
+ "Name or pattern of the config file(s) to be included; ignored if the file "
+ "does not exist or the pattern does not match any files"),
+AP_INIT_ITERATE("LogLevel", set_loglevel, NULL, RSRC_CONF|ACCESS_CONF,
+ "Level of verbosity in error logging"),
+AP_INIT_TAKE1("NameVirtualHost", ap_set_name_virtual_host, NULL, RSRC_CONF,
+ "A numeric IP address:port, or the name of a host"),
+AP_INIT_TAKE1("ServerTokens", set_serv_tokens, NULL, RSRC_CONF,
+ "Determine tokens displayed in the Server: header - Min(imal), "
+ "Major, Minor, Prod(uctOnly), OS, or Full"),
+AP_INIT_TAKE1("LimitRequestLine", set_limit_req_line, NULL, RSRC_CONF,
+ "Limit on maximum size of an HTTP request line"),
+AP_INIT_TAKE1("LimitRequestFieldsize", set_limit_req_fieldsize, NULL,
+ RSRC_CONF,
+ "Limit on maximum size of an HTTP request header field"),
+AP_INIT_TAKE1("LimitRequestFields", set_limit_req_fields, NULL, RSRC_CONF,
+ "Limit (0 = unlimited) on max number of header fields in a request message"),
+AP_INIT_TAKE1("LimitRequestBody", set_limit_req_body,
+ (void*)APR_OFFSETOF(core_dir_config, limit_req_body), OR_ALL,
+ "Limit (in bytes) on maximum size of request message body"),
+AP_INIT_TAKE1("LimitXMLRequestBody", set_limit_xml_req_body, NULL, OR_ALL,
+ "Limit (in bytes) on maximum size of an XML-based request "
+ "body"),
+AP_INIT_RAW_ARGS("Mutex", ap_set_mutex, NULL, RSRC_CONF,
+ "mutex (or \"default\") and mechanism"),
+
+AP_INIT_TAKE1("MaxRanges", set_max_ranges, NULL, RSRC_CONF|ACCESS_CONF,
+ "Maximum number of Ranges in a request before returning the entire "
+ "resource, or 0 for unlimited"),
+AP_INIT_TAKE1("MaxRangeOverlaps", set_max_overlaps, NULL, RSRC_CONF|ACCESS_CONF,
+ "Maximum number of overlaps in Ranges in a request before returning the entire "
+ "resource, or 0 for unlimited"),
+AP_INIT_TAKE1("MaxRangeReversals", set_max_reversals, NULL, RSRC_CONF|ACCESS_CONF,
+ "Maximum number of reversals in Ranges in a request before returning the entire "
+ "resource, or 0 for unlimited"),
+/* System Resource Controls */
+#ifdef RLIMIT_CPU
+AP_INIT_TAKE12("RLimitCPU", set_limit_cpu,
+ (void*)APR_OFFSETOF(core_dir_config, limit_cpu),
+ OR_ALL, "Soft/hard limits for max CPU usage in seconds"),
+#else
+AP_INIT_TAKE12("RLimitCPU", no_set_limit, NULL,
+ OR_ALL, "Soft/hard limits for max CPU usage in seconds"),
+#endif
+#if defined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined (RLIMIT_AS)
+AP_INIT_TAKE12("RLimitMEM", set_limit_mem,
+ (void*)APR_OFFSETOF(core_dir_config, limit_mem),
+ OR_ALL, "Soft/hard limits for max memory usage per process"),
+#else
+AP_INIT_TAKE12("RLimitMEM", no_set_limit, NULL,
+ OR_ALL, "Soft/hard limits for max memory usage per process"),
+#endif
+#ifdef RLIMIT_NPROC
+AP_INIT_TAKE12("RLimitNPROC", set_limit_nproc,
+ (void*)APR_OFFSETOF(core_dir_config, limit_nproc),
+ OR_ALL, "soft/hard limits for max number of processes per uid"),
+#else
+AP_INIT_TAKE12("RLimitNPROC", no_set_limit, NULL,
+ OR_ALL, "soft/hard limits for max number of processes per uid"),
+#endif
+
+AP_INIT_RAW_ARGS("RegexDefaultOptions", set_regex_default_options, NULL, RSRC_CONF,
+ "default options for regexes (prefixed by '+' to add, '-' to del)"),
+
+/* internal recursion stopper */
+AP_INIT_TAKE12("LimitInternalRecursion", set_recursion_limit, NULL, RSRC_CONF,
+ "maximum recursion depth of internal redirects and subrequests"),
+
+AP_INIT_FLAG("CGIPassAuth", set_cgi_pass_auth, NULL, OR_AUTHCFG,
+ "Controls whether HTTP authorization headers, normally hidden, will "
+ "be passed to scripts"),
+AP_INIT_TAKE2("CGIVar", set_cgi_var, NULL, OR_FILEINFO,
+ "Controls how some CGI variables are set"),
+AP_INIT_FLAG("QualifyRedirectURL", set_qualify_redirect_url, NULL, OR_FILEINFO,
+ "Controls whether the REDIRECT_URL environment variable is fully "
+ "qualified"),
+AP_INIT_FLAG("StrictHostCheck", set_core_server_flag,
+ (void *)APR_OFFSETOF(core_server_config, strict_host_check),
+ RSRC_CONF,
+ "Controls whether a hostname match is required"),
+AP_INIT_TAKE1("ForceType", ap_set_string_slot_lower,
+ (void *)APR_OFFSETOF(core_dir_config, mime_type), OR_FILEINFO,
+ "a mime type that overrides other configured type"),
+AP_INIT_TAKE1("SetHandler", set_sethandler, NULL, OR_FILEINFO,
+ "a handler name that overrides any other configured handler"),
+AP_INIT_TAKE1("SetOutputFilter", ap_set_string_slot,
+ (void *)APR_OFFSETOF(core_dir_config, output_filters), OR_FILEINFO,
+ "filter (or ; delimited list of filters) to be run on the request content"),
+AP_INIT_TAKE1("SetInputFilter", ap_set_string_slot,
+ (void *)APR_OFFSETOF(core_dir_config, input_filters), OR_FILEINFO,
+ "filter (or ; delimited list of filters) to be run on the request body"),
+AP_INIT_TAKE1("AllowEncodedSlashes", set_allow2f, NULL, RSRC_CONF,
+ "Allow URLs containing '/' encoded as '%2F'"),
+
+/* scoreboard.c directives */
+AP_INIT_TAKE1("ScoreBoardFile", ap_set_scoreboard, NULL, RSRC_CONF,
+ "A file for Apache to maintain runtime process management information"),
+AP_INIT_FLAG("ExtendedStatus", ap_set_extended_status, NULL, RSRC_CONF,
+ "\"On\" to track extended status information, \"Off\" to disable"),
+AP_INIT_FLAG("SeeRequestTail", ap_set_reqtail, NULL, RSRC_CONF,
+ "For extended status, \"On\" to see the last 63 chars of "
+ "the request line, \"Off\" (default) to see the first 63"),
+
+/*
+ * These are default configuration directives that mpms can/should
+ * pay attention to.
