Merge ~ahasenack/ubuntu/+source/apache2:artful-includeoptional-1766186 into ubuntu/+source/apache2:ubuntu/artful-devel

Proposed by Andreas Hasenack on 2018-06-07
Status: Merged
Approved by:  Christian Ehrhardt  on 2018-06-11
Approved revision: 5be7414420ffe6fe3802f27569625c7d5bab0484
Merge reported by: Andreas Hasenack
Merged at revision: 5be7414420ffe6fe3802f27569625c7d5bab0484
Proposed branch: ~ahasenack/ubuntu/+source/apache2:artful-includeoptional-1766186
Merge into: ubuntu/+source/apache2:ubuntu/artful-devel
Diff against target: 422128 lines (+413842/-0)
1365 files modified
debian/changelog (+8/-0)
debian/patches/includeoptional-ignore-non-existent.patch (+61/-0)
debian/patches/series (+1/-0)
docs/manual/style/latex/atbeginend.sty (+80/-0)
docs/manual/style/manualpage.dtd (+29/-0)
docs/manual/style/modulesynopsis.dtd (+77/-0)
docs/manual/style/scripts/MINIFY (+5/-0)
docs/manual/style/scripts/prettify.js (+1622/-0)
docs/manual/style/scripts/prettify.min.js (+123/-0)
docs/manual/style/sitemap.dtd (+42/-0)
docs/manual/style/version.ent (+24/-0)
docs/manual/suexec.html (+21/-0)
docs/manual/suexec.html.en (+643/-0)
docs/manual/suexec.html.fr (+689/-0)
docs/manual/suexec.html.ja.utf8 (+643/-0)
docs/manual/suexec.html.ko.euc-kr (+564/-0)
docs/manual/suexec.html.tr.utf8 (+583/-0)
docs/manual/upgrading.html (+9/-0)
docs/manual/upgrading.html.en (+530/-0)
docs/manual/upgrading.html.fr (+589/-0)
docs/manual/urlmapping.html (+21/-0)
docs/manual/urlmapping.html.en (+379/-0)
docs/manual/urlmapping.html.fr (+402/-0)
docs/manual/urlmapping.html.ja.utf8 (+318/-0)
docs/manual/urlmapping.html.ko.euc-kr (+277/-0)
docs/manual/urlmapping.html.tr.utf8 (+365/-0)
docs/manual/vhosts/details.html (+17/-0)
docs/manual/vhosts/details.html.en (+348/-0)
docs/manual/vhosts/details.html.fr (+369/-0)
docs/manual/vhosts/details.html.ko.euc-kr (+412/-0)
docs/manual/vhosts/details.html.tr.utf8 (+319/-0)
docs/manual/vhosts/examples.html (+21/-0)
docs/manual/vhosts/examples.html.en (+566/-0)
docs/manual/vhosts/examples.html.fr (+586/-0)
docs/manual/vhosts/examples.html.ja.utf8 (+680/-0)
docs/manual/vhosts/examples.html.ko.euc-kr (+657/-0)
docs/manual/vhosts/examples.html.tr.utf8 (+562/-0)
docs/manual/vhosts/fd-limits.html (+21/-0)
docs/manual/vhosts/fd-limits.html.en (+155/-0)
docs/manual/vhosts/fd-limits.html.fr (+167/-0)
docs/manual/vhosts/fd-limits.html.ja.utf8 (+157/-0)
docs/manual/vhosts/fd-limits.html.ko.euc-kr (+152/-0)
docs/manual/vhosts/fd-limits.html.tr.utf8 (+150/-0)
docs/manual/vhosts/index.html (+29/-0)
docs/manual/vhosts/index.html.de (+124/-0)
docs/manual/vhosts/index.html.en (+126/-0)
docs/manual/vhosts/index.html.fr (+127/-0)
docs/manual/vhosts/index.html.ja.utf8 (+120/-0)
docs/manual/vhosts/index.html.ko.euc-kr (+119/-0)
docs/manual/vhosts/index.html.tr.utf8 (+123/-0)
docs/manual/vhosts/index.html.zh-cn.utf8 (+105/-0)
docs/manual/vhosts/ip-based.html (+21/-0)
docs/manual/vhosts/ip-based.html.en (+210/-0)
docs/manual/vhosts/ip-based.html.fr (+213/-0)
docs/manual/vhosts/ip-based.html.ja.utf8 (+190/-0)
docs/manual/vhosts/ip-based.html.ko.euc-kr (+180/-0)
docs/manual/vhosts/ip-based.html.tr.utf8 (+211/-0)
docs/manual/vhosts/mass.html (+17/-0)
docs/manual/vhosts/mass.html.en (+337/-0)
docs/manual/vhosts/mass.html.fr (+352/-0)
docs/manual/vhosts/mass.html.ko.euc-kr (+453/-0)
docs/manual/vhosts/mass.html.tr.utf8 (+324/-0)
docs/manual/vhosts/name-based.html (+25/-0)
docs/manual/vhosts/name-based.html.de (+299/-0)
docs/manual/vhosts/name-based.html.en (+224/-0)
docs/manual/vhosts/name-based.html.fr (+267/-0)
docs/manual/vhosts/name-based.html.ja.utf8 (+303/-0)
docs/manual/vhosts/name-based.html.ko.euc-kr (+266/-0)
docs/manual/vhosts/name-based.html.tr.utf8 (+238/-0)
docs/server-status/README.md (+40/-0)
docs/server-status/server-status.lua (+1901/-0)
emacs-style (+12/-0)
httpd.dep (+68/-0)
httpd.dsp (+111/-0)
httpd.mak (+344/-0)
httpd.spec (+506/-0)
include/.indent.pro (+54/-0)
include/ap_compat.h (+30/-0)
include/ap_config.h (+206/-0)
include/ap_config_auto.h.in (+298/-0)
include/ap_config_layout.h.in (+64/-0)
include/ap_expr.h (+353/-0)
include/ap_hooks.h (+162/-0)
include/ap_listen.h (+163/-0)
include/ap_mmn.h (+538/-0)
include/ap_mpm.h (+235/-0)
include/ap_provider.h (+100/-0)
include/ap_regex.h (+248/-0)
include/ap_regkey.h (+219/-0)
include/ap_release.h (+83/-0)
include/ap_slotmem.h (+199/-0)
include/ap_socache.h (+230/-0)
include/apache_noprobes.h (+344/-0)
include/heartbeat.h (+60/-0)
include/http_config.h (+1379/-0)
include/http_connection.h (+168/-0)
include/http_core.h (+1049/-0)
include/http_log.h (+836/-0)
include/http_main.h (+88/-0)
include/http_protocol.h (+1021/-0)
include/http_request.h (+630/-0)
include/http_vhost.h (+119/-0)
include/httpd.h (+2403/-0)
include/mod_auth.h (+141/-0)
include/mod_core.h (+103/-0)
include/mod_request.h (+64/-0)
include/mpm_common.h (+470/-0)
include/scoreboard.h (+244/-0)
include/util_cfgtree.h (+98/-0)
include/util_charset.h (+72/-0)
include/util_cookies.h (+146/-0)
include/util_ebcdic.h (+92/-0)
include/util_fcgi.h (+280/-0)
include/util_filter.h (+639/-0)
include/util_ldap.h (+398/-0)
include/util_md5.h (+72/-0)
include/util_mutex.h (+223/-0)
include/util_script.h (+233/-0)
include/util_time.h (+117/-0)
include/util_varbuf.h (+197/-0)
include/util_xml.h (+51/-0)
libhttpd.dep (+2421/-0)
libhttpd.dsp (+813/-0)
libhttpd.mak (+1325/-0)
modules/Makefile.in (+6/-0)
modules/NWGNUmakefile (+121/-0)
modules/README (+67/-0)
modules/aaa/.indent.pro (+54/-0)
modules/aaa/Makefile.in (+3/-0)
modules/aaa/NWGNUaccesscompat (+248/-0)
modules/aaa/NWGNUallowmethods (+248/-0)
modules/aaa/NWGNUauthbasc (+248/-0)
modules/aaa/NWGNUauthdigt (+248/-0)
modules/aaa/NWGNUauthform (+250/-0)
modules/aaa/NWGNUauthnano (+248/-0)
modules/aaa/NWGNUauthndbd (+249/-0)
modules/aaa/NWGNUauthndbm (+248/-0)
modules/aaa/NWGNUauthnfil (+248/-0)
modules/aaa/NWGNUauthnsocache (+248/-0)
modules/aaa/NWGNUauthnzldap (+264/-0)
modules/aaa/NWGNUauthzdbd (+249/-0)
modules/aaa/NWGNUauthzdbm (+248/-0)
modules/aaa/NWGNUauthzgrp (+247/-0)
modules/aaa/NWGNUauthzusr (+247/-0)
modules/aaa/NWGNUmakefile (+270/-0)
modules/aaa/config.m4 (+84/-0)
modules/aaa/mod_access_compat.c (+374/-0)
modules/aaa/mod_access_compat.dep (+59/-0)
modules/aaa/mod_access_compat.dsp (+111/-0)
modules/aaa/mod_access_compat.mak (+353/-0)
modules/aaa/mod_allowmethods.c (+158/-0)
modules/aaa/mod_allowmethods.dep (+56/-0)
modules/aaa/mod_allowmethods.dsp (+111/-0)
modules/aaa/mod_allowmethods.mak (+353/-0)
modules/aaa/mod_auth_basic.c (+512/-0)
modules/aaa/mod_auth_basic.dep (+63/-0)
modules/aaa/mod_auth_basic.dsp (+111/-0)
modules/aaa/mod_auth_basic.mak (+353/-0)
modules/aaa/mod_auth_digest.c (+2115/-0)
modules/aaa/mod_auth_digest.dep (+68/-0)
modules/aaa/mod_auth_digest.dsp (+111/-0)
modules/aaa/mod_auth_digest.mak (+353/-0)
modules/aaa/mod_auth_form.c (+1333/-0)
modules/aaa/mod_auth_form.dep (+66/-0)
modules/aaa/mod_auth_form.dsp (+111/-0)
modules/aaa/mod_auth_form.mak (+353/-0)
modules/aaa/mod_authn_anon.c (+215/-0)
modules/aaa/mod_authn_anon.dep (+58/-0)
modules/aaa/mod_authn_anon.dsp (+111/-0)
modules/aaa/mod_authn_anon.mak (+381/-0)
modules/aaa/mod_authn_core.c (+386/-0)
modules/aaa/mod_authn_core.dep (+58/-0)
