Index: apache-1.2-rus/conf/httpd.conf-dist diff -c apache-1.2-rus/conf/httpd.conf-dist:1.17 apache-1.2-rus/conf/httpd.conf-dist:1.19 *** apache-1.2-rus/conf/httpd.conf-dist:1.17 Tue Jan 27 03:31:14 1998 --- apache-1.2-rus/conf/httpd.conf-dist Sun Mar 29 21:38:24 1998 *************** *** 48,53 **** --- 48,56 ---- # ServerRoot: The directory the server's config, error, and log files # are kept in + # NOTE! If you intend to place this on a NFS (or otherwise network) + # mounted filesystem then please read the LockFile documentation, + # you will save yourself a lot of trouble. ServerRoot /usr/local/etc/httpd *************** *** 131,137 **** CharsetAgent ibm866 DosLynx Lynx2/OS/2 # Agents that can't understand MIME ! CharsetBadAgent arena Lynx/2.0 Lynx/2.1 Lynx/2.2 Lynx/2.3 Lynx/2.4 "MSIE 2.0;" Lynx2/OS/2 # Uncomment this if server must reject queries with illegal charset #CharsetErrReject on --- 134,140 ---- CharsetAgent ibm866 DosLynx Lynx2/OS/2 # Agents that can't understand MIME ! CharsetBadAgent arena Lynx/2.0 Lynx/2.1 Lynx/2.2 Lynx/2.3 Lynx/2.4 "MSIE 2.0;" Lynx2/OS/2 # Uncomment this if server must reject queries with illegal charset #CharsetErrReject on Index: apache-1.2-rus/htdocs/manual/misc/FAQ.html diff -c apache-1.2-rus/htdocs/manual/misc/FAQ.html:1.5 apache-1.2-rus/htdocs/manual/misc/FAQ.html:1.6 *** apache-1.2-rus/htdocs/manual/misc/FAQ.html:1.5 Fri Jan 9 22:23:52 1998 --- apache-1.2-rus/htdocs/manual/misc/FAQ.html Thu Mar 26 03:24:30 1998 *************** *** 27,44 **** The latest version of this FAQ is always available from the main Apache web site, at <http://www.apache.org/docs/misc/FAQ>.

! ! ! --- 27,42 ---- The latest version of this FAQ is always available from the main Apache web site, at <http://www.apache.org/docs/misc/FAQ.html>.

! *************** *** 150,155 **** --- 148,156 ----

ErrorDocument
      401

work?

How can I use ErrorDocument + and SSI to simplify customized error messages? +

Why do I get "setgid: Invalid argument" at startup?

*************** *** 174,180 **** reset by peer" in my error log?

How can I get my script's output without ! Apache buffering it?

Why do I get complaints about redefinition of "struct iovec" when compiling under Linux? --- 175,181 ---- reset by peer" in my error log?

How can I get my script's output without ! Apache buffering it? Why doesn't my server push work?

Why do I get complaints about redefinition of "struct iovec" when compiling under Linux? *************** *** 258,263 **** --- 259,283 ----

Where can I find the "CGI specification"?

Is Apache Year 2000 compliant? +

I upgraded to Apache 1.3b and now my + virtual hosts don't work! +

I'm using RedHat Linux and I have problems with httpd + dying randomly or not restarting properly +

I upgraded from an Apache version earlier + than 1.2.0 and suddenly I have problems with Apache dying randomly + or not restarting properly +

I'm using RedHat Linux and my .htm files are showing + up as html source rather than being formatted! +

I'm using RedHat Linux 5.0, or some other glibc + based Linux system, and I get errors with the crypt function when + I attempt to build Apache 1.2. +

*************** *** 328,334 ****

For an independent assessment, see Web Compare's comparison chart.

--- 348,354 ----

For an independent assessment, see Web Compare's comparison chart.

*************** *** 358,364 ****

The Apache project's web site includes a page with a partial list of sites running Apache.

--- 378,384 ----

The Apache project's web site includes a page with a partial list of sites running Apache.

*************** *** 390,396 **** be swamped by a flood of trivial questions that can be resolved elsewhere. Bug reports and suggestions should be sent via the bug report page. Other questions should be directed to the via the bug report page. Other questions should be directed to the Apache Week available. Links to relevant Apache Week articles are ! included below where appropriate.

--- 441,450 ---- REL="Help" >Apache Week available. Links to relevant Apache Week articles are ! included below where appropriate. There are also some ! Apache-specific books available.

*************** *** 458,464 **** the server error log. Sometimes this is enough for you to diagnose & fix the problem yourself (such as file permissions or the like). The default location of the error log is ! /usr/local/etc/httpd/logs/error_log, but see the ErrorLog --- 481,487 ---- the server error log. Sometimes this is enough for you to diagnose & fix the problem yourself (such as file permissions or the like). The default location of the error log is ! /usr/local/apache/logs/error_log, but see the ErrorLog *************** *** 479,485 **** Most problems that get reported to The Apache Group are recorded in the bug database. Please check the existing reports, open and closed, before adding one. If you find --- 502,508 ---- Most problems that get reported to The Apache Group are recorded in the bug database. Please check the existing reports, open and closed, before adding one. If you find *************** *** 513,519 **** have obtained no relief, then please do let The Apache Group know about the problem by logging a bug report.

--- 536,542 ---- have obtained no relief, then please do let The Apache Group know about the problem by logging a bug report.

*************** *** 615,621 **** allow all files named "*.cgi" to be executable. Perhaps all you want is to enable a particular file in a normal directory to be executable. This can be alternatively accomplished ! via mod_rewrite --- 638,644 ---- allow all files named "*.cgi" to be executable. Perhaps all you want is to enable a particular file in a normal directory to be executable. This can be alternatively accomplished ! via mod_rewrite *************** *** 824,830 ****

This is a feature The Apache Group hopes to add in the next major ! release after 1.2.

--- 847,853 ----

This is a feature The Apache Group hopes to add in the next major ! release after 1.3.

*************** *** 1001,1013 ****

<Limit GET>
    :

! Change that to <Limit GET POST> and the problem ! will probably go away.

--- 1024,1042 ----

<Limit GET>
!     
    :

! Change that to <Limit GET POST> and the problem ! will probably go away. Better yet, remove the ! <Limit> and </Limit> lines ! altogether unless you're specifically trying to limit by ! method (GET, PUT, et cetera). If ! you don't have a <Limit> container, the ! restrictions apply equally to all methods.

*************** *** 1079,1084 **** --- 1108,1126 ----

+ How can I use ErrorDocument + and SSI to simplify customized error messages? + +

+ Have a look at this document. + It shows in example form how you can a combination of XSSI and + negotiation to tailor a set of ErrorDocuments to your + personal taste, and returning different internationalized error + responses based on the client's native language. +

Why do I get "setgid: Invalid argument" at startup? *************** *** 1186,1192 ****

More information about this issue can be found in the Java and HTTP/1.1 page at the Apache web site.

--- 1228,1234 ----

More information about this issue can be found in the Java and HTTP/1.1 page at the Apache web site.

*************** *** 1254,1267 ****

How can I get my script's output without Apache buffering ! it?

In order to improve network performance, Apache buffers script output into relatively large chunks. If you have a script that sends ! information in bursts (such as partial-done messages in a multi-commit ! database transaction, perhaps), the client will not necessarily get ! the output as the script is generating it.

To avoid this, Apache recognizes scripts whose names begin with --- 1296,1309 ----

How can I get my script's output without Apache buffering ! it? Why doesn't my server push work?

In order to improve network performance, Apache buffers script output into relatively large chunks. If you have a script that sends ! information in bursts (eg. as partial-done messages in a multi-commit ! database transaction or any type of server push), the client will ! not necessarily get the output as the script is generating it.

To avoid this, Apache recognizes scripts whose names begin with *************** *** 1308,1313 **** --- 1350,1359 ----

and then follow with your normal non-nph headers.

Note that in version 1.3, all CGI scripts will be unbuffered + so the only difference between nph scripts and normal scripts is + that nph scripts require the full HTTP headers to be sent. +

*************** *** 1357,1366 ****

The canonical location for Apache's core-dump files is the ServerRoot ! directory.

--- 1403,1417 ----

The canonical location for Apache's core-dump files is the + ServerRoot + directory. As of Apache version 1.3, the location can be set via + the CoreDumpDirectory ! directive to a different directory. Make sure that this directory is ! writable by the user the server runs as (as opposed to the user the server ! is started as).

*************** *** 1426,1432 ****

Some SSL implementations of Apache are available, however; see the "related projects" page at the main Apache web site.

--- 1477,1483 ----

Some SSL implementations of Apache are available, however; see the "related projects" page at the main Apache web site.

*************** *** 1533,1539 **** issues is the cause of your problem, and it hasn't been reported before, please submit a problem report. Be sure to include complete details, such as the compiler & OS versions and exact error messages. --- 1584,1590 ---- issues is the cause of your problem, and it hasn't been reported before, please submit a problem report. Be sure to include complete details, such as the compiler & OS versions and exact error messages. *************** *** 1727,1733 ****
AuthType Basic
! AuthUserFile /usr/local/etc/httpd/conf/htpasswd.users
AuthName special directory
--- 1778,1784 ----
AuthType Basic
! AuthUserFile /usr/local/apache/conf/htpasswd.users
AuthName special directory
*************** *** 1786,1795 **** Linux newsgroup/mailing list. As a last-resort workaround, you can ! comment out the #define HAVE_SHMGET definition in the LINUX section of ! src/conf.h and rebuild the server. This will produce ! a server which is slower and less reliable.

--- 1837,1848 ---- Linux newsgroup/mailing list. As a last-resort workaround, you can ! comment out the #define USE_SHMGET_SCOREBOARD ! definition in the LINUX section of ! src/conf.h and rebuild the server (prior to 1.3b4, simply ! removing #define HAVE_SHMGET would have sufficed). ! This will produce a server which is slower and less reliable.

*************** *** 1874,1881 ****

You have probably configured the Host by specifying a FQHN, ! and thus the libmsql will use a full blown tcp/ip socket to talk to ! the database, rather than a fast internal device. The libmsql, the mSQL FAQ, and the mod_auth_msql documentation warn you about this. If you have to use different hosts, check out the mod_auth_msql code for --- 1927,1934 ----

You have probably configured the Host by specifying a FQHN, ! and thus the libmsql will use a full blown TCP/IP socket ! to talk to the database, rather than a fast internal device. The libmsql, the mSQL FAQ, and the mod_auth_msql documentation warn you about this. If you have to use different hosts, check out the mod_auth_msql code for *************** *** 1890,1896 ****

There is a collection of Practical Solutions for URL-Manipulation where you can find all typical solutions the author of --- 1943,1949 ----

There is a collection of Practical Solutions for URL-Manipulation where you can find all typical solutions the author of *************** *** 1940,1946 ****

Hmmm... there are a lot of reasons. First, mod_rewrite itself is a powerful ! module which can help you in really all aspects of URL rewriting, so it can be no trivial module per definition. To accomplish its hard job it uses software leverage and makes use of a powerful regular expression library by Henry Spencer which is an integral part of Apache since its --- 1993,1999 ----

On the other hand mod_rewrite has to work inside the Apache API environment and needs to do some tricks to fit there. For instance the Apache API as of ! 1.x really was not designed for URL rewriting at the .htaccess level of processing. Or the problem of multiple rewrites in sequence, which is also not handled by the API per design. To provide this features mod_rewrite has to do some special (but API compliant!) handling which leads --- 2003,2009 ----

You can't! The reason is: First, case translations for arbitrary length URLs ! cannot be done via regex patterns and corresponding substitutions. One need ! a per-character pattern like sed/Perl tr|..|..| feature. Second, just making URLs always upper or lower case will not resolve the complete problem of case-INSENSITIVE URLs, because actually the URLs had to be rewritten to the correct case-variant residing on the filesystem because in later --- 2045,2054 ----

You can't! The reason is: First, case translations for arbitrary length URLs ! cannot be done via regex patterns and corresponding substitutions. ! One need ! a per-character pattern like sed/Perl tr|..|..| feature. ! Second, just making URLs always upper or lower case will not resolve the complete problem of case-INSENSITIVE URLs, because actually the URLs had to be rewritten to the correct case-variant residing on the filesystem because in later *************** *** 2033,2060 ****

Where can I find the "CGI specification"?

