Index [ptgmedia.pearsoncmg.com]ptgmedia.pearsoncmg.com/images/9780132409674/index/... · access_checker hook in host-based access control, 183 purpose, 45 in request processing, 155–156

HTTP Status Codes

100 Continue code, 400–402, 410–411101 Switching Protocols code, 411110 Response is stale code, 503111 Revalidation failed code, 503112 Disconnected operation code, 503113 Heuristic expiration code, 503199 Miscellaneous warning code, 503200 OK code, 411201 Created code, 411–412202 Accepted code, 412203 Non-authoritative Information code, 412204 No Content code, 412–413205 Reset Content code, 413206 Partial Content code, 413–414214 Transformation applied code, 503–504299 Miscellaneous persistent warning code,

504300 Multiple Choices code, 414–415301 Moved Permanently code, 415302 Found code, 415–416303 See Other code, 416304 Not Modified code, 416–417305 Use Proxy code, 417307 Temporary Redirect code, 417–418400 Bad Request code, 418401 Unauthorized code, 186, 418–419403 Forbidden code, 186, 419404 Not Found code, 419405 Method Not Allowed code, 419406 Not Acceptable code, 419–420407 Proxy Authentication Required code, 186,

420

408 Request Timeout code, 420409 Conflict code, 420–421410 Gone code, 421411 Length Required code, 421412 Precondition Failed code, 421413 Request Entity Too Large code, 422414 Request-URI Too Long code, 422415 Unsupported Media Type code, 422416 Requested Range Not Satisfiable code,

422417 Expectation Failed code, 423500 Internal Server Error code, 423501 Not Implemented code, 423502 Bad Gateway code, 423503 Service Unavailable code, 423–424504 Gateway Timeout code, 424505 HTTP Version Not Supported code, 424

# (signs)for comments, 25HTTP rules, 367

A

AAA (Access, Authentication, andAuthorization), 177

access denial in, 186–187in Apache 1.x/2.0, 182in Apache 2.1/2.2, 182–185authentication in, 186–187logic in, 185–186login schemes in, 195–199

Index

531

Kew_index.qxd 12/20/06 7:40 PM Page 531

532 Index

AAA (Access, Authentication, andAuthorization), continued

modules for, 187–188authentication function, 190–192basic authentication providers, 188–190,

193–195configuration, 193digest authentication providers, 193–195

overview, 180–181summary, 199–200

Abnormal running, modules dealing with,337–338

absoluteURI option, 389abstract in HTTP/1.1 specification, 358Accept request-header field, 159, 453–455,

507Accept-Charset request-header field, 455–456Accept-Encoding request-header field,

456–457Accept-Language request-header field, 159,

382, 457–458Accept-Ranges response-header field, 459Accepted status code, 412Access

AAA. See AAA (Access, Authentication, andAuthorization)

denying, 186–187in HTTP/1.1 specification, 424

access_checker hookin host-based access control, 183purpose, 45in request processing, 155–156

ACCESS_CONF option, 246Acknowledgments in HTTP/1.1 specification,

510–512, 530AddHandler directive, 42AddLanguage directive, 159AddOutputFilter directive, 211AddOutputFilterByType directive, 211Age calculations in cache expiration model,

434–436

Age of responses in HTTP/1.1 specification,363

Age response-header field, 459Agent-driven content negotiation, 425–427Alias directive, 157–158Allow directive, 182Allow entity-header field, 459–460Ampersands (&) for key/value pairs, 138Anonymous authentication, 193ap_ header files, 39ap_check_cmd_context function, 255ap_check_command_context function, 256ap_config.h file, 268ap_dbd API, 290, 302–303ap_dbd_acquire function, 283–284, 286–287,

302–303ap_dbd_cacquire function, 287, 302–303ap_dbd_close function, 283, 287, 302ap_dbd_open function, 282, 287, 302–303ap_dbd_prepare function, 287, 302, 304ap_dbd_t type, 302ap_destroy_sub_req function, 164, 167AP_FILTER_PROTO_CHANGE field, 216AP_FILTER_PROTO_CHANGE_LENGTH

field, 216AP_FILTER_PROTO_NO_BYTERANGE

field, 216AP_FILTER_PROTO_NO_CACHE field, 217AP_FILTER_PROTO_NO_PROXY field, 217AP_FILTER_PROTO_TRANSFORM field,

217ap_filter_protocol function, 216ap_filter_rec_t type, 209–210ap_filter_t type, 67, 208–209AP_FTYPE_CONNECTION filters, 204AP_FTYPE_CONTENT_SET filters, 203–204AP_FTYPE_NETWORK filters, 204AP_FTYPE_PROTOCOL filters, 203AP_FTYPE_RESOURCE filters, 203–204AP_FTYPE_TRANSCODE filters, 204ap_get_brigade function, 137


Index 533

ap_get_module_config function, 144ap_getword_conf function, 250ap_hook_access_checker hook, 181ap_hook_auth_checker hook, 181ap_hook_check_user_id hook, 181ap_hook_fatal_exception hooks, 336ap_hook_handler function, 268–269ap_hook_monitor function, 337–338ap_hook_translate_name function, 268ap_hook_type_checker function, 269AP_IMPLEMENT_EXTERNAL_HOOK_RU

N_ALL macro, 268AP_IMPLEMENT_EXTERNAL_HOOK_RU

N_FIRST macro, 268AP_IMPLEMENT_EXTERNAL_HOOK_VOI

D macro, 268AP_INIT_FLAG macro, 246–247AP_INIT_ITERATE macro, 247–248AP_INIT_ITERATE2 macro, 247–250AP_INIT_NO_ARGS macro, 246AP_INIT_RAW_ARGS macro, 247, 250, 258AP_INIT_TAKE1 macro, 242–243, 246AP_INIT_TAKE2 macro, 247AP_INIT_TAKE3 macro, 247AP_INIT_TAKE12 macro, 247ap_internal_fast_redirect function, 162ap_internal_redirect function, 161ap_log_cerror function, 324–325ap_log_error function, 324–325ap_log_perror function, 324–325ap_log_rerror function, 324–325ap_lookup_provider function, 275ap_meets_conditions function, 146AP_MODE_GETLINE mode, 231AP_MODE_READBYTES mode, 231ap_pass_brigade function, 137, 205, 221ap_pcfg_open_custom function, 261ap_provider API, 272–277ap_provider.h header file, 41ap_register_output_filter_protocol function,

216

ap_run_sub_req function, 164ap_set_content_type function, 125, 211ap_set_file_slot function, 245ap_set_flag_slot function, 247ap_set_module_config function, 283ap_some_auth_required function, 186ap_sub_req_lookup_dirent function, 164ap_sub_req_lookup_file function, 164ap_sub_req_lookup_uri function, 164ap_sub_req_method_uri function, 164Apache 1

AAA in, 182history, 1–2

Apache 2AAA in, 182connection pooling in, 291–292history, 2–3

Apache 2.2AAA in, 182–185smart filtering in, 211–217

Apache Bugzilla database, 10#apache chat channel, 17Apache license, 12–14, 343

accepting warranty or additional liability con-ditions, 347

applying, 347–348definitions, 343–345disclaimer of warranty, 346–347grant of copyright license, 345grant of patent license, 345limitation of liability, 347redistribution provisions, 345–346submission of contributions, 346trademarks, 346