modules/aaa/mod_authn_core.dsp (+111/-0)
modules/aaa/mod_authn_core.mak (+381/-0)
modules/aaa/mod_authn_dbd.c (+309/-0)
modules/aaa/mod_authn_dbd.dep (+56/-0)
modules/aaa/mod_authn_dbd.dsp (+115/-0)
modules/aaa/mod_authn_dbd.mak (+409/-0)
modules/aaa/mod_authn_dbm.c (+208/-0)
modules/aaa/mod_authn_dbm.dep (+61/-0)
modules/aaa/mod_authn_dbm.dsp (+111/-0)
modules/aaa/mod_authn_dbm.mak (+381/-0)
modules/aaa/mod_authn_file.c (+194/-0)
modules/aaa/mod_authn_file.dep (+60/-0)
modules/aaa/mod_authn_file.dsp (+111/-0)
modules/aaa/mod_authn_file.mak (+381/-0)
modules/aaa/mod_authn_socache.c (+475/-0)
modules/aaa/mod_authn_socache.dep (+62/-0)
modules/aaa/mod_authn_socache.dsp (+111/-0)
modules/aaa/mod_authn_socache.mak (+353/-0)
modules/aaa/mod_authnz_fcgi.c (+1363/-0)
modules/aaa/mod_authnz_fcgi.dep (+61/-0)
modules/aaa/mod_authnz_fcgi.dsp (+119/-0)
modules/aaa/mod_authnz_fcgi.mak (+353/-0)
modules/aaa/mod_authnz_ldap.c (+1958/-0)
modules/aaa/mod_authnz_ldap.dep (+70/-0)
modules/aaa/mod_authnz_ldap.dsp (+111/-0)
modules/aaa/mod_authnz_ldap.mak (+381/-0)
modules/aaa/mod_authz_core.c (+1164/-0)
modules/aaa/mod_authz_core.dep (+60/-0)
modules/aaa/mod_authz_core.dsp (+111/-0)
modules/aaa/mod_authz_core.mak (+381/-0)
modules/aaa/mod_authz_dbd.c (+403/-0)
modules/aaa/mod_authz_dbd.dep (+61/-0)
modules/aaa/mod_authz_dbd.dsp (+119/-0)
modules/aaa/mod_authz_dbd.h (+44/-0)
modules/aaa/mod_authz_dbd.mak (+409/-0)
modules/aaa/mod_authz_dbm.c (+336/-0)
modules/aaa/mod_authz_dbm.dep (+62/-0)
modules/aaa/mod_authz_dbm.dsp (+111/-0)
modules/aaa/mod_authz_dbm.mak (+381/-0)
modules/aaa/mod_authz_groupfile.c (+331/-0)
modules/aaa/mod_authz_groupfile.dep (+61/-0)
modules/aaa/mod_authz_groupfile.dsp (+111/-0)
modules/aaa/mod_authz_groupfile.mak (+381/-0)
modules/aaa/mod_authz_host.c (+389/-0)
modules/aaa/mod_authz_host.dep (+60/-0)
modules/aaa/mod_authz_host.dsp (+111/-0)
modules/aaa/mod_authz_host.mak (+381/-0)
modules/aaa/mod_authz_owner.c (+189/-0)
modules/aaa/mod_authz_owner.dep (+59/-0)
modules/aaa/mod_authz_owner.dsp (+111/-0)
modules/aaa/mod_authz_owner.h (+27/-0)
modules/aaa/mod_authz_owner.mak (+381/-0)
modules/aaa/mod_authz_user.c (+146/-0)
modules/aaa/mod_authz_user.dep (+58/-0)
modules/aaa/mod_authz_user.dsp (+111/-0)
modules/aaa/mod_authz_user.mak (+381/-0)
modules/arch/netware/libprews.c (+79/-0)
modules/arch/netware/mod_netware.c (+206/-0)
modules/arch/netware/mod_nw_ssl.c (+1285/-0)
modules/arch/unix/Makefile.in (+3/-0)
modules/arch/unix/config5.m4 (+24/-0)
modules/arch/unix/mod_privileges.c (+588/-0)
modules/arch/unix/mod_unixd.c (+426/-0)
modules/arch/unix/mod_unixd.h (+41/-0)
modules/arch/win32/Makefile.in (+3/-0)
modules/arch/win32/config.m4 (+9/-0)
modules/arch/win32/mod_isapi.c (+1727/-0)
modules/arch/win32/mod_isapi.dep (+61/-0)
modules/arch/win32/mod_isapi.dsp (+115/-0)
modules/arch/win32/mod_isapi.h (+271/-0)
modules/arch/win32/mod_isapi.mak (+353/-0)
modules/arch/win32/mod_win32.c (+563/-0)
modules/cache/.indent.pro (+54/-0)
modules/cache/Makefile.in (+3/-0)
modules/cache/NWGNUcach_dsk (+262/-0)
modules/cache/NWGNUcach_socache (+263/-0)
modules/cache/NWGNUmakefile (+250/-0)
modules/cache/NWGNUmod_cach (+265/-0)
modules/cache/NWGNUsocachdbm (+261/-0)
modules/cache/NWGNUsocachmem (+261/-0)
modules/cache/NWGNUsocachshmcb (+261/-0)
modules/cache/cache_common.h (+56/-0)
modules/cache/cache_disk_common.h (+68/-0)
modules/cache/cache_socache_common.h (+57/-0)
modules/cache/cache_storage.c (+791/-0)
modules/cache/cache_storage.h (+76/-0)
modules/cache/cache_util.c (+1344/-0)
modules/cache/cache_util.h (+341/-0)
modules/cache/config.m4 (+142/-0)
modules/cache/mod_cache.c (+2717/-0)
modules/cache/mod_cache.dep (+194/-0)
modules/cache/mod_cache.dsp (+131/-0)
modules/cache/mod_cache.h (+192/-0)
modules/cache/mod_cache.mak (+370/-0)
modules/cache/mod_cache_disk.c (+1584/-0)
modules/cache/mod_cache_disk.dep (+59/-0)
modules/cache/mod_cache_disk.dsp (+115/-0)
modules/cache/mod_cache_disk.h (+91/-0)
modules/cache/mod_cache_disk.mak (+381/-0)
modules/cache/mod_cache_socache.c (+1542/-0)
modules/cache/mod_cache_socache.dep (+67/-0)
modules/cache/mod_cache_socache.dsp (+115/-0)
modules/cache/mod_cache_socache.mak (+381/-0)
modules/cache/mod_file_cache.c (+414/-0)
modules/cache/mod_file_cache.dep (+56/-0)
modules/cache/mod_file_cache.dsp (+111/-0)
modules/cache/mod_file_cache.exp (+1/-0)
modules/cache/mod_file_cache.mak (+353/-0)
modules/cache/mod_socache_dbm.c (+595/-0)
modules/cache/mod_socache_dbm.dep (+60/-0)
modules/cache/mod_socache_dbm.dsp (+111/-0)
modules/cache/mod_socache_dbm.mak (+353/-0)
modules/cache/mod_socache_dc.c (+198/-0)
modules/cache/mod_socache_dc.dep (+55/-0)
modules/cache/mod_socache_dc.dsp (+111/-0)
modules/cache/mod_socache_dc.mak (+353/-0)
modules/cache/mod_socache_memcache.c (+431/-0)
modules/cache/mod_socache_memcache.dep (+59/-0)
modules/cache/mod_socache_memcache.dsp (+111/-0)
modules/cache/mod_socache_memcache.mak (+353/-0)
modules/cache/mod_socache_shmcb.c (+1072/-0)
modules/cache/mod_socache_shmcb.dep (+56/-0)
modules/cache/mod_socache_shmcb.dsp (+111/-0)
modules/cache/mod_socache_shmcb.mak (+353/-0)
modules/cluster/Makefile.in (+3/-0)
modules/cluster/NWGNUmakefile (+246/-0)
modules/cluster/NWGNUmodheartbeat (+257/-0)
modules/cluster/NWGNUmodheartmonitor (+257/-0)
modules/cluster/README.heartbeat (+33/-0)
modules/cluster/README.heartmonitor (+30/-0)
modules/cluster/config5.m4 (+17/-0)
modules/cluster/mod_heartbeat.c (+228/-0)
modules/cluster/mod_heartbeat.dep (+55/-0)
modules/cluster/mod_heartbeat.dsp (+123/-0)
modules/cluster/mod_heartbeat.mak (+380/-0)
modules/cluster/mod_heartmonitor.c (+918/-0)
modules/cluster/mod_heartmonitor.dep (+63/-0)
modules/cluster/mod_heartmonitor.dsp (+123/-0)
modules/cluster/mod_heartmonitor.mak (+380/-0)
modules/config7.m4 (+56/-0)
modules/core/Makefile.in (+3/-0)
modules/core/NWGNUmakefile (+257/-0)
modules/core/config.m4 (+60/-0)
modules/core/mod_macro.c (+955/-0)
modules/core/mod_macro.dep (+45/-0)
modules/core/mod_macro.dsp (+111/-0)
modules/core/mod_macro.mak (+353/-0)
modules/core/mod_so.c (+442/-0)
modules/core/mod_so.h (+38/-0)
modules/core/mod_watchdog.c (+719/-0)
modules/core/mod_watchdog.dep (+59/-0)
modules/core/mod_watchdog.dsp (+115/-0)
modules/core/mod_watchdog.h (+213/-0)
modules/core/mod_watchdog.mak (+353/-0)
modules/core/test/Makefile (+67/-0)
modules/core/test/conf/inc63_1.conf (+5/-0)
modules/core/test/conf/inc63_2.conf (+3/-0)
modules/core/test/conf/test01.conf (+3/-0)
modules/core/test/conf/test02.conf (+3/-0)
modules/core/test/conf/test03.conf (+5/-0)
modules/core/test/conf/test04.conf (+5/-0)
modules/core/test/conf/test05.conf (+5/-0)
modules/core/test/conf/test06.conf (+6/-0)
modules/core/test/conf/test07.conf (+3/-0)
modules/core/test/conf/test08.conf (+3/-0)
modules/core/test/conf/test09.conf (+6/-0)
modules/core/test/conf/test10.conf (+10/-0)
modules/core/test/conf/test11.conf (+15/-0)
modules/core/test/conf/test12.conf (+12/-0)
modules/core/test/conf/test13.conf (+18/-0)
modules/core/test/conf/test14.conf (+23/-0)
modules/core/test/conf/test15.conf (+9/-0)
modules/core/test/conf/test16.conf (+11/-0)
modules/core/test/conf/test17.conf (+10/-0)
modules/core/test/conf/test18.conf (+10/-0)
