developer/ 40755 0 0 0 10423221151 10064 5ustar 0 0 faq/ 40755 0 0 0 10423221151 6646 5ustar 0 0 howto/ 40755 0 0 0 10423221151 7237 5ustar 0 0 images/ 40755 0 0 0 10423221151 7344 5ustar 0 0 misc/ 40755 0 0 0 10423221151 7032 5ustar 0 0 mod/ 40755 0 0 0 10423221152 6657 5ustar 0 0 platform/ 40755 0 0 0 10423221152 7724 5ustar 0 0 programs/ 40755 0 0 0 10423221152 7732 5ustar 0 0 rewrite/ 40755 0 0 0 10423221152 7561 5ustar 0 0 ssl/ 40755 0 0 0 10423221152 6701 5ustar 0 0 style/ 40755 0 0 0 10423221152 7240 5ustar 0 0 style/_generated/ 40755 0 0 0 10423221152 11335 5ustar 0 0 style/css/ 40755 0 0 0 10423220662 10035 5ustar 0 0 style/lang/ 40755 0 0 0 10423221152 10161 5ustar 0 0 style/latex/ 40755 0 0 0 10423221152 10355 5ustar 0 0 style/xsl/ 40755 0 0 0 10423221152 10046 5ustar 0 0 style/xsl/util/ 40755 0 0 0 10423221152 11023 5ustar 0 0 vhosts/ 40755 0 0 0 10423221152 7426 5ustar 0 0 bind.html100644 0 0 16733 10423221150 10027 0ustar 0 0 ּҿ Ʈ (Binding) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ּҿ Ʈ (Binding)

ֽ ƴմϴ. ֱٿ ϼ.

ġ Ư ּҿ Ʈ ϵ ϱ.

top

õ õ þ

ġ ϸ ġ ǻ  Ʈ ּҿ Ͽ, û ٸ. ⺻ ġ ǻ ּҿ ٸ. ׷ ġ Ư Ʈ ּҸ ٸ ؾ 찡 ִ. ġ  ٸ IP ּ, ȣƮ, Ʈ ϴ ȣƮ ɰ õִ.

Listen þ Ư Ʈ ּҿ Ʈ տ û ް Ѵ. Listen þ Ʈ ȣ ϸ, ̽ Ʈ ٸ. Listen þ ٸ ּҿ Ʈ ִ. ּҿ Ʈ û Ѵ.

, 80 8000 Ʈ ο ޵ Ϸ:

Listen 80
Listen 8000

̽ Ʈ ٸ Ϸ,

Listen 192.170.2.1:80
Listen 192.170.2.5:8000

IPv6 ּҴ ȣ Ѵ:

Listen [2001:db8::a00:20ff:fea7:ccea]:80

top

IPv6 Ư

IPv6 ÷ ð ְ APR ̵ ÷ κп IPv6 ϱ⶧, ġ IPv6 ҴϿ IPv6 û ó ִ.

ġ ڿ κ IPv6 IPv4 IPv6 ó ִĴ ̴. κ ÷ IPv4-(mapped) IPv6 ּҸ Ͽ IPv6 Ͽ IPv4 , FreeBSD NetBSD OpenBSD ýü å ⺻ ʴ´. ׷ ⺻ ʴ ý̶ ġ Ư Ķͷ ִ.

ġ ּ Ͽ IPv4 IPv6 ޵Ϸ IPv4- IPv6 ּҸ ؾ Ѵ. ׷ؼ ϶ ɼ --enable-v4-mapped ϰ, Ϲ Listen þ Ѵ:

Listen 80

--enable-v4-mapped Ҷ ġ ⺻ Listen þ . --enable-v4-mapped FreeBSD, NetBSD, OpenBSD ÷ ⺻̰, Ƹ ġ ̴.

÷ APR ο ġ IPv4 Ḹ ޵Ϸ, Listen þ IPv4 ּҸ Ѵ:

Listen 0.0.0.0:80
Listen 192.170.2.1:80

IPv4 IPv6 ٸ , ϶ ɼ --disable-v4-mapped ϰ Listen þ Ѵ:

Listen [::]:80
Listen 0.0.0.0:80

--disable-v4-mapped Ҷ ġ ⺻ Listen þ . --disable-v4-mapped FreeBSD, NetBSD, OpenBSD ⺻̴.

top

ȣƮ  dz

Listen ȣƮ ʴ´. ̴ ּ  ּҿ Ʈ ٸ ˷ش. <VirtualHost> þ , û Ȱ óѴ. ׷ <VirtualHost> ּҿ Ʈ ٸ ൿ ִ. ȣƮ ּҿ Ʈ ˷ Ѵ. ׸ Ư ּҿ Ʈ ȣƮ ൿ <VirtualHost> ʿϴ. ּ ٸʴ ּҿ Ʈ ϴ <VirtualHost> ϶.

configuring.html100644 0 0 23764 10423221150 11427 0ustar 0 0 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ġ ϴ ϵ Ѵ.

top

ּ

õ õ þ

Ϲ Ͽ þ Ͽ ġ Ѵ. ּ httpd.conf θ. ġ Ͻ , -f ɼ ִ. ٸ Include þ Ͽ ְ, ϵī带 Ͽ ִ. þ  Ͽ ص ȴ. ּ ϸ ġ ϰų Ŀ ݿȴ.

mime Ÿ ϵ д´. ϸ TypesConfig þ ϰ, ⺻ mime.types̴.

top

ġ ٿ þ Ѵ. ڰ 齽 "\"̸ þ ٿ ӵ Ѵ. 齽 ڿ  ڳ 鵵 ȵȴ.

þ ҹڸ , þ ƱԸƮ ҹڸ ϴ 찡 ִ. ؽ "#" ϴ ּ Ѵ. ּ þ ٿ . ٰ þ տ ϹǷ, ϰ ̵ þ ٵ(indent) ִ.

apachectl configtest -t ɼ Ͽ ġ ʰ ˻ ִ.

top

õ õ þ

ġ ȭ . ̴ ſ ⺻ ɸ ٽɿ Ե Ѵ. ġ о鿩 ȮѴ. ⺻ ϸ base Եȴ. о̴ ְ Ͽٸ Ͽ ƹ LoadModule þ ߰ ִ. ׷ ߰ϰų ġ ٽ ؾ Ѵ. þ IfModule μ Ư ִ 쿡 ó ִ.

 ϵִ -l ɼ Ѵ.

top

þ

õ õ þ

ּϿ ִ þ ü ȴ. þ Ϻο ǰ Ϸ þ <Directory>, <DirectoryMatch>, <Files>, <FilesMatch>, <Location>, <LocationMatch> ȿ ξѴ. ǵ ׵ δ þ Ͻý̳ URL Ư ġ Ѵ. , ļ ֱ⶧ ſ ϴ.

ġ ٸ Ʈ ÿ ϴ ɷ ִ. ̸ ȣƮ Ѵ. þ <VirtualHost> ȿ ξ Ư Ʈ þ ִ.

þ κ  ǿ ͵ ,  þ Ư ҿ ǹ̰ . μ ϴ þ ּ ҿ ִ. þ  ǿ ġ ִ ˷ þ Ȯ϶. ڼ  Directory, Location, Files ϳ ϶.

top

.htaccess

õ õ þ

ġ Ư Ͽ (б) ִ. Ư .htaccess θ, ̸ AccessFileName þ ִ. .htaccess Ͽ ִ þ ִ 丮 丮 ȴ. .htaccess ּϰ . .htaccess û б⶧ ϸ ȿ ִ.

 þ .htaccess Ͽ ִ ˷ þ Ȯ϶. ڴ ּ AllowOverride þ .htaccess Ͽ  þ ִ ִ.

.htaccess Ͽ ڼ .htaccess 丮 ϶.

content-negotiation.html100644 0 0 62053 10423221150 13077 0ustar 0 0 (Content Negotiation) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

(Content Negotiation)

ġ HTTP/1.1 Ծ࿡ (content negotiation) Ѵ. media type, , , ڵ  ȣ ڿ ǥ Ѵ. ҿ û óϴ ɵ ִ.

⺻ ϵǴ mod_negotiation Ѵ.

top

ڿ ٸ ǥ ִ. , ٸ  ٸ media type Ȥ ΰ ٸ ǥ ִ. ǥ ϴ Ѱ ڿ ְ ϰ ϴ ̴. ׷ ڵ ϴ ͵ ϴ. ̴ û Ϻη ׵ ȣϴ ǥ ⶧ ϴ. , Ҿ, ׷ ٸ ʹٰ ˷ ִ. û ׵ ȣ Ÿ. Ҿε ǥ ûѴٸ .

Accept-Language: fr

̷ ȣ ǥ  ٸ 쿡 ȴ.

û Ҿ  , Ҿ ȣϰ, media type , Ϲ ؽƮ ٴ HTML, ٸ media type ٴ GIF JPEG ȣѴٰ ˷ش.

Accept-Language: fr; q=1.0, en; q=0.5
Accept: text/html; q=1.0, text/*; q=0.8, image/gif; q=0.6, image/jpeg; q=0.6, image/*; q=0.5, */*; q=0.1

ġ HTTP/1.1 Ծ࿡ ǵ ' ֵ(server driven)' Ѵ. ġ Accept, Accept-Language, Accept-Charset, Accept-Encoding û Ѵ. , ġ RFC 2295 RFC 2296 ǵ 'ڿ(transparent)' û Ѵ. ׷ RFC ǵ ' (feature negotiation)' ʴ´.

ڿ(resource) (RFC 2396) URI ϴ . ġ ڿ ǥ(representations) Ѵ. ǥ media type, , ڵ Ʈ ִ. ڿ ǥ (δ ִ) ȴ. ڿ ǥ ִٸ ڿ 󰡴ϴٰ(negotiable) θ, ̶ ǥ (variant)̶ Ѵ. 󰡴 ڿ (dimension) Ѵ.

top

ġ

ڿ ϱ ʿϴ. ΰ ϳ ´:

type-map ϱ

type map type-map̶ ڵ鷯 (Ȥ ġ ȣȯ MIME type application/x-type-map) . Ϸ type-map ڵ鷯 Ȯڸ ؾ Ѵ. Ͽ ϴ .

AddHandler type-map .var

Type map شϴ ڿ ̸ ƾ ϰ, ׸ ־ Ѵ. ׸ HTTP ٷ ȴ. ׸ ٷ Ѵ. ׸ȿ . (̷ ʿ䰡 , ־ ) ׸ ִ map ϴ ̴. map . ̸ foo.var, foo ڿ Ѵ.

URI: foo

URI: foo.en.html
Content-type: text/html
Content-language: en

URI: foo.fr.de.html
Content-type: text/html;charset=iso-8859-2
Content-language: fr, de

typemap ϸ Ȯ , Multiviews Ͽ, 켱 ϶. ٸ ǰ ٸ, (JPEG, GIF, ASCII-art شϴ) media type "qs" Ķͷ ǰ(source quality) ǥ ִ:

URI: foo

URI: foo.jpeg
Content-type: image/jpeg; qs=0.8

URI: foo.gif
Content-type: image/gif; qs=0.5

URI: foo.txt
Content-type: text/plain; qs=0.01

qs 0.000 1.000 ̴. qs 0.000 õ ϶. 'qs' 1.0 ޵ȴ. qs Ŭ̾Ʈ ɷ° ٸ Ͽ 'ǰ' Ÿ. , Ÿ JPEG ASCII Ϻٴ ׻ ǰ . ׷ ڿ ASCII artٸ ASCII ǥ JPEG ǥ ǰ ִ. ׷Ƿ  qs ǥϷ ڿ ٸ.

ϴ mod_negotation typemap ϶.

Multiviews

MultiViews 丮 ɼ̹Ƿ, httpd.conf <Directory>, <Location>, <Files> Ȥ (AllowOverride Ǿٸ) .htaccess Options þ ִ. Options All MultiViews ϶. Ѵ.

MultiViews ϸ Ͼ: /some/dir/foo û ް /some/dir/foo MultiViews ϸ /some/dir/foo , 丮 ̸ foo.* ϵ ϴ type map . Ŭ̾Ʈ û media type content-encoding ߿ Ѵ.

MultiViews 丮 Ҷ ã DirectoryIndex þ ȴ. ٸ,

DirectoryIndex index

index.html index.html3 ִٸ ̵ ߿ ϳ Ѵ. index.cgi ִٸ, װ Ѵ.

丮 ϳ Charset, Content-Type, Language, Encoding Ǵϴ mod_mime 𸣴 Ȯڸ ٸ, MultiViewsMatch þ ޷Ǵ. þ ڵ鷯, , ٸ Ȯ MultiViews θ Ѵ.

top

ġ type-map ̳ 丮 ִ ϸ ־ ڿ ԵǸ '' ϱ ϳ Ѵ. ġ ϱ Ȯ  Ͼ ڼ ʿ . ׷ ñ Ѵ.

ΰ ִ:

  1. ġ ˰ Ͽ ֵϴ Ϲ 쿡 Ѵ. ġ ˰ Ʒ ڼ Ѵ. ˰ ϸ ġ Ư ǰ(quality factor) 'Ѵ'. ġ ǰ ϴ Ʒ ڼ Ѵ.
  2. ڿ(Transparent) RFC 2295 ǵ û 쿡 Ѵ. '' οѴ. ׷ ˰ ޷ȴ. ڿ ߿ ġ RFC 2296 ǵ ' ˰(remote variant selection algorithm)' û ִ.

Media Type Accept ȣ Ÿ. ׸ ǰ ִ. ǰ ("qs" Ķ) ִ.
Language Accept-Language ȣ Ÿ. ׸ ǰ ִ.  (Ȥ ƹ  ) ִ.
Encoding Accept-Encoding ȣ Ÿ. ׸ ǰ ִ.
Charset Accept-Charset ȣ Ÿ. ׸ ǰ ִ. media type Ķͷ Ÿ ִ.

ġ ˰

ġ '' (ִٸ) ϱ Ʒ ˰ Ѵ. ˰ . Ѵ:

  1. , شϴ Accept* ˻ϰ, ǰ ű.  Accept* ޾Ƶ ʴ ĺ Ѵ.  4 ܰ .
  2. ĺ ϳ Ͽ '' ã´. ˻ Ͼ. ˻翡 õ ܵȴ. ˻ ̸ ϰ 3 ܰ . ˻縦 Ѵ.
    1. Accept ǰ media type ǰ Ͽ Ѵ.
    2. (language) ǰ Ѵ.
    3. Accept-Language (ִٸ) Ȥ LanguagePriority þ (ִٸ)  Ѵ.
    4. (text/html media type Ÿ) 'level' media Ķ͸ Ѵ.
    5. Accept-Charset charset media Ķ͸ ã´. ٸ ISO-8859-1 ȣѴ. text/* media type Ư հ ISO-8859-1 Ѵ.
    6. ISO-8859-1 ƴ charset media Ķ͸ Ѵ. ׷ ٸ, Ѵ.
    7. ڵ Ѵ. user-agent ڵ ִٸ Ѵ. ׷ʰ ڵ ڵȵ ִٸ ڵȵ Ѵ. ڵǾų ڵȵ Ѵ.
    8. content length Ѵ.
    9. ù Ѵ. ̴ type-map տ ԰ų, 丮 ϸ ASCII ڵ Ͽ տ ̴.
  3. ˰ '' ߴ. ̰ . HTTP Vary Ÿ ȴ. ( ij ڿ ijҶ ִ.) .
  4. ܰ迡 ߴٸ ( ϱ )  ȵ . ("No acceptable representation" ϴ) 406 밡 HTML . , HTML Vary Ÿ.
top

ǰ ϱ

ġ ġ ˰ Űʰ ǰ Ѵ. ϰ Ȯ ʴ (˰) ؼ. θ ̴ Ϻδ ߸ ϵ Accept . ϰ ùٸ ٸ, ʴ´.

Media Type ϵī

Accept: û media type ȣ Ÿ. , *  ڿ̶ ϱ⶧ "image/*" "*/*" 'ϵī' media type ִ. ׷ û:

Accept: image/*, */*

"image/" ϴ  type ٸ  type ǹѴ.  ڽ ٷ ִ type ߰ ϵī带 . :

Accept: text/html, text/plain, image/gif, image/jpeg, */*

type ȣ ٸ ǥ ִٸ װ͵ Ÿ ؼ. ǰ ̴.

Accept: text/html, text/plain, image/gif, image/jpeg, */*; q=0.01

type ǰ  ⺻ ( ) 1.0 . ϵī */* ȣ 0.01 Ƿ type ´ 쿡 ٸ type ȴ.

Accept: q "*/*" ִٸ, ġ ٶ ൿ q 0.01 Ѵ. , "type/*" ϵī忡 ("*/*"ٴ ȣϵ) 0.02 Ѵ. Accept: q media type ִٸ ̷ Ư ߰ ʴ´. ׷ û ûѵ óѴ.

(language)

ġ 2.0 ε巴 ϱ ˰ ܸ  ߰ߴ.

Ŭ̾Ʈ û Accept-language ´ Ѱ ã , ׷ Ŭ̾Ʈ "No Acceptable Variant" "Multiple Choices" . ̷ ϱ Accept-language ϰ Ŭ̾Ʈ û Ȯ ġ ִ. ForceLanguagePriority þ ̷ ϳ Ȥ Ѵٸ ϰ LanguagePriority þ Ǵϵ Ѵ.

, ´  ã θ ã ִ. Ŭ̾Ʈ  ϴ en-GB û , HTTP/1.1 ǥؿ enθ ǥõ Ϲ Ѵ. (׷  ϴ ڰ Ϲ  Ƿ Accept-Language en-GB ϰ en Ȯ ߸ ϶. Ŭ̾Ʈ ̷ ⺻ִ.) ٸ  ã Ͽ "No Acceptable Variants" ų LanguagePriority ư Ѵٸ, Ծ ϰ en-GB en Ѵ. Ϲ ġ θ ſ ǰ Ŭ̾Ʈ Ͽ ߰Ѵ. ׷ Ŭ̾Ʈ "en-GB; q=0.9, fr; q=0.8" ûϰ "en" "fr" ִٸ, "fr" õ ϶. ̴ HTTP/1.1 ǥ Ű, ùٷ Ŭ̾Ʈ ȿ ϱ̴.

ڰ ȣϴ  ˾Ƴ (Ű Ư URL- ) ϱ ġ 2.0.47 mod_negotiation prefer-language ȯ溯 νѴ. ȯ溯 ϰ ±׸ Ѵٸ, mod_negotiation شϴ Ϸ õѴ. ׷ ٸ Ϲ Ѵ.

SetEnvIf Cookie "language=en" prefer-language=en
SetEnvIf Cookie "language=fr" prefer-language=fr

top

ڿ(transparent) Ȯ

ġ ڿ Ȯ (RFC 2295) ȮѴ. ο {encoding ..} Ư content-encoding ĪѴ. RVSA/1.0 ˰ (RFC 2296) Ͽ ڵ ν ְ, ڵ Accept-Encoding û ´ ڵ 鵵 ĺ ϵ ȮǾ. RVSA/1.0 ã ǰ Ҽ 5ڸ ݿø ʴ´.

top

۸ũ ̸Ģ Ͽ

(language) Ѵٸ Ȯڸ Ȯ Ƿ ϸ ٸ ̸Ģ ִ. (ڼ mod_mime ϶.)

MIME-type Ȯ ( , html), 쿡 encoding Ȯ ( , gz), Ͽ ִ Ȯڸ ( , en) .

:

ϸ Ͽ ȿϰ ȿ ۸ũ δ:

ϸ ȿ ۸ũ ȿ ۸ũ
foo.html.en foo
foo.html		 -
foo.en.html foo foo.html
foo.html.en.gz foo
foo.html		 foo.gz
foo.html.gz
foo.en.html.gz foo foo.html
foo.html.gz
foo.gz
foo.gz.html.en foo
foo.gz
foo.gz.html		 foo.html
foo.html.gz.en foo
foo.html
foo.html.gz		 foo.gz

ǥ ۸ũ  Ȯڵ ̸ ( , foo) ׻ ִ. ־, ̷ũ Ͼʰ html shtml̳ cgi ִٴ ̴.

۸ũ MIME-type ( , foo.html) ϰ ʹٸ (encoding Ȯڰ ִٸ ̰͵ Ͽ) Ȯڸ MIME-type Ȯں ʿ ( , foo.html.en) ξѴ.

top

ij Ͽ

ij ǥ ϸ ǥ û URL Ų. URL ûϸ ij ǥ Ѵ. ׷ ڿ ù° û ijǾ û ij ߸ ִ. ̸ ġ ȯǴ û HTTP/1.0 Ŭ̾Ʈ ij ϵ ǥø Ѵ. , ġ ij ϴ HTTP/1.1 Ѵ.

CacheNegotiatedDocs þ HTTP/1.0 ȣȯ Ŭ̾Ʈ( Ȥ ij) û ij ְ Ѵ. þ ȣƮ ϸ, ƱԸƮ ʴ´. þ HTTP/1.1 Ŭ̾Ʈ û 谡 .

top

ٸ

ٸ Alan J. Flavell Language Negotiation Notes ϶. ׷ ġ 2.0 ȭ ݿ ִ.

custom-error.html100644 0 0 17406 10423221150 11552 0ustar 0 0 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ʹ ߻ ġ ִ.

߰ ִ.

ũƮ "500 Server Error" ڿ ģ ϰų ٸ ( Ʈ ܺ Ʈ) URL ̷ ִ.

top

ൿ

ൿ

NCSA httpd 1.3 ڿ ǹϰ ´. ߻ α׿ .

ο ൿ

ִ:

  1. NCSA ٸ ְų
  2. Ʈ URL ̷ϰų
  3. ܺ Ʈ URL ̷Ѵ.

ٸ Ʈ URL ̷ϴ , ϰų αϴµ ʿ Ϻθ ޵ȴ.

ϱ ġ CGI ο ȯ溯 Ѵ:

REDIRECT_HTTP_ACCEPT=*/*, image/gif, image/x-xbitmap, image/jpeg
REDIRECT_HTTP_USER_AGENT=Mozilla/1.1b2 (X11; I; HP-UX A.09.05 9000/712)
REDIRECT_PATH=.:/bin:/usr/local/bin:/etc
REDIRECT_QUERY_STRING=
REDIRECT_REMOTE_ADDR=121.345.78.123
REDIRECT_REMOTE_HOST=ooh.ahhh.com
REDIRECT_SERVER_NAME=crash.bang.edu
REDIRECT_SERVER_PORT=80
REDIRECT_SERVER_SOFTWARE=Apache/0.8.15
REDIRECT_URL=/cgi-bin/buggy.pl

REDIRECT_ λ翡 ָ϶.

ּ REDIRECT_URL REDIRECT_QUERY_STRING (cgi-script cgi-include) URL Ѱ. ٸ ߻ϱ (; ̸ REDIRECT_ ȯ溯) 쿡 ִ. ErrorDocument ܺη ( http: Ŵ(scheme) Ѵٸ) ̷Ѵٸ  ͵ ʴ´.

top

AllowOverride Ǿٸ .htaccess Ͽ ErrorDocument ִ.

̴...