Apache Module Developers mailing list, 16#apache-modules chat channel, 17Apache Portable Runtime (APR), 53–54

apr_status_t and return values, 58APU library, 56–57buckets and brigades, 74–75conditional compilation, 59


534 Index

Apache Portable Runtime (APR), continueddata structures, 70–73databases, 79–83declaration macros, 58developers list for, 16encoding and cryptography, 76–77extensions, 79filesystems, 76internationalization, 69libraries, 21modules, 54–55namespacing, 57–58networks, 76pools, 29, 78–79

basic memory management, 61–62connection, 290–292generalized memory management, 62–63implicit and explicit cleanup, 63–64lifetime, 65–67limitations, 68subpools, 98

processes and threads, 78reference manual, 57resource management, 59

lifetime, 65–67pool limitations, 68pools, 61–64problem of, 60–61

strings and formats, 69summary, 83–84time and date, 70URI handling, 77

Apache Software Foundation (ASF), 3–6ApacheCon conferences, 17APLOG_DEBUG level, 326APLOG_INFO level, 326–327APLOG_MARK macro, 325APLOG_TOCLIENT level, 325Appendices in HTTP specification

additional features, 524–525HTTP entities vs. RFC 2045 entities,

521–524

Internet media typesmessage/http and application/http, 518–519multipart/byteranges, 519–520

tolerant applications, 520–521application/http type, 518–519application/x-www-form-urlencoded format,

138Applications, tolerant, 520–521Applications development

Apache history, 1–3Apache Software Foundation, 3–6codebase, 7–9developers, 10–11forums, 9–10further reading, 16–19intellectual property in, 12–16participation in forums, 11process, 6summary, 19

APR. See Apache Portable Runtime (APR)apr_ header files, 39apr_allocator function, 106apr_array_header_t type, 70#apr chat channel, 17apr_conf_vector_t type, 29apr_date module, 70apr_dbd API, 82–83, 290, 292–294

database operations in, 294–298functions in, 298–301

apr_dbd_check_conn function, 299apr_dbd_close function, 298apr_dbd_driver_t type, 294, 307–308apr_dbd_error function, 298, 301apr_dbd_escape function, 301apr_dbd_get_driver function, 298apr_dbd_get_entry function, 300apr_dbd_get_name function, 300apr_dbd_get_row function, 297, 300apr_dbd.h file, 298apr_dbd_init function, 298apr_dbd_internal.h file, 307–308apr_dbd_name function, 298


Index 535

apr_dbd_native function, 293apr_dbd_native_handle function, 298apr_dbd_num_cols function, 300apr_dbd_num_tuples function, 300apr_dbd_open function, 298apr_dbd_pquery function, 295, 301apr_dbd_prepare function, 296, 301apr_dbd_prepared_t type, 294, 308apr_dbd_pselect function, 295, 301apr_dbd_pvquery function, 295, 301apr_dbd_pvselect function, 295, 301apr_dbd_query function, 295, 299apr_dbd_results_t type, 294apr_dbd_row_t type, 294, 308apr_dbd_select function, 295–296, 300apr_dbd_set_dbname function, 299apr_dbd_t type, 294, 308APR_DBD_TRANSACTION_COMMIT

mode, 297apr_dbd_transaction_end function, 299APR_DBD_TRANSACTION_IGNORE_ERR

ORS mode, 297apr_dbd_transaction_mode_get function, 299apr_dbd_transaction_mode_set function, 299APR_DBD_TRANSACTION_ROLLBACK

mode, 297apr_dbd_transaction_start function, 299apr_dbd_transaction_t type, 294, 308apr_dbm.h file, 80apr_dbm module, 80–81, 106APR_DECLARE_EXTERNAL_HOOK macro,

270APR_DECLARE macro, 58, 284apr_file_info module, 76apr_file_io module, 76apr_filepath function, 111apr_fnmatch module, 76apr_global_mutex function, 78, 102APR_HASH_KEY_STRING macro, 73apr_hash module, 70apr_hash_t type, 72

APR_HOOK_FIRST macro, 171, 269APR_HOOK_LAST macro, 269APR_HOOK_MIDDLE macro, 269APR_HOOK_REALLY_FIRST macro, 269APR_HOOK_REALLY_LAST macro, 269apr_hooks.h file, 268, 270apr_hooks module, 79apr_iconv library, 69APR_IMPLEMENT_EXTERNAL_HOOK_R

UN_ALL macro, 271APR_IMPLEMENT_OPTIONAL_HOOK_R

UN_ALL macro, 270apr_memcache module, 106apr_mmap module, 76apr_network_io module, 76apr_off_t type, 231apr_optional_hooks.h file, 268, 270apr_optional_hooks module, 79apr_optional module, 79apr_palloc function, 286apr_poll module, 76apr_pool_cleanup function, 280apr_pool_cleanup_kill function, 63–64apr_pool_cleanup_register function, 64, 283apr_pool_cleanup_run function, 64apr_pool_clear function, 99apr_pool_t type, 29apr_proc_mutex function, 78, 102apr_queue_create function, 73apr_queue module, 70apr_queue_t type, 73apr_read_type_e, 231apr_reslist_create function, 278apr_reslist_destroy function, 278apr_reslist module, 78

implementing, 278–284for resource reuse, 99

apr_ring module, 70, 73apr_rmm module, 105–106apr_shm function, 78, 104–105apr_signal function, 78


536 Index

apr_status_t type, 58, 165–166, 298apr_strings module, 69apr_strmatch module, 69apr_table_addn function, 71apr_table_merge function, 72apr_table_mergen function, 72apr_table module, 70apr_table_overlap function, 72apr_table_set function, 72apr_table_setn function, 71–72apr_table_t type, 71apr_thread_cond function, 78apr_thread_mutex function, 78apr_thread_proc function, 78apr_thread_rwlock function, 78apr_time_from_sec macro, 70apr_time module, 70apr_time_sec macro, 70apr_time_t type, 70apr_uri module, 77apr_uri_parse function, 77apr_uri_t type, 77apr_uri_unparse function, 77APR-UTIL (APU) library, 56–57apr_xlate module, 69APU_MODULE_DECLARE_DATA module,

307apvfs library, 76apxs utility, 128Architecture. See Platform and architectureARRAY_merge function, 254–255Arrays, 70–71Articles, websites for, 19ASF (Apache Software Foundation), 3–6ASF members, 5#asfinfra chat channel, 17Asterisks (*) in HTTP rules, 367Attribute/value pairs in transfer codings, 376Audits for intellectual property violations, 16Augmented BNF, 366–368auth_checker hook, 45, 155–156AuthDBDUserPWQuery, 304

AuthenticationAAA. See AAA (Access, Authentication, and

Authorization)in Apache 2.1/2.2, 183–184basic, 178–179cookies for, 198–199credentials, 509digest, 179, 193–195HTTP/1.1 specification, 424methods, 187in mod_authn_dbd, 304providers, 188–190, 193–195Require directive, 186Web login, 180

Authentication dialog, 179–180authn_dbd_password function, 305authn_dbd_prepare function, 304–305authn_provider structure, 194Author addresses in HTTP/1.1 specification,

516–518Authorization


in Apache 2.1/2.2, 184–185Authorization field, 460–461authz_dbd_login function, 270–271

B

Backports, 8Backslash characters (\) in HTTP, 369Backus-Naur Form (BNF), 366–368Bad Gateway status code, 423Bad Request status code, 418Bars (|) in HTTP rules, 366Basic authentication, 178–179Basic authentication providers, 188–190,

