From: Daniel Ferradal Date: Tue, 21 Apr 2026 21:14:42 +0000 (+0000) Subject: Remaining Updates produced by running build.sh all X-Git-Url: http://git.ipfire.org/index.cgi?a=commitdiff_plain;p=thirdparty%2Fapache%2Fhttpd.git Remaining Updates produced by running build.sh all git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1933228 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/man/ab.1 b/docs/man/ab.1 index e64e02503f..815ff1d516 100644 --- a/docs/man/ab.1 +++ b/docs/man/ab.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "AB" 1 "2022-03-07" "Apache HTTP Server" "ab" +.TH "AB" 1 "2026-04-21" "Apache HTTP Server" "ab" .SH NAME ab \- Apache HTTP server benchmarking tool @@ -33,7 +33,7 @@ ab \- Apache HTTP server benchmarking tool .SH "SUMMARY" .PP -\fBab\fR is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server\&. It is designed to give you an impression of how your current Apache installation performs\&. This especially shows you how many requests per second your Apache installation is capable of serving\&. +ab is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server\&. It is designed to give you an impression of how your current Apache installation performs\&. This especially shows you how many requests per second your Apache installation is capable of serving\&. .SH "OPTIONS" @@ -98,7 +98,7 @@ File containing data to POST\&. Remember to also set \fB-T\fR\&. Supply BASIC Authentication credentials to a proxy en-route\&. The username and password are separated by a single \fB:\fR and sent on the wire base64 encoded\&. The string is sent regardless of whether the proxy needs it (\fIi\&.e\&.\fR, has sent an 407 proxy authentication needed)\&. .TP \fB-q\fR -When processing more than 150 requests, \fBab\fR outputs a progress count on \fBstderr\fR every 10% or 100 requests or so\&. The \fB-q\fR flag will suppress these messages\&. +When processing more than 150 requests, ab outputs a progress count on \fBstderr\fR every 10% or 100 requests or so\&. The \fB-q\fR flag will suppress these messages\&. .TP \fB-r\fR Don't exit on socket receive errors\&. @@ -148,7 +148,7 @@ Specify SSL/TLS cipher suite (See openssl ciphers) .SH "OUTPUT" .PP -The following list describes the values returned by \fBab\fR: +The following list describes the values returned by ab: .TP @@ -215,5 +215,5 @@ The rate of transfer as calculated by the formula \fBtotalread / 1024 / timetake There are various statically declared buffers of fixed length\&. Combined with the lazy parsing of the command line arguments, the response headers from the server and other external inputs, this might bite you\&. .PP -It does not implement HTTP/1\&.x fully; only accepts some 'expected' forms of responses\&. The rather heavy use of \fBstrstr(3)\fR shows up top in profile, which might indicate a performance problem; \fIi\&.e\&.\fR, you would measure the \fBab\fR performance rather than the server's\&. +It does not implement HTTP/1\&.x fully; only accepts some 'expected' forms of responses\&. The rather heavy use of \fBstrstr(3)\fR shows up top in profile, which might indicate a performance problem; \fIi\&.e\&.\fR, you would measure the ab performance rather than the server's\&. diff --git a/docs/man/apachectl.8 b/docs/man/apachectl.8 index ad32f9c9b6..03d53d39cd 100644 --- a/docs/man/apachectl.8 +++ b/docs/man/apachectl.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "APACHECTL" 8 "2018-09-27" "Apache HTTP Server" "apachectl" +.TH "APACHECTL" 8 "2026-04-21" "Apache HTTP Server" "apachectl" .SH NAME apachectl \- Apache HTTP Server Control Interface @@ -27,13 +27,13 @@ apachectl \- Apache HTTP Server Control Interface .SH "SYNOPSIS" .PP -When acting in pass-through mode, \fBapachectl\fR can take all the arguments available for the httpd binary\&. +When acting in pass-through mode, apachectl can take all the arguments available for the httpd binary\&. .PP \fB\fBapachectl\fR [ \fIhttpd-argument\fR ]\fR .PP -When acting in SysV init mode, \fBapachectl\fR takes simple, one-word commands, defined below\&. +When acting in SysV init mode, apachectl takes simple, one-word commands, defined below\&. .PP \fB\fBapachectl\fR \fIcommand\fR\fR @@ -42,16 +42,16 @@ When acting in SysV init mode, \fBapachectl\fR takes simple, one-word commands, .SH "SUMMARY" .PP -\fBapachectl\fR is a front end to the Apache HyperText Transfer Protocol (HTTP) server\&. It is designed to help the administrator control the functioning of the Apache httpd daemon\&. +apachectl is a front end to the Apache HyperText Transfer Protocol (HTTP) server\&. It is designed to help the administrator control the functioning of the Apache httpd daemon\&. .PP -The \fBapachectl\fR script can operate in two modes\&. First, it can act as a simple front-end to the httpd command that simply sets any necessary environment variables and then invokes httpd, passing through any command line arguments\&. Second, \fBapachectl\fR can act as a SysV init script, taking simple one-word arguments like \fBstart\fR, \fBrestart\fR, and \fBstop\fR, and translating them into appropriate signals to httpd\&. +The apachectl script can operate in two modes\&. First, it can act as a simple front-end to the httpd command that simply sets any necessary environment variables and then invokes httpd, passing through any command line arguments\&. Second, apachectl can act as a SysV init script, taking simple one-word arguments like \fBstart\fR, \fBrestart\fR, and \fBstop\fR, and translating them into appropriate signals to httpd\&. .PP -If your Apache installation uses non-standard paths, you will need to edit the \fBapachectl\fR script to set the appropriate paths to the httpd binary\&. You can also specify any necessary httpd command line arguments\&. See the comments in the script for details\&. +If your Apache installation uses non-standard paths, you will need to edit the apachectl script to set the appropriate paths to the httpd binary\&. You can also specify any necessary httpd command line arguments\&. See the comments in the script for details\&. .PP -The \fBapachectl\fR script returns a 0 exit value on success, and >0 if an error occurs\&. For more details, view the comments in the script\&. +The apachectl script returns a 0 exit value on success, and >0 if an error occurs\&. For more details, view the comments in the script\&. .SH "OPTIONS" diff --git a/docs/man/apxs.1 b/docs/man/apxs.1 index 236c3add36..e17c1ab515 100644 --- a/docs/man/apxs.1 +++ b/docs/man/apxs.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "APXS" 1 "2018-09-27" "Apache HTTP Server" "apxs" +.TH "APXS" 1 "2026-04-21" "Apache HTTP Server" "apxs" .SH NAME apxs \- APache eXtenSion tool @@ -45,38 +45,38 @@ apxs \- APache eXtenSion tool .SH "SUMMARY" .PP -\fBapxs\fR is a tool for building and installing extension modules for the Apache HyperText Transfer Protocol (HTTP) server\&. This is achieved by building a dynamic shared object (DSO) from one or more source or object \fIfiles\fR which then can be loaded into the Apache server under runtime via the LoadModule directive from mod_so\&. +apxs is a tool for building and installing extension modules for the Apache HyperText Transfer Protocol (HTTP) server\&. This is achieved by building a dynamic shared object (DSO) from one or more source or object \fIfiles\fR which then can be loaded into the Apache server under runtime via the LoadModule directive from mod_so\&. .PP -So to use this extension mechanism your platform has to support the DSO feature and your Apache httpd binary has to be built with the mod_so module\&. The \fBapxs\fR tool automatically complains if this is not the case\&. You can check this yourself by manually running the command +So to use this extension mechanism your platform has to support the DSO feature and your Apache httpd binary has to be built with the mod_so module\&. The apxs tool automatically complains if this is not the case\&. You can check this yourself by manually running the command .nf - - $ httpd -l - + +$ httpd -l + .fi .PP -The module mod_so should be part of the displayed list\&. If these requirements are fulfilled you can easily extend your Apache server's functionality by installing your own modules with the DSO mechanism by the help of this \fBapxs\fR tool: +The module mod_so should be part of the displayed list\&. If these requirements are fulfilled you can easily extend your Apache server's functionality by installing your own modules with the DSO mechanism by the help of this apxs tool: .nf - - $ apxs -i -a -c mod_foo\&.c - gcc -fpic -DSHARED_MODULE -I/path/to/apache/include -c mod_foo\&.c - ld -Bshareable -o mod_foo\&.so mod_foo\&.o - cp mod_foo\&.so /path/to/apache/modules/mod_foo\&.so - chmod 755 /path/to/apache/modules/mod_foo\&.so - [activating module `foo' in /path/to/apache/etc/httpd\&.conf] - $ apachectl restart - /path/to/apache/sbin/apachectl restart: httpd not running, trying to start - [Tue Mar 31 11:27:55 1998] [debug] mod_so\&.c(303): loaded module foo_module - /path/to/apache/sbin/apachectl restart: httpd started - $ _ - + +$ apxs -i -a -c mod_foo\&.c +gcc -fpic -DSHARED_MODULE -I/path/to/apache/include -c mod_foo\&.c +ld -Bshareable -o mod_foo\&.so mod_foo\&.o +cp mod_foo\&.so /path/to/apache/modules/mod_foo\&.so +chmod 755 /path/to/apache/modules/mod_foo\&.so +[activating module `foo' in /path/to/apache/etc/httpd\&.conf] +$ apachectl restart +/path/to/apache/sbin/apachectl restart: httpd not running, trying to start +[Tue Mar 31 11:27:55 1998] [debug] mod_so\&.c(303): loaded module foo_module +/path/to/apache/sbin/apachectl restart: httpd started +$ _ + .fi .PP -The arguments \fIfiles\fR can be any C source file (\&.c), a object file (\&.o) or even a library archive (\&.a)\&. The \fBapxs\fR tool automatically recognizes these extensions and automatically used the C source files for compilation while just using the object and archive files for the linking phase\&. But when using such pre-compiled objects make sure they are compiled for position independent code (PIC) to be able to use them for a dynamically loaded shared object\&. For instance with GCC you always just have to use \fB-fpic\fR\&. For other C compilers consult its manual page or at watch for the flags \fBapxs\fR uses to compile the object files\&. +The arguments \fIfiles\fR can be any C source file (\&.c), a object file (\&.o) or even a library archive (\&.a)\&. The apxs tool automatically recognizes these extensions and automatically used the C source files for compilation while just using the object and archive files for the linking phase\&. But when using such pre-compiled objects make sure they are compiled for position independent code (PIC) to be able to use them for a dynamically loaded shared object\&. For instance with GCC you always just have to use \fB-fpic\fR\&. For other C compilers consult its manual page or at watch for the flags apxs uses to compile the object files\&. .PP For more details about DSO support in Apache read the documentation of mod_so or perhaps even read the \fBsrc/modules/standard/mod_so\&.c\fR source file\&. @@ -89,7 +89,7 @@ For more details about DSO support in Apache read the documentation of mod_so or .TP \fB-n \fImodname\fR\fR -This explicitly sets the module name for the \fB-i\fR (install) and \fB-g\fR (template generation) option\&. Use this to explicitly specify the module name\&. For option \fB-g\fR this is required, for option \fB-i\fR the \fBapxs\fR tool tries to determine the name from the source or (as a fallback) at least by guessing it from the filename\&. +This explicitly sets the module name for the \fB-i\fR (install) and \fB-g\fR (template generation) option\&. Use this to explicitly specify the module name\&. For option \fB-g\fR this is required, for option \fB-i\fR the apxs tool tries to determine the name from the source or (as a fallback) at least by guessing it from the filename\&. .SS "Query Options" @@ -165,83 +165,83 @@ This indicates the editing operation, which can be used with the \fB-a\fR and \f Assume you have an Apache module named \fBmod_foo\&.c\fR available which should extend Apache's server functionality\&. To accomplish this you first have to compile the C source into a shared object suitable for loading into the Apache server under runtime via the following command: .nf - - $ apxs -c mod_foo\&.c - /path/to/libtool --mode=compile gcc \&.\&.\&. -c mod_foo\&.c - /path/to/libtool --mode=link gcc \&.\&.\&. -o mod_foo\&.la mod_foo\&.slo - $ _ - + +$ apxs -c mod_foo\&.c +/path/to/libtool --mode=compile gcc \&.\&.\&. -c mod_foo\&.c +/path/to/libtool --mode=link gcc \&.\&.\&. -o mod_foo\&.la mod_foo\&.slo +$ _ + .fi .PP -Then you have to update the Apache configuration by making sure a LoadModule directive is present to load this shared object\&. To simplify this step \fBapxs\fR provides an automatic way to install the shared object in its "modules" directory and updating the \fBhttpd\&.conf\fR file accordingly\&. This can be achieved by running: +Then you have to update the Apache configuration by making sure a LoadModule directive is present to load this shared object\&. To simplify this step apxs provides an automatic way to install the shared object in its "modules" directory and updating the \fBhttpd\&.conf\fR file accordingly\&. This can be achieved by running: .nf - - $ apxs -i -a mod_foo\&.la - /path/to/instdso\&.sh mod_foo\&.la /path/to/apache/modules - /path/to/libtool --mode=install cp mod_foo\&.la /path/to/apache/modules - \&.\&.\&. - chmod 755 /path/to/apache/modules/mod_foo\&.so - [activating module `foo' in /path/to/apache/conf/httpd\&.conf] - $ _ - + +$ apxs -i -a mod_foo\&.la +/path/to/instdso\&.sh mod_foo\&.la /path/to/apache/modules +/path/to/libtool --mode=install cp mod_foo\&.la /path/to/apache/modules +\&.\&.\&. +chmod 755 /path/to/apache/modules/mod_foo\&.so +[activating module `foo' in /path/to/apache/conf/httpd\&.conf] +$ _ + .fi .PP This way a line named .nf - - LoadModule foo_module modules/mod_foo\&.so - + +LoadModule foo_module modules/mod_foo\&.so + .fi .PP is added to the configuration file if still not present\&. If you want to have this disabled per default use the \fB-A\fR option, \fIi\&.e\&.\fR .nf - - $ apxs -i -A mod_foo\&.c - + +$ apxs -i -A mod_foo\&.c + .fi .PP For a quick test of the apxs mechanism you can create a sample Apache module template plus a corresponding Makefile via: .nf - - $ apxs -g -n foo - Creating [DIR] foo - Creating [FILE] foo/Makefile - Creating [FILE] foo/modules\&.mk - Creating [FILE] foo/mod_foo\&.c - Creating [FILE] foo/\&.deps - $ _ - + +$ apxs -g -n foo +Creating [DIR] foo +Creating [FILE] foo/Makefile +Creating [FILE] foo/modules\&.mk +Creating [FILE] foo/mod_foo\&.c +Creating [FILE] foo/\&.deps +$ _ + .fi .PP Then you can immediately compile this sample module into a shared object and load it into the Apache server: .nf - - $ cd foo - $ make all reload - apxs -c mod_foo\&.c - /path/to/libtool --mode=compile gcc \&.\&.\&. -c mod_foo\&.c - /path/to/libtool --mode=link gcc \&.\&.\&. -o mod_foo\&.la mod_foo\&.slo - apxs -i -a -n "foo" mod_foo\&.la - /path/to/instdso\&.sh mod_foo\&.la /path/to/apache/modules - /path/to/libtool --mode=install cp mod_foo\&.la /path/to/apache/modules - \&.\&.\&. - chmod 755 /path/to/apache/modules/mod_foo\&.so - [activating module `foo' in /path/to/apache/conf/httpd\&.conf] - apachectl restart - /path/to/apache/sbin/apachectl restart: httpd not running, trying to start - [Tue Mar 31 11:27:55 1998] [debug] mod_so\&.c(303): loaded module foo_module - /path/to/apache/sbin/apachectl restart: httpd started - $ _ - + +$ cd foo +$ make all reload +apxs -c mod_foo\&.c +/path/to/libtool --mode=compile gcc \&.\&.\&. -c mod_foo\&.c +/path/to/libtool --mode=link gcc \&.\&.\&. -o mod_foo\&.la mod_foo\&.slo +apxs -i -a -n "foo" mod_foo\&.la +/path/to/instdso\&.sh mod_foo\&.la /path/to/apache/modules +/path/to/libtool --mode=install cp mod_foo\&.la /path/to/apache/modules +\&.\&.\&. +chmod 755 /path/to/apache/modules/mod_foo\&.so +[activating module `foo' in /path/to/apache/conf/httpd\&.conf] +apachectl restart +/path/to/apache/sbin/apachectl restart: httpd not running, trying to start +[Tue Mar 31 11:27:55 1998] [debug] mod_so\&.c(303): loaded module foo_module +/path/to/apache/sbin/apachectl restart: httpd started +$ _ + .fi diff --git a/docs/man/ctlogconfig.8 b/docs/man/ctlogconfig.8 index 9329f06478..8f6bae45c1 100644 --- a/docs/man/ctlogconfig.8 +++ b/docs/man/ctlogconfig.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "CTLOGCONFIG" 8 "2018-09-27" "Apache HTTP Server" "ctlogconfig" +.TH "CTLOGCONFIG" 8 "2026-04-21" "Apache HTTP Server" "ctlogconfig" .SH NAME ctlogconfig \- Certificate Transparency log configuration tool @@ -108,42 +108,31 @@ Consider an Apache httpd instance which serves as a TLS server and a proxy\&. Th First we'll configure the URLs for logs where server certificates are logged: .nf + +$ ctlogconfig /path/to/conf/log-config configure-url http://log1\&.example\&.com/ +$ ctlogconfig /path/to/conf/log-config configure-url http://log2\&.example\&.com/ +$ ctlogconfig /path/to/conf/log-config dump +Log entry: + Record 1 + Log id : (not configured) + Public key file: (not configured) + URL : http://log1\&.example\&.com/ + Time range : -INF to +INF - $ ctlogconfig /path/to/conf/log-config configure-url http://log1\&.example\&.com/ - $ ctlogconfig /path/to/conf/log-config configure-url http://log2\&.example\&.com/ - $ ctlogconfig /path/to/conf/log-config dump - Log entry: - Record 1 - Log id : (not configured) - Public key file: (not configured) - URL : http://log1\&.example\&.com/ - Time range : -INF to +INF - Log entry: - Record 2 - Log id : (not configured) - Public key file: (not configured) - URL : http://log2\&.example\&.com/ - Time range : -INF to +INF +Log entry: + Record 2 + Log id : (not configured) + Public key file: (not configured) + URL : http://log2\&.example\&.com/ + Time range : -INF to +INF + .fi .PP Next we'll set the public key of a log where the certificate of our only backend server is published\&. In this case it is the log with URL http://log2\&.example\&.com/ which has already been configured\&. .nf - - $ ctlogconfig /path/to/conf/log-config configure-public-key \\ - $ ctlogconfig /path/to/conf/log-config dump - Log entry: - Record 1 - Log id : (not configured) - Public key file: (not configured) - URL : http://log1\&.example\&.com/ - Time range : -INF to +INF - Log entry: - Record 2 - Log id : (not configured) - Public key file: /path/to/conf/log2-pub\&.pem - URL : http://log2\&.example\&.com/ - Time range : -INF to +INF + +$ ctlogconfig /path/to/conf/log-config configure-public-key \\ .fi diff --git a/docs/man/dbmmanage.1 b/docs/man/dbmmanage.1 index d60e84a810..7ec7d89aad 100644 --- a/docs/man/dbmmanage.1 +++ b/docs/man/dbmmanage.