From: Christophe Jaillet Date: Sun, 13 Apr 2014 21:03:53 +0000 (+0000) Subject: Add notes for changes made in version 2.4.7 + synch formating with... X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a51fa99f3bfb9858871c85a6b24384b1a6458516;p=thirdparty%2Fapache%2Fhttpd.git Add notes for changes made in version 2.4.7 + synch formating with 2.4.x git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1587097 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_filter.xml b/docs/manual/mod/mod_filter.xml index 280ff4ee5d5..ccf76b64cb8 100644 --- a/docs/manual/mod/mod_filter.xml +++ b/docs/manual/mod/mod_filter.xml @@ -416,7 +416,7 @@ for a complete reference and examples.
change=yes|no
Specifies whether the filter changes the content, including possibly - the content length.
+ the content length. The "no" argument is supported in 2.4.7 and later.
change=1:1
The filter changes the content, but will not change the content diff --git a/docs/manual/mod/mod_headers.xml b/docs/manual/mod/mod_headers.xml index d090b18e797..0097d305059 100644 --- a/docs/manual/mod/mod_headers.xml +++ b/docs/manual/mod/mod_headers.xml @@ -259,7 +259,8 @@ Header merge Cache-Control no-store env=NO_STORE
setifempty
The request header is set, but only if there is no previous header - with this name. Available in 2.4.7 and later.
+ with this name.
+ Available in 2.4.7 and later.
unset
The request header of this name is removed, if it exists. If @@ -315,7 +316,7 @@ Header merge Cache-Control no-store env=NO_STORE server configvirtual host directory.htaccess FileInfo -SetIfEmpty available in 2.4.7 and later +SetIfEmpty and note available in 2.4.7 and later

This directive can replace, merge or remove HTTP response @@ -406,7 +407,8 @@ Header merge Cache-Control no-store env=NO_STORE

setifempty
The request header is set, but only if there is no previous header - with this name. Available in 2.4.7 and later.
+ with this name.
+ Available in 2.4.7 and later.
unset
The response header of this name is removed, if it exists. @@ -417,7 +419,8 @@ Header merge Cache-Control no-store env=NO_STORE
The value of the named response header is copied into an internal note whose name is given by value. This is useful if a header sent by a CGI or proxied resource is configured to be unset - but should also be logged.
+ but should also be logged.
+ Available in 2.4.7 and later.
@@ -499,8 +502,8 @@ Header merge Cache-Control no-store env=NO_STORE

For edit there is both a value argument which is a regular expression, - and an additional replacement string. The replacement string - may also contain format specifiers.

+ and an additional replacement string. As of version 2.4.7 + the replacement string may also contain format specifiers.

The Header directive may be followed by an additional argument, which may be any of:

diff --git a/docs/manual/mod/mod_ldap.xml b/docs/manual/mod/mod_ldap.xml index 8cb27f02d93..672c5d69d29 100644 --- a/docs/manual/mod/mod_ldap.xml +++ b/docs/manual/mod/mod_ldap.xml @@ -72,9 +72,9 @@ LDAPOpCacheTTL 600 <Location /ldap-status> SetHandler ldap-status - + Require host yourdomain.example.com - + Satisfy any AuthType Basic AuthName "LDAP Protected" @@ -107,9 +107,9 @@ LDAPOpCacheTTL 600 credentials used when binding to an LDAP server. These credentials can be provided to LDAP servers that do not allow anonymous binds during referral chasing. To control - this feature, see the - LDAPReferrals and - LDAPReferralHopLimit + this feature, see the + LDAPReferrals and + LDAPReferralHopLimit directives. By default, this feature is enabled.

@@ -197,26 +197,26 @@ LDAPOpCacheTTL 600
Using SSL/TLS

The ability to create an SSL and TLS connections to an LDAP server - is defined by the directives - LDAPTrustedGlobalCert, + is defined by the directives + LDAPTrustedGlobalCert, LDAPTrustedClientCert - and LDAPTrustedMode. - These directives specify the CA and optional client certificates to be used, - as well as the type of encryption to be used on the connection (none, SSL or + and LDAPTrustedMode. + These directives specify the CA and optional client certificates to be used, + as well as the type of encryption to be used on the connection (none, SSL or TLS/STARTTLS).

-# Establish an SSL LDAP connection on port 636. Requires that -# mod_ldap and mod_authnz_ldap be loaded. Change the +# Establish an SSL LDAP connection on port 636. Requires that +# mod_ldap and mod_authnz_ldap be loaded. Change the # "yourdomain.example.com" to match your domain. LDAPTrustedGlobalCert CA_DER /certs/certfile.der <Location /ldap-status> SetHandler ldap-status - + Require host yourdomain.example.com - + Satisfy any AuthType Basic AuthName "LDAP Protected" @@ -227,17 +227,17 @@ LDAPTrustedGlobalCert CA_DER /certs/certfile.der -# Establish a TLS LDAP connection on port 389. Requires that -# mod_ldap and mod_authnz_ldap be loaded. Change the +# Establish a TLS LDAP connection on port 389. Requires that +# mod_ldap and mod_authnz_ldap be loaded. Change the # "yourdomain.example.com" to match your domain. LDAPTrustedGlobalCert CA_DER /certs/certfile.der <Location /ldap-status> SetHandler ldap-status - + Require host yourdomain.example.com - + Satisfy any AuthType Basic AuthName "LDAP Protected" @@ -356,9 +356,9 @@ LDAPTrustedGlobalCert CA_DER /certs/cacert1.der LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem <Location /ldap-status> SetHandler ldap-status - + Require host yourdomain.example.com - + LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem # CA certs respecified due to per-directory client certs @@ -497,7 +497,7 @@ valid AuthConfig -