ErrorDocument 500 /cgi-bin/crash-recover
ErrorDocument 500 "Sorry, our script crashed. Oh dear"
ErrorDocument 500 http://xxx/
ErrorDocument 404 /Lame_excuses/not_found.html
ErrorDocument 401 /Subscription/how_to_subscribe.html

,

ErrorDocument <3-digit-code> <action>

action,

  1. . ǥ (") տ δ. ڿ ǥ µȴ. : տ ǥ (") µ ʴ´.
  2. ̷ ܺ URL.
  3. ̷ URL.
top

̷

URL ̷ϴ ġ ൿ ũƮ/server-include ȯ溯 Ѱֵ Ǿ.

ൿ

̷ǵǴ ũƮ ǥ CGI Ѿ. 𿡼 ̷ Ͼ .

ο ൿ

̷ǵ ũƮ ο ȯ溯 ִ. տ REDIRECT_ پִ. REDIRECT_ ȯ溯 CGI ȯ溯 տ REDIRECT_ ٿ . , HTTP_USER_AGENT REDIRECT_HTTP_USER_AGENT Ǿ. ̷ ߰ ũƮ URL ˵ ġ REDIRECT_URL REDIRECT_STATUS Ѵ. URL ̷ǵ URL α׿ ִ.

ErrorDocument ִ CGI ũƮ ̷Ѵٸ, ũƮ Ŭ̾Ʈ Ȳ Ȯ ϱ ¿ "Status:" ʵ带 ؾ Ѵ. , Perl ۼ ErrorDocument ũƮ :

...
print "Content-type: text/html\n";
printf "Status: %s Condition Intercepted\n", $ENV{"REDIRECT_STATUS"};
...

404 Not Found Ư Ȳ ũƮ, (; ) Ư ڵ ִ.

(Ŭ̾Ʈ ̷ ûϱ) 信 Location: Ѵٸ, ũƮ ݵ (302 Found ) Status: ؾ ϶. ׷ Location: ƹ ҿ ִ.

developer/API.html100644 0 0 172340 10423221150 11526 0ustar 0 0 Apache 1.3 API notes - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Apache 1.3 API notes

Warning

This document has not been updated to take into account changes made in the 2.0 version of the Apache HTTP Server. Some of the information may still be relevant, but please use it with care.

These are some notes on the Apache API and the data structures you have to deal with, etc. They are not yet nearly complete, but hopefully, they will help you get your bearings. Keep in mind that the API is still subject to change as we gain experience with it. (See the TODO file for what might be coming). However, it will be easy to adapt modules to any changes that are made. (We have more modules to adapt than you do).

A few notes on general pedagogical style here. In the interest of conciseness, all structure declarations here are incomplete -- the real ones have more slots that I'm not telling you about. For the most part, these are reserved to one component of the server core or another, and should be altered by modules with caution. However, in some cases, they really are things I just haven't gotten around to yet. Welcome to the bleeding edge.

Finally, here's an outline, to give you some bare idea of what's coming up, and in what order:

top

Basic concepts

We begin with an overview of the basic concepts behind the API, and how they are manifested in the code.

Handlers, Modules, and Requests

Apache breaks down request handling into a series of steps, more or less the same way the Netscape server API does (although this API has a few more stages than NetSite does, as hooks for stuff I thought might be useful in the future). These are:

These phases are handled by looking at each of a succession of modules, looking to see if each of them has a handler for the phase, and attempting invoking it if so. The handler can typically do one of three things:

Most phases are terminated by the first module that handles them; however, for logging, `fixups', and non-access authentication checking, all handlers always run (barring an error). Also, the response phase is unique in that modules may declare multiple handlers for it, via a dispatch table keyed on the MIME type of the requested object. Modules may declare a response-phase handler which can handle any request, by giving it the key */* (i.e., a wildcard MIME type specification). However, wildcard handlers are only invoked if the server has already tried and failed to find a more specific response handler for the MIME type of the requested object (either none existed, or they all declined).

The handlers themselves are functions of one argument (a request_rec structure. vide infra), which returns an integer, as above.

A brief tour of a module

At this point, we need to explain the structure of a module. Our candidate will be one of the messier ones, the CGI module -- this handles both CGI scripts and the ScriptAlias config file command. It's actually a great deal more complicated than most modules, but if we're going to have only one example, it might as well be the one with its fingers in every place.

Let's begin with handlers. In order to handle the CGI scripts, the module declares a response handler for them. Because of ScriptAlias, it also has handlers for the name translation phase (to recognize ScriptAliased URIs), the type-checking phase (any ScriptAliased request is typed as a CGI script).

The module needs to maintain some per (virtual) server information, namely, the ScriptAliases in effect; the module structure therefore contains pointers to a functions which builds these structures, and to another which combines two of them (in case the main server and a virtual server both have ScriptAliases declared).

Finally, this module contains code to handle the ScriptAlias command itself. This particular module only declares one command, but there could be more, so modules have command tables which declare their commands, and describe where they are permitted, and how they are to be invoked.

A final note on the declared types of the arguments of some of these commands: a pool is a pointer to a resource pool structure; these are used by the server to keep track of the memory which has been allocated, files opened, etc., either to service a particular request, or to handle the process of configuring itself. That way, when the request is over (or, for the configuration pool, when the server is restarting), the memory can be freed, and the files closed, en masse, without anyone having to write explicit code to track them all down and dispose of them. Also, a cmd_parms structure contains various information about the config file being read, and other status information, which is sometimes of use to the function which processes a config-file command (such as ScriptAlias). With no further ado, the module itself:

/* Declarations of handlers. */

int translate_scriptalias (request_rec *);
int type_scriptalias (request_rec *);
int cgi_handler (request_rec *);

/* Subsidiary dispatch table for response-phase
 * handlers, by MIME type */

handler_rec cgi_handlers[] = {
{ "application/x-httpd-cgi", cgi_handler },
{ NULL }
 };

/* Declarations of routines to manipulate the
 * module's configuration info. Note that these are
 * returned, and passed in, as void *'s; the server
 * core keeps track of them, but it doesn't, and can't,
 * know their internal structure.
 */

void *make_cgi_server_config (pool *);
void *merge_cgi_server_config (pool *, void *, void *);

/* Declarations of routines to handle config-file commands */

extern char *script_alias(cmd_parms *, void *per_dir_config, char *fake, char *real);

command_rec cgi_cmds[] = {
{ "ScriptAlias", script_alias, NULL, RSRC_CONF, TAKE2,
"a fakename and a realname"},
 { NULL }
 };

module cgi_module = { 

  STANDARD_MODULE_STUFF,
  NULL,                     /* initializer */
  NULL,                     /* dir config creator */
  NULL,                     /* dir merger */
  make_cgi_server_config,   /* server config */
  merge_cgi_server_config,  /* merge server config */
  cgi_cmds,                 /* command table */
  cgi_handlers,             /* handlers */
  translate_scriptalias,    /* filename translation */
  NULL,                     /* check_user_id */
  NULL,                     /* check auth */
  NULL,                     /* check access */
  type_scriptalias,         /* type_checker */
  NULL,                     /* fixups */
  NULL,                     /* logger */
  NULL                      /* header parser */
};
top

How handlers work

The sole argument to handlers is a request_rec structure. This structure describes a particular request which has been made to the server, on behalf of a client. In most cases, each connection to the client generates only one request_rec structure.

A brief tour of the request_rec

The request_rec contains pointers to a resource pool which will be cleared when the server is finished handling the request; to structures containing per-server and per-connection information, and most importantly, information on the request itself.

The most important such information is a small set of character strings describing attributes of the object being requested, including its URI, filename, content-type and content-encoding (these being filled in by the translation and type-check handlers which handle the request, respectively).

Other commonly used data items are tables giving the MIME headers on the client's original request, MIME headers to be sent back with the response (which modules can add to at will), and environment variables for any subprocesses which are spawned off in the course of servicing the request. These tables are manipulated using the ap_table_get and ap_table_set routines.

Note that the Content-type header value cannot be set by module content-handlers using the ap_table_*() routines. Rather, it is set by pointing the content_type field in the request_rec structure to an appropriate string. e.g.,

r->content_type = "text/html";

Finally, there are pointers to two data structures which, in turn, point to per-module configuration structures. Specifically, these hold pointers to the data structures which the module has built to describe the way it has been configured to operate in a given directory (via .htaccess files or <Directory> sections), for private data it has built in the course of servicing the request (so modules' handlers for one phase can pass `notes' to their handlers for other phases). There is another such configuration vector in the server_rec data structure pointed to by the request_rec, which contains per (virtual) server configuration data.

Here is an abridged declaration, giving the fields most commonly used:

struct request_rec {

pool *pool;
conn_rec *connection;
server_rec *server;

/* What object is being requested */

char *uri;
char *filename;
char *path_info; 

char *args;           /* QUERY_ARGS, if any */
struct stat finfo;    /* Set by server core;
                       * st_mode set to zero if no such file */

char *content_type;
char *content_encoding;

/* MIME header environments, in and out. Also,
 * an array containing environment variables to
 * be passed to subprocesses, so people can write
 * modules to add to that environment.
 *
 * The difference between headers_out and
 * err_headers_out is that the latter are printed
 * even on error, and persist across internal
 * redirects (so the headers printed for
 * ErrorDocument handlers will have them).
 */

table *headers_in;
table *headers_out;
table *err_headers_out;
table *subprocess_env;

/* Info about the request itself... */

int header_only;     /* HEAD request, as opposed to GET */
char *protocol;      /* Protocol, as given to us, or HTTP/0.9 */
char *method;        /* GET, HEAD, POST, etc. */
int method_number;   /* M_GET, M_POST, etc. */

/* Info for logging */

char *the_request;
int bytes_sent;

/* A flag which modules can set, to indicate that
 * the data being returned is volatile, and clients
 * should be told not to cache it.
 */

int no_cache;

/* Various other config info which may change
 * with .htaccess files
 * These are config vectors, with one void*
 * pointer for each module (the thing pointed
 * to being the module's business).
 */

void *per_dir_config;   /* Options set in config files, etc. */
void *request_config;   /* Notes on *this* request */

};

Where request_rec structures come from

Most request_rec structures are built by reading an HTTP request from a client, and filling in the fields. However, there are a few exceptions:

Handling requests, declining, and returning error codes

As discussed above, each handler, when invoked to handle a particular request_rec, has to return an int to indicate what happened. That can either be

Note that if the error code returned is REDIRECT, then the module should put a Location in the request's headers_out, to indicate where the client should be redirected to.

Special considerations for response handlers

Handlers for most phases do their work by simply setting a few fields in the request_rec structure (or, in the case of access checkers, simply by returning the correct error code). However, response handlers have to actually send a request back to the client.

They should begin by sending an HTTP response header, using the function ap_send_http_header. (You don't have to do anything special to skip sending the header for HTTP/0.9 requests; the function figures out on its own that it shouldn't do anything). If the request is marked header_only, that's all they should do; they should return after that, without attempting any further output.

Otherwise, they should produce a request body which responds to the client as appropriate. The primitives for this are ap_rputc and ap_rprintf, for internally generated output, and ap_send_fd, to copy the contents of some FILE * straight to the client.

At this point, you should more or less understand the following piece of code, which is the handler which handles GET requests which have no more specific handler; it also shows how conditional GETs can be handled, if it's desirable to do so in a particular response handler -- ap_set_last_modified checks against the If-modified-since value supplied by the client, if any, and returns an appropriate code (which will, if nonzero, be USE_LOCAL_COPY). No similar considerations apply for ap_set_content_length, but it returns an error code for symmetry.

int default_handler (request_rec *r)
{
int errstatus;
FILE *f;

if (r->method_number != M_GET) return DECLINED;
if (r->finfo.st_mode == 0) return NOT_FOUND;

if ((errstatus = ap_set_content_length (r, r->finfo.st_size))
    || (errstatus = ap_set_last_modified (r, r->finfo.st_mtime)))
return errstatus;

f = fopen (r->filename, "r");

if (f == NULL) {
log_reason("file permissions deny server access", r->filename, r);
return FORBIDDEN;
 }

register_timeout ("send", r);
ap_send_http_header (r);

if (!r->header_only) send_fd (f, r);
ap_pfclose (r->pool, f);
return OK;
 }

Finally, if all of this is too much of a challenge, there are a few ways out of it. First off, as shown above, a response handler which has not yet produced any output can simply return an error code, in which case the server will automatically produce an error response. Secondly, it can punt to some other handler by invoking ap_internal_redirect, which is how the internal redirection machinery discussed above is invoked. A response handler which has internally redirected should always return OK.

(Invoking ap_internal_redirect from handlers which are not response handlers will lead to serious confusion).

Special considerations for authentication handlers

Stuff that should be discussed here in detail:

Special considerations for logging handlers

When a request has internally redirected, there is the question of what to log. Apache handles this by bundling the entire chain of redirects into a list of request_rec structures which are threaded through the r->prev and r->next pointers. The request_rec which is passed to the logging handlers in such cases is the one which was originally built for the initial request from the client; note that the bytes_sent field will only be correct in the last request in the chain (the one for which a response was actually sent).

top

Resource allocation and resource pools

One of the problems of writing and designing a server-pool server is that of preventing leakage, that is, allocating resources (memory, open files, etc.), without subsequently releasing them. The resource pool machinery is designed to make it easy to prevent this from happening, by allowing resource to be allocated in such a way that they are automatically released when the server is done with them.

The way this works is as follows: the memory which is allocated, file opened, etc., to deal with a particular request are tied to a resource pool which is allocated for the request. The pool is a data structure which itself tracks the resources in question.

When the request has been processed, the pool is cleared. At that point, all the memory associated with it is released for reuse, all files associated with it are closed, and any other clean-up functions which are associated with the pool are run. When this is over, we can be confident that all the resource tied to the pool have been released, and that none of them have leaked.

Server restarts, and allocation of memory and resources for per-server configuration, are handled in a similar way. There is a configuration pool, which keeps track of resources which were allocated while reading the server configuration files, and handling the commands therein (for instance, the memory that was allocated for per-server module configuration, log files and other files that were opened, and so forth). When the server restarts, and has to reread the configuration files, the configuration pool is cleared, and so the memory and file descriptors which were taken up by reading them the last time are made available for reuse.

It should be noted that use of the pool machinery isn't generally obligatory, except for situations like logging handlers, where you really need to register cleanups to make sure that the log file gets closed when the server restarts (this is most easily done by using the function ap_pfopen, which also arranges for the underlying file descriptor to be closed before any child processes, such as for CGI scripts, are execed), or in case you are using the timeout machinery (which isn't yet even documented here). However, there are two benefits to using it: resources allocated to a pool never leak (even if you allocate a scratch string, and just forget about it); also, for memory allocation, ap_palloc is generally faster than malloc.

We begin here by describing how memory is allocated to pools, and then discuss how other resources are tracked by the resource pool machinery.

Allocation of memory in pools

Memory is allocated to pools by calling the function ap_palloc, which takes two arguments, one being a pointer to a resource pool structure, and the other being the amount of memory to allocate (in chars). Within handlers for handling requests, the most common way of getting a resource pool structure is by looking at the pool slot of the relevant request_rec; hence the repeated appearance of the following idiom in module code:

int my_handler(request_rec *r)
{
struct my_structure *foo;
...

foo = (foo *)ap_palloc (r->pool, sizeof(my_structure));
 }

Note that there is no ap_pfree -- ap_palloced memory is freed only when the associated resource pool is cleared. This means that ap_palloc does not have to do as much accounting as malloc(); all it does in the typical case is to round up the size, bump a pointer, and do a range check.

(It also raises the possibility that heavy use of ap_palloc could cause a server process to grow excessively large. There are two ways to deal with this, which are dealt with below; briefly, you can use malloc, and try to be sure that all of the memory gets explicitly freed, or you can allocate a sub-pool of the main pool, allocate your memory in the sub-pool, and clear it out periodically. The latter technique is discussed in the section on sub-pools below, and is used in the directory-indexing code, in order to avoid excessive storage allocation when listing directories with thousands of files).

Allocating initialized memory

There are functions which allocate initialized memory, and are frequently useful. The function ap_pcalloc has the same interface as ap_palloc, but clears out the memory it allocates before it returns it. The function ap_pstrdup takes a resource pool and a char * as arguments, and allocates memory for a copy of the string the pointer points to, returning a pointer to the copy. Finally ap_pstrcat is a varargs-style function, which takes a pointer to a resource pool, and at least two char * arguments, the last of which must be NULL. It allocates enough memory to fit copies of each of the strings, as a unit; for instance:

ap_pstrcat (r->pool, "foo", "/", "bar", NULL);

returns a pointer to 8 bytes worth of memory, initialized to "foo/bar".

Commonly-used pools in the Apache Web server

A pool is really defined by its lifetime more than anything else. There are some static pools in http_main which are passed to various non-http_main functions as arguments at opportune times. Here they are:

permanent_pool
never passed to anything else, this is the ancestor of all pools
pconf
  • subpool of permanent_pool
  • created at the beginning of a config "cycle"; exists until the server is terminated or restarts; passed to all config-time routines, either via cmd->pool, or as the "pool *p" argument on those which don't take pools
  • passed to the module init() functions
ptemp
  • sorry I lie, this pool isn't called this currently in 1.3, I renamed it this in my pthreads development. I'm referring to the use of ptrans in the parent... contrast this with the later definition of ptrans in the child.
  • subpool of permanent_pool
  • created at the beginning of a config "cycle"; exists until the end of config parsing; passed to config-time routines via cmd->temp_pool. Somewhat of a "bastard child" because it isn't available everywhere. Used for temporary scratch space which may be needed by some config routines but which is deleted at the end of config.
pchild
  • subpool of permanent_pool
  • created when a child is spawned (or a thread is created); lives until that child (thread) is destroyed
  • passed to the module child_init functions
  • destruction happens right after the child_exit functions are called... (which may explain why I think child_exit is redundant and unneeded)
ptrans
  • should be a subpool of pchild, but currently is a subpool of permanent_pool, see above
  • cleared by the child before going into the accept() loop to receive a connection
  • used as connection->pool
r->pool
  • for the main request this is a subpool of connection->pool; for subrequests it is a subpool of the parent request's pool.
  • exists until the end of the request (i.e., ap_destroy_sub_req, or in child_main after process_request has finished)
  • note that r itself is allocated from r->pool; i.e., r->pool is first created and then r is the first thing palloc()d from it

For almost everything folks do, r->pool is the pool to use. But you can see how other lifetimes, such as pchild, are useful to some modules... such as modules that need to open a database connection once per child, and wish to clean it up when the child dies.

You can also see how some bugs have manifested themself, such as setting connection->user to a value from r->pool -- in this case connection exists for the lifetime of ptrans, which is longer than r->pool (especially if r->pool is a subrequest!). So the correct thing to do is to allocate from connection->pool.

And there was another interesting bug in mod_include / mod_cgi. You'll see in those that they do this test to decide if they should use r->pool or r->main->pool. In this case the resource that they are registering for cleanup is a child process. If it were registered in r->pool, then the code would wait() for the child when the subrequest finishes. With mod_include this could be any old #include, and the delay can be up to 3 seconds... and happened quite frequently. Instead the subprocess is registered in r->main->pool which causes it to be cleaned up when the entire request is done -- i.e., after the output has been sent to the client and logging has happened.

Tracking open files, etc.

As indicated above, resource pools are also used to track other sorts of resources besides memory. The most common are open files. The routine which is typically used for this is ap_pfopen, which takes a resource pool and two strings as arguments; the strings are the same as the typical arguments to fopen, e.g.,

...
FILE *f = ap_pfopen (r->pool, r->filename, "r");

if (f == NULL) { ... } else { ... }

There is also a ap_popenf routine, which parallels the lower-level open system call. Both of these routines arrange for the file to be closed when the resource pool in question is cleared.

Unlike the case for memory, there are functions to close files allocated with ap_pfopen, and ap_popenf, namely ap_pfclose and ap_pclosef. (This is because, on many systems, the number of files which a single process can have open is quite limited). It is important to use these functions to close files allocated with ap_pfopen and ap_popenf, since to do otherwise could cause fatal errors on systems such as Linux, which react badly if the same FILE* is closed more than once.

(Using the close functions is not mandatory, since the file will eventually be closed regardless, but you should consider it in cases where your module is opening, or could open, a lot of files).

Other sorts of resources -- cleanup functions

More text goes here. Describe the the cleanup primitives in terms of which the file stuff is implemented; also, spawn_process.

Pool cleanups live until clear_pool() is called: clear_pool(a) recursively calls destroy_pool() on all subpools of a; then calls all the cleanups for a; then releases all the memory for a. destroy_pool(a) calls clear_pool(a) and then releases the pool structure itself. i.e., clear_pool(a) doesn't delete a, it just frees up all the resources and you can start using it again immediately.

Fine control -- creating and dealing with sub-pools, with a note on sub-requests

On rare occasions, too-free use of ap_palloc() and the associated primitives may result in undesirably profligate resource allocation. You can deal with such a case by creating a sub-pool, allocating within the sub-pool rather than the main pool, and clearing or destroying the sub-pool, which releases the resources which were associated with it. (This really is a rare situation; the only case in which it comes up in the standard module set is in case of listing directories, and then only with very large directories. Unnecessary use of the primitives discussed here can hair up your code quite a bit, with very little gain).

The primitive for creating a sub-pool is ap_make_sub_pool, which takes another pool (the parent pool) as an argument. When the main pool is cleared, the sub-pool will be destroyed. The sub-pool may also be cleared or destroyed at any time, by calling the functions ap_clear_pool and ap_destroy_pool, respectively. (The difference is that ap_clear_pool frees resources associated with the pool, while ap_destroy_pool also deallocates the pool itself. In the former case, you can allocate new resources within the pool, and clear it again, and so forth; in the latter case, it is simply gone).

One final note -- sub-requests have their own resource pools, which are sub-pools of the resource pool for the main request. The polite way to reclaim the resources associated with a sub request which you have allocated (using the ap_sub_req_... functions) is ap_destroy_sub_req, which frees the resource pool. Before calling this function, be sure to copy anything that you care about which might be allocated in the sub-request's resource pool into someplace a little less volatile (for instance, the filename in its request_rec structure).

(Again, under most circumstances, you shouldn't feel obliged to call this function; only 2K of memory or so are allocated for a typical sub request, and it will be freed anyway when the main request pool is cleared. It is only when you are allocating many, many sub-requests for a single main request that you should seriously consider the ap_destroy_... functions).

top

Configuration, commands and the like

One of the design goals for this server was to maintain external compatibility with the NCSA 1.3 server --- that is, to read the same configuration files, to process all the directives therein correctly, and in general to be a drop-in replacement for NCSA. On the other hand, another design goal was to move as much of the server's functionality into modules which have as little as possible to do with the monolithic server core. The only way to reconcile these goals is to move the handling of most commands from the central server into the modules.

However, just giving the modules command tables is not enough to divorce them completely from the server core. The server has to remember the commands in order to act on them later. That involves maintaining data which is private to the modules, and which can be either per-server, or per-directory. Most things are per-directory, including in particular access control and authorization information, but also information on how to determine file types from suffixes, which can be modified by AddType and DefaultType directives, and so forth. In general, the governing philosophy is that anything which can be made configurable by directory should be; per-server information is generally used in the standard set of modules for information like Aliases and Redirects which come into play before the request is tied to a particular place in the underlying file system.