! The Common Gateway Interface (CGI) specification currently lives in at ! least two versions:

At the original NCSA site ! <http://hoohoo.ncsa.uiuc.edu/cgi/interface.html>. ! This version hasn't been updated since 1995, and there have been ! some efforts to update it and replace it with !
The most current version, which is struggling to become an ! Internet RFC, found at ! <http://www.ast.cam.ac.uk/~drtr/cgi-spec.html>. !

--- 2088,2276 ----

Where can I find the "CGI specification"?

! The Common Gateway Interface (CGI) specification can be found at ! the original NCSA site ! < ! http://hoohoo.ncsa.uiuc.edu/cgi/interface.html>. ! This version hasn't been updated since 1995, and there have been ! some efforts to update it.

+ Is Apache Year 2000 compliant? +

! Yes, Apache is Year 2000 compliant. !

! Apache internally never stores years as two digits. ! On the HTTP protocol level RFC1123-style addresses are generated ! which is the only format a HTTP/1.1-compliant server should ! generate. To be compatible with older applications Apache ! recognizes ANSI C's asctime() and ! RFC850-/RFC1036-style date formats, too. ! The asctime() format uses four-digit years, ! but the RFC850 and RFC1036 date formats only define a two-digit year. ! If Apache sees such a date with a value less than 70 it assumes that ! the century is 20 rather than 19. !

! Some aspects of Apache's output may use two-digit years, such as the ! automatic listing of directory contents provided by ! mod_autoindex ! with the ! FancyIndexing ! option enabled, but it is improper to depend upon such displays for ! specific syntax. And even that issue is being addressed by the ! developers; a future version of Apache should allow you to format that ! display as you like. !

! Although Apache is Year 2000 compliant, you may still get problems ! if the underlying OS has problems with dates past year 2000 ! (e.g., OS calls which accept or return year numbers). ! Most (UNIX) systems store dates internally as signed 32-bit integers ! which contain the number of seconds since 1^st January 1970, so ! the magic boundary to worry about is the year 2038 and not 2000. ! But modern operating systems shouldn't cause any trouble ! at all. !

! I upgraded to Apache 1.3b and now my virtual hosts don't ! work! ! !

! In versions of Apache prior to 1.3b2, there was a lot of confusion ! regarding address-based virtual hosts and (HTTP/1.1) name-based ! virtual hosts, and the rules concerning how the server processed ! <VirtualHost> definitions were very complex and not ! well documented. !

! Apache 1.3b2 introduced a new directive, ! NameVirtualHost, ! which simplifies the rules quite a bit. However, changing the rules ! like this means that your existing name-based ! <VirtualHost> containers probably won't work ! correctly immediately following the upgrade. !

! To correct this problem, add the following line to the beginning of ! your server configuration file, before defining any virtual hosts:

NameVirtualHost n.n.n.n +

+ +

+ Replace the "n.n.n.n" with the IP address to + which the name-based virtual host names resolve; if you have multiple + name-based hosts on multiple addresses, repeat the directive for each + address. +

+ Make sure that your name-based <VirtualHost> blocks + contain ServerName and possibly ServerAlias + directives so Apache can be sure to tell them apart correctly. +

+ Please see the + Apache + Virtual Host documentation for further details about configuration. +

+ +

I'm using RedHat Linux and I have problems with httpd + dying randomly or not restarting properly + +

RedHat Linux versions 4.x (and possibly earlier) rpms contain + various nasty scripts which do not stop or restart Apache properly. + These can affect you even if you're not running the RedHat supplied + rpms. + +

If you're using the default install then you're probably running + Apache 1.1.3, which is outdated. From RedHat's ftp site you can + pick up a more recent RPM for Apache 1.2.x. This will solve one of + the problems. + +

If you're using a custom built Apache rather than the RedHat rpms + then you should rpm -e apache. In particular you want + the mildly broken /etc/logrotate.d/apache script to be + removed, and you want the broken /etc/rc.d/init.d/httpd + (or httpd.init) script to be removed. The latter is + actually fixed by the apache-1.2.5 rpms but if you're building your + own Apache then you probably don't want the RedHat files. + +

We can't stress enough how important it is for folks, especially + vendors to follow the stopping Apache + directions given in our documentation. In RedHat's defense, + the broken scripts were necessary with Apache 1.1.x because the + Linux support in 1.1.x was very poor, and there were various race + conditions on all platforms. None of this should be necessary with + Apache 1.2 and later. +

+ +

I upgraded from an Apache version earlier + than 1.2.0 and suddenly I have problems with Apache dying randomly + or not restarting properly + +

You should read the previous note about + problems with RedHat installations. It is entirely likely that your + installation has start/stop/restart scripts which were built for + an earlier version of Apache. Versions earlier than 1.2.0 had + various race conditions that made it necessary to use + kill -9 at times to take out all the httpd servers. + But that should not be necessary any longer. You should follow + the directions on how to stop + and restart Apache. + +

As of Apache 1.3 there is a script + src/support/apachectl which, after a bit of + customization, is suitable for starting, stopping, and restarting + your server. +

+ +

I'm using RedHat Linux and my .htm files are showing + up as html source rather than being formatted! + +

RedHat messed up and forgot to put a content type for .htm + files into /etc/mime.types. Edit /etc/mime.types, + find the line containing html and add htm to it. + Then restart your httpd server: +

+ 	kill -HUP `cat /var/run/httpd.pid`
+

+ Then clear your browsers' caches. (Many browsers won't re-examine + the content type after they've reloaded a page.) +

+ +

I'm using RedHat Linux 5.0, or some other glibc + based Linux system, and I get errors with the crypt function when + I attempt to build Apache 1.2. + +

glibc puts the crypt function into a separate library. Edit your + src/Configuration file and set this: +

+ 	EXTRA_LIBS=-lcrypt
+

Index: apache-1.2-rus/htdocs/manual/misc/known_client_problems.html diff -c /dev/null apache-1.2-rus/htdocs/manual/misc/known_client_problems.html:1.3 *** /dev/null Sun Mar 29 18:20:33 1998 --- apache-1.2-rus/htdocs/manual/misc/known_client_problems.html Thu Mar 26 03:24:32 1998 *************** *** 0 **** --- 1,213 ---- + + + + Apache HTTP Server Project + + + + +

+ Apache HTTP Server Version 1.2 +

+ +

Known Problems in Clients

+ +

Over time the Apache Group has discovered or been notified of problems + with various clients which we have had to work around. This document + describes these problems and the workarounds available. It's not arranged + in any particular order. Some familiarity with the standards is assumed, + but not necessary. + +

For brevity, Navigator will refer to Netscape's Navigator + product, and MSIE will refer to Microsoft's Internet Explorer + product. All trademarks and copyrights belong to their respective + companies. We welcome input from the various client authors to correct + inconsistencies in this paper, or to provide us with exact version + numbers where things are broken/fixed. + +

For reference, + RFC1945 + defines HTTP/1.0, and + RFC2068 + defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1 server (with an + optional HTTP/1.0 proxy). + +

Various of these workarounds are triggered by environment variables. + The admin typically controls which are set, and for which clients, by using + mod_browser. Unless otherwise + noted all of these workarounds exist in versions 1.2 and later. + +

Trailing CRLF on POSTs

+ +

This is a legacy issue. The CERN webserver required POST + data to have an extra CRLF following it. Thus many + clients send an extra CRLF that + is not included in the Content-Length of the request. + Apache works around this problem by eating any empty lines which + appear before a request. + +

Broken keepalive

+ +

Various clients have had broken implementations of keepalive + (persistent connections). In particular the Windows versions of + Navigator 2.0 get very confused when the server times out an + idle connection. The workaround is present in the default config files: +

+ BrowserMatch Mozilla/2 nokeepalive +

+ Note that this matches some earlier versions of MSIE, which began the + practice of calling themselves Mozilla in their user-agent + strings just like Navigator. + +

MSIE 4.0b2, which claims to support HTTP/1.1, does not properly + support keepalive when it is used on 301 or 302 (redirect) + responses. Unfortunately Apache's nokeepalive code + prior to 1.2.2 would not work with HTTP/1.1 clients. You must apply + this + patch to version 1.2.1. Then add this to your config: +

+ BrowserMatch "MSIE 4\.0b2;" nokeepalive +

+ +

Incorrect interpretation of `HTTP/1.1` in response

+ +

To quote from section 3.1 of RFC1945: +

+ HTTP uses a "." numbering scheme to indicate versions + of the protocol. The protocol versioning policy is intended to allow + the sender to indicate the format of a message and its capacity for + understanding further HTTP communication, rather than the features + obtained via that communication. +

+ Since Apache is an HTTP/1.1 server, it indicates so as part of its + response. Many client authors mistakenly treat this part of the response + as an indication of the protocol that the response is in, and then refuse + to accept the response. + +

The first major indication of this problem was with AOL's proxy servers. + When Apache 1.2 went into beta it was the first wide-spread HTTP/1.1 + server. After some discussion, AOL fixed their proxies. In + anticipation of similar problems, the force-response-1.0 + environment variable was added to Apache. When present Apache will + indicate "HTTP/1.0" in response to an HTTP/1.0 client, + but will not in any other way change the response. + +

The pre-1.1 Java Development Kit (JDK) that is used in many clients + (including Navigator 3.x and MSIE 3.x) exhibits this problem. As do some + of the early pre-releases of the 1.1 JDK. We think it is fixed in the + 1.1 JDK release. In any event the workaround: +

+ BrowserMatch Java1.0 force-response-1.0 + BrowserMatch JDK/1.0 force-response-1.0 +

+ +

RealPlayer 4.0 from Progressive Networks also exhibits this problem. + However they have fixed it in version 4.01 of the player, but version + 4.01 uses the same User-Agent as version 4.0. The + workaround is still: +

+ BrowserMatch "RealPlayer 4.0" force-response-1.0 +

+ +

Requests use HTTP/1.1 but responses must be in HTTP/1.0

+ +

MSIE 4.0b2 has this problem. Its Java VM makes requests in HTTP/1.1 + format but the responses must be in HTTP/1.0 format (in particular, it + does not understand chunked responses). The workaround + is to fool Apache into believing the request came in HTTP/1.0 format. +

+ BrowserMatch "MSIE 4\.0b2;" downgrade-1.0 force-response-1.0 +

+ This workaround is available in 1.2.2, and in a + patch + against 1.2.1. + +

Boundary problems with header parsing

+ +

All versions of Navigator from 2.0 through 4.0b2 (and possibly later) + have a problem if the trailing CRLF of the response header starts at + the 256th or 257th byte of the response. A BrowserMatch for this would + match on nearly every hit, so the workaround is enabled automatically + on all responses. The workaround is to detect when this condition would + occur in a response and add extra padding to the header to push the + trailing CRLF past the 257th byte of the response. + +

Multipart responses and Quoted Boundary Strings

+ +

On multipart responses some clients will not accept quotes (") + around the boundary string. The MIME standard recommends that + such quotes be used. But the clients were probably written based + on one of the examples in RFC2068, which does not include quotes. + Apache does not include quotes on its boundary strings to workaround + this problem. + +

Byterange requests

+ +

A byterange request is used when the client wishes to retrieve a + portion of an object, not necessarily the entire object. There + was a very old draft which included these byteranges in the URL. + Old clients such as Navigator 2.0b1 and MSIE 3.0 for the MAC + exhibit this behaviour, and + it will appear in the servers' access logs as (failed) attempts to + retrieve a URL with a trailing ";xxx-yyy". Apache does not attempt + to implement this at all. + +

A subsequent draft of this standard defines a header + Request-Range, and a response type + multipart/x-byteranges. The HTTP/1.1 standard includes + this draft with a few fixes, and it defines the header + Range and type multipart/byteranges. + +

Navigator (versions 2 and 3) sends both Range and + Request-Range headers (with the same value), but does not + accept a multipart/byteranges response. The response must + be multipart/x-byteranges. As a workaround, if Apache + receives a Request-Range header it considers it "higher + priority" than a Range header and in response uses + multipart/x-byteranges. + +

