From c840e0df8ca217d6f1b2ce3234368e33d208ea72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Malo?= Date: Wed, 24 Aug 2005 11:51:40 +0000 Subject: mod_version_for_2.0.x branch: * Merge 219658 to 239611 from branches/2.0.x git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/mod_version_for_2.0.x@239612 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 240 +++++++++--------- STATUS | 156 +++++------- docs/manual/dns-caveats.html.es | 28 +-- docs/manual/dns-caveats.xml.es | 28 +-- docs/manual/howto/auth.html | 4 + docs/manual/howto/auth.html.en | 2 + docs/manual/howto/auth.html.es | 370 ++++++++++++++++++++++++++++ docs/manual/howto/auth.html.ja.euc-jp | 2 + docs/manual/howto/auth.html.ko.euc-kr | 2 + docs/manual/howto/auth.xml.es | 376 +++++++++++++++++++++++++++++ docs/manual/howto/auth.xml.meta | 1 + docs/manual/install.html.de | 3 + docs/manual/install.html.en | 17 +- docs/manual/install.html.es | 4 + docs/manual/install.xml | 17 +- docs/manual/install.xml.de | 2 +- docs/manual/install.xml.es | 2 +- docs/manual/install.xml.ja | 2 +- docs/manual/install.xml.ko | 2 +- docs/manual/install.xml.meta | 4 +- docs/manual/install.xml.ru | 2 +- docs/manual/stopping.html.de | 3 + docs/manual/stopping.html.en | 26 +- docs/manual/stopping.html.es | 4 + docs/manual/stopping.xml | 28 ++- docs/manual/stopping.xml.de | 2 +- docs/manual/stopping.xml.es | 2 +- docs/manual/stopping.xml.ja | 2 +- docs/manual/stopping.xml.ko | 2 +- docs/manual/stopping.xml.meta | 4 +- docs/manual/stopping.xml.ru | 2 +- modules/experimental/util_ldap.c | 21 +- modules/experimental/util_ldap_cache.c | 16 +- modules/experimental/util_ldap_cache_mgr.c | 9 +- modules/http/http_protocol.c | 48 ++-- modules/proxy/proxy_util.c | 2 +- server/log.c | 18 +- 37 files changed, 1122 insertions(+), 331 deletions(-) create mode 100644 docs/manual/howto/auth.html.es create mode 100644 docs/manual/howto/auth.xml.es diff --git a/CHANGES b/CHANGES index 4f6025588b..1330b3f5a6 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,4 @@ + -*- coding: utf-8 -*- Changes with Apache 2.0.55 *) Added new module mod_version, which provides version dependent @@ -7,6 +8,23 @@ Changes with Apache 2.0.55 accompanying ap_version_t structure (minor MMN bump). [André Malo] + *) Fix cases where the byterange filter would buffer responses + into memory. PR 29962. [Joe Orton] + + *) mod_proxy: Fix over-eager handling of '%' for reverse proxies. + PR 15207. [Jim Jagielski] + + *) mod_ldap: Fix various shared memory cache handling bugs. + PR 34209. [Joe Orton] + + *) Fix a file descriptor leak when starting piped loggers. PR 33748. + [Joe Orton] + + *) mod_ldap: Avoid segfaults when opening connections if using a version + of OpenLDAP older than 2.2.21. PR 34618. [Brad Nicholes] + + *) mod_ssl: Fix build with OpenSSL 0.9.8. PR 35757. [William Rowe] + *) SECURITY: CAN-2005-2088 core: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request @@ -42,14 +60,14 @@ Changes with Apache 2.0.55 Changes with Apache 2.0.54 *) mod_cache: Add CacheIgnoreHeaders directive. PR 30399. - [Rüiger Plü ] + [Rüdiger Plüm ] *) mod_ldap: Added the directive LDAPConnectionTimeout to configure the ldap socket connection timeout value. [Brad Nicholes] *) Correctly export all mod_dav public functions. - [Branko Èibej ] + [Branko ÄŒibej ] *) Add a build script to create a solaris package. [Graham Leggett] @@ -122,7 +140,7 @@ Changes with Apache 2.0.53 mod_status if ExtendedStatus is enabled. [Jim Jagielski] *) mod_proxy: Handle client-aborted connections correctly. PR 32443. - [Janne Hietamäki, Joe Orton] + [Janne Hietamäki, Joe Orton] *) Fix handling of files >2Gb on all platforms (or builds) where apr_off_t is larger than apr_size_t. PR 28898. [Joe Orton] @@ -180,13 +198,13 @@ Changes with Apache 2.0.53 depending on the platform. [Jeff Trawick] *) mod_rewrite: Fix 0 bytes write into random memory position. - PR 31036. [André Malo] + PR 31036. [André Malo] *) mod_disk_cache: Do not store aborted content. PR 21492. - [Rüiger Plü ] + [Rüdiger Plüm ] *) mod_disk_cache: Correctly store cached content type. PR 30278. - [Rüiger Plü ] + [Rüdiger Plüm ] *) mod_ldap: prevent the possiblity of an infinite loop in the LDAP statistics display. PR 29216. [Graham Leggett] @@ -209,7 +227,7 @@ Changes with Apache 2.0.53 Changes with Apache 2.0.52 - *) Use HTML 2.0
for error pages. PR 30732 [André Malo] + *) Use HTML 2.0
for error pages. PR 30732 [André Malo] *) Fix the global mutex crash when the global mutex is never allocated due to disabled/empty caches. [Jess Holle ] @@ -245,7 +263,7 @@ Changes with Apache 2.0.51 *) SECURITY: CAN-2004-0747 (cve.mitre.org) Fix buffer overflow in expansion of environment variables in - configuration file parsing. [André Malo] + configuration file parsing. [André Malo] *) SECURITY: CAN-2004-0809 (cve.mitre.org) mod_dav_fs: Fix a segfault in the handling of an indirect lock @@ -253,16 +271,16 @@ Changes with Apache 2.0.51 *) mod_include no longer checks for recursion, because that's done in the core. This allows for careful usage of recursive SSI. - [André Malo] + [André Malo] *) Fix memory leak in the cache handling of mod_rewrite. PR 27862. - [chunyan sheng , André Malo] + [chunyan sheng , André Malo] *) Include directives no longer refuse to process symlinks on directories. Instead there's now a maximum nesting level of included directories (128 as distributed). This is configurable at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch. - PR 28492. [André Malo] + PR 28492. [André Malo] *) Win32: apache -k start|restart|install|config can leave stranded piped logger processes (eg, rotatelogs.exe) due to improper @@ -283,10 +301,10 @@ Changes with Apache 2.0.51 from being passed through the byterange filter. [Joe Orton] *) Satisfy directives now can be influenced by a surrounding - container. PR 14726. [André Malo] + container. PR 14726. [André Malo] *) mod_rewrite now officially supports RewriteRules in sections. - PR 27985. [André Malo] + PR 27985. [André Malo] *) mod_disk_cache: Implement binary format for on-disk header files. [Brian Akins , Justin Erenkrantz] @@ -334,36 +352,36 @@ Changes with Apache 2.0.51 *) mod_rewrite no longer confuses the RewriteMap caches if different maps defined in different virtual hosts use the - same map name. PR 26462. [André Malo] + same map name. PR 26462. [André Malo] *) mod_setenvif: Remove "support" for Remote_User variable which - never worked at all. PR 25725. [André Malo] + never worked at all. PR 25725. [André Malo] *) Backport from 2.1 / Regression from 1.3: mod_headers now knows again the functionality of the ErrorHeader directive. But instead using this misnomer additional flags to the Header directive were introduced ("always" and "onsuccess", defaulting to the latter). - PR 28657. [André Malo] + PR 28657. [André Malo] *) Use the higher performing 'httpready' Accept Filter on all platforms except FreeBSD < 4.1.1. [Paul Querna] *) mod_usertrack: Escape the cookie name before pasting into the - regexp. [André Malo] + regexp. [André Malo] *) Extend the SetEnvIf directive to capture subexpressions of the - matched value. [André Malo] + matched value. [André Malo] *) Recursive Include directives no