You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ja...@apache.org on 2014/04/13 23:03:53 UTC
svn commit: r1587097 - in /httpd/httpd/trunk/docs/manual/mod: mod_filter.xml
mod_headers.xml mod_ldap.xml mod_logio.xml mod_session_crypto.xml
Author: jailletc36
Date: Sun Apr 13 21:03:53 2014
New Revision: 1587097
URL: http://svn.apache.org/r1587097
Log:
Add <compatibility> notes for changes made in version 2.4.7 + synch formating with 2.4.x
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_filter.xml
httpd/httpd/trunk/docs/manual/mod/mod_headers.xml
httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml
httpd/httpd/trunk/docs/manual/mod/mod_logio.xml
httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_filter.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_filter.xml?rev=1587097&r1=1587096&r2=1587097&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_filter.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_filter.xml Sun Apr 13 21:03:53 2014
@@ -416,7 +416,7 @@ for a complete reference and examples.</
<dl>
<dt><code>change=yes|no</code></dt>
<dd>Specifies whether the filter changes the content, including possibly
- the content length.</dd>
+ the content length. The "no" argument is supported in 2.4.7 and later.</dd>
<dt><code>change=1:1</code></dt>
<dd>The filter changes the content, but will not change the content
Modified: httpd/httpd/trunk/docs/manual/mod/mod_headers.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_headers.xml?rev=1587097&r1=1587096&r2=1587097&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_headers.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_headers.xml Sun Apr 13 21:03:53 2014
@@ -259,7 +259,8 @@ Header merge Cache-Control no-store env=
<dt><code>setifempty</code></dt>
<dd>The request header is set, but only if there is no previous header
- with this name. Available in 2.4.7 and later.</dd>
+ with this name.<br />
+ Available in 2.4.7 and later.</dd>
<dt><code>unset</code></dt>
<dd>The request header of this name is removed, if it exists. If
@@ -315,7 +316,7 @@ Header merge Cache-Control no-store env=
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context><context>.htaccess</context></contextlist>
<override>FileInfo</override>
-<compatibility>SetIfEmpty available in 2.4.7 and later</compatibility>
+<compatibility>SetIfEmpty and note available in 2.4.7 and later</compatibility>
<usage>
<p>This directive can replace, merge or remove HTTP response
@@ -406,7 +407,8 @@ Header merge Cache-Control no-store env=
<dt><code>setifempty</code></dt>
<dd>The request header is set, but only if there is no previous header
- with this name. Available in 2.4.7 and later.</dd>
+ with this name.<br />
+ Available in 2.4.7 and later.</dd>
<dt><code>unset</code></dt>
<dd>The response header of this name is removed, if it exists.
@@ -417,7 +419,8 @@ Header merge Cache-Control no-store env=
<dd>The value of the named response <var>header</var> is copied into an
internal note whose name is given by <var>value</var>. This is useful
if a header sent by a CGI or proxied resource is configured to be unset
- but should also be logged.</dd>
+ but should also be logged.<br />
+ Available in 2.4.7 and later.</dd>
</dl>
@@ -499,8 +502,8 @@ Header merge Cache-Control no-store env=
<p>For <code>edit</code> there is both a <var>value</var> argument
which is a <glossary ref="regex">regular expression</glossary>,
- and an additional <var>replacement</var> string. The replacement string
- may also contain format specifiers.</p>
+ and an additional <var>replacement</var> string. As of version 2.4.7
+ the replacement string may also contain format specifiers.</p>
<p>The <directive>Header</directive> directive may be followed by
an additional argument, which may be any of:</p>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml?rev=1587097&r1=1587096&r2=1587097&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ldap.xml Sun Apr 13 21:03:53 2014
@@ -72,9 +72,9 @@ LDAPOpCacheTTL 600
<Location /ldap-status>
SetHandler ldap-status
-
+
Require host yourdomain.example.com
-
+
Satisfy any
AuthType Basic
AuthName "LDAP Protected"
@@ -107,9 +107,9 @@ LDAPOpCacheTTL 600
credentials used when binding to an LDAP server. These
credentials can be provided to LDAP servers that do not
allow anonymous binds during referral chasing. To control
- this feature, see the
- <directive module="mod_ldap">LDAPReferrals</directive> and
- <directive module="mod_ldap">LDAPReferralHopLimit</directive>
+ this feature, see the
+ <directive module="mod_ldap">LDAPReferrals</directive> and
+ <directive module="mod_ldap">LDAPReferralHopLimit</directive>
directives. By default, this feature is enabled.</p>
</section>
@@ -197,26 +197,26 @@ LDAPOpCacheTTL 600
<section id="usingssltls"><title>Using SSL/TLS</title>
<p>The ability to create an SSL and TLS connections to an LDAP server
- is defined by the directives
- <directive module="mod_ldap">LDAPTrustedGlobalCert</directive>,
+ is defined by the directives
+ <directive module="mod_ldap">LDAPTrustedGlobalCert</directive>,
<directive module="mod_ldap">LDAPTrustedClientCert</directive>
- and <directive module="mod_ldap">LDAPTrustedMode</directive>.