193–195Basic rules in HTTP, 368Binary exponential backoff algorithm,

402–403


Index 537

block argument for filters, 208Blocking for input filters, 231Blocks, coding, 86–87BNF (Backus-Naur Form), 366–368Bodies

entities, 395HTTP messages, 385–386

Braces ({}) for blocks, 86Branches in code repository, 7Breakpoints, 329–330Brigades, 74–75, 132-137, 210-211, 217-227Broken connections, 138 debugging, 339–340Browsers

authentication dialogs for, 197–199delays and broken connections in, 339–340

Buckets, 74–75for handlers 132-137

for filters, 217–227metadata, 205for rings, 73

Buffer overflows, 109Bugzilla database, 10Builds

cross-platform, 284–288forum participation for, 11

Byte rangesfor cache responses, 448working with, 492–493

in apache, 203

C

C languagestubs, 122wrappers, 63

C++ languagefor pools, 64throw/catch structures, 116

Cache-Control general-header field, 431,461–462

basic expiration mechanism for, 464–466

cacheable responses for, 463–464extensions, 470revalidation and reload controls for, 466–469

Cacheable responses in HTTP/1.1 specifica-tion, 362

Cachesin HTTP, 362, 427–428

client-controlled behavior for, 432control mechanisms for, 431correctness of, 429errors in, 450expiration model, 433–438history lists, 452–453invalidation in, 451–452for negotiated responses, 449–450replacement of, 452response cacheability, 444–445responses from, 445–448security considerations, 509–510shared and non-shared, 450side effects in, 451validation model, 438–444warnings for, 430–432write-through mandatory, 452

for pools, 96in request processing, 160for shared memory, 104

Calculations in cache expiration model,434–437

Callback functionsfor filters, 205for modules, 125–126

Canonical formconversion to, 522media types, 379–380

case statements, 87CGI (Common Gateway Interface), 123, 291Character sets

in HTTP/1.1 specification, 374–375in RFC 2068, 528

Chat for developers, 9, 17check_password function, 194


538 Index

check_user_id hookfor authentication, 183–184, 190purpose, 45in request processing, 155–156

child_init functionfor garbage collection, 96for reslist, 281for threads, 93–94, 117

Child pools, 67chroot command, 113Chunked transfer coding, 204, 377–378CLA (Contributor License Agreement), 15

corporate, 353–356individual, 349–353

Classic LAMP Model, 291Cleanup, pool, 63–64client_cookie function, 271Client error 4xx status code definitions,

418–423client_login function, 270Clients and client behavior

for caches, 432in HTTP/1.1 specification, 361idle, 509for prematurely closed connections, 402–403

Clockless origin server operation, 479–480cmd_parms_struct structure, 243Codebase, 7Coding, 85

blocks, 86–87comments, 87–88declarations, 87flow control, 87forum participation for, 11functions, 86lines, 86

Combining cache response headers, 447–448<Comment> container, 258Comments

coding, 87–88in containers, 25HTTP, 368–369

COMMIT for transactions, 297Commit-Then-Review (CTR) code, 8Committers in Apache Software Foundation, 5Common Gateway Interface (CGI), 123, 291Communicating between modules, 90–92Comparisons, URI, 372Compatibility of HTTP versions, 525–529Compilation

conditional, 59module, 128

Complex parsing, filters for, 221–225Complexity in handler vs. filter decisions, 47compress encoding format, 376Compression and decompression, 49, 203,

232-235Conditional compilation, 59, 284-288Conferences for developers, 17Configuration 237-262

AAA modules, 193basics, 41–42filters, 213–215modules. See Modulespools, 66in start-up phase, 23–25

Configuration datascope of, 89in thread-safe programming, 92

Configuration records, 29Configuration vectors, 88Conflict status code, 420–421Conflicts

directives, 238in httpd.conf, 251–253

conn_rec object, 29definition, 37–38for filters, 203

CONNECT method, 410Connection general-header field, 470–471Connections

debugging, 339–340filters, 203–204HTTP/1.0 compatibility with, 526–527


Index 539

HTTP/1.1, 359message transmission requirements, 400–403persistent, 396–400, 526–527pooling, 67, 290–292scope of, 90

Constructor/destructor model, 60Containers, 24–25

context checking, 255–257custom, 257–261merging, 251–254

Content-Base in RFC 2068, 527Content codings in HTTP/1.1 specification,

375–376Content-Disposition response-header field

for default filenames, 524–525security issues, 509

Content-Encoding entity-header field,395–396, 471–472, 523

Content filters, 202–205Content generators, 123

default handlers, 144–148HelloWorld module. See HelloWorld modulereading form data, 138–144in request processing, 42–43, 48summary, 148

Content-Language entity-header field, 382,472–473

Content-Length entity-header field, 216, 387,473

Content-Location entity-header field,473–474, 489

Content-MD5 entity-header field, 216,474–476

Content negotiation, 424–425agent-driven, 426–427HTTP/1.1, 360in apache, 158–160server-driven, 425–426transparent, 427

Content-Range entity-header field, 383,476–478

Content-Transfer-Encoding (CTE) field, 523

Content-Type entity-header field, 395–396,478

See also ap_set_content_typeContext in configuration, 25, 255–257Continuation lines, 86Continue status code, 400–402, 410–411Contributor License Agreement (CLA), 15

corporate, 353–356individual, 349–353

Control mechanisms for caches, 431Conversion

to canonical form, 522of date formats, 522

Cookies for authentication, 198–199copy function for buckets, 74Copyleft, 13Copyright license, 345copyright notice in HTTP1.1 specification,

358Copyright statement in HTTP/1.1 specifica-

tion, 530Core dumps, debugging, 332–333CoredumpDirectory directive, 332Corporate CLA, 353–356Costs, license, 12CR LF

HTTP, 368–369with media types, 379–380

Crashes, tracing, 331–332CREATE keyword in RFC 2068, 527Credentials, authentication, 509Cross-MPM programming, 101–102

process and global locks in, 102–104shared memory in, 104–106

Cross-platform issuesAPI builds, 284–288programming, 99–101

Cryptography, 76–77CTR (Commit-Then-Review) code, 8Cursors, 296–297Custom containers, 257–261Custom login schemes, 195–199


540 Index

D

Data axis for filters, 46–49Data compression and decompression, 49Data structures, 70

arrays, 70–71hash tables, 72–73for module configuration, 239queues, 73rings, 73tables, 71–72

Data types, 294–296Data vs. metadata, 153Database framework, 79–80, 289

ap_dbd, 302–303Apache 1.x/2.0 vs. Apache 2.2, 290apr_dbd, 82–83, 292–294

functions in, 298–301operations in, 294–298

apr_dbm, 80–81connection pooling, 290–292DBD architecture, 292DBD driver, 306–320mod_authn_dbd application, 303–306summary, 320

Dateformat conversions, 522in HTTP/1.1 specification, 373–374module for, 70

Date general-header field, 478–480Day-based anonymous authentication, 193DBD, drivers in, 292, 306–307

apr_dbd_internal.h for, 307exporting, 307–308functions, 309–320

dbd_close function, 280dbd_construct function, 278–279dbd_destruct function, 280dbd_mysql driver, 311dbd_setup function, 280–281DDoS (distributed denial of service) attacks,