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "DBMMANAGE" 1 "2018-09-27" "Apache HTTP Server" "dbmmanage" +.TH "DBMMANAGE" 1 "2026-04-21" "Apache HTTP Server" "dbmmanage" .SH NAME dbmmanage \- Manage user authentication files in DBM format @@ -39,7 +39,7 @@ dbmmanage \- Manage user authentication files in DBM format .SH "SUMMARY" .PP -\fBdbmmanage\fR is used to create and update the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBdbmmanage\fR\&. This program can only be used when the usernames are stored in a DBM file\&. To use a flat-file database see htpasswd\&. +dbmmanage is used to create and update the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by dbmmanage\&. This program can only be used when the usernames are stored in a DBM file\&. To use a flat-file database see htpasswd\&. .PP Another tool to maintain a DBM password database is htdbm\&. @@ -111,10 +111,10 @@ Just displays the contents of the DBM file\&. If you specify a \fIusername\fR, i .SH "BUGS" .PP -One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, the GNU project's GDBM, and Berkeley DB 2\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that \fBdbmmanage\fR expects to see\&. \fBdbmmanage\fR currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. +One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, the GNU project's GDBM, and Berkeley DB 2\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that dbmmanage expects to see\&. dbmmanage currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. .PP -\fBdbmmanage\fR has a list of DBM format preferences, defined by the \fB@AnyDBM::ISA\fR array near the beginning of the program\&. Since we prefer the Berkeley DB 2 file format, the order in which \fBdbmmanage\fR will look for system libraries is Berkeley DB 2, then NDBM, then GDBM and then SDBM\&. The first library found will be the library \fBdbmmanage\fR will attempt to use for all DBM file transactions\&. This ordering is slightly different than the standard \fB@AnyDBM::ISA\fR ordering in Perl, as well as the ordering used by the simple \fBdbmopen()\fR call in Perl, so if you use any other utilities to manage your DBM files, they must also follow this preference ordering\&. Similar care must be taken if using programs in other languages, like C, to access these files\&. +dbmmanage has a list of DBM format preferences, defined by the \fB@AnyDBM::ISA\fR array near the beginning of the program\&. Since we prefer the Berkeley DB 2 file format, the order in which dbmmanage will look for system libraries is Berkeley DB 2, then NDBM, then GDBM and then SDBM\&. The first library found will be the library dbmmanage will attempt to use for all DBM file transactions\&. This ordering is slightly different than the standard \fB@AnyDBM::ISA\fR ordering in Perl, as well as the ordering used by the simple \fBdbmopen()\fR call in Perl, so if you use any other utilities to manage your DBM files, they must also follow this preference ordering\&. Similar care must be taken if using programs in other languages, like C, to access these files\&. .PP One can usually use the \fBfile\fR program supplied with most Unix systems to see what format a DBM file is in\&. diff --git a/docs/man/htcacheclean.8 b/docs/man/htcacheclean.8 index 092cf0e99d..8935a7792c 100644 --- a/docs/man/htcacheclean.8 +++ b/docs/man/htcacheclean.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTCACHECLEAN" 8 "2019-11-13" "Apache HTTP Server" "htcacheclean" +.TH "HTCACHECLEAN" 8 "2026-04-21" "Apache HTTP Server" "htcacheclean" .SH NAME htcacheclean \- Clean up the disk cache @@ -42,7 +42,7 @@ htcacheclean \- Clean up the disk cache .SH "SUMMARY" .PP -\fBhtcacheclean\fR is used to keep the size of mod_cache_disk's storage within a given size limit, or limit on inodes in use\&. This tool can run either manually or in daemon mode\&. When running in daemon mode, it sleeps in the background and checks the cache directory at regular intervals for cached content to be removed\&. You can stop the daemon cleanly by sending it a TERM or INT signal\&. When run manually, a once off check of the cache directory is made for cached content to be removed\&. If one or more URLs are specified, each URL will be deleted from the cache, if present\&. +htcacheclean is used to keep the size of mod_cache_disk's storage within a given size limit, or limit on inodes in use\&. This tool can run either manually or in daemon mode\&. When running in daemon mode, it sleeps in the background and checks the cache directory at regular intervals for cached content to be removed\&. You can stop the daemon cleanly by sending it a TERM or INT signal\&. When run manually, a once off check of the cache directory is made for cached content to be removed\&. If one or more URLs are specified, each URL will be deleted from the cache, if present\&. .SH "OPTIONS" @@ -62,7 +62,7 @@ Be verbose and print statistics\&. This option is mutually exclusive with the \f Clean thoroughly\&. This assumes that the Apache web server is not running (otherwise you may get garbage in the cache)\&. This option is mutually exclusive with the \fB-d\fR option and implies the \fB-t\fR option\&. .TP \fB-n\fR -Be nice\&. This causes slower processing in favour of other processes\&. \fBhtcacheclean\fR will sleep from time to time so that (a) the disk IO will be delayed and (b) the kernel can schedule other processes in the meantime\&. +Be nice\&. This causes slower processing in favor of other processes\&. htcacheclean will sleep from time to time so that (a) the disk IO will be delayed and (b) the kernel can schedule other processes in the meantime\&. .TP \fB-t\fR Delete all empty directories\&. By default only cache files are removed, however with some configurations the large number of directories created may require attention\&. If your configuration requires a very large number of directories, to the point that inode or file allocation table exhaustion may become an issue, use of this option is advised\&. @@ -94,7 +94,7 @@ List the URLs currently stored in the cache, along with their attributes in the .SH "DELETING A SPECIFIC URL" .PP -If \fBhtcacheclean\fR is passed one or more URLs, each URL will be deleted from the cache\&. If multiple variants of an URL exists, all variants would be deleted\&. +If htcacheclean is passed one or more URLs, each URL will be deleted from the cache\&. If multiple variants of an URL exists, all variants would be deleted\&. .PP When a reverse proxied URL is to be deleted, the effective URL is constructed from the \fBHost\fR header, the \fBport\fR, the \fBpath\fR and the \fBquery\fR\&. Note the '?' in the URL must always be specified explicitly, whether a query string is present or not\&. For example, an attempt to delete the path \fB/\fR from the server \fBlocalhost\fR, the URL to delete would be \fBhttp://localhost:80/?\fR\&. @@ -102,7 +102,7 @@ When a reverse proxied URL is to be deleted, the effective URL is constructed fr .SH "LISTING URLS IN THE CACHE" .PP -By passing the \fB-a\fR or \fB-A\fR options to \fBhtcacheclean\fR, the URLs within the cache will be listed as they are found, one URL per line\&. The \fB-A\fR option dumps the full cache entry after the URL, with fields in the following order: +By passing the \fB-a\fR or \fB-A\fR options to htcacheclean, the URLs within the cache will be listed as they are found, one URL per line\&. The \fB-A\fR option dumps the full cache entry after the URL, with fields in the following order: .TP @@ -142,5 +142,5 @@ If 1, the entry contains a cached HEAD request with no body, 0 otherwise\&. .SH "EXIT STATUS" .PP -\fBhtcacheclean\fR returns a zero status ("true") if all operations were successful, \fB1\fR otherwise\&. If an URL is specified, and the URL was cached and successfully removed, \fB0\fR is returned, \fB2\fR otherwise\&. If an error occurred during URL removal, \fB1\fR is returned\&. +htcacheclean returns a zero status ("true") if all operations were successful, \fB1\fR otherwise\&. If an URL is specified, and the URL was cached and successfully removed, \fB0\fR is returned, \fB2\fR otherwise\&. If an error occurred during URL removal, \fB1\fR is returned\&. diff --git a/docs/man/htdbm.1 b/docs/man/htdbm.1 index c9187c4da4..491e779541 100644 --- a/docs/man/htdbm.1 +++ b/docs/man/htdbm.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTDBM" 1 "2021-07-09" "Apache HTTP Server" "htdbm" +.TH "HTDBM" 1 "2026-04-21" "Apache HTTP Server" "htdbm" .SH NAME htdbm \- Manipulate DBM password databases @@ -54,7 +54,7 @@ htdbm \- Manipulate DBM password databases .SH "SUMMARY" .PP -\fBhtdbm\fR is used to manipulate the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. See the dbmmanage documentation for more information about these DBM files\&. +htdbm is used to manipulate the DBM format files used to store usernames and password for basic authentication of HTTP users via mod_authn_dbm\&. See the dbmmanage documentation for more information about these DBM files\&. .SH "OPTIONS" @@ -89,7 +89,7 @@ Use \fBcrypt()\fR hashing for passwords\&. The default on all platforms but Wind Use SHA hashing for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&. .TP \fB-p\fR -Use plaintext passwords\&. Though \fBhtdbm\fR will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. +Use plaintext passwords\&. Though htdbm will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. .TP \fB-l\fR Print each of the usernames and comments from the database on stdout\&. @@ -118,7 +118,7 @@ Type of DBM file (SDBM, GDBM, DB, or "default")\&. .SH "BUGS" .PP -One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, GNU GDBM, and Berkeley/Sleepycat DB 2/3/4\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that \fBhtdbm\fR expects to see\&. \fBhtdbm\fR currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. +One should be aware that there are a number of different DBM file formats in existence, and with all likelihood, libraries for more than one format may exist on your system\&. The three primary examples are SDBM, NDBM, GNU GDBM, and Berkeley/Sleepycat DB 2/3/4\&. Unfortunately, all these libraries use different file formats, and you must make sure that the file format used by \fIfilename\fR is the same format that htdbm expects to see\&. htdbm currently has no way of determining what type of DBM file it is looking at\&. If used against the wrong format, will simply return nothing, or may create a different DBM file with a different name, or at worst, it may corrupt the DBM file if you were attempting to write to it\&. .PP One can usually use the \fBfile\fR program supplied with most Unix systems to see what format a DBM file is in\&. @@ -126,7 +126,7 @@ One can usually use the \fBfile\fR program supplied with most Unix systems to se .SH "EXIT STATUS" .PP -\fBhtdbm\fR returns a zero status ("true") if the username and password have been successfully added or updated in the DBM File\&. \fBhtdbm\fR returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid DBM password file\&. +htdbm returns a zero status ("true") if the username and password have been successfully added or updated in the DBM File\&. htdbm returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid DBM password file\&. .SH "EXAMPLES" @@ -137,7 +137,7 @@ One can usually use the \fBfile\fR program supplied with most Unix systems to se .fi .PP -Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. If executed on a Windows system, the password will be hashed using the modified Apache MD5 algorithm; otherwise, the system's \fBcrypt()\fR routine will be used\&. If the file does not exist, \fBhtdbm\fR will do nothing except return an error\&. +Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. If executed on a Windows system, the password will be hashed using the modified Apache MD5 algorithm; otherwise, the system's \fBcrypt()\fR routine will be used\&. If the file does not exist, htdbm will do nothing except return an error\&. .nf @@ -146,7 +146,7 @@ Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for .fi .PP -Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and \fBhtdbm\fR will display a message and return an error status\&. +Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and htdbm will display a message and return an error status\&. .nf @@ -158,7 +158,7 @@ Creates a new file and stores a record in it for user \fBjane\fR\&. The user is Encrypts the password from the command line (\fBPwd4Steve\fR) using the MD5 algorithm, and stores it in the specified file\&. .PP -To convert an existing text file \fBhtpasswd\fR-generated password file to a \fBdbm\fR file, use \fBawk\fR to feed each line of that file into \fBhtdbm\fR: +To convert an existing text file \fBhtpasswd\fR-generated password file to a \fBdbm\fR file, use \fBawk\fR to feed each line of that file into htdbm: .nf @@ -174,7 +174,7 @@ The first line creates a new password database with a temporary placeholder entr .SH "SECURITY CONSIDERATIONS" .PP -Web password files such as those managed by \fBhtdbm\fR should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. +Web password files such as those managed by htdbm should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. .PP The use of the \fB-b\fR option is discouraged, since when it is used the plaintext password appears on the command line\&. @@ -191,10 +191,10 @@ The SHA and \fBcrypt()\fR formats are insecure by today's standards\&. .SH "RESTRICTIONS" .PP -On the Windows platform, passwords hashed with \fBhtdbm\fR are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. +On the Windows platform, passwords hashed with htdbm are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. .PP -The MD5 algorithm used by \fBhtdbm\fR is specific to the Apache software; passwords hashed using it will not be usable with other Web servers\&. +The MD5 algorithm used by htdbm is specific to the Apache software; passwords hashed using it will not be usable with other Web servers\&. .PP Usernames are limited to \fB255\fR bytes and may not include the character \fB:\fR\&. diff --git a/docs/man/htdigest.1 b/docs/man/htdigest.1 index 19d717b8e4..e02a3a1634 100644 --- a/docs/man/htdigest.1 +++ b/docs/man/htdigest.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTDIGEST" 1 "2018-09-27" "Apache HTTP Server" "htdigest" +.TH "HTDIGEST" 1 "2026-04-21" "Apache HTTP Server" "htdigest" .SH NAME htdigest \- manage user files for digest authentication @@ -33,7 +33,7 @@ htdigest \- manage user files for digest authentication .SH "SUMMARY" .PP -\fBhtdigest\fR is used to create and update the flat-files used to store usernames, realm and password for digest authentication of HTTP users\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBhtdigest\fR\&. +htdigest is used to create and update the flat-files used to store usernames, realm and password for digest authentication of HTTP users\&. Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htdigest\&. .PP This manual page only lists the command line arguments\&. For details of the directives necessary to configure digest authentication in httpd see the Apache manual, which is part of the Apache distribution or can be found at http://httpd\&.apache\&.org/\&. diff --git a/docs/man/htpasswd.1 b/docs/man/htpasswd.1 index 1d66ebab91..10adf50b66 100644 --- a/docs/man/htpasswd.1 +++ b/docs/man/htpasswd.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTPASSWD" 1 "2021-07-09" "Apache HTTP Server" "htpasswd" +.TH "HTPASSWD" 1 "2026-04-21" "Apache HTTP Server" "htpasswd" .SH NAME htpasswd \- Manage user files for basic authentication @@ -42,13 +42,13 @@ htpasswd \- Manage user files for basic authentication .SH "SUMMARY" .PP -\fBhtpasswd\fR is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users\&. If \fBhtpasswd\fR cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes\&. +htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users\&. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes\&. .PP -Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by \fBhtpasswd\fR\&. This program can only manage usernames and passwords stored in a flat-file\&. It can hash and display password information for use in other types of data stores, though\&. To use a DBM database see dbmmanage or htdbm\&. +Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htpasswd\&. This program can only manage usernames and passwords stored in a flat-file\&. It can hash and display password information for use in other types of data stores, though\&. To use a DBM database see dbmmanage or htdbm\&. .PP -\fBhtpasswd\fR hashes passwords using either bcrypt, a version of MD5 modified for Apache, SHA-1, or the system's \fBcrypt()\fR routine\&. SHA-2-based hashes (SHA-256 and SHA-512) are supported for \fBcrypt()\fR\&. Files managed by \fBhtpasswd\fR may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-hashed passwords while others in the same file may have passwords hashed with \fBcrypt()\fR\&. +htpasswd hashes passwords using either bcrypt, a version of MD5 modified for Apache, SHA-1, or the system's \fBcrypt()\fR routine\&. SHA-2-based hashes (SHA-256 and SHA-512) are supported for \fBcrypt()\fR\&. Files managed by htpasswd may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-hashed passwords while others in the same file may have passwords hashed with \fBcrypt()\fR\&. .PP This manual page only lists the command line arguments\&. For details of the directives necessary to configure user authentication in httpd see the Apache manual, which is part of the Apache distribution or can be found at http://httpd\&.apache\&.org/\&. @@ -95,7 +95,7 @@ Use \fBcrypt()\fR hashing for passwords\&. This is not supported by the httpd se Use SHA-1 (160-bit) hashing for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&. .TP \fB-p\fR -Use plaintext passwords\&. Though \fBhtpasswd\fR will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. +Use plaintext passwords\&. Though htpasswd will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&. .TP \fB-D\fR Delete user\&. If the username exists in the specified htpasswd file, it will be deleted\&. @@ -115,7 +115,7 @@ The plaintext password to be hashed and stored in the file\&. Only used with the .SH "EXIT STATUS" .PP -\fBhtpasswd\fR returns a zero status ("true") if the username and password have been successfully added or updated in the \fIpasswdfile\fR\&. \fBhtpasswd\fR returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid password file\&. +htpasswd returns a zero status ("true") if the username and password have been successfully added or updated in the \fIpasswdfile\fR\&. htpasswd returns \fB1\fR if it encounters some problem accessing files, \fB2\fR if there was a syntax problem with the command line, \fB3\fR if the password was entered interactively and the verification entry didn't match, \fB4\fR if its operation was interrupted, \fB5\fR if a value is too long (username, filename, password, or final computed record), \fB6\fR if the username contains illegal characters (see the Restrictions section), and \fB7\fR if the file is not a valid password file\&. .SH "EXAMPLES" @@ -126,7 +126,7 @@ The plaintext password to be hashed and stored in the file\&. Only used with the .fi .PP -Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. The password will be hashed using the modified Apache MD5 algorithm\&. If the file does not exist, \fBhtpasswd\fR will do nothing except return an error\&. +Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for the password\&. The password will be hashed using the modified Apache MD5 algorithm\&. If the file does not exist, htpasswd will do nothing except return an error\&. .nf @@ -135,7 +135,7 @@ Adds or modifies the password for user \fBjsmith\fR\&. The user is prompted for .fi .PP -Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and \fBhtpasswd\fR will display a message and return an error status\&. +Creates a new file and stores a record in it for user \fBjane\fR\&. The user is prompted for the password\&. If the file exists and cannot be read, or cannot be written, it is not altered and htpasswd will display a message and return an error status\&. .nf @@ -149,7 +149,7 @@ Encrypts the password from the command line (\fBPwd4Steve\fR) using the \fBcrypt .SH "SECURITY CONSIDERATIONS" .PP -Web password files such as those managed by \fBhtpasswd\fR should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. +Web password files such as those managed by htpasswd should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. .PP This program is not safe as a setuid executable\&. Do \fInot\fR make it setuid\&. @@ -172,10 +172,10 @@ The SHA-2-based \fBcrypt()\fR formats (SHA-256 and SHA-512) are supported on mos .SH "RESTRICTIONS" .PP -On the Windows platform, passwords hashed with \fBhtpasswd\fR are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. +On the Windows platform, passwords hashed with htpasswd are limited to no more than \fB255\fR characters in length\&. Longer passwords will be truncated to 255 characters\&. .PP -The MD5 algorithm used by \fBhtpasswd\fR is specific to the Apache software; passwords hashed using it will not be usable with other Web servers\&. +The MD5 algorithm used by htpasswd is specific to the Apache software; passwords hashed using it will not be usable with other Web servers\&. .PP Usernames are limited to \fB255\fR bytes and may not include the character \fB:\fR\&. diff --git a/docs/man/httpd.8 b/docs/man/httpd.8 index 2b43a922eb..78f6dc0cbd 100644 --- a/docs/man/httpd.8 +++ b/docs/man/httpd.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTTPD" 8 "2025-08-29" "Apache HTTP Server" "httpd" +.TH "HTTPD" 8 "2026-04-21" "Apache HTTP Server" "httpd" .SH NAME httpd \- Apache Hypertext Transfer Protocol Server @@ -39,10 +39,10 @@ On Windows systems, the following additional arguments are available: .SH "SUMMARY" .PP -\fBhttpd\fR is the Apache HyperText Transfer Protocol (HTTP) server program\&. It is designed to be run as a standalone daemon process\&. When used like this it will create a pool of child processes or threads to handle requests\&. +httpd is the Apache HyperText Transfer Protocol (HTTP) server program\&. It is designed to be run as a standalone daemon process\&. When used like this it will create a pool of child processes or threads to handle requests\&. .PP -In general, \fBhttpd\fR should not be invoked directly, but rather should be invoked via apachectl on Unix-based systems or as a service on Windows NT, 2000 and XP and as a console application on Windows 9x and ME\&. +In general, httpd should not be invoked directly, but rather should be invoked via apachectl on Unix-based systems or as a service on Windows NT, 2000 and XP and as a console application on Windows 9x and ME\&. .SH "OPTIONS" @@ -56,7 +56,7 @@ Set the initial value for the ServerRoot directive to \fIserverroot\fR\&. This c Uses the directives in the file \fIconfig\fR on startup\&. If \fIconfig\fR does not begin with a /, then it is taken to be a path relative to the ServerRoot\&. The default is \fBconf/httpd\&.conf\fR\&. .TP \fB-k \fBstart|restart|graceful|stop|graceful-stop\fR\fR -Signals \fBhttpd\fR to start, restart, or stop\&. See Stopping Apache httpd for more information\&. +Signals httpd to start, restart, or stop\&. See Stopping Apache httpd for more information\&. .TP \fB-C \fIdirective\fR\fR Process the configuration \fIdirective\fR before reading config files\&. @@ -95,10 +95,10 @@ Skip document root check at startup/restart\&. Run syntax tests for configuration files only\&. The program immediately exits after these syntax parsing tests with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error)\&. This option can be combined with various \fI-D DUMP_\&.\&.\&.\fR arguments to print information about the configuration, as listed below\&. .TP \fB-v\fR -Print the version of \fBhttpd\fR, and then exit\&. +Print the version of httpd, and then exit\&. .TP \fB-V\fR -Print the version and build parameters of \fBhttpd\fR, and then exit\&. +Print the version and build parameters of httpd, and then exit\&. .TP \fB-X\fR Run httpd in debug mode\&. Only one worker will be started and the server will not detach from the console\&. diff --git a/docs/man/httxt2dbm.1 b/docs/man/httxt2dbm.1 index 2a06b0c9ae..52154d3be0 100644 --- a/docs/man/httxt2dbm.1 +++ b/docs/man/httxt2dbm.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "HTTXT2DBM" 1 "2019-11-13" "Apache HTTP Server" "httxt2dbm" +.TH "HTTXT2DBM" 1 "2026-04-21" "Apache HTTP Server" "httxt2dbm" .SH NAME httxt2dbm \- Generate dbm files for use with RewriteMap @@ -33,7 +33,7 @@ httxt2dbm \- Generate dbm files for use with RewriteMap .SH "SUMMARY" .PP -\fBhttxt2dbm\fR is used to generate dbm files from text input, for use in RewriteMap with the \fBdbm\fR map type\&. +httxt2dbm is used to generate dbm files from text input, for use in RewriteMap with the \fBdbm\fR map type\&. .PP If the output file already exists, it will not be truncated\&. New keys will be added and existing keys will be updated\&. @@ -58,8 +58,9 @@ Name of the output dbm files\&. .SH "EXAMPLES" .nf - - httxt2dbm -i rewritemap\&.txt -o rewritemap\&.dbm - httxt2dbm -f SDBM -i rewritemap\&.txt -o rewritemap\&.dbm + +httxt2dbm -i rewritemap\&.txt -o rewritemap\&.dbm +httxt2dbm -f SDBM -i rewritemap\&.txt -o rewritemap\&.dbm + .fi diff --git a/docs/man/logresolve.1 b/docs/man/logresolve.1 index 4ebe720178..fdd23748f7 100644 --- a/docs/man/logresolve.1 +++ b/docs/man/logresolve.1 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "LOGRESOLVE" 1 "2018-09-27" "Apache HTTP Server" "logresolve" +.TH "LOGRESOLVE" 1 "2026-04-21" "Apache HTTP Server" "logresolve" .SH NAME logresolve \- Resolve IP-addresses to hostnames in Apache log files @@ -33,7 +33,7 @@ logresolve \- Resolve IP-addresses to hostnames in Apache log files .SH "SUMMARY" .PP -\fBlogresolve\fR is a post-processing program to resolve IP-addresses in Apache's access logfiles\&. To minimize impact on your nameserver, logresolve has its very own internal hash-table cache\&. This means that each IP number will only be looked up the first time it is found in the log file\&. +logresolve is a post-processing program to resolve IP-addresses in Apache's access logfiles\&. To minimize impact on your nameserver, logresolve has its very own internal hash-table cache\&. This means that each IP number will only be looked up the first time it is found in the log file\&. .PP Takes an Apache log file on standard input\&. The IP addresses must be the first thing on each line and must be separated from the remainder of the line by a space\&. @@ -47,5 +47,5 @@ Takes an Apache log file on standard input\&. The IP addresses must be the first Specifies a filename to record statistics\&. .TP \fB-c\fR -This causes \fBlogresolve\fR to apply some DNS checks: after finding the hostname from the IP address, it looks up the IP addresses for the hostname and checks that one of these matches the original address\&. +This causes logresolve to apply some DNS checks: after finding the hostname from the IP address, it looks up the IP addresses for the hostname and checks that one of these matches the original address\&. diff --git a/docs/man/rotatelogs.8 b/docs/man/rotatelogs.8 index 2c21ce3985..db6e6c68eb 100644 --- a/docs/man/rotatelogs.8 +++ b/docs/man/rotatelogs.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "ROTATELOGS" 8 "2023-04-11" "Apache HTTP Server" "rotatelogs" +.TH "ROTATELOGS" 8 "2026-04-21" "Apache HTTP Server" "rotatelogs" .SH NAME rotatelogs \- Piped logging program to rotate Apache logs @@ -33,7 +33,7 @@ rotatelogs \- Piped logging program to rotate Apache logs .SH "SUMMARY" .PP -\fBrotatelogs\fR is a simple program for use in conjunction with Apache's piped logfile feature\&. It supports rotation based on a time interval or maximum size of the log\&. +rotatelogs is a simple program for use in conjunction with Apache's piped logfile feature\&. It supports rotation based on a time interval or maximum size of the log\&. .SH "OPTIONS" @@ -44,13 +44,13 @@ rotatelogs \- Piped logging program to rotate Apache logs Causes the use of local time rather than GMT as the base for the interval or for \fBstrftime(3)\fR formatting with size-based rotation\&. .TP \fB-L\fR \fIlinkname\fR -.PP Causes a hard link to be made from the current logfile to the specified link name\&. This can be used to watch the log continuously across rotations using a command like \fBtail -F linkname\fR\&. .PP If the linkname is not an absolute path, it is relative to \fBrotatelogs\fR' working directory, which is the ServerRoot when \fBrotatelogs\fR is run by the server\&. +.PP Causes a hard link to be made from the current logfile to the specified link name\&. This can be used to watch the log continuously across rotations using a command like \fBtail -F linkname\fR\&. .PP If the linkname is not an absolute path, it is relative to rotatelogs' working directory, which is the ServerRoot when rotatelogs is run by the server\&. .TP \fB-p\fR \fIprogram\fR -.PP If given, \fBrotatelogs\fR will execute the specified program every time a new log file is opened\&. The filename of the newly opened file is passed as the first argument to the program\&. If executing after a rotation, the old log file is passed as the second argument\&. .PP \fBrotatelogs\fR does not wait for the specified program to terminate before continuing to operate, and will not log any error code returned on termination\&. .PP The spawned program uses the same stdin, stdout, and stderr as rotatelogs itself, and also inherits the environment\&. .PP When two parameters are provided, under some conditions the parameters will have the same value\&. For example, if rotation is triggerd but the portions of the time and date incorporated into the log filename do not change across the rotation\&. +.PP If given, rotatelogs will execute the specified program every time a new log file is opened\&. The filename of the newly opened file is passed as the first argument to the program\&. If executing after a rotation, the old log file is passed as the second argument\&. .PP rotatelogs does not wait for the specified program to terminate before continuing to operate, and will not log any error code returned on termination\&. .PP The spawned program uses the same stdin, stdout, and stderr as rotatelogs itself, and also inherits the environment\&. .PP When two parameters are provided, under some conditions the parameters will have the same value\&. For example, if rotation is triggerd but the portions of the time and date incorporated into the log filename do not change across the rotation\&. .TP \fB-f\fR -Causes the logfile to be opened immediately, as soon as \fBrotatelogs\fR starts, instead of waiting for the first logfile entry to be read (for non-busy sites, there may be a substantial delay between when the server is started and when the first request is handled, meaning that the associated logfile does not "exist" until then, which causes problems from some automated logging tools) +Causes the logfile to be opened immediately, as soon as rotatelogs starts, instead of waiting for the first logfile entry to be read (for non-busy sites, there may be a substantial delay between when the server is started and when the first request is handled, meaning that the associated logfile does not "exist" until then, which causes problems from some automated logging tools) .TP \fB-D\fR Creates the parent directories of the path that the log file will be placed in if they do not already exist\&. This allows \fBstrftime(3)\fR formatting to be used in the path and not just the filename\&. @@ -74,7 +74,7 @@ Create log file for each interval, even if empty\&. Use a circular list of filenames without timestamps\&. This option overwrites log files at startup and during rotation\&. With -n 3, the series of log files opened would be "logfile", "logfile\&.1", "logfile\&.2", then overwriting "logfile"\&. When this program first opens "logfile", the file will only be truncated if \fB-t\fR is also provided\&. Every subsequent rotation will always begin with truncation of the target file\&. For size based rotation without \fB-t\fR and existing log files in place, this option may result in unintuitive behavior such as initial log entries being sent to "logfile\&.1", and entries in "logfile\&.1" not being preserved even if later "logfile\&.n" have not yet been used\&. Available in 2\&.4\&.5 and later\&. .TP \fB\fIlogfile\fR\fR -.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for \fBstrftime(3)\fR\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the \fBstrftime(3)\fR format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using \fBstrftime(3)\fR filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was \fB/var/log/errorlog\&.%Y-%m-%d\fR with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. .PP If the logfile is not an absolute path, it is relative to \fBrotatelogs\fR' working directory, which is the ServerRoot when \fBrotatelogs\fR is run by the server\&. +.PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' characters, it is treated as a format string for \fBstrftime(3)\fR\&. Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in seconds (unless the -t option is used)\&. Both formats compute the start time from the beginning of the current period\&. For example, if a rotation time of 86400 is specified, the hour, minute, and second fields created from the \fBstrftime(3)\fR format will all be zero, referring to the beginning of the current 24-hour period (midnight)\&. .PP When using \fBstrftime(3)\fR filename formatting, be sure the log file format has enough granularity to produce a different file name each time the logs are rotated\&. Otherwise rotation will overwrite the same file instead of starting a new one\&. For example, if \fIlogfile\fR was \fB/var/log/errorlog\&.%Y-%m-%d\fR with log rotation at 5 megabytes, but 5 megabytes was reached twice in the same day, the same log file name would be produced and log rotation would keep writing to the same file\&. .PP If the logfile is not an absolute path, it is relative to rotatelogs' working directory, which is the ServerRoot when rotatelogs is run by the server\&. .TP \fB\fIrotationtime\fR\fR The time between log file rotations in seconds\&. The rotation occurs at the beginning of this interval\&. For example, if the rotation time is 3600, the log file will be rotated at the beginning of every hour; if the rotation time is 86400, the log file will be rotated every night at midnight\&. (If no data is logged during an interval, no file will be created\&.) diff --git a/docs/man/suexec.8 b/docs/man/suexec.8 index e879caa2fd..20b1247594 100644 --- a/docs/man/suexec.8 +++ b/docs/man/suexec.8 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "SUEXEC" 8 "2018-09-27" "Apache HTTP Server" "suexec" +.TH "SUEXEC" 8 "2026-04-21" "Apache HTTP Server" "suexec" .SH NAME suexec \- Switch user before executing external programs @@ -33,7 +33,7 @@ suexec \- Switch user before executing external programs .SH "SUMMARY" .PP -\fBsuexec\fR is used by the Apache HTTP Server to switch to another user before executing CGI programs\&. In order to achieve this, it must run as \fBroot\fR\&. Since the HTTP daemon normally doesn't run as \fBroot\fR, the \fBsuexec\fR executable needs the setuid bit set and must be owned by \fBroot\fR\&. It should never be writable for any other person than \fBroot\fR\&. +suexec is used by the Apache HTTP Server to switch to another user before executing CGI programs\&. In order to achieve this, it must run as \fBroot\fR\&. Since the HTTP daemon normally doesn't run as \fBroot\fR, the suexec executable needs the setuid bit set and must be owned by \fBroot\fR\&. It should never be writable for any other person than \fBroot\fR\&. .PP For further information about the concepts and the security model of suexec please refer to the suexec documentation (http://httpd\&.apache\&.org/docs/trunk/suexec\&.html)\&. @@ -44,5 +44,5 @@ For further information about the concepts and the security model of suexec plea .TP \fB-V\fR -If you are \fBroot\fR, this option displays the compile options of \fBsuexec\fR\&. For security reasons all configuration options are changeable only at compile time\&. +If you are \fBroot\fR, this option displays the compile options of suexec\&. For security reasons all configuration options are changeable only at compile time\&. diff --git a/docs/manual/bind.html.de b/docs/manual/bind.html.de index 97ca5f79f2..6c2e611b30 100644 --- a/docs/manual/bind.html.de +++ b/docs/manual/bind.html.de @@ -31,14 +31,12 @@  ko  |  tr 