- These directives specify the CA and optional client certificates to be used,
- as well as the type of encryption to be used on the connection (none, SSL or
+ and <directive module="mod_ldap">LDAPTrustedMode</directive>.
+ These directives specify the CA and optional client certificates to be used,
+ as well as the type of encryption to be used on the connection (none, SSL or
TLS/STARTTLS).</p>
<highlight language="config">
-# Establish an SSL LDAP connection on port 636. Requires that
-# mod_ldap and mod_authnz_ldap be loaded. Change the
+# Establish an SSL LDAP connection on port 636. Requires that
+# mod_ldap and mod_authnz_ldap be loaded. Change the
# "yourdomain.example.com" to match your domain.
LDAPTrustedGlobalCert CA_DER /certs/certfile.der
<Location /ldap-status>
SetHandler ldap-status
-
+
Require host yourdomain.example.com
-
+
Satisfy any
AuthType Basic
AuthName "LDAP Protected"
@@ -227,17 +227,17 @@ LDAPTrustedGlobalCert CA_DER /certs/cert
</highlight>
<highlight language="config">
-# Establish a TLS LDAP connection on port 389. Requires that
-# mod_ldap and mod_authnz_ldap be loaded. Change the
+# Establish a TLS LDAP connection on port 389. Requires that
+# mod_ldap and mod_authnz_ldap be loaded. Change the
# "yourdomain.example.com" to match your domain.
LDAPTrustedGlobalCert CA_DER /certs/certfile.der
<Location /ldap-status>
SetHandler ldap-status
-
+
Require host yourdomain.example.com
-
+
Satisfy any
AuthType Basic
AuthName "LDAP Protected"
@@ -356,9 +356,9 @@ LDAPTrustedGlobalCert CA_DER /certs/cace
LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
<Location /ldap-status>
SetHandler ldap-status
-
+
Require host yourdomain.example.com
-
+
LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem
# CA certs respecified due to per-directory client certs
@@ -497,7 +497,7 @@ valid</description>
<override>AuthConfig</override>
<usage>
- <p>This directive, if enabled by the <code>LDAPReferrals</code> directive,
+ <p>This directive, if enabled by the <directive>LDAPReferrals</directive> directive,
limits the number of referral hops that are followed before terminating an
LDAP query.</p>
@@ -510,40 +510,40 @@ valid</description>
<directivesynopsis>
<name>LDAPReferrals</name>
<description>Enable referral chasing during queries to the LDAP server.</description>
-<syntax>LDAPReferrals On|Off|default</syntax>
+<syntax>LDAPReferrals <var>On|Off|default</var></syntax>
<default>LDAPReferrals On</default>
<contextlist><context>directory</context><context>.htaccess</context></contextlist>
<override>AuthConfig</override>
+<compatibility>The <var>default</var> parameter is available in Apache 2.4.7 and later</compatibility>
<usage>
<p>Some LDAP servers divide their directory among multiple domains and use referrals
to direct a client when a domain boundary is crossed. This is similar to a HTTP redirect.
- LDAP client libraries may or may not chase referrals by default. This directive
- explicitly configures the referral chasing in the underlying SDK.</p>
-
-
- <p><directive>LDAPReferrals</directive> takes the takes the following values:</p>
+ LDAP client libraries may or may not chase referrals by default. This directive
+ explicitly configures the referral chasing in the underlying SDK.</p>
+
+ <p><directive>LDAPReferrals</directive> takes the following values:</p>
<dl>
<dt>"on"</dt>
<dd> <p> When set to "on", the underlying SDK's referral chasing state
- is enabled, <directive>LDAPReferralHopLimit</directive> is used to
- override the SDK's hop limit, and an LDAP rebind callback is
+ is enabled, <directive>LDAPReferralHopLimit</directive> is used to
+ override the SDK's hop limit, and an LDAP rebind callback is
registered.</p></dd>
<dt>"off"</dt>
<dd> <p> When set to "off", the underlying SDK's referral chasing state
is disabled completely.</p></dd>
<dt>"default"</dt>
<dd> <p> When set to "default", the underlying SDK's referral chasing state
- is not changed, <directive>LDAPReferralHopLimit</directive> is not
- used to overide the SDK's hop limit, and no LDAP rebind callback is
+ is not changed, <directive>LDAPReferralHopLimit</directive> is not
+ used to overide the SDK's hop limit, and no LDAP rebind callback is
registered.</p></dd>
</dl>
- <p> The directive <code>LDAPReferralHopLimit</code> works in conjunction with
+ <p>The directive <directive>LDAPReferralHopLimit</directive> works in conjunction with
this directive to limit the number of referral hops to follow before terminating the LDAP query.
- When referral processing is enabled by a value of "On", client credentials will be provided,
- via a rebind callback, for any LDAP server requiring them. </p>
+ When referral processing is enabled by a value of "On", client credentials will be provided,
+ via a rebind callback, for any LDAP server requiring them.</p>
</usage>
</directivesynopsis>
@@ -556,7 +556,7 @@ valid</description>
<usage>
<p>If <directive>LDAPRetryDelay</directive> is set to a non-zero
- value, the server will delay retrying an LDAP request for the
+ value, the server will delay retrying an LDAP request for the
specified amount of time. Setting this directive to 0 will
result in any retry to occur without delay.</p>
@@ -571,7 +571,7 @@ valid</description>
<default>LDAPRetries 3</default>
<contextlist><context>server config</context></contextlist>
<usage>
- <p>The server will retry failed LDAP requests up to
+ <p>The server will retry failed LDAP requests up to
<directive>LDAPRetries</directive> times. Setting this
directive to 0 disables retries.</p>
<p>LDAP errors such as timeouts and refused connections are retryable.</p>
@@ -757,10 +757,10 @@ connection client certificates.</descrip
connection pool. The default value of -1, and any other negative value,
allows connections of any age to be reused.</p>
- <p>The timemout is based on when the LDAP connection is returned to the
+ <p>The timemout is based on when the LDAP connection is returned to the
pool, not based on the last time I/O has been performed over the backend
connection. If the information is cached, the apparent idle time can exceed
- the <directive>LDAPConnectionPoolTTL</directive>. </p>
+ the <directive>LDAPConnectionPoolTTL</directive>. </p>
<note><p>This timeout defaults to units of seconds, but accepts
suffixes for milliseconds (ms), minutes (min), and hours (h).
Modified: httpd/httpd/trunk/docs/manual/mod/mod_logio.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_logio.xml?rev=1587097&r1=1587096&r2=1587097&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_logio.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_logio.xml Sun Apr 13 21:03:53 2014
@@ -70,7 +70,8 @@
<tr><td><code>%S</code></td>
<td>Bytes transferred (received and sent), including request and headers,
- cannot be zero. This is the combination of %I and %O.</td></tr>
+ cannot be zero. This is the combination of %I and %O.<br />
+ Available in Apache 2.4.7 and later</td></tr>
</table>
<p>Usually, the functionality is used like this:</p>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml?rev=1587097&r1=1587096&r2=1587097&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml Sun Apr 13 21:03:53 2014
@@ -175,8 +175,9 @@ SessionCryptoPassphrase secret
secret to the end of the list, and once rolled out completely to all servers, remove
the first key from the start of the list.</p>
- <p>If the value begins with exec: the resulting command will be executed and the
- first line returned to standard output by the program will be used as the key.</p>
+ <p>As of version 2.4.7 if the value begins with <var>exec:</var> the resulting command
+ will be executed and the first line returned to standard output by the program will be
+ used as the key.</p>
<example><pre>
#key used as-is
SessionCryptoPassphrase secret