modules/core/test/conf/test19.conf (+26/-0)
modules/core/test/conf/test20.conf (+11/-0)
modules/core/test/conf/test21.conf (+11/-0)
modules/core/test/conf/test22.conf (+11/-0)
modules/core/test/conf/test23.conf (+15/-0)
modules/core/test/conf/test24.conf (+23/-0)
modules/core/test/conf/test25.conf (+27/-0)
modules/core/test/conf/test26.conf (+19/-0)
modules/core/test/conf/test27.conf (+22/-0)
modules/core/test/conf/test28.conf (+13/-0)
modules/core/test/conf/test29.conf (+10/-0)
modules/core/test/conf/test30.conf (+12/-0)
modules/core/test/conf/test31.conf (+16/-0)
modules/core/test/conf/test32.conf (+7/-0)
modules/core/test/conf/test33.conf (+3/-0)
modules/core/test/conf/test34.conf (+14/-0)
modules/core/test/conf/test35.conf (+10/-0)
modules/core/test/conf/test36.conf (+12/-0)
modules/core/test/conf/test37.conf (+7/-0)
modules/core/test/conf/test38.conf (+10/-0)
modules/core/test/conf/test39.conf (+23/-0)
modules/core/test/conf/test40.conf (+33/-0)
modules/core/test/conf/test41.conf (+20/-0)
modules/core/test/conf/test42.conf (+13/-0)
modules/core/test/conf/test43.conf (+29/-0)
modules/core/test/conf/test44.conf (+19/-0)
modules/core/test/conf/test45.conf (+7/-0)
modules/core/test/conf/test46.conf (+11/-0)
modules/core/test/conf/test47.conf (+15/-0)
modules/core/test/conf/test48.conf (+23/-0)
modules/core/test/conf/test49.conf (+2/-0)
modules/core/test/conf/test50.conf (+5/-0)
modules/core/test/conf/test51.conf (+9/-0)
modules/core/test/conf/test52.conf (+8/-0)
modules/core/test/conf/test53.conf (+2/-0)
modules/core/test/conf/test54.conf (+6/-0)
modules/core/test/conf/test55.conf (+11/-0)
modules/core/test/conf/test56.conf (+18/-0)
modules/core/test/conf/test57.conf (+4/-0)
modules/core/test/conf/test58.conf (+4/-0)
modules/core/test/conf/test59.conf (+4/-0)
modules/core/test/conf/test60.conf (+17/-0)
modules/core/test/conf/test61.conf (+18/-0)
modules/core/test/conf/test62.conf (+25/-0)
modules/core/test/conf/test63.conf (+9/-0)
modules/core/test/conf/test64.conf (+5/-0)
modules/core/test/conf/test65.conf (+11/-0)
modules/core/test/conf/test66.conf (+7/-0)
modules/core/test/conf/test67.conf (+1/-0)
modules/core/test/conf/test68.conf (+5/-0)
modules/core/test/conf/test69.conf (+14/-0)
modules/core/test/ref/test01.out (+3/-0)
modules/core/test/ref/test02.out (+3/-0)
modules/core/test/ref/test03.out (+3/-0)
modules/core/test/ref/test04.out (+3/-0)
modules/core/test/ref/test05.out (+3/-0)
modules/core/test/ref/test06.out (+3/-0)
modules/core/test/ref/test07.out (+3/-0)
modules/core/test/ref/test08.out (+3/-0)
modules/core/test/ref/test09.out (+3/-0)
modules/core/test/ref/test10.out (+3/-0)
modules/core/test/ref/test11.out (+6/-0)
modules/core/test/ref/test12.out (+7/-0)
modules/core/test/ref/test13.out (+8/-0)
modules/core/test/ref/test14.out (+14/-0)
modules/core/test/ref/test15.out (+6/-0)
modules/core/test/ref/test16.out (+5/-0)
modules/core/test/ref/test17.out (+7/-0)
modules/core/test/ref/test18.out (+7/-0)
modules/core/test/ref/test19.out (+9/-0)
modules/core/test/ref/test20.out (+4/-0)
modules/core/test/ref/test21.out (+5/-0)
modules/core/test/ref/test22.out (+6/-0)
modules/core/test/ref/test23.out (+7/-0)
modules/core/test/ref/test24.out (+8/-0)
modules/core/test/ref/test25.out (+9/-0)
modules/core/test/ref/test26.out (+11/-0)
modules/core/test/ref/test27.out (+8/-0)
modules/core/test/ref/test28.out (+6/-0)
modules/core/test/ref/test29.out (+4/-0)
modules/core/test/ref/test30.out (+7/-0)
modules/core/test/ref/test31.out (+23/-0)
modules/core/test/ref/test32.out (+3/-0)
modules/core/test/ref/test33.out (+3/-0)
modules/core/test/ref/test34.out (+13/-0)
modules/core/test/ref/test35.out (+13/-0)
modules/core/test/ref/test36.out (+20/-0)
modules/core/test/ref/test37.out (+3/-0)
modules/core/test/ref/test38.out (+6/-0)
modules/core/test/ref/test39.out (+7/-0)
modules/core/test/ref/test40.out (+18/-0)
modules/core/test/ref/test41.out (+9/-0)
modules/core/test/ref/test42.out (+15/-0)
modules/core/test/ref/test43.out (+8/-0)
modules/core/test/ref/test44.out (+5/-0)
modules/core/test/ref/test45.out (+19/-0)
modules/core/test/ref/test46.out (+9/-0)
modules/core/test/ref/test47.out (+8/-0)
modules/core/test/ref/test48.out (+20/-0)
modules/core/test/ref/test49.out (+3/-0)
modules/core/test/ref/test50.out (+3/-0)
modules/core/test/ref/test51.out (+3/-0)
modules/core/test/ref/test52.out (+6/-0)
modules/core/test/ref/test53.out (+3/-0)
modules/core/test/ref/test54.out (+6/-0)
modules/core/test/ref/test55.out (+8/-0)
modules/core/test/ref/test56.out (+12/-0)
modules/core/test/ref/test57.out (+3/-0)
modules/core/test/ref/test58.out (+3/-0)
modules/core/test/ref/test59.out (+3/-0)
modules/core/test/ref/test60.out (+15/-0)
modules/core/test/ref/test61.out (+9/-0)
modules/core/test/ref/test62.out (+15/-0)
modules/core/test/ref/test63.out (+10/-0)
modules/core/test/ref/test64.out (+7/-0)
modules/core/test/ref/test65.out (+7/-0)
modules/core/test/ref/test66.out (+7/-0)
modules/core/test/ref/test67.out (+5/-0)
modules/core/test/ref/test68.out (+6/-0)
modules/core/test/ref/test69.out (+10/-0)
modules/database/Makefile.in (+3/-0)
modules/database/NWGNUmakefile (+262/-0)
modules/database/config.m4 (+8/-0)
modules/database/mod_dbd.c (+992/-0)
modules/database/mod_dbd.dep (+58/-0)
modules/database/mod_dbd.dsp (+115/-0)
modules/database/mod_dbd.h (+123/-0)
modules/database/mod_dbd.mak (+353/-0)
modules/dav/fs/Makefile.in (+3/-0)
modules/dav/fs/NWGNUmakefile (+269/-0)
modules/dav/fs/config6.m4 (+23/-0)
modules/dav/fs/dbm.c (+771/-0)
modules/dav/fs/lock.c (+1445/-0)
modules/dav/fs/mod_dav_fs.c (+108/-0)
modules/dav/fs/mod_dav_fs.dep (+203/-0)
modules/dav/fs/mod_dav_fs.dsp (+135/-0)
modules/dav/fs/mod_dav_fs.mak (+407/-0)
modules/dav/fs/repos.c (+2254/-0)
modules/dav/fs/repos.h (+84/-0)
modules/dav/lock/Makefile.in (+3/-0)
modules/dav/lock/NWGNUmakefile (+259/-0)
modules/dav/lock/config6.m4 (+17/-0)
modules/dav/lock/locks.c (+1211/-0)
modules/dav/lock/locks.h (+33/-0)
modules/dav/lock/mod_dav_lock.c (+104/-0)
modules/dav/lock/mod_dav_lock.dep (+100/-0)
modules/dav/lock/mod_dav_lock.dsp (+127/-0)
modules/dav/lock/mod_dav_lock.mak (+389/-0)
modules/dav/main/Makefile.in (+3/-0)
modules/dav/main/NWGNUmakefile (+268/-0)
modules/dav/main/config5.m4 (+21/-0)
modules/dav/main/liveprop.c (+140/-0)
modules/dav/main/mod_dav.c (+4953/-0)
modules/dav/main/mod_dav.dep (+354/-0)
modules/dav/main/mod_dav.dsp (+147/-0)
modules/dav/main/mod_dav.h (+2553/-0)
modules/dav/main/mod_dav.mak (+406/-0)
modules/dav/main/props.c (+1125/-0)
modules/dav/main/providers.c (+58/-0)
modules/dav/main/std_liveprop.c (+226/-0)
modules/dav/main/util.c (+2152/-0)
modules/dav/main/util_lock.c (+798/-0)
modules/debugging/Makefile.in (+3/-0)
modules/debugging/NWGNUmakefile (+246/-0)
modules/debugging/NWGNUmodbucketeer (+248/-0)
modules/debugging/NWGNUmoddumpio (+248/-0)
modules/debugging/README (+1/-0)
modules/debugging/config.m4 (+7/-0)
modules/debugging/mod_bucketeer.c (+187/-0)
modules/debugging/mod_bucketeer.dep (+53/-0)
modules/debugging/mod_bucketeer.dsp (+111/-0)
modules/debugging/mod_bucketeer.mak (+353/-0)
modules/debugging/mod_dumpio.c (+250/-0)
modules/debugging/mod_dumpio.dep (+50/-0)
modules/debugging/mod_dumpio.dsp (+111/-0)