109

Debugging, 323core dumps, 332–333crash tracing, 331–332filters, 338–341hooks for, 336–338logging for, 324–327modules for, 333–337MPMs for, 331running under debugger, 327–333servers, 329–331summary, 341help for system administrators, 326–327

Declarationscoding, 87macros for, 58module APIs, 286–288

DECLINED handler value, 126default_handler function, 144Defaults

handlers, 144–148text media type, 379–380

deflate encoding format, 376deflate_in_filter function, 232–235Delays, debugging, 339–340DELETE method

cache invalidation with, 451as idempotent method, 404working with, 409

Deletions, cache invalidation after, 451–452Delta seconds, 374Denial of service (DoS) attacks

protecting against, 109–110on proxies, 510

Deny directive, 182Deny from directive, 186Denying access, 186–187Dependencies, external. See Librariesdestroy function, 74Developers, 10–11

in Apache Software Foundation, 5documentation for, 18mailing list, 16


Index 541

Development branches in code repository, 7Development forums, 9–10Digest authentication

overview, 179providers, 193–195

DirectivesCache-Control field, 461–462characteristics, 24context for, 25for filters, 211functions for, 242–246for module configuration, 238, 242–250preprocessor, 285–286user data in, 244–245

Directories, configuring, 240–241<Directory> container, 238, 240, 251–252<DirectoryMatch> directive, 241Disambiguating in cache expiration model

expiration values, 437multiple responses, 437–438

Disconnected operation warn code, 503Distributed denial of service (DDoS) attacks,

109Diverting requests, 161–163DNS spoofing, 508do_garbage function, 97–98Document variants, 168–171Documentation

APR, 57forum participation for, 11websites for, 18

DoS (denial of service) attacksprotecting against, 109–110on proxies, 510

doxygen format, 57Drivers, DBD, 292, 306–307

apr_dbd_internal.h for, 307dbd_mysql, 311exporting, 307–308functions, 309–320

E

EncodingAPR, 76–77HTTP formats, 375–376in form data, 138-139in URIs, 506

enctype attribute, 138End-to-end headers, 445–446End-to-end reload, 467Entities

filtering, 204HTTP vs. RFC 2045, 521–524in HTTP/1.1 specification, 360, 394

bodies, 395–396header fields, 395length, 396

Entity tagsfor cache validation, 439, 442–444in HTTP/1.1 specification, 382–383

Environment variablesCGI, 41for filters, 214–215in request_rec, 30setting, 24, 45, 55, 91

EOS bucket type, 226checking for, 219in debugging, 340support for, 75

err_headers_out table, 92Error log, 324–326ErrorDocument directive, 163Errors and error documents

in caches, 450connection monitoring for, 400I/O, 137–138in modules, 172–174in request processing, 162–163in secure programming, 109

ETag response-header field, 216, 480Event MPMs, 27


542 Index

exec command, 113EXEC_ON_READ option, 246Existing parsers, filtering through, 225–227Expanded macros, 121expat library, 206, 225–226Expect request-header field, 480Expectation Failed status code, 423Expiration and expiration models, 362–363

age calculations, 434–436for Cache-Control general-header field,

464–466disambiguating, 437–438expiration calculations, 437heuristic, 433–434server-specified, 433

Expires entity-header field, 481–482Explicit cleanup of pools, 63–64Explicit expiration time in HTTP/1.1 specifi-

cation, 362Explicit user agent warnings, 431–432Exporting

drivers, 307–308functions, 264optional hooks, 270–271

Extending API, 263–264APR, 79cross-platform builds, 284–288hooks and optional hooks, 267–271new function implementation, 264–266provider API, 272–277providing services, 277–284summary, 288

External dependencies. See Libraries

F

Fastcgi, 28fatal_exception hook, 268Fatal exception hooks, 268, 336Feasibility factor in handler vs. filter

decisions, 46

fetch_dbm_value function, 81File bucket type, 75File names, attacks based on, 507–508<Files> container, 238, 240, 251Filesystems

APR, 76mapping, 156–158security in, 111–113

filter_func function, 210filter_hooks function, 214filter_init_func function, 210filter_insert function, 213–214filter-oriented output, 133FilterChain directive, 213Filters and filter modules, 201–202

buckets for, 217–221callback functions for, 205for complex parsing, 221–225content, protocol, and connection, 202–205debugging, 338–341through existing parsers, 225–227input, 202, 207–208, 210–211, 230–235mod_filter, 213objects, 208–210output, 202, 207, 210–211pipelining for, 205–206for pools, 67postprocessing and preprocessing, 212for protocol handling, 215–217request processing, 46–49self-configuration, 213–215stdio-like I/O, 227–230summary, 235–236

find_file function, 112–113First-hand responses in HTTP/1.1 specifica-

tion, 362Fixups hook

purpose, 45in request processing, 155–156

Fixups phase in subrequests, 166#flastmod SSI element, 165Flexibility with libraries, 119


Index 543

Flow and flow controlcoding, 87for message connections, 400upstream/downstream, 363

Flush bucket type, 75Forbidden status code, 186, 419Form data, parsing, 138–144form_data function, 265form_hooks function, 266Form-processing modules, 49form_value function, 142, 265Format strings, 295–296Formats

APR, 69date/time, 373–374, 522

Found status code, 415–416Free Software Foundation (FSF), 13Free software licenses, 12Fresh responses in HTTP/1.1 specification,

363Freshness lifetime in HTTP/1.1 specification,

363From request-header field, 482FSF (Free Software Foundation), 13#fsize SSI element, 165Full copyright statement in HTTP/1.1 specifi-

cation, 530Full date formats in HTTP/1.1 specification,

373–374Fully generic shared memory, 106Functions

apr_dbd API, 298–301callback, 125–126, 205coding, 86DBD driver, 309–320for directives, 242–246exporting, 264implementing, 264–266optional, 265–266registering, 115static, 129using, 266

G

Garbage collectionfunction for, 96–98in resource management, 60–61

Gateway Timeout status code, 424Gateways in HTTP/1.1 specification, 362GDBM, 80–81General header fields, 387–388Generic grammar in HTTP/1.1 specification,

366–369GET method

as idempotent method, 404OK status code with, 411side effects of, 451working with, 405–406

Global data in thread-safe programming, 92Global locks, 102–104global mutexes, 102–103GLOBAL_ONLY macro, 255global_score entry, 334Global variables, 117, 338GNU General Public License (GPL), 13–14Gone status code, 421GPL (GNU General Public License), 13–14Grammar in HTTP/1.1 specification, 366–369Grant of copyright license, 345Grant of patent license, 345gzip encoding format, 375

H

Handler field, 127Handler hook

purpose, 45in request processing, 156

Handlersdefault, 144–148vs. filters, 46–48pools, 66


544 Index

Hash characters (#)for comments, 25HTTP rules, 367

Hash tables, 72–73HEAD method, 404

as idempotent method, 404OK status code with, 411side effects of, 451working with, 406

Header field definitions in HTTP/1.1 specifi-cation, 453

Accept, 453–455Accept-Charset, 455–456Accept-Encoding, 456–457Accept-Language, 457–458Accept-Ranges, 459Age, 459Allow, 459–460Authorization, 460–461Cache-Control, 461–470Connection, 470–471Content-Encoding, 471–472Content-Language, 472–473Content-Length, 473Content-Location, 473–474Content-MD5, 474–476Content-Range, 476–478Content-Type, 478Date, 478–480ETag, 480Expect, 480–481Expires, 481–482From, 482Host, 482–483If-Match, 483–484If-Modified-Since, 484–486If-None-Match, 486–487If-Range, 487–488If-Unmodified-Since, 488Last-Modified, 488–489Location, 489Max-Forwards, 489–490Pragma, 490–491

Proxy-Authenticate, 491Proxy-Authorization, 491Range, 492–494Referer, 494Retry-After, 494–495Server, 495TE, 495–496Trailer, 497Transfer-Encoding, 497Upgrade, 498–499User-Agent, 499Vary, 499–500Via, 500–501Warning, 501–504WWW-Authenticate, 504

header_parser hook, 197purpose, 45in request processing, 155–156

Headers and header fields 153-155for cache responses, 445–448contents, 384–385entities, 395filter, 204general, 387–388in HTTP/1.1. See Header field definitions in

HTTP/1.1 specificationRange, 493–494request messages, 154, 391response messages, 394

headers_in table, 91headers_out table, 92Heap bucket type, 75HelloWorld module, 124

completed, 127–129handler field, 127I/O, 132–133

errors, 137–138input, 134–137output, 133–134

request_rec for, 129–130response page for, 130–132return values, 126–127skeleton, 124–126


Index 545

Heuristic expirationin cache expiration model, 433–434in HTTP/1.1 specification, 363

Heuristic expiration warn code, 503Hexadecimal numeric characters, 369History lists, 452–453Hooks, 267

analysis of, 267–269for debugging, 336–338optional, 270–271order of execution, 269pools, 66processing, 44–46, 50–51in request processing, 155–156

Hop-by-hop headers, 445–446Host access

in AAA, 181in Apache 2.1/2.2, 183

Host request-header field, 390, 482–483, 526.htaccess file

for authentication, 186purpose, 238–239for request processing security, 160

http_ header files, 39HTTP/1.0, changes from, 525–526HTTP/1.1 specification

abstract, 358access authentication, 424acknowledgments, 510–512, 530appendices, 518–529author addresses, 516–518caching. See Cachescharacter sets, 374–375connections

message transmission requirements, 400–403persistent, 396–399

content codings, 375–376content negotiation, 424–427copyright notice, 358date/time formats, 373–374entities, 394–396entity tags, 382–383

full copyright statement, 530header fields. See Header field definitions in

HTTP/1.1 specificationindex, 529language tags, 382media types, 379–381memo status, 357method definitions, 403–410notational conventions and generic grammar,

366–369overall operation, 364–366product tokens, 381purpose, 358–359quality values, 381–382range units, 383references, 512–516requirements, 359security considerations, 504–510status codes. See Status code definitionsterminology, 359–365transfer codings, 376–378Uniform Resource Identifiers, 371–372versions, 370–371

http_config.h file, 40, 246–247, 255http_connection.h file, 40http_core.h file, 40HTTP entities vs. RFC 2045 entities, 521–524http_log.h file, 40, 324http_main.h file, 40HTTP messages

bodies, 385–386connection transmission requirements,

400–403headers, 154, 384–385, 387–388, 391HTTP protocol for, 152–153length, 386–387request. See Request processing and messagesresponse, 153, 392–394types, 383–384

http_protocol.h file, 40, 132, 134http_request.h file, 40http URL, 372


546 Index

HTTP Version Not Supported status code, 424http_vhost.h file, 40httpd.conf file

intro 23-25for authentication, 186conflicts in, 251–253containers in, 24–25

context checking, 255–257custom, 257–261merging, 251–254

for core dumps, 332directives. See Directivesfor request processing security, 160

#httpd-dev chat channel, 17httpd.h file

conn_rec in, 37contents, 40request_rec in, 30–35server_rec in, 35–37

Hypertext Transfer Protocol (HTTP). SeeHTTP messages; Request processingand messages

I

IANA (Internet Assigned Numbers Authority)Character Set registry, 374for content codings, 375for transfer codings, 377

Idempotent methods, 404identity encoding format, 376Idle clients, 509If-Match request-header field, 483–484If-Modified-Since request-header field,

484–486If-None-Match request-header field, 486–487If-Range request-header field, 487–488If-Unmodified-Since request-header field, 488Image processing filters, 49Immortal bucket type, 75Implementing new functions, 264–266Implicit cleanup of pools, 63–64

Implied linear white space, 368–369Inbound/outbound paths, 364#include file SSI command, 165–166#include virtual SSI command, 165–166Incomplete responses in caches, 450Index in HTTP/1.1 specification, 529Individual CLA, 349–353Information gathering in request processing,

163–167Informational 1xx status code definitions,

410–411Initialization

library, 116–117pool, 66server start-up, 22-23, 268

Input filters, 202, 230blocking, 231callback functions for, 205, 207–208example, 232–235modes for, 231readbytes for, 231–232strategies for, 210–211

Inputsmodule, 134–137safe use of, 108validating, 107–108

insert_filter hookin request processing, 156for self-configuration, 213–214

Intellectual property, 12–16Interactive online forums, 16–17Internal redirects in request processing,

161–162Internal Server Error status code, 423Internationalization, 69Internet Assigned Numbers Authority (IANA)

Character Set registry, 374for content codings, 375for transfer codings, 377

Internet media typesin HTTP/1.1 specification, 379–381message/http and application/http, 518–519multipart/byteranges, 519–520


Index 547

Internet Relay Chat (IRC), 9, 17Invalidation, cache, 451–452invoke_cmd function, 330I/O

filter, 230–235stdio-like, 227–230strategies, 210–211

module, 132–133errors, 137–138input, 134–137output, 133–134reading form data, 138–144

iovec type, 75IP addresses, conserving, 526IRC (Internet Relay Chat), 9, 17

K–L

Key/value pairs for form data, 138Keys, hash table, 72–73

Labels, 295–296LAMP architecture, 289–292Language tags, 382Last-modified dates in cache validation, 439,

442–444Last-Modified entity-header field, 485,

488–489lb_scores entry, 335Length of HTTP messages, 386–387Length Required status code, 421Levels

authentication, 178–180logging, 325–327

libdbi, 292libjpeg library, 114–115libmysqlclient library, 116Libraries

APR, 21apvfs, 76with filters, 206

good practice, 114–118module building with, 118–120serf, 75state changes in, 117–118third-party, 114

libxml2 library, 117–118, 206Licenses

Apache, 12–14, 343–348corporate CLA, 353–356GPL, 13individual CLA, 349–353

Lifetimein module data management, 88–90in resource management, 65–67

<Limit> container, 256–257<LimitExcept> container, 256Line-length limitations in MIME, 524Linear white space (LWS), 368–369, 384–385Lines

coding, 86in HTTP requests, 154

Linux in LAMP architecture, 289Literals, 366load_module function, 330–333LoadFile directive, 118–120LoadModule directive, 119<Location> container, 238, 240–241, 251–252Location header spoofing, 508–509Location response-header field, 489Locks in cross-MPM programming, 102–104log_transaction hook, 45logger hooks, 156Logging and log information

abuse of, 505for debugging, 324–327in request processing, 156, 161

Logincustom schemes, 195–199Web, 180

LogLevel directive, 325longjmp function, 114LWS (linear white space), 368–369, 384–385


548 Index

M

<Macro> container, 259–260macro_section function, 260macro_t type, 259Macros

APR, 58expanded, 121

Mailing lists, 9, 16make_label function, 296Malformed requests, 163Malicious requests, 163malloc function, 68map_to_storage hook


Mapping in HTTP requests, 154, 156–158Markup parsing modules, 49max-age directive, 465, 467–468Max-Forwards request-header field, 489–490max-stale directive, 466MaxRequestsPerChild, 96, 98MD5 hash, 194Media types

in HTTP/1.1 specification, 379–381message/http and application/http, 518–519multipart/byteranges, 519–520

Memorymanaging, 61–63, 96shared, 104–106

merge_config function, 252Merging containers, 251–254Meritocracy in Apache Software Foundation, 4message/http type, 518–519Messages, HTTP. See HTTP messagesMetadata

vs. data, 153private, 160

Metadata buckets, 205Method definitions, 403

CONNECT, 410DELETE, 409GET, 405–406

HEAD, 406idempotent, 404OPTIONS, 404–405POST, 407PUT, 408–409safe, 403–404TRACE, 409

Method Not Allowed status code, 419Method tokens, 388Metux MPM, 28MHTML messages, 524MIME character set, 374

in HTTP/1.1 specification, 380–381line-length limitations, 524

MIME-Version header field, 521–522min-fresh directive, 466Miscellaneous persistent warning warn code,

504Miscellaneous warning warn code, 503Missing character sets, 375Mmap bucket type, 75mod_ header files, 39mod_access module, 182mod_alias module, 43, 157mod_auth_basic module, 184, 187, 190, 272mod_auth_cookie module, 92mod_auth_dbm module, 182mod_auth_digest module, 182, 184, 187, 272mod_authn_alias module, 184mod_authn_anon module, 184, 272mod_authn_day module, 194mod_authn_dbd module, 184, 196, 272,

303–306mod_authn_dbm module, 184, 272mod_authn_default module, 184mod_authn_file module, 184, 272mod_authn_ldap module, 272mod_authnz_day module, 194mod_authnz_ldap module, 184–185, 265mod_authz_dbd.h file, 270mod_authz_dbd module, 185, 196–197,

270–271


Index 549

mod_authz_dbm module, 185mod_authz_default module, 185mod_authz_groupfile module, 269mod_authz_host module, 183–184mod_authz_owner module, 185, 269mod_authz_user module, 185, 191–192mod_backdoor module, 333, 337mod_backtrace module, 333, 336mod_cband module, 110mod_dbd.h file, 41, 285–286mod_dbd module, 277–278mod_deflate module, 49, 214, 232, 261mod_diagnostics module, 333, 338–341mod_env module, 91mod_evasive module, 110mod_expat module, 227mod_ext_filter, 48mod_fcgid, 28mod_filter module, 213–214, 216mod_form.h file, 266mod_form module, 265mod_headers table, 91mod_helloworld.c file, 127mod_include module, 165, 264mod_includes filter, 48mod_info module, 333mod_ldap module, 105–106mod_line_edit module, 222mod_load_average module, 110mod_macro module, 259mod_negotiation module, 43, 158–160mod_proxy module, 248mod_proxy_html module, 225, 248–249,

326–327, 340–341mod_publisher module, 264, 273mod_rewrite, 43, 91, 326mod_robots module, 110mod_ruid, 28mod_security module, 110mod_setenvif module, 91mod_ssl filter, 49mod_status module, 333–334mod_transform.h file, 264

mod_transform module, 168, 264mod_transform_set_XSLT function, 264, 284mod_transform_XSLTDoc function, 264

mod_txt module, 217-221configuration for, 244–245

mod_upload module, 140mod_watchdog module, 333mod_whatkilledus module, 333, 336mod_xhtml module, 276mod_xmlns module, 228, 273–275Modes for filters, 207–208, 231Modules

AAA, 187–188authentication function, 190–192basic authentication providers, 188–190,

193–195configuration, 193digest authentication providers, 193–195

in APR, 54–55in APU, 56–57communicating between, 90–92configuring, 237

alternative methods, 261basics, 237–239context in, 255–257custom containers for, 257–261directives for, 242–250function types for, 246–250hierarchy, 250–255process, 239–240scope of, 246server and directory, 240–241structures for, 239summary, 262user data in, 244–245

data management, 88configuration vectors, 88lifetime scopes, 88–90

debugging. See Debuggingerror handling and reusability of, 172–174libraries for, 118–120for request processing, 168–174written and compiled in other languages,

120–122


550 Index

Monitor hook, 67, 268, 337–338Monitoring connections, 400Moved Permanently status code, 415mpm_common, hooks exported by, 268Multi-homed Web servers, 526Multi-Processing Modules (MPMs), 22, 25

cross-MPM programming issues, 101–102process and global locks, 102–104shared memory, 104–106

for debugging, 331purpose, 26–27UNIX-family, 27–28working with, 28–29

Multiline comments, 87–88multipart/byteranges type, 519–520multipart/form-data format, 138Multipart types in HTTP/1.1 specification,

380–381Multiple Choices status code, 414–415Multiple responses in cache expiration model,

437–438MultiViews option, 159must-revalidate directive, 468–469Mutexes, 102–103MySQL databases, 79

drivers, 82–83, 295in LAMP architecture, 289thread-safe library versions, 116DBD Driver, 307-320

N

N rule, 367Names

attacks based on, 507–508HTTP rules, 366

Namespace modules, 273–274Namespacing in APR, 57–58NDBM, 80–81Negotiated responses, caching, 449–450

Negotiationcontent, 158–160, 424–427in persistent connections, 397–398

NetworksAPR, 76security for, 111

New functions, implementing, 264–266News, websites for, 19Newsgroups, 16no-cache directive, 463No Content status code, 412–413no-store directive, 464no-transform directive, 469Non-authoritative Information status code,

412Non-shared caches, 450Nonmodifiable headers, 446–447Nonstandard request processing, 44Nonvalidating conditionals, 444Not Acceptable status code, 419–420Not Found status code, 419Not Implemented status code, 423NOT_IN_DIR macro, 255NOT_IN_DIRECTORY macro, 255NOT_IN_FILES macro, 255NOT_IN_LIMIT macro, 255–256NOT_IN_LOCATION macro, 255NOT_IN_VIRTUALHOST macro, 255Not Modified status code, 416–417Notational conventions in HTTP/1.1 specifi-

cation, 366–369Notes for filters, 214–215notes table, 91Null pointers, 332NULL values, 269

O

OK return value, 126OK status code, 411Online chat, 17Online forums, 16–17


Index 551

only-if-cached directive, 468open_logs hook, 268Operating systems

MPMs with, 28–29for security, 111–113, 178

Operational phase in two-phase operation, 25Optional elements in HTTP rules, 367optional_fn_retrieve hook, 268Optional functions, 265–266Optional hooks, 270–271OPTIONS method, 404–405OR_ALL option, 246OR_AUTHCFG option, 246OR_FILEINFO option, 246OR_INDEXES option, 246OR_LIMIT option, 246OR_OPTIONS option, 246Oracle drivers, 295Order

hook execution, 269request processing, 49–50

Order directive, 182Origin servers

and 100 (Continue) status, 401in HTTP/1.1 specification, 361

Output, module, 133–134Output filters, 202

callback functions for, 205, 207strategies for, 210–211

Overflow, buffer, 109

P

Parameters, media type, 379Parentheses () in rules, 367parse_form_from_POST function, 140–142parseChunk function, 206Parsing

filters for, 221–227form data, 138–144HTTP constructs, 368

Partial Content status code, 413–414Passwords

in Apache 2.1/2.2, 184in basic authentication, 178–179in mod_authn_dbd, 305–306

Patent license, 345Patents, 14–15Paths and path names

attacks based on, 507–508inbound/outbound, 364vs. URLs, 157

People and processes in security, 178Per-directory configuration, 41Per-server configuration, 41Perchild MPM, 28Perl language, 2, 289Persistent connections

considerations, 399HTTP/1.0 compatibility with, 526–527in message transmissions, 400operation, 397–398proxy servers, 398purpose, 396–397

Persistent datagarbage collection, 96–98memory/resource management, 96–99reslist, 99resource reuse, 99scope of, 90shared resources, 106subpools, 98thread safety in, 93–96

Personal information, security for, 505–507Peruser MPM, 28Philosophy of Apache Software Foundation, 6PHP in LAMP architecture, 289Pipe bucket type, 75Pipelining

for filters, 205–206in persistent connections, 398

Piracy, 14–15


552 Index

Platform and architecture, 21basic concepts and structures, 29configuration basics, 41–42conn_rec object, 37–39cross-platform issues

API builds, 284–288programming, 99–101

for DBD driver, 306key API components, 39–41MPMs, 26–29overview, 21–22process_rec object, 37request processing. See Request processing and

messagesrequest_rec object, 30–35server_rec object, 35–37two-phase operation, 22–26

PMC members in Apache SoftwareFoundation, 5

Pointerscrashes from, 332declaring, 87for merging containers, 253–254in request_rec, 30in shared memory, 105–106

Pool bucket type, 75poolclass class, 64Pools, See Apache Portable Runtime (APR),

poolspost_config hook, 268Post-configuration hooks, 66, 268POST method, 404

cache invalidation with, 451OK status code with, 411parsing data from, 140–142vs. PUT, 408working with, 407

post_read_request hookpurpose, 44in request processing, 155–156

PostgreSQL drivers, 295Postprocessing filters, 212Pragma general-header field, 490–491

pre_config hook, 268Pre-configuration hooks, 66, 268pre_connection hook, 67pre_mpm hook, 268Precautionary principle, 107–109Precondition Failed status code, 421Predecessors of functions, 269Prefork MPM, 27–28Prematurely closed connections, 402–403Prepackaged configuration functions, 245–246Preprocessing filters, 212Preprocessor directives, 285–286private directive, 463Private metadata, 160Privileges, 111process_connection hook, 67process_rec object, 29, 37process_score entry, 335Processes, 29

APR, 78in cross-MPM programming, 102–104

Processing hooks, 44–46, 50–51Product tokens, 381Programming techniques and caveats, 85

coding conventions, 85–88cross-MPM, 101–106cross-platform, 99–101external dependencies and libraries, 114–120inter-module communication, 90–92module data management, 88–90modules written and compiled in other lan-

guages, 120–122persistent data, 93–99secure programming, 106–113summary, 122thread-safe, 92–93

Protocol filters, 202–205, 215–217Provider API, 272–277Providers, authentication, 188–190, 193–195Proxies

and 100 (Continue) status, 402Apache, 48for cache responses, 446–447


Index 553

denial of service attacks on, 510in HTTP/1.1 specification, 361persistent connections, 398security considerations in HTTP, 509–510

Proxy-Authenticate response-header field, 187,491

Proxy Authentication Required status code,186, 420

Proxy-Authorization request-header field, 491proxy-revalidate directive, 469ProxyHTMLLinks directive, 249ProxyPassReverse directive, 241public directive, 463Public domain software, 12Public mailing lists, 16PUT method

cache invalidation with, 451as idempotent method, 404working with, 408–409

Python in LAMP architecture, 289

Q

q parameter in Accept field, 454Quality values

in HTTP/1.1 specification, 381–382in RFC 2068, 527

Queues, 73quick_handler hook, 44

R

Range field, 492–494Range request-header field, 485, 493–494Range units in HTTP/1.1 specification, 383read function, 74readbytes, 231–232Reading form data, 138–144Reason phrase in response messages, 392–394Redirect directive, 158, 163

REDIRECT_STATUS variable, 162Redirection 3xx status code definitions,

414–418Redirects in request processing, 161–162Redistribution section in Apache license,

345–346Reference manual, APR, 57References in HTTP/1.1 specification,

512–516Referer request-header field, 494register_hooks function, 117, 189, 192, 267,

269, 271Registering functions, 115Release managers, 9Releases, 8–9Reload controls, 466–469RemoveOutputFilter directive, 211Replacement of caches, 452Report generation in Site Valet, 168Repositories, code, 7, 10Representation in HTTP/1.1 specification,

360Request Entity Too Large status code, 422Request-Line in request messages, 388Request pools, 30Request processing and messages, 151–152,

388in Apache, 42, 155–156

caching in, 160content generation in, 42–43content negotiation in, 158–160data axis and filters, 46–49hooks in, 156mapping to filesystem, 156–158order of, 49–50phases in, 43–44pools in, 66private metadata in, 160processing hooks, 44–46, 50–51scope in, 89–90security in, 160summary, 51


554 Index

Request processing and messages, continuedin HTTP, 153, 360

anatomy of, 153–155diversion in, 161–163header fields in, 391information gathering in, 163–167logging in, 161malformed and malicious, 163Request-Line for, 388–390resources identified in, 390–391

modules for, 168–174summary, 174–175

request_rec objectfor configuration data, 239–240definition, 30–35for filters, 203for HelloWorld, 129–130for module communication, 90–92

Request/response protocols, 364Request Timeout status code, 420Request-URI

with PUT, 408in request messages, 389–390

Request-URI Too Long status code, 422Request URLs, 43Requested Range Not Satisfiable status code, 422Require directive, 186, 188, 256Requirements in HTTP/1.1 specification, 359Reset Content status code, 413Reslists, see APR reslistsAPR reslists

implementing, 278–284working with, 99

Resources and resource managementAPR, 59

lifetime, 65–67pool limitations, 68pools, 61–64, 78–79problem of, 60–61

in HTTP/1.1 specification, 360in request messages, 390–391reusing, 99shared, 106

Response is stale warn code, 503Response page for HelloWorld, 130–132Responses and response messages, 153, 360,

392cacheability of, 444–445from caches, 445–448header fields, 394status-line, 392–394

Responsibility for intellectual property viola-tions, 16

Results sets, 296–297Retry-After response-header field, 494–495Return values

APR, 58modules, 126–127

ReusabilityDBD driver, 306modules, 172–174resources, 99

Revalidation failed warn code, 503Revalidation for Cache-Control, 466–469Review and consensus process, 8Review-Then-Commit (RTC) code, 8RFC 2045 entities, 521–524RFC 2068, changes from, 527–529Rings, 73Roles in Apache Software Foundation, 4–5ROLLBACK for transactions, 297RSRC_CONF option, 246RTC (Review-Then-Commit) code, 8

S

s-maxage directive, 465, 528Safe methods, 403–404Safe programming techniques, 178Satisfy directive, 182SAX filters, 228Scope

of module configuration, 246of module data, 88–90


Index 555

Scoreboard, 334–335scoreboard.h file, 334Scrutiny of DBD driver, 306SDBM, 80Seconds, delta, 374Security, 177–178


HTTP, 504–505authentication credentials and idle clients,

509content-disposition issues, 509denial of service attacks on proxies, 510DNS spoofing, 508file and path name attacks, 507–508location header spoofing, 508–509personal information, 505–507proxies and caching, 509–510

in request processing, 160secure programming, 106–107

denial of service attacks, 109–110operating system for, 111–113precautionary principle, 107–109

Security phase, hooks in, 156See Other status code, 416Self-configuration filters, 213–215Semantically transparent caches, 363Semi-colons (:), HTTP comments, 368Sensitive information

encoding in URIs, 506transfer of, 505–506

Separators in coding, 86serf library, 75Server-driven content negotiation, 425–426Server error 5xx status code definitions,

423–424Server log information, abuse of, 505server_rec object, 29

for configuration data, 239–240definition, 35–37

Server response-header field, 495Server-specified expiration, 433

Servers, 29configuring, 240–241debugging, 329–331HTTP/1.1, 361multi-homed, 526start-up, 268, 329–331

Service Unavailable status code, 423–424Services, providing, 277–284Session management with SQL, 196–197set_allowed_ports function, 248set_links function, 249–250set_links_raw_args function, 250setaside function, 74SetHandler directive, 42setjmp function, 114SetOutputFilter directive, 211Shared caches, 450Shared memory, 104–106Shareware, 13Shutdown in two-phase operation, 26Side effects

with GET and HEAD, 451with libraries, 119

Site Valet software, 53, 168Skeletons, module, 124–126Sloppy programming, 108–109Smart filtering, 211–217Socket bucket type, 75Software licenses, 12–14Specific end-to-end cache revalidation, 467split function, 74Spoofing

DNS, 508location headers, 508–509

SQL databasesand apr_dbd, 82–83session management with, 196–197statements in, 295–296

Square brackets ([]) in rules, 367Stable branches of code repository, 7Stale responses, 363Standard modules, 333–335


556 Index

STANDARD20_MODULE_STUFF macro,124, 239–240

start_comment function, 258Start-up, server, 268, 329–331Start-up phase, configuration in, 23–25startElement event, 228State changes in libraries, 117–118Static data in thread-safe programming, 92static functions, 129Status code definitions, 392–394, 410

client error 4xx, 418–423from handlers, 126informational 1xx, 410–411redirection 3xx, 414–418server error 5xx, 423–424successful 2xx, 411–414

STATUS file, 8Status-line in response messages, 392–394stdio-like filter I/O, 227–230Stealth libraries, 119Strings

APR, 69format, 295–296

Strong cache validators, 439–442Strong entity tags, 382Structures. See Data structuresStubs, 122Submission of contributions section in Apache

license, 346Subpools, 98subprocess_env table, 91Subrequests, 163–167Subversion repository, 10Subversion system, 7Successful 2xx status code definitions,

411–414Successors of functions in determining order,

269suexec, 28switch statements, 87Switching Protocols status code, 411

System administrators, debugging assistancefor, 326–327

Systems-level modules, 26

T

Tables, 71–72of bags, 138hash tables, 72–73

TCP connections, 29, 37TE request-header field, 495–496Temporary files, creating, 100–101Temporary Redirect status code, 417–418Termination, library, 116–117Terminology in HTTP/1.1 specification,

359–365test_config hook, 268Testing, forum participation for, 11Text

filtering, 217–221media types, 379–380parsing, 221–225

TEXT rule, 369Third-party extensions, 18Third-party intellectual property, 15–16Third-party libraries

compatibility of, 114debugging, 340–341

Thread safety, 92–93with libraries, 116in persistent data, 93–96

Threads, APR, 78throw/catch structures, 116Time

in HTTP/1.1 specification, 373–374module for, 70

tmpfile function, 100Tokens

in HTTP/1.1 specification, 381in request messages, 388


Index 557

Tolerant applications, 520–521TRACE method

as idempotent method, 404OK status code with, 411working with, 409

Traceback for command handler functions,330–333

Tracing crashes, 331–332Trademarks in Apache license, 346Trailer general field, 497Trailers in chunked transfer coding, 378Transactions, 297–298Transfer codings in HTTP/1.1 specification,

376–378Transfer-Encoding general-header field,

385–386, 497, 523–524Transfer-length of messages, 386–387Transformation applied warn code, 503–504Transformations

filters for, 212XSLT, 168

transforms table, 169Transient bucket type, 75translate_alias_redir function, 157–158translate_name hook


Translation, forum participation for, 11Transmission requirements for connections,

400–403Transparent caches, 363Transparent content negotiation, 427Transparent proxies, 446–447Transport-layer security, 178Trunks in code repository, 7Trust nothing principle, 107–109try_alias_list function, 158Tunnels, 362Tutorials, websites for, 19Two-phase operation, 22–23

operational phase, 25start-up, 23–25

type_checker hooks, 168purpose, 45in request processing, 155–156

Typesentities, 395–396HTTP messages, 383–384media, 379–381

U

Unauthorized status code, 186, 418–419Uniform Resource Identifiers (URIs), 371–372

APR handling, 77encoding sensitive information in, 506in request messages, 389–390

UNIX-family MPMs, 27–28Unlimited shared resources, 106Unspecified end-to-end cache revalidation, 467Unsupported Media Type status code, 422Updates, cache invalidation after, 451–452Upgrade general-header, 498–499Upstream/downstream flow, 363URIs (Uniform Resource Identifiers), 371–372

APR handling, 77encoding sensitive information in, 506in request messages, 389–390

URLsvs. filesystem paths, 157http, 372request, 43

US-ASCII character set, 374Use directive, 259–260use_macro function, 260–261use_namespace function, 274Use Proxy status code, 417Usenet newsgroups, 16User-Agent request-header field, 499User-Agent string, 161User agents

in HTTP/1.1 specification, 361warnings, 431–432


558 Index

User data in configuration functions,244–245

Usernames in basic authentication, 178–179Users in Apache Software Foundation, 4–5Users list, 16util_ header files, 39util_filter.h file, 41, 136, 208–209, 227util_ldap_cache_init function, 105util_ldap.h file, 41util_script.h file, 41Utility factor in handler vs. filter decisions,

46

V

Validationcache, 438–444for Cache-Control field, 466–469input, 107–108

Validators, 363Values

hash table, 72–73quality, 381–382, 527return, 58, 126–127

Variantsof documents, 168–171in HTTP/1.1 specification, 360–361

Vary field, 499–500Vectors, configuration, 30, 88Versions

HTTP, 370–371, 525–529library, 119–120Subversion system, 7

vhost macro, 259Via general-header field, 500–501

Virtual hosts, 238<VirtualHost> container, 238, 241, 251

W

Warning general-header field, 501–504Warnings for caches, 430–432Weak cache validators, 439–442Weak entity tags, 383Web, login, 180Web servers, multi-homed, 526Websites for developers, 17–19Weights for HTTP quality values, 381Whitespace in coding, 86Wildcards in RFC 2068, 528Worker MPM, 27worker_score entry, 335Wrappers, C, 63write command, 113Write-through mandatory in caches, 452WWW-Authenticate response-header field,

187, 504

X

xdefault function, 228xhtml_hooks function, 277XML namespace framework, 272–273XML_Parse function, 226xmlns_filter function, 225xmlns.h file, 275xmlns structure, 275–276XMLNSUseNamespace directive, 274XSLT transformation, 168xstartElement function, 228


Documents

Index [ptgmedia.pearsoncmg.com]ptgmedia.pearsoncmg.com/images/9780132409674/index/... · access_checker hook in host-based access control, 183 purpose, 45 in request processing, 155–156