+ * XXX These are not for all platforms, and even some Unix MPMs might not want
+ * some directives.
+ */
+AP_INIT_TAKE1("PidFile", ap_mpm_set_pidfile, NULL, RSRC_CONF,
+ "A file for logging the server process ID"),
+AP_INIT_TAKE1("MaxRequestsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF,
+ "Maximum number of connections a particular child serves before "
+ "dying. (DEPRECATED, use MaxConnectionsPerChild)"),
+AP_INIT_TAKE1("MaxConnectionsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF,
+ "Maximum number of connections a particular child serves before dying."),
+AP_INIT_TAKE1("CoreDumpDirectory", ap_mpm_set_coredumpdir, NULL, RSRC_CONF,
+ "The location of the directory Apache changes to before dumping core"),
+AP_INIT_TAKE1("MaxMemFree", ap_mpm_set_max_mem_free, NULL, RSRC_CONF,
+ "Maximum number of 1k blocks a particular child's allocator may hold."),
+AP_INIT_TAKE1("ThreadStackSize", ap_mpm_set_thread_stacksize, NULL, RSRC_CONF,
+ "Size in bytes of stack used by threads handling client connections"),
+#if AP_ENABLE_EXCEPTION_HOOK
+AP_INIT_TAKE1("EnableExceptionHook", ap_mpm_set_exception_hook, NULL, RSRC_CONF,
+ "Controls whether exception hook may be called after a crash"),
+#endif
+AP_INIT_TAKE1("TraceEnable", set_trace_enable, NULL, RSRC_CONF,
+ "'on' (default), 'off' or 'extended' to trace request body content"),
+AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF,
+ "merge request trailers into request headers or not"),
+AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF,
+ "Controls which protocols are allowed"),
+AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL, RSRC_CONF,
+ "'off' (default) or 'on' to respect given order of protocols, "
+ "by default the client specified order determines selection"),
+AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL, RSRC_CONF,
+ "'Allow0.9' or 'Require1.0' (default); "
+ "'RegisteredMethods' or 'LenientMethods' (default); "
+ "'Unsafe' or 'Strict' (default). Sets HTTP acceptance rules"),
+AP_INIT_ITERATE("RegisterHttpMethod", set_http_method, NULL, RSRC_CONF,
+ "Registers non-standard HTTP methods"),
+AP_INIT_FLAG("MergeSlashes", set_core_server_flag,
+ (void *)APR_OFFSETOF(core_server_config, merge_slashes),
+ RSRC_CONF,
+ "Controls whether consecutive slashes in the URI path are merged"),
+{ NULL }
+};
+
+/*****************************************************************
+ *
+ * Core handlers for various phases of server operation...
+ */
+
+AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
+{
+ apr_status_t rv;
+ char *path;
+
+ /* XXX this seems too specific, this should probably become
+ * some general-case test
+ */
+ if (r->proxyreq) {
+ return HTTP_FORBIDDEN;
+ }
+ if (!r->uri || ((r->uri[0] != '/') && strcmp(r->uri, "*"))) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00126)
+ "Invalid URI in request '%s' '%s'", r->uri, r->the_request);
+ return HTTP_BAD_REQUEST;
+ }
+
+ if (r->server->path
+ && !strncmp(r->uri, r->server->path, r->server->pathlen)
+ && (r->server->path[r->server->pathlen - 1] == '/'
+ || r->uri[r->server->pathlen] == '/'
+ || r->uri[r->server->pathlen] == '\0'))
+ {
+ path = r->uri + r->server->pathlen;
+ }
+ else {
+ path = r->uri;
+ }
+ /*
+ * Make sure that we do not mess up the translation by adding two
+ * /'s in a row. This happens under windows when the document
+ * root ends with a /
+ */
+ /* skip all leading /'s (e.g. http://localhost///foo)
+ * so we are looking at only the relative path.