-
Diese Übersetzung ist möglicherweise - nicht mehr aktuell. Bitte prüfen Sie die englische Version auf - die neuesten Änderungen.

Konfiguration der vom Apache HTTP Server verwendeten Adressen und Ports.

+ +
top
+
+

Änderung der Listen-Konfiguration beim Neustart

+ + +

Wenn der httpd neu gestartet wird, müssen Änderungen an + Listen-Direktiven besonders + beachtet werden. Während eines Neustarts bleiben die Ports an den httpd + gebunden (wie in der ursprünglichen Konfiguration), um + "Connection refused"-Fehler für neue Verbindungsversuche zum + Server zu vermeiden. Wenn Änderungen an den verwendeten + Listen-Direktiven vorgenommen + werden, die mit der alten Konfiguration in Konflikt stehen, schlägt + die Konfiguration fehl und der Server wird beendet.

+ +

Zum Beispiel kann die Änderung der Konfiguration von:

+ + 
Listen 127.0.0.1:80
+
+ +

zur folgenden Konfiguration fehlschlagen, da das Binden an + Port 80 auf allen Adressen mit dem Binden an Port 80 auf nur + 127.0.0.1 in Konflikt steht.

+ + 
Listen 80
+
+ +

Damit solche Konfigurationsänderungen wirksam werden, muss + der Server gestoppt und dann neu gestartet werden.

+
top

Betrachtung von IPv6-Besonderheiten

diff --git a/docs/manual/bind.xml.meta b/docs/manual/bind.xml.meta index 613c2a0161..8bc31a5281 100644 --- a/docs/manual/bind.xml.meta +++ b/docs/manual/bind.xml.meta @@ -7,7 +7,7 @@ . - de + de en es fr diff --git a/docs/manual/caching.html.en.utf8 b/docs/manual/caching.html.en.utf8 index 8a0a19c435..16e6aef568 100644 --- a/docs/manual/caching.html.en.utf8 +++ b/docs/manual/caching.html.en.utf8 @@ -790,7 +790,7 @@ sys 0m0.000s
.htaccess files would be a very expensive operation, partially defeating the point of caching (to speed up requests), mod_cache makes no decision about whether a cached - entity is authorised for serving. In other words; if + entity is authorized for serving. In other words; if mod_cache has cached some content, it will be served from the cache as long as that content has not expired.

@@ -845,7 +845,7 @@ sys 0m0.000s Another example is so-called HTTP request-smuggling attacks.

This document is not the correct place for an in-depth discussion - of HTTP request smuggling (instead, try your favourite search engine) + of HTTP request smuggling (instead, try your favorite search engine) however it is important to be aware that it is possible to make a series of requests, and to exploit a vulnerability on an origin webserver such that the attacker can entirely control the content diff --git a/docs/manual/caching.html.fr.utf8 b/docs/manual/caching.html.fr.utf8 index f5469e5c67..9344b0bdea 100644 --- a/docs/manual/caching.html.fr.utf8 +++ b/docs/manual/caching.html.fr.utf8 @@ -27,6 +27,8 @@  fr  |  tr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.

Ce document complète la documentation de référence des modules mod_cache, mod_cache_disk, diff --git a/docs/manual/caching.xml.fr b/docs/manual/caching.xml.fr index 6bf747b49d..69a9490c44 100644 --- a/docs/manual/caching.xml.fr +++ b/docs/manual/caching.xml.fr @@ -3,7 +3,7 @@ - + + + diff --git a/docs/manual/compliance.xml.meta b/docs/manual/compliance.xml.meta index dc8d9ddcdb..0c7eda2af5 100644 --- a/docs/manual/compliance.xml.meta +++ b/docs/manual/compliance.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/content-negotiation.html.en.utf8 b/docs/manual/content-negotiation.html.en.utf8 index e48c09cdac..d609bad4a8 100644 --- a/docs/manual/content-negotiation.html.en.utf8 +++ b/docs/manual/content-negotiation.html.en.utf8 @@ -82,10 +82,9 @@ Negotiation other media types, but also allowing any other media type as a last resort:

-

- Accept-Language: fr; q=1.0, en; q=0.5
- Accept: text/html; q=1.0, text/*; q=0.8, image/gif; q=0.6, image/jpeg; q=0.6, image/*; q=0.5, */*; q=0.1 -

+
Accept-Language: fr; q=1.0, en; q=0.5
+Accept: text/html; q=1.0, text/*; q=0.8, image/gif; q=0.6, image/jpeg; q=0.6, image/*; q=0.5, */*; q=0.1
+

httpd supports 'server driven' content negotiation, as defined in the HTTP/1.1 specification. It fully supports the @@ -161,17 +160,16 @@ Negotiation absolute or relative URIs for any file located on the same server as the map file.

-

- URI: foo
-
- URI: foo.en.html
- Content-type: text/html
- Content-language: en
-
- URI: foo.fr.de.html
- Content-type: text/html;charset=iso-8859-2
- Content-language: fr, de
-

+
URI: foo
+
+URI: foo.en.html
+Content-type: text/html
+Content-language: en
+
+URI: foo.fr.de.html
+Content-type: text/html;charset=iso-8859-2
+Content-language: fr, de
+

Note also that a typemap file will take precedence over the filename's extension, even when Multiviews is on. If a @@ -194,34 +192,32 @@ Negotiation the original) in the type map file. The original file can be assigned its language in the type map without being renamed:

-

- URI: foo
-
- URI: foo.html
- Content-type: text/html
- Content-language: en
-
- URI: foo.fr.html
- Content-type: text/html
- Content-language: fr
-

+
URI: foo
+
+URI: foo.html
+Content-type: text/html
+Content-language: en
+
+URI: foo.fr.html
+Content-type: text/html
+Content-language: fr
+

If the variants have different source qualities, that may be indicated by the "qs" parameter to the media type, as in this picture (available as JPEG, GIF, or ASCII-art):

-

- URI: foo
-
- URI: foo.jpeg
- Content-type: image/jpeg; qs=0.8
-
- URI: foo.gif
- Content-type: image/gif; qs=0.5
-
- URI: foo.txt
- Content-type: text/plain; qs=0.01
-

+
URI: foo
+
+URI: foo.jpeg
+Content-type: image/jpeg; qs=0.8
+
+URI: foo.gif
+Content-type: image/gif; qs=0.5
+
+URI: foo.txt
+Content-type: text/plain; qs=0.01
+

qs values can vary in the range 0.000 to 1.000. Note that any variant with a qs value of 0.000 will never be chosen. diff --git a/docs/manual/content-negotiation.html.fr.utf8 b/docs/manual/content-negotiation.html.fr.utf8 index 66a426185e..7c82a2daa4 100644 --- a/docs/manual/content-negotiation.html.fr.utf8 +++ b/docs/manual/content-negotiation.html.fr.utf8 @@ -29,6 +29,8 @@  ko  |  tr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.