Another requirement for emulating the NCSA server is being able to handle the per-directory configuration files, generally called .htaccess files, though even in the NCSA server they can contain directives which have nothing at all to do with access control. Accordingly, after URI -> filename translation, but before performing any other phase, the server walks down the directory hierarchy of the underlying filesystem, following the translated pathname, to read any .htaccess files which might be present. The information which is read in then has to be merged with the applicable information from the server's own config files (either from the <Directory> sections in access.conf, or from defaults in srm.conf, which actually behaves for most purposes almost exactly like <Directory />).

Finally, after having served a request which involved reading .htaccess files, we need to discard the storage allocated for handling them. That is solved the same way it is solved wherever else similar problems come up, by tying those structures to the per-transaction resource pool.

Per-directory configuration structures

Let's look out how all of this plays out in mod_mime.c, which defines the file typing handler which emulates the NCSA server's behavior of determining file types from suffixes. What we'll be looking at, here, is the code which implements the AddType and AddEncoding commands. These commands can appear in .htaccess files, so they must be handled in the module's private per-directory data, which in fact, consists of two separate tables for MIME types and encoding information, and is declared as follows:

typedef struct {
    table *forced_types;      /* Additional AddTyped stuff */
    table *encoding_types;    /* Added with AddEncoding... */
} mime_dir_config;

When the server is reading a configuration file, or <Directory> section, which includes one of the MIME module's commands, it needs to create a mime_dir_config structure, so those commands have something to act on. It does this by invoking the function it finds in the module's `create per-dir config slot', with two arguments: the name of the directory to which this configuration information applies (or NULL for srm.conf), and a pointer to a resource pool in which the allocation should happen.

(If we are reading a .htaccess file, that resource pool is the per-request resource pool for the request; otherwise it is a resource pool which is used for configuration data, and cleared on restarts. Either way, it is important for the structure being created to vanish when the pool is cleared, by registering a cleanup on the pool if necessary).

For the MIME module, the per-dir config creation function just ap_pallocs the structure above, and a creates a couple of tables to fill it. That looks like this:

void *create_mime_dir_config (pool *p, char *dummy)
{
mime_dir_config *new =
(mime_dir_config *) ap_palloc (p, sizeof(mime_dir_config));
new->forced_types = ap_make_table (p, 4);
new->encoding_types = ap_make_table (p, 4);

return new;
 }

Now, suppose we've just read in a .htaccess file. We already have the per-directory configuration structure for the next directory up in the hierarchy. If the .htaccess file we just read in didn't have any AddType or AddEncoding commands, its per-directory config structure for the MIME module is still valid, and we can just use it. Otherwise, we need to merge the two structures somehow.

To do that, the server invokes the module's per-directory config merge function, if one is present. That function takes three arguments: the two structures being merged, and a resource pool in which to allocate the result. For the MIME module, all that needs to be done is overlay the tables from the new per-directory config structure with those from the parent:

void *merge_mime_dir_configs (pool *p, void *parent_dirv, void *subdirv)
{
mime_dir_config *parent_dir = (mime_dir_config *)parent_dirv;
mime_dir_config *subdir = (mime_dir_config *)subdirv;
mime_dir_config *new =
(mime_dir_config *)ap_palloc (p, sizeof(mime_dir_config));
new->forced_types = ap_overlay_tables (p, subdir->forced_types,
parent_dir->forced_types);
 new->encoding_types = ap_overlay_tables (p, subdir->encoding_types,
parent_dir->encoding_types);
return new;
 }

As a note -- if there is no per-directory merge function present, the server will just use the subdirectory's configuration info, and ignore the parent's. For some modules, that works just fine (e.g., for the includes module, whose per-directory configuration information consists solely of the state of the XBITHACK), and for those modules, you can just not declare one, and leave the corresponding structure slot in the module itself NULL.

Command handling

Now that we have these structures, we need to be able to figure out how to fill them. That involves processing the actual AddType and AddEncoding commands. To find commands, the server looks in the module's command table. That table contains information on how many arguments the commands take, and in what formats, where it is permitted, and so forth. That information is sufficient to allow the server to invoke most command-handling functions with pre-parsed arguments. Without further ado, let's look at the AddType command handler, which looks like this (the AddEncoding command looks basically the same, and won't be shown here):

char *add_type(cmd_parms *cmd, mime_dir_config *m, char *ct, char *ext)
{
if (*ext == '.') ++ext;
ap_table_set (m->forced_types, ext, ct);
return NULL;
 }

This command handler is unusually simple. As you can see, it takes four arguments, two of which are pre-parsed arguments, the third being the per-directory configuration structure for the module in question, and the fourth being a pointer to a cmd_parms structure. That structure contains a bunch of arguments which are frequently of use to some, but not all, commands, including a resource pool (from which memory can be allocated, and to which cleanups should be tied), and the (virtual) server being configured, from which the module's per-server configuration data can be obtained if required.

Another way in which this particular command handler is unusually simple is that there are no error conditions which it can encounter. If there were, it could return an error message instead of NULL; this causes an error to be printed out on the server's stderr, followed by a quick exit, if it is in the main config files; for a .htaccess file, the syntax error is logged in the server error log (along with an indication of where it came from), and the request is bounced with a server error response (HTTP error status, code 500).

The MIME module's command table has entries for these commands, which look like this:

command_rec mime_cmds[] = {
{ "AddType", add_type, NULL, OR_FILEINFO, TAKE2,
"a mime type followed by a file extension" },
 { "AddEncoding", add_encoding, NULL, OR_FILEINFO, TAKE2,
"an encoding (e.g., gzip), followed by a file extension" },
 { NULL }
 };

The entries in these tables are:

Finally, having set this all up, we have to use it. This is ultimately done in the module's handlers, specifically for its file-typing handler, which looks more or less like this; note that the per-directory configuration structure is extracted from the request_rec's per-directory configuration vector by using the ap_get_module_config function.

int find_ct(request_rec *r)
{
int i;
char *fn = ap_pstrdup (r->pool, r->filename);
mime_dir_config *conf = (mime_dir_config *)
ap_get_module_config(r->per_dir_config, &mime_module);
 char *type;

if (S_ISDIR(r->finfo.st_mode)) {
r->content_type = DIR_MAGIC_TYPE;
return OK;
 }

if((i=ap_rind(fn,'.')) < 0) return DECLINED;
++i;

if ((type = ap_table_get (conf->encoding_types, &fn[i])))
{
r->content_encoding = type;

/* go back to previous extension to try to use it as a type */
fn[i-1] = '\0';
if((i=ap_rind(fn,'.')) < 0) return OK;
++i;
 }

if ((type = ap_table_get (conf->forced_types, &fn[i])))
{
r->content_type = type;
 }

return OK; }

Side notes -- per-server configuration, virtual servers, etc.

The basic ideas behind per-server module configuration are basically the same as those for per-directory configuration; there is a creation function and a merge function, the latter being invoked where a virtual server has partially overridden the base server configuration, and a combined structure must be computed. (As with per-directory configuration, the default if no merge function is specified, and a module is configured in some virtual server, is that the base configuration is simply ignored).

The only substantial difference is that when a command needs to configure the per-server private module data, it needs to go to the cmd_parms data to get at it. Here's an example, from the alias module, which also indicates how a syntax error can be returned (note that the per-directory configuration argument to the command handler is declared as a dummy, since the module doesn't actually have per-directory config data):

char *add_redirect(cmd_parms *cmd, void *dummy, char *f, char *url)
{
server_rec *s = cmd->server;
alias_server_conf *conf = (alias_server_conf *)
ap_get_module_config(s->module_config,&alias_module);
 alias_entry *new = ap_push_array (conf->redirects);

if (!ap_is_url (url)) return "Redirect to non-URL";

new->fake = f; new->real = url;
return NULL;
 }

developer/debugging.html100644 0 0 21605 10423221150 13025 0ustar 0 0 Debugging Memory Allocation in APR - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Debugging Memory Allocation in APR

The allocation mechanism's within APR have a number of debugging modes that can be used to assist in finding memory problems. This document describes the modes available and gives instructions on activating them.

top

Available debugging options

Allocation Debugging - ALLOC_DEBUG

Debugging support: Define this to enable code which helps detect re-use of free()d memory and other such nonsense.

The theory is simple. The FILL_BYTE (0xa5) is written over all malloc'd memory as we receive it, and is written over everything that we free up during a clear_pool. We check that blocks on the free list always have the FILL_BYTE in them, and we check during palloc() that the bytes still have FILL_BYTE in them. If you ever see garbage URLs or whatnot containing lots of 0xa5s then you know something used data that's been freed or uninitialized.

Malloc Support - ALLOC_USE_MALLOC

If defined all allocations will be done with malloc() and free()d appropriately at the end.

This is intended to be used with something like Electric Fence or Purify to help detect memory problems. Note that if you're using efence then you should also add in ALLOC_DEBUG. But don't add in ALLOC_DEBUG if you're using Purify because ALLOC_DEBUG would hide all the uninitialized read errors that Purify can diagnose.

Pool Debugging - POOL_DEBUG

This is intended to detect cases where the wrong pool is used when assigning data to an object in another pool.

In particular, it causes the table_{set,add,merge}n routines to check that their arguments are safe for the apr_table_t they're being placed in. It currently only works with the unix multiprocess model, but could be extended to others.

Table Debugging - MAKE_TABLE_PROFILE

Provide diagnostic information about make_table() calls which are possibly too small.

This requires a recent gcc which supports __builtin_return_address(). The error_log output will be a message such as:

table_push: apr_table_t created by 0x804d874 hit limit of 10

Use l *0x804d874 to find the source that corresponds to. It indicates that a apr_table_t allocated by a call at that address has possibly too small an initial apr_table_t size guess.

Allocation Statistics - ALLOC_STATS

Provide some statistics on the cost of allocations.

This requires a bit of an understanding of how alloc.c works.

top

Allowable Combinations

Not all the options outlined above can be activated at the same time. the following table gives more information.

ALLOC DEBUG ALLOC USE MALLOC POOL DEBUG MAKE TABLE PROFILE ALLOC STATS
ALLOC DEBUG -NoYesYesYes
ALLOC USE MALLOC No-NoNoNo
POOL DEBUG YesNo-YesYes
MAKE TABLE PROFILE YesNoYes-Yes
ALLOC STATS YesNoYesYes-

Additionally the debugging options are not suitable for multi-threaded versions of the server. When trying to debug with these options the server should be started in single process mode.

top

Activating Debugging Options

The various options for debugging memory are now enabled in the apr_general.h header file in APR. The various options are enabled by uncommenting the define for the option you wish to use. The section of the code currently looks like this (contained in srclib/apr/include/apr_pools.h)

/*
#define ALLOC_DEBUG
#define POOL_DEBUG
#define ALLOC_USE_MALLOC
#define MAKE_TABLE_PROFILE
#define ALLOC_STATS
*/

typedef struct ap_pool_t {
union block_hdr *first;
union block_hdr *last;
struct cleanup *cleanups;
struct process_chain *subprocesses;
struct ap_pool_t *sub_pools;
struct ap_pool_t *sub_next;
struct ap_pool_t *sub_prev;
struct ap_pool_t *parent;
char *free_first_avail;
 #ifdef ALLOC_USE_MALLOC
void *allocation_list;
 #endif
#ifdef POOL_DEBUG
struct ap_pool_t *joined;
 #endif
int (*apr_abort)(int retcode);
struct datastruct *prog_data;
 } ap_pool_t;

To enable allocation debugging simply move the #define ALLOC_DEBUG above the start of the comments block and rebuild the server.

Note

In order to use the various options the server must be rebuilt after editing the header file.

developer/documenting.html100644 0 0 10201 10423221150 13374 0ustar 0 0 Documenting Apache 2.0 - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Documenting Apache 2.0

Apache 2.0 uses Doxygen to document the APIs and global variables in the the code. This will explain the basics of how to document using Doxygen.

top

Brief Description

To start a documentation block, use /**
To end a documentation block, use */

In the middle of the block, there are multiple tags we can use:

Description of this functions purpose
@param parameter_name description
@return description
@deffunc signature of the function

The deffunc is not always necessary. DoxyGen does not have a full parser in it, so any prototype that use a macro in the return type declaration is too complex for scandoc. Those functions require a deffunc. An example (using &gt; rather than >):

/**
 * return the final element of the pathname
 * @param pathname The path to get the final element of
 * @return the final element of the path
 * @tip Examples:
 * <pre>
 * "/foo/bar/gum" -&gt; "gum"
 * "/foo/bar/gum/" -&gt; ""
 * "gum" -&gt; "gum"
 * "wi\\n32\\stuff" -&gt; "stuff"
 * </pre>
 * @deffunc const char * ap_filename_of_pathname(const char *pathname)
 */

At the top of the header file, always include:

/**
 * @package Name of library header
 */

Doxygen uses a new HTML file for each package. The HTML files are named {Name_of_library_header}.html, so try to be concise with your names.

For a further discussion of the possibilities please refer to the Doxygen site.

developer/filters.html100644 0 0 27701 10423221150 12545 0ustar 0 0 How filters work in Apache 2.0 - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

How filters work in Apache 2.0

Warning

This is a cut 'n paste job from an email (<022501c1c529$f63a9550$7f00000a@KOJ>) and only reformatted for better readability. It's not up to date but may be a good start for further research.

top

Filter Types

There are three basic filter types (each of these is actually broken down into two categories, but that comes later).

CONNECTION
Filters of this type are valid for the lifetime of this connection. (AP_FTYPE_CONNECTION, AP_FTYPE_NETWORK)
PROTOCOL
Filters of this type are valid for the lifetime of this request from the point of view of the client, this means that the request is valid from the time that the request is sent until the time that the response is received. (AP_FTYPE_PROTOCOL, AP_FTYPE_TRANSCODE)
RESOURCE
Filters of this type are valid for the time that this content is used to satisfy a request. For simple requests, this is identical to PROTOCOL, but internal redirects and sub-requests can change the content without ending the request. (AP_FTYPE_RESOURCE, AP_FTYPE_CONTENT_SET)

It is important to make the distinction between a protocol and a resource filter. A resource filter is tied to a specific resource, it may also be tied to header information, but the main binding is to a resource. If you are writing a filter and you want to know if it is resource or protocol, the correct question to ask is: "Can this filter be removed if the request is redirected to a different resource?" If the answer is yes, then it is a resource filter. If it is no, then it is most likely a protocol or connection filter. I won't go into connection filters, because they seem to be well understood. With this definition, a few examples might help:

Byterange
We have coded it to be inserted for all requests, and it is removed if not used. Because this filter is active at the beginning of all requests, it can not be removed if it is redirected, so this is a protocol filter.
http_header
This filter actually writes the headers to the network. This is obviously a required filter (except in the asis case which is special and will be dealt with below) and so it is a protocol filter.
Deflate
The administrator configures this filter based on which file has been requested. If we do an internal redirect from an autoindex page to an index.html page, the deflate filter may be added or removed based on config, so this is a resource filter.

The further breakdown of each category into two more filter types is strictly for ordering. We could remove it, and only allow for one filter type, but the order would tend to be wrong, and we would need to hack things to make it work. Currently, the RESOURCE filters only have one filter type, but that should change.

top

How are filters inserted?

This is actually rather simple in theory, but the code is complex. First of all, it is important that everybody realize that there are three filter lists for each request, but they are all concatenated together. So, the first list is r->output_filters, then r->proto_output_filters, and finally r->connection->output_filters. These correspond to the RESOURCE, PROTOCOL, and CONNECTION filters respectively. The problem previously, was that we used a singly linked list to create the filter stack, and we started from the "correct" location. This means that if I had a RESOURCE filter on the stack, and I added a CONNECTION filter, the CONNECTION filter would be ignored. This should make sense, because we would insert the connection filter at the top of the c->output_filters list, but the end of r->output_filters pointed to the filter that used to be at the front of c->output_filters. This is obviously wrong. The new insertion code uses a doubly linked list. This has the advantage that we never lose a filter that has been inserted. Unfortunately, it comes with a separate set of headaches.

The problem is that we have two different cases were we use subrequests. The first is to insert more data into a response. The second is to replace the existing response with an internal redirect. These are two different cases and need to be treated as such.

In the first case, we are creating the subrequest from within a handler or filter. This means that the next filter should be passed to make_sub_request function, and the last resource filter in the sub-request will point to the next filter in the main request. This makes sense, because the sub-request's data needs to flow through the same set of filters as the main request. A graphical representation might help:

Default_handler --> includes_filter --> byterange --> ...

If the includes filter creates a sub request, then we don't want the data from that sub-request to go through the includes filter, because it might not be SSI data. So, the subrequest adds the following:

    
Default_handler --> includes_filter -/-> byterange --> ...
                                    /
Default_handler --> sub_request_core

What happens if the subrequest is SSI data? Well, that's easy, the includes_filter is a resource filter, so it will be added to the sub request in between the Default_handler and the sub_request_core filter.

The second case for sub-requests is when one sub-request is going to become the real request. This happens whenever a sub-request is created outside of a handler or filter, and NULL is passed as the next filter to the make_sub_request function.

In this case, the resource filters no longer make sense for the new request, because the resource has changed. So, instead of starting from scratch, we simply point the front of the resource filters for the sub-request to the front of the protocol filters for the old request. This means that we won't lose any of the protocol filters, neither will we try to send this data through a filter that shouldn't see it.

The problem is that we are using a doubly-linked list for our filter stacks now. But, you should notice that it is possible for two lists to intersect in this model. So, you do you handle the previous pointer? This is a very difficult question to answer, because there is no "right" answer, either method is equally valid. I looked at why we use the previous pointer. The only reason for it is to allow for easier addition of new servers. With that being said, the solution I chose was to make the previous pointer always stay on the original request.

This causes some more complex logic, but it works for all cases. My concern in having it move to the sub-request, is that for the more common case (where a sub-request is used to add data to a response), the main filter chain would be wrong. That didn't seem like a good idea to me.

top

Asis

The final topic. :-) Mod_Asis is a bit of a hack, but the handler needs to remove all filters except for connection filters, and send the data. If you are using mod_asis, all other bets are off.

top

Explanations

The absolutely last point is that the reason this code was so hard to get right, was because we had hacked so much to force it to work. I wrote most of the hacks originally, so I am very much to blame. However, now that the code is right, I have started to remove some hacks. Most people should have seen that the reset_filters and add_required_filters functions are gone. Those inserted protocol level filters for error conditions, in fact, both functions did the same thing, one after the other, it was really strange. Because we don't lose protocol filters for error cases any more, those hacks went away. The HTTP_HEADER, Content-length, and Byterange filters are all added in the insert_filters phase, because if they were added earlier, we had some interesting interactions. Now, those could all be moved to be inserted with the HTTP_IN, CORE, and CORE_IN filters. That would make the code easier to follow.

developer/hooks.html100644 0 0 24564 10423221150 12224 0ustar 0 0 Apache 2.0 Hook Functions - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Apache 2.0 Hook Functions

Warning

This document is still in development and may be partially out of date.

In general, a hook function is one that Apache will call at some point during the processing of a request. Modules can provide functions that are called, and specify when they get called in comparison to other modules.

top

Creating a hook function

In order to create a new hook, four things need to be done:

Declare the hook function

Use the AP_DECLARE_HOOK macro, which needs to be given the return type of the hook function, the name of the hook, and the arguments. For example, if the hook returns an int and takes a request_rec * and an int and is called do_something, then declare it like this:

AP_DECLARE_HOOK(int, do_something, (request_rec *r, int n))

This should go in a header which modules will include if they want to use the hook.

Create the hook structure

Each source file that exports a hook has a private structure which is used to record the module functions that use the hook. This is declared as follows:

APR_HOOK_STRUCT(
APR_HOOK_LINK(do_something)
...
 )

Implement the hook caller

The source file that exports the hook has to implement a function that will call the hook. There are currently three possible ways to do this. In all cases, the calling function is called ap_run_hookname().

Void hooks

If the return value of a hook is void, then all the hooks are called, and the caller is implemented like this:

AP_IMPLEMENT_HOOK_VOID(do_something, (request_rec *r, int n), (r, n))

The second and third arguments are the dummy argument declaration and the dummy arguments as they will be used when calling the hook. In other words, this macro expands to something like this:

void ap_run_do_something(request_rec *r, int n)
{
...
do_something(r, n);
 }

Hooks that return a value

If the hook returns a value, then it can either be run until the first hook that does something interesting, like so:

AP_IMPLEMENT_HOOK_RUN_FIRST(int, do_something, (request_rec *r, int n), (r, n), DECLINED)

The first hook that does not return DECLINED stops the loop and its return value is returned from the hook caller. Note that DECLINED is the tradition Apache hook return meaning "I didn't do anything", but it can be whatever suits you.

Alternatively, all hooks can be run until an error occurs. This boils down to permitting two return values, one of which means "I did something, and it was OK" and the other meaning "I did nothing". The first function that returns a value other than one of those two stops the loop, and its return is the return value. Declare these like so:

AP_IMPLEMENT_HOOK_RUN_ALL(int, do_something, (request_rec *r, int n), (r, n), OK, DECLINED)

Again, OK and DECLINED are the traditional values. You can use what you want.

Call the hook callers

At appropriate moments in the code, call the hook caller, like so:

int n, ret;
request_rec *r;

ret=ap_run_do_something(r, n);

top

Hooking the hook

A module that wants a hook to be called needs to do two things.

Implement the hook function

Include the appropriate header, and define a static function of the correct type:

static int my_something_doer(request_rec *r, int n)
{
...
return OK;
 }

Add a hook registering function

During initialisation, Apache will call each modules hook registering function, which is included in the module structure:

static void my_register_hooks()
{
ap_hook_do_something(my_something_doer, NULL, NULL, HOOK_MIDDLE);
 }

mode MODULE_VAR_EXPORT my_module =
{
...
my_register_hooks /* register hooks */
 };

Controlling hook calling order

In the example above, we didn't use the three arguments in the hook registration function that control calling order. There are two mechanisms for doing this. The first, rather crude, method, allows us to specify roughly where the hook is run relative to other modules. The final argument control this. There are three possible values: HOOK_FIRST, HOOK_MIDDLE and HOOK_LAST.

All modules using any particular value may be run in any order relative to each other, but, of course, all modules using HOOK_FIRST will be run before HOOK_MIDDLE which are before HOOK_LAST. Modules that don't care when they are run should use HOOK_MIDDLE. (I spaced these out so people could do stuff like HOOK_FIRST-2 to get in slightly earlier, but is this wise? - Ben)

Note that there are two more values, HOOK_REALLY_FIRST and HOOK_REALLY_LAST. These should only be used by the hook exporter.

The other method allows finer control. When a module knows that it must be run before (or after) some other modules, it can specify them by name. The second (third) argument is a NULL-terminated array of strings consisting of the names of modules that must be run before (after) the current module. For example, suppose we want "mod_xyz.c" and "mod_abc.c" to run before we do, then we'd hook as follows:

static void register_hooks()
{
static const char * const aszPre[] = { "mod_xyz.c", "mod_abc.c", NULL };

ap_hook_do_something(my_something_doer, aszPre, NULL, HOOK_MIDDLE);
 }

Note that the sort used to achieve this is stable, so ordering set by HOOK_ORDER is preserved, as far as is possible.