+ */
+ while (*path == '/') {
+ ++path;
+ }
+ if ((rv = apr_filepath_merge(&r->filename, ap_document_root(r), path,
+ APR_FILEPATH_TRUENAME
+ | APR_FILEPATH_SECUREROOT, r->pool))
+ != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00127)
+ "Cannot map %s to file", r->the_request);
+ return HTTP_FORBIDDEN;
+ }
+ r->canonical_filename = r->filename;
+
+ return OK;
+}
+
+/*****************************************************************
+ *
+ * Test the filesystem name through directory_walk and file_walk
+ */
+static int core_map_to_storage(request_rec *r)
+{
+ int access_status;
+
+ if ((access_status = ap_directory_walk(r))) {
+ return access_status;
+ }
+
+ if ((access_status = ap_file_walk(r))) {
+ return access_status;
+ }
+
+ return OK;
+}
+
+
+static int do_nothing(request_rec *r) { return OK; }
+
+static int core_override_type(request_rec *r)
+{
+ core_dir_config *conf =
+ (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+ /* Check for overrides with ForceType / SetHandler
+ */
+ if (conf->mime_type && strcmp(conf->mime_type, "none"))
+ ap_set_content_type(r, (char*) conf->mime_type);
+
+ if (conf->expr_handler) {
+ const char *err;
+ const char *val;
+ val = ap_expr_str_exec(r, conf->expr_handler, &err);
+ if (err) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(03154)
+ "Can't evaluate handler expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if (val != ap_strstr_c(val, "proxy:unix")) {
+ /* Retained for compatibility -- but not for UDS */
+ char *tmp = apr_pstrdup(r->pool, val);
+ ap_str_tolower(tmp);
+ val = tmp;
+ }
+
+ if (strcmp(val, "none")) {
+ r->handler = val;
+ }
+ }
+ else if (conf->handler && strcmp(conf->handler, "none")) {
+ r->handler = conf->handler;
+ }
+
+ /* Deal with the poor soul who is trying to force path_info to be
+ * accepted within the core_handler, where they will let the subreq
+ * address its contents. This is toggled by the user in the very
+ * beginning of the fixup phase (here!), so modules should override the user's
+ * discretion in their own module fixup phase. It is tristate, if
+ * the user doesn't specify, the result is AP_REQ_DEFAULT_PATH_INFO.
+ * (which the module may interpret to its own customary behavior.)
+ * It won't be touched if the value is no longer AP_ACCEPT_PATHINFO_UNSET,
+ * so any module changing the value prior to the fixup phase
+ * OVERRIDES the user's choice.
+ */
+ if ((r->used_path_info == AP_REQ_DEFAULT_PATH_INFO)
+ && (conf->accept_path_info != AP_ACCEPT_PATHINFO_UNSET)) {
+ /* No module knew better, and the user coded AcceptPathInfo */
+ r->used_path_info = conf->accept_path_info;
+ }
+
+ return OK;
+}
+
+static int default_handler(request_rec *r)
+{
+ conn_rec *c = r->connection;
+ apr_bucket_brigade *bb;
+ apr_bucket *e;
+ core_dir_config *d;
+ int errstatus;
+ apr_file_t *fd = NULL;
+ apr_status_t status;
+ /* XXX if/when somebody writes a content-md5 filter we either need to
+ * remove this support or coordinate when to use the filter vs.
+ * when to use this code
+ * The current choice of when to compute the md5 here matches the 1.3
+ * support fairly closely (unlike 1.3, we don't handle computing md5
+ * when the charset is translated).
+ */
+ int bld_content_md5;
+
+ d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+ bld_content_md5 = (d->content_md5 == AP_CONTENT_MD5_ON)
+ && r->output_filters->frec->ftype != AP_FTYPE_RESOURCE;
+
+ ap_allow_standard_methods(r, MERGE_ALLOW, M_GET, M_OPTIONS, M_POST, -1);
+
+ /* If filters intend to consume the request body, they must
+ * register an InputFilter to slurp the contents of the POST
+ * data from the POST input stream. It no longer exists when
+ * the output filters are invoked by the default handler.
+ */
+ if ((errstatus = ap_discard_request_body(r)) != OK) {
+ return errstatus;
+ }
+
+ if (r->method_number == M_GET || r->method_number == M_POST) {
+ if (r->finfo.filetype == APR_NOFILE) {
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00128)
+ "File does not exist: %s",
+ apr_pstrcat(r->pool, r->filename, r->path_info, NULL));
+ return HTTP_NOT_FOUND;
+ }
+
+ /* Don't try to serve a dir. Some OSs do weird things with
+ * raw I/O on a dir.
+ */
+ if (r->finfo.filetype == APR_DIR) {
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00129)
+ "Attempt to serve directory: %s", r->filename);
+ return HTTP_NOT_FOUND;
+ }
+
+ if ((r->used_path_info != AP_REQ_ACCEPT_PATH_INFO) &&
+ r->path_info && *r->path_info)
+ {
+ /* default to reject */
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00130)
+ "File does not exist: %s",
+ apr_pstrcat(r->pool, r->filename, r->path_info, NULL));
+ return HTTP_NOT_FOUND;
+ }
+
+ /* We understood the (non-GET) method, but it might not be legal for
+ this particular resource. Check to see if the 'deliver_script'
+ flag is set. If so, then we go ahead and deliver the file since
+ it isn't really content (only GET normally returns content).