Apache HTTPD prend en charge la négociation de diff --git a/docs/manual/content-negotiation.xml.fr b/docs/manual/content-negotiation.xml.fr index 5d861bd5ae..9616242fe3 100644 --- a/docs/manual/content-negotiation.xml.fr +++ b/docs/manual/content-negotiation.xml.fr @@ -3,7 +3,7 @@ - + + + + + diff --git a/docs/manual/custom-error.xml.fr b/docs/manual/custom-error.xml.fr index 999f5cf36c..1cc88c2468 100644 --- a/docs/manual/custom-error.xml.fr +++ b/docs/manual/custom-error.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/custom-error.xml.ja b/docs/manual/custom-error.xml.ja index 4183f03191..457df8524a 100644 --- a/docs/manual/custom-error.xml.ja +++ b/docs/manual/custom-error.xml.ja @@ -1,7 +1,7 @@ - + + + + - + + + + + diff --git a/docs/manual/env.xml.ja b/docs/manual/env.xml.ja index 1440458b29..4ada48754b 100644 --- a/docs/manual/env.xml.ja +++ b/docs/manual/env.xml.ja @@ -1,7 +1,7 @@ - + + + + + diff --git a/docs/manual/glossary.xml.fr b/docs/manual/glossary.xml.fr index e00f722e3e..abbd145789 100644 --- a/docs/manual/glossary.xml.fr +++ b/docs/manual/glossary.xml.fr @@ -3,7 +3,7 @@ - + + + + -Apache Tutorial: Dynamic Content with CGI - Apache HTTP Server Version 2.5 +Apache HTTP Server Tutorial: Dynamic Content with CGI - Apache HTTP Server Version 2.5 @@ -21,7 +21,7 @@

<-
-Apache > HTTP Server > Documentation > Version 2.5 > How-To / Tutorials

Apache Tutorial: Dynamic Content with CGI

+Apache > HTTP Server > Documentation > Version 2.5 > How-To / Tutorials

Apache HTTP Server Tutorial: Dynamic Content with CGI

Available Languages:  en  |  es  | @@ -31,7 +31,7 @@

top
-

Configuring Apache to permit CGI

+

Configuring httpd to permit CGI

In order to get your CGI programs to work properly, you'll - need to have Apache configured to permit CGI execution. There + need to have httpd configured to permit CGI execution. There are several ways to do this.

-
Note: If Apache has been built with shared module +
Note: If httpd has been built with shared module support you need to ensure that the module is loaded; in your httpd.conf you need to make sure the LoadModule @@ -86,8 +86,8 @@

The ScriptAlias - directive tells Apache that a particular directory is set - aside for CGI programs. Apache will assume that every file in + directive tells httpd that a particular directory is set + aside for CGI programs. httpd will assume that every file in this directory is a CGI program, and will attempt to execute it, when that particular resource is requested by a client.

@@ -99,7 +99,7 @@

The example shown is from your default httpd.conf - configuration file, if you installed Apache in the default + configuration file, if you installed httpd in the default location. The ScriptAlias directive is much like the Alias directive, which defines a URL prefix that is to mapped to a particular directory. Alias @@ -108,18 +108,18 @@ Alias and ScriptAlias is that ScriptAlias has the added meaning that everything under that URL prefix will be considered a CGI - program. So, the example above tells Apache that any request for a + program. So, the example above tells httpd that any request for a resource beginning with /cgi-bin/ should be served from the directory /usr/local/apache2/cgi-bin/, and should be treated as a CGI program.

For example, if the URL http://www.example.com/cgi-bin/test.pl - is requested, Apache will attempt to execute the file + is requested, httpd will attempt to execute the file /usr/local/apache2/cgi-bin/test.pl and return the output. Of course, the file will have to exist, and be executable, and return output in a particular - way, or Apache will return an error message.

+ way, or httpd will return an error message.

CGI outside of ScriptAlias directories

@@ -154,7 +154,7 @@ </Directory> -

The above directive tells Apache to permit the execution +

The above directive tells httpd to permit the execution of CGI files. You will also need to tell the server what files are CGI files. The following AddHandler directive tells the server to treat all files with the cgi or pl extension as CGI @@ -237,7 +237,7 @@ print "Hello, World.";

Even if you are not familiar with Perl, you should be able - to see what is happening here. The first line tells Apache + to see what is happening here. The first line tells httpd (or whatever shell you happen to be running under) that this program can be executed by feeding the file to the interpreter found at the location /usr/bin/perl. @@ -276,19 +276,19 @@ print "Hello, World.";

The source code of your CGI program or a "POST Method Not Allowed" message
-
That means that you have not properly configured Apache +
That means that you have not properly configured httpd to process your CGI program. Reread the section on configuring - Apache and try to find what you missed.
+ httpd and try to find what you missed.
A message starting with "Forbidden"
That means that there is a permissions problem. Check the - Apache error log and the section below on + httpd error log and the section below on file permissions.
A message saying "Internal Server Error"
If you check the - Apache error log, you will probably + httpd error log, you will probably find that it says "Premature end of script headers", possibly along with an error message generated by your CGI program. In this case, you will want to @@ -357,7 +357,7 @@ print "Hello, World.";

If your CGI program depends on non-standard environment variables, you will need to - assure that those variables are passed by Apache.

+ assure that those variables are passed by httpd.

When you miss HTTP headers from the environment, make sure they are formatted according to @@ -384,12 +384,12 @@ print "Hello, World.";

(Do not call the perl interpreter. The shell - and Apache should find the interpreter using the path information on the first line of + and httpd should find the interpreter using the path information on the first line of the script.)

The first thing you see written by your program should be a set of HTTP headers, including the Content-Type, - followed by a blank line. If you see anything else, Apache will + followed by a blank line. If you see anything else, httpd will return the Premature end of script headers error if you try to run it through the server. See Writing a CGI program above for more details.

@@ -419,7 +419,7 @@ print "Hello, World.";

To check if you are using suexec, run apachectl -V and check for the location of SUEXEC_BIN. - If Apache finds an suexec binary there on startup, + If httpd finds an suexec binary there on startup, suexec will be activated.

Unless you fully understand suexec, you should not be using it. @@ -456,7 +456,7 @@ print "Hello, World.";

During the CGI transaction, the server and the browser also set environment variables, so that they can communicate with one another. These are things like the browser type - (Netscape, IE, Lynx), the server type (Apache, IIS, WebSite), + (Chrome, Firefox, Lynx), the server type (Apache httpd, Nginx, IIS), the name of the CGI program that is being run, and so on.

These variables are available to the CGI programmer, and @@ -470,10 +470,10 @@ print "Hello, World."; similar programs are included in the cgi-bin - directory of the Apache distribution. Note that some + directory of the httpd distribution. Note that some variables are required, while others are optional, so you may see some variables listed that were not in the official list. - In addition, Apache provides many different ways for you to + In addition, httpd provides many different ways for you to add your own environment variables to the basic ones provided by default.

@@ -565,8 +565,8 @@ foreach my $key (keys %ENV) { make finding your problem much simpler.

Note that questions about CGI problems should never - be posted to the Apache bug database unless you are sure you - have found a problem in the Apache source code.

+ be posted to the httpd bug database unless you are sure you + have found a problem in the httpd source code.

Available Languages:  en  | diff --git a/docs/manual/howto/cgi.html.fr.utf8 b/docs/manual/howto/cgi.html.fr.utf8 index cf057d1fa0..ed0b1c0791 100644 --- a/docs/manual/howto/cgi.html.fr.utf8 +++ b/docs/manual/howto/cgi.html.fr.utf8 @@ -29,6 +29,8 @@  ja  |  ko 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
  • Introduction
  • Configurer Apache pour autoriser CGI
    • diff --git a/docs/manual/howto/cgi.xml.es b/docs/manual/howto/cgi.xml.es index 3d814a2805..d662c9be7b 100644 --- a/docs/manual/howto/cgi.xml.es +++ b/docs/manual/howto/cgi.xml.es @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/howto/cgi.xml.fr b/docs/manual/howto/cgi.xml.fr index 84aab59b2f..47aa9681d5 100644 --- a/docs/manual/howto/cgi.xml.fr +++ b/docs/manual/howto/cgi.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/howto/cgi.xml.ja b/docs/manual/howto/cgi.xml.ja index 02116af3f7..28894d82ac 100644 --- a/docs/manual/howto/cgi.xml.ja +++ b/docs/manual/howto/cgi.xml.ja @@ -1,7 +1,7 @@ - + + + - + + + + - + + + + + + + diff --git a/docs/manual/mod/core.xml.ja b/docs/manual/mod/core.xml.ja index 184bc1cc72..14668f7152 100644 --- a/docs/manual/mod/core.xml.ja +++ b/docs/manual/mod/core.xml.ja @@ -1,7 +1,7 @@ - + + + diff --git a/docs/manual/mod/mod_auth_form.xml.meta b/docs/manual/mod/mod_auth_form.xml.meta index 66a7abbcd2..ff178f6df2 100644 --- a/docs/manual/mod/mod_auth_form.xml.meta +++ b/docs/manual/mod/mod_auth_form.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_authn_socache.html.en.utf8 b/docs/manual/mod/mod_authn_socache.html.en.utf8 index af13161890..dc2f3f9c30 100644 --- a/docs/manual/mod/mod_authn_socache.html.en.utf8 +++ b/docs/manual/mod/mod_authn_socache.html.en.utf8 @@ -153,9 +153,9 @@ AuthnCacheSOCache dbm

    This directive is not normally necessary: it is implied if authentication caching is enabled anywhere in httpd.conf. However, if it is not enabled anywhere in httpd.conf - it will by default not be initialised, and is therefore not + it will by default not be initialized, and is therefore not available in a .htaccess context. This directive - ensures it is initialised so it can be used in .htaccess.

    + ensures it is initialized so it can be used in .htaccess.

top
diff --git a/docs/manual/mod/mod_authn_socache.html.fr.utf8 b/docs/manual/mod/mod_authn_socache.html.fr.utf8 index 20967aa80b..17a32191ca 100644 --- a/docs/manual/mod/mod_authn_socache.html.fr.utf8 +++ b/docs/manual/mod/mod_authn_socache.html.fr.utf8 @@ -29,6 +29,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
diff --git a/docs/manual/mod/mod_authn_socache.xml.fr b/docs/manual/mod/mod_authn_socache.xml.fr index 4286c31044..ee9d25ef95 100644 --- a/docs/manual/mod/mod_authn_socache.xml.fr +++ b/docs/manual/mod/mod_authn_socache.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/mod/mod_authn_socache.xml.meta b/docs/manual/mod/mod_authn_socache.xml.meta index cdd1381068..8207955704 100644 --- a/docs/manual/mod/mod_authn_socache.xml.meta +++ b/docs/manual/mod/mod_authn_socache.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_authnz_ldap.html.en.utf8 b/docs/manual/mod/mod_authnz_ldap.html.en.utf8 index a22495a646..d61a61d13f 100644 --- a/docs/manual/mod/mod_authnz_ldap.html.en.utf8 +++ b/docs/manual/mod/mod_authnz_ldap.html.en.utf8 @@ -393,8 +393,8 @@ Require ldap-user "Joe Manager"

Because of the way that mod_authnz_ldap handles this - directive, Barbara Jenson could sign on as Barbara - Jenson, Babs Jenson or any other cn that + directive, Barbara Jenson could sign on as Barbara + Jenson, Babs Jenson or any other cn that she has in her LDAP entry. Only the single Require ldap-user line is needed to support all values of the attribute in the user's entry.

@@ -653,13 +653,13 @@ Require valid-user

(&(|(qpagePagerID=*)(uid=jmanager))(uid=fuser))

-

The above search will only succeed if fuser has a - pager. When Joe Manager connects as jmanager, the +

The above search will only succeed if fuser has a + pager. When Joe Manager connects as jmanager, the filter looks like

(&(|(qpagePagerID=*)(uid=jmanager))(uid=jmanager))

-

The above search will succeed whether jmanager +

The above search will succeed whether jmanager has a pager or not.

@@ -672,7 +672,7 @@ Require valid-user

An optional second parameter can be added to the AuthLDAPURL to override the default connection type set by LDAPTrustedMode. - This will allow the connection established by an ldap:// Url + This will allow the connection established by an ldap:// Url to be upgraded to a secure connection on the same port.

top
@@ -680,9 +680,9 @@ Require valid-user

To use SSL, see the mod_ldap directives LDAPTrustedClientCert, LDAPTrustedGlobalCert and LDAPTrustedMode.

-

To specify a secure LDAP server, use ldaps:// in the +

To specify a secure LDAP server, use ldaps:// in the AuthLDAPURL - directive, instead of ldap://.

+ directive, instead of ldap://.

top

Exposing Login Information

@@ -712,12 +712,12 @@ Require valid-user a User Principle Name (UPN) can be added to a user's entry in the directory. This UPN usually takes the form of the user's account name, followed by the domain components of the particular domain, - for example somebody@nz.example.com.

+ for example somebody@nz.example.com.

You may wish to configure the mod_authnz_ldap module to authenticate users present in any of the domains making up the Active Directory forest. In this way both - somebody@nz.example.com and someone@au.example.com + somebody@nz.example.com and someone@au.example.com can be authenticated using the same query at the same time.

To make this practical, Active Directory supports the concept of @@ -729,7 +729,7 @@ Require valid-user

If enabled, the Global Catalog is an independent directory server that runs on port 3268 (3269 for SSL). To search for a user, do a - subtree search for the attribute userPrincipalName, with + subtree search for the attribute userPrincipalName, with an empty search root, like so:

AuthLDAPBindDN apache@example.com
@@ -738,7 +738,7 @@ AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub

Users will need to enter their User Principal Name as a login, in - the form somebody@nz.example.com.

+ the form somebody@nz.example.com.

top
@@ -824,7 +824,7 @@ Require group "mygroupfile"
Description:Gère un cache des données d'authentification pour diminuer la charge des serveurs d'arrière-plan
Statut:Base
- + @@ -833,7 +833,7 @@ authorization
Description:Specifies the prefix for environment variables set during authorization
Syntax:AuthLDAPAuthorizePrefix prefix
Syntax:AuthLDAPAuthorizePrefix prefix
Default:AuthLDAPAuthorizePrefix AUTHORIZE_
Context:directory, .htaccess
Override:AuthConfig
Compatibility:Available in version 2.3.6 and later

This directive allows you to override the prefix used for environment - variables set during LDAP authorization. If AUTHENTICATE_ is + variables set during LDAP authorization. If AUTHENTICATE_ is specified, consumers of these environment variables see the same information whether LDAP has performed authentication, authorization, or both.

@@ -858,7 +858,7 @@ authorization user cannot be mapped to a DN, but not if the user can be mapped to a DN and their password cannot be verified with an LDAP bind. If AuthLDAPBindAuthoritative - is set to off, other configured authentication modules will have + is set to off, other configured authentication modules will have a chance to validate the user if the LDAP bind (with the current user's credentials) fails for any reason.

This allows users present in both LDAP and @@ -876,7 +876,7 @@ authorization

AuthLDAPBindDN Directive

- + @@ -891,12 +891,12 @@ authorization

AuthLDAPBindPassword Directive

Description:Optional DN to use in binding to the LDAP server
Syntax:AuthLDAPBindDN distinguished-name
Syntax:AuthLDAPBindDN distinguished-name
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
- + - +
Description:Password used in conjunction with the bind DN
Syntax:AuthLDAPBindPassword password
Syntax:AuthLDAPBindPassword password
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
Module:mod_authnz_ldap
Compatibility:exec: was added in 2.4.5.
Compatibility:exec: was added in 2.4.5.

A bind password to use in conjunction with the bind DN. Note that the bind password is probably sensitive data, and should be @@ -922,7 +922,7 @@ AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"

AuthLDAPCharsetConfig Directive

- + @@ -961,7 +961,7 @@ AuthLDAPBindPassword "exec:/path/to/otherProgram argument1" and HTTP basic authentication password of the authenticated user instead of the servers configured credentials.

-

The ldap-attribute, ldap-user, and ldap-group (single-level only) +

The ldap-attribute, ldap-user, and ldap-group (single-level only) authorization checks use comparisons.