modules/debugging/mod_dumpio.mak (+353/-0)
modules/echo/.indent.pro (+54/-0)
modules/echo/Makefile.in (+3/-0)
modules/echo/NWGNUmakefile (+257/-0)
modules/echo/config.m4 (+9/-0)
modules/echo/mod_echo.c (+218/-0)
modules/echo/mod_echo.dep (+56/-0)
modules/echo/mod_echo.dsp (+111/-0)
modules/echo/mod_echo.mak (+353/-0)
modules/examples/Makefile.in (+3/-0)
modules/examples/NWGNUcase_flt (+256/-0)
modules/examples/NWGNUcase_flt_in (+256/-0)
modules/examples/NWGNUexample_hooks (+257/-0)
modules/examples/NWGNUexample_ipc (+257/-0)
modules/examples/NWGNUmakefile (+257/-0)
modules/examples/README (+54/-0)
modules/examples/config.m4 (+9/-0)
modules/examples/mod_case_filter.c (+139/-0)
modules/examples/mod_case_filter.dep (+46/-0)
modules/examples/mod_case_filter.dsp (+111/-0)
modules/examples/mod_case_filter.mak (+353/-0)
modules/examples/mod_case_filter_in.c (+160/-0)
modules/examples/mod_case_filter_in.dep (+46/-0)
modules/examples/mod_case_filter_in.dsp (+111/-0)
modules/examples/mod_case_filter_in.mak (+353/-0)
modules/examples/mod_example_hooks.c (+1534/-0)
modules/examples/mod_example_hooks.dep (+62/-0)
modules/examples/mod_example_hooks.dsp (+111/-0)
modules/examples/mod_example_hooks.mak (+353/-0)
modules/examples/mod_example_ipc.c (+356/-0)
modules/examples/mod_example_ipc.dep (+56/-0)
modules/examples/mod_example_ipc.dsp (+111/-0)
modules/examples/mod_example_ipc.mak (+353/-0)
modules/experimental/.indent.pro (+54/-0)
modules/experimental/Makefile.in (+3/-0)
modules/experimental/NWGNUmakefile (+253/-0)
modules/experimental/config.m4 (+4/-0)
modules/filters/.indent.pro (+54/-0)
modules/filters/Makefile.in (+3/-0)
modules/filters/NWGNUcharsetl (+257/-0)
modules/filters/NWGNUdeflate (+279/-0)
modules/filters/NWGNUextfiltr (+248/-0)
modules/filters/NWGNUmakefile (+273/-0)
modules/filters/NWGNUmod_data (+248/-0)
modules/filters/NWGNUmod_filter (+248/-0)
modules/filters/NWGNUmod_request (+248/-0)
modules/filters/NWGNUmodbuffer (+256/-0)
modules/filters/NWGNUmodsed (+259/-0)
modules/filters/NWGNUproxyhtml (+261/-0)
modules/filters/NWGNUratelimit (+256/-0)
modules/filters/NWGNUreflector (+256/-0)
modules/filters/NWGNUreqtimeout (+256/-0)
modules/filters/NWGNUsubstitute (+256/-0)
modules/filters/NWGNUxml2enc (+258/-0)
modules/filters/config.m4 (+197/-0)
modules/filters/libsed.h (+172/-0)
modules/filters/mod_brotli.c (+592/-0)
modules/filters/mod_brotli.dep (+45/-0)
modules/filters/mod_brotli.dsp (+111/-0)
modules/filters/mod_brotli.mak (+353/-0)
modules/filters/mod_buffer.c (+353/-0)
modules/filters/mod_buffer.dep (+48/-0)
modules/filters/mod_buffer.dsp (+111/-0)
modules/filters/mod_buffer.mak (+353/-0)
modules/filters/mod_charset_lite.c (+1142/-0)
modules/filters/mod_charset_lite.dep (+60/-0)
modules/filters/mod_charset_lite.dsp (+111/-0)
modules/filters/mod_charset_lite.exp (+1/-0)
modules/filters/mod_charset_lite.mak (+353/-0)
modules/filters/mod_data.c (+255/-0)
modules/filters/mod_data.dep (+55/-0)
modules/filters/mod_data.dsp (+111/-0)
modules/filters/mod_data.mak (+353/-0)
modules/filters/mod_deflate.c (+1912/-0)
modules/filters/mod_deflate.dep (+52/-0)
modules/filters/mod_deflate.dsp (+111/-0)
modules/filters/mod_deflate.exp (+1/-0)
modules/filters/mod_deflate.mak (+353/-0)
modules/filters/mod_ext_filter.c (+956/-0)
modules/filters/mod_ext_filter.dep (+58/-0)
modules/filters/mod_ext_filter.dsp (+111/-0)
modules/filters/mod_ext_filter.exp (+1/-0)
modules/filters/mod_ext_filter.mak (+353/-0)
modules/filters/mod_filter.c (+767/-0)
modules/filters/mod_filter.dep (+50/-0)
modules/filters/mod_filter.dsp (+111/-0)
modules/filters/mod_filter.mak (+353/-0)
modules/filters/mod_include.c (+4236/-0)
modules/filters/mod_include.dep (+63/-0)
modules/filters/mod_include.dsp (+115/-0)
modules/filters/mod_include.exp (+1/-0)
modules/filters/mod_include.h (+120/-0)
modules/filters/mod_include.mak (+353/-0)
modules/filters/mod_proxy_html.c (+1281/-0)
modules/filters/mod_proxy_html.dep (+58/-0)
modules/filters/mod_proxy_html.dsp (+123/-0)
modules/filters/mod_proxy_html.mak (+352/-0)
modules/filters/mod_ratelimit.c (+356/-0)
modules/filters/mod_ratelimit.dep (+45/-0)
modules/filters/mod_ratelimit.dsp (+115/-0)
modules/filters/mod_ratelimit.h (+51/-0)
modules/filters/mod_ratelimit.mak (+353/-0)
modules/filters/mod_reflector.c (+226/-0)
modules/filters/mod_reflector.dep (+57/-0)
modules/filters/mod_reflector.dsp (+111/-0)
modules/filters/mod_reflector.mak (+353/-0)
modules/filters/mod_reqtimeout.c (+657/-0)
modules/filters/mod_reqtimeout.dep (+58/-0)
modules/filters/mod_reqtimeout.dsp (+111/-0)
modules/filters/mod_reqtimeout.mak (+353/-0)
modules/filters/mod_request.c (+397/-0)
modules/filters/mod_request.dep (+55/-0)
modules/filters/mod_request.dsp (+115/-0)
modules/filters/mod_request.mak (+353/-0)
modules/filters/mod_sed.c (+537/-0)
modules/filters/mod_sed.dep (+109/-0)
modules/filters/mod_sed.dsp (+135/-0)
modules/filters/mod_sed.mak (+380/-0)
modules/filters/mod_substitute.c (+730/-0)
modules/filters/mod_substitute.dep (+53/-0)
modules/filters/mod_substitute.dsp (+111/-0)
modules/filters/mod_substitute.mak (+353/-0)
modules/filters/mod_xml2enc.c (+631/-0)
modules/filters/mod_xml2enc.dep (+54/-0)
modules/filters/mod_xml2enc.dsp (+123/-0)
modules/filters/mod_xml2enc.h (+55/-0)
modules/filters/mod_xml2enc.mak (+352/-0)
modules/filters/regexp.c (+599/-0)
modules/filters/regexp.h (+112/-0)
modules/filters/sed.h (+61/-0)
modules/filters/sed0.c (+1026/-0)
modules/filters/sed1.c (+1020/-0)
modules/generators/.indent.pro (+54/-0)
modules/generators/Makefile.in (+3/-0)
modules/generators/NWGNUautoindex (+249/-0)
modules/generators/NWGNUinfo (+248/-0)
modules/generators/NWGNUmakefile (+249/-0)
modules/generators/NWGNUmod_asis (+249/-0)
modules/generators/NWGNUmod_cgi (+249/-0)
modules/generators/NWGNUstatus (+248/-0)
modules/generators/config5.m4 (+81/-0)
modules/generators/mod_asis.c (+128/-0)
modules/generators/mod_asis.dep (+56/-0)
modules/generators/mod_asis.dsp (+111/-0)
modules/generators/mod_asis.exp (+1/-0)
modules/generators/mod_asis.mak (+353/-0)
modules/generators/mod_autoindex.c (+2348/-0)
modules/generators/mod_autoindex.dep (+61/-0)
modules/generators/mod_autoindex.dsp (+111/-0)
modules/generators/mod_autoindex.exp (+1/-0)
modules/generators/mod_autoindex.mak (+353/-0)
modules/generators/mod_cgi.c (+1286/-0)
modules/generators/mod_cgi.dep (+64/-0)
modules/generators/mod_cgi.dsp (+115/-0)
modules/generators/mod_cgi.exp (+1/-0)
modules/generators/mod_cgi.h (+67/-0)
modules/generators/mod_cgi.mak (+353/-0)
modules/generators/mod_cgid.c (+1985/-0)
modules/generators/mod_cgid.exp (+1/-0)
modules/generators/mod_info.c (+1011/-0)
modules/generators/mod_info.dep (+66/-0)
modules/generators/mod_info.dsp (+111/-0)
modules/generators/mod_info.exp (+1/-0)
modules/generators/mod_info.mak (+353/-0)
modules/generators/mod_status.c (+1014/-0)
modules/generators/mod_status.dep (+60/-0)
modules/generators/mod_status.dsp (+111/-0)
modules/generators/mod_status.exp (+1/-0)
modules/generators/mod_status.h (+64/-0)
modules/generators/mod_status.mak (+353/-0)
modules/generators/mod_suexec.c (+139/-0)
modules/generators/mod_suexec.h (+33/-0)
modules/http/.indent.pro (+54/-0)