Ben Laurie, 15th August 1999

developer/index.html100644 0 0 10202 10423221150 12170 0ustar 0 0 Developer Documentation for Apache 2.0 - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

Developer Documentation for Apache 2.0

Many of the documents on these Developer pages are lifted from Apache 1.3's documentation. While they are all being updated to Apache 2.0, they are in different stages of progress. Please be patient, and point out any discrepancies or errors on the developer/ pages directly to the dev@httpd.apache.org mailing list.

top

Topics

top

External Resources

developer/modules.html100644 0 0 26354 10423221150 12550 0ustar 0 0 Converting Modules from Apache 1.3 to Apache 2.0 - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Converting Modules from Apache 1.3 to Apache 2.0

This is a first attempt at writing the lessons I learned when trying to convert the mod_mmap_static module to Apache 2.0. It's by no means definitive and probably won't even be correct in some ways, but it's a start.

top

The easier changes ...

Cleanup Routines

These now need to be of type apr_status_t and return a value of that type. Normally the return value will be APR_SUCCESS unless there is some need to signal an error in the cleanup. Be aware that even though you signal an error not all code yet checks and acts upon the error.

Initialisation Routines

These should now be renamed to better signify where they sit in the overall process. So the name gets a small change from mmap_init to mmap_post_config. The arguments passed have undergone a radical change and now look like

Data Types

A lot of the data types have been moved into the APR. This means that some have had a name change, such as the one shown above. The following is a brief list of some of the changes that you are likely to have to make.

top

The messier changes...

Register Hooks

The new architecture uses a series of hooks to provide for calling your functions. These you'll need to add to your module by way of a new function, static void register_hooks(void). The function is really reasonably straightforward once you understand what needs to be done. Each function that needs calling at some stage in the processing of a request needs to be registered, handlers do not. There are a number of phases where functions can be added, and for each you can specify with a high degree of control the relative order that the function will be called in.

This is the code that was added to mod_mmap_static:

static void register_hooks(void)
{
    static const char * const aszPre[]={ "http_core.c",NULL };
    ap_hook_post_config(mmap_post_config,NULL,NULL,HOOK_MIDDLE);
    ap_hook_translate_name(mmap_static_xlat,aszPre,NULL,HOOK_LAST);
};

This registers 2 functions that need to be called, one in the post_config stage (virtually every module will need this one) and one for the translate_name phase. note that while there are different function names the format of each is identical. So what is the format?

ap_hook_phase_name(function_name, predecessors, successors, position);

There are 3 hook positions defined...

To define the position you use the position and then modify it with the predecessors and successors. Each of the modifiers can be a list of functions that should be called, either before the function is run (predecessors) or after the function has run (successors).

In the mod_mmap_static case I didn't care about the post_config stage, but the mmap_static_xlat must be called after the core module had done it's name translation, hence the use of the aszPre to define a modifier to the position HOOK_LAST.

Module Definition

There are now a lot fewer stages to worry about when creating your module definition. The old defintion looked like

module MODULE_VAR_EXPORT module_name_module =
{
    STANDARD_MODULE_STUFF,
    /* initializer */
    /* dir config creater */
    /* dir merger --- default is to override */
    /* server config */
    /* merge server config */
    /* command handlers */
    /* handlers */
    /* filename translation */
    /* check_user_id */
    /* check auth */
    /* check access */
    /* type_checker */
    /* fixups */
    /* logger */
    /* header parser */
    /* child_init */
    /* child_exit */
    /* post read-request */
};

The new structure is a great deal simpler...

module MODULE_VAR_EXPORT module_name_module =
{
    STANDARD20_MODULE_STUFF,
    /* create per-directory config structures */
    /* merge per-directory config structures  */
    /* create per-server config structures    */
    /* merge per-server config structures     */
    /* command handlers */
    /* handlers */
    /* register hooks */
};

Some of these read directly across, some don't. I'll try to summarise what should be done below.

The stages that read directly across :

/* dir config creater */
/* create per-directory config structures */
/* server config */
/* create per-server config structures */
/* dir merger */
/* merge per-directory config structures */
/* merge server config */
/* merge per-server config structures */
/* command table */
/* command apr_table_t */
/* handlers */
/* handlers */

The remainder of the old functions should be registered as hooks. There are the following hook stages defined so far...

ap_hook_post_config
this is where the old _init routines get registered
ap_hook_http_method
retrieve the http method from a request. (legacy)
ap_hook_open_logs
open any specified logs
ap_hook_auth_checker
check if the resource requires authorization
ap_hook_access_checker
check for module-specific restrictions
ap_hook_check_user_id
check the user-id and password
ap_hook_default_port
retrieve the default port for the server
ap_hook_pre_connection
do any setup required just before processing, but after accepting
ap_hook_process_connection
run the correct protocol
ap_hook_child_init
call as soon as the child is started
ap_hook_create_request
??
ap_hook_fixups
last chance to modify things before generating content
ap_hook_handler
generate the content
ap_hook_header_parser
lets modules look at the headers, not used by most modules, because they use post_read_request for this
ap_hook_insert_filter
to insert filters into the filter chain
ap_hook_log_transaction
log information about the request
ap_hook_optional_fn_retrieve
retrieve any functions registered as optional
ap_hook_post_read_request
called after reading the request, before any other phase
ap_hook_quick_handler
called before any request processing, used by cache modules.
ap_hook_translate_name
translate the URI into a filename
ap_hook_type_checker
determine and/or set the doc type
developer/request.html100644 0 0 33224 10423221150 12562 0ustar 0 0 Request Processing in Apache 2.0 - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Request Processing in Apache 2.0

Warning

Warning - this is a first (fast) draft that needs further revision!

Several changes in Apache 2.0 affect the internal request processing mechanics. Module authors need to be aware of these changes so they may take advantage of the optimizations and security enhancements.

The first major change is to the subrequest and redirect mechanisms. There were a number of different code paths in Apache 1.3 to attempt to optimize subrequest or redirect behavior. As patches were introduced to 2.0, these optimizations (and the server behavior) were quickly broken due to this duplication of code. All duplicate code has been folded back into ap_process_request_internal() to prevent the code from falling out of sync again.

This means that much of the existing code was 'unoptimized'. It is the Apache HTTP Project's first goal to create a robust and correct implementation of the HTTP server RFC. Additional goals include security, scalability and optimization. New methods were sought to optimize the server (beyond the performance of Apache 1.3) without introducing fragile or insecure code.

top

The Request Processing Cycle

All requests pass through ap_process_request_internal() in request.c, including subrequests and redirects. If a module doesn't pass generated requests through this code, the author is cautioned that the module may be broken by future changes to request processing.

To streamline requests, the module author can take advantage of the hooks offered to drop out of the request cycle early, or to bypass core Apache hooks which are irrelevant (and costly in terms of CPU.)

top

The Request Parsing Phase

Unescapes the URL

The request's parsed_uri path is unescaped, once and only once, at the beginning of internal request processing.

This step is bypassed if the proxyreq flag is set, or the parsed_uri.path element is unset. The module has no further control of this one-time unescape operation, either failing to unescape or multiply unescaping the URL leads to security reprecussions.

Strips Parent and This Elements from the URI

All /../ and /./ elements are removed by ap_getparents(). This helps to ensure the path is (nearly) absolute before the request processing continues.

This step cannot be bypassed.

Initial URI Location Walk

Every request is subject to an ap_location_walk() call. This ensures that <Location> sections are consistently enforced for all requests. If the request is an internal redirect or a sub-request, it may borrow some or all of the processing from the previous or parent request's ap_location_walk, so this step is generally very efficient after processing the main request.

translate_name

Modules can determine the file name, or alter the given URI in this step. For example, mod_vhost_alias will translate the URI's path into the configured virtual host, mod_alias will translate the path to an alias path, and if the request falls back on the core, the DocumentRoot is prepended to the request resource.

If all modules DECLINE this phase, an error 500 is returned to the browser, and a "couldn't translate name" error is logged automatically.

Hook: map_to_storage

After the file or correct URI was determined, the appropriate per-dir configurations are merged together. For example, mod_proxy compares and merges the appropriate <Proxy> sections. If the URI is nothing more than a local (non-proxy) TRACE request, the core handles the request and returns DONE. If no module answers this hook with OK or DONE, the core will run the request filename against the <Directory> and <Files> sections. If the request 'filename' isn't an absolute, legal filename, a note is set for later termination.

URI Location Walk

Every request is hardened by a second ap_location_walk() call. This reassures that a translated request is still subjected to the configured <Location> sections. The request again borrows some or all of the processing from its previous location_walk above, so this step is almost always very efficient unless the translated URI mapped to a substantially different path or Virtual Host.

Hook: header_parser

The main request then parses the client's headers. This prepares the remaining request processing steps to better serve the client's request.

top

The Security Phase

Needs Documentation. Code is:

switch (ap_satisfies(r)) {
case SATISFY_ALL:
case SATISFY_NOSPEC:
    if ((access_status = ap_run_access_checker(r)) != 0) {
        return decl_die(access_status, "check access", r);
    }

    if (ap_some_auth_required(r)) {
        if (((access_status = ap_run_check_user_id(r)) != 0)
            || !ap_auth_type(r)) {
            return decl_die(access_status, ap_auth_type(r)
                          ? "check user.  No user file?"
                          : "perform authentication. AuthType not set!",
                          r);
        }

        if (((access_status = ap_run_auth_checker(r)) != 0)
            || !ap_auth_type(r)) {
            return decl_die(access_status, ap_auth_type(r)
                          ? "check access.  No groups file?"
                          : "perform authentication. AuthType not set!",
                          r);
        }
    }
    break;

case SATISFY_ANY:
    if (((access_status = ap_run_access_checker(r)) != 0)) {
        if (!ap_some_auth_required(r)) {
            return decl_die(access_status, "check access", r);
        }

        if (((access_status = ap_run_check_user_id(r)) != 0)
            || !ap_auth_type(r)) {
            return decl_die(access_status, ap_auth_type(r)
                          ? "check user.  No user file?"
                          : "perform authentication. AuthType not set!",
                          r);
        }

        if (((access_status = ap_run_auth_checker(r)) != 0)
            || !ap_auth_type(r)) {
            return decl_die(access_status, ap_auth_type(r)
                          ? "check access.  No groups file?"
                          : "perform authentication. AuthType not set!",
                          r);
        }
    }
    break;
}
top

The Preparation Phase

Hook: type_checker

The modules have an opportunity to test the URI or filename against the target resource, and set mime information for the request. Both mod_mime and mod_mime_magic use this phase to compare the file name or contents against the administrator's configuration and set the content type, language, character set and request handler. Some modules may set up their filters or other request handling parameters at this time.

If all modules DECLINE this phase, an error 500 is returned to the browser, and a "couldn't find types" error is logged automatically.

Hook: fixups

Many modules are 'trounced' by some phase above. The fixups phase is used by modules to 'reassert' their ownership or force the request's fields to their appropriate values. It isn't always the cleanest mechanism, but occasionally it's the only option.

top

The Handler Phase

This phase is not part of the processing in ap_process_request_internal(). Many modules prepare one or more subrequests prior to creating any content at all. After the core, or a module calls ap_process_request_internal() it then calls ap_invoke_handler() to generate the request.

Hook: insert_filter

Modules that transform the content in some way can insert their values and override existing filters, such that if the user configured a more advanced filter out-of-order, then the module can move its order as need be. There is no result code, so actions in this hook better be trusted to always succeed.

Hook: handler

The module finally has a chance to serve the request in its handler hook. Note that not every prepared request is sent to the handler hook. Many modules, such as mod_autoindex, will create subrequests for a given URI, and then never serve the subrequest, but simply lists it for the user. Remember not to put required teardown from the hooks above into this module, but register pool cleanups against the request pool to free resources as required.

developer/thread_safety.html100644 0 0 36054 10423221150 13720 0ustar 0 0 Apache 2.0 Thread Safety Issues - Apache HTTP Server

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > Developer Documentation

Apache 2.0 Thread Safety Issues

When using any of the threaded mpms in Apache 2.0 it is important that every function called from Apache be thread safe. When linking in 3rd party extensions it can be difficult to determine whether the resulting server will be thread safe. Casual testing generally won't tell you this either as thread safety problems can lead to subtle race conditons that may only show up in certain conditions under heavy load.

top

Global and static variables

When writing your module or when trying to determine if a module or 3rd party library is thread safe there are some common things to keep in mind.

First, you need to recognize that in a threaded model each individual thread has its own program counter, stack and registers. Local variables live on the stack, so those are fine. You need to watch out for any static or global variables. This doesn't mean that you are absolutely not allowed to use static or global variables. There are times when you actually want something to affect all threads, but generally you need to avoid using them if you want your code to be thread safe.

In the case where you have a global variable that needs to be global and accessed by all threads, be very careful when you update it. If, for example, it is an incrementing counter, you need to atomically increment it to avoid race conditions with other threads. You do this using a mutex (mutual exclusion). Lock the mutex, read the current value, increment it and write it back and then unlock the mutex. Any other thread that wants to modify the value has to first check the mutex and block until it is cleared.

If you are using APR, have a look at the apr_atomic_* functions and the apr_thread_mutex_* functions.

top

errno

This is a common global variable that holds the error number of the last error that occurred. If one thread calls a low-level function that sets errno and then another thread checks it, we are bleeding error numbers from one thread into another. To solve this, make sure your module or library defines _REENTRANT or is compiled with -D_REENTRANT. This will make errno a per-thread variable and should hopefully be transparent to the code. It does this by doing something like this:

#define errno (*(__errno_location()))

which means that accessing errno will call __errno_location() which is provided by the libc. Setting _REENTRANT also forces redefinition of some other functions to their *_r equivalents and sometimes changes the common getc/putc macros into safer function calls. Check your libc documentation for specifics. Instead of, or in addition to _REENTRANT the symbols that may affect this are _POSIX_C_SOURCE, _THREAD_SAFE, _SVID_SOURCE, and _BSD_SOURCE.

top

Common standard troublesome functions

Not only do things have to be thread safe, but they also have to be reentrant. strtok() is an obvious one. You call it the first time with your delimiter which it then remembers and on each subsequent call it returns the next token. Obviously if multiple threads are calling it you will have a problem. Most systems have a reentrant version of of the function called strtok_r() where you pass in an extra argument which contains an allocated char * which the function will use instead of its own static storage for maintaining the tokenizing state. If you are using APR you can use apr_strtok().

crypt() is another function that tends to not be reentrant, so if you run across calls to that function in a library, watch out. On some systems it is reentrant though, so it is not always a problem. If your system has crypt_r() chances are you should be using that, or if possible simply avoid the whole mess by using md5 instead.

top

Common 3rd Party Libraries

The following is a list of common libraries that are used by 3rd party Apache modules. You can check to see if your module is using a potentially unsafe library by using tools such as ldd(1) and nm(1). For PHP, for example, try this:

% ldd libphp4.so
libsablot.so.0 => /usr/local/lib/libsablot.so.0 (0x401f6000)
libexpat.so.0 => /usr/lib/libexpat.so.0 (0x402da000)
libsnmp.so.0 => /usr/lib/libsnmp.so.0 (0x402f9000)
libpdf.so.1 => /usr/local/lib/libpdf.so.1 (0x40353000)
libz.so.1 => /usr/lib/libz.so.1 (0x403e2000)
libpng.so.2 => /usr/lib/libpng.so.2 (0x403f0000)
libmysqlclient.so.11 => /usr/lib/libmysqlclient.so.11 (0x40411000)
libming.so => /usr/lib/libming.so (0x40449000)
libm.so.6 => /lib/libm.so.6 (0x40487000)
libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x404a8000)
libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0x404e7000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40505000)
libssl.so.2 => /lib/libssl.so.2 (0x40532000)
libcrypto.so.2 => /lib/libcrypto.so.2 (0x40560000)
libresolv.so.2 => /lib/libresolv.so.2 (0x40624000)
libdl.so.2 => /lib/libdl.so.2 (0x40634000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40637000)
libc.so.6 => /lib/libc.so.6 (0x4064b000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)

In addition to these libraries you will need to have a look at any libraries linked statically into the module. You can use nm(1) to look for individual symbols in the module.

top

Library List

Please drop a note to dev@httpd.apache.org if you have additions or corrections to this list.

LibraryVersionThread Safe?Notes
ASpell/PSpell ?
Berkeley DB 3.x, 4.x Yes Be careful about sharing a connection across threads.
bzip2 Yes Both low-level and high-level APIs are thread-safe. However, high-level API requires thread-safe access to errno.
cdb ?
C-Client Perhaps c-client uses strtok() and gethostbyname() which are not thread-safe on most C library implementations. c-client's static data is meant to be shared across threads. If strtok() and gethostbyname() are thread-safe on your OS, c-client may be thread-safe.
cpdflib ?
libcrypt ?
Expat Yes Need a separate parser instance per thread
FreeTDS ?
FreeType ?
GD 1.8.x ?
GD 2.0.x ?
gdbm No Errors returned via a static gdbm_error variable
ImageMagick 5.2.2 Yes ImageMagick docs claim it is thread safe since version 5.2.2 (see Change log).
Imlib2 ?
libjpeg v6b ?
libmysqlclient Yes Use mysqlclient_r library variant to ensure thread-safety. For more information, please read http://www.mysql.com/doc/en/Threaded_clients.html.
Ming 0.2a ?
Net-SNMP 5.0.x ?
OpenLDAP 2.1.x Yes Use ldap_r library variant to ensure thread-safety.
OpenSSL 0.9.6g Yes Requires proper usage of CRYPTO_num_locks, CRYPTO_set_locking_callback, CRYPTO_set_id_callback
liboci8 (Oracle 8+) 8.x,9.x ?
pdflib 5.0.x Yes PDFLib docs claim it is thread safe; changes.txt indicates it has been partially thread-safe since V1.91: http://www.pdflib.com/products/pdflib/index.html.
libpng 1.0.x ?
libpng 1.2.x ?
libpq (PostgreSQL) 7.x Yes Don't share connections across threads and watch out for crypt() calls
Sablotron 0.95 ?
zlib 1.1.4 Yes Relies upon thread-safe zalloc and zfree functions Default is to use libc's calloc/free which are thread-safe.
dns-caveats.html100644 0 0 24043 10423221150 11314 0ustar 0 0 DNS ġ õ - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

DNS ġ õ

ֽ ƴմϴ. ֱٿ ϼ.

ִ. ġ DNS ʵ ϶. ġ дµ DNS ʿϴٸ ŷڼ ( ȵ ִ) Ȥ 񽺰ź ݰ (ڰ ٸ ڿ ä Ͽ) 񽺵(theft of service) ݿ ô޸ ִ.

top

<VirtualHost www.abc.dom>
ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

ġ ϱؼ ȣƮ ΰ ʿϴ. ServerName ٸ ּ Ѱ IP ̴ּ. IP ּҰ ⶧, ġ DNS Ͽ www.abc.dom ּҸ ãƾ Ѵ.  DNS ٸ ȣƮ . ȣƮ û . (ġ 1.2 õ Ѵ.)

www.abc.dom ּҰ 10.0.0.1̶ . ׸ :

<VirtualHost 10.0.0.1>
ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

ġ ȣƮ ServerName ã DNS ؾ Ѵ. ãⰡ ϸ ġ ȣƮ κ . (ġ 1.2 õ Ѵ.) , ̸ ȣƮ ȣƮ ʰ, ip̶ κ Ѵ. ׷ ġ Ͽ ü URL Ѵٸ URL Ѵ.

Ʒ ΰ .

<VirtualHost 10.0.0.1>
ServerName www.abc.dom
ServerAdmin webgirl@abc.dom
DocumentRoot /www/abc
</VirtualHost>

top

񽺰ź (Denial of Service)

(ּ) ΰ 񽺰źΰ ߻ ִ. ġ 1.2  ȣƮ DNS ˻ ϸ ʴ´. DNS ִ. , abc.dom Ʈ̰ ڽ DNS Ѵٸ, www.abc.dom ڵ带 ⸸ ص (1.2 ) Ѵ.

ξ Ȱ ִ. 캸:

<VirtualHost www.abc.dom>
  ServerAdmin webgirl@abc.dom
  DocumentRoot /www/abc
</VirtualHost>

<VirtualHost www.def.dom>
  ServerAdmin webguy@def.dom
  DocumentRoot /www/def
</VirtualHost>

www.abc.dom 10.0.0.1, www.def.dom 10.0.0.2 Ҵߴٰ . , def.dom ü DNS Ѵٰ . Բ def.dom abc.dom ç ִ ҿ ξ. ׷ٸ ׵ www.def.dom 10.0.0.1 ϱ⸸ ϸ ȴ. ׵ ü DNS ϱ⶧ ׵ ϴµ www.def.dom ڵ带 ϴ .

http://www.abc.dom/whatever URL Էϴ 츦 Ͽ) 10.0.0.1 û def.dom ȣƮ ϰ ȴ. ̷ Ͼ Ϸ ġ  ȣƮ û óϴ ʿϴ. 밭 ִ.

top

"ּ" ּ

ġ 1.1 ̸ ȣƮ ԵǾ⶧ ġ ϴ ȣƮ IP ּ() ʿ䰡 . ּҴ (ִٸ) ServerName Ȥ C Լ gethostname (Ʈ "hostname" Է ) ´. ׷ ּҷ DNS ˻ Ѵ. ˻ .

DNS ׾ ˻ ٸ /etc/hosts ȣƮ ִ. (ǻͰ õǾٸ Ƹ ̹ ̴.) ׸ DNS ϸ /etc/hosts ϴ Ȯ϶. ϴ ü /etc/resolv.conf Ȥ /etc/nsswitch.conf ϸ ̴.

 DNS ˻ϸ ȵȴٸ HOSTRESORDER ȯ溯 "local" ϰ ġ ִ. mod_env Ͽ ȯ ʴ´ٸ ȯ溯 CGI ش. ü manpage FAQ ϴ .

top

ϱ

top

η: δ

DNS õ Ȳ ſ ٶ ϴ. ġ 1.2 츮 DNS 쿡 ּ . · Ͽ IP ּҸ 䱸ϴ ȣ ٽ ؾ ͳݿ ſ ٶ ϴ.

񽺵 Ѱ ˻ IP ּҿ ٽ DNS ˻ Ͽ ̸ ϴ ̴. ٸ ȣƮ ִ. DNS ùٷ Ǿ Ѵ. (FTP TCP wrapper "ߺ-" DNS ˻ ϱ⶧ κ ڿ ͼ ̴.)

· IP ּҸ DNS ȣƮ ְ . Ϻθ ϴ Ͱ κ ذå ü ʴ ͺ ִ.

HTTP/1.1 ԰ Ͻð Host Ƿ IP ȣƮ ʴ ̴. ׷ ߿ DNS ˻ ʿ䰡 . ׷ 1997 3 ߿ ̸ ȣƮ θ ʾҴ.

dso.html100644 0 0 32377 10423221150 7702 0ustar 0 0 ü (DSO) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ü (DSO)

ֽ ƴմϴ. ֱٿ ϼ.

ġ ڰ Ͽ ִ ȭ α׷̴. Ҷ httpd Ͽ ִ. ƴϸ httpd ϰ иϿ ü(Dynamic Shared Objects, DSO) ִ. DSO Ҷ ϰų, Apache Extension Tool (apxs) Ͽ ߿ Ͽ ߰ ִ.