This directive only has effect on the comparisons performed during @@ -1023,7 +1023,7 @@ AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"

Description:Language to charset conversion configuration file
Syntax:AuthLDAPCharsetConfig file-path
Syntax:AuthLDAPCharsetConfig file-path
Context:server config
Status:Extension
Module:mod_authnz_ldap
- + @@ -1107,7 +1107,7 @@ own username, instead of anonymously or with hard-coded credentials for the serv
Description:LDAP attributes used to identify the user members of groups.
Syntax:AuthLDAPGroupAttribute attribute
Syntax:AuthLDAPGroupAttribute attribute
Default:AuthLDAPGroupAttribute member uniqueMember
Context:directory, .htaccess
Override:AuthConfig
- + @@ -1116,7 +1116,7 @@ to perform a DN lookup
Description:Specifies the transformation of the basic authentication username to be used when binding to the LDAP server to perform a DN lookup
Syntax:AuthLDAPInitialBindPattern regex substitution
Syntax:AuthLDAPInitialBindPattern regex substitution
Default:AuthLDAPInitialBindPattern (.*) $1 (remote username used verbatim)
Context:directory, .htaccess
Override:AuthConfig
Compatibility:Available in version 2.3.6 and later

If AuthLDAPInitialBindAsUser is set to - ON, the basic authentication username will be transformed according to the + ON, the basic authentication username will be transformed according to the regular expression and substitution arguments.

The regular expression argument is compared against the current basic authentication username. @@ -1138,7 +1138,7 @@ to perform a DN lookup

debugging

The substituted DN is recorded in the environment variable - LDAP_BINDASUSER. If the regular expression does not match the input, + LDAP_BINDASUSER. If the regular expression does not match the input, the verbatim username is used.
@@ -1243,7 +1243,7 @@ environment variable and HTTP basic authentication password of the authenticated user instead of the servers configured credentials.

-

The ldap-filter and ldap-dn authorization +

The ldap-filter and ldap-dn authorization checks use searches.

This directive only has effect on the comparisons performed during @@ -1267,7 +1267,7 @@ environment variable Description:Specifies the attribute labels, one value per directive line, used to distinguish the members of the current group that are groups. -Syntax:AuthLDAPSubGroupAttribute attribute +Syntax:AuthLDAPSubGroupAttribute attribute Default:AuthLDAPSubGroupAttribute member uniqueMember Context:directory, .htaccess Override:AuthConfig @@ -1290,7 +1290,7 @@ are groups. - + @@ -1316,7 +1316,7 @@ objects that are groups during sub-group processing.

AuthLDAPURL Directive

Description:Specifies which LDAP objectClass values identify directory objects that are groups during sub-group processing.
Syntax:AuthLDAPSubGroupClass LdapObjectClass
Syntax:AuthLDAPSubGroupClass LdapObjectClass
Default:AuthLDAPSubGroupClass groupOfNames groupOfUniqueNames
Context:directory, .htaccess
Override:AuthConfig
- + @@ -1328,9 +1328,11 @@ objects that are groups during sub-group processing.

If you want to specify more than one LDAP URL that Apache should try in turn, the syntax is:

AuthLDAPURL "ldap://ldap1.example.com ldap2.example.com/dc=..."
-

Caveat: If you specify multiple servers, you need to enclose the entire URL string in quotes; -otherwise you will get an error: "AuthLDAPURL takes one argument, URL to define LDAP connection.." +

Caveat

+

If you specify multiple servers, you need to enclose the entire URL string in quotes; +otherwise you will get an error: "AuthLDAPURL takes one argument, URL to define LDAP connection.." You can of course use search parameters on each of these.

+
ldap
@@ -1407,7 +1409,7 @@ You can of course use search parameters on each of these.

When doing searches, the attribute, filter and username passed by the HTTP client are combined to create a search filter that looks like - (&(filter)(attribute=username)).

+ (&(filter)(attribute=username)).

For example, consider an URL of ldap://ldap.example.com/o=Example?cn?sub?(posixid=*). When diff --git a/docs/manual/mod/mod_authnz_ldap.html.fr.utf8 b/docs/manual/mod/mod_authnz_ldap.html.fr.utf8 index 153f2339d7..69a0aa6c04 100644 --- a/docs/manual/mod/mod_authnz_ldap.html.fr.utf8 +++ b/docs/manual/mod/mod_authnz_ldap.html.fr.utf8 @@ -433,7 +433,7 @@ Require ldap-user "Joe Manager"

De par la manière dont mod_authnz_ldap traite cette directive, Barbara Jenson peut s'authentifier comme - Barbara Jenson, Babs Jenson ou tout autre + Barbara Jenson, Babs Jenson ou tout autre cn sous lequel elle est enregistrée dans l'annuaire LDAP. Une seule ligne Require ldap-user suffit pour toutes les valeurs de l'attribut dans l'entrée LDAP de @@ -719,14 +719,14 @@ Require valid-user

(&(|(qpagePagerID=*)(uid=jmanager))(uid=fuser))

Un recherche avec le filtre ci-dessus ne retournera un - résultat positif que si fuser dispose d'un bippeur. Si - Joe Manager se connecte en tant que jmanager, le filtre + résultat positif que si fuser dispose d'un bippeur. Si + Joe Manager se connecte en tant que jmanager, le filtre devra ressembler à :

(&(|(qpagePagerID=*)(uid=jmanager))(uid=jmanager))

Un recherche avec le filtre ci-dessus retournera un - résultat positif que jmanager dispose d'un + résultat positif que jmanager dispose d'un bippeur ou non

@@ -742,7 +742,7 @@ Require valid-user remplacer le type de connexion par défaut défini par la directive LDAPTrustedMode. Ceci permettra de promouvoir la connexion établie via une URL du type - ldap:// au statut de connection sécurisée sur le même + ldap:// au statut de connection sécurisée sur le même port.

top
@@ -752,8 +752,8 @@ Require valid-user mod_ldap LDAPTrustedClientCert, LDAPTrustedGlobalCert et LDAPTrustedMode.

Pour spécifier un serveur LDAP sécurisé, utilisez - ldaps:// au lieu de - ldap:// dans la directive AuthLDAPURL.

+ ldaps:// au lieu de + ldap:// dans la directive AuthLDAPURL.

top

Mise à disposition des informations de @@ -787,13 +787,13 @@ Directory mod_authnz_ldap afin de pouvoir authentifier les utilisateurs de n'importe quel domaine de la forêt Active Directory. - Ainsi, untel@nz.example.com et - untel@au.example.com pourront être authentifiés en une + Ainsi, untel@nz.example.com et + untel@au.example.com> pourront être authentifiés en une seule fois par la même requête.

Pour y parvenir, on utilise le concept de Catalogue Global @@ -807,7 +807,7 @@ Directory

top
@@ -909,7 +909,7 @@ Require group "mygroupfile"
Description:URL specifying the LDAP search parameters
Syntax:AuthLDAPURL url [NONE|SSL|TLS|STARTTLS]
Syntax:AuthLDAPURL url [NONE|SSL|TLS|STARTTLS]
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
- + @@ -919,7 +919,7 @@ durant la phase d'autorisation
Description:Spécifie le préfixe ajouté aux variables d'environnement durant la phase d'autorisation
Syntaxe:AuthLDAPAuthorizePrefix préfixe
Syntaxe:AuthLDAPAuthorizePrefix préfixe
Défaut:AuthLDAPAuthorizePrefix AUTHORIZE_
Contexte:répertoire, .htaccess
Surcharges autorisées:AuthConfig

Cette directive permet de spécifier le préfixe ajouté aux variables d'environnement durant la phase d'autorisation. Si la - valeur spécifiée est AUTHENTICATE_, les utilisateurs de ces + valeur spécifiée est AUTHENTICATE_, les utilisateurs de ces variables d'environnement verront les mêmes informations, que le serveur effectue une authentification, une autorisation, ou les deux.

@@ -950,7 +950,7 @@ DN. l'utilisateur possède un DN et si son mot de passe ne peut pas être vérifié lors d'une connexion au serveur LDAP. Si la directive AuthLDAPBindAuthoritative est - définie à off, d'autres modules d'authentification + définie à off, d'autres modules d'authentification configurés auront une chance de valider le mot de passe de l'utilisateur si la tentative de connexion au serveur LDAP échoue pour une raison quelconque (avec les données d'authentification @@ -972,7 +972,7 @@ DN. - + @@ -989,12 +989,12 @@ LDAP
Description:Un DN optionnel pour se connecter au serveur LDAP
Syntaxe:AuthLDAPBindDN dn
Syntaxe:AuthLDAPBindDN dn
Contexte:répertoire, .htaccess
Surcharges autorisées:AuthConfig
Statut:Extension
- + -
Description:Mot de passe à utiliser en conjonction avec le DN de connexion
Syntaxe:AuthLDAPBindPassword mot-de-passe
Syntaxe:AuthLDAPBindPassword mot-de-passe
Contexte:répertoire, .htaccess
Surcharges autorisées:AuthConfig
Statut:Extension
Module:mod_authnz_ldap
Compatibilité:exec: est disponible depuis la version 2.4.5 du +
Compatibilité:exec: est disponible depuis la version 2.4.5 du serveur HTTP Apache.

Cette directive permet de spécifier un mot de passe à utiliser en @@ -1026,7 +1026,7 @@ AuthLDAPBindPassword "exec:/path/to/otherProgram argument1" - + @@ -1072,8 +1072,8 @@ pour effectuer les comparaisons pour l'attribution des autorisations l'utilisateur authentifié au lieu des données d'authentification configurées au niveau du serveur.

-

Les vérifications d'autorisation ldap-attribute, - ldap-user, et ldap-group (niveau simple seulement) +

Les vérifications d'autorisation ldap-attribute, + ldap-user, et ldap-group (niveau simple seulement) utilisent des comparaisons.

Cette directive n'a d'effet sur les comparaisons effectuées au @@ -1139,7 +1139,7 @@ alias

Description:Chemin du fichier de configuration de la correspondance langage/jeu de caractères
Syntaxe:AuthLDAPCharsetConfig chemin-fichier
Syntaxe:AuthLDAPCharsetConfig chemin-fichier
Contexte:configuration globale
Statut:Extension
Module:mod_authnz_ldap
- + @@ -1229,7 +1229,7 @@ codées en dur pour le serveur - + @@ -1239,7 +1239,7 @@ distant utilisé tel quel)
Description:L'attribut LDAP utilisé pour vérifier l'appartenance d'un utilisateur à un groupe.
Syntaxe:AuthLDAPGroupAttribute attribut
Syntaxe:AuthLDAPGroupAttribute attribut
Défaut:AuthLDAPGroupAttribute member uniqueMember
Contexte:répertoire, .htaccess
Surcharges autorisées:AuthConfig
Description:Spécifie la modification a apporter au nom d'utilisateur pour l'authentification de base lors de l'authentification auprès du serveur LDAP pour effectuer une recherche de DN
Syntaxe:AuthLDAPInitialBindPattern regex substitution
Syntaxe:AuthLDAPInitialBindPattern regex substitution
Défaut:AuthLDAPInitialBindPattern (.*) $1 (nom de l'utilisateur distant utilisé tel quel)
Contexte:répertoire, .htaccess
Compatibilité:Disponible depuis la version 2.3.6

Si la directive AuthLDAPInitialBindAsUser est - définie à ON, le nom utilisateur pour l'authentification de + définie à ON, le nom utilisateur pour l'authentification de base sera transformé selon l'expression rationnelle regex et l'argument substitution spécifiés.

@@ -1265,7 +1265,7 @@ distant utilisé tel quel)

Débogage

Le DN de substitution est enregistré dans la variable - d'environnement LDAP_BINDASUSER. Si l'expression + d'environnement LDAP_BINDASUSER. Si l'expression rationnelle ne convient pas, le nom d'utilisateur est utilisé tel quel.
@@ -1382,8 +1382,8 @@ pour la recherche des autorisations base HTTP de l'utilisateur authentifié, au lieu des données d'authentification configurées au niveau du serveur.

-

Les vérifications d'autorisation ldap-filter et - ldap-dn utilisent des recherches.

+

Les vérifications d'autorisation ldap-filter et + ldap-dn utilisent des recherches.

Cette directive n'a d'effet sur les comparaisons effectuées au cours des traitements de groupe imbriqués, et lorsque la directive @@ -1408,7 +1408,7 @@ pour la recherche des autorisations Description:Spécifie les noms d'attribut, un par directive, utilisés pour différencier les membres du groupe courant qui sont eux-mêmes des groupes. -Syntaxe:AuthLDAPSubGroupAttribute attribut +Syntaxe:AuthLDAPSubGroupAttribute attribut Défaut:AuthLDAPSubgroupAttribute member uniqueMember Contexte:répertoire, .htaccess Surcharges autorisées:AuthConfig @@ -1434,7 +1434,7 @@ Apache Description:Spécifie quelles valeurs d'objectClass LDAP identifient les objets de l'annuaire qui sont des groupes au cours du traitement des sous-groupes. -Syntaxe:AuthLDAPSubGroupClass ObjectClass-LDAP +Syntaxe:AuthLDAPSubGroupClass ObjectClass-LDAP Défaut:AuthLDAPSubGroupClass groupOfNames groupOfUniqueNames Contexte:répertoire, .htaccess Surcharges autorisées:AuthConfig @@ -1464,7 +1464,7 @@ Apache

Directive AuthLDAPURL

- + diff --git a/docs/manual/mod/mod_autoindex.html.en.utf8 b/docs/manual/mod/mod_autoindex.html.en.utf8 index e330d6b6f5..1f93f37c68 100644 --- a/docs/manual/mod/mod_autoindex.html.en.utf8 +++ b/docs/manual/mod/mod_autoindex.html.en.utf8 @@ -805,7 +805,7 @@ indexing directive, the module usually includes the contents of the file after a standard HTML preamble (<html>, <head>, et cetera). The - SuppressHTMLPreamble option disables this behaviour, + SuppressHTMLPreamble option disables this behavior, causing the module to start the display with the header file contents. The header file must contain appropriate HTML instructions in this case. If there is no header file, the preamble is generated diff --git a/docs/manual/mod/mod_autoindex.html.fr.utf8 b/docs/manual/mod/mod_autoindex.html.fr.utf8 index e51a52de7a..ed16110659 100644 --- a/docs/manual/mod/mod_autoindex.html.fr.utf8 +++ b/docs/manual/mod/mod_autoindex.html.fr.utf8 @@ -578,16 +578,37 @@ de l'index d'un répertoire
Description:URL specifying the LDAP search parameters
Syntaxe:AuthLDAPURL url [NONE|SSL|TLS|STARTTLS]
Syntaxe:AuthLDAPURL url [NONE|SSL|TLS|STARTTLS]
Contexte:répertoire, .htaccess
Surcharges autorisées:AuthConfig
Statut:Extension

La directive IndexIgnore permet d'effectuer des ajouts à la liste des fichiers à cacher lors de - l'affichage de l'index d'un répertoire. fichier est une - expression avec caractères génériques de style shell ou un nom de - fichier complet. Plusieurs directives IndexIgnore effectuent des - ajouts à la liste, et ne remplacent pas la liste des fichiers à - ignorer. Par défaut, la liste contient . (le répertoire - courant).