modules/http/Makefile.in (+3/-0)
modules/http/byterange_filter.c (+611/-0)
modules/http/chunk_filter.c (+196/-0)
modules/http/config.m4 (+20/-0)
modules/http/http_core.c (+328/-0)
modules/http/http_etag.c (+220/-0)
modules/http/http_filters.c (+1907/-0)
modules/http/http_protocol.c (+1690/-0)
modules/http/http_request.c (+836/-0)
modules/http/mod_mime.c (+1026/-0)
modules/http/mod_mime.dep (+55/-0)
modules/http/mod_mime.dsp (+111/-0)
modules/http/mod_mime.exp (+1/-0)
modules/http/mod_mime.mak (+353/-0)
modules/http2/.gitignore (+35/-0)
modules/http2/Makefile.in (+20/-0)
modules/http2/NWGNUmakefile (+246/-0)
modules/http2/NWGNUmod_http2 (+395/-0)
modules/http2/NWGNUproxyht2 (+288/-0)
modules/http2/README.h2 (+70/-0)
modules/http2/config2.m4 (+229/-0)
modules/http2/h2.h (+160/-0)
modules/http2/h2_alt_svc.c (+130/-0)
modules/http2/h2_alt_svc.h (+39/-0)
modules/http2/h2_bucket_beam.c (+1279/-0)
modules/http2/h2_bucket_beam.h (+416/-0)
modules/http2/h2_bucket_eos.c (+111/-0)
modules/http2/h2_bucket_eos.h (+31/-0)
modules/http2/h2_config.c (+677/-0)
modules/http2/h2_config.h (+103/-0)
modules/http2/h2_conn.c (+366/-0)
modules/http2/h2_conn.h (+76/-0)
modules/http2/h2_conn_io.c (+388/-0)
modules/http2/h2_conn_io.h (+76/-0)
modules/http2/h2_ctx.c (+120/-0)
modules/http2/h2_ctx.h (+77/-0)
modules/http2/h2_filter.c (+560/-0)
modules/http2/h2_filter.h (+72/-0)
modules/http2/h2_from_h1.c (+862/-0)
modules/http2/h2_from_h1.h (+49/-0)
modules/http2/h2_h2.c (+765/-0)
modules/http2/h2_h2.h (+78/-0)
modules/http2/h2_headers.c (+177/-0)
modules/http2/h2_headers.h (+76/-0)
modules/http2/h2_mplx.c (+1281/-0)
modules/http2/h2_mplx.h (+329/-0)
modules/http2/h2_ngn_shed.c (+391/-0)
modules/http2/h2_ngn_shed.h (+78/-0)
modules/http2/h2_private.h (+27/-0)
modules/http2/h2_proxy_session.c (+1583/-0)
modules/http2/h2_proxy_session.h (+127/-0)
modules/http2/h2_proxy_util.c (+1336/-0)
modules/http2/h2_proxy_util.h (+255/-0)
modules/http2/h2_push.c (+1059/-0)
modules/http2/h2_push.h (+118/-0)
modules/http2/h2_request.c (+337/-0)
modules/http2/h2_request.h (+47/-0)
modules/http2/h2_session.c (+2288/-0)
modules/http2/h2_session.h (+224/-0)
modules/http2/h2_stream.c (+1073/-0)
modules/http2/h2_stream.h (+314/-0)
modules/http2/h2_switch.c (+194/-0)
modules/http2/h2_switch.h (+29/-0)
modules/http2/h2_task.c (+750/-0)
modules/http2/h2_task.h (+126/-0)
modules/http2/h2_util.c (+2049/-0)
modules/http2/h2_util.h (+552/-0)
modules/http2/h2_version.h (+40/-0)
modules/http2/h2_workers.c (+369/-0)
modules/http2/h2_workers.h (+82/-0)
modules/http2/mod_http2.c (+383/-0)
modules/http2/mod_http2.dep (+1433/-0)
modules/http2/mod_http2.dsp (+195/-0)
modules/http2/mod_http2.h (+95/-0)
modules/http2/mod_http2.mak (+542/-0)
modules/http2/mod_proxy_http2.c (+670/-0)
modules/http2/mod_proxy_http2.dep (+208/-0)
modules/http2/mod_proxy_http2.dsp (+119/-0)
modules/http2/mod_proxy_http2.h (+20/-0)
modules/http2/mod_proxy_http2.mak (+427/-0)
modules/ldap/Makefile.in (+3/-0)
modules/ldap/NWGNUmakefile (+264/-0)
modules/ldap/README.ldap (+47/-0)
modules/ldap/config.m4 (+25/-0)
modules/ldap/mod_ldap.dep (+192/-0)
modules/ldap/mod_ldap.dsp (+127/-0)
modules/ldap/mod_ldap.mak (+371/-0)
modules/ldap/util_ldap.c (+3222/-0)
modules/ldap/util_ldap_cache.c (+464/-0)
modules/ldap/util_ldap_cache.h (+204/-0)
modules/ldap/util_ldap_cache_mgr.c (+882/-0)
modules/loggers/.indent.pro (+54/-0)
modules/loggers/Makefile.in (+3/-0)
modules/loggers/NWGNUforensic (+258/-0)
modules/loggers/NWGNUlogdebug (+258/-0)
modules/loggers/NWGNUmakefile (+247/-0)
modules/loggers/NWGNUmodlogio (+258/-0)
modules/loggers/config.m4 (+20/-0)
modules/loggers/mod_log_config.c (+1858/-0)
modules/loggers/mod_log_config.dep (+62/-0)
modules/loggers/mod_log_config.dsp (+111/-0)
modules/loggers/mod_log_config.exp (+1/-0)
modules/loggers/mod_log_config.h (+74/-0)
modules/loggers/mod_log_config.mak (+353/-0)
modules/loggers/mod_log_debug.c (+287/-0)
modules/loggers/mod_log_debug.dep (+54/-0)
modules/loggers/mod_log_debug.dsp (+111/-0)
modules/loggers/mod_log_debug.mak (+325/-0)
modules/loggers/mod_log_forensic.c (+289/-0)
modules/loggers/mod_log_forensic.dep (+53/-0)
modules/loggers/mod_log_forensic.dsp (+111/-0)
modules/loggers/mod_log_forensic.exp (+1/-0)
modules/loggers/mod_log_forensic.mak (+353/-0)
modules/loggers/mod_logio.c (+284/-0)
modules/loggers/mod_logio.dep (+59/-0)
modules/loggers/mod_logio.dsp (+111/-0)
modules/loggers/mod_logio.mak (+353/-0)
modules/lua/Makefile.in (+3/-0)
modules/lua/NWGNUmakefile (+287/-0)
modules/lua/README (+54/-0)
modules/lua/config.m4 (+113/-0)
modules/lua/docs/README (+12/-0)
modules/lua/docs/basic-configuration.txt (+141/-0)
modules/lua/docs/building-from-subversion.txt (+72/-0)
modules/lua/docs/running-developer-tests.txt (+16/-0)
modules/lua/docs/writing-handlers.txt (+49/-0)
modules/lua/lua_apr.c (+104/-0)
modules/lua/lua_apr.h (+36/-0)
modules/lua/lua_config.c (+277/-0)
modules/lua/lua_config.h (+31/-0)
modules/lua/lua_dbd.c (+843/-0)
modules/lua/lua_dbd.h (+66/-0)
modules/lua/lua_passwd.c (+178/-0)
modules/lua/lua_passwd.h (+90/-0)
modules/lua/lua_request.c (+3024/-0)
modules/lua/lua_request.h (+58/-0)
modules/lua/lua_vmprep.c (+551/-0)
modules/lua/lua_vmprep.h (+147/-0)
modules/lua/mod_lua.c (+2174/-0)
modules/lua/mod_lua.dep (+418/-0)
modules/lua/mod_lua.dsp (+163/-0)
modules/lua/mod_lua.h (+177/-0)
modules/lua/mod_lua.mak (+407/-0)
modules/lua/test/helpers.lua (+36/-0)
modules/lua/test/htdocs/config_tests.lua (+37/-0)
modules/lua/test/htdocs/filters.lua (+7/-0)
modules/lua/test/htdocs/find_me.txt (+1/-0)
modules/lua/test/htdocs/headers.lua (+6/-0)
modules/lua/test/htdocs/hooks.lua (+29/-0)
modules/lua/test/htdocs/other.lua (+21/-0)
modules/lua/test/htdocs/simple.lua (+4/-0)
modules/lua/test/htdocs/test.lua (+129/-0)
modules/lua/test/lib/kangaroo.lua (+19/-0)
modules/lua/test/moonunit.lua (+52/-0)
modules/lua/test/test.lua (+126/-0)
modules/lua/test/test_httpd.conf (+31/-0)
modules/mappers/.indent.pro (+54/-0)
modules/mappers/Makefile.in (+3/-0)
modules/mappers/NWGNUactions (+248/-0)
modules/mappers/NWGNUimagemap (+249/-0)
modules/mappers/NWGNUmakefile (+250/-0)
modules/mappers/NWGNUrewrite (+250/-0)
modules/mappers/NWGNUspeling (+248/-0)
modules/mappers/NWGNUuserdir (+249/-0)
modules/mappers/NWGNUvhost (+249/-0)
modules/mappers/config9.m4 (+19/-0)
modules/mappers/mod_actions.c (+230/-0)
modules/mappers/mod_actions.dep (+58/-0)
modules/mappers/mod_actions.dsp (+111/-0)
modules/mappers/mod_actions.exp (+1/-0)
modules/mappers/mod_actions.mak (+353/-0)
modules/mappers/mod_alias.c (+726/-0)
modules/mappers/mod_alias.dep (+51/-0)
modules/mappers/mod_alias.dsp (+111/-0)
modules/mappers/mod_alias.exp (+1/-0)
modules/mappers/mod_alias.mak (+353/-0)
modules/mappers/mod_dir.c (+417/-0)
modules/mappers/mod_dir.dep (+60/-0)
modules/mappers/mod_dir.dsp (+111/-0)
modules/mappers/mod_dir.exp (+1/-0)
modules/mappers/mod_dir.mak (+353/-0)
modules/mappers/mod_imagemap.c (+897/-0)
modules/mappers/mod_imagemap.dep (+60/-0)
modules/mappers/mod_imagemap.dsp (+111/-0)
modules/mappers/mod_imagemap.exp (+1/-0)
modules/mappers/mod_imagemap.mak (+353/-0)
modules/mappers/mod_negotiation.c (+3228/-0)
modules/mappers/mod_negotiation.dep (+58/-0)