DSO ̷ Ѵ.

top

õ õ þ

ġ ٽɿ ؾ mod_so.c ġ о̱ DSO Ѵ. core ϰ DSO ̴. ٸ ġ ġ configure --enable-module=shared ɼ Ͽ DSO ִ. mod_foo.so DSO httpd.conf Ͽ mod_so LoadModule ɾ Ͽ ۽ Ȥ ۽ о ִ.

ġ (Ư ڰ ) DSO apxs (APache eXtenSion) ο α׷ ִ. α׷ ġ ҽ Ʈ ۿ DSO Ҷ Ѵ. . ġ ġҶ configure make install ġ C ġϰ, DSO ϱ ÷ Ư Ϸ ɼǰ Ŀ ɼ apxs α׷ Ѵ. ׷ apxs ϴ ڴ ġ ҽ Ʈ, DSO ÷ Ư Ϸ ɼǿ Ŀ ɼǿ Ű ʰ ڽ ġ ҽ ִ.

top

Apache 2.0 DSO ɿ ª ̴:

  1. ִ ġ ϰ ġϴ . mod_foo.c DSO mod_foo.so:

    $ ./configure --prefix=/path/to/install --enable-foo=shared
    $ make install

  2. ڰ ġ ϰ ġϴ . mod_foo.c DSO mod_foo.so:

    $ ./configure --add-module=module_type:/path/to/3rdparty/mod_foo.c --enable-foo=shared
    $ make install

  3. ߿ ϱ ġ ϴ :

    $ ./configure --enable-so
    $ make install

  4. ڰ ġ ϰ ġϴ . apxs Ͽ ġ ҽ Ʈ ۿ mod_foo.c DSO mod_foo.so:

    $ cd /path/to/3rdparty
    $ apxs -c mod_foo.c
    $ apxs -i -a -n foo mod_foo.la

ϴ ϵǸ, httpd.conf LoadModule þ Ͽ ġ о̰ .

top

н ü (DSO) ŷ/ε(dynamic linking/loading)̶ Ͽ, Ư ڵ α׷ ּҰ о̴ ִ.

ΰ о ִ. ϳ α׷ Ҷ ld.so ý α׷ ڵ о̴ , ٸ ϳ α׷ dlopen()/dlsym() ýȣ н δ(loader) ý ̽ Ͽ о̴ .

ù° DSO ̺귯(shared libraries) Ȥ DSO ̺귯 θ, libfoo.so libfoo.so.1.2 ̸ . ̵ ý 丮( /usr/lib) ְ, Ͻ Ŀ ɾ -lfoo ־ ϰ Ѵ. ̷ ̺귯 Ͽ ǿ, α׷ Ҷ Ŀ ɼ -R , ȯ溯 LD_LIBRARY_PATH Ȥ /usr/lib н δ libfoo.so ã ִ. ׷ α׷ ( ã(unresolved)) ɺ(symbol) DSO ãԵȴ.

DSO α׷ ɺ ãʱ (DSO 밡 Ϲ ڵ ̺귯̹Ƿ) ã ⼭ . н δ ɺ ã⸦ ϹǷ α׷ DSO ɺ ã ʿ䰡 . ( ld.so θ ڵ ƴ α׷ ũǴ ڵ Ϻδ.) ̺귯 ڵ带 о̴ Ȯϴ. ̺귯 ڵ尡 α׷ ߺؼ Ǵ libc.so ý ̺귯 ѹ DZ ũ ȴ.

ι° DSO ü(shared objects) Ȥ DSO ̶ θ, (Ģ ̸ foo.so) Ȯڴ Ӵ. ϵ α׷ ü 丮 ġϰ α׷ ڵ ʴ´. α׷ dlopen() Ͽ DSO ּҰ о鿩 Ѵ. ̶ α׷ DSO ɺ ã ʴ´. տ н δ ڵ ϰ ̹ о DSO ̺귯(Ư ׻ ϴ libc.so ɺ) DSO ( ã) ɺ ã´. ׷ DSO ġ ó α׷ ũȰͰ ɺ ˰Եȴ.

DSO API ̿ϱؼ α׷ dlsym() DSO Ư ɺ ãƼ, ϱ ġ(dispatch) ǥ Ѵ. ٸ α׷ Ǻ ãƾѴ. ̷ α׷ Ϻθ α׷ ʿҶ о ʾƵ (׷ ޸𸮸 ʰ) ȴٴ ̴. ⺻ α׷ Ȯϱ ʿ κ о ִ.

̷ DSO ڿ , ּ Ѱִ. α׷ Ȯϱ DSO Ҷ DSO α׷ ɺ ã ̴. ? DSO α׷ ɺ " ã " (̺귯 ڽ ϴ α׷ 𸥴ٴ) ̺귯 迡 ϸ, ÷ ʰ ǥȭ ʾұ ̴. ɺ(global symbol) ͽƮ(export) ʱ⶧ DSO . DSO Ͽ α׷ ȮϷ Ŀ ɺ ͽƮϵ ϴ ֵ ذå̴.

̺귯 DSO Ģ ̱⶧ ü ϴ ̺귯 Ѵ. ݴ α׷ α׷ Ȯϱ ü ʴ´.

1998 Ȯϱ DSO Ʈ Ű (XS DynaLoader ) Perl 5, Netscape Server 幰. ġ ̹ Ȯϱ ߰ ܺ ġ ٽɱɿ ϱ ġ ̿ ٹ ߱⶧ 1.3 뿭 շߴ. ׷ ġ о̴µ DSO ϵ .

top

տ DSO ϸ ִ:

DSO ִ:

env.html100644 0 0 44514 10423221150 7701 0ustar 0 0 ġ ȯ溯 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ġ ȯ溯

ֽ ƴմϴ. ֱٿ ϼ.

ġ ȯ溯(environment variable) ִ. Ͽ α׳ ۾ Ѵ. , ȯ溯 CGI ũƮ ܺ α׷ ϴ ȴ. ȯ溯 ٷ ϴ پ Ѵ.

ȯ溯 θ, ü ϴ ȯ溯 ٸ. ġ ο ǰ ȴ. ȯ溯 CGI ũƮ Server Side Include ũƮ Ѱ ü ȯ溯 ȴ. ϴ ü ȯ ϰ ʹٸ ü ȯ ؾ Ѵ.

top

ȯ溯 ϱ

õ õ þ

⺻ ȯ漳

ġ ȯ溯 ϴ ⺻ SetEnv þ ϴ ̴. PassEnv þ Ͽ ȯ溯 ִ.

û Ǻ

ϰ, mod_setenvif ϴ þ û û Ư¡ ȯ溯 Ѵ. , Ư (User-Agent) ûϰų Ư Referer ( Ʋ ʾҴ) ִ 쿡 ִ. mod_rewrite ִ RewriteRule [E=...] ɼ Ͽ ϰ ȯ溯 ִ.

ĺ

mod_unique_id û  쿡 "" û߿ Ȯ (ġ) UNIQUE_ID ȯ溯 Ѵ.

ǥ CGI

CGI ũƮ SSI ġ Ͽų ȯ溯 ܿ ߰ CGI Ծ û ˷ִ ȯ溯 ޴´.

top

ȯ溯 ϱ

õ õ þ

CGI ũƮ

ȯ溯 ֵ 뵵 ϳ CGI ũƮ ȯϴ ̴. տ ߵ ġ ܿ û ǥ CGI ũƮ Ѿ. ڼ CGI 丮 ϶.

SSI

mod_include INCLUDES Ͱ óϴ Ľ (SSI) echo Ҹ Ͽ ȯ溯 ְ, ȯ溯 Ͽ û Ư¡ 帧 ҷ Ϻθ ִ. ġ SSI ǥ CGI ȯ溯 Ѵ. ڼ SSI 丮 ϶.

allow from env= deny from env= þ Ͽ ȯ溯 ִ. SetEnvIf ϸ Ŭ̾Ʈ Ư¡ Ӱ ִ. , Ư (User-Agent) ź ִ.

Ǻ α

LogFormat %e ɼ Ͽ ȯ溯 α׿ ִ. , CustomLog þ Ǻ ϸ ȯ溯 Ȳ û α θ ִ. SetEnvIf Ͽ  û α Ӱ ִ. , ϸ gif û α ʰų, ܺ Ʈ ִ Ŭ̾Ʈ û α ִ.

Ǻ

Header þ Ŭ̾Ʈ ȯ溯  HTTP ִ. , Ŭ̾Ʈ û Ư ִ 쿡  ִ.

ܺ ϱ

mod_ext_filter ExtFilterDefine þ ܺ ͸ disableenv= enableenv= ɼ Ͽ ȯ溯 ִ.

URL ۼ(Rewriting)

RewriteCond TestString %{ENV:...} ϸ mod_rewrite ۼ ȯ溯 ٸ ൿѴ. mod_rewrite տ ENV: ʰ ϴ ȯ溯 ƴ ϶. ׵ ٸ ⿡ mod_rewrite .

top

Ư ȯ溯

Ŭ̾Ʈ Ȱ ϱ ġ Ư Ŭ̾Ʈ ڽ ൿ Ѵ. BrowserMatch ȯ溯 Ͽ ̷ ذѴ. ׷ SetEnv PassEnvε ϴ.

downgrade-1.0

û ϴ HTTP/1.0 û óѴ.

force-no-vary

Ŭ̾Ʈ Vary ʵ带 .  Ŭ̾Ʈ ʵ带 ؼ Ѵ (Ŭ̾Ʈ ̹ ˷ ). ̷ ذѴ. , force-response-1.0 Ѵ.

force-response-1.0

HTTP/1.0 û ϴ Ŭ̾Ʈ HTTP/1.0 Ѵ. AOL Ͻÿ ־ .  HTTP/1.0 Ŭ̾Ʈ HTTP/1.1 Ƿ, ذϱ Ѵ.

gzip-only-text/html

"1"̸ text/html ƴ content-type mod_deflate DEFLATE ͸ ʴ´.

no-gzip

ɼ ϸ mod_deflate DEFLATE ͸ ʴ´.

nokeepalive

KeepAlive Ѵ.

prefer-language

mod_negotiation ൿ ģ. (en, ja, x-klingon ) ±׸ ִٸ, mod_negotiation õѴ. ׷ ٸ Ϲ Ѵ.

redirect-carefully

Ŭ̾Ʈ ̷ . ̷ óϴµ ִ Ŭ̾Ʈ Ѵ. Microsoft WebFolders Ʈ DAV ޽带 丮 ڿ ̷ óϴµ ־ .

suppress-error-charset

2.0.40 ִ

ġ Ŭ̾Ʈ û ̷ Ŭ̾Ʈ ڵ ̷ ϴ(Ȥ ʴ) 쿡 Ͽ 信 ڿ Ѵ. ġ ġ ϴ ISO-8859-1 ǥѴ.

׷ ̷ǵ ٸ  ̻ ƴ϶ ̷ Ϸ Ѵ. , ׸ ̻ϰ ִ.

ȯ溯 ġ ̷ ʵ Ͽ, ̷ ùٷ ϰ .

top

߸ ϴ Ŭ̾Ʈ ൿ ϱ

Ŭ̾Ʈ ̹ ˷ ذϱ httpd.conf ϱ ٶ.

#
#  þ Ϲ HTTP  Ѵ.
# ù° þ Netscape 2.x ̸  
# keepalive  ʴ´. ̵    ִ.
# ι° þ HTTP/1.1  ߸Ǿ 301̳ 302
# (̷) 信  keepalive  
# ϴ Microsoft Internet Explorer 4.0b2  ̴.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

#
#  þ ⺻ HTTP/1.1   Ͽ
# HTTP/1.0 Ծ   HTTP/1.1   ʴ´.
#
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

α׿ ̹ û α ʱ

̹ û α׿ ʴ´. Ư 丮 Ȥ Ư ȣƮ û α ʵ ִ.

SetEnvIf Request_URI \.gif image-request
SetEnvIf Request_URI \.jpg image-request
SetEnvIf Request_URI \.png image-request
CustomLog logs/access_log common env=!image-request

"̹ "

ڰ ִ ̹ ϵ ϴ Ѵ. , ѵ 쿡 Ѵ. 츮 ̹ /web/images 丮 ȿ ִٰ Ѵ.

SetEnvIf Referer "^http://www.example.com/" local_referal
# Referer   ʴ  Ѵ
SetEnvIf Referer "^$" local_referal
<Directory /web/images>
   Order Deny,Allow
   Deny from all
   Allow from env=local_referal
</Directory>

ڼ ApacheToday 丮 " Keeping Your Images from Adorning Other Sites" ϶.

faq/all_in_one.html100644 0 0 22473 10423221150 11757 0ustar 0 0  (FAQ) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > FAQ

 (FAQ)

FAQ ֽ ġ Ʈ <http://httpd.apache.org/docs/2.0/faq/> ִ.

ġ 2.0 ȵǼ 츮  (FAQ) 𸥴. ä ⿡ ش ٸ ġ 1.3 FAQ ϶.

top

 ذϳ?
ΰ?
top

" ... ȵdz? ... ʴ°?"

ġ Ʈ ܰ踦 :

α(errorlog) Ȯ϶!
ġ ַ Ѵ. α׿ ڼ Ѵ. ̰͸ε (ϱ ) ߰ϰ ĥ ִ 찡 . α ⺻ ġ /usr/local/apache2/logs/error_log, Ȯ ġ ErrorLog þ ϶.
FAQ Ȯ϶!
ġ Ʈ ׻ ġ FAQ ֽ ִ.
ġ ͺ̽ Ȯ϶
ġ׷(The Apache Group) κ ͺ̽ ϵȴ. ׸ ߰ϱ , ̹ ˷ų(open) ذ(closed) װ ִ Ȯϱ ٶ. ̹ Ǿٸ " ̷ ִٰ" ʱ ٶ. ذ ʾҴٸ ֱ Ȳ Ȯϱ ٶ. , ͺ̽ ϵ ʰ ̸ ȯ ó غ ִ.
Ѵ

ġ ϱ ϴ Ȱ ü ִ. Ϲ ̷ ü ϴ ̴.

ϸƮ

USENET ׷:

  • comp.infosystems.www.servers.unix [news] [google]
  • comp.infosystems.www.servers.ms-windows [news] [google]
  • comp.infosystems.www.authoring.cgi [news] [google]
ϸ ͺ̽ Ѵ

ܰ踦 õϰ ذå ٸ, ׸ Ͽ ڵ鿡 ˸ ٶ.

core dump ״ (ϸ) backtrace(; Ȯ  ߻Ͽ, α׷  η Ǿ ˷ִ ) ϱ ٶ. ,

# cd ServerRoot
# dbx httpd core
(dbx) where

(ServerRoot, httpd, core ġ ϶. dbx gdb ؾ ִ.)

ϳ?

40 ڹ ڸδ 鸸 ڿ ġ . ϱ Ѵ.

ġ ȸ Ѵ.

top

Invalid argument: core_output_filter: writing data to the network

÷ sendfile ýȣ Ѵٸ, ġ ӵ ϱ ýȣ Ѵ.  ýۿ ġ Ҷ sendfile ۵ ʴµ ۵Ѵٰ Ѵ. Ʈ Ͻý̳ ǥ Ͻý Ҷ ߻Ѵ.

α(error log) ϰų ũⰡ 0 ƴ Ͽ ũⰡ 0 ϴ ̴. Ҷ sendfile ʱ⶧ Ϲ ûҶ ߻Ѵ.

ذϷ sendfile ʵ EnableSendfile þ Ѵ. , ̿ EnableMMAP ϶.

AcceptEx Failed

win32 AcceptEx ýȣ⿡ , Win32DisableAcceptEx þ ϶.

Premature end of script headers

CGI ũƮ Internal Server Error α׿ Ѵ. ̷ Ҷ CGI 丮 ִ.

faq/error.html100644 0 0 10013 10423221150 10774 0ustar 0 0 -  (FAQ) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > FAQ

-  (FAQ)

top

Invalid argument: core_output_filter: writing data to the network

÷ sendfile ýȣ Ѵٸ, ġ ӵ ϱ ýȣ Ѵ.  ýۿ ġ Ҷ sendfile ۵ ʴµ ۵Ѵٰ Ѵ. Ʈ Ͻý̳ ǥ Ͻý Ҷ ߻Ѵ.

α(error log) ϰų ũⰡ 0 ƴ Ͽ ũⰡ 0 ϴ ̴. Ҷ sendfile ʱ⶧ Ϲ ûҶ ߻Ѵ.

ذϷ sendfile ʵ EnableSendfile þ Ѵ. , ̿ EnableMMAP ϶.

AcceptEx Failed

win32 AcceptEx ýȣ⿡ , Win32DisableAcceptEx þ ϶.

Premature end of script headers

CGI ũƮ Internal Server Error α׿ Ѵ. ̷ Ҷ CGI 丮 ִ.

faq/index.html100644 0 0 5171 10423221150 10743 0ustar 0 0  (FAQ) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

 (FAQ)

FAQ ֽ ġ Ʈ <http://httpd.apache.org/docs/2.0/faq/> ִ. , ˻ϰ ϱ ϰ FAQ ִ.

ġ 2.0 ȵǼ 츮  (FAQ) 𸥴. ä ⿡ ش ٸ ġ 1.3 FAQ ϶.

top

 ذϳ?
ΰ?
faq/support.html100644 0 0 14335 10423221150 11372 0ustar 0 0 -  (FAQ) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > FAQ

-  (FAQ)

top

" ... ȵdz? ... ʴ°?"

ġ Ʈ ܰ踦 :

α(errorlog) Ȯ϶!
ġ ַ Ѵ. α׿ ڼ Ѵ. ̰͸ε (ϱ ) ߰ϰ ĥ ִ 찡 . α ⺻ ġ /usr/local/apache2/logs/error_log, Ȯ ġ ErrorLog þ ϶.
FAQ Ȯ϶!
ġ Ʈ ׻ ġ FAQ ֽ ִ.
ġ ͺ̽ Ȯ϶
ġ׷(The Apache Group) κ ͺ̽ ϵȴ. ׸ ߰ϱ , ̹ ˷ų(open) ذ(closed) װ ִ Ȯϱ ٶ. ̹ Ǿٸ " ̷ ִٰ" ʱ ٶ. ذ ʾҴٸ ֱ Ȳ Ȯϱ ٶ. , ͺ̽ ϵ ʰ ̸ ȯ ó غ ִ.
Ѵ

ġ ϱ ϴ Ȱ ü ִ. Ϲ ̷ ü ϴ ̴.

ϸƮ

USENET ׷:

  • comp.infosystems.www.servers.unix [news] [google]
  • comp.infosystems.www.servers.ms-windows [news] [google]
  • comp.infosystems.www.authoring.cgi [news] [google]
ϸ ͺ̽ Ѵ

ܰ踦 õϰ ذå ٸ, ׸ Ͽ ڵ鿡 ˸ ٶ.

core dump ״ (ϸ) backtrace(; Ȯ  ߻Ͽ, α׷  η Ǿ ˷ִ ) ϱ ٶ. ,

# cd ServerRoot
# dbx httpd core
(dbx) where

(ServerRoot, httpd, core ġ ϶. dbx gdb ؾ ִ.)

ϳ?

40 ڹ ڸδ 鸸 ڿ ġ . ϱ Ѵ.

ġ ȸ Ѵ.

filter.html100644 0 0 11671 10423221150 10374 0ustar 0 0 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ġ ͸ ϴ Ѵ.

top

õ õ þ

(filter) ų ޴ ڷῡ Ǵ ۾̴. Ŭ̾Ʈ ڷ Է(input filter) óϰ, Ŭ̾Ʈ ڷ (output filter) óѴ. ڷῡ ͸ ְ, ִ.

ġ ̾ޱ(byte-range) û óϱ ͸ Ѵ. , þ Ͽ ð ͸ ϴ ⵵ ִ. SetInputFilter, SetOutputFilter, AddInputFilter, AddOutputFilter, RemoveInputFilter, RemoveOutputFilter þ ڷḦ óϴ ͸ Ѵ.

ġ ڰ ִ ͸ Ѵ.

INCLUDES
mod_include óϴ Server-Side Includes
DEFLATE
mod_deflate Ͽ Ŭ̾Ʈ

, mod_ext_filter Ͽ ܺ α׷ ͷ ִ.

glossary.html100644 0 0 43042 10423221150 10747 0ustar 0 0 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ֽ ƴմϴ. ֱٿ ϼ.