+ l'affichage de l'index d'un répertoire. fichier est un nom de + fichier ou un motif qui peut contenir les caractères génériques + ? et *. ? correspond à tout caractère + unique et * à toute chaîne de caractères, y compris la + chaîne vide. Des directives IndexIgnore multiples ajoutent des + éléments à la liste des fichiers à ignorer au lieu de remplacer cette + dernière. Par défaut, la liste contient . (le répertoire + actuel).

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+

Si fichier contient un caractère /, seule la + partie après le dernier / est utilisée pour la recherche de + correspondance avec les noms de fichier. Par exemple, */.??* + est équivalent à .??*.

+ +

Différences avec les motifs à caractères génériques du shell

+

La recherche de correspondance avec caractères génériques utilisée ici + n’est pas la même que la recherche de correspondance de motifs de + noms de fichier dans le style du shell (glob). En particulier :

+
    +
  • Les expressions entre crochets telles que [abc] ou + [!.] ne sont pas prises en charge ; elles sont traitées + comme des caractères littéraux.
    • +
  • Un point en début de nom de fichier n’est pas traité de manière + particulière. Par exemple, *~ correspondra avec + .example~, alors que ce ne sera pas le cas avec le shell.
    • +
+
+

Expressions rationnelles

Cette directive est actuellement incompatible avec les sections de configuration qui comportent des arguments avec expressions @@ -968,6 +989,17 @@ répertoire Cette option n'a d'effet que si FancyIndexing est aussi activé. + +

None
+ +
Le mot-clé None désactive toutes les options d’indexation + pour le répertoire. Aucune fonctionnalité d’indexation fantaisiste ne sera + activée. +
None ne peut pas être préfixé par + ou + -, et il ne peut être combiné avec aucun autre mot-clé de la + directive IndexOptions. Si None est + spécifié, il doit s’agir de la seule option présente.
+
diff --git a/docs/manual/mod/mod_autoindex.xml.fr b/docs/manual/mod/mod_autoindex.xml.fr index 2540b6c46b..98eb56c422 100644 --- a/docs/manual/mod/mod_autoindex.xml.fr +++ b/docs/manual/mod/mod_autoindex.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/mod/mod_autoindex.xml.ja b/docs/manual/mod/mod_autoindex.xml.ja index 908f63db11..41abc80757 100644 --- a/docs/manual/mod/mod_autoindex.xml.ja +++ b/docs/manual/mod/mod_autoindex.xml.ja @@ -1,7 +1,7 @@ - + + + + diff --git a/docs/manual/mod/mod_cache.xml.ja b/docs/manual/mod/mod_cache.xml.ja index 0b5a304ae4..00708a4b41 100644 --- a/docs/manual/mod/mod_cache.xml.ja +++ b/docs/manual/mod/mod_cache.xml.ja @@ -1,7 +1,7 @@ - + + + diff --git a/docs/manual/mod/mod_dir.html.en.utf8 b/docs/manual/mod/mod_dir.html.en.utf8 index d3eac8e8f0..e176d67768 100644 --- a/docs/manual/mod/mod_dir.html.en.utf8 +++ b/docs/manual/mod/mod_dir.html.en.utf8 @@ -194,7 +194,7 @@ a directory

The argument can be:

  • on: issues a 302 redirection to the index resource.
    • -
  • off: does not issue a redirection. This is the legacy behaviour of mod_dir.
    • +
  • off: does not issue a redirection. This is the legacy behavior of mod_dir.
  • permanent: issues a 301 (permanent) redirection to the index resource.
  • temp: this has the same effect as on
  • seeother: issues a 303 redirection (also known as "See Other") to the index resource.
    • diff --git a/docs/manual/mod/mod_dir.html.fr.utf8 b/docs/manual/mod/mod_dir.html.fr.utf8 index 4ede94a1b2..22e654d5bc 100644 --- a/docs/manual/mod/mod_dir.html.fr.utf8 +++ b/docs/manual/mod/mod_dir.html.fr.utf8 @@ -32,6 +32,8 @@  ko  |  tr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
diff --git a/docs/manual/mod/mod_dir.xml.fr b/docs/manual/mod/mod_dir.xml.fr index 73b5a19dd8..8fb1888572 100644 --- a/docs/manual/mod/mod_dir.xml.fr +++ b/docs/manual/mod/mod_dir.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/mod/mod_dir.xml.ja b/docs/manual/mod/mod_dir.xml.ja index 11024f22d1..f841801464 100644 --- a/docs/manual/mod/mod_dir.xml.ja +++ b/docs/manual/mod/mod_dir.xml.ja @@ -1,7 +1,7 @@ - + + + + diff --git a/docs/manual/mod/mod_filter.xml.meta b/docs/manual/mod/mod_filter.xml.meta index 57da411bff..0e2fde742c 100644 --- a/docs/manual/mod/mod_filter.xml.meta +++ b/docs/manual/mod/mod_filter.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_firehose.html.en.utf8 b/docs/manual/mod/mod_firehose.html.en.utf8 index c7f10f5a3f..d8ec06cd5b 100644 --- a/docs/manual/mod/mod_firehose.html.en.utf8 +++ b/docs/manual/mod/mod_firehose.html.en.utf8 @@ -38,7 +38,7 @@

mod_firehose provides a mechanism to record data being passed between the httpd server and the client at the raw connection level to either a file or a pipe in such a way that the - data can be analysed or played back to the server at a future date. + data can be analyzed or played back to the server at a future date. It can be thought of as "tcpdump for httpd".

Connections are recorded after the SSL has been stripped, and can @@ -99,7 +99,7 @@ webserver has been built against APR v2.0 or later, and an optional "nonblock" parameter is specified all file writes will be non blocking, and buffer overflows will cause debugging data to be lost. - In this case it is possible to prioritise the running of the server + In this case it is possible to prioritize the running of the server over the recording of firehose data.

top
diff --git a/docs/manual/mod/mod_firehose.html.fr.utf8 b/docs/manual/mod/mod_firehose.html.fr.utf8 index 0cdc6f554b..ab82cbf1dc 100644 --- a/docs/manual/mod/mod_firehose.html.fr.utf8 +++ b/docs/manual/mod/mod_firehose.html.fr.utf8 @@ -29,6 +29,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
Description:Permet la redirection des adresses se terminant par un répertoire sans slash de fin et la mise à disposition des fichiers index de répertoire
diff --git a/docs/manual/mod/mod_firehose.xml.fr b/docs/manual/mod/mod_firehose.xml.fr index d0b7f54d62..8a43fb81c8 100644 --- a/docs/manual/mod/mod_firehose.xml.fr +++ b/docs/manual/mod/mod_firehose.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/mod/mod_firehose.xml.meta b/docs/manual/mod/mod_firehose.xml.meta index a4d9b06666..6be9ffa3ac 100644 --- a/docs/manual/mod/mod_firehose.xml.meta +++ b/docs/manual/mod/mod_firehose.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_http2.html.en.utf8 b/docs/manual/mod/mod_http2.html.en.utf8 index bd567dd5c0..7838e82b1d 100644 --- a/docs/manual/mod/mod_http2.html.en.utf8 +++ b/docs/manual/mod/mod_http2.html.en.utf8 @@ -544,7 +544,7 @@
top

H2OutputBuffering Directive

Description:Multiplexage des entrées/sorties vers un fichier ou un pipe.
Statut:Extension
Identificateur de Module:firehose_module
- + @@ -554,7 +554,7 @@
Description:Determine buffering behaviour of output
Description:Determine buffering behavior of output
Syntax:H2OutputBuffering on|off
Default:H2OutputBuffering on
Context:server config, virtual host

The directive H2OutputBuffering controls the buffering of stream output. - The default is on, which is the behaviour of previous versions. When off, all + The default is on, which is the behavior of previous versions. When off, all bytes are made available immediately to the main connection for sending them out to the client. This fixes interop issues with certain flavours of gRPC.

@@ -573,7 +573,7 @@

With the default 0, no padding bytes are added to any payload - frames, e.g. HEADERS, DATA and PUSH_PROMISE. This is the behaviour + frames, e.g. HEADERS, DATA and PUSH_PROMISE. This is the behavior of previous versions. It means that under certain conditions, an observer of network traffic can see the length of those frames in the TLS stream. diff --git a/docs/manual/mod/mod_http2.html.fr.utf8 b/docs/manual/mod/mod_http2.html.fr.utf8 index 250ab8a3c1..a897b54d35 100644 --- a/docs/manual/mod/mod_http2.html.fr.utf8 +++ b/docs/manual/mod/mod_http2.html.fr.utf8 @@ -29,6 +29,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
@@ -344,7 +346,7 @@
Description:Support de la couche transport HTTP/2
Statut:Extension
Identificateur de Module:http2_module
- + @@ -359,7 +361,7 @@ et ils ont pour but principal d'envoyer des informations de "préchargement" aux navigateurs clients.

- name et value doivent être des champs + name et value doivent être des champs d'en-tête HTTP valables sous peine de provoquer des échecs de réponse. La directive H2EarlyHints doit encore être activée pour permettre l'envoi de réponses @@ -402,7 +404,7 @@

Directive H2MaxDataFrameLen

Description:Ajoute un en-tête de réponse à consulter dans le code de retour 103 Early Hints
Syntaxe:H2EarlyHint name value
Syntaxe:H2EarlyHint name value
Contexte:configuration globale, serveur virtuel, répertoire, .htaccess
Statut:Extension
Module:mod_http2
- + @@ -428,7 +430,7 @@

Directive H2MaxHeaderBlockLen

Description:Nombre maximal d'octets dans une trame HTTP/2 DATA
Syntaxe:H2MaxDataFrameLen n
Syntaxe:H2MaxDataFrameLen n
Défaut:H2MaxDataFrameLen 0
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -453,7 +455,7 @@

Directive H2MaxSessionStreams

Description:Taille maximale des en-têtes d’une réponse
Syntaxe:H2MaxHeaderBlockLen n
Syntaxe:H2MaxHeaderBlockLen n
Défaut:H2MaxHeaderBlockLen 0
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -473,7 +475,7 @@

Directive H2MaxStreamErrors

Description:Nombre maximal de flux actifs par session HTTP/2.
Syntaxe:H2MaxSessionStreams n
Syntaxe:H2MaxSessionStreams n
Défaut:H2MaxSessionStreams 100
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -502,7 +504,7 @@
Description:Nombre maximal toléré d’erreurs dues au client
Syntaxe:H2MaxStreamErrors n
Syntaxe:H2MaxStreamErrors n
Défaut:H2MaxStreamErrors 8
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -524,7 +526,7 @@
Description:Nombre maximal de secondes pendant lequel une unité de traitement h2 pourra rester inactive sans être arrêtée.
Syntaxe:H2MaxWorkerIdleSeconds n
Syntaxe:H2MaxWorkerIdleSeconds n
Défaut:H2MaxWorkerIdleSeconds 600
Contexte:configuration globale
Statut:Extension
- + @@ -550,7 +552,7 @@
Description:Nombre maximal de threads à utiliser pour chaque processus enfant.
Syntaxe:H2MaxWorkers n
Syntaxe:H2MaxWorkers n
Contexte:configuration globale
Statut:Extension
Module:mod_http2
- + @@ -642,7 +644,7 @@
Description:Nombre minimal de threads à utiliser pour chaque processus enfant.
Syntaxe:H2MinWorkers n
Syntaxe:H2MinWorkers n
Contexte:configuration globale
Statut:Extension
Module:mod_http2
- + @@ -784,7 +786,7 @@

Directive H2PushDiarySize

Description:Spécifie un intervalle de nombres d'octets de bourrage à ajouter aux trames utiles
Syntaxe:H2Padding numbits
Syntaxe:H2Padding numbits
Défaut:H2Padding 0
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -820,7 +822,7 @@

Directive H2PushPriority

Description:Taille du journal des Pushes H2
Syntaxe:H2PushDiarySize n
Syntaxe:H2PushDiarySize n
Défaut:H2PushDiarySize 256
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -952,7 +954,7 @@ H2PushPriority text/css interleaved # poids de 256 par défaut

Directive H2PushResource

Description:Priorité des pushes H2
Syntaxe:H2PushPriority mime-type [after|before|interleaved] [weight]
Syntaxe:H2PushPriority mime-type [after|before|interleaved] [weight]
Défaut:H2PushPriority * After 16
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -1018,7 +1020,7 @@ H2PushPriority text/css interleaved # poids de 256 par défaut
Description:Déclare des ressources à proposer ("pusher") au client
Syntaxe:H2PushResource [add] path [critical]
Syntaxe:H2PushResource [add] path [critical]
Contexte:configuration globale, serveur virtuel, répertoire, .htaccess
Surcharges autorisées:FileInfo
Statut:Extension
- + @@ -1063,7 +1065,7 @@ H2PushPriority text/css interleaved # poids de 256 par défaut
Description:Quantité maximale de données en sortie mises en tampon par flux.
Syntaxe:H2StreamMaxMemSize bytes
Syntaxe:H2StreamMaxMemSize bytes
Défaut:H2StreamMaxMemSize 65536
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -1110,7 +1112,7 @@ H2PushPriority text/css interleaved # poids de 256 par défaut
Description:Durée d'inactivité d'une connexion TLS avant diminution de la taille des paquets
Syntaxe:H2TLSCoolDownSecs seconds
Syntaxe:H2TLSCoolDownSecs seconds
Défaut:H2TLSCoolDownSecs 1
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + @@ -1249,7 +1251,7 @@ H2PushPriority text/css interleaved # poids de 256 par défaut
Description:Taille des paquets durant la phase initiale de la connexion TLS
Syntaxe:H2TLSWarmUpSize amount
Syntaxe:H2TLSWarmUpSize amount
Défaut:H2TLSWarmUpSize 1048576
Contexte:configuration globale, serveur virtuel
Statut:Extension
- + diff --git a/docs/manual/mod/mod_http2.xml.fr b/docs/manual/mod/mod_http2.xml.fr index 232bace09b..ea62be0f18 100644 --- a/docs/manual/mod/mod_http2.xml.fr +++ b/docs/manual/mod/mod_http2.xml.fr @@ -1,7 +1,7 @@ - + + diff --git a/docs/manual/mod/mod_include.xml.ja b/docs/manual/mod/mod_include.xml.ja index ccbbbd4717..8d616ca982 100644 --- a/docs/manual/mod/mod_include.xml.ja +++ b/docs/manual/mod/mod_include.xml.ja @@ -1,7 +1,7 @@ - + - + + + + + diff --git a/docs/manual/mod/mod_proxy_http.xml.meta b/docs/manual/mod/mod_proxy_http.xml.meta index 3b8e7db295..3fa6899dfa 100644 --- a/docs/manual/mod/mod_proxy_http.xml.meta +++ b/docs/manual/mod/mod_proxy_http.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_proxy_scgi.html.en.utf8 b/docs/manual/mod/mod_proxy_scgi.html.en.utf8 index 97291597a3..1bbf8716f4 100644 --- a/docs/manual/mod/mod_proxy_scgi.html.en.utf8 +++ b/docs/manual/mod/mod_proxy_scgi.html.en.utf8 @@ -88,7 +88,7 @@

Environment Variables

In addition to the configuration directives that control the - behaviour of mod_proxy, an environment + behavior of mod_proxy, an environment variable may also control the SCGI protocol provider:

@@ -157,7 +157,7 @@ header optimizations, which are not possible if the file comes over the backend socket. Additionally, the file contents are not transmitted twice.