modules/mappers/mod_negotiation.dsp (+111/-0)
modules/mappers/mod_negotiation.exp (+1/-0)
modules/mappers/mod_negotiation.mak (+353/-0)
modules/mappers/mod_rewrite.c (+5312/-0)
modules/mappers/mod_rewrite.dep (+65/-0)
modules/mappers/mod_rewrite.dsp (+111/-0)
modules/mappers/mod_rewrite.exp (+1/-0)
modules/mappers/mod_rewrite.h (+42/-0)
modules/mappers/mod_rewrite.mak (+353/-0)
modules/mappers/mod_speling.c (+533/-0)
modules/mappers/mod_speling.dep (+51/-0)
modules/mappers/mod_speling.dsp (+111/-0)
modules/mappers/mod_speling.exp (+1/-0)
modules/mappers/mod_speling.mak (+353/-0)
modules/mappers/mod_userdir.c (+390/-0)
modules/mappers/mod_userdir.dep (+46/-0)
modules/mappers/mod_userdir.dsp (+111/-0)
modules/mappers/mod_userdir.exp (+1/-0)
modules/mappers/mod_userdir.mak (+353/-0)
modules/mappers/mod_vhost_alias.c (+457/-0)
modules/mappers/mod_vhost_alias.dep (+50/-0)
modules/mappers/mod_vhost_alias.dsp (+111/-0)
modules/mappers/mod_vhost_alias.exp (+1/-0)
modules/mappers/mod_vhost_alias.mak (+353/-0)
modules/metadata/.indent.pro (+54/-0)
modules/metadata/Makefile.in (+3/-0)
modules/metadata/NWGNUcernmeta (+248/-0)
modules/metadata/NWGNUexpires (+248/-0)
modules/metadata/NWGNUheaders (+249/-0)
modules/metadata/NWGNUmakefile (+254/-0)
modules/metadata/NWGNUmimemagi (+248/-0)
modules/metadata/NWGNUmodident (+248/-0)
modules/metadata/NWGNUmodversion (+248/-0)
modules/metadata/NWGNUremoteip (+248/-0)
modules/metadata/NWGNUuniqueid (+257/-0)
modules/metadata/NWGNUusertrk (+248/-0)
modules/metadata/config.m4 (+24/-0)
modules/metadata/mod_cern_meta.c (+371/-0)
modules/metadata/mod_cern_meta.dep (+55/-0)
modules/metadata/mod_cern_meta.dsp (+111/-0)
modules/metadata/mod_cern_meta.exp (+1/-0)
modules/metadata/mod_cern_meta.mak (+353/-0)
modules/metadata/mod_env.c (+190/-0)
modules/metadata/mod_env.dep (+47/-0)
modules/metadata/mod_env.dsp (+111/-0)
modules/metadata/mod_env.exp (+1/-0)
modules/metadata/mod_env.mak (+353/-0)
modules/metadata/mod_expires.c (+571/-0)
modules/metadata/mod_expires.dep (+54/-0)
modules/metadata/mod_expires.dsp (+111/-0)
modules/metadata/mod_expires.exp (+1/-0)
modules/metadata/mod_expires.mak (+353/-0)
modules/metadata/mod_headers.c (+1020/-0)
modules/metadata/mod_headers.dep (+57/-0)
modules/metadata/mod_headers.dsp (+111/-0)
modules/metadata/mod_headers.exp (+1/-0)
modules/metadata/mod_headers.mak (+353/-0)
modules/metadata/mod_ident.c (+344/-0)
modules/metadata/mod_ident.dep (+52/-0)
modules/metadata/mod_ident.dsp (+111/-0)
modules/metadata/mod_ident.exp (+1/-0)
modules/metadata/mod_ident.mak (+353/-0)
modules/metadata/mod_mime_magic.c (+2471/-0)
modules/metadata/mod_mime_magic.dep (+58/-0)
modules/metadata/mod_mime_magic.dsp (+111/-0)
modules/metadata/mod_mime_magic.exp (+1/-0)
modules/metadata/mod_mime_magic.mak (+353/-0)
modules/metadata/mod_remoteip.c (+466/-0)
modules/metadata/mod_remoteip.dep (+53/-0)
modules/metadata/mod_remoteip.dsp (+111/-0)
modules/metadata/mod_remoteip.mak (+353/-0)
modules/metadata/mod_setenvif.c (+648/-0)
modules/metadata/mod_setenvif.dep (+56/-0)
modules/metadata/mod_setenvif.dsp (+111/-0)
modules/metadata/mod_setenvif.exp (+1/-0)
modules/metadata/mod_setenvif.mak (+353/-0)
modules/metadata/mod_unique_id.c (+408/-0)
modules/metadata/mod_unique_id.dep (+50/-0)
modules/metadata/mod_unique_id.dsp (+111/-0)
modules/metadata/mod_unique_id.exp (+1/-0)
modules/metadata/mod_unique_id.mak (+353/-0)
modules/metadata/mod_usertrack.c (+459/-0)
modules/metadata/mod_usertrack.dep (+51/-0)
modules/metadata/mod_usertrack.dsp (+111/-0)
modules/metadata/mod_usertrack.exp (+1/-0)
modules/metadata/mod_usertrack.mak (+353/-0)
modules/metadata/mod_version.c (+313/-0)
modules/metadata/mod_version.dep (+45/-0)
modules/metadata/mod_version.dsp (+111/-0)
modules/metadata/mod_version.exp (+1/-0)
modules/metadata/mod_version.mak (+353/-0)
modules/proxy/.indent.pro (+58/-0)
modules/proxy/CHANGES (+223/-0)
modules/proxy/Makefile.in (+4/-0)
modules/proxy/NWGNUmakefile (+259/-0)
modules/proxy/NWGNUproxy (+337/-0)
modules/proxy/NWGNUproxyajp (+264/-0)
modules/proxy/NWGNUproxybalancer (+260/-0)
modules/proxy/NWGNUproxycon (+251/-0)
modules/proxy/NWGNUproxyexpress (+256/-0)
modules/proxy/NWGNUproxyfcgi (+261/-0)
modules/proxy/NWGNUproxyftp (+260/-0)
modules/proxy/NWGNUproxyhcheck (+254/-0)
modules/proxy/NWGNUproxyhtp (+260/-0)
modules/proxy/NWGNUproxylbm_busy (+250/-0)
modules/proxy/NWGNUproxylbm_hb (+251/-0)
modules/proxy/NWGNUproxylbm_req (+251/-0)
modules/proxy/NWGNUproxylbm_traf (+251/-0)
modules/proxy/NWGNUproxyscgi (+260/-0)
modules/proxy/NWGNUproxywstunnel (+250/-0)
modules/proxy/ajp.h (+520/-0)
modules/proxy/ajp_header.c (+885/-0)
modules/proxy/ajp_header.h (+195/-0)
modules/proxy/ajp_link.c (+115/-0)
modules/proxy/ajp_msg.c (+641/-0)
modules/proxy/ajp_utils.c (+137/-0)
modules/proxy/balancers/Makefile.in (+3/-0)
modules/proxy/balancers/config2.m4 (+8/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.c (+160/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.c (+200/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.c (+169/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.c (+466/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.dep (+77/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.mak (+408/-0)
modules/proxy/config.m4 (+76/-0)
modules/proxy/libproxy.exp (+1/-0)
modules/proxy/mod_proxy.c (+2907/-0)
modules/proxy/mod_proxy.dep (+153/-0)
modules/proxy/mod_proxy.dsp (+127/-0)
modules/proxy/mod_proxy.h (+1210/-0)
modules/proxy/mod_proxy.mak (+361/-0)
modules/proxy/mod_proxy_ajp.c (+829/-0)
modules/proxy/mod_proxy_ajp.dep (+356/-0)
modules/proxy/mod_proxy_ajp.dsp (+151/-0)
modules/proxy/mod_proxy_ajp.mak (+416/-0)
modules/proxy/mod_proxy_balancer.c (+1824/-0)
modules/proxy/mod_proxy_balancer.dep (+76/-0)
modules/proxy/mod_proxy_balancer.dsp (+123/-0)
modules/proxy/mod_proxy_balancer.mak (+380/-0)
modules/proxy/mod_proxy_connect.c (+486/-0)
modules/proxy/mod_proxy_connect.dep (+73/-0)
modules/proxy/mod_proxy_connect.dsp (+123/-0)
modules/proxy/mod_proxy_connect.mak (+380/-0)
modules/proxy/mod_proxy_express.c (+221/-0)
modules/proxy/mod_proxy_express.dep (+74/-0)
modules/proxy/mod_proxy_express.dsp (+123/-0)
modules/proxy/mod_proxy_express.mak (+380/-0)
modules/proxy/mod_proxy_fcgi.c (+1174/-0)
modules/proxy/mod_proxy_fcgi.dep (+75/-0)
modules/proxy/mod_proxy_fcgi.dsp (+123/-0)
modules/proxy/mod_proxy_fcgi.mak (+380/-0)
modules/proxy/mod_proxy_fdpass.c (+241/-0)
modules/proxy/mod_proxy_fdpass.h (+41/-0)
modules/proxy/mod_proxy_ftp.c (+2125/-0)
modules/proxy/mod_proxy_ftp.dep (+74/-0)
modules/proxy/mod_proxy_ftp.dsp (+123/-0)
modules/proxy/mod_proxy_ftp.mak (+380/-0)
modules/proxy/mod_proxy_hcheck.c (+1218/-0)
modules/proxy/mod_proxy_hcheck.dep (+5/-0)
modules/proxy/mod_proxy_hcheck.dsp (+123/-0)
modules/proxy/mod_proxy_hcheck.mak (+380/-0)
modules/proxy/mod_proxy_http.c (+2043/-0)
modules/proxy/mod_proxy_http.dep (+73/-0)
modules/proxy/mod_proxy_http.dsp (+123/-0)
modules/proxy/mod_proxy_http.mak (+380/-0)
modules/proxy/mod_proxy_scgi.c (+674/-0)
modules/proxy/mod_proxy_scgi.dep (+75/-0)
modules/proxy/mod_proxy_scgi.dsp (+123/-0)
modules/proxy/mod_proxy_scgi.mak (+380/-0)
modules/proxy/mod_proxy_wstunnel.c (+385/-0)