Ϲݿ , Ư ġ õ, Ѵ. 信 ڼ ũ ϶. (; ܾ ѱ ƴ϶, Դϴ. ǥ ϱ ٶϴ.)

top

(Access Control)
Ʈ . ġ Ư URL ϱ Ѵ.
: , Ѻο,
˰ (Algorithm)
ܰ踦 Ǫ Ȯ Ȥ Ģ. ȣȭ ˰ ȣ(Ciphers) θ.
APache eXtension Tool (apxs)
(module) ҽ ü (DSO) ϰ ġ ġϴ ۾ perl ũƮ.
: Manpage: apxs
(Authentication)
, Ŭ̾Ʈ, Ʈ ü Ȯ.
: , Ѻο,
(Certificate)
Ŭ̾Ʈ Ʈ ü ϴ ڷ. (subject ), (Certificate Authority) (issuer ), Ű, CA  X.509 ִ. Ʈ ü CA Ͽ ˻Ѵ.
: SSL/TLS ȣȭ
û (Certificate Signing Request, CSR)
(Certification Authority) Ͽ CA (Certificate) Ű (Private Key) . CSR Ǹ ȴ.
: SSL/TLS ȣȭ
(Certification Authority, CA)
Ʈ ü ϴ ŷϴ . ٸ Ʈ ü CA ڸ ߴ Ȯ ִ.
: SSL/TLS ȣȭ
ȣ (Cipher)
ڷḦ ȣȭϴ ˰̳ ý. , DES, IDEA, RC4 ִ.
: SSL/TLS ȣȭ
ȣ (Ciphertext)
(Plaintext) ȣ (Cipher) ó .
: SSL/TLS ȣȭ
Ʈ ̽ (Common Gateway Interface, CGI)
ܺ α׷ û ֵ ܺ α׷ ̽ ǥ. ̽ NCSA , RFC Ʈ̱⵵ ϴ.
: CGI
þ (Configuration Directive)
: þ
(Configuration File)
ġ ϴ þ (directive) ؽƮ.
:
CONNECT
HTTP ڷ帧 Ͻϴ HTTP ޽ (method). SSL ٸ α Ѵ.
(Context)
(configuration file) Ư þ (directive) ִ .
: ġ þ ϴµ
ڼ (Digital Signature)
ٸ ˻ϴ ȣȭ ڵ. (Certification Authority) (Certificate) Ե Ű (Public Key) ؽ ڽ Ű (Private Key) ȣȭϿ . CA Ű Ǯ ֱ⶧, CA (Certificate) Ʈ ü ִ.
: SSL/TLS ȣȭ
þ (Directive)
ġ ϴ ɾ. þ (Configuration File) Ѵ.
: þ
ü (Dynamic Shared Object) (DSO)
ġ httpd ϰ Ͽ ʿҶ о ִ (Module).
: ü
ȯ溯 (Environment Variable) (env-variable)
ϰ α׷ ü ϴ . ġ ȯ溯 , ȯ ƴ϶ ġ ο ȴ.
: ġ ȯ溯
(Export-Crippled)
̱ (Export Administration Regulations, EAR) ؼϱ ȣ( ) . ȣȭ Ʈ Ű ũⰡ ۰ ѵǾ, ȣ (Ciphertext) (brute force) Ǯ ִ.
: SSL/TLS ȣȭ (SSL/TLS Encryption)
(Filter)
ų ޴ ڷḦ óϴ . Էʹ Ŭ̾Ʈ ڷḦ óϰ, ʹ Ŭ̾Ʈ óѴ. , INCLUDES ʹ Server Side Includes óѴ.
:
θ (Fully-Qualified Domain-Name) (FQDN)
IP ּҿ ϴ, ȣƮ θ Ʈ ü ̸. , www ȣƮ̰ example.com θ϶, www.example.com θ̴.
ڵ鷯 (Handler)
ûҶ ϴ ۾ ġ ǥ. Ϲ Ϲ ڵ鷯 . ,  "óȴ(handled)". , cgi-script ڵ鷯 CGI ó Ѵ.
: ġ ڵ鷯
(Header)
HTTP û 信 κ ϴ ִ.
.htaccess
ȿ ִ (configuration file), þ (directive) ڽ ġ 丮 丮 Ѵ. ̸ ޸ Ͽ ܼ þܿ þ ִ.
:
httpd.conf
ġ (configuration file). ⺻ ġ /usr/local/apache2/conf/httpd.conf, Ҷ Ȥ ϶ ִ.
:
HyperText Transfer Protocol (HTTP)
̵ ϴ ǥ . ġ RFC 2616 HTTP/1.1̶ 1.1 Ѵ.
HTTPS
ȭ̵ ǥ ȣ , HyperText Transfer Protocol (Secure). شܿ SSL HTTP̴.
: SSL/TLS ȣȭ
޽ (Method)
Ŭ̾Ʈ HTTP û ڿ ϵ ൿ. HTTP ޽忡 GET, POST, PUT ִ.
޽ (Message Digest)
޽ ʾ ϱ ޽ ؽ.
: SSL/TLS ȣȭ
MIME-type
ϴ . Multipurpose Internet Mail Extensions Ա⶧ ̷ ̸ . ̿ major type minor type ̷. , text/html, image/gif, application/octet-stream ̴. MIME-type HTTP Content-Type (header) Ѵ.
: mod_mime
(Module)
α׷ κ. ġ Կθ ִ ⿡ ִ. ġ httpd ϰ ̶ ϸ, иǾ о ִ Ȥ DSO Ѵ. ⺻ ϴ base ̶ Ѵ. ġ Ÿ (tarball) ġ ִ. ̵ ڰ (third-party) ̶ Ѵ.
:
(Module Magic Number) (MMN)
ġ ҽڵ尡 , ȣȯ ִ. ȣȯ ̻ ġ Լ ȣ, ٸ API Ϻΰ 쿡 ٲ. MMN ϸ ڰ ּ ٽ ϵǾ Ѵ. ġ µ ؾ 쵵 ִ.
OpenSSL
SSL/TLS ¼ҽ
http://www.openssl.org/
Pass Phrase
Ű ȣϴ . ڰ Ű Ͽ ȣȭ ϵ Ѵ. ȣ (Ciphers) ϴ н ȣ/ص Ű̴.
: SSL/TLS ȣȭ
(Plaintext)
ȣȭ .
Ű (Private Key)
ڷḦ صϰ ڷḦ ϱ Ű ȣȭ (Public Key Cryptography) ý ȣŰ.
: SSL/TLS ȣȭ
Ͻ (Proxy)
Ŭ̾Ʈ ̿ ִ ߰ . Ŭ̾Ʈ û ޾ , Լ ٽ Ŭ̾Ʈ . Ŭ̾Ʈ ûϸ Ͻô Ź ûʰ ij Ͽ ð ִ.
: mod_proxy
Ű (Public Key)
Ű ȣȭ (Public Key Cryptography) ýۿ Ű ڿ ȣȭϰų ڰ Ǯ Ű.
: SSL/TLS ȣȭ
Ű ȣȭ (Public Key Cryptography)
ȣ ص ٸ Ű ϴ Ī(asymmetric) ȣȭ ý Ȱ. ȣ ص ϴ ΰ Ű Ű(key pair) ̷. Ī ȣȭ θ.
: SSL/TLS ȣȭ
ǥ (Regular Expression) (Regex)
ϴ . , " A ϴ ܾ", " 10ε ȭȣ", "ǥ ΰְ 빮 Q " ǥ ִ. ǥ ϸ ſ ϰ ̳ ڿ  ִ. , "images" 丮 Ʒ ִ .gif .jpg "/images/.*(jpg|gif)$" Ī ִ. ġ PCRE ̺귯 Ͽ Perlȣȯ ǥ Ѵ.
Ͻ (Reverse Proxy)
Ŭ̾Ʈ ó ̴ Ͻ (proxy) . Ȼ Ȥ ϸ лϱ Ŭ̾Ʈ 涧 ϴ.
Secure Sockets Layer (SSL)
Netscape Communications簡 TCP/IP Ʈ Ϲ ȣȭ . Ϲ 뵵 HTTPS (HyperText Transfer Protocol (HTTP) over SSL)̴.
: SSL/TLS ȣȭ
Server Side Includes (SSI)
HTML ȿ óþ ϴ .
: Server Side Includes Ұ
(Session)
Ϲ Ȳ(context) .
SSLeay
Eric A. Young SSL/TLS ̺귯
Ī ȣ (Symmetric Cryptography)
ȣ ص ۾ ȣŰ ϴ ȣ (Ciphers) Ȱ.
: SSL/TLS Encryption
Ÿ (Tarball)
tar Ͽ ϵ . ġ tar ϰų pkzip Ͽ ȴ.
Transport Layer Security (TLS)
ͳݱ ǥȭⱸ(Internet Engineering Task Force, IETF) TCP/IP Ʈ Ϲ ȣȭ SSL ļ . TLS 1 SSL 3 ϴ.
: SSL/TLS ȣȭ
Uniform Resource Locator (URL)
ͳݿ ִ ڿ ̸/ּ. δ Uniform Resource Identifier ϴ ϻ Ī̴. URL http https Ŵ(scheme), ȣƮ, η ȴ. URL http://httpd.apache.org/docs/2.0/glossary.html̴.
Uniform Resource Identifier (URI)
߻ ڿ̳ ڿ Īϱ ڿ. RFC 2396 Ѵ. ̵ ϴ URI URL̶ θ.
ȣƮ (Virtual Hosting)
ġ ϳ Ʈ ϱ. IP ȣƮ Ʈ IP ּҰ ٸ. ̸(name-based) ȣƮ ȣƮ ϹǷ IP ּҿ Ʈ ִ.
: ġ ȣƮ
X.509
ſ(International Telecommunication Union, ITU-T) ϴ . SSL/TLS Ѵ.
: SSL/TLS ȣȭ
handler.html100644 0 0 16645 10423221150 10532 0ustar 0 0 ġ ڵ鷯 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

ġ ڵ鷯

ġ ڵ鷯 ϴ Ѵ.

top

ڵ鷯 ΰ

õ õ þ

ûҶ ġ ۾ "ڵ鷯(handler)" Ѵ. Ϲ Ϲ ڵ鷯 ִ. ,  "óȴ(handled)".

Apache 1.1 ڵ鷯 ְ Ǿ. ڵ鷯 Ȯڳ ġ ִ. ̴ Ǹ ̰ ڵ鷯 ο ֱ⶧ . ( Ȯڸ )

ڵ鷯 Ͽ, Action þ ߰ ִ. ǥ ִ ⺻ ڵ鷯 :

top

CGI ũƮ Ͽ ϱ

þ Ȯڰ html û footer.pl CGI ũƮ .

Action add-footer /cgi-bin/footer.pl
AddHandler add-footer .html

CGI ũƮ (PATH_TRANSLATED ȯ溯 Īϴ) û .

HTTP ϴ

þ HTTP ϴ Ͽ send-as-is ڵ鷯 Ѵ. /web/htdocs/asis/ 丮 ȿ ִ Ȯڿ send-as-is ڵ鷯 óѴ.

<Directory /web/htdocs/asis>
SetHandler send-as-is
</Directory>

top

α׷Ӹ

ڵ鷯 ϱ Apache API ߰Ǿ. Ư request_rec ü ο ʵ尡 ߰Ǿ:

char *handler

ڵ鷯 Ϸ, û invoke_handler ܰ r->handler ڵ鷯 ̸ ֱ⸸ ϸ ȴ. ڵ鷯 content type ڵ鷯 ̸ ϰ Ǿ. ų ʿ ڵ鷯 ̸ ʰ, ܾ ̿ ȣ ϴ Ϲ̴. ׷ ڵ鷯 ̸ media type ġ ʴ´.

howto/auth.html100644 0 0 41160 10423221150 11204 0ustar 0 0 (Authentication), Ѻο(Authorization), (Access Control) - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

(Authentication), Ѻο(Authorization), (Access Control)

ֽ ƴմϴ. ֱٿ ϼ.

(authentication) ڽ ϴ Ȯϴ ̴. Ѻο(authorization) Ȥ ϴ 򵵷 ϴ ̴.

top

þ

õ õ þ
top

Ұ

Ʈ ִ Ҽ 鸸 ̰ų ̵鸸 , ۿ ϴ Ͽ ϴ ִ.

Ʈ Ϻθ ȣϱ ϴ "ǥ" ٷ.

top

ۿ ٷ þ ּ(Ϲ <Directory> )̳ 丮 (.htaccess ) Ѵ.

.htaccess Ϸ Ͽ ִ þ ϵ ؾ Ѵ. ̸ 丮 Ͽ  þ ִ ϴ AllowOverride þ Ѵ.

⼭ ٷ , AllowOverride þ ʿϴ.

AllowOverride AuthConfig

Ȥ þ ּϿ ´ٸ, Ͽ ־ Ѵ.

׸ ȣ ִ ˱ 丮 ˾ƾѴ. ʰ, ڼ ̴.

top

⺻ ϱ

丮 ȣ ȣϴ ⺻ Ѵ.

ȣ Ѵ. ־ Ѵ. ٸ ȣ ٿε ϰϱ ؼ. , /usr/local/apache/htdocs ִٸ ȣ() /usr/local/apache/passwd д.

ġ Ե htpasswd Ͽ ȣ . α׷ ġ ġ bin 丮 ִ. ԷѴ.

htpasswd -c /usr/local/apache/passwd/passwords rbowen

htpasswd ȣ , Ȯ ȣ ٽ Է϶ ûѴ.

# htpasswd -c /usr/local/apache/passwd/passwords rbowen
New password: mypassword
Re-type new password: mypassword
Adding password for user rbowen

htpasswd ο ٸ ü θ Էؾ Ѵ. ϴ /usr/local/apache/bin/htpasswd ִ.

ȣ ûϵ ϰ,  ˷ Ѵ. httpd.conf ϰų .htaccess Ͽ Ѵ. , /usr/local/apache/htdocs/secret 丮 ȣϷ, Ʒ þ /usr/local/apache/htdocs/secret/.htaccess ̳ httpd.conf <Directory /usr/local/apache/apache/htdocs/secret> ǿ Ѵ.

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /usr/local/apache/passwd/passwords
Require user rbowen

þ ϳ 캸. AuthType þ ڸ Ѵ. Ϲ Basic, mod_auth Ѵ. ׷ Basic ȣ ȣȭ ʰ . ׷Ƿ ڷḦ ȣϱ ϸ ȵȴ. ġ AuthType Digest Ѵ. mod_auth_digest ϸ, ſ ϴ. ֱ Ŭ̾Ʈ鸸 Digest Ѵٰ Ѵ.

AuthName þ (realm) Ѵ. ΰ Ѵ. ù° Ŭ̾Ʈ ȣ ȭâ ش. ι° Ͽ Ŭ̾Ʈ Ư  ȣ Ѵ.

, ϴ Ŭ̾Ʈ "Restricted Files" Ͽٸ, Ŭ̾Ʈ ڵ "Restricted Files" ǥõ ȣ õѴ. ׷ ϸ ڰ ȣ Է ʾƵ ȴ. Ȼ Ŭ̾Ʈ ȣƮ ٸ ׻ ȣ .

AuthUserFile þ 츮 htpasswd ȣ θ Ѵ. ڰ ٸ û Ź ڸ ϱ Ϲ ˻ϴµ ð ɸ ִ. ġ Ÿ̽ Ͽ ִ. mod_auth_dbm AuthDBMUserFile þ Ѵ. dbmmanage α׷ Ͽ ȣ ٷ. ġ Ÿ̽ ٸ ϴ ڰ ִ.

Require þ Ư ִ ڸ Ͽ Ѻο Ѵ. require þ ϴ پ Ѵ.

top

þ 丮 (ڸ rbowen) 鿩. κ 鿩 ̴. AuthGroupFile .

鿩 ʹٸ ׷ ׷쿡  ڵ ִ ˷ִ ׷ ʿϴ. ſ Ͽ, ƹ γ ִ. ϳ .

GroupName: rbowen dpitts sungo rshersey

׳ ׷ ̴.

ȣϿ ڸ ߰Ϸ ԷѴ

htpasswd /usr/local/apache/passwd/passwords dpitts

, ʰ Ͽ ڸ ߰Ѵ. (-c ɼ ȣ ).

.htaccess Ѵ.

AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /usr/local/apache/passwd/passwords
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName

׷ GroupName ׷쿡 ϸ password Ͽ ׸ ִ ڰ ùٸ ȣ Էϸ Ѵ.

Ϲ ڸ 鿩 ٸ ִ. ׷ ʿ þ ϱ⸸ ϸ ȴ.

Require valid-user

Require user rbowen þ ϸ ȣϿ ִ ùٸ ȣ Էϱ⸸ ϸ Ѵ. ׷캰 ٸ ȣ Ͽ ׷ ȿ ִ. ġ ΰ(ȣϰ ׷) ƴ Ѱ(ȣ) ˻ϸ ȴٴ ̴. ׷ ȣ ؾ ϰ, AuthUserFile þ Ȯ ȣ ؾ ϴ ̴.

top

߻ ִ

Basic û ڸ ȣ ȮѴ. ħ (׸ ȣ ȣϴ 丮 ִ ) ִ ׸ ٽ ȮѴ. ϵ ӵ . ȣ  ڸ ã ϱ⶧ ȣ ũⰡ Ŀ . ׸ ۾ û Ѵ.

׷ ȣϿ ִ ڼ Ѱ谡 ִ. Ѱ ϴ ɿ ٸ, ׸ 鰳 Ѵ´ٸ ٰ ϰ ٸ ؾ Ѵ.

top

ٸ Ѱ?

ڸ ȣ ٰ ƴϴ. ҿ ٸ ڸ 鿩 ִ.

Allow Deny þ û ǻ ȣƮ Ȥ ȣƮ ּҸ ϰų źѴ. Order þ þ Ͽ, ġ  Ģ ˸.

̵ þ .

Allow from address

address IP ּ(Ȥ IP ּ Ϻ) θ(Ȥ θ Ϻ)̴. Ѵٸ ּҳ θ ִ.

, Խǿ ø ִٸ ִ.

Deny from 205.252.46.165

ּҿ 湮ڴ þ ȣϴ . IP ּ ǻ͸ ִ.

Deny from host.example.com

, ü ּҳ θ Ϻθ Ѵ.

Deny from 192.101.205
Deny from cyberthugs.com moreidiots.com
Deny from ke

Order Deny Allow þ Ͽ ϴ ִ.

Order deny,allow
Deny from all
Allow from dev.example.com

Allow þ ϸ, ش ȣƮ ڸ ϰ ű⿡ ߰ ϹǷ ϴ Ѵ. Ư ϱ Ѵ.

top

mod_auth mod_access  ϴ ִ.

howto/cgi.html100644 0 0 54640 10423221150 11014 0ustar 0 0 ġ 丮: CGI - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

ġ 丮: CGI

ֽ ƴմϴ. ֱٿ ϼ.
top

Ұ

õ õ þ

CGI (Common Gateway Interface) CGI α׷ Ȥ CGI ũƮ θ, ( ) ܺ α׷ ϴ Ѵ. Ʈ ϰ ̴. ġ CGI ϴ Ұϰ, CGI α׷ ۼغ.

top

CGI ϵ ġ ϱ

CGI α׷ ùٷ Ϸ CGI ϵ ġ ؾ Ѵ. ϴ .

ScriptAlias

ScriptAlias þ ϸ ġ Ư 丮 CGI α׷ д. ġ 丮 ִ CGI α׷̶ Ͽ Ŭ̾Ʈ ڿ ûϸ ڿ Ϸ õѴ.

ScriptAlias þ Ѵ.

ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/

ġ ⺻ ҿ ġ httpd.conf Ͽ ִ ̴. ScriptAlias þ Alias þ URL պκ Ư 丮 Ѵ. Alias ScriptAlias DocumentRoot 丮 ۿ ִ 丮 Ѵ. Alias ScriptAlias ScriptAlias ߰ URL պκ ϴ CGI α׷ ϴ ̴. ׷ ġ /cgi-bin/ ϴ ڿ ûϸ /usr/local/apache2/cgi-bin/ 丮 ãƼ CGI α׷ ó϶ ˸.

, URL http://www.example.com/cgi-bin/test.pl ûϸ ġ /usr/local/apache2/cgi-bin/test.pl Ͽ ȯѴ. ϰ డϸ  ε ؾ Ѵ. ׷ ġ .

ScriptAlias 丮 ۿ ִ CGI

Ȼ CGI α׷ ScriptAlias 丮 Ѵ. ׷ ڴ CGI α׷ ִ ִ. ׷ ġ ߴٸ ƹ 丮 CGI α׷ . , UserDir þ Ͽ ڰ ڽ Ȩ丮 츦 . ڰ ڽ CGI α׷ ϰ cgi-bin 丮 ٱ ٸ, ٸ CGI α׷ ϰ ̴.

ƹ 丮 CGI Ϸ ʿϴ. , AddHandler SetHandler þ Ͽ cgi-script ڵ鷯 ۵ؾ Ѵ. ι°, Options þ ExecCGI ؾ Ѵ.

Options Ͽ CGI ϱ

ּϿ Options þ Ͽ Ư 丮 CGI ִ.

<Directory /usr/local/apache2/htdocs/somedir>
Options +ExecCGI
 </Directory>

þ ġ CGI Ѵ.  CGI ˷ Ѵ. AddHandler þ Ȯڰ cgi pl CGI α׷̶ ˸.

AddHandler cgi-script .cgi .pl

.htaccess

.htaccess httpd.conf ٱ 쿡 CGI α׷ ִ ˷ش.

Ʒ ϸ 丮 .cgi CGI α׷ Ѵ.

<Directory /home/*/public_html>
Options +ExecCGI
AddHandler cgi-script .cgi
 </Directory>

ϸ 丮 cgi-bin 丮 ִ CGI α׷ νѴ.

<Directory /home/*/public_html/cgi-bin>
Options ExecCGI
SetHandler cgi-script
 </Directory>

top

CGI α׷ ۼϱ

``Ϲ'' α׷ְ CGI α׷ ̿ ΰ ֵ ִ.

ù° ̴ CGI α׷ ٸ ϱ MIME-type ؾ Ѵٴ ̴. HTTP Ŭ̾Ʈ Ŭ̾Ʈ  ްԵ ̸ ˸. .

Content-type: text/html

ι° ̴ HTML Ȥ ִ ؾ Ѵٴ ̴. κ HTML , gif ׸ HTML ƴ ϴ CGI α׷ ۼϴ 쵵 ִ.

ΰ ϰ CGI α׷ ۼ ̹ ٸ α׷ ſ ϴ.

ó CGI α׷

CGI α׷ . ״ first.pl̶ Ͽ ϰ, cgi-bin 丮 Ѵ.

#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";

Perl ͼ ʴ Ͼ ִ. ù° ġ(Ȥ ϴ ) /usr/bin/perl ġ ִ Ͽ α׷ ϶ ˸. ι° content-type ϰ carriage-return ٹٲ ι Ѵ. ׷ ڿ HTTP ϴ , Ѵ. ° "Hello, World." ڿ Ѵ. ̰ ̴.

ϰ ּҸ ԷѴ

http://www.example.com/cgi-bin/first.pl

Ҹ Էϸ, â Hello, World. δ. е , ѹ ϴ ٸ õ ִ.

top

׷ ʾƿ!

CGI α׷ Ҷ ִ ⺻ װ.

CGI α׷
! Ѵٴ ̴. Ȯ ùٷ ó Ѵٸ, CGI α׷ ùٸ Content-Type Ͽ ȮѴ.
CGI α׷ ҽڵ Ȥ "POST Method Not Allowed"
CGI α׷ ϵ ġ ʾҴٴ ̴. ġ ϱ ٽ а κ ִ ãƺ.
"Forbidden" ϴ
ִٴ ̴. ġ α Ʒ ϱ Ȯ϶.
"Internal Server Error"
ġ α Ƹ CGI α׷ Բ "Premature end of script headers" ̴. Ʒ ϳ ȮϿ  CGI α׷ HTTP ߴ ˾ƺ.

ϱ

Ű ϶. , ϸ Ư ( nobody www) Ѵ. ׷ Ϸ ʿϴ. Ͽ nobody ϱ⿡ ֱ ο ش.

chmod a+x first.pl

, α׷ ٸ аų ٸ Ͽ ʿϴ.

ȯ

࿡ α׷ ϸ ڵ  ޵ȴ. , PATH ã Ҹ ˷ش.

α׷ CGI α׷ Ҷ PATH ٸ ִ. ( , sendmail ) CGI α׷ ȿ ϴ ɾ η ؾ ɾ ã ִ.

CGI α׷ ù° ٿ ũƮ ( perl) ο ߻Ѵ.

#!/usr/bin/perl

ȮѴ.

, CGI α׷ ٸ ȯ溯 Ѵٸ ġ α׷ ؾ Ѵ.

α׷

CGI α׷ ϴ κ α׷ ü ̴. Ư ΰ Ǽ ʾҰ ִٸ ׷. ϱ ࿡ α׷ غ. , Ѵ.

cd /usr/local/apache2/cgi-bin
./first.pl

(perl ͸ . ġ ũƮ ù° ٿ ִ Ͽ ͸ ãƾ Ѵ.)

α׷ Content-Type HTTP ϰ ؾ Ѵ. ٸ Ѵٸ ġ Premature end of script headers ȯѴ. ڼ CGI α׷ ۼϱ ϶.

α

α״ ̴. ߸Ǹ α׿ . α׸ Ѵ. Ʈ ȣϴ α׸ ϰ Ѵٸ, Ƹ ٸ ü ˾ƺ Ѵ. α׸ , κ ľϿ ذ ִ.

Suexec

suexec α׷ ϸ  ȣƮ Ȥ  丮 ִ CGI α׷ ٸ ִ. Suexec ſ ϰ ˻ϸ, ˻縦 ϳ ϸ CGI α׷ ʰ Premature end of script headers ȯѴ.

suexec ϰ ִ ˷ apachectl -V Ͽ SUEXEC_BIN ġ ȮѴ. ġ Ҷ ҿ suexec ߰ϸ, suexec ִ.

suexec ߴٸ ؼ ȵȴ. suexec SUEXEC_BIN ġ ִ suexec (Ȥ ϸ ٲٰ) ϸ ȴ. suexec ׷ ϰ ʹٸ, suexec -V Ͽ suexec α ġ ˾Ƴ αϿ  Ģ ִ ã´.

top

ڿ °?

CGI α׷ֿ ͼ ڿ ϸ ȴ. ü ϴ ϴ ̴. "Hello, World." ϴ α׷ ۼ ̷ α׷ ⶧̴.

ȯ溯

ȯ溯 ǻ͸ ϴ ٴϴ ̴. ȯ溯 path (ǻͰ Է ɾ شϴ ã ), ڸ, ͹̳ . Ϲ ȯ溯 Ʈ env ԷѴ.

CGI Ҷ ȯ溯 ȯѴ. (Netscape, IE, Lynx), (ġ, IIS, WebSite), ϴ CGI α׷ ִ.

CGI α׷Ӵ ̷ ְ, ȯ溯 Ŭ̾Ʈ- ſ Ϻκ Ѵ. ü ʼ http://hoohoo.ncsa.uiuc.edu/cgi/env.html ִ.

Ʒ Perl CGI α׷ ڽſ ޵ ȯ溯 ش. ġ cgi-bin 丮 ̿ α׷ ΰ ִ. ʼ̰ ̴. ׷ Ͽ δ. , ġ ⺻ ϴ ȯ溯 ܿ ȯ溯 ߰ ִ.

#!/usr/bin/perl
print "Content-type: text/html\n\n";
foreach $key (keys %ENV) {
print "$key --> $ENV{$key}<br>";
 }

STDIN STDOUT

, Ŭ̾Ʈ ǥԷ(STDIN) ǥ(STDOUT) Ѵ. ϻ STDIN Ű峪 α׷ óϴ Ÿ, STDOUT ܼ̳ ȭ Ѵ.

CGI α׷ (form) POSTϸ Ŀ Է ڷḦ Ư  CGI α׷ STDIN Ѵ. ׷ α׷ Ű峪 Ͽ ڷḦ óϵ ڷḦ ó ִ.

"Ư " ſ ϴ. ׸ ̸ ȣ(=) ϰ, ׸ ̸ ֵ ۻ(&) Ѵ. , ۻ, ȣ ڿ ڴ ȥ ʵ 16 ȯѴ. ڷ ڿ .

name=Rich%20Bowen&city=Lexington&state=KY&sidekick=Squirrel%20Monkey

URL ڿ ̷ ڿ ȴ. ڿ QUERY_STRING̶ ȯ溯 Ѵ. ̸ GET û̶ Ѵ. FORM ± METHOD Ӽ Ͽ HTML (form) ڷḦ GET POST Ѵ.

α׷ ̷ ڿ ɰ Ѵ. ̷ ڷ ó CGI α׷ ٸ Ǵ ̺귯 ִ.

top

CGI /̺귯

CGI α׷ ۼҶ ۾ ִ ڵ ̺귯 Ȥ غ Ѵ. ̷ ϸ װ ٰ α׷ ִ.

Perl CGI α׷ ۼѴٸ CPAN ã ִ. CGI ߿ θ Ǵ CGI.pm̴. κ α׷ ּ CGI::Lite ִ.

C CGI α׷ ۼѴٸ . ϳ http://www.boutell.com/cgic/ ִ CGIC ̺귯.

top

...

ſ CGI ִ. ׷ comp.infosystems.www.authoring.cgi CGI ִ. HTML Writers Guild -servers ϸƮ ã⿡ Ǹ Ҵ. http://www.hwg.org/lists/hwg-servers/ ִ.

׸ CGI α׷ ۿ CGI Ծ о 𸥴. NCSA ְ, ʾ Common Gateway Interface RFC Ʈ ִ.

ϸƮ ׷쿡 ݰ ִ CGI Ҷ ߻ , ߻  ٸ, ϴ , CGI α׷ ۼ , ϸ ش ڵ带 ڼ . ׷ ذå ã .

ġ ҽڵ尡 ߸Ǿٰ Ȯ ʴ CGI ġ ͺ̽ ø ȵȴ.

howto/htaccess.html100644 0 0 40720 10423221150 12041 0ustar 0 0 ġ 丮: .htaccess - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

ġ 丮: .htaccess

ֽ ƴմϴ. ֱٿ ϼ.

.htaccess Ͽ 丮 ִ.

top

.htaccess

õ õ þ
top

̸/ ϴ°

.htaccess (Ȥ "л ") ϸ 丮 ִ. þ ִ Ư 丮 θ, 丮 丮 þ Ѵ.

:

.htaccess ϸ ٸ ϰ ʹٸ, AccessFileName þ Ͽ ִ. , .config ϸ Ϸ Ͽ ߰Ѵ.

AccessFileName .config

Ϲ .htaccess ּ . AllowOverride þ Ͽ ִ Ѵ. þ .htaccess Ͽ ϴ þ з Ѵ. þ .htaccess Ͽ ִٸ, ش þ Override ׸ þ ϱ AllowOverride ˷ش.

, AddDefaultCharset þ þ .htaccess Ͽ ִ. (þ ࿡ ׸ .) Override ٿ FileInfo ִ. ׷ þ .htaccess Ͽ ϱؼ ּ AllowOverride FileInfo ʿϴ.

:

: ּ, ȣƮ, directory, .htaccess
Override: FileInfo

Ư þ .htaccess Ͽ ִ ñϸ þ ׸ ".htaccess" ִ ȮѴ.

top

.htaccess ϳ (Ȥ ʳ)

Ϲ ּϿ 찡 ƴ϶ .htaccess ϸ ȵȴ. , ׻ .htaccess Ͽ ־ Ѵٴ ߸ ˷ ش. ̴ ƴϴ. ּ ְ, ̷ Ѵ.

.htaccess ڰ 丮 ٸϰ ýۿ root 쿡 Ѵ. ڰ ϰ Ϲ ڰ .htaccess ϵ ϴ ٶϴ. , ǻͿ Ʈ ϴ ISP ڰ ڽ ϰ 찡 ׷ϴ.

׷ Ϲ .htaccess ؾ Ѵ. .htaccess Ͽ ϴ þ ּ <Directory> ǰ ȿ ִ.

ΰ ū .htaccess ؾ Ѵ.

ù° ̴. AllowOverride .htaccess ϵ ϸ, ġ 丮 .htaccess ã´. ׷ .htaccess ϸ ʴ 쿡 ! , .htaccess ûҶ оδ.

Դٰ ؾ ϴ ü þ ġ 丮 .htaccess ã´. ( þ ϳ .) ׷ /www/htdocs/example 丮 ִ ûϸ, ġ ϵ ãƾ Ѵ.

/.htaccess
/www/.htaccess
/www/htdocs/.htaccess
/www/htdocs/example/.htaccess

׷ 丮 ִ  Ͻý 4 ؾ Ѵ. (/ .htaccess 츦 Ѵ. ʴ´.)

ι° ̴. ڿ ָ ȭ Ͼ ִ. ڿ ̷ ϶. , ڰ ϴ ͺ ָ û ´. ڿ Ȯ ˷. ڿ AllowOverride  Ͽ Ȯ ˸ ϸ ȥ ִ.

þ /www/htdocs/example.htaccess δ Ͱ ּ <Directory /www/htdocs/example> Directory δ .

/www/htdocs/example ִ .htaccess :

/www/htdocs/example ִ .htaccess

AddType text/example .exm

httpd.conf Ͽ ִ

<Directory /www/htdocs/example>
AddType text/example .exm
 </Directory>

׷ û ʰ ġ Ҷ ѹ б⶧ Ͽ ϸ .

AllowOverride þ none ϸ .htaccess .

AllowOverride None

top

 þ ϳ

.htaccess ߰ 丮 丮 丮 .htaccess Ͽ ִ þ Ѵ. ׷ 丮 .htaccess ؾ Ѵ. ߰ þ Ѵ. Ư 丮 ִ .htaccess 丮 ִ .htaccess þ ȿ ְ, 丮 ִ þ 丮 Ȥ ּϿ ִ þ ȿ ִ.

:

/www/htdocs/example1.htaccess ִ.

Options +ExecCGI

(: .htaccess Ͽ "Options" þ Ϸ "AllowOverride Options" ʿϴ.)

/www/htdocs/example1/example2.htaccess ִ.

Options Includes

ι° .htaccess Options Includes ȿ ⶧ /www/htdocs/example1/example2 丮 CGI ʴ´.

top

˱ ٷ ̰ д´ٸ ִ. ȣ Ϸ .htaccess ʿϴٴ ذ θ ִ. ̴ ƴϴ. ּ <Directory> ǿ þ δ ϴ ̰, ּ 쿡 .htaccess ؾ Ѵ. .htaccess ؾ ϴ ƾ ϴ Ͽ.

տ .htaccess ʿϴٰ Ǹ Ʒ ̴.

þ Ϸ "AllowOverride AuthConfig" ־ Ѵ.

.htaccess .

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins

þ ϱؼ AllowOverride AuthConfig þ ʿ ϶.

Ѻο ڼ ٶ.

top

Server Side Includes

Ǵٸ Ϲ .htaccess 뵵 Ư 丮 Server Side Includes ϰ ̴. ϴ 丮 .htaccess Ͽ þ ϸ ȴ.

Options +Includes
AddType text/html shtml
AddHandler server-parsed shtml

þ Ϸ AllowOverride Options AllowOverride FileInfo ʿ ϶.

server-side includes ڼ SSI 丮 ٶ.

top

CGI

.htaccess Ͽ Ư 丮 CGI α׷ ϰ ʹٸ, Ѵ.

Options +ExecCGI
AddHandler cgi-script cgi pl

Ȥ 丮 ִ CGI α׷ óϰ ʹٸ ϴ.

Options +ExecCGI
SetHandler cgi-script

þ Ϸ AllowOverride Options AllowOverride FileInfo ʿ ϶.

CGI α׷ְ ڼ CGI 丮 ٶ.

top

ذ

.htaccess Ͽ þ ϴ ʴ ִ.

Ϲ þ ϰ AllowOverride . Ǵ AllowOverride None ȮѴ. .htaccess ƹԳ ٽ Ͽ ˻غ ִ. Ȯ AllowOverride None .

ݴ Ҷ ߻ϸ ġ α׸ . Ƹ .htaccess Ͽ ִ þ ʴ´ٰ ̴. ƴϰ ִٸ ģ.

howto/index.html100644 0 0 10503 10423221150 11347 0ustar 0 0 How-To / 丮 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0

How-To / 丮

top

How-To / 丮

(authentication) ڽ ϴ Ȯϴ ̴. Ѻο(authorization) Ȥ ϴ 򵵷 ϴ ̴.

: , Ѻο,

CGI

CGI (Common Gateway Interface) CGI α׷ Ȥ CGI ũƮϰ θ, ( ) ܺ α׷ ȣۿϴ Ѵ. Ʈ ϰ ̴. ġ CGI ϴ Ұϰ, CGI α׷ ۼغ.

: CGI:

.htaccess

.htaccess Ͽ 丮 ִ. þ ִ Ư 丮 θ, 丮 丮 þ Ѵ.

: .htaccess

Server Side Includes Ұ

SSI (Server Side Includes) HTML ϴ þ, Ҷ óѴ. SSI ϸ CGI α׷̳ ٸ ü  ʰ HTML ߰ ִ.

: Server Side Includes (SSI)

ں 丮

ڰ ִ ýۿ UserDir þ ϸ ڴ ڽ Ȩ丮 ȿ Ʈ ִ. URL http://example.com/~username/ ϸ "username" Ȩ丮 UserDir þ 丮 ִ ȴ.

: 丮 (public_html)

howto/public_html.html100644 0 0 16635 10423221150 12556 0ustar 0 0 ں 丮 - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

ں 丮

ڰ ִ ýۿ UserDir þ ϸ ڴ ڽ Ȩ丮 ȿ Ʈ ִ. URL http://example.com/~username/ ϸ "username" Ȩ丮 UserDir þ 丮 ִ ȴ.

top

ں 丮

õ õ þ
top

UserDir ϰ ϱ

UserDir þ ں 丮 Ѵ. þ .

ʴ θ ϸ Ȩ丮 丮 η óѴ. , Ʒ :

UserDir public_html

URL http://example.com/~rbowen/file.html /home/rbowen/public_html/file.html Ѵ.

ϴ θ ϸ 丮 ڸ 丮 θ Ѵ. , Ʒ :

UserDir /var/html

URL http://example.com/~rbowen/file.html /var/html/rbowen/file.html Ѵ.

ǥ (*) θ ϸ ǥ ڸ ü θ Ѵ. , Ʒ :

UserDir /var/www/*/docs

URL http://example.com/~rbowen/file.html /var/www/rbowen/docs/file.html Ѵ.

top

̿ ϱ

UserDir ִ Ͽ ں 丮 ̿ ִ ڸ ִ:

UserDir enabled
UserDir disabled root jro fish

disabled 忡 ϰ ڿ 丮 Ѵ. , ڸ ϰ ִ:

UserDir disabled
UserDir enabled rbowen krietz

UserDir ִ ٸ 鵵 ϶.

top

ں cgi 丮 ϱ

ڸ cgi-bin 丮 οϷ <Directory> þ Ͽ Ȩ丮 Ư 丮 cgi ϰ .

<Directory /home/*/public_html/cgi-bin/>
Options ExecCGI
SetHandler cgi-script
</Directory>

UserDir public_html̶ ϸ, ȿ ִ cgi α׷ example.cgi ִ.

http://example.com/~rbowen/cgi-bin/example.cgi

top

ڰ ֵ

ڰ ڽ Ϸ, .htaccess ־ Ѵ. AllowOverride ڰ ִ þ ϶.  ϴ ڼ .htaccess 丮 ϶.

howto/ssi.html100644 0 0 45420 10423221150 11044 0ustar 0 0 ġ 丮: Server Side Includes Ұ - Apache HTTP Server

| þ | FAQ | | Ʈ

Apache HTTP Server Version 2.0

<-
Apache > HTTP Server > Documentation > Version 2.0 > How-To / Tutorials

ġ 丮: Server Side Includes Ұ

Server-side includes Ͽ HTML ߰ ִ.

top

Ұ

õ õ þ

SSI θ Server Side Includes Ѵ. SSI ϵ ϴ HTML ߰ϴ ⺻ SSI ҰѴ.

޺κ SSI þ ǹ ޱ Ѵ.

top

SSI ΰ?

SSI (Server Side Includes) HTML ϴ þ, Ҷ óѴ. SSI ϸ CGI α׷̳ ٸ ü  ʰ HTML ߰ ִ.

SSI ƴϸ α׷ ü κ ٽ ؾ ޷ȴ. SSI ð ߰ϴµ . ׷ Ҷ κ ؾ Ѵٸ ٸ ãƺ Ѵ.

top

SSI ϵ ϱ

SSI óϷ httpd.conf ̳ .htaccess Ͽ þ ؾ Ѵ.

Options +Includes

׷ ġ Ͽ SSI þ óѴ. Options þ ְ, þ Ἥ ȿ . ׷ þ Ǹ óϱ SSI ϴ Ư 丮 Options Ѵ.

Ͽ SSI þ óϴ ƴϴ. ġ  ó ˷ Ѵ. ΰ ִ. ϳ þ .shtml Ư Ȯڸ óϴ ̴.

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

̹ ִ SSI þ ߰ϴ SSI þ óϱ .shtml Ȯڸ οϱ⶧ ϸ ũ ؾ ϴ ̴.

ٸ XBitHack þ ϴ ̴.

XBitHack on

XBitHack ִ Ͽ SSI þ óѴ. ׷ ̹ ִ SSI þ ߰Ѵٸ ϸ ʰ chmod Ͽ ָ ȴ.

chmod +x pagename.html

ƾ ϳ. .shtml ϸ ġ .html SSI ó϶ ϴ ִ. Ƹ XBitHack 𸣴 . ̷ ϸ ġ Ͽ SSI þ Ŭ̾Ʈ Ѵٴ ̴. ſ , ƴϴ.

 ̶ ⶧ ڸ .

̿ ϱ Ʊ⶧ ġ ⺻ SSI ֱټϰ content length HTTP ʴ´. ׷ ij ϰ Ŭ̾Ʈ . ΰ ذ ִ.

  1. XBitHack Full Ѵ. ׷ ġ ϴ(include) ϵ ü û ¥ ֱټ ˾Ƴ.
  2. mod_expires ִ þ Ͽ Ͽ ϸ Ͻð ij ִ.
top

⺻ SSI þ

SSI þ .

<!--#element attribute=value attribute=value ... -->

HTML ּ ⶧ SSI ʾƵ HTML ҽ Ѵ. SSI ùٷ ϸ þ ٲ۴.

element ϳ. ȸ ڼ ̴. SSI ִ  δ

¥

<!--#echo var="DATE_LOCAL" -->

echo element ״ Ѵ. CGI α׷ ϴ ȯ溯 ܿ ǥ ִ. , set element Ͽ ִ.

¥ ʴ´ٸ, config element timefmt attribute Ѵ.

<!--#config timefmt="%A %B %d, %Y" -->
Today is <!--#echo var="DATE_LOCAL" -->

<!--#flastmod file="index.html" --> Ǿ

element timefmt ޷ȴ.

CGI α׷ ϱ

Ϲ SSI ϳ, ̵ ֿϴ ``湮 ī'' CGI α׷ Ѵ.

<!--#include virtual="/cgi-bin/counter.pl" -->

top

߰

HTML ִ  SSI .

Ǿ?

տ SSI Ͽ ڿ ֱټ ˸ ִٰ ߴ. ׷ ˷ ʾҴ. ڵ带 HTML ϸ ð . Ѵ SSI ùٷ ۵ؾ Ѵ.

<!--#config timefmt="%A %B %d, %Y" -->
<!--#flastmod file="ssi.shtml" --> Ǿ;

ssi.shtml ϴ ϸ Ѵ. ƹ ٿ ִ ڵ带 Ѵٸ, ϸ LAST_MODIFIED Ѵ.

<!--#config timefmt="%D" -->
This file last modified <!--#echo var="LAST_MODIFIED" -->

timefmt Ŀ ڼ ˻ strftime ãƺ. .

ǥ ϴ ϱ

ִ Ʈ Ѵٸ ü ϴ , Ư ǥ ܰ ϴ Ӵ.

(header) ϴ(footer) Ϸ Ͽ ̷ δ ִ. include SSI ɾ Ͽ ϴ ϳ ϸ ȴ. include element file attribute virtual attribute Ѵ. file attribute ϰδ. , (/ ϴ) ϰγ ȿ ../ . Ƹ ϴ URL ִ virtual attribute ̴. θ / , Ϸ ϴ ϰ ־ Ѵ.

<!--#include virtual="/footer.html" -->

ΰ ļ ϴ Ͽ LAST_MODIFIED þ ִ´. Ϸ Ͽ SSI þ , ̷ ٸ ϴ ִ.

top

̿ܿ ִ ?

ð config() ܿ ΰ config() ִ.

SSI þ ߸Ǹ ´

[an error occurred while processing this directive]

ϰ ʹٸ config element errmsg attribute Ͽ Ѵ.

<!--#config errmsg="[It appears that you don't know how to use SSI]" -->

Ʈ ϱ SSI þ ذϿ ڰ ̷ ʱ ٶ. (׷?)

׸ sizefmt attribute ȯϴ ũ config() ִ. Ʈ ũ⸦ ַ bytes, Kb Mb ũ⸦ ַ abbrev Ѵ.

top

ɾ ϱ

޿ CGI α׷ SSI ϴ ̴. exec element ִ ٸ ͵ ̴. SSI (Ȯ /bin/sh Win32 Ѵٸ DOS ) Ͽ ɾ Ѵ. , 丮 ش.

<pre>
<!--#exec cmd="ls" -->
</pre>

or, on Windows

<pre>
<!--#exec cmd="dir" -->
</pre>

dir ¿ ȥ ``<dir>'' ڿ Եֱ⶧,  þ ϸ ̻ ̴.

exec ±׿  ɾ ֱ⶧ ſ ϴ. ``'' ڰ ִ ȯ̶, ؼ ȵȴ. Options þ IncludesNOEXEC ƱԸƮ Ͽ SSI exec ִ.

top

SSI

ϴ ܿ ġ SSI ϰ, 񱳹 ǹ ִ.

ۿ ϴ κ ġ 1.2 ĺ ִ. , ġ 1.2 ̻ ʴ´ٸ Ƹ ׷̵ؾ Ѵ. ض. ض. ٸ ̴.

set þ Ͽ ߿ ִ. ʿϱ⶧ Ѵ. .

<!--#set var="name" value="Rich" -->

ڱ״ ʰ ȯ溯 ( , LAST_MODIFIED) ٸ Ͽ ִ. ̶ տ ޷ ǥ($) ٿ ڿ ƴ ǥѴ.

<!--#set var="modified" value="$LAST_MODIFIED" -->

޷ ڸ ״ ԷϷ ޷ ǥ տ 齽 Ѵ.

<!--#set var="cost" value="\$100" -->

ڿ ߰ ϴµ ڿ ִ ڵ Ͽ ȥǴ , ȣ  Ȯ Ѵ. ( ã , ϱ ٶ.)

<!--#set var="date" value="${DATE_LOCAL}_${DATE_GMT}" -->

ǥ

ϰ ǹ ϴ. SSI α׷־ ȴ. mod_include ǹ if, elif, else, endif Ѵ. ִ.

ǹ .

<!--#if expr="test_condition" -->
<!--#elif expr="test_condition" -->
<!--#else -->
<!--#endif -->

test_condition  񱳶 ִ. ٸ ϰų, Ư ``'' ˻Ѵ. (ڿ ̴.) 밡 ڸ , mod_include ϶. ǹ  .

Ͽ ߰Ѵ.

BrowserMatchNoCase macintosh Mac
BrowserMatchNoCase MSIE InternetExplorer

Ŭ̾Ʈ Ųÿ ϴ Internet Explorer ȯ溯 ``Mac'' ``InternetExplorer'' Ѵ.

׸ SSI ´.

<!--#if expr="${Mac} && ${InternetExplorer}" -->
⿡ ´
<!--#else -->
⿡ JavaScript ڵ尡 ´
<!--#endif -->

Ų IE ݰ ִ ƴϴ. ֿ ٸ JavaScript ڵ尡 Ų IE ʾƼ ð ߴ. ӽ ذå̴.