This directive, if enabled by the LDAPReferrals directive, +

This directive, if enabled by the LDAPReferrals directive, limits the number of referral hops that are followed before terminating an LDAP query.

@@ -510,40 +510,40 @@ valid LDAPReferrals Enable referral chasing during queries to the LDAP server. -LDAPReferrals On|Off|default +LDAPReferrals On|Off|default LDAPReferrals On directory.htaccess AuthConfig +The default parameter is available in Apache 2.4.7 and later

Some LDAP servers divide their directory among multiple domains and use referrals to direct a client when a domain boundary is crossed. This is similar to a HTTP redirect. - LDAP client libraries may or may not chase referrals by default. This directive - explicitly configures the referral chasing in the underlying SDK.

- - -

LDAPReferrals takes the takes the following values:

+ LDAP client libraries may or may not chase referrals by default. This directive + explicitly configures the referral chasing in the underlying SDK.

+ +

LDAPReferrals takes the following values:

"on"

When set to "on", the underlying SDK's referral chasing state - is enabled, LDAPReferralHopLimit is used to - override the SDK's hop limit, and an LDAP rebind callback is + is enabled, LDAPReferralHopLimit is used to + override the SDK's hop limit, and an LDAP rebind callback is registered.

"off"

When set to "off", the underlying SDK's referral chasing state is disabled completely.

"default"

When set to "default", the underlying SDK's referral chasing state - is not changed, LDAPReferralHopLimit is not - used to overide the SDK's hop limit, and no LDAP rebind callback is + is not changed, LDAPReferralHopLimit is not + used to overide the SDK's hop limit, and no LDAP rebind callback is registered.

-

The directive LDAPReferralHopLimit works in conjunction with +

The directive LDAPReferralHopLimit works in conjunction with this directive to limit the number of referral hops to follow before terminating the LDAP query. - When referral processing is enabled by a value of "On", client credentials will be provided, - via a rebind callback, for any LDAP server requiring them.

+ When referral processing is enabled by a value of "On", client credentials will be provided, + via a rebind callback, for any LDAP server requiring them.

 @@ -556,7 +556,7 @@ valid

If LDAPRetryDelay is set to a non-zero - value, the server will delay retrying an LDAP request for the + value, the server will delay retrying an LDAP request for the specified amount of time. Setting this directive to 0 will result in any retry to occur without delay.

@@ -571,7 +571,7 @@ valid LDAPRetries 3 server config -

The server will retry failed LDAP requests up to +

The server will retry failed LDAP requests up to LDAPRetries times. Setting this directive to 0 disables retries.

LDAP errors such as timeouts and refused connections are retryable.

@@ -757,10 +757,10 @@ connection client certificates. connection pool. The default value of -1, and any other negative value, allows connections of any age to be reused.

-

The timemout is based on when the LDAP connection is returned to the +

The timemout is based on when the LDAP connection is returned to the pool, not based on the last time I/O has been performed over the backend connection. If the information is cached, the apparent idle time can exceed - the LDAPConnectionPoolTTL.

+ the LDAPConnectionPoolTTL.

This timeout defaults to units of seconds, but accepts suffixes for milliseconds (ms), minutes (min), and hours (h). diff --git a/docs/manual/mod/mod_logio.xml b/docs/manual/mod/mod_logio.xml index e7acb129403..6bbeafc6717 100644 --- a/docs/manual/mod/mod_logio.xml +++ b/docs/manual/mod/mod_logio.xml @@ -70,7 +70,8 @@ %S Bytes transferred (received and sent), including request and headers, - cannot be zero. This is the combination of %I and %O. + cannot be zero. This is the combination of %I and %O.
+ Available in Apache 2.4.7 and later

Usually, the functionality is used like this:

diff --git a/docs/manual/mod/mod_session_crypto.xml b/docs/manual/mod/mod_session_crypto.xml index c2446c251dd..dd8e7da98f2 100644 --- a/docs/manual/mod/mod_session_crypto.xml +++ b/docs/manual/mod/mod_session_crypto.xml @@ -175,8 +175,9 @@ SessionCryptoPassphrase secret secret to the end of the list, and once rolled out completely to all servers, remove the first key from the start of the list.

-

If the value begins with exec: the resulting command will be executed and the - first line returned to standard output by the program will be used as the key.

+

As of version 2.4.7 if the value begins with exec: the resulting command + will be executed and the first line returned to standard output by the program will be + used as the key.

 #key used as-is
 SessionCryptoPassphrase secret