The Adobe Acrobat Reader plugin makes extensive use of byteranges and + prior to version 3.01 supports only the multipart/x-byterange + response. Unfortunately there is no clue that it is the plugin + making the request. If the plugin is used with Navigator, the above + workaround works fine. But if the plugin is used with MSIE 3 (on + Windows) the workaround won't work because MSIE 3 doesn't give the + Range-Request clue that Navigator does. To workaround this, + Apache special cases "MSIE 3" in the User-Agent and serves + multipart/x-byteranges. Note that the necessity for this + with MSIE 3 is actually due to the Acrobat plugin, not due to the browser. + +

Netscape Communicator appears to not issue the non-standard + Request-Range header. When an Acrobat plugin prior to + version 3.01 is used with it, it will not properly understand byteranges. + The user must upgrade their Acrobat reader to 3.01. + +

`Set-Cookie` header is unmergeable

+ +

The HTTP specifications say that it is legal to merge headers with + duplicate names into one (separated by semicolon). Some browsers + that support Cookies don't like merged headers and prefer that each + Set-Cookie header is sent separately. When parsing the + headers returned by a CGI, Apache will explicitly avoid merging any + Set-Cookie headers. + +

+ Apache HTTP Server Version 1.2 +

+ +

+ + + + Index: apache-1.2-rus/src/CHANGES diff -c apache-1.2-rus/src/CHANGES:1.4 apache-1.2-rus/src/CHANGES:1.5 *** apache-1.2-rus/src/CHANGES:1.4 Fri Jan 9 22:25:16 1998 --- apache-1.2-rus/src/CHANGES Thu Mar 26 03:25:24 1998 *************** *** 1,3 **** --- 1,91 ---- + Changes with Apache 1.2.6 + + *) Increase the robustness of the child_main loop. When unexpected + select() or accept() errors occur we exit() the child. This deals + with many reported problems where apache would fill the error_log + with messages. [Dean Gaudet] PR#1747, 1107, 588, 1787, 987, 588 + + *) PORT: Add -lm to LIBS for HPUX. [Dean Gaudet] PR#1639 + + *) SECURITY: "UserDir /abspath" without a * in the path would allow + remote users to access "/~.." and bypass access restrictions + (but note /~../.. was handled properly). + [Lauri Jesmin ] PR#1701 + + *) mod_rewrite's RewriteLog should behave like mod_log_config, it + shouldn't force hostname lookups. [Dean Gaudet] PR#1684 + + *) mod_include when using XBitHack Full would send ETags in addition to + sending Last-Modifieds. This is incorrect HTTP/1.1 behaviour. + [Dean Gaudet] PR#1133 + + *) SECURITY: When a client connects to a particular port/addr, and + gives a Host: header ensure that the virtual host requested can + actually be reached via that port/addr. [Ed Korthof ] + + *) Support virtual hosts with wildcard port and/or multiple ports + properly. [Ed Korthof ] + + *) Fixed some case-sensitivity issues according to RFC2068. + [Dean Gaudet] + + *) Set r->allowed properly in mod_asis.c, mod_dir.c, mod_info.c, + and mod_include.c. [Dean Gaudet] + + *) Variable 'cwd' was being used pointlessly before being set. + [Ken Coar] PR#1738 + + *) SIGURG doesn't exist on all platforms. + [Mark Andrew Heinrich ] + + *) When an error occurs during a POST, or other operation with a + request body, the body has to be read from the net before allowing + a keepalive session to continue. [Roy Fielding] PR#1399 + + *) When an error occurs in fcntl() locking suggest the user look up + the docs for LockFile. [Dean Gaudet] + + *) table_set() and table_unset() did not deal correctly with + multiple occurrences of the same key. [Stephen Scheck + , Ben Laurie] PR#1604 + + *) send_fd_length() did not calculate total_bytes_sent properly in error + cases. [Ben Reser ] PR#1366 + + *) r->connection->user was allocated in the wrong pool causing corruption + in some cases when used with mod_cern_meta. [Dean Gaudet] PR#1500 + + *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake. + Also removed the auto-generated link to www.apache.org that was the + source of so many misdirected bug reports. [Roy Fielding, Marc Slemko] + + *) Multiple "close" tokens may have been set in the "Connection" + header, not an error, but a waste. + [Ronald.Tschalaer@psi.ch] PR#1683 + + *) "basic" and "digest" auth tokens should be tested case-insensitive. + [Ronald.Tschalaer@psi.ch] PR#1599, PR#1666 + + *) It appears the "257th byte" bug (see + htdocs/manual/misc/known_client_problems.html#257th-byte) can happen + at the 256th byte as well. Fixed. [Dean Gaudet] + + *) mod_rewrite would not handle %3f properly in some situations. + [Ralf Engelschall] + + *) Apache could generate improperly chunked HTTP/1.1 responses when + the bputc() or rputc() functions were used by modules (such as + mod_include). [Dean Gaudet] + + *) #ifdef wrap a few #defines in httpd.h to make life easier on + some ports. [Ralf Engelschall] + + *) Fix MPE compilation error in mod_usertrack.c. [Mark Bixby] + + *) Quote CC='$(CC)' to improve recurse make calls. [Martin Kraemer] + + *) Avoid B_ERROR redeclaration on sysvr4 systems. [Martin Kraemer] + Changes with Apache 1.2.5 *) SECURITY: Fix a possible buffer overflow in logresolve. This is Index: apache-1.2-rus/src/CHANGES.rus diff -c apache-1.2-rus/src/CHANGES.rus:1.32 apache-1.2-rus/src/CHANGES.rus:1.33 *** apache-1.2-rus/src/CHANGES.rus:1.32 Fri Feb 6 01:52:24 1998 --- apache-1.2-rus/src/CHANGES.rus Thu Mar 26 03:38:47 1998 *************** *** 1,5 **** --- 1,9 ---- PL22 + PL22.2, Apache 1.2.6, 26 Mar 1998, Alex Tutubalin + 1. apache-1.2.5 -> 1.2.6 changes merged. Apache-TEAM �� , + �� Russian Apache PL20.5, �� . + PL22.2 05 Feb, 1998, Alex Tutubalin 1. �� CHARSET_SERVER_NAME (� �� www.domain:port), CHARSET_HTTP_METHOD (http:// �� https://) Index: apache-1.2-rus/src/Configuration diff -c apache-1.2-rus/src/Configuration:1.16 apache-1.2-rus/src/Configuration:1.18 *** apache-1.2-rus/src/Configuration:1.16 Fri Feb 6 01:52:26 1998 --- apache-1.2-rus/src/Configuration Sun Mar 29 21:38:26 1998 *************** *** 41,56 **** # Settings here have priority; If not set, Configure will attempt to guess # the C compiler, and set OPTIM to '-O2' # ! # Russian Apache users. Add -DXCYRILLIC to next line to enable support # of Accept: text/x-cyrillic-... header (russian-specific Mosaic hack). EXTRA_CFLAGS=-DUSE_TRANSFER_TABLES -DEPOCH_EXPIRES ! EXTRA_LFLAGS= EXTRA_LIBS= EXTRA_INCLUDES= #CC= ! OPTIM=-O2 #RANLIB= ################################################################ --- 41,58 ---- # Settings here have priority; If not set, Configure will attempt to guess # the C compiler, and set OPTIM to '-O2' # ! # REDHAT LINUX 5.0 USERS PLEASE NOTE! You have to add -lcrypt to ! # EXTRA_LIBS. This is fixed in 1.3 but will not be fixed in 1.2. ! # # Russian Apache users. Add -DXCYRILLIC to next line to enable support # of Accept: text/x-cyrillic-... header (russian-specific Mosaic hack). EXTRA_CFLAGS=-DUSE_TRANSFER_TABLES -DEPOCH_EXPIRES ! EXTRA_LFLAGS= EXTRA_LIBS= EXTRA_INCLUDES= #CC= ! #OPTIM=-O2 #RANLIB= ################################################################ Index: apache-1.2-rus/src/Configuration.tmpl diff -c apache-1.2-rus/src/Configuration.tmpl:1.2 apache-1.2-rus/src/Configuration.tmpl:1.4 *** apache-1.2-rus/src/Configuration.tmpl:1.2 Fri Jan 9 22:25:19 1998 --- apache-1.2-rus/src/Configuration.tmpl Sun Mar 29 21:38:27 1998 *************** *** 41,47 **** # Settings here have priority; If not set, Configure will attempt to guess # the C compiler, and set OPTIM to '-O2' # ! EXTRA_CFLAGS= EXTRA_LFLAGS= EXTRA_LIBS= EXTRA_INCLUDES= --- 41,52 ---- # Settings here have priority; If not set, Configure will attempt to guess # the C compiler, and set OPTIM to '-O2' # ! # REDHAT LINUX 5.0 USERS PLEASE NOTE! You have to add -lcrypt to ! # EXTRA_LIBS. This is fixed in 1.3 but will not be fixed in 1.2. ! # ! # Russian Apache users. Add -DXCYRILLIC to next line to enable support ! # of Accept: text/x-cyrillic-... header (russian-specific Mosaic hack). ! EXTRA_CFLAGS=-DUSE_TRANSFER_TABLES -DEPOCH_EXPIRES EXTRA_LFLAGS= EXTRA_LIBS= EXTRA_INCLUDES= *************** *** 186,191 **** --- 191,197 ---- Module asis_module mod_asis.o Module imap_module mod_imap.o Module action_module mod_actions.o + Module charset_module mod_charset.o ## ## URL translation modules. Index: apache-1.2-rus/src/Configure diff -c apache-1.2-rus/src/Configure:1.3 apache-1.2-rus/src/Configure:1.4 *** apache-1.2-rus/src/Configure:1.3 Sat Aug 23 17:03:06 1997 --- apache-1.2-rus/src/Configure Thu Mar 26 03:25:28 1998 *************** *** 255,260 **** --- 255,261 ---- CFLAGS="$CFLAGS -Aa -D_HPUX_SOURCE" OPTIM=" " fi + LIBS="$LIBS -lm" ;; *-sgi-irix64) # Note: We'd like to see patches to compile 64-bit, but for now... *************** *** 424,430 **** ;; *-sni-sysv4*) OS='SVR4' ! CFLAGS="$CFLAGS -DSVR4" DEF_WANTHSREGEX=yes LIBS="$LIBS -lsocket -lnsl -lc" ;; --- 425,431 ---- ;; *-sni-sysv4*) OS='SVR4' ! CFLAGS="$CFLAGS -DSVR4 -D_XPG_IV -DUSE_MMAP_FILES" DEF_WANTHSREGEX=yes LIBS="$LIBS -lsocket -lnsl -lc" ;; *************** *** 674,680 **** @echo "Done cleaning module subdirectories" placeholder \$(MODULES): ForceMe ! (cd \$@; \$(MAKE) CC=\$(CC) AUX_CFLAGS='\$(MOD_CFLAGS)' RANLIB='\$(RANLIB)') ForceMe: --- 675,681 ---- @echo "Done cleaning module subdirectories" placeholder \$(MODULES): ForceMe ! (cd \$@; \$(MAKE) CC='\$(CC)' AUX_CFLAGS='\$(MOD_CFLAGS)' RANLIB='\$(RANLIB)') ForceMe: Index: apache-1.2-rus/src/Makefile.tmpl diff -c apache-1.2-rus/src/Makefile.tmpl:1.5 apache-1.2-rus/src/Makefile.tmpl:1.6 *** apache-1.2-rus/src/Makefile.tmpl:1.5 Tue Jan 27 03:31:19 1998 --- apache-1.2-rus/src/Makefile.tmpl Thu Mar 26 03:25:30 1998 *************** *** 29,39 **** $(CC) $(LFLAGS) -o httpd $(OBJS) $(REGLIB) $(LIBS) regex/libregex.a: ! (cd regex; $(MAKE) lib CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)') modules/last-built: (cd modules; \ ! $(MAKE) CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)') clean: rm -f httpd *.o core --- 29,39 ---- $(CC) $(LFLAGS) -o httpd $(OBJS) $(REGLIB) $(LIBS) regex/libregex.a: ! (cd regex; $(MAKE) lib CC='$(CC)' AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)') modules/last-built: (cd modules; \ ! $(MAKE) CC='$(CC)' AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)') clean: rm -f httpd *.o core Index: apache-1.2-rus/src/alloc.c diff -c apache-1.2-rus/src/alloc.c:1.2 apache-1.2-rus/src/alloc.c:1.3 *** apache-1.2-rus/src/alloc.c:1.2 Mon Jul 7 16:45:59 1997 --- apache-1.2-rus/src/alloc.c Thu Mar 26 03:25:31 1998 *************** *** 578,588 **** table_entry *elts = (table_entry *)t->elts; int done = 0; ! for (i = 0; i < t->nelts; ++i) if (!strcasecmp (elts[i].key, key)) { if (!done) { elts[i].val = pstrdup(t->pool, val); done = 1; } else { /* delete an extraneous element */ for (j = i, k = i + 1; k < t->nelts; ++j, ++k) { --- 578,589 ---- table_entry *elts = (table_entry *)t->elts; int done = 0; ! for (i = 0; i < t->nelts;) { if (!strcasecmp (elts[i].key, key)) { if (!done) { elts[i].val = pstrdup(t->pool, val); done = 1; + ++i; } else { /* delete an extraneous element */ for (j = i, k = i + 1; k < t->nelts; ++j, ++k) { *************** *** 592,597 **** --- 593,602 ---- --t->nelts; } } + else { + ++i; + } + } if (!done) { elts = (table_entry *)push_array(t); *************** *** 605,611 **** register int i, j, k; table_entry *elts = (table_entry *)t->elts; ! for (i = 0; i < t->nelts; ++i) if (!strcasecmp (elts[i].key, key)) { /* found an element to skip over --- 610,616 ---- register int i, j, k; table_entry *elts = (table_entry *)t->elts; ! for (i = 0; i < t->nelts;) { if (!strcasecmp (elts[i].key, key)) { /* found an element to skip over *************** *** 619,625 **** } --t->nelts; } ! } void table_merge (table *t, const char *key, const char *val) { --- 624,634 ---- } --t->nelts; } ! else { ! ++i; ! } ! } ! } void table_merge (table *t, const char *key, const char *val) { Index: apache-1.2-rus/src/buff.c diff -c apache-1.2-rus/src/buff.c:1.2 apache-1.2-rus/src/buff.c:1.3 *** apache-1.2-rus/src/buff.c:1.2 Sat Aug 23 17:03:08 1997 --- apache-1.2-rus/src/buff.c Thu Mar 26 03:25:32 1998 *************** *** 71,76 **** --- 71,80 ---- #endif #define DEFAULT_BUFSIZE (4096) + /* This must be enough to represent (DEFAULT_BUFSIZE - 3) in hex, + * plus two extra characters. + */ + #define CHUNK_HEADER_SIZE (5) /* * Buffered I/O routines. *************** *** 186,200 **** } } /* ! * start chunked encoding */ static void start_chunk( BUFF *fb ) { - char chunksize[16]; /* Big enough for practically anything */ - int chunk_header_size; - if (fb->outchunk != -1) { /* already chunking */ return; --- 190,210 ---- } } + + static int bflush_core(BUFF *fb); + /* ! * Start chunked encoding. ! * ! * Note that in order for bputc() to be an efficient macro we have to ! * guarantee that start_chunk() has always been called on the buffer before we ! * leave any routine in this file. Said another way, if a routine here uses ! * end_chunk() and writes something on the wire, then it has to call ! * start_chunk() or set an error condition before returning. */ static void start_chunk( BUFF *fb ) { if (fb->outchunk != -1) { /* already chunking */ return; *************** *** 204,224 **** return; } - /* we know that the chunk header is going to take at least 3 bytes... */ - chunk_header_size = ap_snprintf( chunksize, sizeof(chunksize), - "%x\015\012", fb->bufsiz - fb->outcnt - 3 ); /* we need at least the header_len + at least 1 data byte * remember that we've overallocated fb->outbase so that we can always * fit the two byte CRLF trailer */ ! if( fb->bufsiz - fb->outcnt < chunk_header_size + 1 ) { ! bflush(fb); } /* assume there's enough space now */ - memcpy( &fb->outbase[fb->outcnt], chunksize, chunk_header_size ); fb->outchunk = fb->outcnt; ! fb->outcnt += chunk_header_size; ! fb->outchunk_header_size = chunk_header_size; } --- 214,229 ---- return; } /* we need at least the header_len + at least 1 data byte * remember that we've overallocated fb->outbase so that we can always * fit the two byte CRLF trailer */ ! if( fb->bufsiz - fb->outcnt < CHUNK_HEADER_SIZE + 1 ) { ! bflush_core(fb); } /* assume there's enough space now */ fb->outchunk = fb->outcnt; ! fb->outcnt += CHUNK_HEADER_SIZE; } *************** *** 229,241 **** end_chunk( BUFF *fb ) { int i; if( fb->outchunk == -1 ) { /* not chunking */ return; } ! if( fb->outchunk + fb->outchunk_header_size == fb->outcnt ) { /* nothing was written into this chunk, and we can't write a 0 size * chunk because that signifies EOF, so just erase it */ --- 234,247 ---- end_chunk( BUFF *fb ) { int i; + char *strp; if( fb->outchunk == -1 ) { /* not chunking */ return; } ! if( fb->outchunk + CHUNK_HEADER_SIZE == fb->outcnt ) { /* nothing was written into this chunk, and we can't write a 0 size * chunk because that signifies EOF, so just erase it */ *************** *** 246,267 **** /* we know this will fit because of how we wrote it in start_chunk() */ i = ap_snprintf( (char *)&fb->outbase[fb->outchunk], ! fb->outchunk_header_size, ! "%x", fb->outcnt - fb->outchunk - fb->outchunk_header_size ); /* we may have to tack some trailing spaces onto the number we just wrote * in case it was smaller than our estimated size. We've also written * a \0 into the buffer with ap_snprintf so we might have to put a * \r back in. */ ! i += fb->outchunk; ! while( fb->outbase[i] != '\015' && fb->outbase[i] != '\012' ) { ! fb->outbase[i++] = ' '; ! } ! if( fb->outbase[i] == '\012' ) { ! /* we overwrote the \r, so put it back */ ! fb->outbase[i-1] = '\015'; } /* tack on the trailing CRLF, we've reserved room for this */ fb->outbase[fb->outcnt++] = '\015'; --- 252,272 ---- /* we know this will fit because of how we wrote it in start_chunk() */ i = ap_snprintf( (char *)&fb->outbase[fb->outchunk], ! CHUNK_HEADER_SIZE, ! "%x", fb->outcnt - fb->outchunk - CHUNK_HEADER_SIZE ); /* we may have to tack some trailing spaces onto the number we just wrote * in case it was smaller than our estimated size. We've also written * a \0 into the buffer with ap_snprintf so we might have to put a * \r back in. */ ! strp = &fb->outbase[fb->outchunk + i]; ! while (i < CHUNK_HEADER_SIZE - 2) { ! *strp++ = ' '; ! ++i; } + *strp++ = '\015'; + *strp = '\012'; /* tack on the trailing CRLF, we've reserved room for this */ fb->outbase[fb->outcnt++] = '\015'; *************** *** 741,747 **** int bwrite(BUFF *fb, const void *buf, int nbyte) { ! int i, nwr; if (fb->flags & (B_WRERR|B_EOUT)) return -1; if (nbyte == 0) return 0; --- 746,752 ---- int bwrite(BUFF *fb, const void *buf, int nbyte) { ! int i, nwr, useable_bufsiz; if (fb->flags & (B_WRERR|B_EOUT)) return -1; if (nbyte == 0) return 0; *************** *** 827,834 **** * original buffer until there is less than bufsiz left. Note that we * use bcwrite() to do this for us, it will do the chunking so that * we don't have to dink around building a chunk in our own buffer. */ ! while (nbyte >= fb->bufsiz) { i = bcwrite(fb, buf, nbyte); if (i <= 0) { --- 832,843 ---- * original buffer until there is less than bufsiz left. Note that we * use bcwrite() to do this for us, it will do the chunking so that * we don't have to dink around building a chunk in our own buffer. + * Remember we may not be able to use the entire buffer if we're + * chunking. */ ! useable_bufsiz = fb->bufsiz; ! if (fb->flags & B_CHUNK) useable_bufsiz -= CHUNK_HEADER_SIZE; ! while (nbyte >= useable_bufsiz) { i = bcwrite(fb, buf, nbyte); if (i <= 0) { *************** *** 855,875 **** return nwr; } ! /* ! * Flushes the buffered stream. ! * Returns 0 on success or -1 on error ! */ ! int ! bflush(BUFF *fb) { int i; - if (!(fb->flags & B_WR) || (fb->flags & B_EOUT)) return 0; - - if (fb->flags & B_WRERR) return -1; - - if (fb->flags & B_CHUNK) end_chunk(fb); - while (fb->outcnt > 0) { do { --- 864,873 ---- return nwr; } ! static int bflush_core(BUFF *fb) { int i; while (fb->outcnt > 0) { do { *************** *** 906,912 **** --- 904,934 ---- if (fb->flags & B_EOUT) return -1; } + return 0; + } + + /* + * Flushes the buffered stream. + * Returns 0 on success or -1 on error + */ + int bflush(BUFF *fb) + { + int ret; + + if (!(fb->flags & B_WR) || (fb->flags & B_EOUT)) return 0; + + if (fb->flags & B_WRERR) return -1; + + if (fb->flags & B_CHUNK) end_chunk(fb); + + ret = bflush_core(fb); + + if (ret == 0 && (fb->flags & B_CHUNK)) { + start_chunk(fb); + } + + return ret; } /* Index: apache-1.2-rus/src/buff.h diff -c apache-1.2-rus/src/buff.h:1.4 apache-1.2-rus/src/buff.h:1.5 *** apache-1.2-rus/src/buff.h:1.4 Fri Jan 30 22:43:45 1998 --- apache-1.2-rus/src/buff.h Thu Mar 26 03:25:33 1998 *************** *** 65,70 **** --- 65,73 ---- #define B_RDERR (16) /* A write error has occurred */ #define B_WRERR (32) + #ifdef B_ERROR /* in SVR4: sometimes defined in /usr/include/sys/buf.h */ + #undef B_ERROR /* avoid "warning: `B_ERROR' redefined" */ + #endif #define B_ERROR (48) /* Use chunked writing */ #define B_CHUNK (64) *************** *** 80,86 **** int incnt; /* number of bytes left to read from input buffer; * always 0 if had a read error */ int outchunk; /* location of chunk header when chunking */ - int outchunk_header_size; /* how long the header is */ int outcnt; /* number of byte put in output buffer */ unsigned char *inbase; unsigned char *outbase; --- 83,88 ---- Index: apache-1.2-rus/src/conf.h diff -c apache-1.2-rus/src/conf.h:1.3 apache-1.2-rus/src/conf.h:1.4 *** apache-1.2-rus/src/conf.h:1.3 Sat Aug 23 17:03:09 1997 --- apache-1.2-rus/src/conf.h Thu Mar 26 03:25:34 1998 *************** *** 52,58 **** /* * conf.h: system-dependant #defines and includes... ! * See README for a listing of what they mean */ #if !defined(QNX) && !defined(MPE) --- 52,58 ---- /* * conf.h: system-dependant #defines and includes... ! * See PORTING for a listing of what they mean */ #if !defined(QNX) && !defined(MPE) Index: apache-1.2-rus/src/http_config.c diff -c apache-1.2-rus/src/http_config.c:1.3 apache-1.2-rus/src/http_config.c:1.4 *** apache-1.2-rus/src/http_config.c:1.3 Fri Jan 9 22:25:21 1998 --- apache-1.2-rus/src/http_config.c Thu Mar 26 03:25:36 1998 *************** *** 883,889 **** if (strcmp(w, "*") == 0) { my_addr = htonl(INADDR_ANY); is_an_ip_addr = 1; ! } else if( strcmp(w, "_default_") == 0 || strcmp(w, "255.255.255.255") == 0 ) { my_addr = DEFAULT_VHOST_ADDR; is_an_ip_addr = 1; --- 883,889 ---- if (strcmp(w, "*") == 0) { my_addr = htonl(INADDR_ANY); is_an_ip_addr = 1; ! } else if( strcasecmp(w, "_default_") == 0 || strcmp(w, "255.255.255.255") == 0 ) { my_addr = DEFAULT_VHOST_ADDR; is_an_ip_addr = 1; Index: apache-1.2-rus/src/http_core.c diff -c apache-1.2-rus/src/http_core.c:1.4 apache-1.2-rus/src/http_core.c:1.5 *** apache-1.2-rus/src/http_core.c:1.4 Tue Jan 27 03:31:23 1998 --- apache-1.2-rus/src/http_core.c Thu Mar 26 03:25:37 1998 *************** *** 1332,1339 **** if ((errstatus = discard_request_body(r)) != OK) return errstatus; ! r->allowed |= (1 << M_GET); ! r->allowed |= (1 << M_OPTIONS); if (r->method_number == M_INVALID) { log_printf(r->server, "Invalid method in request %s", r->the_request); --- 1332,1338 ---- if ((errstatus = discard_request_body(r)) != OK) return errstatus; ! r->allowed |= (1 << M_GET) | (1 << M_OPTIONS); if (r->method_number == M_INVALID) { log_printf(r->server, "Invalid method in request %s", r->the_request); Index: apache-1.2-rus/src/http_main.c diff -c apache-1.2-rus/src/http_main.c:1.4 apache-1.2-rus/src/http_main.c:1.5 *** apache-1.2-rus/src/http_main.c:1.4 Fri Jan 9 22:25:22 1998 --- apache-1.2-rus/src/http_main.c Thu Mar 26 03:25:39 1998 *************** *** 236,243 **** continue; if (ret < 0) { ! log_unixerr("fcntl", "F_SETLKW", "Error getting accept lock. Exiting!", ! server_conf); exit(1); } } --- 236,244 ---- continue; if (ret < 0) { ! log_unixerr("fcntl", "F_SETLKW", "Error getting accept lock. Exiting!" ! "Perhaps you need to use the LockFile directive to place " ! "your lock file on a local disk!", server_conf); exit(1); } } *************** *** 246,253 **** { if (fcntl (lock_fd, F_SETLKW, &unlock_it) < 0) { ! log_unixerr("fcntl", "F_SETLKW", "Error freeing accept lock. Exiting!", ! server_conf); exit(1); } } --- 247,255 ---- { if (fcntl (lock_fd, F_SETLKW, &unlock_it) < 0) { ! log_unixerr("fcntl", "F_SETLKW", "Error freeing accept lock. Exiting!" ! "Perhaps you need to use the LockFile directive to place " ! "your lock file on a local disk!", server_conf); exit(1); } } *************** *** 1712,1718 **** --- 1714,1722 ---- */ ap_setjmp (jmpbuffer); #ifndef __EMX__ + #ifdef SIGURG signal(SIGURG, timeout); + #endif #endif while (1) { *************** *** 1777,1790 **** errno = errsave; if (srv < 0 && errno != EINTR) { ! #ifdef LINUX ! if (errno == EFAULT) { ! log_unixerr("select", "(listen) fatal, exiting", ! NULL, server_conf); ! exit(1); ! } ! #endif log_unixerr("select", "(listen)", NULL, server_conf); } if (srv <= 0) --- 1781,1794 ---- errno = errsave; if (srv < 0 && errno != EINTR) { ! /* Single Unix documents select as returning errnos ! * EBADF, EINTR, and EINVAL... and in none of those ! * cases does it make sense to continue. In fact ! * on Linux 2.0.x we seem to end up with EFAULT ! * occasionally, and we'd loop forever due to it. ! */ log_unixerr("select", "(listen)", NULL, server_conf); + exit(1); } if (srv <= 0) *************** *** 1815,1829 **** if (csd >= 0) break; /* We have a socket ready for reading */ else { ! ! #if defined(EPROTO) && defined(ECONNABORTED) ! if ((errno != EPROTO) && (errno != ECONNABORTED)) ! #elif defined(EPROTO) ! if (errno != EPROTO) ! #elif defined(ECONNABORTED) ! if (errno != ECONNABORTED) #endif ! log_unixerr("accept", "(client socket)", NULL, server_conf); } /* go around again, safe to die */ --- 1819,1880 ---- if (csd >= 0) break; /* We have a socket ready for reading */ else { ! /* Our old behaviour here was to continue after accept() ! * errors. But this leads us into lots of troubles ! * because most of the errors are quite fatal. For ! * example, EMFILE can be caused by slow descriptor ! * leaks (say in a 3rd party module, or libc). It's ! * foolish for us to continue after an EMFILE. We also ! * seem to tickle kernel bugs on some platforms which ! * lead to never-ending loops here. So it seems best ! * to just exit in most cases. ! */ ! switch (errno) { ! #ifdef EPROTO ! /* EPROTO on certain older kernels really means ! * ECONNABORTED, so we need to ignore it for them. ! * See discussion in new-httpd archives nh.9701 ! * search for EPROTO. ! * ! * Also see nh.9603, search for EPROTO: ! * There is potentially a bug in Solaris 2.x x<6, ! * and other boxes that implement tcp sockets in ! * userland (i.e. on top of STREAMS). On these ! * systems, EPROTO can actually result in a fatal ! * loop. See PR#981 for example. It's hard to ! * handle both uses of EPROTO. ! */ ! case EPROTO: ! #endif ! #ifdef ECONNABORTED ! case ECONNABORTED: ! #endif ! /* Linux generates the rest of these, other tcp ! * stacks (i.e. bsd) tend to hide them behind ! * getsockopt() interfaces. They occur when ! * the net goes sour or the client disconnects ! * after the three-way handshake has been done ! * in the kernel but before userland has picked ! * up the socket. ! */ ! #ifdef ECONNRESET ! case ECONNRESET: ! #endif ! #ifdef ETIMEDOUT ! case ETIMEDOUT: ! #endif ! #ifdef EHOSTUNREACH ! case EHOSTUNREACH: ! #endif ! #ifdef ENETUNREACH ! case ENETUNREACH: #endif ! break; ! ! default: ! log_unixerr("accept", "(client socket)", NULL, server_conf); ! exit(1); ! } } /* go around again, safe to die */ Index: apache-1.2-rus/src/http_protocol.c diff -c apache-1.2-rus/src/http_protocol.c:1.21 apache-1.2-rus/src/http_protocol.c:1.22 *** apache-1.2-rus/src/http_protocol.c:1.21 Fri Feb 6 01:52:27 1998 --- apache-1.2-rus/src/http_protocol.c Thu Mar 26 03:25:40 1998 *************** *** 129,135 **** if (!(range = table_get(r->headers_in, "Range"))) range = table_get(r->headers_in, "Request-Range"); ! if (!range || strncmp(range, "bytes=", 6)) { table_set (r->headers_out, "Accept-Ranges", "bytes"); return 0; } --- 129,135 ---- if (!(range = table_get(r->headers_in, "Range"))) range = table_get(r->headers_in, "Request-Range"); ! if (!range || strncasecmp(range, "bytes=", 6)) { table_set (r->headers_out, "Accept-Ranges", "bytes"); return 0; } *************** *** 339,345 **** * as HTTP/1.0, but pass our request along with our HTTP/1.1 tag * to a HTTP/1.1 client. Better safe than sorry. */ ! table_merge(r->headers_out, "Connection", "close"); r->connection->keepalive = 0; --- 339,346 ---- * as HTTP/1.0, but pass our request along with our HTTP/1.1 tag * to a HTTP/1.1 client. Better safe than sorry. */ ! if (!wimpy) ! table_merge(r->headers_out, "Connection", "close"); r->connection->keepalive = 0; *************** *** 578,590 **** } } ! const char *check_fulluri (request_rec *r, const char *uri) { char *name, *host; int i; unsigned port; /* This routine parses full URLs, if they match the server */ ! if (strncmp(uri, "http://", 7)) return uri; name = pstrdup(r->pool, uri + 7); /* Find the hostname, assuming a valid request */ --- 579,593 ---- } } ! const char *check_fulluri (request_rec *r, const char *uri) ! { char *name, *host; int i; unsigned port; + server_addr_rec * sar; /* This routine parses full URLs, if they match the server */ ! if (strncasecmp(uri, "http://", 7)) return uri; name = pstrdup(r->pool, uri + 7); /* Find the hostname, assuming a valid request */ *************** *** 597,603 **** else port = 80; /* Make sure ports patch */ ! if (port != r->server->port) return uri; /* Save it for later use */ r->hostname = pstrdup(r->pool, host); --- 600,612 ---- else port = 80; /* Make sure ports patch */ ! if (port != r->server->port) { ! for (sar = r->server->addrs; sar; sar = sar->next) { ! if( (sar->host_port == 0) || (port == sar->host_port) ) ! break; ! } ! if (!sar) return uri; ! } /* Save it for later use */ r->hostname = pstrdup(r->pool, host); *************** *** 708,724 **** } } ! static void check_hostalias (request_rec *r) { const char *hostname=r->hostname; char *host = getword(r->pool, &hostname, ':'); /* Get rid of port */ unsigned port = (*hostname) ? atoi(hostname) : 80; ! server_rec *s; int l; ! #ifndef USE_TRANSFER_TABLES ! if (port && (port != r->server->port)) ! return; ! #endif l = strlen(host)-1; if ((host[l]) == '.') { host[l] = '\0'; --- 717,746 ---- } } ! #define ADDR_MATCHES(addr1,addr2) \ ! (addr1.s_addr == addr2.s_addr) || (addr1.s_addr == htonl(INADDR_ANY)) \ ! || (addr1.s_addr == DEFAULT_VHOST_ADDR) ! ! static void check_hostalias (request_rec *r) ! { const char *hostname=r->hostname; char *host = getword(r->pool, &hostname, ':'); /* Get rid of port */ unsigned port = (*hostname) ? atoi(hostname) : 80; ! server_rec *s = r->server; ! server_addr_rec * sar; int l; ! /* make sure the client can't spoof the port; ! * have to check all possiblities to see if the server ! * should be listening. */ ! if (port != r->server->port) { ! for (sar = s->addrs; sar; sar = sar->next) { ! if ( (port == sar->host_port) || (sar->host_port == 0) ) ! break; ! } ! if (!sar) return; ! } ! l = strlen(host)-1; if ((host[l]) == '.') { host[l] = '\0'; *************** *** 735,771 **** configuration */ continue; } ! ! if ((!strcasecmp(host, s->server_hostname)) && (port == s->port)) { ! r->server = r->connection->server = s; ! if (r->hostlen && !strncmp(r->uri, "http://", 7)) { ! r->uri += r->hostlen; ! parse_uri(r, r->uri); } ! } ! /* search all the names from directive */ ! for( sar = s->addrs; sar; sar = sar->next ) { ! if( !strcasecmp( sar->virthost, host ) && ! ( (sar->host_port == 0) || (port == sar->host_port) )) { ! r->server = r->connection->server = s; ! if( r->hostlen && !strncmp( r->uri, "http://", 7) ) { ! r->uri += r->hostlen; ! r->proxyreq = 0; ! } } } ! /* search all the aliases from ServerAlias directive */ names = s->names; ! if( names ) { while (*names) { char *name = getword_conf (r->pool, &names); if ((is_matchexp(name) && !strcasecmp_match(host, name)) || (!strcasecmp(host, name))) { r->server = r->connection->server = s; ! if (r->hostlen && !strncmp(r->uri, "http://", 7)) { r->uri += r->hostlen; r->proxyreq = 0; } --- 757,824 ---- configuration */ continue; } ! /* ok, now there are several possibilities, and we're matching the ! * hostname, the port, and r->connection->local_addr. The last is ! * required so as to only respond on an address to which this vhost ! * should actually be listening. ! * ! * Either we can match s->server_name and s->port while matching ! * against the ip address in a record in the s->addrs list *or* we ! * can match s->server_name and a complete record in the s->addrs ! * list *or* we can match the virtual host name and the address and ! * the port of a record in the s->addrs list. ! */ ! if (!strcasecmp(host,s->server_hostname)) { /* ServerName matches hostname */ ! if (port == s->port) { /* possibly configured by Port */ ! for (sar = s->addrs; sar; sar = sar->next) { ! if (ADDR_MATCHES(sar->host_addr,r->connection->local_addr.sin_addr)) ! break; /* SN matches, Port matches, and one IP addr matches */ ! } ! } else { /* check to see if an addr matches */ ! for (sar = s->addrs; sar; sar = sar->next) { ! if (((port == sar->host_port) || (sar->host_port == 0)) ! && (ADDR_MATCHES(sar->host_addr, ! r->connection->local_addr.sin_addr))) ! break; /* SN matches, and a addr matches IP & port */ ! } } ! if (sar) { /* we got a match */ ! r->server = r->connection->server = s; ! if (r->hostlen && !strncasecmp(r->uri, "http://", 7)) { ! r->uri += r->hostlen; ! parse_uri(r, r->uri); ! /* we still might want to do something below (ie. set r->proxyreq) */ ! } ! } ! } /* ServerName doesn't match */ ! /* now s->addrs list, include the names, from the VirtualHost directive */ ! for (sar = s->addrs; sar; sar = sar->next) { ! if (((sar->host_port==0) || (port==sar->host_port)) ! && (ADDR_MATCHES(sar->host_addr,r->connection->local_addr.sin_addr)) ! && !strcasecmp(host,sar->virthost)) { ! /* ok, an element in the addrs list matched all three items */ ! r->server = r->connection->server = s; ! if (r->hostlen && !strncasecmp(r->uri, "http://", 7)) { ! r->uri += r->hostlen; ! r->proxyreq = 0; ! } } } ! /* search all the aliases from ServerAlias directive ! * ServerAlias acts like a wildcard, so as to help deal with the ! * transition when the DNS for a given host changes. ! */ names = s->names; ! if (names) { while (*names) { char *name = getword_conf (r->pool, &names); if ((is_matchexp(name) && !strcasecmp_match(host, name)) || (!strcasecmp(host, name))) { r->server = r->connection->server = s; ! if (r->hostlen && !strncasecmp(r->uri, "http://", 7)) { r->uri += r->hostlen; r->proxyreq = 0; } *************** *** 775,782 **** } } ! void check_serverpath (request_rec *r) { server_rec *s; /* This is in conjunction with the ServerPath code in * http_core, so we get the right host attached to a non- --- 828,838 ---- } } ! void check_serverpath (request_rec *r) ! { server_rec *s; + server_addr_rec * sar = NULL; + int port = r->connection->local_addr.sin_port; /* This is in conjunction with the ServerPath code in * http_core, so we get the right host attached to a non- *************** *** 784,793 **** */ for (s = r->server->next; s; s = s->next) { ! if (s->addrs && s->path && !strncmp(r->uri, s->path, s->pathlen) && ! (s->path[s->pathlen - 1] == '/' || ! r->uri[s->pathlen] == '/' || ! r->uri[s->pathlen] == '\0')) r->server = r->connection->server = s; } } --- 840,874 ---- */ for (s = r->server->next; s; s = s->next) { ! /* we should check to make sure that this server should be listening ! * at all. ! * ! * this code is duplicated in check_hostalias, but only one of these ! * two functions runs for a given request. ! */ ! if (!s->addrs) continue; ! ! if( (port == s->port) ) { ! for(sar = s->addrs; sar; sar = sar->next) { ! if(ADDR_MATCHES(sar->host_addr, r->connection->local_addr.sin_addr)) ! break; ! } ! } ! else { ! for(sar = s->addrs; sar; sar = sar->next) { ! if( ( (port == sar->host_port) || (sar->host_port == 0) ) ! && ( ADDR_MATCHES(sar->host_addr, ! r->connection->local_addr.sin_addr) ) ) ! break; ! } ! } ! ! if (!sar) continue; /* no match */ ! ! if (s->path && !strncmp(r->uri, s->path, s->pathlen) ! && (s->path[s->pathlen - 1] == '/' ! || r->uri[s->pathlen] == '/' ! || r->uri[s->pathlen] == '\0')) r->server = r->connection->server = s; } } *************** *** 963,969 **** return AUTH_REQUIRED; } ! if (strcmp(getword (r->pool, &auth_line, ' '), "Basic")) { /* Client tried to authenticate using wrong auth scheme */ log_reason ("client used wrong authentication scheme", r->uri, r); note_basic_auth_failure (r); --- 1044,1050 ---- return AUTH_REQUIRED; } ! if (strcasecmp(getword (r->pool, &auth_line, ' '), "Basic")) { /* Client tried to authenticate using wrong auth scheme */ log_reason ("client used wrong authentication scheme", r->uri, r); note_basic_auth_failure (r); *************** *** 971,977 **** } t = uudecode (r->pool, auth_line); ! r->connection->user = getword_nulls_nc (r->pool, &t, ':'); r->connection->auth_type = "Basic"; *pw = t; --- 1052,1058 ---- } t = uudecode (r->pool, auth_line); ! r->connection->user = getword_nulls_nc (r->connection->pool, &t, ':'); r->connection->auth_type = "Basic"; *pw = t; *************** *** 1266,1272 **** long int bs; bgetopt(client, BO_BYTECT, &bs); ! if (bs == 256 || bs == 257) bputs("X-Pad: avoid browser bug\015\012", client); bputs("\015\012", client); /* Send the terminating empty line */ --- 1347,1353 ---- long int bs; bgetopt(client, BO_BYTECT, &bs); ! if (bs >= 255 && bs <= 257) bputs("X-Pad: avoid browser bug\015\012", client); bputs("\015\012", client); /* Send the terminating empty line */ *************** *** 1617,1623 **** int should_client_block (request_rec *r) { ! if (r->read_length || is_HTTP_ERROR(r->status)) return 0; if (!r->read_chunked && (r->remaining <= 0)) --- 1698,1706 ---- int should_client_block (request_rec *r) { ! /* First check if we have already read the request body */ ! ! if (r->read_length || (!r->read_chunked && (r->remaining <= 0))) return 0; if (!r->read_chunked && (r->remaining <= 0)) *************** *** 1862,1868 **** break; } o=0; - total_bytes_sent += n; while (n && !r->connection->aborted) { #ifdef USE_TRANSFER_TABLES --- 1945,1950 ---- *************** *** 1905,1910 **** --- 1987,1993 ---- if (w > 0) { reset_timeout(r); /* reset timeout after successful write */ + total_bytes_sent += w; n-=w; o+=w; } Index: apache-1.2-rus/src/http_request.c diff -c apache-1.2-rus/src/http_request.c:1.6 apache-1.2-rus/src/http_request.c:1.7 *** apache-1.2-rus/src/http_request.c:1.6 Fri Jan 9 22:25:24 1998 --- apache-1.2-rus/src/http_request.c Thu Mar 26 03:25:43 1998 *************** *** 814,819 **** --- 814,829 ---- r->status = type; + /* + * If we want to keep the connection, be sure that the request body + * (if any) has been read. + */ + if ((r->status != HTTP_NOT_MODIFIED) && (r->status != HTTP_NO_CONTENT) + && !status_drops_connection(r->status) + && r->connection && (r->connection->keepalive != -1)) { + (void) discard_request_body(r); + } + /* Two types of custom redirects --- plain text, and URLs. * Plain text has a leading '"', so the URL code, here, is triggered * on its absence Index: apache-1.2-rus/src/httpd.h diff -c apache-1.2-rus/src/httpd.h:1.29 apache-1.2-rus/src/httpd.h:1.30 *** apache-1.2-rus/src/httpd.h:1.29 Fri Feb 6 01:52:29 1998 --- apache-1.2-rus/src/httpd.h Thu Mar 26 03:25:44 1998 *************** *** 74,79 **** --- 74,80 ---- #endif #endif + #ifndef DOCUMENT_LOCATION /* Root of server */ #ifdef __EMX__ /* Set default for OS/2 file system */ *************** *** 81,86 **** --- 82,88 ---- #else #define DOCUMENT_LOCATION "/usr/local/etc/httpd/htdocs" #endif + #endif /* Max. number of dynamically loaded modules */ #define DYNAMIC_MODULE_LIMIT 64 *************** *** 112,132 **** --- 114,144 ---- #endif /* The name of the log files */ + #ifndef DEFAULT_XFERLOG #ifdef __EMX__ /* Set default for OS/2 file system */ #define DEFAULT_XFERLOG "logs/access.log" #else #define DEFAULT_XFERLOG "logs/access_log" #endif + #endif /* DEFAULT_XFERLOG */ + #ifndef DEFAULT_ERRORLOG #ifdef __EMX__ /* Set default for OS/2 file system */ #define DEFAULT_ERRORLOG "logs/error.log" #else #define DEFAULT_ERRORLOG "logs/error_log" #endif + #endif /* DEFAULT_ERRORLOG */ + #ifndef DEFAULT_PIDLOG #define DEFAULT_PIDLOG "logs/httpd.pid" + #endif + #ifndef DEFAULT_SCOREBOARD #define DEFAULT_SCOREBOARD "logs/apache_runtime_status" + #endif + #ifndef DEFAULT_LOCKFILE #define DEFAULT_LOCKFILE "logs/accept.lock" + #endif /* Define this to be what your HTML directory content files are called */ #define DEFAULT_INDEX "index.html" *************** *** 151,164 **** --- 163,182 ---- #define SERVER_CONFIG_FILE "conf/httpd.conf" #endif + #ifndef RESOURCE_CONFIG_FILE /* The name of the document config file */ #define RESOURCE_CONFIG_FILE "conf/srm.conf" + #endif + #ifndef TYPES_CONFIG_FILE /* The name of the MIME types file */ #define TYPES_CONFIG_FILE "conf/mime.types" + #endif + #ifndef ACCESS_CONFIG_FILE /* The name of the access file */ #define ACCESS_CONFIG_FILE "conf/access.conf" + #endif /* Whether we should enable rfc1413 identity checking */ #define DEFAULT_RFC1413 0 *************** *** 256,262 **** * Example: "Apache/1.1.0 MrWidget/0.1-alpha" */ ! #define SERVER_BASEVERSION "Apache/1.2.5 rus/PL22.2" /* SEE COMMENTS ABOVE */ #ifdef SERVER_SUBVERSION #define SERVER_VERSION SERVER_BASEVERSION " " SERVER_SUBVERSION #else --- 274,280 ---- * Example: "Apache/1.1.0 MrWidget/0.1-alpha" */ ! #define SERVER_BASEVERSION "Apache/1.2.6 rus/PL22.2" /* SEE COMMENTS ABOVE */ #ifdef SERVER_SUBVERSION #define SERVER_VERSION SERVER_BASEVERSION " " SERVER_SUBVERSION #else *************** *** 266,272 **** /* Numeric release version identifier: major minor bugfix betaseq * Always increases along the same track as the source branch. */ ! #define APACHE_RELEASE 1020501 #define SERVER_PROTOCOL "HTTP/1.1" #define SERVER_SUPPORT "http://www.apache.org/" --- 284,290 ---- /* Numeric release version identifier: major minor bugfix betaseq * Always increases along the same track as the source branch. */ ! #define APACHE_RELEASE 1020600 #define SERVER_PROTOCOL "HTTP/1.1" #define SERVER_SUPPORT "http://www.apache.org/" Index: apache-1.2-rus/src/mod_asis.c diff -c apache-1.2-rus/src/mod_asis.c:1.1.1.1 apache-1.2-rus/src/mod_asis.c:1.2 *** apache-1.2-rus/src/mod_asis.c:1.1.1.1 Wed Jun 18 00:20:09 1997 --- apache-1.2-rus/src/mod_asis.c Thu Mar 26 03:25:45 1998 *************** *** 63,68 **** --- 63,69 ---- FILE *f; char *location; + r->allowed |= (1 << M_GET); if (r->method_number != M_GET) return DECLINED; if (r->finfo.st_mode == 0) { log_reason("File does not exist", r->filename, r); Index: apache-1.2-rus/src/mod_cgi.c diff -c apache-1.2-rus/src/mod_cgi.c:1.2 apache-1.2-rus/src/mod_cgi.c:1.3 *** apache-1.2-rus/src/mod_cgi.c:1.2 Mon Jul 7 16:46:15 1997 --- apache-1.2-rus/src/mod_cgi.c Thu Mar 26 03:25:46 1998 *************** *** 84,90 **** int is_scriptaliased (request_rec *r) { char *t = table_get (r->notes, "alias-forced-type"); ! return t && (!strcmp (t, "cgi-script")); } /* Configuration stuff */ --- 84,90 ---- int is_scriptaliased (request_rec *r) { char *t = table_get (r->notes, "alias-forced-type"); ! return t && (!strcasecmp (t, "cgi-script")); } /* Configuration stuff */ Index: apache-1.2-rus/src/mod_charset.c diff -c apache-1.2-rus/src/mod_charset.c:1.26 apache-1.2-rus/src/mod_charset.c:1.27 *** apache-1.2-rus/src/mod_charset.c:1.26 Fri Feb 6 01:52:30 1998 --- apache-1.2-rus/src/mod_charset.c Sun Mar 29 21:38:28 1998 *************** *** 58,64 **** * This is not independent module, it must be used with my patch * to file http_protocol.c and with compilation key -DUSE_TRANSFER_TABLES */ ! #ifdef USE_TRANSFER_TABLES #include "httpd.h" #include "http_config.h" #include "http_main.h" --- 58,66 ---- * This is not independent module, it must be used with my patch * to file http_protocol.c and with compilation key -DUSE_TRANSFER_TABLES */ ! #ifndef USE_TRANSFER_TABLES ! #error You MUST specify -DUSE_TRANSFER_TABLES compilation flag in your Configuration ! #else #include "httpd.h" #include "http_config.h" #include "http_main.h" Index: apache-1.2-rus/src/mod_digest.c diff -c apache-1.2-rus/src/mod_digest.c:1.1.1.1 apache-1.2-rus/src/mod_digest.c:1.2 *** apache-1.2-rus/src/mod_digest.c:1.1.1.1 Wed Jun 18 00:20:09 1997 --- apache-1.2-rus/src/mod_digest.c Thu Mar 26 03:25:48 1998 *************** *** 145,151 **** return AUTH_REQUIRED; } ! if (strcmp(getword (r->pool, &auth_line, ' '), "Digest")) { /* Client tried to authenticate using wrong auth scheme */ log_reason ("client used wrong authentication scheme", r->uri, r); note_digest_auth_failure (r); --- 145,151 ---- return AUTH_REQUIRED; } ! if (strcasecmp(getword (r->pool, &auth_line, ' '), "Digest")) { /* Client tried to authenticate using wrong auth scheme */ log_reason ("client used wrong authentication scheme", r->uri, r); note_digest_auth_failure (r); Index: apache-1.2-rus/src/mod_dir.c diff -c apache-1.2-rus/src/mod_dir.c:1.4 apache-1.2-rus/src/mod_dir.c:1.5 *** apache-1.2-rus/src/mod_dir.c:1.4 Fri Jan 9 19:04:57 1998 --- apache-1.2-rus/src/mod_dir.c Thu Mar 26 03:25:49 1998 *************** *** 481,487 **** if (r->status != HTTP_OK) { return NULL; } ! if (r->content_type && !strcmp(r->content_type,"text/html") && !r->content_encoding) { if(!(thefile = pfopen(r->pool, r->filename,"r"))) return NULL; n = fread(titlebuf,sizeof(char),MAX_STRING_LEN - 1,thefile); --- 481,487 ---- if (r->status != HTTP_OK) { return NULL; } ! if (r->content_type && !strcasecmp(r->content_type,"text/html") && !r->content_encoding) { if(!(thefile = pfopen(r->pool, r->filename,"r"))) return NULL; n = fread(titlebuf,sizeof(char),MAX_STRING_LEN - 1,thefile); *************** *** 876,881 **** --- 876,882 ---- if (error_notfound) return error_notfound; + r->allowed |= (1 << M_GET); if (r->method_number != M_GET) return NOT_IMPLEMENTED; /* OK, nothing easy. Trot out the heavy artillery... */ Index: apache-1.2-rus/src/mod_imap.c diff -c apache-1.2-rus/src/mod_imap.c:1.3 apache-1.2-rus/src/mod_imap.c:1.4 *** apache-1.2-rus/src/mod_imap.c:1.3 Fri Jan 9 22:25:28 1998 --- apache-1.2-rus/src/mod_imap.c Thu Mar 26 03:25:50 1998 *************** *** 157,163 **** {NULL} }; ! static int pointinrect(const double point[2], const double coords[MAXVERTS][2]) { double max[2], min[2]; if (coords[0][X] > coords[1][X]) { --- 157,163 ---- {NULL} }; ! static int pointinrect(const double point[2], double coords[MAXVERTS][2]) { double max[2], min[2]; if (coords[0][X] > coords[1][X]) { *************** *** 182,188 **** (point[Y] >= min[1] && point[Y] <= max[1])); } ! static int pointincircle(const double point[2], const double coords[MAXVERTS][2]) { double radius1, radius2; --- 182,188 ---- (point[Y] >= min[1] && point[Y] <= max[1])); } ! static int pointincircle(const double point[2], double coords[MAXVERTS][2]) { double radius1, radius2; *************** *** 195,201 **** return (radius2 <= radius1); } ! static int pointinpoly(const double point[2], const double pgon[MAXVERTS][2]) { int i, numverts, inside_flag, xflag0; int crossings; --- 195,201 ---- return (radius2 <= radius1); } ! static int pointinpoly(const double point[2], double pgon[MAXVERTS][2]) { int i, numverts, inside_flag, xflag0; int crossings; *************** *** 270,276 **** } ! static int is_closer(const double point[2], const double coords[MAXVERTS][2], double *closest) { double dist_squared = ((point[X] - coords[0][X]) * (point[X] - coords[0][X])) + ((point[Y] - coords[0][Y]) * (point[Y] - coords[0][Y])); --- 270,277 ---- } ! static int is_closer(const double point[2], double coords[MAXVERTS][2], ! double *closest) { double dist_squared = ((point[X] - coords[0][X]) * (point[X] - coords[0][X])) + ((point[Y] - coords[0][Y]) * (point[Y] - coords[0][Y])); Index: apache-1.2-rus/src/mod_include.c diff -c apache-1.2-rus/src/mod_include.c:1.4 apache-1.2-rus/src/mod_include.c:1.5 *** apache-1.2-rus/src/mod_include.c:1.4 Fri Jan 9 22:25:30 1998 --- apache-1.2-rus/src/mod_include.c Thu Mar 26 03:25:52 1998 *************** *** 2204,2209 **** --- 2204,2210 ---- if (!(allow_options(r) & OPT_INCLUDES)) { return DECLINED; } + r->allowed |= (1 << M_GET); if (r->method_number != M_GET) { return DECLINED; } *************** *** 2226,2233 **** /* OS/2 dosen't support Groups. */ && (r->finfo.st_mode & S_IXGRP) #endif ! && (errstatus = set_last_modified (r, r->finfo.st_mtime))) ! return errstatus; send_http_header(r); --- 2227,2239 ---- /* OS/2 dosen't support Groups. */ && (r->finfo.st_mode & S_IXGRP) #endif ! ) { ! errstatus = set_last_modified (r, r->finfo.st_mtime); ! table_unset(r->headers_out, "ETag"); ! if (errstatus) { ! return errstatus; ! } ! } send_http_header(r); Index: apache-1.2-rus/src/mod_info.c diff -c apache-1.2-rus/src/mod_info.c:1.2 apache-1.2-rus/src/mod_info.c:1.3 *** apache-1.2-rus/src/mod_info.c:1.2 Sat Aug 23 17:03:24 1997 --- apache-1.2-rus/src/mod_info.c Thu Mar 26 03:25:54 1998 *************** *** 282,292 **** extern char server_root[MAX_STRING_LEN]; extern char server_confname[MAX_STRING_LEN]; r->content_type = "text/html"; send_http_header(r); if(r->header_only) { return 0; ! } hard_timeout("send server info", r); rputs("Server Information\n",r); --- 282,296 ---- extern char server_root[MAX_STRING_LEN]; extern char server_confname[MAX_STRING_LEN]; + r->allowed |= (1 << M_GET); + if (r->method_number != M_GET) + return DECLINED; + r->content_type = "text/html"; send_http_header(r); if(r->header_only) { return 0; ! } hard_timeout("send server info", r); rputs("Server Information\n",r); Index: apache-1.2-rus/src/mod_rewrite.c diff -c apache-1.2-rus/src/mod_rewrite.c:1.3 apache-1.2-rus/src/mod_rewrite.c:1.4 *** apache-1.2-rus/src/mod_rewrite.c:1.3 Sat Aug 23 17:03:27 1997 --- apache-1.2-rus/src/mod_rewrite.c Thu Mar 26 03:25:56 1998 *************** *** 947,959 **** return OK; } else if ( (strlen(r->filename) > 7 && ! strncmp(r->filename, "http://", 7) == 0) || (strlen(r->filename) > 8 && ! strncmp(r->filename, "https://", 8) == 0) || (strlen(r->filename) > 9 && ! strncmp(r->filename, "gopher://", 9) == 0) || (strlen(r->filename) > 6 && ! strncmp(r->filename, "ftp://", 6) == 0) ) { /* it was finally rewritten to a remote URL */ /* skip 'scheme:' */ --- 947,959 ---- return OK; } else if ( (strlen(r->filename) > 7 && ! strncasecmp(r->filename, "http://", 7) == 0) || (strlen(r->filename) > 8 && ! strncasecmp(r->filename, "https://", 8) == 0) || (strlen(r->filename) > 9 && ! strncasecmp(r->filename, "gopher://", 9) == 0) || (strlen(r->filename) > 6 && ! strncasecmp(r->filename, "ftp://", 6) == 0) ) { /* it was finally rewritten to a remote URL */ /* skip 'scheme:' */ *************** *** 1179,1191 **** return OK; } else if ( (strlen(r->filename) > 7 && ! strncmp(r->filename, "http://", 7) == 0) || (strlen(r->filename) > 8 && ! strncmp(r->filename, "https://", 8) == 0) || (strlen(r->filename) > 9 && ! strncmp(r->filename, "gopher://", 9) == 0) || (strlen(r->filename) > 6 && ! strncmp(r->filename, "ftp://", 6) == 0) ) { /* it was finally rewritten to a remote URL */ /* because we are in a per-dir context --- 1179,1191 ---- return OK; } else if ( (strlen(r->filename) > 7 && ! strncasecmp(r->filename, "http://", 7) == 0) || (strlen(r->filename) > 8 && ! strncasecmp(r->filename, "https://", 8) == 0) || (strlen(r->filename) > 9 && ! strncasecmp(r->filename, "gopher://", 9) == 0) || (strlen(r->filename) > 6 && ! strncasecmp(r->filename, "ftp://", 6) == 0) ) { /* it was finally rewritten to a remote URL */ /* because we are in a per-dir context *************** *** 1565,1574 **** /* if this is an implicit redirect in a per-dir rule */ i = strlen(output); if (perdir != NULL ! && ( (i > 7 && strncmp(output, "http://", 7) == 0) ! || (i > 8 && strncmp(output, "https://", 8) == 0) ! || (i > 9 && strncmp(output, "gopher://", 9) == 0) ! || (i > 6 && strncmp(output, "ftp://", 6) == 0) ) ) { if (p->flags & RULEFLAG_NOTMATCH) { strncpy(newuri, output, sizeof(newuri)-1); EOS_PARANOIA(newuri); --- 1565,1574 ---- /* if this is an implicit redirect in a per-dir rule */ i = strlen(output); if (perdir != NULL ! && ( (i > 7 && strncasecmp(output, "http://", 7) == 0) ! || (i > 8 && strncasecmp(output, "https://", 8) == 0) ! || (i > 9 && strncasecmp(output, "gopher://", 9) == 0) ! || (i > 6 && strncasecmp(output, "ftp://", 6) == 0) ) ) { if (p->flags & RULEFLAG_NOTMATCH) { strncpy(newuri, output, sizeof(newuri)-1); EOS_PARANOIA(newuri); *************** *** 1590,1595 **** --- 1590,1596 ---- } rewritelog(r, 2, "[per-dir %s] redirect %s -> %s", perdir, r->filename, newuri); r->filename = pstrdup(r->pool, newuri); + splitout_queryargs(r, p->flags & RULEFLAG_QSAPPEND); r->status = p->forced_responsecode; return 1; } *************** *** 1650,1662 **** if (flags & RULEFLAG_FORCEREDIRECT) { r->status = p->forced_responsecode; if ( !(strlen(r->filename) > 7 && ! strncmp(r->filename, "http://", 7) == 0) && !(strlen(r->filename) > 8 && ! strncmp(r->filename, "https://", 8) == 0) && !(strlen(r->filename) > 9 && ! strncmp(r->filename, "gopher://", 9) == 0) && !(strlen(r->filename) > 6 && ! strncmp(r->filename, "ftp://", 6) == 0) ) { #ifdef APACHE_SSL if ((!r->connection->client->ssl && r->server->port == DEFAULT_PORT) || --- 1651,1663 ---- if (flags & RULEFLAG_FORCEREDIRECT) { r->status = p->forced_responsecode; if ( !(strlen(r->filename) > 7 && ! strncasecmp(r->filename, "http://", 7) == 0) && !(strlen(r->filename) > 8 && ! strncasecmp(r->filename, "https://", 8) == 0) && !(strlen(r->filename) > 9 && ! strncasecmp(r->filename, "gopher://", 9) == 0) && !(strlen(r->filename) > 6 && ! strncasecmp(r->filename, "ftp://", 6) == 0) ) { #ifdef APACHE_SSL if ((!r->connection->client->ssl && r->server->port == DEFAULT_PORT) || *************** *** 1868,1878 **** #ifdef APACHE_SSL if ( (!r->connection->client->ssl && ! strncmp(r->filename, "http://", 7) == 0) || (r->connection->client->ssl && ! strncmp(r->filename, "https://", 8) == 0)) { #else ! if (strncmp(r->filename, "http://", 7) == 0) { #endif /* there was really a rewrite to a remote path */ --- 1869,1879 ---- #ifdef APACHE_SSL if ( (!r->connection->client->ssl && ! strncasecmp(r->filename, "http://", 7) == 0) || (r->connection->client->ssl && ! strncasecmp(r->filename, "https://", 8) == 0)) { #else ! if (strncasecmp(r->filename, "http://", 7) == 0) { #endif /* there was really a rewrite to a remote path */ *************** *** 2376,2382 **** ruser = "\"\""; } ! rhost = get_remote_host(connect, r->server->module_config, REMOTE_NAME); if (rhost == NULL) rhost = "UNKNOWN-HOST"; --- 2377,2383 ---- ruser = "\"\""; } ! rhost = get_remote_host(connect, r->server->module_config, REMOTE_NOLOOKUP); if (rhost == NULL) rhost = "UNKNOWN-HOST"; Index: apache-1.2-rus/src/mod_userdir.c diff -c apache-1.2-rus/src/mod_userdir.c:1.2 apache-1.2-rus/src/mod_userdir.c:1.3 *** apache-1.2-rus/src/mod_userdir.c:1.2 Fri Jan 9 22:25:34 1998 --- apache-1.2-rus/src/mod_userdir.c Thu Mar 26 03:25:58 1998 *************** *** 128,134 **** dname = name + 2; w = getword(r->pool, &dname, '/'); ! if (!strcmp(w, "")) return DECLINED; /* The 'dname' funny business involves backing it up to capture --- 128,135 ---- dname = name + 2; w = getword(r->pool, &dname, '/'); ! /* disallow the empty username, . and .. */ ! if (w[0] == '\0' || (w[1] == '.' && (w[2] == '\0' || (w[2] == '.' && w[3] == '\0')))) return DECLINED; /* The 'dname' funny business involves backing it up to capture Index: apache-1.2-rus/src/mod_usertrack.c diff -c apache-1.2-rus/src/mod_usertrack.c:1.1.1.1 apache-1.2-rus/src/mod_usertrack.c:1.2 *** apache-1.2-rus/src/mod_usertrack.c:1.1.1.1 Wed Jun 18 00:20:11 1997 --- apache-1.2-rus/src/mod_usertrack.c Thu Mar 26 03:25:59 1998 *************** *** 97,103 **** --- 97,105 ---- #include "httpd.h" #include "http_config.h" #include "http_core.h" + #ifndef MPE #include + #endif module usertrack_module; Index: apache-1.2-rus/src/util.c diff -c apache-1.2-rus/src/util.c:1.3 apache-1.2-rus/src/util.c:1.4 *** apache-1.2-rus/src/util.c:1.3 Fri Jan 9 22:25:35 1998 --- apache-1.2-rus/src/util.c Thu Mar 26 03:26:01 1998 *************** *** 1212,1218 **** if(ind(p->h_name,'.') == -1) { for(x=0;p->h_aliases[x];++x) { if((ind(p->h_aliases[x],'.') != -1) && ! (!strncmp(p->h_aliases[x],p->h_name,strlen(p->h_name)))) return pstrdup(a, p->h_aliases[x]); } return NULL; --- 1212,1218 ---- if(ind(p->h_name,'.') == -1) { for(x=0;p->h_aliases[x];++x) { if((ind(p->h_aliases[x],'.') != -1) && ! (!strncasecmp(p->h_aliases[x],p->h_name,strlen(p->h_name)))) return pstrdup(a, p->h_aliases[x]); } return NULL; Index: apache-1.2-rus/src/helpers/GuessOS diff -c apache-1.2-rus/src/helpers/GuessOS:1.2 apache-1.2-rus/src/helpers/GuessOS:1.3 *** apache-1.2-rus/src/helpers/GuessOS:1.2 Mon Jul 7 16:46:28 1997 --- apache-1.2-rus/src/helpers/GuessOS Thu Mar 26 03:27:32 1998 *************** *** 180,186 **** echo "${MACHINE}-unknown-ultrix"; exit 0 ;; ! SINIX*) echo "${MACHINE}-sni-sysv4"; exit 0 ;; --- 180,186 ---- echo "${MACHINE}-unknown-ultrix"; exit 0 ;; ! SINIX-?:* | ReliantUNIX-?:*) echo "${MACHINE}-sni-sysv4"; exit 0 ;; Index: apache-1.2-rus/src/modules/proxy/mod_proxy.c diff -c apache-1.2-rus/src/modules/proxy/mod_proxy.c:1.1.1.1 apache-1.2-rus/src/modules/proxy/mod_proxy.c:1.2 *** apache-1.2-rus/src/modules/proxy/mod_proxy.c:1.1.1.1 Wed Jun 18 00:20:13 1997 --- apache-1.2-rus/src/modules/proxy/mod_proxy.c Thu Mar 26 03:27:33 1998 *************** *** 216,227 **** { p = strchr(ents[i].scheme, ':'); /* is it a partial URL? */ if (strcmp(ents[i].scheme, "*") == 0 || ! (p == NULL && strcmp(scheme, ents[i].scheme) == 0) || (p != NULL && ! strncmp(url, ents[i].scheme, strlen(ents[i].scheme)) == 0)) { /* we only know how to handle communication to a proxy via http */ ! if (strcmp(ents[i].protocol, "http") == 0) rc = proxy_http_handler(r, cr, url, ents[i].hostname, ents[i].port); else rc = DECLINED; --- 216,227 ---- { p = strchr(ents[i].scheme, ':'); /* is it a partial URL? */ if (strcmp(ents[i].scheme, "*") == 0 || ! (p == NULL && strcasecmp(scheme, ents[i].scheme) == 0) || (p != NULL && ! strncasecmp(url, ents[i].scheme, strlen(ents[i].scheme)) == 0)) { /* we only know how to handle communication to a proxy via http */ ! if (strcasecmp(ents[i].protocol, "http") == 0) rc = proxy_http_handler(r, cr, url, ents[i].hostname, ents[i].port); else rc = DECLINED; *************** *** 239,247 **** /* handle the scheme */ if (r->method_number == M_CONNECT) return proxy_connect_handler(r, cr, url); ! if (strcmp(scheme, "http") == 0) return proxy_http_handler(r, cr, url, NULL, 0); ! if (strcmp(scheme, "ftp") == 0) return proxy_ftp_handler(r, cr, url); else return NOT_IMPLEMENTED; } --- 239,247 ---- /* handle the scheme */ if (r->method_number == M_CONNECT) return proxy_connect_handler(r, cr, url); ! if (strcasecmp(scheme, "http") == 0) return proxy_http_handler(r, cr, url, NULL, 0); ! if (strcasecmp(scheme, "ftp") == 0) return proxy_ftp_handler(r, cr, url); else return NOT_IMPLEMENTED; } *************** *** 301,307 **** { int i; for (i=0; defports[i].scheme != NULL; i++) ! if (strcmp(defports[i].scheme, r) == 0) break; port = defports[i].port; } --- 301,307 ---- { int i; for (i=0; defports[i].scheme != NULL; i++) ! if (strcasecmp(defports[i].scheme, r) == 0) break; port = defports[i].port; } Index: apache-1.2-rus/src/modules/proxy/proxy_ftp.c diff -c apache-1.2-rus/src/modules/proxy/proxy_ftp.c:1.3 apache-1.2-rus/src/modules/proxy/proxy_ftp.c:1.4 *** apache-1.2-rus/src/modules/proxy/proxy_ftp.c:1.3 Fri Jan 9 22:25:39 1998 --- apache-1.2-rus/src/modules/proxy/proxy_ftp.c Thu Mar 26 03:27:35 1998 *************** *** 372,380 **** o+=w; } } ! ap_snprintf(buf, sizeof(buf), "