( Ͽ Ϲ ȯ溯̰)  ǹ ִ. ƶġ SetEnvIf ٸ þ ȯ溯 ֱ⶧ CGI ̵ ִ.

top

SSI Ȯ CGI ϴ ٸ ü . ׷ ߰ ۾ ߰ϱ⿡ Ǹ ̴.

images/custom_errordocs.gif100644 0 0 55373 10423220662 13567 0ustar 0 0 GIF87aqqquuuQQ}}0ee릦00eeeϚ eA4E]vHsfqIWh]Wu% ~߈jbyy&`b2Ҩxb}(6&hH.`!UH!qbױ[VX-އ͘a:Fj 07mr䟀$  tMhxӕFN}ZniH`ga(9rwgy$;w'5ycܠ6sJ٢5ڔֵE,&ݬ[ Xvlٞ 緶k.dr.ܻaHXz驦jb+RJg)n"bʊ-A6{WrN6n99a^9l@Qdž:j=e)*'%+cZHtqr21usORcJĵ_'-¥k3W-mfDr#i4x \~wF8S\5ocRBm5l7A褗n:Tꬷ.n/o'7?4WogK/}x_ro Hn/t+:0|5%CY3Ds6(]qpDE(La=<&"^HA317TX""aȮ J:'i8 wxDEAObŨ+JъX' p)3*Bka&~pF76…"qFˑe#q̤&-a:«xL`8HAVi4# i?fQiL*YZf|e kMx%[qk,wiKJ(Cf.UIGiZ 4sJJ"2461..6nN];SzS @9IjQ&ѶO5)Ȑ%Ei䗓T~鉕w3"&H=oz{f/h&Dm]G  Ab. EaOcL<] // XwkJz eSy~X^]cMNhOlc򔐯d4tA%0?i璌v|~fP)$<܀*_9[͋Th' $#^4fmN2'o㲗6)^4*ȻiV8Re򙣺/^^C}OWOa5NxhsgZSo;]Vc&r*.m{{ڥzwsmOʮ6zampC59wO[ցf;u?ֵ7{UbW_򠏡ѽp*:p:' ٥RۥGJVkSˤ$;IɵTژT]ٶڜa˶kˮ-[( lY5kUY\98&dmgSZCF H[zvkD1DqIyZ`C%)0VKɹ[xˆo0r[E>0  ;˲{N{Zp\ ⳼ 'Y蛾껖a{%pHн[5ۿ<\| <f.i~]>9ٔw=;o璎|e东Иm ͤ^Zj>/问.6땾נu^빞f>^y.rL]W[b닞dٱrޞN~*nnNb>Zٝ]89־>n ~tϤϾc,>N.an  o.B*؂>>4oMO8=_~do<3B{D/ܬK)^`2("zj^Z/ >~nʶ̩n(n3 rߕ:ez.U[ZxĭvFHž[_ܷnq¿,cȟ">KŮƏ>Oj#Րڼ?Yw~pP<ڦm/^D-܀@Xhx)9IY)xY  :0 *@jZ @`{[kk+ (H,lHiܬL25!6E+`# X JLC@aK璎 sḇzN 0EAhy +Ђ%7%Dlzwx (P%#P$ 9Dt0lf:N0 LAE.â4( 8x 668O# vKAetWLLF,"/ȫ ",\:6 6sGp#؀RH_EyQR`18.C5;R$;^ p$U'@ 7zVpA;Sn%Z?/>o51$cJl"(BqR"h,bqZ"0qb,#h4qjl#F%^rK(B mKW2״;} Ą0֘IN@ p@ҤЄ"=x0jʻ6[8*?ϯ㥺SQѬ.&'9{3<cMn"O1Ż"5N}^w뿭nvKdBSe-,M,t̞<8"cʟ$׌%DThY9c=pyml+m2dj"ocs+sB. eyszmd5IT"4ݘ1qP!bN$wK|?d1BX{97xT#e#iR.&h[ncJrTޒAlkiЪB]tpjBZP06u&zpT}S2yTZ(Yӹ3]ÓP8%?9jC.o/eG9ynol 0/OAvz[}C}8iT,q"@uE޾ZؼV^7`}ܮe ܇׃Bn)wx>&UnE++,2Lq9GoAВJ@x|80jI`GV:)Et2{wV|6fi?brXdr W{ 5^u$O HpIpIG 9'~goS`tr7>2ZYO;s YM{PFi8PSq ;W{"t\Xmc X*cl"ŵ6h[ZHVsasLJ[:uO\Ule WmG@ͤxR2%0W!sR7S>S .j<b:һke"x f L < \ GD`JT\Iq~MЛ{+J娥@e hOD0RyhYlφL<ϒp( bH/ 9> pŜj l c 3[J# 6$[ah}#}% ))-0 lU +$=ҤWbJh{.?ܭli@"]! $\ϑ]٘}ّmֵ!1;DMƀt~qFXUJOp-2n[!p#}s!aYP֍ٌؐm!mcc ^/]ܟT`!ciEC=ZC@P4Ң {T'ËG:7x7ݨ.P"-#j&B"=΍_}ԭ }} ^m180r 2c(9-/Cx$"P0Rޅ?:L m->0#{%L'jٓFN\@>Kn?0 2S#P= N@(02+t<L kĥdWغ=yQM& Gbm- mB=݂a=_a V7GcP`W^:1 ):}ThO0ԊIpl9^,.,ǭ[!@UuHOFSr]07*гX&7-ЯT"9!BJ羠M 9?K-D)tЇ@)j0e&`QUMiT۫8GnWY[].=ٵ ҐQ~5C,$#GcKḙ9A@cнAA!yƊhQ;ie`*[єim٪ Q[ ~$D "s!w9O"o UQ"[| %%䉠dFRF2e+DaVG\%R\uF2% 6`_sSWTI7 6TW f(&I=\ O xuJ}j]D(-5%[JLA &$$F)TV)K4Fe( I4&!%(!:T*"Jxwkm hѵ9ld$nS;5֐G.tDX x Ⱥ,&`+P$E?{jZ 4JNdG8'|T,jcݠa I ^~@O-9"Bv:: */,҆CLV9ƖGA:AtP"p` NH(l`j`>,(R FqjD0I v{ϒ%؏w]n^@-EIŻؗH"/: ʶ6 =Vd1$'f^h>Aop ߑibؗy4Îw6 =!4 BrÐ@#{4aINB H`+[=eᗊv['\3~$ၔ$Y,<^Gfҗ/2@B(9 fbp"z 2Y:UbH3K"pC)P)E|\(nZJBxu3HAy sL`#3L2l ,ъn&!).R0A.eJҚ M`@NqS66DbC3xQ4N#/ թj*|ewyL@VQHaPŪV*թ5ij1*cb5a=k\Vժ~+4VenUjk^ ׶5y`RRMjf7kYVvVlbVhU+lh+ eݐ6CgJ ХB]j׼:xqױ*s;\.׹׍nu>=kw{] w煮vɫz{IP_9!8K^ĝ݁zpr֯ʷ+a׾0x^ 6 {9Ķ80~FAk]حZJlc|aU%q?\ WT}d"p̒οE}T}fu>.+2]dx0WB gA_nLir5j>wv2}O3ٱ\}1|k:͕jWznto%c]kra=PƥkcXUž~UmVTW{SV'v[Wm;N,QmbAraZi#6vhe͎R,C5e0'>Ye2pCNX\@DeZ*.//!)Rc7m@{fեAOҗΗb6ӧN) %akV^p ~~Ȁi Nc= _CeJu~@x} 4M?l㉟'{ҔO6OzL0uxϽz>;qlVkk1r#O>mUc ڒbX(]?v۬\ʹYX0gwqwcG%`g1~[? t{tU=f IFsEacG} FL&(`IjLE]rX8 [fg}/(rPqr4C?kq^&rG5O;8TNpU8SmƆPfNWX%7Ȁq l榁(m&\jov_`1'kEXUdV%ennKm0hH8vnFnq8PQO堁Y փllzFl>k5XvBk"g/vjf\<fs{dȨj(_Ɗ/v`gx\h`vokVo;fZunnFg1X Vق8uww8U6oPeDvhf}tY)jF(iEedfdθ`lEE]ܸhƓ?9k&H֒>?I!ix6b&HW4r=dVׄ+ i EdkƖBɌVVȌijhl\4vƇޖo扠joƈٖhVTUXؙoV*fmaIj}m6f^)mfؘАZO2¹~QuNP 9p#jv2{p)t㉝{yg{@ΗybG~l4GBT|44m4w{YSz5Rc*ͩudTנHM#/|5ᩡ$Z}6p7)~W.J}yyܷx/z0gf U~CyԢ8Z9ThNzjYMV{H{:89y^y' `dz|Y `9Vjz:i8 zO';<7{x*y~2k 5Qc1[!Â%7Đ?hrY @qdiדW9u{T?x+:rו8OU׆_{ST}؎t0սؖlajӥG٢ ٢upZr:ڬH vۮOZ*۸]Df-9b} :ȍ5} WC=ݝ^~ >"^$~&^v}w yz6. {07yn=D@8 'J6u8*Dg-\L>]qdT~w8y}1{~ev= z ?]{`ťn|Iqݡ}G$PLW='HܛK ȯy&MnD%V%We8xNWR(q j`;j) }f^D묎󆎽]e೮V9n`VCr>j^@]\eXhlniԶhZoɨugҎѐ]WckMƹ;bkv`Q+gnƨ9{,Qs ڎS,g, --k$2m7iuk$<|)=S.w@@R_D 4wAᇁ 4CdW {@rPe`/c 783MM<պq dR$0CK70PN 0\X\Pet!`G )m' W`@f/ 'b_SP|oΐ 8YߊX vvfk4$miw)n,4R;b$`HAFzHغ͈yqc01cxkۑw#g}LH[g,- 8WX'S2/fދo IKjPD aC +rt HT ǁE`NhD–wX$ưm8Cqo}KEi4dlʌ8׹'N& t{1&K 4Gpbw #lD.ntc JXVClOފᜤ@*2 (|p0 _,:nP52Z:Ԋt .gё ]#BD/lE4;@ym {06}Vwܘ͈[G{ងu.!|䮷mmi޶ߺԨ&օ#Őkf[e[;l$׷;^}W[淫A.n|]m5o9^}|wnqNu{2w?5+='~süZ~nc~3zsw~s.{WW[C"%0oqtGy~z'z\{|t>'.7u!wxMWzwzhxxW|(7'yGxr xn#|zu$Xur0S{RvPr+vg}ta6uDcce'.LI( BU(j'p`_X(ciN((PhjdkH?$l(sindgt{HefД|(HdZ*.ԅ@?F舲Hanlx։au灔^GnHv ˷,Ln_д tȏ_wEwV xN'{2(,(y,׀;i'pg(u-"q鑛rƁ1 uǒ/1x>t6y3HMKɔMݸQV; 6l~&x.|9(twxAɐ[g'9ӗr*x7we&y`)}n)|tok(cɒyI{mcIi'H瀆}m)׏1NPi3J!L# e858=iWؚ/xtrs޷g٘I¹iZwnȩ[uɔiyZfhgjΈzLԙr)"9~K(xyFm)gY &ڠڌy889MɝOIv@llfkss jIꘂY|l}X)v93*Zj飻7mZ}WK8!ڝ#jdQ̡d~h {#Gqpס3)yvs{mZtzsz"Y;؜ʧ}CxǧExz&1|wgpʖ:i~H ʝVfPcF iJt9r.z8HjY!GJʪ2:YI*y uCِګi+un/J !efH ![i'隙b@Xj`xjgeJZ*$ڔkl}V*zZrv°aJHf lm\fl)_ "󰋘!v|v9ұKOQ%GGJ H1PZN^[Y v;, A{p_ukзK;b˷0j[l?K:wk[kkRֳ.LX*!px [Kۻ_]k \yK[ۼ[+dkʻy ˛˻QEH(ʯ0_3P˻ 뼉[ ܿ ]K̫ݛ |۽̹ʾ} [-+!G ̛O8ɶ ґ ҳkdcд5m79;=? A-CMEm 59;㾝.,Vm4}IMO?!= [].H^ʽaNenea %A娀p oN0'y p}2  %gNcnRm  @u>0NNvpn ~! SEN+.Ǯ6> .0>܎pM. .LFpn0ľilܜ.p>ܦ =nNz*?.1/3OrO@#۱N@(/@L]U0F$'F`aoy13kR~ 柮nM(~ )=OY.F P.ihj$;?Nܱ~|MQoV` fݓ//oO5oۅ 0绿 /P@_܈o ?T_[o ̔գ밍*\ȰX%GuE < Fdf XR7YX@`Nr%z<Ǩ_EH LʴӧPJYG`AfL8,d'hOBHY)mn,J:QҘ'ԤK+^̸cUGi b=", gh>;Sop^+`Oʝ>Nx۸sYR݇Y.]Nμ {X8ȕ^6Ë/L~{oßOOk(h& 6^QD(VhfvΣ׹ug(ԹC",(4h#+.<@)DiH&L6PFN/hXfm`)T]ih'<p)tix|矀*蠄j衈&袌6裐YΤVj饘f馜v駠*ꨤjꩨꪬ꫰*무;images/custom_errordocs.png100644 0 0 54573 10423220662 13607 0ustar 0 0 PNG  IHDRWsRGBgAMA a cHRMz&u0`:pQ<PLTEqqquuuQQ}}0ee릦00eeeϚ eA4/z^ vه%.)2[p+sk)\I QcRpm9uj A|х | ǔ5Hsk] ),EaWH|gp"3m&vJiդ-VyFµJwceѤZUAǞ-I2]=;1@M-zƺYSEኻz̽>!2_px8^‰w›6vrp$QC93PKþߗJY fEHZf dk,k S@0"qetJJ[;4UČCt, khmsP!V[Yd@حIV5N*L逅HpMiyRI kG$ڡJEMpMIW@%V3xN+yCC*:IHwMp]'t\HpTfa 8Jp]MtV1pFn j,{"b?W^ \e@F* `tE 0 ɤ0,͂ڨ|1P𲜲1%\yp["[Ee+(%q-x~)_M\,+[b*>ڷG>,>'@< h9VA2O]*? \<\ '>5 W* ы9yRԠm%S̮q%j>4.UQno#Nkg' VcQX>;dE' mґ 7NQ P]J[eQU@ "Z{aC=N*=4&);Co! ]b\iCusX [>At WdnLQzZ `VE~p{7ǮP e: \yv0}zB-)C"Q 5bt(J &>)&kmbD"JA ww7?ΰk2@+SIY ip5[TfP_ ?Y̓W]KZ*jRȰ|Ep-i. u,N6׻w1N;˰δR\I? aڠ_-1續Jµ(R>3DG%A{J*I\C>>J );@_]82fHۥz \i0*@MZ2\3TN*t5*a)0 F(uBentB|~+\W|k2P~Nl}ek{hą"uGrJ"&#"*e8uMm])r2ЊҧBH`*Zsլln| v7sp- $T1Bn \Y# tl**d]A{ڕ3IX;XpM@[oW\ߒ,68\nY<(TI ]`S@\ԛ$J%I,\vE䩜3J "C6]+&@ŵe];%upݸ5/.w{$ pZ L*:݋K,̝t+R i3 ..8=h8bmՙe͢uczs5m%9)x\]*ό"2s:jl c*uFfǭVMc ặ f'Ʋ+4[x%X y5QL W7myp)КA]`skéno =uf "a:}o=$V| Նfnʀl/Sg `{[ 12rxv;T-l̽T 7 MF橉ĝ9Z.2bk+Vf{ e&$'Bre yzf \yEjj4KfM!O2 e`mYW8`kY;l>O&]x_X[نȴL -M ;^- o KAC\KF3n-f)NŠrIXꮪzcCjFRX:~X:"AK* 7*SrAe:yK\#, l{޾]LԀ@Exvj 㸸5Z#hTi[" XWo D;. R. A4K`{:~Ke M:El|p͔U7epu˳P@ 1)EzY`F_+4@bw$3#L$)Y{XC? Ŕuq-5cpͬb ؂] 5YӘDȹY2."2 Ϯj5-]u}6@6*Zk'v}=g/Jo=+lv(r C͠'+"v4..F+*iʓv hyԄf< C DB^i\eWVC5hM'sZES CWdF-k6ݵ]K.jD+^;WS/<î5ZvfW j3Zp-)k%~] fV(jJ.]! 5k2V-R%c (@6d}ؒ1t fJeT !v[+?L* #Z]`q0G%q1[>J%c:EmqY;.(/p5DCool׾2GV"ktv 5S^[gIe=Z>0nqs 8I<2_\a,+NܰP^H'[lE[T*N4Ab y ƶ 赍lL슫 Ͼk!V DrHiT+Mv-g_'lUZ] q+Lcص;n1&W%U)vĭbGkr6Nt]Żkr mucڷ U`*/4vMn1ڧ0y`/|Wv-|HG}0TS;[yq璀UVEQ:S n1mܸNxpT??G6vW=n1Dڼf-= ]~O]ỳdK2y琀~OQ;(RFY,\ŘC)j r52ONǧ_GgOµn1xJp dmiIOسӳi,\c٦KubV`%r9, ;kfka'b4.0-^ϹD#@旧_2@X=GF5`׎ŘC)jx>|oTN޿<.1(#dq4\qu?yzz~8: LG'ç@Cu 9ꝢvRhicXwwA9Ygcx : lՕ-4bDF}'N&?e(ZSPK,sX\͒*V, o( cv& aLQa~zx?<<<:<bٵn1p$:IÏ'6x*Q^AYdx㓣1miڿMʲ<||p 83]8[t&,^F zъjH!kbj1\@gpp4:{`6V'^dX)vG _RѳSkF0O0>;tP  "m W7@|+VO@hص[ ~V^ukzwuuuc0[hwEY4A[eau®@]=#X7W}fgaax=?XrD.nP-qIn1VH˩Рwx>&v~y `}wuputWZ ]ǰzh|Xe][4jro7̭ث0+&]O 0tYcгmQ7owdkvvBz+ LJʧ6~%I'i-I4qt t( Q577nDΫ4গ/>bkSbt$)wq?o3\spv=9:| *_t=PI&3Dث&/'0opw 슊*`, $I;~9y1AF[^^¨Q8APNZ3Ԟho&mNnZZt}E?@c/?g0fu,ؠ 2 Wf@9h$["%/^xy tWW$WXAP=_he h/:Q2_Mvp<~h 3鰷Zc'lr P,_N.x)܊+G` Xq@o:P]yɀ`5VV`-Ppޟ<yZ++ގe `Ń-p1<z5mph= J7-%Q>+.t"⶗C[xzUǐbm.ګEBU>AvX;+Tp&@b6#Me81Jo!uЖ{պZ^6!eAU`B0F-m:++ R0_zxVb6c=e{EЅ$ &dspt5tכhADKBI#RUFozu+ރ*b-.O \WOLe{B G ZvlhZs&hYH1't%#-}X +?ң2hGF] פ ])`` c,"WH@|1\O׼p+w xobbt-+'.iiJ%}֫)" &-CEkqrVc%8EoX~+ V衖]y LW@PH8ڢ1>Xњ4Z)l@k}vtEAeq)&82(_4vR ? X"TY v4AMݕv*^%_M@gf}*B&*?]lT\IuRK4Wje =ƅXW]qn1(EFHVH8E+ݤVV+*(أ"bj`12mzJn@Uaup}jqj3ZiȪ`u.p!X@[ W$Jxm{}skJWx!j`#u.b˚nB@`@ZѺk}<]E.vA]x(`WƊNIWY5XK]J{Tp:,-њ$cϺ똭#h]ŰlJBʣjĮ+Yvtc4׺je'xG`]8غF ¹s6?6[ F 8ncT4+ 2KV]$ߒC l8{bZ-똟cVbMW% ,5tP_uQwE5`k^\PcH/99tQSVKOȍMʯ[aͶ,n{Z]Ϯq=ccWт"4:ԺX *+V| @,Hxed(kxvh H]7Cy UgɂW_-K 0b+dWPdE#]E5MHMn1fhu2ACbW<@WkbF*nvT_>+|F5X'5S38fsl gm(\>vX@xv18/:GuP˺tYik3\l)f dcq#g&dX+ N1FX u*]%*К}V:"eM6,M Z 0q9Xb][ftS*ɘP]Bx]w2^ X?AݕC+ˮ--F)zy:U(X o`ؼ:B  ;-SwpMn1lUKoEy8⸟[:2SX}m\ܰ ZﮆH҇[8+-|m>_oTJv}:Mz4(WDj3bXB Lwtr:U bbx|&qG#@,ZE 0ђQxf,5Sj dY5ŘMW8d3P_ me^+ސBCC`"\]iarhjTt+h  Tg l'/Gތ ?`\odg&s1wS;\ Ex6{ mW I!P5-FG= fR< ӧ0 `Mbt>g,WL;`0Lگ bkws1gSJM/B r{x!P-)<,jM `D)`hvQib)sX8%})[d |O`J. p 0ĂC$ WcmWn:W:q{Ζ^4籖N0OMĔG_>aWB%77OO#pFmٕq e@?7޿4ߡRhNtYR%K[EC&51Y.Vڠ%/rE;X&ć秨\]!~IZ]ň7op&b/W࿂ч&,R:a QGzd3g0:0mίw0!k4w[sF+pE봨Jf}3HP A3ü㠬jaݕyYWw߀/"zJq۲<NZWVj? g= >+p)>N|Rȹ$RkyXFݪ+ BX:%.H3kn16hڥqXaƆ}(+3o'g'p*Zc"iu%0`*=piy+E^-ԁbd)P\E 75SI`N"$"G#?0}ao6F|],lJ\"2jc0}-#ʊkk{ߏeGӏ >¦hC@KF+W p:Bd ,m텴A-~5l,\!+ŘAW;gDȮ8{p9.AH X~&FgovU+[zvBGj@] Bh^0FH  Oh,;bsnEfbhu :yVXzH<@+:`9b#*dNi](+/fMn1 Ȏ)R&G]clJ `WB$ʞ.Td6RҫNꮪft4 dmU ::??=ECM ZzxE`rt=F`=0G8z  uU7Y,sm4\[UXVX~iuD :, F~8BsBwRAً+V\Q`p][Ŗ e +`Q?:z5V {FЧ=ĥN (HUuE۳ W*Nh9zŭܬ ۑWV%@e >B\Y3@ibuof Յb",gs}۱p][[sʼ zX'h::?9 8 Y<`K K ,XE[mьkvшR"+`WTX<u_ q:Npo]ê!+ `_x \[ەsʽ \q kXp B[Xbt>yYQ0kmX^ʀ[ǐ^1I$enky.)nVpBE4s34jl}千PA,rsܽA QJ*A:ۘ[^Y34탉YD&^lJSLIąC 0J6WײЦ=״Ne)69]10lmv'ny r\,[ MsքR WX ע⋌8lw?1 ^[[ q^ 0\..2S*CMc3)A |_% -YøMP / hI@Tⲹ_ƴ)utim\"tvYSi5/-𯿾;ҽWAtO[H~ pރLZ^YL?J/vsQ=B8D[L) }2CFrTĢ W?til S+N&.^wY'* [Z Sgro5o%II3 Sipa/] czźM#+a õ[ Oš KtQ_;H2kM2_ 6}brs% dy PWYK,#lճX7ؼT:bh4lyL!f@mwAǬh@ 2*6D??U5ܬjT#jk>uصr7A@aMvݳݕ)t7ͣ#c0/ge4 сmr*{[UBʽ)RF]*Z-E<cgo@Z`ȩskIMOAn!;ҹt,lArY&8 3AB*sĚN2 pI~-ɭQe~XY?3:uQfةխy/bUH+ 6cZy4+lH#][e4Gcؕ v'Ib5Ũ!t`c Ү#8krQG)$0~vr0kI`K6n~[WÙGk"aL*h~w% Ov&:c [Et Tچ!sUk-]rq. Ut*\VZBʞE@%T W/