+
+ Note: based on logic further above, the only possible non-GET
+ method at this point is POST. In the future, we should enable
+ script delivery for all methods. */
+ if (r->method_number != M_GET) {
+ core_request_config *req_cfg;
+
+ req_cfg = ap_get_core_module_config(r->request_config);
+ if (!req_cfg->deliver_script) {
+ /* The flag hasn't been set for this request. Punt. */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00131)
+ "This resource does not accept the %s method.",
+ r->method);
+ return HTTP_METHOD_NOT_ALLOWED;
+ }
+ }
+
+
+ if ((status = apr_file_open(&fd, r->filename, APR_READ | APR_BINARY
+#if APR_HAS_SENDFILE
+ | AP_SENDFILE_ENABLED(d->enable_sendfile)
+#endif
+ , 0, r->pool)) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(00132)
+ "file permissions deny server access: %s", r->filename);
+ return HTTP_FORBIDDEN;
+ }
+
+ ap_update_mtime(r, r->finfo.mtime);
+ ap_set_last_modified(r);
+ ap_set_etag_fd(r, fd);
+ ap_set_accept_ranges(r);
+ ap_set_content_length(r, r->finfo.size);
+ if (bld_content_md5) {
+ apr_table_setn(r->headers_out, "Content-MD5",
+ ap_md5digest(r->pool, fd));
+ }
+
+ bb = apr_brigade_create(r->pool, c->bucket_alloc);
+
+ if ((errstatus = ap_meets_conditions(r)) != OK) {
+ apr_file_close(fd);
+ r->status = errstatus;
+ }
+ else {
+ e = apr_brigade_insert_file(bb, fd, 0, r->finfo.size, r->pool);
+
+#if APR_HAS_MMAP
+ if (d->enable_mmap == ENABLE_MMAP_OFF) {
+ (void)apr_bucket_file_enable_mmap(e, 0);
+ }
+#endif
+#if APR_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 6)
+ if (d->read_buf_size) {
+ apr_bucket_file_set_buf_size(e, d->read_buf_size);
+ }
+#endif
+ }
+
+ e = apr_bucket_eos_create(c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
+
+ status = ap_pass_brigade(r->output_filters, bb);
+ apr_brigade_cleanup(bb);
+
+ if (status == APR_SUCCESS
+ || r->status != HTTP_OK
+ || c->aborted) {
+ return OK;
+ }
+ else {
+ /* no way to know what type of error occurred */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, APLOGNO(00133)
+ "default_handler: ap_pass_brigade returned %i",
+ status);
+ return AP_FILTER_ERROR;
+ }
+ }
+ else { /* unusual method (not GET or POST) */
+ if (r->method_number == M_INVALID) {
+ /* See if this looks like an undecrypted SSL handshake attempt.
+ * It's safe to look a couple bytes into the_request if it exists, as it's
+ * always allocated at least MIN_LINE_ALLOC (80) bytes.
+ */
+ if (r->the_request
+ && r->the_request[0] == 0x16
+ && (r->the_request[1] == 0x2 || r->the_request[1] == 0x3)) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00134)
+ "Invalid method in request %s - possible attempt to establish SSL connection on non-SSL port", r->the_request);
+ } else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00135)
+ "Invalid method in request %s", r->the_request);
+ }
+ return HTTP_NOT_IMPLEMENTED;
+ }
+
+ if (r->method_number == M_OPTIONS) {
+ return ap_send_http_options(r);
+ }
+ return HTTP_METHOD_NOT_ALLOWED;
+ }
+}
+
+/* Optional function coming from mod_logio, used for logging of output
+ * traffic
+ */
+APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *ap__logio_add_bytes_out;
+APR_OPTIONAL_FN_TYPE(authz_some_auth_required) *ap__authz_ap_some_auth_required;
+
+/* Insist that at least one module will undertake to provide system
+ * security by dropping startup privileges.
+ */
+static int sys_privileges = 0;
+AP_DECLARE(int) ap_sys_privileges_handlers(int inc)
+{
+ sys_privileges += inc;
+ return sys_privileges;
+}
+
+static int check_errorlog_dir(apr_pool_t *p, server_rec *s)
+{
+ if (!s->error_fname || s->error_fname[0] == '|'
+ || strcmp(s->error_fname, "syslog") == 0
+ || strncmp(s->error_fname, "syslog:", 7) == 0) {
+ return APR_SUCCESS;
+ }
+ else {
+ char *abs = ap_server_root_relative(p, s->error_fname);
+ char *dir = ap_make_dirstr_parent(p, abs);
+ apr_finfo_t finfo;
+ apr_status_t rv = apr_stat(&finfo, dir, APR_FINFO_TYPE, p);
+ if (rv == APR_SUCCESS && finfo.filetype != APR_DIR)
+ rv = APR_ENOTDIR;
+ if (rv != APR_SUCCESS) {
+ const char *desc = "main error log";
+ if (s->defn_name)
+ desc = apr_psprintf(p, "error log of vhost defined at %s:%d",
+ s->defn_name, s->defn_line_number);
+ ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_EMERG, rv,
+ ap_server_conf, APLOGNO(02291)
+ "Cannot access directory '%s' for %s", dir, desc);
+ return !OK;
+ }
+ }
+ return OK;
+}
+
+static int core_check_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
+{
+ int rv = OK;
+ while (s) {
+ if (check_errorlog_dir(ptemp, s) != OK)
+ rv = !OK;
+ s = s->next;
+ }
+ return rv;
+}
+
+
+static int core_pre_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp)
+{
+ ap_mutex_init(pconf);
+
+ if (!saved_server_config_defines)
+ init_config_defines(pconf);
+ apr_pool_cleanup_register(pconf, NULL, reset_config_defines,
+ apr_pool_cleanup_null);
+
+ ap_regcomp_set_default_cflags(AP_REG_DEFAULT);
+
+ mpm_common_pre_config(pconf);
+
+ return OK;
+}
+
+static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
+{
+ ap__logio_add_bytes_out = APR_RETRIEVE_OPTIONAL_FN(ap_logio_add_bytes_out);
+ ident_lookup = APR_RETRIEVE_OPTIONAL_FN(ap_ident_lookup);
+ ap__authz_ap_some_auth_required = APR_RETRIEVE_OPTIONAL_FN(authz_some_auth_required);
+ authn_ap_auth_type = APR_RETRIEVE_OPTIONAL_FN(authn_ap_auth_type);
+ authn_ap_auth_name = APR_RETRIEVE_OPTIONAL_FN(authn_ap_auth_name);
+ access_compat_ap_satisfies = APR_RETRIEVE_OPTIONAL_FN(access_compat_ap_satisfies);
+
+ set_banner(pconf);
+ ap_setup_make_content_type(pconf);
+ ap_setup_auth_internal(ptemp);
+ ap_setup_ssl_optional_fns(pconf);
+ if (!sys_privileges) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, 0, NULL, APLOGNO(00136)
+ "Server MUST relinquish startup privileges before "
+ "accepting connections. Please ensure mod_unixd "
+ "or other system security module is loaded.");
+ return !OK;
+ }
+ apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper,
+ apr_pool_cleanup_null);
+ return OK;
+}
+
+static void core_insert_filter(request_rec *r)
+{
+ core_dir_config *conf = (core_dir_config *)
+ ap_get_core_module_config(r->per_dir_config);
+ const char *filter, *filters = conf->output_filters;
+
+ if (filters) {
+ while (*filters && (filter = ap_getword(r->pool, &filters, ';'))) {
+ ap_add_output_filter(filter, NULL, r, r->connection);
+ }
+ }
+
+ filters = conf->input_filters;
+ if (filters) {
+ while (*filters && (filter = ap_getword(r->pool, &filters, ';'))) {
+ ap_add_input_filter(filter, NULL, r, r->connection);
+ }
+ }
+}
+
+static apr_size_t num_request_notes = AP_NUM_STD_NOTES;
+
+static apr_status_t reset_request_notes(void *dummy)
+{
+ num_request_notes = AP_NUM_STD_NOTES;
+ return APR_SUCCESS;
+}
+
+AP_DECLARE(apr_size_t) ap_register_request_note(void)
+{
+ apr_pool_cleanup_register(apr_hook_global_pool, NULL, reset_request_notes,
+ apr_pool_cleanup_null);
+ return num_request_notes++;
+}
+
+AP_DECLARE(void **) ap_get_request_note(request_rec *r, apr_size_t note_num)
+{
+ core_request_config *req_cfg;
+
+ if (note_num >= num_request_notes) {
+ return NULL;
+ }
+
+ req_cfg = (core_request_config *)
+ ap_get_core_module_config(r->request_config);
+
+ if (!req_cfg) {
+ return NULL;
+ }
+
+ return &(req_cfg->notes[note_num]);
+}
+
+AP_DECLARE(apr_socket_t *) ap_get_conn_socket(conn_rec *c)
+{
+ return ap_get_core_module_config(c->conn_config);
+}
+
+static int core_create_req(request_rec *r)
+{
+ /* Alloc the config struct and the array of request notes in
+ * a single block for efficiency
+ */
+ core_request_config *req_cfg;
+
+ req_cfg = apr_pcalloc(r->pool, sizeof(core_request_config) +
+ sizeof(void *) * num_request_notes);
+ req_cfg->notes = (void **)((char *)req_cfg + sizeof(core_request_config));
+
+ /* ### temporarily enable script delivery as the default */
+ req_cfg->deliver_script = 1;
+
+ if (r->main) {
+ core_request_config *main_req_cfg = (core_request_config *)
+ ap_get_core_module_config(r->main->request_config);
+ req_cfg->bb = main_req_cfg->bb;
+ }
+ else {
+ req_cfg->bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
+ }
+
+ ap_set_core_module_config(r->request_config, req_cfg);
+
+ return OK;
+}
+
+static int core_create_proxy_req(request_rec *r, request_rec *pr)
+{
+ return core_create_req(pr);
+}
+
+static conn_rec *core_create_conn(apr_pool_t *ptrans, server_rec *server,
+ apr_socket_t *csd, long id, void *sbh,
+ apr_bucket_alloc_t *alloc)
+{
+ apr_status_t rv;
+ conn_rec *c = (conn_rec *) apr_pcalloc(ptrans, sizeof(conn_rec));
+
+ c->sbh = sbh;
+ ap_update_child_status(c->sbh, SERVER_BUSY_READ, NULL);
+
+ /* Got a connection structure, so initialize what fields we can
+ * (the rest are zeroed out by pcalloc).
+ */
+ c->pool = ptrans;
+ c->conn_config = ap_create_conn_config(ptrans);
+ c->notes = apr_table_make(ptrans, 5);
+
+ if ((rv = apr_socket_addr_get(&c->local_addr, APR_LOCAL, csd))
+ != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, APLOGNO(00137)
+ "apr_socket_addr_get(APR_LOCAL)");
+ apr_socket_close(csd);
+ return NULL;
+ }
+ if (apr_sockaddr_ip_get(&c->local_ip, c->local_addr)) {
+#if APR_HAVE_SOCKADDR_UN
+ if (c->local_addr->family == APR_UNIX) {
+ c->local_ip = apr_pstrndup(c->pool, c->local_addr->ipaddr_ptr,
+ c->local_addr->ipaddr_len);
+ }
+ else
+#endif
+ c->local_ip = apr_pstrdup(c->pool, "unknown");
+ }
+
+ if ((rv = apr_socket_addr_get(&c->client_addr, APR_REMOTE, csd))
+ != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, APLOGNO(00138)
+ "apr_socket_addr_get(APR_REMOTE)");
+ apr_socket_close(csd);
+ return NULL;
+ }
+ if (apr_sockaddr_ip_get(&c->client_ip, c->client_addr)) {
+#if APR_HAVE_SOCKADDR_UN
+ if (c->client_addr->family == APR_UNIX) {
+ c->client_ip = apr_pstrndup(c->pool, c->client_addr->ipaddr_ptr,
+ c->client_addr->ipaddr_len);
+ }
+ else
+#endif
+ c->client_ip = apr_pstrdup(c->pool, "unknown");
+ }
+
+ c->base_server = server;
+
+ c->id = id;
+ c->bucket_alloc = alloc;
+
+ c->clogging_input_filters = 0;
+
+ return c;
+}
+
+static int core_pre_connection(conn_rec *c, void *csd)
+{
+ core_net_rec *net;
+ apr_status_t rv;
+
+ if (c->master) {
+ return DONE;
+ }
+
+ net = apr_palloc(c->pool, sizeof(*net));
+ /* The Nagle algorithm says that we should delay sending partial
+ * packets in hopes of getting more data. We don't want to do
+ * this; we are not telnet. There are bad interactions between
+ * persistent connections and Nagle's algorithm that have very severe
+ * performance penalties. (Failing to disable Nagle is not much of a
+ * problem with simple HTTP.)
+ */
+ rv = apr_socket_opt_set(csd, APR_TCP_NODELAY, 1);
+ if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) {
+ /* expected cause is that the client disconnected already,
+ * hence the debug level
+ */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00139)
+ "apr_socket_opt_set(APR_TCP_NODELAY)");
+ }
+
+ /* The core filter requires the timeout mode to be set, which
+ * incidentally sets the socket to be nonblocking. If this
+ * is not initialized correctly, Linux - for example - will
+ * be initially blocking, while Solaris will be non blocking
+ * and any initial read will fail.
+ */
+ rv = apr_socket_timeout_set(csd, c->base_server->timeout);
+ if (rv != APR_SUCCESS) {
+ /* expected cause is that the client disconnected already */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00140)
+ "apr_socket_timeout_set");
+ }
+
+ net->c = c;
+ net->in_ctx = NULL;
+ net->out_ctx = NULL;
+ net->client_socket = csd;
+
+ ap_set_core_module_config(net->c->conn_config, csd);
+ ap_add_input_filter_handle(ap_core_input_filter_handle, net, NULL, net->c);
+ ap_add_output_filter_handle(ap_core_output_filter_handle, net, NULL, net->c);
+ return DONE;
+}
+
+AP_DECLARE(int) ap_pre_connection(conn_rec *c, void *csd)
+{
+ int rc = OK;
+
+ rc = ap_run_pre_connection(c, csd);
+ if (rc != OK && rc != DONE) {
+ c->aborted = 1;
+ /*
+ * In case we errored, the pre_connection hook of the core
+ * module maybe did not run (it is APR_HOOK_REALLY_LAST) and
+ * hence we missed to
+ *
+ * - Put the socket in c->conn_config
+ * - Setup core output and input filters
+ * - Set socket options and timeouts
+ *
+ * Hence call it in this case.
+ */
+ if (!ap_get_conn_socket(c)) {
+ core_pre_connection(c, csd);
+ }
+ }
+ return rc;
+}
+
+AP_DECLARE(int) ap_state_query(int query)
+{
+ switch (query) {
+ case AP_SQ_MAIN_STATE:
+ return ap_main_state;
+ case AP_SQ_RUN_MODE:
+ return ap_run_mode;
+ case AP_SQ_CONFIG_GEN:
+ return ap_config_generation;
+ default:
+ return AP_SQ_NOT_SUPPORTED;
+ }
+}
+
+static apr_random_t *rng = NULL;
+#if APR_HAS_THREADS
+static apr_thread_mutex_t *rng_mutex = NULL;
+#endif
+
+static void core_child_init(apr_pool_t *pchild, server_rec *s)
+{
+ apr_proc_t proc;
+#if APR_HAS_THREADS
+ int threaded_mpm;
+ if (ap_mpm_query(AP_MPMQ_IS_THREADED, &threaded_mpm) == APR_SUCCESS
+ && threaded_mpm)
+ {
+ apr_thread_mutex_create(&rng_mutex, APR_THREAD_MUTEX_DEFAULT, pchild);
+ }
+#endif
+ /* The MPMs use plain fork() and not apr_proc_fork(), so we have to call
+ * apr_random_after_fork() manually in the child
+ */
+ proc.pid = getpid();
+ apr_random_after_fork(&proc);
+}
+
+static void core_optional_fn_retrieve(void)
+{
+ ap_init_scoreboard(NULL);
+}
+
+AP_CORE_DECLARE(void) ap_random_parent_after_fork(void)
+{
+ /*
+ * To ensure that the RNG state in the parent changes after the fork, we
+ * pull some data from the RNG and discard it. This ensures that the RNG
+ * states in the children are different even after the pid wraps around.
+ * As we only use apr_random for insecure random bytes, pulling 2 bytes
+ * should be enough.
+ * XXX: APR should probably have some dedicated API to do this, but it
+ * XXX: currently doesn't.
+ */
+ apr_uint16_t data;
+ apr_random_insecure_bytes(rng, &data, sizeof(data));
+}
+
+AP_CORE_DECLARE(void) ap_init_rng(apr_pool_t *p)
+{
+ unsigned char seed[8];
+ apr_status_t rv;
+ rng = apr_random_standard_new(p);
+ do {
+ rv = apr_generate_random_bytes(seed, sizeof(seed));
+ if (rv != APR_SUCCESS)
+ goto error;
+ apr_random_add_entropy(rng, seed, sizeof(seed));
+ rv = apr_random_insecure_ready(rng);
+ } while (rv == APR_ENOTENOUGHENTROPY);
+ if (rv == APR_SUCCESS)
+ return;
+error:
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL, APLOGNO(00141)
+ "Could not initialize random number generator");
+ exit(1);
+}
+
+AP_DECLARE(void) ap_random_insecure_bytes(void *buf, apr_size_t size)
+{
+#if APR_HAS_THREADS
+ if (rng_mutex)
+ apr_thread_mutex_lock(rng_mutex);
+#endif
+ /* apr_random_insecure_bytes can only fail with APR_ENOTENOUGHENTROPY,
+ * and we have ruled that out during initialization. Therefore we don't
+ * need to check the return code.
+ */
+ apr_random_insecure_bytes(rng, buf, size);
+#if APR_HAS_THREADS
+ if (rng_mutex)
+ apr_thread_mutex_unlock(rng_mutex);
+#endif
+}
+
+/*
+ * Finding a random number in a range.
+ * n' = a + n(b-a+1)/(M+1)
+ * where:
+ * n' = random number in range
+ * a = low end of range
+ * b = high end of range
+ * n = random number of 0..M
+ * M = maxint
+ * Algorithm 'borrowed' from PHP's rand() function.
+ */
+#define RAND_RANGE(__n, __min, __max, __tmax) \
+(__n) = (__min) + (long) ((double) ((__max) - (__min) + 1.0) * ((__n) / ((__tmax) + 1.0)))
+AP_DECLARE(apr_uint32_t) ap_random_pick(apr_uint32_t min, apr_uint32_t max)
+{
+ apr_uint32_t number;
+#if (!__GNUC__ || __GNUC__ >= 5 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 8) || \
+ !__sparc__ || APR_SIZEOF_VOIDP != 8)
+ /* This triggers a gcc bug on sparc/64bit with gcc < 4.8, PR 52900 */
+ if (max < 16384) {
+ apr_uint16_t num16;
+ ap_random_insecure_bytes(&num16, sizeof(num16));
+ RAND_RANGE(num16, min, max, APR_UINT16_MAX);
+ number = num16;
+ }
+ else
+#endif
+ {
+ ap_random_insecure_bytes(&number, sizeof(number));
+ RAND_RANGE(number, min, max, APR_UINT32_MAX);
+ }
+ return number;
+}
+
+static apr_status_t core_insert_network_bucket(conn_rec *c,
+ apr_bucket_brigade *bb,
+ apr_socket_t *socket)
+{
+ apr_bucket *e = apr_bucket_socket_create(socket, c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
+ return APR_SUCCESS;
+}
+
+static apr_status_t core_dirwalk_stat(apr_finfo_t *finfo, request_rec *r,
+ apr_int32_t wanted)
+{
+ return apr_stat(finfo, r->filename, wanted, r->pool);
+}
+
+static void core_dump_config(apr_pool_t *p, server_rec *s)
+{
+ core_server_config *sconf = ap_get_core_module_config(s->module_config);
+ apr_file_t *out = NULL;
+ const char *tmp;
+ const char **defines;
+ int i;
+ if (!ap_exists_config_define("DUMP_RUN_CFG"))
+ return;
+
+ apr_file_open_stdout(&out, p);
+ apr_file_printf(out, "ServerRoot: \"%s\"\n", ap_server_root);
+ tmp = ap_server_root_relative(p, sconf->ap_document_root);
+ apr_file_printf(out, "Main DocumentRoot: \"%s\"\n", tmp);
+ if (s->error_fname[0] != '|'
+ && strcmp(s->error_fname, "syslog") != 0
+ && strncmp(s->error_fname, "syslog:", 7) != 0)
+ tmp = ap_server_root_relative(p, s->error_fname);
+ else
+ tmp = s->error_fname;
+ apr_file_printf(out, "Main ErrorLog: \"%s\"\n", tmp);
+ if (ap_scoreboard_fname) {
+ tmp = ap_server_root_relative(p, ap_scoreboard_fname);
+ apr_file_printf(out, "ScoreBoardFile: \"%s\"\n", tmp);
+ }
+ ap_dump_mutexes(p, s, out);
+ ap_mpm_dump_pidfile(p, out);
+
+ defines = (const char **)ap_server_config_defines->elts;
+ for (i = 0; i < ap_server_config_defines->nelts; i++) {
+ const char *name = defines[i];
+ const char *val = NULL;
+ if (server_config_defined_vars)
+ val = apr_table_get(server_config_defined_vars, name);
+ if (val)
+ apr_file_printf(out, "Define: %s=%s\n", name, val);
+ else
+ apr_file_printf(out, "Define: %s\n", name);
+ }
+}
+
+static int core_upgrade_handler(request_rec *r)
+{
+ conn_rec *c = r->connection;
+ const char *upgrade;
+
+ if (c->master) {
+ /* Not possible to perform an HTTP/1.1 upgrade from a slave
+ * connection. */
+ return DECLINED;
+ }
+
+ upgrade = apr_table_get(r->headers_in, "Upgrade");
+ if (upgrade && *upgrade) {
+ const char *conn = apr_table_get(r->headers_in, "Connection");
+ if (ap_find_token(r->pool, conn, "upgrade")) {
+ apr_array_header_t *offers = NULL;
+ const char *err;
+
+ err = ap_parse_token_list_strict(r->pool, upgrade, &offers, 0);
+ if (err) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02910)
+ "parsing Upgrade header: %s", err);
+ return DECLINED;
+ }
+
+ if (offers && offers->nelts > 0) {
+ const char *protocol = ap_select_protocol(c, r, NULL, offers);
+ if (protocol && strcmp(protocol, ap_get_protocol(c))) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02909)
+ "Upgrade selects '%s'", protocol);
+ /* Let the client know what we are upgrading to. */
+ apr_table_clear(r->headers_out);
+ apr_table_setn(r->headers_out, "Upgrade", protocol);
+ apr_table_setn(r->headers_out, "Connection", "Upgrade");
+
+ r->status = HTTP_SWITCHING_PROTOCOLS;
+ r->status_line = ap_get_status_line(r->status);
+ ap_send_interim_response(r, 1);
+
+ ap_switch_protocol(c, r, r->server, protocol);
+
+ /* make sure httpd closes the connection after this */
+ c->keepalive = AP_CONN_CLOSE;
+ return DONE;
+ }
+ }
+ }
+ }
+ else if (!c->keepalives) {
