You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2016/04/26 10:55:57 UTC
svn commit: r1740967 - in /httpd/httpd/trunk: docs/manual/mod/mod_ssl.xml
include/ap_mmn.h
Author: ylavic
Date: Tue Apr 26 08:55:57 2016
New Revision: 1740967
URL: http://svn.apache.org/viewvc?rev=1740967&view=rev
Log:
Follow up to r1740928: update docs (contexts) and minor MMN.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
httpd/httpd/trunk/include/ap_mmn.h
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1740967&r1=1740966&r2=1740967&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Tue Apr 26 08:55:57 2016
@@ -1741,7 +1741,8 @@ SSLStrictSNIVHostCheck on
<name>SSLProxyMachineCertificatePath</name>
<description>Directory of PEM-encoded client certificates and keys to be used by the proxy</description>
<syntax>SSLProxyMachineCertificatePath <em>directory</em></syntax>
-<contextlist><context>server config</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
<override>Not applicable</override>
<usage>
@@ -1769,7 +1770,8 @@ SSLProxyMachineCertificatePath /usr/loca
<name>SSLProxyMachineCertificateFile</name>
<description>File of concatenated PEM-encoded client certificates and keys to be used by the proxy</description>
<syntax>SSLProxyMachineCertificateFile <em>filename</em></syntax>
-<contextlist><context>server config</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
<override>Not applicable</override>
<usage>
@@ -1797,7 +1799,8 @@ SSLProxyMachineCertificateFile /usr/loca
<name>SSLProxyMachineCertificateChainFile</name>
<description>File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</description>
<syntax>SSLProxyMachineCertificateChainFile <em>filename</em></syntax>
-<contextlist><context>server config</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
<override>Not applicable</override>
<usage>
@@ -1830,8 +1833,9 @@ SSLProxyMachineCertificateChainFile /usr
<description>Type of remote server Certificate verification</description>
<syntax>SSLProxyVerify <em>level</em></syntax>
<default>SSLProxyVerify none</default>
-<contextlist><context>server config</context>
-<context>virtual host</context> </contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
@@ -1870,8 +1874,9 @@ SSLProxyVerify require
Certificate verification</description>
<syntax>SSLProxyVerifyDepth <em>number</em></syntax>
<default>SSLProxyVerifyDepth 1</default>
-<contextlist><context>server config</context>
-<context>virtual host</context> </contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -1899,8 +1904,9 @@ SSLProxyVerifyDepth 10
</description>
<syntax>SSLProxyCheckPeerExpire on|off</syntax>
<default>SSLProxyCheckPeerExpire on</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -1922,8 +1928,9 @@ SSLProxyCheckPeerExpire on
</description>
<syntax>SSLProxyCheckPeerCN on|off</syntax>
<default>SSLProxyCheckPeerCN on</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -1951,8 +1958,9 @@ SSLProxyCheckPeerCN on
</description>
<syntax>SSLProxyCheckPeerName on|off</syntax>
<default>SSLProxyCheckPeerName on</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<compatibility>Apache HTTP Server 2.4.5 and later</compatibility>
<usage>
@@ -1981,8 +1989,9 @@ but not for <code>foo.bar.example.org</c
<description>SSL Proxy Engine Operation Switch</description>
<syntax>SSLProxyEngine on|off</syntax>
<default>SSLProxyEngine off</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -2014,9 +2023,9 @@ proxy SSL/TLS requests.</p>
<description>Configure usable SSL protocol flavors for proxy usage</description>
<syntax>SSLProxyProtocol [+|-]<em>protocol</em> ...</syntax>
<default>SSLProxyProtocol all -SSLv3</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
-<override>Options</override>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<!-- XXX Why does this have an override and not .htaccess context? -->
@@ -2036,11 +2045,10 @@ for additional information.
proxy handshake</description>
<syntax>SSLProxyCipherSuite <em>cipher-spec</em></syntax>
<default>SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP</default>
-<contextlist><context>server config</context>
-<context>virtual host</context>
-<context>directory</context>
-<context>.htaccess</context></contextlist>
-<override>AuthConfig</override>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
+
<usage>
<p>Equivalent to <code>SSLCipherSuite</code>, but for the proxy connection.
Please refer to <directive module="mod_ssl">SSLCipherSuite</directive>
@@ -2053,8 +2061,9 @@ for additional information.</p>
<description>Directory of PEM-encoded CA Certificates for
Remote Server Auth</description>
<syntax>SSLProxyCACertificatePath <em>directory-path</em></syntax>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -2080,8 +2089,9 @@ SSLProxyCACertificatePath /usr/local/apa
<description>File of concatenated PEM-encoded CA Certificates
for Remote Server Auth</description>
<syntax>SSLProxyCACertificateFile <em>file-path</em></syntax>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -2104,8 +2114,9 @@ SSLProxyCACertificateFile /usr/local/apa
<description>Directory of PEM-encoded CA CRLs for
Remote Server Auth</description>
<syntax>SSLProxyCARevocationPath <em>directory-path</em></syntax>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -2131,8 +2142,9 @@ SSLProxyCARevocationPath /usr/local/apac
<description>File of concatenated PEM-encoded CA CRLs for
Remote Server Auth</description>
<syntax>SSLProxyCARevocationFile <em>file-path</em></syntax>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
@@ -2156,8 +2168,9 @@ SSLProxyCARevocationFile /usr/local/apac
<description>Enable CRL-based revocation checking for Remote Server Auth</description>
<syntax>SSLProxyCARevocationCheck chain|leaf|none</syntax>
<default>SSLProxyCARevocationCheck none</default>
-<contextlist><context>server config</context>
-<context>virtual host</context></contextlist>
+<contextlist><context>server config</context> <context>virtual host</context>
+<context>proxy section</context></contextlist>
+<override>Not applicable</override>
<usage>
<p>
Modified: httpd/httpd/trunk/include/ap_mmn.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=1740967&r1=1740966&r2=1740967&view=diff
==============================================================================
--- httpd/httpd/trunk/include/ap_mmn.h (original)
+++ httpd/httpd/trunk/include/ap_mmn.h Tue Apr 26 08:55:57 2016
@@ -519,6 +519,10 @@
* ap_mpm_unregister_poll_callback. Add
* AP_MPMQ_CAN_POLL.
* 20160315.1 (2.5.0-dev) Add AP_IMPLEMENT_OPTIONAL_HOOK_RUN_FIRST.
+ * 20160315.2 (2.5.0-dev) Add optional proxy_{hook,run}_section_post_config(),
+ * ap_proxy_connection_create_ex() and section_config
+ * to struct proxy_{worker,balancer} in mod_proxy.h,
+ * and optional ssl_engine_set() to mod_ssl.h.
*/
#define MODULE_MAGIC_COOKIE 0x41503235UL /* "AP25" */
@@ -526,7 +530,7 @@
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20160315
#endif
-#define MODULE_MAGIC_NUMBER_MINOR 1 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 2 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a