The ProxySCGISendfile argument determines the - gateway behaviour:

+ gateway behavior:

Off
No special handling takes place.
diff --git a/docs/manual/mod/mod_proxy_scgi.html.fr.utf8 b/docs/manual/mod/mod_proxy_scgi.html.fr.utf8 index 616a2ffa52..75afd55a33 100644 --- a/docs/manual/mod/mod_proxy_scgi.html.fr.utf8 +++ b/docs/manual/mod/mod_proxy_scgi.html.fr.utf8 @@ -29,6 +29,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
Description:Taille maximale des paquets de données pour les transmissions client vers serveur.
Syntaxe:H2WindowSize bytes
Syntaxe:H2WindowSize bytes
Défaut:H2WindowSize 65535
Contexte:configuration globale, serveur virtuel
Statut:Extension
diff --git a/docs/manual/mod/mod_proxy_scgi.xml.fr b/docs/manual/mod/mod_proxy_scgi.xml.fr index cc6eeb875d..5cf6c91cac 100644 --- a/docs/manual/mod/mod_proxy_scgi.xml.fr +++ b/docs/manual/mod/mod_proxy_scgi.xml.fr @@ -1,7 +1,7 @@  - + diff --git a/docs/manual/mod/mod_proxy_scgi.xml.meta b/docs/manual/mod/mod_proxy_scgi.xml.meta index a125bc5ade..2f16230aa2 100644 --- a/docs/manual/mod/mod_proxy_scgi.xml.meta +++ b/docs/manual/mod/mod_proxy_scgi.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_session.html.en.utf8 b/docs/manual/mod/mod_session.html.en.utf8 index 89c67fed87..ebf963d26c 100644 --- a/docs/manual/mod/mod_session.html.en.utf8 +++ b/docs/manual/mod/mod_session.html.en.utf8 @@ -209,7 +209,7 @@ SessionHeader X-Replace-Session

Using the "show cookies" feature of your browser, you would have seen a clear text representation of the session. This could potentially be a problem should the end user need to be kept unaware of the contents of - the session, or where a third party could gain unauthorised access to the + the session, or where a third party could gain unauthorized access to the data within the session.

The contents of the session can be optionally encrypted before being diff --git a/docs/manual/mod/mod_session.html.fr.utf8 b/docs/manual/mod/mod_session.html.fr.utf8 index fd6046101f..545d1b2285 100644 --- a/docs/manual/mod/mod_session.html.fr.utf8 +++ b/docs/manual/mod/mod_session.html.fr.utf8 @@ -29,6 +29,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
Description:Module fournissant le support de la passerelle SCGI à mod_proxy
Statut:Extension
diff --git a/docs/manual/mod/mod_session.xml.fr b/docs/manual/mod/mod_session.xml.fr index 551d573aba..10addd2da8 100644 --- a/docs/manual/mod/mod_session.xml.fr +++ b/docs/manual/mod/mod_session.xml.fr @@ -1,7 +1,7 @@ - + + diff --git a/docs/manual/mod/mod_socache_memcache.xml.meta b/docs/manual/mod/mod_socache_memcache.xml.meta index 7b6d723f5b..0e5c8aaeb2 100644 --- a/docs/manual/mod/mod_socache_memcache.xml.meta +++ b/docs/manual/mod/mod_socache_memcache.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/mod_ssl.html.en.utf8 b/docs/manual/mod/mod_ssl.html.en.utf8 index 6ac849d330..d104a688ee 100644 --- a/docs/manual/mod/mod_ssl.html.en.utf8 +++ b/docs/manual/mod/mod_ssl.html.en.utf8 @@ -168,30 +168,30 @@ compatibility variables.

- - - - + + + + - + - + - + - - - - + + + + - + @@ -214,9 +214,9 @@ compatibility variables.

Description:Support des sessions
Statut:Extension
Identificateur de Module:session_module
SSL_CLIENT_M_VERSION string The version of the client certificate
SSL_CLIENT_M_SERIAL string The serial of the client certificate
SSL_CLIENT_S_DN string Subject DN in client's certificate
SSL_CLIENT_S_DN_x509 string Component of client's Subject DN
SSL_CLIENT_SAN_Email_n string Client certificate's subjectAltName extension entries of type rfc822Name
SSL_CLIENT_SAN_DNS_n string Client certificate's subjectAltName extension entries of type dNSName
SSL_CLIENT_SAN_OTHER_msUPN_n string Client certificate's subjectAltName extension entries of type otherName, Microsoft User Principal Name form (OID 1.3.6.1.4.1.311.20.2.3)
SSL_CLIENT_S_DN_x509 string Component of client's Subject DN
SSL_CLIENT_SAN_Email_n string Client certificate's subjectAltName extension entries of type rfc822Name
SSL_CLIENT_SAN_DNS_n string Client certificate's subjectAltName extension entries of type dNSName
SSL_CLIENT_SAN_OTHER_msUPN_n string Client certificate's subjectAltName extension entries of type otherName, Microsoft User Principal Name form (OID 1.3.6.1.4.1.311.20.2.3)
SSL_CLIENT_I_DN string Issuer DN of client's certificate
SSL_CLIENT_I_DN_x509 string Component of client's Issuer DN
SSL_CLIENT_I_DN_x509 string Component of client's Issuer DN
SSL_CLIENT_V_START string Validity of client's certificate (start time)
SSL_CLIENT_V_END string Validity of client's certificate (end time)
SSL_CLIENT_V_REMAIN string Number of days until client's certificate expires
SSL_CLIENT_A_SIG string Algorithm used for the signature of client's certificate
SSL_CLIENT_A_KEY string Algorithm used for the public key of client's certificate
SSL_CLIENT_CERT string PEM-encoded client certificate
SSL_CLIENT_CERT_CHAIN_n string PEM-encoded certificates in client certificate chain
SSL_CLIENT_CERT_CHAIN_n string PEM-encoded certificates in client certificate chain
SSL_CLIENT_CERT_RFC4523_CEA string Serial number and issuer of the certificate. The format matches that of the CertificateExactAssertion in RFC4523
SSL_CLIENT_VERIFY string NONE, SUCCESS, GENEROUS or FAILED:reason
SSL_CLIENT_VERIFY string NONE, SUCCESS, GENEROUS or FAILED:reason
SSL_SERVER_M_VERSION string The version of the server certificate
SSL_SERVER_M_SERIAL string The serial of the server certificate
SSL_SERVER_S_DN string Subject DN in server's certificate
SSL_SERVER_SAN_Email_n string Server certificate's subjectAltName extension entries of type rfc822Name
SSL_SERVER_SAN_DNS_n string Server certificate's subjectAltName extension entries of type dNSName
SSL_SERVER_SAN_OTHER_dnsSRV_n string Server certificate's subjectAltName extension entries of type otherName, SRVName form (OID 1.3.6.1.5.5.7.8.7, RFC 4985)
SSL_SERVER_S_DN_x509 string Component of server's Subject DN
SSL_SERVER_SAN_Email_n string Server certificate's subjectAltName extension entries of type rfc822Name
SSL_SERVER_SAN_DNS_n string Server certificate's subjectAltName extension entries of type dNSName
SSL_SERVER_SAN_OTHER_dnsSRV_n string Server certificate's subjectAltName extension entries of type otherName, SRVName form (OID 1.3.6.1.5.5.7.8.7, RFC 4985)
SSL_SERVER_S_DN_x509 string Component of server's Subject DN
SSL_SERVER_I_DN string Issuer DN of server's certificate
SSL_SERVER_I_DN_x509 string Component of server's Issuer DN
SSL_SERVER_I_DN_x509 string Component of server's Issuer DN
SSL_SERVER_V_START string Validity of server's certificate (start time)
SSL_SERVER_V_END string Validity of server's certificate (end time)
SSL_SERVER_A_SIG string Algorithm used for the signature of server's certificate
SSL_ECH_OUTER_SNI string SNI value that was seen in plaintext SNI (or `NONE`)
-

x509 specifies a component of an X.509 DN; one of +

x509 specifies a component of an X.509 DN; one of C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email. In httpd 2.2.0 and -later, x509 may also include a numeric _n +later, x509 may also include a numeric _n suffix. If the DN in question contains multiple attributes of the same name, this suffix is used as a zero-based index to select a particular attribute. For example, where the server certificate @@ -231,13 +231,13 @@ the SSLOptions directiv first (or only) attribute of any DN is added only under a non-suffixed name; i.e. no _0 suffixed entries are added.

-

In httpd 2.4.32 and later, an optional _RAW suffix may be -added to x509 in a DN component, to suppress conversion of +

In httpd 2.4.32 and later, an optional _RAW suffix may be +added to x509 in a DN component, to suppress conversion of the attribute value to UTF-8. This must be placed after the index suffix (if any). For example, SSL_SERVER_S_DN_OU_RAW or SSL_SERVER_S_DN_OU_0_RAW could be used.

-

The format of the *_DN variables has changed in Apache HTTPD +

The format of the *_DN variables has changed in Apache HTTPD 2.3.11. See the LegacyDNStringFormat option for SSLOptions for details.

@@ -268,13 +268,13 @@ REQUEST_URI REMOTE_USER

In these contexts, two special formats can also be used:

-
ENV:variablename
+
ENV:variablename
This will expand to the standard environment - variable variablename.
+ variable variablename. -
HTTP:headername
+
HTTP:headername
This will expand to the value of the request header with name - headername.
+ headername.
top
@@ -284,13 +284,13 @@ REQUEST_URI REMOTE_USER

When mod_ssl is built into Apache or at least loaded (under DSO situation) additional functions exist for the Custom Log Format of mod_log_config. First there is an -additional ``%{varname}x'' +additional ``%{varname}x'' eXtension format function which can be used to expand any variables provided by any module, especially those provided by mod_ssl which can you find in the above table.

For backward compatibility there is additionally a special -``%{name}c'' cryptography format function +``%{name}c'' cryptography format function provided. Information about this function is provided in the Compatibility chapter.

Example

CustomLog "logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
@@ -302,7 +302,7 @@ directive.

Request Notes

mod_ssl sets "notes" for the request which can be -used in logging with the %{name}n format +used in logging with the %{name}n format string in mod_log_config.

The notes supported are as follows:

@@ -334,12 +334,12 @@ loaded (under DSO situation) any variables provided by mod_ssl can be used in expressions for the ap_expr Expression Parser. The variables can be referenced using the syntax -``%{varname}''. Starting +``%{varname}''. Starting with version 2.4.18 one can also use the mod_rewrite style syntax -``%{SSL:varname}'' or +``%{SSL:varname}'' or the function style syntax -``ssl(varname)''.

+``ssl(varname)''.

Example (using mod_headers)

Header set X-SSL-PROTOCOL "expr=%{SSL_PROTOCOL}"
 Header set X-SSL-CIPHER "expr=%{SSL:SSL_CIPHER}"
@@ -414,7 +414,7 @@ effect.

- + @@ -428,7 +428,7 @@ verify the client certificate on Client Authentication.

The files in this directory have to be PEM-encoded and are accessed through hash filenames. So usually you can't just place the Certificate files there: you also have to create symbolic links named -hash-value.N. And you should always make sure this directory +hash-value.N. And you should always make sure this directory contains the appropriate symbolic links.

Example

SSLCACertificatePath "/usr/local/apache2/conf/ssl.crt/"
@@ -489,7 +489,7 @@ effect.

Description:Directory of PEM-encoded CA Certificates for Client Auth
Syntax:SSLCACertificatePath directory-path
Syntax:SSLCACertificatePath directory-path
Context:server config, virtual host
Override:AuthConfig
Status:Extension
- + @@ -503,7 +503,7 @@ details.

The files in this directory have to be PEM-encoded and are accessed through hash filenames. So usually you can't just place the Certificate files there: you also have to create symbolic links named -hash-value.N. And you should always make sure +hash-value.N. And you should always make sure this directory contains the appropriate symbolic links.

Example

SSLCADNRequestPath "/usr/local/apache2/conf/ca-names.crt/"
@@ -519,12 +519,12 @@ to take effect.

SSLCARevocationCheck Directive

Description:Directory of PEM-encoded CA Certificates for defining acceptable CA names
Syntax:SSLCADNRequestPath directory-path
Syntax:SSLCADNRequestPath directory-path
Context:server config, virtual host
Status:Extension
Module:mod_ssl
- + -
Description:Enable CRL-based revocation checking
Syntax:SSLCARevocationCheck chain|leaf|none [flags ...]
Syntax:SSLCARevocationCheck chain|leaf|none [flags ...]
Default:SSLCARevocationCheck none
Context:server config, virtual host
Status:Extension
Module:mod_ssl
Compatibility:Optional flags available in httpd 2.4.21 or +
Compatibility:Optional flags available in httpd 2.4.21 or later

@@ -535,7 +535,7 @@ configured. When set to chain (recommended setting), CRL checks are applied to all certificates in the chain, while setting it to leaf limits the checks to the end-entity cert.

-

The available flags are:

+

The available flags are:

@@ -595,7 +595,7 @@ effect.

- + @@ -608,7 +608,7 @@ These are used to revoke the client certificate on Client Authentication.

The files in this directory have to be PEM-encoded and are accessed through hash filenames. So usually you have not only to place the CRL files there. Additionally you have to create symbolic links named -hash-value.rN. And you should always make sure this directory +hash-value.rN. And you should always make sure this directory contains the appropriate symbolic links.

Example

SSLCARevocationPath "/usr/local/apache2/conf/ssl.crl/"
@@ -841,7 +841,7 @@ required for changes to take effect.

Description:Directory of PEM-encoded CA CRLs for Client Auth
Syntax:SSLCARevocationPath directory-path
Syntax:SSLCARevocationPath directory-path
Context:server config, virtual host
Status:Extension
Module:mod_ssl
- + @@ -849,7 +849,7 @@ handshake
Description:Cipher Suite available for negotiation in SSL handshake
Syntax:SSLCipherSuite [protocol] cipher-spec
Syntax:SSLCipherSuite [protocol] cipher-spec
Default:SSLCipherSuite DEFAULT (depends on OpenSSL version)
Context:server config, virtual host, directory, .htaccess
Override:AuthConfig
Module:mod_ssl

-This complex directive uses a colon-separated cipher-spec string +This complex directive uses a colon-separated cipher-spec string consisting of OpenSSL cipher specifications to configure the Cipher Suite the client is permitted to negotiate in the SSL handshake phase. The optional protocol specifier can configure the Cipher Suite for a specific SSL version. @@ -872,7 +872,7 @@ For a list of TLSv1.3 cipher names, see the OpenSSL documentation.

-An SSL cipher specification in cipher-spec is composed of 4 major +An SSL cipher specification in cipher-spec is composed of 4 major attributes plus a few extra minor ones: