From: Dirk-Willem van Gulik <dirkx@apache.org>
Date: Fri, 13 Jul 2001 07:32:48 +0000 (+0000)
Subject: Scratched an itch; it was just to painfull to move
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=83612451e5b9c1e2eafae00466555c3cb68a51e8;p=thirdparty%2Fapache%2Fhttpd.git

Scratched an itch; it was just to painfull to move
binaries around on FreeBSD - due to differences on
the platform apache was compiled on and it was actually
ran on. This adds AcceptFilter on/off to make live
easier. Corresponding commit in doc's coming up.

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@89545 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/CHANGES b/src/CHANGES
index a9769cfc4f9..cb1bb5a88be 100644
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,14 @@
 Changes with Apache 1.3.21
 
+  *) Added a directive: "AcceptFilter <on|off>". To control BSD 
+     acccept filters when at compile time SO_ACCEPT_FILTER is 
+     detected. The default is still 'on' except when AP_ACCEPT_FILTER_OFF
+     is defined. Also downgraded the fatal exit to a warning
+     when the associated setsocketopt() fails. This should make it
+     easier to move httpd binaries and config files across BSD
+     machines with varying acceptfilter support.
+     [Dirk-Willem van Gulik <dirkx@covalent.net>]
+
   *) Fix the <Files ~ "^\.ht"> container to *really* deny all access.
      Without the Satisfy All, .ht* files could still be fetched if
      they were within the scope of a Satisfy Any directive.
diff --git a/src/include/http_conf_globals.h b/src/include/http_conf_globals.h
index 27f69f6774d..aa7f879899a 100644
--- a/src/include/http_conf_globals.h
+++ b/src/include/http_conf_globals.h
@@ -90,6 +90,9 @@ extern API_VAR_EXPORT int ap_daemons_max_free;
 extern API_VAR_EXPORT int ap_daemons_limit;
 extern API_VAR_EXPORT int ap_suexec_enabled;
 extern int ap_listenbacklog;
+#ifdef SO_ACCEPTFILTER
+extern int ap_acceptfilter;
+#endif
 extern int ap_dump_settings;
 extern API_VAR_EXPORT int ap_extended_status;
 
diff --git a/src/main/http_core.c b/src/main/http_core.c
index 86fe6e03ddf..0dd28f3b961 100644
--- a/src/main/http_core.c
+++ b/src/main/http_core.c
@@ -2521,6 +2521,21 @@ static const char *set_threadstacksize(cmd_parms *cmd, void *dummy, char *stacks
 }
 #endif
 
+/* Though the AcceptFilter functionality is not available across
+ * all platforms - we still allow the config directive to appear
+ * on all platforms and do intentionally not tie it to the compile
+ * time flag SO_ACCEPTFILTER. This makes configuration files significantly
+ * more portable; especially as an <IfModule http_core.c> or some
+ * other construct is not possible.
+ */
+static const char *set_acceptfilter(cmd_parms *cmd, void *dummy, int flag)
+{
+#ifdef SO_ACCEPTFILTER
+    ap_acceptfilter = flag;
+#endif
+    return NULL;
+}
+
 static const char *set_listener(cmd_parms *cmd, void *dummy, char *ips)
 {
     listen_rec *new;
@@ -3159,6 +3174,19 @@ static const command_rec core_cmds[] = {
   "to die." },
 { "ListenBacklog", set_listenbacklog, NULL, RSRC_CONF, TAKE1,
   "Maximum length of the queue of pending connections, as used by listen(2)" },
+{ "AcceptFilter", set_acceptfilter, NULL, RSRC_CONF, FLAG,
+  "Switch AcceptFiltering on/off (default is "
+#ifdef AP_ACCEPTFILTER_OFF
+	"off"
+#else
+	"on"
+#endif
+	")."
+#ifndef SO_ACCEPTFILTER
+	"This feature is currently not compiled in; so this directive "
+	"is ignored."
+#endif
+   },
 { "CoreDumpDirectory", set_coredumpdir, NULL, RSRC_CONF, TAKE1,
   "The location of the directory Apache changes to before dumping core" },
 { "Include", include_config, NULL, (RSRC_CONF | ACCESS_CONF), TAKE1,
diff --git a/src/main/http_main.c b/src/main/http_main.c
index a1f830f9618..7536262733f 100644
--- a/src/main/http_main.c
+++ b/src/main/http_main.c
@@ -258,6 +258,15 @@ API_VAR_EXPORT int ap_daemons_limit=0;
 time_t ap_restart_time=0;
 API_VAR_EXPORT int ap_suexec_enabled = 0;
 int ap_listenbacklog;
+#ifdef SO_ACCEPTFILTER
+int ap_acceptfilter =
+#ifdef AP_ACCEPTFILTER_OFF
+	0;
+#else
+	1;
+#endif
+#endif
+
 int ap_dump_settings = 0;
 API_VAR_EXPORT int ap_extended_status = 0;
 
@@ -3430,7 +3439,7 @@ static int make_sock(pool *p, const struct sockaddr_in *server)
     }
 
 #ifdef SO_ACCEPTFILTER
-    {
+    if (ap_acceptfilter) {
 #ifndef ACCEPT_FILTER_NAME
 #define ACCEPT_FILTER_NAME "dataready"
 #endif
@@ -3443,12 +3452,9 @@ static int make_sock(pool *p, const struct sockaddr_in *server)
 	};
 	if (setsockopt(s, SOL_SOCKET, SO_ACCEPTFILTER, &af, sizeof(af)) < 0
 	    && errno != ENOENT) {
-	    ap_log_error(APLOG_MARK, APLOG_CRIT, server_conf,
+	    ap_log_error(APLOG_MARK, APLOG_WARNING, server_conf,
 			 "make_sock: for %s, setsockopt: (SO_ACCEPTFILTER)",
 			 addr);
-	    close(s);
-	    ap_unblock_alarms();
-	    exit(1);
 	}
     }
 #endif
@@ -3746,6 +3752,13 @@ static void show_compile_settings(void)
 #ifdef SHARED_CORE
     printf(" -D SHARED_CORE\n");
 #endif
+#ifdef SO_ACCEPTFILTER
+    printf(" -D SO_ACCEPTFILTER\n");
+    printf(" -D ACCEPT_FILTER_NAME=\"" ACCEPT_FILTER_NAME "\"\n");
+#endif
+#ifdef AP_ACCEPTFILTER_OFF
+    printf(" -D AP_ACCEPTFILTER_OFF\n");
+#endif
 
 /* This list displays the compiled-in default paths: */
 #ifdef HTTPD_ROOT