modules/proxy/mod_proxy_wstunnel.dep (+73/-0)
modules/proxy/mod_proxy_wstunnel.dsp (+123/-0)
modules/proxy/mod_proxy_wstunnel.mak (+380/-0)
modules/proxy/proxy_util.c (+3867/-0)
modules/proxy/proxy_util.h (+45/-0)
modules/proxy/scgi.h (+36/-0)
modules/session/Makefile.in (+4/-0)
modules/session/NWGNUmakefile (+257/-0)
modules/session/NWGNUsession (+254/-0)
modules/session/NWGNUsession_cookie (+253/-0)
modules/session/NWGNUsession_crypto (+255/-0)
modules/session/NWGNUsession_dbd (+253/-0)
modules/session/config.m4 (+68/-0)
modules/session/mod_session.c (+668/-0)
modules/session/mod_session.dep (+56/-0)
modules/session/mod_session.dsp (+115/-0)
modules/session/mod_session.h (+186/-0)
modules/session/mod_session.mak (+353/-0)
modules/session/mod_session_cookie.c (+284/-0)
modules/session/mod_session_cookie.dep (+49/-0)
modules/session/mod_session_cookie.dsp (+111/-0)
modules/session/mod_session_cookie.mak (+381/-0)
modules/session/mod_session_crypto.c (+805/-0)
modules/session/mod_session_crypto.dep (+57/-0)
modules/session/mod_session_crypto.dsp (+111/-0)
modules/session/mod_session_crypto.mak (+381/-0)
modules/session/mod_session_dbd.c (+640/-0)
modules/session/mod_session_dbd.dep (+60/-0)
modules/session/mod_session_dbd.dsp (+111/-0)
modules/session/mod_session_dbd.mak (+409/-0)
modules/slotmem/Makefile.in (+3/-0)
modules/slotmem/NWGNUmakefile (+246/-0)
modules/slotmem/NWGNUslotmem_plain (+250/-0)
modules/slotmem/NWGNUslotmem_shm (+250/-0)
modules/slotmem/config.m4 (+10/-0)
modules/slotmem/mod_slotmem_plain.c (+343/-0)
modules/slotmem/mod_slotmem_plain.dep (+51/-0)
modules/slotmem/mod_slotmem_plain.dsp (+111/-0)
modules/slotmem/mod_slotmem_plain.mak (+353/-0)
modules/slotmem/mod_slotmem_shm.c (+809/-0)
modules/slotmem/mod_slotmem_shm.dep (+57/-0)
modules/slotmem/mod_slotmem_shm.dsp (+111/-0)
modules/slotmem/mod_slotmem_shm.mak (+353/-0)
modules/ssl/Makefile.in (+20/-0)
modules/ssl/NWGNUmakefile (+327/-0)
modules/ssl/README (+106/-0)
modules/ssl/README.dsov.fig (+346/-0)
modules/ssl/README.dsov.ps (+1138/-0)
modules/ssl/config.m4 (+57/-0)
modules/ssl/mod_ssl.c (+714/-0)
modules/ssl/mod_ssl.dep (+1086/-0)
modules/ssl/mod_ssl.dsp (+195/-0)
modules/ssl/mod_ssl.h (+88/-0)
modules/ssl/mod_ssl.mak (+500/-0)
modules/ssl/mod_ssl_openssl.h (+73/-0)
modules/ssl/ssl_engine_config.c (+2032/-0)
modules/ssl/ssl_engine_init.c (+2020/-0)
modules/ssl/ssl_engine_io.c (+2215/-0)
modules/ssl/ssl_engine_kernel.c (+2457/-0)
modules/ssl/ssl_engine_log.c (+238/-0)
modules/ssl/ssl_engine_mutex.c (+111/-0)
modules/ssl/ssl_engine_ocsp.c (+304/-0)
modules/ssl/ssl_engine_pphrase.c (+621/-0)
modules/ssl/ssl_engine_rand.c (+177/-0)
modules/ssl/ssl_engine_vars.c (+1244/-0)
modules/ssl/ssl_private.h (+1051/-0)
modules/ssl/ssl_scache.c (+239/-0)
modules/ssl/ssl_util.c (+471/-0)
modules/ssl/ssl_util_ocsp.c (+419/-0)
modules/ssl/ssl_util_ssl.c (+505/-0)
modules/ssl/ssl_util_ssl.h (+78/-0)
modules/ssl/ssl_util_stapling.c (+873/-0)
modules/test/.indent.pro (+54/-0)
modules/test/Makefile.in (+3/-0)
modules/test/NWGNUmakefile (+257/-0)
modules/test/NWGNUoptfnexport (+256/-0)
modules/test/NWGNUoptfnimport (+256/-0)
modules/test/NWGNUopthookexport (+256/-0)
modules/test/NWGNUopthookimport (+256/-0)
modules/test/README (+1/-0)
modules/test/config.m4 (+13/-0)
modules/test/mod_dialup.c (+306/-0)
modules/test/mod_optional_fn_export.c (+48/-0)
modules/test/mod_optional_fn_export.h (+19/-0)
modules/test/mod_optional_fn_import.c (+55/-0)
modules/test/mod_optional_hook_export.c (+44/-0)
modules/test/mod_optional_hook_export.h (+24/-0)
modules/test/mod_optional_hook_import.c (+45/-0)
os/.indent.pro (+54/-0)
os/Makefile.in (+4/-0)
os/bs2000/ebcdic.c (+210/-0)
os/bs2000/ebcdic.h (+33/-0)
os/bs2000/os.c (+136/-0)
os/bs2000/os.h (+40/-0)
os/config.m4 (+26/-0)
os/netware/modules.c (+117/-0)
os/netware/netware_config_layout.h (+31/-0)
os/netware/os.h (+57/-0)
os/netware/pre_nw.h (+70/-0)
os/netware/util_nw.c (+112/-0)
os/os2/Makefile.in (+5/-0)
os/os2/config.m4 (+3/-0)
os/os2/core.mk (+7/-0)
os/os2/core_header.def (+19/-0)
os/os2/os.h (+40/-0)
os/os2/util_os2.c (+39/-0)
os/unix/Makefile.in (+5/-0)
os/unix/config.m4 (+7/-0)
os/unix/os.h (+52/-0)
os/unix/unixd.c (+690/-0)
os/unix/unixd.h (+142/-0)
os/win32/BaseAddr.ref (+132/-0)
os/win32/Makefile.in (+5/-0)
os/win32/ap_regkey.c (+642/-0)
os/win32/modules.c (+56/-0)
os/win32/os.h (+139/-0)
os/win32/util_win32.c (+148/-0)
os/win32/win32_config_layout.h (+31/-0)
server/.indent.pro (+54/-0)
server/Makefile.in (+103/-0)
server/NWGNUmakefile (+261/-0)
server/buildmark.c (+29/-0)
server/config.c (+2699/-0)
server/config.m4 (+19/-0)
server/connection.c (+228/-0)
server/core.c (+5391/-0)
server/core_filters.c (+889/-0)
server/eoc_bucket.c (+55/-0)
server/eor_bucket.c (+102/-0)
server/error_bucket.c (+77/-0)
server/gen_test_char.c (+173/-0)
server/gen_test_char.dep (+7/-0)
server/gen_test_char.dsp (+94/-0)
server/gen_test_char.mak (+234/-0)
server/listen.c (+922/-0)
server/log.c (+1932/-0)
server/main.c (+824/-0)
server/mpm/MPM.NAMING (+14/-0)
server/mpm/Makefile.in (+4/-0)
server/mpm/config.m4 (+128/-0)
server/mpm/config2.m4 (+89/-0)
server/mpm/event/Makefile.in (+1/-0)
server/mpm/event/config.m4 (+15/-0)
server/mpm/event/config3.m4 (+7/-0)
server/mpm/event/event.c (+3560/-0)
server/mpm/event/fdqueue.c (+533/-0)
server/mpm/event/fdqueue.h (+106/-0)
server/mpm/event/mpm_default.h (+56/-0)
server/mpm/mpmt_os2/Makefile.in (+1/-0)
server/mpm/mpmt_os2/config.m4 (+10/-0)
server/mpm/mpmt_os2/config5.m4 (+3/-0)
server/mpm/mpmt_os2/mpm_default.h (+57/-0)
server/mpm/mpmt_os2/mpmt_os2.c (+614/-0)
server/mpm/mpmt_os2/mpmt_os2_child.c (+488/-0)
server/mpm/netware/mpm_default.h (+78/-0)
server/mpm/netware/mpm_netware.c (+1363/-0)
server/mpm/prefork/Makefile.in (+1/-0)
server/mpm/prefork/config.m4 (+7/-0)
server/mpm/prefork/config3.m4 (+1/-0)
server/mpm/prefork/mpm_default.h (+51/-0)
server/mpm/prefork/prefork.c (+1506/-0)
server/mpm/winnt/Makefile.in (+1/-0)
server/mpm/winnt/child.c (+1266/-0)
server/mpm/winnt/config.m4 (+10/-0)
server/mpm/winnt/config3.m4 (+2/-0)
server/mpm/winnt/mpm_default.h (+60/-0)
server/mpm/winnt/mpm_winnt.c (+1785/-0)
server/mpm/winnt/mpm_winnt.h (+96/-0)
server/mpm/winnt/nt_eventlog.c (+171/-0)
server/mpm/winnt/service.c (+1241/-0)
server/mpm/worker/Makefile.in (+2/-0)
server/mpm/worker/config.m4 (+11/-0)
server/mpm/worker/config3.m4 (+5/-0)
server/mpm/worker/fdqueue.c (+412/-0)
server/mpm/worker/fdqueue.h (+75/-0)
server/mpm/worker/mpm_default.h (+55/-0)
server/mpm/worker/worker.c (+2382/-0)
server/mpm_common.c (+571/-0)
server/mpm_unix.c (+1078/-0)
server/protocol.c (+2365/-0)
server/provider.c (+197/-0)
server/request.c (+2511/-0)
server/scoreboard.c (+666/-0)
server/util.c (+3310/-0)
server/util_cfgtree.c (+46/-0)
server/util_charset.c (+28/-0)
server/util_cookies.c (+290/-0)
server/util_debug.c (+225/-0)
server/util_ebcdic.c (+117/-0)
server/util_expr_eval.c (+1812/-0)
server/util_expr_parse.c (+2130/-0)
server/util_expr_parse.h (+104/-0)
server/util_expr_parse.y (+217/-0)
server/util_expr_private.h (+141/-0)
server/util_expr_scan.c (+2669/-0)
server/util_expr_scan.l (+400/-0)
server/util_fcgi.c (+290/-0)
server/util_filter.c (+732/-0)
server/util_md5.c (+166/-0)