%s", SERVER_VERSION); ! bwrite(con->client, buf, strlen(buf)); ! if (f2 != NULL) bwrite(f2, buf, strlen(buf)); total_bytes_sent+=strlen(buf); bflush(con->client); --- 372,381 ---- o+=w; } } ! bputs("

\015\012", con->client); ! if (f2 != NULL) { ! bputs("

\015\012", f2); ! } total_bytes_sent+=strlen(buf); bflush(con->client); *************** *** 944,952 **** /* send response */ /* write status line */ if (!r->assbackwards) ! rvputs(r, SERVER_PROTOCOL, " ", r->status_line, "\015\012", NULL); if (cache != NULL) ! if (bvputs(cache, SERVER_PROTOCOL, " ", r->status_line, "\015\012", NULL) == -1) cache = proxy_cache_error(c); --- 945,953 ---- /* send response */ /* write status line */ if (!r->assbackwards) ! rvputs(r, "HTTP/1.0 ", r->status_line, "\015\012", NULL); if (cache != NULL) ! if (bvputs(cache, "HTTP/1.0 ", r->status_line, "\015\012", NULL) == -1) cache = proxy_cache_error(c); Index: apache-1.2-rus/support/suexec.c diff -c apache-1.2-rus/support/suexec.c:1.3 apache-1.2-rus/support/suexec.c:1.4 *** apache-1.2-rus/support/suexec.c:1.3 Fri Jan 9 22:25:46 1998 --- apache-1.2-rus/support/suexec.c Thu Mar 26 03:27:36 1998 *************** *** 357,363 **** * and setgid() to the target group. If unsuccessful, error out. */ if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) { ! log_err("failed to setgid (%ld: %s/%s)\n", gid, cwd, cmd); exit(109); } --- 357,363 ---- * and setgid() to the target group. If unsuccessful, error out. */ if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) { ! log_err("failed to setgid (%ld: %s)\n", gid, cmd); exit(109); } *************** *** 365,371 **** * setuid() to the target user. Error out on fail. */ if ((setuid(uid)) != 0) { ! log_err("failed to setuid (%ld: %s/%s)\n", uid, cwd, cmd); exit(110); } --- 365,371 ---- * setuid() to the target user. Error out on fail. */ if ((setuid(uid)) != 0) { ! log_err("failed to setuid (%ld: %s)\n", uid, cmd); exit(110); }

+ Apache HTTP Server Version 1.2 +

Known Problems in Clients

Trailing CRLF on POSTs

Broken keepalive

Incorrect interpretation of HTTP/1.1 in response

Requests use HTTP/1.1 but responses must be in HTTP/1.0

Boundary problems with header parsing

Multipart responses and Quoted Boundary Strings

Byterange requests

Set-Cookie header is unmergeable

+ Apache HTTP Server Version 1.2 +

Incorrect interpretation of `HTTP/1.1` in response

`Set-Cookie` header is unmergeable