longer crash. The server stops including configuration files after a certain nesting level (128 as distributed). This is configurable at compile time using the - -DAP_MAX_INCLUDE_DEPTH switch. PR 28370. [André Malo] + -DAP_MAX_INCLUDE_DEPTH switch. PR 28370. [André Malo] *) mod_dir: the trailing-slash behaviour is now configurable using the - DirectorySlash directive. [André Malo] + DirectorySlash directive. [André Malo] *) Allow proxying of resources that are invoked via DirectoryIndex. - PR 14648, 15112, 29961. [André Malo] + PR 14648, 15112, 29961. [André Malo] *) util_ldap: Switched the lock types on the shared memory cache from thread reader/writer locks to global mutexes in order to @@ -382,7 +400,7 @@ Changes with Apache 2.0.51 *) Enable special ErrorDocument value 'default' which restores the canned server response for the scope of the directive. - [Geoffrey Young, André Malo] + [Geoffrey Young, André Malo] *) work around MSIE Digest auth bug - if AuthDigestEnableQueryStringHack is set in r->subprocess_env allow mismatched query strings to pass. @@ -390,7 +408,7 @@ Changes with Apache 2.0.51 *) Accept URLs for the ServerAdmin directive. If the supplied argument is not recognized as an URL, assume it's a mail address. - PR 28174. [André Malo, Paul Querna] + PR 28174. [André Malo, Paul Querna] *) initialize server arrays prior to calling ap_setup_prelinked_modules so that static modules can push Defines values when registering @@ -421,17 +439,17 @@ Changes with Apache 2.0.50 PR 22030, 18348. [Joe Orton, Jeff Trawick] *) mod_alias now emits a warning if it detects overlapping *Alias* - directives. [André Malo] + directives. [André Malo] *) mod_rewrite no longer turns forward proxy requests into reverse proxy - requests. PR 28125 [ast domdv.de, André Malo] + requests. PR 28125 [ast domdv.de, André Malo] *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now exported on Win32 and Netware as well (minor MMN bump). PR 28523. - [Edward Rudd , André Malo] + [Edward Rudd , André Malo] *) Restore the ability to disable the use of AcceptEx on Win9x systems - automatically (broken in 2.0.49). PR 28529. [André Malo] + automatically (broken in 2.0.49). PR 28529. [André Malo] *) now applies to all IP addresses for myhost instead of just the first one reported by the resolver. This @@ -456,14 +474,14 @@ Changes with Apache 2.0.50 a crypto accelerator engine. [Joe Orton] *) Allow RequestHeader directives to be conditional. PR 27951. - [Vincent Deffontaines , André Malo] + [Vincent Deffontaines , André Malo] *) Allow LimitRequestBody to be reset to unlimited. PR 29106 - [André Malo] + [André Malo] *) Fix a bunch of cases where the return code of the regex compiler was not checked properly. This affects: mod_setenvif, mod_usertrack, - mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo] + mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo] *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for small cache sizes. PR 27751. [Geoff Thorpe ] @@ -475,12 +493,12 @@ Changes with Apache 2.0.50 [Bojan Smojver ] *) htpasswd no longer refuses to process files that contain empty - lines. [André Malo] + lines. [André Malo] *) Regression from 1.3: At startup, suexec now will be checked for availability, the setuid bit and user root. The works only if httpd is compiled with the shipped APR version (0.9.5). - PR 28287. [André Malo] + PR 28287. [André Malo] *) Unix MPMs: Stop dropping connections when the file descriptor is at least FD_SETSIZE. [Jeff Trawick] @@ -542,10 +560,10 @@ Changes with Apache 2.0.50 locks on some platforms. [Jeff Trawick] *) mod_headers no longer crashes if an empty header value should - be added. [André Malo] + be added. [André Malo] *) Fix segfault in mod_expires, which occured under certain - circumstances. PR 28047. [André Malo] + circumstances. PR 28047. [André Malo] *) htpasswd: use apr_temp_dir_get() and general cleanup [Guenter Knauf , Thom May] @@ -631,7 +649,7 @@ Changes with Apache 2.0.49 MPMs. PR 25520. [Jeff Trawick] *) Fix mod_include's expression parser to recognize strings correctly - even if they start with an escaped token. [André Malo] + even if they start with an escaped token. [André Malo] *) Add fatal exception hook for use by diagnostic modules. The hook is only available if the --enable-exception-hook configure parm @@ -661,13 +679,13 @@ Changes with Apache 2.0.49 *) mod_setenvif: Fix the regex optimizer, which under circumstances treated the supplied regex as literal string. PR 24219. - [André Malo] + [André Malo] *) ap_mpm.h: Fix include guard of ap_mpm.h to reference mpm - instead of mmn. [André Malo] + instead of mmn. [André Malo] *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules - could lead to a 400 (Bad Request) response. [André Malo] + could lead to a 400 (Bad Request) response. [André Malo] *) Keep focus of ITERATE and ITERATE2 on the current module when the module chooses to return DECLINE_CMD for the directive. @@ -723,16 +741,16 @@ Changes with Apache 2.0.49 [Allan Edwards, Bill Rowe, Bill Stoddard, Jeff Trawick] *) Make REMOTE_PORT variable available in mod_rewrite. - PR 25772. [André Malo] + PR 25772. [André Malo] *) Fix a long delay with CGI requests and keepalive connections on AIX. [Jeff Trawick] *) mod_autoindex: Add 'XHTML' option in order to allow switching between - HTML 3.2 and XHTML 1.0 output. PR 23747. [André Malo] + HTML 3.2 and XHTML 1.0 output. PR 23747. [André Malo] *) Add XHTML Document Type Definitions to httpd.h (minor MMN bump). - [André Malo] + [André Malo] *) mod_ssl: Advertise SSL library version as determined at run-time rather than at compile-time. PR 23956. [Eric Seidel ] @@ -744,13 +762,13 @@ Changes with Apache 2.0.49 *) mod_rewrite: In external rewrite maps lookup keys containing a newline now cause a lookup failure. PR 14453. - [Cedric Gavage , André Malo] + [Cedric Gavage , André Malo] *) Backport major overhaul of mod_include's filter parser from 2.1. The new parser code is expected to be more robust and should catch all of the edge cases that were not handled by the previous one. The 2.1 external API changes were hidden by a wrapper which is - expected to keep the API backwards compatible. [André Malo] + expected to keep the API backwards compatible. [André Malo] *) Add a hook (insert_error_filter) to allow filters to re-insert themselves during processing of error responses. Enable mod_expires @@ -773,11 +791,11 @@ Changes with Apache 2.0.49 *) mod_dav: Use bucket brigades when reading PUT data. This avoids problems if the data stream is modified by an input filter. PR 22104. - [Tim Robbins , André Malo] + [Tim Robbins , André Malo] - *) Fix RewriteBase directive to not add double slashes. [André Malo] + *) Fix RewriteBase directive to not add double slashes. [André Malo] - *) Improve 'configure --help' output for some modules. [Astrid Keßler] + *) Improve 'configure --help' output for some modules. [Astrid Keßler] *) Correct UseCanonicalName Off to properly check incoming port number. [Jim Jagielski] @@ -795,10 +813,10 @@ Changes with Apache 2.0.49 *) SECURITY: CVE-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch - "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo] + "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo] *) mod_autoindex / core: Don't fail to show filenames containing - special characters like '%'. PR 13598. [André Malo] + special characters like '%'. PR 13598. [André Malo] *) mod_status: Report total CPU time accurately when using a threaded MPM. PR 23795. [Jeff Trawick] @@ -826,7 +844,7 @@ Changes with Apache 2.0.49 correctly. PR 24232. [Thom May] *) Restore the ability to add a description for directories that - don't contain an index file. (Broken in 2.0.48) [André Malo] + don't contain an index file. (Broken in 2.0.48) [André Malo] *) Fix a problem with the display of empty variables ("SetEnv foo") in mod_include. PR 24734 [Markus Julen ] @@ -846,13 +864,13 @@ Changes with Apache 2.0.49 *) mod_expires: Initialize ExpiresDefault to NULL instead of "" to avoid reporting an Internal Server error if it is used without having been set in the httpd.conf file. PR: 23748, 24459 - [Andre Malo, Liam Quinn ] + [André Malo, Liam Quinn ] *) mod_autoindex: Don't omit the start tag if the SuppressIcon option is set. PR 21668. [Jesse Tie-Ten-Quee ] *) mod_include no longer allows an ETag header on 304 responses. - PR 19355. [Geoffrey Young , André Malo] + PR 19355. [Geoffrey Young , André Malo] *) EBCDIC: Convert header fields to ASCII before sending (broken since 2.0.44). [Martin Kraemer] @@ -879,11 +897,11 @@ Changes with Apache 2.0.48 *) SECURITY: CAN-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. - [André Malo] + [André Malo] *) mod_include: fix segfault which occured if the filename was not set, for example, when processing some error conditions. - PR 23836. [Brian Akins , André Malo] + PR 23836. [Brian Akins , André Malo] *) fix the config parser to support .. containers (no arguments in the opening tag) supported by httpd 1.3. Without @@ -899,7 +917,7 @@ Changes with Apache 2.0.48 compressed file extensions. [Roy Fielding] *) mod_rewrite: Don't die silently when failing to open RewriteLogs. - PR 23416. [André Malo] + PR 23416. [André Malo] *) mod_rewrite: Fix mod_rewrite's support of the [P] option to send rewritten request using "proxy:". The code was adding multiple "proxy:" @@ -932,18 +950,18 @@ Changes with Apache 2.0.48 [] *) mod_log_config: Fix %b log format to write really "-" when 0 bytes - were sent (e.g. with 304 or 204 response codes). [Astrid Keßler] + were sent (e.g. with 304 or 204 response codes). [Astrid Keßler] *) Modify ap_get_client_block() to note if it has seen EOS. [Justin Erenkrantz] *) Fix a bug, where mod_deflate sometimes unconditionally compressed the content if the Accept-Encoding header contained only other tokens than - "gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo] + "gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo] *) Avoid an infinite recursion, which occured if the name of an included config file or directory contained a wildcard character. PR 22194. - [André Malo] + [André Malo] *) mod_ssl: Fix a problem setting variables that represent the client certificate chain. PR 21371 [Jeff Trawick] @@ -979,10 +997,10 @@ Changes with Apache 2.0.48 *) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory containing the .htaccess file is requested without a trailing slash. - PR 20195. [André Malo] + PR 20195. [André Malo] *) ab: Overlong credentials given via command line no longer clobber - the buffer. [André Malo] + the buffer. [André Malo] *) mod_deflate: Don't attempt to hold all of the response until we're done. [Justin Erenkrantz] @@ -1000,11 +1018,11 @@ Changes with Apache 2.0.48 *) Remember an authenticated user during internal redirects if the redirection target is not access protected and pass it to scripts using the REDIRECT_REMOTE_USER environment variable. - PR 10678, 11602. [André Malo] + PR 10678, 11602. [André Malo] *) mod_include: Fix a trio of bugs that would cause various unusual sequences of parsed bytes to omit portions of the output stream. - PR 21095. [Ron Park , André Malo, Cliff Woolley] + PR 21095. [Ron Park , André Malo, Cliff Woolley] *) Update the header token parsing code to allow LWS between the token word and the ':' seperator. [PR 16520] @@ -1014,10 +1032,10 @@ Changes with Apache 2.0.48 [Joe Schaefer ] *) Added FreeBSD directory layout. PR 21100. - [Sander Holthaus , André Malo] + [Sander Holthaus , André Malo] *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP - response. PR 21085. [Glenn Nielsen , André Malo] + response. PR 21085. [Glenn Nielsen , André Malo] *) mod_rewrite: Perform child initialization on the rewrite log lock. This fixes a log corruption issue when flock-based serialization @@ -1051,7 +1069,7 @@ Changes with Apache 2.0.47 infinite loops. The new LimitInternalRecursion directive configures limits of subsequent internal redirects and nested subrequests, after which the request will be aborted. PR 19753 (and probably others). - [William Rowe, Jeff Trawick, André Malo] + [William Rowe, Jeff Trawick, André Malo] *) core_output_filter: don't split the brigade after a FLUSH bucket if it's the last bucket. This prevents creating unneccessary empty @@ -1070,7 +1088,7 @@ Changes with Apache 2.0.47 *) mod_negotiation: Introduce "prefer-language" environment variable, which allows to influence the negotiation process on request basis - to prefer a certain language. [André Malo] + to prefer a certain language. [André Malo] *) Make mod_expires' ExpiresByType work properly, including for dynamically-generated documents. [Ken Coar, Bill Stoddard] @@ -1113,7 +1131,7 @@ Changes with Apache 2.0.46 *) Fix mod_rewrite's handling of absolute URIs. The escaping routines now work scheme dependent and the query string will only be - appended if supported by the particular scheme. [André Malo] + appended if supported by the particular scheme. [André Malo] *) Add another check for already compressed content in mod_deflate. PR 19913. [Tsuyoshi SASAMOTO ] @@ -1143,15 +1161,15 @@ Changes with Apache 2.0.46 processing the request via new %P formats. [Jeff Trawick] *) Use appropriate language codes for Czech (cs) and Traditional Chinese - (zh-tw) in default config files. PR 9427. [André Malo] + (zh-tw) in default config files. PR 9427. [André Malo] *) mod_auth_ldap: Use generic whitespace character class when parsing "require" directives, instead of literal spaces only. PR 17135. - [André Malo] + [André Malo] *) Hook mod_rewrite's type checker before mod_mime's one. That way the RewriteRule [T=...] Flag should work as expected now. PR 19626. - [André Malo] + [André Malo] *) htpasswd: Check the processed file on validity. If a line is not empty and not a comment, it must contain at least one colon. Otherwise exit @@ -1179,15 +1197,15 @@ Changes with Apache 2.0.46 *) When using Redirect in directory context, append requested query string if there's no one supplied by configuration. PR 10961. - [André Malo] + [André Malo] *) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise the pattern will not always match as desired. PR 12596. - [André Malo] + [André Malo] *) mod_autoindex now emits and accepts modern query string parameter delimiters (;). Thus column headers no longer contain unescaped - ampersands. PR 10880 [André Malo] + ampersands. PR 10880 [André Malo] *) Enable ap_sock_disable_nagle for Windows. This along with the addition of APR_TCP_NODELAY_INHERITED to apr.hw will cause Nagle @@ -1225,12 +1243,12 @@ Changes with Apache 2.0.46 characters) in mod_log_config to make a clear distinction between client-supplied strings (with special characters) and server-side strings. This was already introduced in version 1.3.25. - [André Malo] + [André Malo] *) mod_deflate: Check also err_headers_out for an already set Content-Encoding: gzip header. This prevents gzip compressed content from a CGI script from being compressed once more. PR 17797. - [André Malo] + [André Malo] Changes with Apache 2.0.45 @@ -1257,12 +1275,12 @@ Changes with Apache 2.0.45 *) Fix path handling of mod_rewrite, especially on non-unix systems. There was some confusion between local paths and URL paths. - PR 12902. [André Malo] + PR 12902. [André Malo] *) Prevent endless loops of internal redirects in mod_rewrite by aborting after exceeding a limit of internal redirects. The limit defaults to 10 and can be changed using the RewriteOptions - directive. PR 17462. [André Malo] + directive. PR 17462. [André Malo] *) Win32: Avoid busy wait (consuming all the CPU idle cycles) when all worker threads are busy. @@ -1277,7 +1295,7 @@ Changes with Apache 2.0.45 *) mod_deflate: Extend the DeflateFilterNote directive to allow accurate logging of the filter's in- and outstream. - [André Malo] + [André Malo] *) Allow SSLMutex to select/use the full range of APR locking mechanisms available to it. Also, fix the bug that SSLMutex uses @@ -1285,7 +1303,7 @@ Changes with Apache 2.0.45 Martin Kutschker ] *) Restore the ability of htdigest.exe to create files that contain - more than one user. PR 12910. [André Malo] + more than one user. PR 12910. [André Malo] *) Improve binary compatibility of the core between debug (aka maintainer-mode) and a non-debug compile. @@ -1293,13 +1311,13 @@ Changes with Apache 2.0.45 *) mod_usertrack: don't set the cookie in subrequests. This works around the problem that cookies were set twice during fast internal - redirects. PR 13211. [André Malo] + redirects. PR 13211. [André Malo] *) mod_autoindex no longer forgets output format and enabled version - sort in linked column headers. [André Malo] + sort in linked column headers. [André Malo] *) Use .sv instead of .se as extension for Swedish documents in the - default configuration. PR 12877. [André Malo] + default configuration. PR 12877. [André Malo] *) Updated mod_ldap and mod_auth_ldap to support the Novell LDAP SDK SSL and standardized the LDAP SSL support across the various LDAP SDKs. @@ -1327,7 +1345,7 @@ Changes with Apache 2.0.45 [Justin Erenkrantz] *) Fix segfault which occurred when a section in an included - configuration file was not closed. PR 17093. [André Malo] + configuration file was not closed. PR 17093. [André Malo] *) Enhance the behavior of mod_isapi's WriteClient() callback to provide better emulation for isapi modules that presume that the @@ -1347,19 +1365,19 @@ Changes with Apache 2.0.45 *) Hook mod_proxy's fixup before mod_rewrite's fixup, so that by mod_rewrite proxied URLs will not be escaped accidentally by - mod_proxy's fixup. PR 16368 [André Malo] + mod_proxy's fixup. PR 16368 [André Malo] *) While processing filters on internal redirects, remember seen EOS buckets also in the request structure of the redirect issuer(s). This prevents filters (such as mod_deflate) from adding garbage to the - response. PR 14451. [André Malo] + response. PR 14451. [André Malo] *) suexec: Be more pedantic when cleaning environment. Clean it immediately after startup. PR 2790, 10449. - [Jeff Stewart , André Malo] + [Jeff Stewart , André Malo] *) Fix apxs to insert LoadModule directives only outside of sections. - PR 8712, 9012. [André Malo] + PR 8712, 9012. [André Malo] *) Fix suexec compile error under SUNOS4, where strerror() doesn't exist. PR 5913, 9977. @@ -1370,7 +1388,7 @@ Changes with Apache 2.0.45 *) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's not specified. Now it assumes "/" as already documented. PR 16937. - [André Malo] + [André Malo] *) Try to log an error if a piped log program fails. Try to restart a piped log program in more failure situations. Fix an @@ -1391,7 +1409,7 @@ Changes with Apache 2.0.45 [Allen Edwards, William Rowe] *) Fix bug where 'Satisfy Any' without an AuthType lost all MIME - information (and more). Related to PR 9076. [André Malo] + information (and more). Related to PR 9076. [André Malo] *) mod_file_cache: fix segfault serving mmaped cached files. [Bill Stoddard] @@ -1415,7 +1433,7 @@ Changes with Apache 2.0.45 [Thom May ] *) mod_rewrite: Allow "RewriteEngine Off" even if no "Options FollowSymlinks" - (or SymlinksIfOwnermatch) is set. PR 12395. [André Malo] + (or SymlinksIfOwnermatch) is set. PR 12395. [André Malo] *) apxs: Include any special APR ld flags when linking the DSO. This resolves problems on AIX when building a DSO with apxs+gcc. @@ -1463,7 +1481,7 @@ Changes with Apache 2.0.44 PR 14256 [Graham Leggett] *) Fix the building of cgi command lines when the query string - contains '='. PR 13914 [Ville Skyttä , + contains '='. PR 13914 [Ville Skyttä , Jeff Trawick] *) Rename CacheMaxStreamingBuffer to MCacheMaxStreamingBuffer. Move @@ -1480,7 +1498,7 @@ Changes with Apache 2.0.44 *) Replace APU_HAS_LDAPSSL_CLIENT_INIT with APU_HAS_LDAP_NETSCAPE_SSL as set by apr-util in util_ldap.c. This should allow mod_ldap - to work with the Netscape/Mozilla LDAP library. [Øyvin Sømme + to work with the Netscape/Mozilla LDAP library. [Øyvin Sømme , Graham Leggett] *) Fix critical bug in new --enable-v4-mapped configure option @@ -1488,7 +1506,7 @@ Changes with Apache 2.0.44 systems. [hiroyuki hanai ] *) mod_setenvif: Fix BrowserMatchNoCase support for non-regex - patterns [André Malo ] + patterns [André Malo ] *) Add version string to provider API. [Justin Erenkrantz] @@ -1498,11 +1516,11 @@ Changes with Apache 2.0.44 *) mod_negotiation: Set the appropriate mime response headers (Content-Type, charset, Content-Language and Content-Encoding) for negotated type-map "Body:" responses (such as the error - pages.) [André Malo ] + pages.) [André Malo ] *) mod_log_config: Allow '%%' escaping in CustomLog format strings to insert a literal, single '%'. - [André Malo ] + [André Malo ] *) mod_autoindex: AddDescription directives for directories now work as in Apache 1.3, where no trailing '/' is @@ -1563,7 +1581,7 @@ Changes with Apache 2.0.44 [Frederic DONNAT ] *) Always emit Vary header if mod_deflate is involved in the - request. [Andre Malo ] + request. [André Malo ] *) mod_isapi: Stop unsetting the 'empty' query string result with a NULL argument in ecb->lpszQueryString, eliminating segfaults @@ -1783,7 +1801,7 @@ Changes with Apache 2.0.41 *) Update the xslt and css to give the documentation a more modern style. - [André Malo , Gernot Winkler ] + [André Malo , Gernot Winkler ] *) Fix some bucket memory leaks in the chunking code [Joe Schaefer ] @@ -1836,7 +1854,7 @@ Changes with Apache 2.0.41 log file [Ian Holsman] *) Correct ISAPIReadAheadBuffer to default to 49152, per mod_isapi docs. - [André Malo, Astrid Keßler ] + [André Malo, Astrid Keßler ] *) Fix Segfault in mod_cache. [Kris Verbeeck ] @@ -2323,7 +2341,7 @@ Changes with Apache 2.0.37 *) Make apxs look in the correct directory for envvars. It was broken when sbindir != bindir. PR 8869 - [Andreas Sundström ] + [Andreas Sundström ] *) Fix mod_deflate corruption when using multiple buckets. PR 9014. [Asada Kazuhisa ] @@ -4207,7 +4225,7 @@ Changes with Apache 2.0.22 *) Fix a cosmetic problem with mod_include. Non-existant SSI vars used to appear as '(none', without the closing paren. - [Günter Knauf ] + [Günter Knauf ] *) Improve the exports generating awk script. In the past, we had work around problems in the awk script by avoiding some #if and @@ -5429,7 +5447,7 @@ Changes with Apache 2.0a8 but APR needs the check too, and I suspect other applications will as well. APR now defines APR_INADDR_NONE, which is always a valid value on all platforms. - [Branko Èibej ] + [Branko ÄŒibej ] *) Destroy the pthread mutex in lock_intra_cleanup() for PR#6824. [Shuichi Kitaguchi ] @@ -5587,7 +5605,7 @@ Changes with Apache 2.0a8 [Ryan Bloom] *) apr_psprintf doesn't understand %lld as a format. Make it %ld. - [Tomas "Ögren" ] + [Tomas Ögren ] *) APR pipes on Unix and Win32 are now cleaned up automatically when the associated pool goes away. (APR pipes on OS/2 were already had this @@ -5795,11 +5813,11 @@ Changes with Apache 2.0a7 -cache result for "struct rlimit" -compile all helper programs with native and cross compiler and use the native version to generate header file - ["Rüdiger" Kuhlmann ] + [Rüdiger Kuhlmann ] *) Prepare our autoconf setup for autoconf 2.14a and for cross- compiling. - ["Rüdiger" Kuhlmann ] + [Rüdiger Kuhlmann ] *) Fix a bug where a client which only sends \n to delimit header lines (netcat) gets a strange looking HTTP_NOT_IMPLEMENTED @@ -6357,7 +6375,7 @@ Changes with Apache 2.0a4 *) Brought mod_auth_digest up to synch with 1.3, fixed ap_time_t- related bugs, and changed shmem/locking to use apr API. Shared-mem is currently disabled, however, because of problems with graceful - restarts. [Ronald Tschalär] + restarts. [Ronald Tschalär] *) Fix corruption of IFS variable in --with-module= handling. Depending on the user's shell or customization thereof, there @@ -7000,7 +7018,7 @@ Changes with Apache 1.3.9 *) Print out pointer to Rule DEV_RANDOM when truerand lib not found. Fix test-compile check to check for randbyte instead of trand32. Use ap_base64encode_binary/decode instead of copy in mod_auth_digest.c - and tweak to make Amaya happier. [Ronald Tschalär] + and tweak to make Amaya happier. [Ronald Tschalär] *) Ensure that the installed expat include files are world readable, just like the other header files. [Martin Kraemer] @@ -7074,7 +7092,7 @@ Changes with Apache 1.3.8 [not released] name on DYNIX -- changed to mmap_rec. [Roy Fielding] PR#4735 *) Added updated mod_digest as modules/experimental/mod_auth_digest. - [Ronald Tschalär ] + [Ronald Tschalär ] *) Fix a memory leak where the module counts were getting messed up across restarts. [David Harris ] @@ -7464,7 +7482,7 @@ Changes with Apache 1.3.7 [not released] *) Fix buffer overflows in ap_uuencode and ap_uudecode pointed out by "Peter 'Luna' Altberg " and PR#3422 - [Peter 'Luna' Altberg , Ronald Tschalär] + [Peter 'Luna' Altberg , Ronald Tschalär] *) Make {Set,Unset,Pass}Env per-directory instead of per-server. [Ben Laurie] @@ -7585,7 +7603,7 @@ Changes with Apache 1.3.5 [not released] 8 bit characters on a machine with signed char may produced incorrect results. Additionally ap_uuencode() should now work correctly on EBCDIC platforms. - [Ronald Tschalär ] PR#3411 + [Ronald Tschalär ] PR#3411 *) WIN32: Binary installer now runs the configuration DLL before the reboot prompt (which is only given if MSVCRT.DLL system @@ -8157,7 +8175,7 @@ Changes with Apache 1.3.4 *) ap_md5_binary() was using sprintf() rather than a table lookup to convert binary bytes to hex digits. - [Ronald Tschalär ] PR#3409 + [Ronald Tschalär ] PR#3409 *) Fix SEGV in TCN negotiation if no variants are acceptable. [Martin Plechsmid ] PR#1987 @@ -9874,7 +9892,7 @@ Changes with Apache 1.3b6 *) After a SIGHUP the listening sockets in the parent weren't properly marked for closure on fork(). - [Jürgen Keil ] PR#2000 + [Jürgen Keil ] PR#2000 *) Allow %2F in two situations: 1) it is in the query part of the URI, therefore not exposed to %2F -> '/' translations and 2) the request @@ -10873,7 +10891,7 @@ Changes with Apache 1.3b3 handle multiple Listen directives. [Marc Slemko] PR#872 *) Inherit a bugfix to fnmatch.c from FreeBSD sources. - ["[KOI8-R] áÎÄÒÅÊ þÅÒÎÏ×" ] PR#1311 + [Ðндрей Чернов ] PR#1311 *) When a configuration parse complained about a bad directive, the logger would use whatever (unrelated) value was in errno. diff --git a/STATUS b/STATUS index 32448e1710..38e4abcdc9 100644 --- a/STATUS +++ b/STATUS @@ -104,90 +104,32 @@ CURRENT RELEASE NOTES: RELEASE SHOWSTOPPERS: - * Various fixes to T-E and C-L processing from trunk - - Refactor mod_proxy_http.c's Transfer-Encoding/Content-Length elections - since they didn't follow RFC 2616, in fact didn't seem to make much - sense at all. Patch to migrate request-body-handling from trunk/ based - on 2.1-dev request body handling behavior (although just a bit more - conservative on the side of C-L spooling)... - http://people.apache.org/~wrowe/httpd-2.0-proxy-request-3.patch - Revert r219061 to properly test this patch, as r219061 masks the - underlying bug (although it is a -good- patch in and of itself). + * Copy the backport branch of all of the mod_proxy_http.c's request body + handling security, protocol and bug fixes; by svn copy'ing the file + httpd/httpd/branches/proxy-reqbody-2.0.x/modules/proxy/proxy_http.c back to + httpd/branches/2.0.x/... preserving the detail of all of the individually + backported changes. +1: wrowe, jim - -1: jorton: this is a massive patch and extremely hard to review - for actual interesting content; it is mixed in with all sorts - of unrelated stuff. It needs to at least be split up or - the unrelated stuff removed. - - unrelated change: s/apr_strnatcasecmp/strcasecmp/ - unrelated change: s/b/bb/ on variable+parameter names a few times - unrelated change: whitespaces changes all over the shop - spurious change:? send_request_body() appears to have been inlined - unrelated change: Via header handling - - trawick noted on list: we elected C-L not for efficiency, but because - it's the most widely supported [paraphrasing] - wrowe notes: I agree - this new patch always chooses C-L for any - C-L body received. If the origin kicks out LENGTH_REQUIRED - for a T-E body it's always up to the client to react. - Note proxy-sendchunks can override this behavior. - roy Notes on list: we must always prefer C-L if it's going to fit - in our brigade. - wrowe good point; the revised patch prereads MAX_MEM_SPOOL and will - try reading that before choosing C-L or T-E. - wrowe adds; After testing, I've determined one brigade isn't enough, - so I've extended this to a loop up to MAX_MEM_SPOOL, we will - fetch up enough body to fill MAX_MEM_SPOOL and hopefully - hit the C-L code path most of the time. - - trawick We are counting bytes in stream_reqbody_cl but filters can - change the size? [p] - wrowe Yes - which is why the patch prefers spool_reqbody_cl unless - the filter stack is unchanged from proto_input_filters. The - protocol filters shouldn't be changing content size. And when - it happens, we have to barf or we have a split request. - The old behavior was worse; we would stream the request body - in additional cases without looking to see if the byte count - matched Content-Length. Easy opportunity for split requests. - - trawick What specifically was done for conformance to RFC 2616? [p] - wrowe Elect the appropriate body handling, and ensure that body - request contains the required *single* T-E or C-L header, - and there are far few code paths to stream_reqbody_cl which - was most likely to create split requests by reporting the - wrong C-L. - - trawick Please split philosophy from rfc violations from security - fixes in the CHANGES log? [p] - wrowe The others are all a bit to intertwined, the Watchfire report - spelled out that it's different behavior and RFC 2616 deviations - that cause the vulnerability, so I don't see how we can divide - the issues of correctly sending the body and choosing the - transport flavor. + -1: + For a complete history of individual unit changes, see r230703 - r230744 in + http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/proxy-reqbody-2.0.x/ + [...] modules/proxy/proxy_http.c?&view=log + Cite the specific patch with justification for each specific objection. -PATCHES ACCEPTED TO BACKPORT FROM TRUNK: - [ please append new backports at the end of this list not the top. ] + Suggested; revert r219061 to thoroughly test this patch, as r219061 masks + some underlying bugs (although it is a -good- patch in and of itself and + provides additional protection to other content-handling modules). - *) ap_proxy_canonenc() is over-eager in handling '%' for reverse - proxies (PR: 29554). - Index: modules/proxy/proxy_util.c - - if (isenc && ch == '%') { - + if (isenc && (isenc != PROXYREQ_REVERSE) && ch == '%') { + * TRACE must not have a request body per RFC2616; see the -trace.patch + below for one of two alternatives. The other alternative; simply + hack mod_proxy.c to reject TRACE when a body is seen, again see that + -trace.patch for an illustration. - +1: jim, pquerna, wrowe - *) Fix fd leak in piped logging code, fix error handling, and remove - dead errno handling. - http://svn.apache.org/viewcvs?rev=170441&view=rev - http://svn.apache.org/viewcvs?rev=170537&view=rev - http://svn.apache.org/viewcvs?rev=170719&view=rev - all-in-one patch incremental to the PR 26467 fix: - http://people.apache.org/~jorton/ap_pipedlog2.diff - +1: jorton, trawick, wrowe - [yes, I will write a CHANGES entry too] +PATCHES ACCEPTED TO BACKPORT FROM TRUNK: + [ please append new backports at the end of this list not the top. ] *) several changes to improve logging of connection-oriented errors, including ap_log_cerror() API (needs minor bump in addition to changes below) @@ -253,11 +195,38 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: Votes from before the integration branch: +1: jerenkrantz, wrowe (trivial, would even be cool in 1.3) + *) proxy FTP: Fix confusion about globbing characters which could lead + to getting a directory listing when a file was requested. PR 34512. + 2.1 patch was http://svn.apache.org/viewcvs?rev=179704&view=rev + 2.0 version: http://people.apache.org/~trawick/179704-20.txt + +1: trawick, jorton, wrowe + + *) Prevent bad dereferencing of non-existent req struct in + mod_auth_ldap's mod_auth_ldap_auth_checker() if + mod_auth_ldap_check_user_id() was never (fully) called. + Similar behavior to that in 2.1/2.2. + http://people.apache.org/~jim/mod_auth_ldap-2.0.patch + +1: jim, minfrin, bnicholes + + *) Add httxt2dbm for creating RewriteMap DBM Files. + http://svn.apache.org/viewcvs.cgi?rev=209539&view=rev + +1: pquerna, jorton, trawick PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to identify exactly what the proposed changes are! ] + *) Fix CAN-2005-2491, integer overflow in pcre. + http://svn.apache.org/viewcvs?rev=233493&view=rev + rediff for 2.0: http://people.apache.org/~jorton/CAN-2005-2491.patch + test case: perl-framework/t/security/CAN-2005-2491.t + +1: jorton, nd + + *) Remove the base href tag from mod_proxy_ftp, as it breaks relative + links for clients not using an Authorization header. + modules/proxy/mod_proxy_ftp.c: r231044 + +1: minfrin, jim, nd + *) Correct RFC 2616 non-compliance by refusing to proxy a request body in a TRACE request, unless TraceEnable extended is configured. Introduces TraceEnable [on|off|extended] to give the administrator @@ -325,23 +294,21 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: http://svn.apache.org/viewcvs?rev=178262&view=rev (With 2.0.x it is the same code in the same function, but in a different source file.) - +1: trawick + +1: trawick, wrowe, nd *) Support the suppress-error-charset setting, as with Apache 1.3.x. PR 31274. (current docs say it works with Apache from 2.0.40 ;) ) http://svn.apache.org/viewcvs?rev=170354&view=rev - +1: trawick, jorton - - *) proxy FTP: Fix confusion about globbing characters which could lead - to getting a directory listing when a file was requested. PR 34512. - 2.1 patch was http://svn.apache.org/viewcvs?rev=179704&view=rev - 2.0 version: http://people.apache.org/~trawick/179704-20.txt - +1: trawick, jorton + +1: trawick, jorton, nd *) mod_mime_magic: Handle CRLF-format magic files so that it works with the default installation on Windows. http://svn.apache.org/viewcvs?rev=179622&view=rev - +1: trawick + +1: trawick, wrowe + wrowe asks: is it possible to simply strip trailing whitespace instead + of special handling for the end of line characters? + Seems more portable. + trawick says: makes sense; searching for bandwidth *) mod_cache: Fix handling of 'Vary: *". PR 16125. Trunk: r180341 @@ -357,16 +324,20 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: includes. http://svn.apache.org/viewcvs?rev=179763&view=rev 2.0.x patch: http://people.apache.org/~jorton/ap_pr12655.patch + test case in perl-framework/t/modules/include.t PR: 12655 - +1: jorton + +1: jorton, nd *) mod_auth_digest: Fix hostinfo validation for CONNECT requests. http://svn.apache.org/viewcvs.cgi?rev=193127&view=rev - +1: jorton + +1: jorton, nd - *) Add httxt2dbm for creating RewriteMap DBM Files. - http://svn.apache.org/viewcvs.cgi?rev=209539&view=rev - +1: pquerna + *) Reverse Proxy fixes: bug and Cookie support + Patch is at + http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=112365629308138&q=p4 + and is in production with Clients. + +1: niq, nd + niq: I'm seeing *a lot* of demand for this. PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON: @@ -517,9 +488,6 @@ PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON: CURRENT VOTES: - * Reverse proxy cookie patch from PR#10722 (c.f. comment 16) - +1: niq - * Promote mod_ldap and mod_auth_ldap from experimental to non experimental status. +1: bnicholes, wrowe diff --git a/docs/manual/dns-caveats.html.es b/docs/manual/dns-caveats.html.es index ed28bf68b3..ead02a9796 100644 --- a/docs/manual/dns-caveats.html.es +++ b/docs/manual/dns-caveats.html.es @@ -47,8 +47,8 @@

- <VirtualHost www.abc.com>
- ServerAdmin webgirl@abc.com
+ <VirtualHost www.abc.dom>
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

@@ -60,7 +60,7 @@ responderá a las peticiones que se produzcan. El ejemplo mostrado arriba no incluye la direccion IP, de manera que Apache tiene que usar una resolución DNS para encontrar la - dirección IP correspondiente a www.abc.com. Si + dirección IP correspondiente a www.abc.dom. Si por alguna razón la resolución DNS no está disponible en el momento en que su servidor está analizando sintánticamente su fichero de configuración, entonces @@ -69,12 +69,12 @@ hagan a ese host virtual (en las versiones de Apache anteriores a la 1.2 el servidor ni siquiera se iniciaba).

-

Suponga que www.abc.com tiene como dirección +

Suponga que www.abc.dom tiene como dirección IP la 10.0.0.1. Considere la siguiente configuración:

<VirtualHost 10.0.0.1>
- ServerAdmin webgirl@abc.com
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

@@ -95,8 +95,8 @@

<VirtualHost 10.0.0.1>
- ServerName www.abc.com
- ServerAdmin webgirl@abc.com
+ ServerName www.abc.dom
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

@@ -111,17 +111,17 @@ de las dos búsquedas de DNS mencionadas arriba falla para cualquiera de sus hosts virtuales. En algunos casos estas búsquedas DNS puede que no estén bajo su control; por - ejemplo, si abc.com es uno de sus clientes y ellos + ejemplo, si abc.dom es uno de sus clientes y ellos controlan su propia DNS, pueden forzar a su servidor (pre-1.2) a fallar al iniciarse simplemente borrando el registro - www.abc.com.

+ www.abc.dom.

Otra formas pueden ser bastante más complicadas. Fíjese en esta configuración:

- <VirtualHost www.abc.com>
-   ServerAdmin webgirl@abc.com
+ <VirtualHost www.abc.dom>
+   ServerAdmin webgirl@abc.dom
  DocumentRoot /www/abc
</VirtualHost>

@@ -132,19 +132,19 @@

Suponga que ha asignado la dirección 10.0.0.1 a - www.abc.com y 10.0.0.2 a + www.abc.dom y 10.0.0.2 a www.def.com. Todavía más, suponga que def.com tiene el control de sus propias DNS. Con esta configuración ha puesto def.com en una posición en la que puede robar todo el trafico destinado a - abc.com. Para conseguirlo, todo lo que tiene que + abc.dom. Para conseguirlo, todo lo que tiene que hacer es asignarle a www.def.com la dirección 10.0.0.1. Como ellos controlan sus propias DNS no puede evitar que apunten el registro www.def.com a donde quieran.

Las peticiones dirigidas a la dirección 10.0.0.1 (incluídas aquellas en las los usuarios escriben URLs de tipo - http://www.abc.com/whatever) serán todas + http://www.abc.dom/whatever) serán todas servidas por el host virtual def.com. Comprender por qué ocurre esto requiere una discusión más profunda acerca de como Apache asigna las peticiones que recibe a los hosts diff --git a/docs/manual/dns-caveats.xml.es b/docs/manual/dns-caveats.xml.es index d086884522..ebe650c3cb 100644 --- a/docs/manual/dns-caveats.xml.es +++ b/docs/manual/dns-caveats.xml.es @@ -40,8 +40,8 @@ Un ejemplo sencillo - <VirtualHost www.abc.com>
- ServerAdmin webgirl@abc.com
+ <VirtualHost www.abc.dom>
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost> @@ -53,7 +53,7 @@ responderá a las peticiones que se produzcan. El ejemplo mostrado arriba no incluye la direccion IP, de manera que Apache tiene que usar una resolución DNS para encontrar la - dirección IP correspondiente a www.abc.com. Si + dirección IP correspondiente a www.abc.dom. Si por alguna razón la resolución DNS no está disponible en el momento en que su servidor está analizando sintánticamente su fichero de configuración, entonces @@ -62,12 +62,12 @@ hagan a ese host virtual (en las versiones de Apache anteriores a la 1.2 el servidor ni siquiera se iniciaba).

-

Suponga que www.abc.com tiene como dirección +

Suponga que www.abc.dom tiene como dirección IP la 10.0.0.1. Considere la siguiente configuración:

<VirtualHost 10.0.0.1>
- ServerAdmin webgirl@abc.com
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost> @@ -88,8 +88,8 @@ <VirtualHost 10.0.0.1>
- ServerName www.abc.com
- ServerAdmin webgirl@abc.com
+ ServerName www.abc.dom
+ ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost> @@ -104,17 +104,17 @@ de las dos búsquedas de DNS mencionadas arriba falla para cualquiera de sus hosts virtuales. En algunos casos estas búsquedas DNS puede que no estén bajo su control; por - ejemplo, si abc.com es uno de sus clientes y ellos + ejemplo, si abc.dom es uno de sus clientes y ellos controlan su propia DNS, pueden forzar a su servidor (pre-1.2) a fallar al iniciarse simplemente borrando el registro - www.abc.com.

+ www.abc.dom.

Otra formas pueden ser bastante más complicadas. Fíjese en esta configuración:

- <VirtualHost www.abc.com>
-   ServerAdmin webgirl@abc.com
+ <VirtualHost www.abc.dom>
+   ServerAdmin webgirl@abc.dom
  DocumentRoot /www/abc
</VirtualHost>

@@ -125,19 +125,19 @@

Suponga que ha asignado la dirección 10.0.0.1 a - www.abc.com y 10.0.0.2 a + www.abc.dom y 10.0.0.2 a www.def.com. Todavía más, suponga que def.com tiene el control de sus propias DNS. Con esta configuración ha puesto def.com en una posición en la que puede robar todo el trafico destinado a - abc.com. Para conseguirlo, todo lo que tiene que + abc.dom. Para conseguirlo, todo lo que tiene que hacer es asignarle a www.def.com la dirección 10.0.0.1. Como ellos controlan sus propias DNS no puede evitar que apunten el registro www.def.com a donde quieran.

Las peticiones dirigidas a la dirección 10.0.0.1 (incluídas aquellas en las los usuarios escriben URLs de tipo - http://www.abc.com/whatever) serán todas + http://www.abc.dom/whatever) serán todas servidas por el host virtual def.com. Comprender por qué ocurre esto requiere una discusión más profunda acerca de como Apache asigna las peticiones que recibe a los hosts diff --git a/docs/manual/howto/auth.html b/docs/manual/howto/auth.html index fddd99738b..62d4b23735 100644 --- a/docs/manual/howto/auth.html +++ b/docs/manual/howto/auth.html @@ -2,6 +2,10 @@ URI: auth.html.en Content-Language: en Content-type: text/html; charset=ISO-8859-1 +URI: auth.html.es +Content-Language: es +Content-type: text/html; charset=ISO-8859-1 + URI: auth.html.ja.euc-jp Content-Language: ja Content-type: text/html; charset=EUC-JP diff --git a/docs/manual/howto/auth.html.en b/docs/manual/howto/auth.html.en index 3dfbde1fd5..69a4bbccd3 100644 --- a/docs/manual/howto/auth.html.en +++ b/docs/manual/howto/auth.html.en @@ -19,6 +19,7 @@ Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

Authentication, Authorization and Access Control

Available Languages:  en  | + es  |  ja  |  ko 

@@ -345,6 +346,7 @@ do?

Available Languages:  en  | + es  |  ja  |  ko 

ǧ¾Ú¡¢¾µÇ§¡¢¥¢¥¯¥»¥¹À©¸æ

Available Languages:  en  | + es  |  ja  |  ko 

@@ -378,6 +379,7 @@

Available Languages:  en  | + es  |  ja  |  ko 

°¡´ÉÇÑ ¾ð¾î:  en  | + es  |  ja  |  ko 

+
Diese Übersetzung ist möglicherweise + nicht mehr aktuell. Bitte prüfen Sie die englische Version auf + die neuesten Änderungen.

Dieses Dokument umfaßt nur die Kompilierung und Installation des Apache auf Unix und Unix-ähnlichen Systemen. Für die diff --git a/docs/manual/install.html.en b/docs/manual/install.html.en index af5d95e021..b141d3a30b 100644 --- a/docs/manual/install.html.en +++ b/docs/manual/install.html.en @@ -155,14 +155,15 @@ [OPTIONAL]

For some of the support scripts like apxs or dbmmanage (which are written in Perl) the Perl 5 interpreter is required (versions - 5.003 or newer are sufficient). If no such interpreter is found by - the configure script there is no harm. Of course, you - still can build and install Apache 2.0. Only those support scripts - cannot be used. If you have multiple Perl interpreters - installed (perhaps a Perl 4 from the vendor and a Perl 5 from - your own), then it is recommended to use the --with-perl - option (see below) to make sure the correct one is selected - by configure.
+ 5.003 or newer are sufficient). If you have multiple Perl + interpreters (for example, a systemwide install of Perl 4, and + your own install of Perl 5), you are advised to use the + --with-perl option (see below) to make sure the + correct one is used by configure. + If no Perl 5 interpreter is found by the + configure script, you will not be able to use + the affected support scripts. Of course, you will still be able to + build and use Apache 2.0.
top
diff --git a/docs/manual/install.html.es b/docs/manual/install.html.es index 57cfe393f2..7dbc283019 100644 --- a/docs/manual/install.html.es +++ b/docs/manual/install.html.es @@ -25,6 +25,10 @@  ko  |  ru 

+
Esta traducción podría estar + obsoleta. Consulte la versión en inglés de la + documentación para comprobar si se han producido cambios + recientemente.

Este documento explica cómo compilar e instalar Apache en diff --git a/docs/manual/install.xml b/docs/manual/install.xml index 5bf0484350..a89aaac0bd 100644 --- a/docs/manual/install.xml +++ b/docs/manual/install.xml @@ -152,14 +152,15 @@

For some of the support scripts like apxs or dbmmanage (which are written in Perl) the Perl 5 interpreter is required (versions - 5.003 or newer are sufficient). If no such interpreter is found by - the configure script there is no harm. Of course, you - still can build and install Apache 2.0. Only those support scripts - cannot be used. If you have multiple Perl interpreters - installed (perhaps a Perl 4 from the vendor and a Perl 5 from - your own), then it is recommended to use the --with-perl - option (see below) to make sure the correct one is selected - by configure.
+ 5.003 or newer are sufficient). If you have multiple Perl + interpreters (for example, a systemwide install of Perl 4, and + your own install of Perl 5), you are advised to use the + --with-perl option (see below) to make sure the + correct one is used by configure. + If no Perl 5 interpreter is found by the + configure script, you will not be able to use + the affected support scripts. Of course, you will still be able to + build and use Apache 2.0. diff --git a/docs/manual/install.xml.de b/docs/manual/install.xml.de index 9aec9da9df..9cbd30c6c1 100644 --- a/docs/manual/install.xml.de +++ b/docs/manual/install.xml.de @@ -1,7 +1,7 @@ - + + + + + + + + + +