+ /* first request on a master connection, if we have protocols other
+ * than the current one enabled here, announce them to the
+ * client. If the client is already talking a protocol with requests
+ * on slave connections, leave it be. */
+ const apr_array_header_t *upgrades;
+ ap_get_protocol_upgrades(c, r, NULL, 0, &upgrades);
+ if (upgrades && upgrades->nelts > 0) {
+ char *protocols = apr_array_pstrcat(r->pool, upgrades, ',');
+ apr_table_setn(r->headers_out, "Upgrade", protocols);
+ apr_table_setn(r->headers_out, "Connection", "Upgrade");
+ }
+ }
+
+ return DECLINED;
+}
+
+static int core_upgrade_storage(request_rec *r)
+{
+ if ((r->method_number == M_OPTIONS) && r->uri && (r->uri[0] == '*') &&
+ (r->uri[1] == '\0')) {
+ return core_upgrade_handler(r);
+ }
+ return DECLINED;
+}
+
+static void register_hooks(apr_pool_t *p)
+{
+ errorlog_hash = apr_hash_make(p);
+ ap_register_log_hooks(p);
+ ap_register_config_hooks(p);
+ ap_expr_init(p);
+
+ /* create_connection and pre_connection should always be hooked
+ * APR_HOOK_REALLY_LAST by core to give other modules the opportunity
+ * to install alternate network transports and stop other functions
+ * from being run.
+ */
+ ap_hook_create_connection(core_create_conn, NULL, NULL,
+ APR_HOOK_REALLY_LAST);
+ ap_hook_pre_connection(core_pre_connection, NULL, NULL,
+ APR_HOOK_REALLY_LAST);
+
+ ap_hook_pre_config(core_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
+ ap_hook_post_config(core_post_config,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_check_config(core_check_config,NULL,NULL,APR_HOOK_FIRST);
+ ap_hook_test_config(core_dump_config,NULL,NULL,APR_HOOK_FIRST);
+ ap_hook_translate_name(ap_core_translate,NULL,NULL,APR_HOOK_REALLY_LAST);
+ ap_hook_map_to_storage(core_upgrade_storage,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_map_to_storage(core_map_to_storage,NULL,NULL,APR_HOOK_REALLY_LAST);
+ ap_hook_open_logs(ap_open_logs,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_child_init(core_child_init,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_child_init(ap_logs_child_init,NULL,NULL,APR_HOOK_MIDDLE);
+ ap_hook_handler(core_upgrade_handler,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_handler(default_handler,NULL,NULL,APR_HOOK_REALLY_LAST);
+ /* FIXME: I suspect we can eliminate the need for these do_nothings - Ben */
+ ap_hook_type_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST);
+ ap_hook_fixups(core_override_type,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_create_request(core_create_req, NULL, NULL, APR_HOOK_MIDDLE);
+ APR_OPTIONAL_HOOK(proxy, create_req, core_create_proxy_req, NULL, NULL,
+ APR_HOOK_MIDDLE);
+ ap_hook_pre_mpm(ap_create_scoreboard, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_child_status(ap_core_child_status, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_insert_network_bucket(core_insert_network_bucket, NULL, NULL,
+ APR_HOOK_REALLY_LAST);
+ ap_hook_dirwalk_stat(core_dirwalk_stat, NULL, NULL, APR_HOOK_REALLY_LAST);
+ ap_hook_open_htaccess(ap_open_htaccess, NULL, NULL, APR_HOOK_REALLY_LAST);
+ ap_hook_optional_fn_retrieve(core_optional_fn_retrieve, NULL, NULL,
+ APR_HOOK_MIDDLE);
+
+ /* register the core's insert_filter hook and register core-provided
+ * filters
+ */
+ ap_hook_insert_filter(core_insert_filter, NULL, NULL, APR_HOOK_MIDDLE);
+
+ ap_core_input_filter_handle =
+ ap_register_input_filter("CORE_IN", ap_core_input_filter,
+ NULL, AP_FTYPE_NETWORK);
+ ap_content_length_filter_handle =
+ ap_register_output_filter("CONTENT_LENGTH", ap_content_length_filter,
+ NULL, AP_FTYPE_PROTOCOL);
+ ap_core_output_filter_handle =
+ ap_register_output_filter("CORE", ap_core_output_filter,
+ NULL, AP_FTYPE_NETWORK);
+ ap_subreq_core_filter_handle =
+ ap_register_output_filter("SUBREQ_CORE", ap_sub_req_output_filter,
+ NULL, AP_FTYPE_CONTENT_SET);
+ ap_old_write_func =
+ ap_register_output_filter("OLD_WRITE", ap_old_write_filter,
+ NULL, AP_FTYPE_RESOURCE - 10);
+}
+
+AP_DECLARE_MODULE(core) = {
+ MPM20_MODULE_STUFF,
+ AP_PLATFORM_REWRITE_ARGS_HOOK, /* hook to run before apache parses args */
+ create_core_dir_config, /* create per-directory config structure */
+ merge_core_dir_configs, /* merge per-directory config structures */
+ create_core_server_config, /* create per-server config structure */
+ merge_core_server_configs, /* merge per-server config structures */
+ core_cmds, /* command apr_table_t */
+ register_hooks /* register hooks */
+};