server/util_mutex.c (+561/-0)
server/util_pcre.c (+299/-0)
server/util_regex.c (+210/-0)
server/util_script.c (+900/-0)
server/util_time.c (+306/-0)
server/util_xml.c (+140/-0)
server/vhost.c (+1267/-0)
srclib/Makefile.in (+5/-0)
support/.indent.pro (+54/-0)
support/Makefile.in (+89/-0)
support/NWGNUab (+330/-0)
support/NWGNUhtcacheclean (+253/-0)
support/NWGNUhtdbm (+252/-0)
support/NWGNUhtdigest (+251/-0)
support/NWGNUhtpasswd (+252/-0)
support/NWGNUhttxt2dbm (+251/-0)
support/NWGNUlogres (+258/-0)
support/NWGNUmakefile (+51/-0)
support/NWGNUrotlogs (+250/-0)
support/README (+65/-0)
support/SHA1/README.sha1 (+34/-0)
support/SHA1/convert-sha1.pl (+36/-0)
support/SHA1/htpasswd-sha1.pl (+22/-0)
support/SHA1/ldif-sha1.example (+19/-0)
support/ab.c (+2545/-0)
support/ab.dep (+37/-0)
support/ab.dsp (+106/-0)
support/ab.mak (+317/-0)
support/abs.dep (+37/-0)
support/abs.dsp (+144/-0)
support/abs.mak (+374/-0)
support/apachectl.in (+106/-0)
support/apxs.in (+791/-0)
support/check_forensic (+51/-0)
support/checkgid.c (+110/-0)
support/config.m4 (+151/-0)
support/dbmmanage.in (+312/-0)
support/envvars-std.in (+28/-0)
support/fcgistarter.c (+220/-0)
support/fcgistarter.dep (+29/-0)
support/fcgistarter.dsp (+106/-0)
support/fcgistarter.mak (+317/-0)
support/htcacheclean.c (+1829/-0)
support/htcacheclean.dep (+37/-0)
support/htcacheclean.dsp (+106/-0)
support/htcacheclean.mak (+317/-0)
support/htdbm.c (+472/-0)
support/htdbm.dep (+58/-0)
support/htdbm.dsp (+110/-0)
support/htdbm.mak (+326/-0)
support/htdigest.c (+293/-0)
support/htdigest.dep (+27/-0)
support/htdigest.dsp (+106/-0)
support/htdigest.mak (+317/-0)
support/htpasswd.c (+509/-0)
support/htpasswd.dep (+57/-0)
support/htpasswd.dsp (+110/-0)
support/htpasswd.mak (+326/-0)
support/httxt2dbm.c (+335/-0)
support/httxt2dbm.dep (+26/-0)
support/httxt2dbm.dsp (+106/-0)
support/httxt2dbm.mak (+317/-0)
support/list_hooks.pl (+101/-0)
support/log_server_status.in (+76/-0)
support/logresolve.c (+329/-0)
support/logresolve.dep (+26/-0)
support/logresolve.dsp (+106/-0)
support/logresolve.mak (+317/-0)
support/logresolve.pl.in (+225/-0)
support/passwd_common.c (+344/-0)
support/passwd_common.h (+123/-0)
support/phf_abuse_log.cgi.in (+38/-0)
support/rotatelogs.c (+731/-0)
support/rotatelogs.dep (+28/-0)
support/rotatelogs.dsp (+106/-0)
support/rotatelogs.mak (+317/-0)
support/split-logfile.in (+69/-0)
support/suexec.c (+652/-0)
support/suexec.h (+109/-0)
support/win32/ApacheMonitor.c (+1671/-0)
support/win32/ApacheMonitor.dep (+18/-0)
support/win32/ApacheMonitor.dsp (+143/-0)
support/win32/ApacheMonitor.h (+78/-0)
support/win32/ApacheMonitor.mak (+309/-0)
support/win32/ApacheMonitor.manifest (+10/-0)
support/win32/ApacheMonitor.rc (+103/-0)
support/win32/wintty.c (+374/-0)
support/win32/wintty.dep (+5/-0)
support/win32/wintty.dsp (+106/-0)
support/win32/wintty.mak (+317/-0)
test/.indent.pro (+54/-0)
test/Makefile.in (+20/-0)
test/README (+3/-0)
test/check_chunked (+58/-0)
test/cls.c (+182/-0)
test/make_sni.sh (+396/-0)
test/tcpdumpscii.txt (+50/-0)
test/test-writev.c (+101/-0)
test/test_find.c (+78/-0)
test/test_limits.c (+200/-0)
test/test_parser.c (+75/-0)
test/test_select.c (+46/-0)
test/time-sem.c (+591/-0)
Reviewer Review Type Date Requested Status
 Christian Ehrhardt  2018-06-07 Approve on 2018-06-11
Canonical Server Team 2018-06-07 Pending
Review via email: mp+347650@code.launchpad.net

Description of the change

Please use git to review this MP. The diff generated by LP is incorrect.

Simple backport from upstream to silently ignore a not existent file path when IncludeOptional is used. I also included documentation changes, even though this version of apache only includes the generated html and not the xml source. Another drawback is that I updated only the English doc. If preferred, I can drop that from the patch.

PPA with test packages: ppa:ahasenack/apache-includeoptional-1766186 (https://launchpad.net/~ahasenack/+archive/ubuntu/apache-includeoptional-1766186/)

Testing instructions:
sudo apt install apache2 apache2-doc
echo "IncludeOptional /etc/apache2/nothere/bug*.conf" | sudo tee /etc/apache2/conf-enabled/bug.conf
echo "IncludeOptional /etc/apache2/nothere/bug.conf" | sudo tee -a /etc/apache2/conf-enabled/bug.conf
echo "IncludeOptional /etc/apache2/bug.conf" | sudo tee -a /etc/apache2/conf-enabled/bug.conf
# this will fail with the non-fixed packages, and restart fine with the fixed packages
sudo systemctl restart apache2

Browse to http://<apache-ip>/manual/en/mod/core.html#includeoptional and verify the documentation was updated:
"""
... or if a file path does not exist on the file system.
"""

Cosmic is already fixed, since it has a newer apache where the fix was applied upstream.

To post a comment you must log in.
review: Approve
Andreas Hasenack (ahasenack) wrote :

Thanks, fixed. Could you please push the upload tag for 5be7414420ffe6fe3802f27569625c7d5bab0484 (current bionic branch HEAD). I can upload this one.

Andreas Hasenack (ahasenack) wrote :

Sorry, I meant "current artful branch HEAD" above. The hash is correct.

pushed the tag

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 1ab80c4..d03af8a 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,11 @@
6+apache2 (2.4.27-2ubuntu4.2) artful; urgency=medium
7+
8+ * debian/patches/includeoptional-ignore-non-existent.patch: silently
9+ ignore a not existent file path with IncludeOptional . Closes LP:
10+ #1766186.
11+
12+ -- Andreas Hasenack <andreas@canonical.com> Thu, 07 Jun 2018 17:53:23 -0300
13+
14 apache2 (2.4.27-2ubuntu4.1) artful-security; urgency=medium
15
16 * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
17diff --git a/debian/patches/includeoptional-ignore-non-existent.patch b/debian/patches/includeoptional-ignore-non-existent.patch
18new file mode 100644
19index 0000000..9dd4867
20--- /dev/null
21+++ b/debian/patches/includeoptional-ignore-non-existent.patch
22@@ -0,0 +1,61 @@
23+Description: silently ignore a not existent file path with IncludeOptional
24+ In https://bz.apache.org/bugzilla/show_bug.cgi?id=57585 some use cases
25+ were reported in which IncludeOptional seems to be too strict in its
26+ sanity checks.
27+ .
28+ This change is a proposal to relax IncludeOptional checks to silently
29+ fail when a file path is not existent rather than returning SyntaxError.
30+Origin: backport, https://github.com/apache/httpd/commit/a17ce7dd5e6277867ca48659f70c4bb8a11add56
31+Bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=57585
32+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1766186
33+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878920
34+Last-Update: 2018-06-07
35+
36+--- a/server/config.c
37++++ b/server/config.c
38+@@ -1951,6 +1951,15 @@
39+
40+ return NULL;
41+ }
42++ else if (optional) {
43++ /* If the optinal flag is set (like for IncludeOptional) we can
44++ * tolerate that no file or directory is present and bail out.
45++ */
46++ apr_finfo_t finfo;
47++ if (apr_stat(&finfo, fname, APR_FINFO_TYPE, ptemp) != APR_SUCCESS
48++ || finfo.filetype == APR_NOFILE)
49++ return NULL;
50++ }
51+
52+ return ap_process_resource_config(s, fname, conftree, p, ptemp);
53+ }
54+@@ -2001,6 +2010,12 @@
55+ */
56+ rv = apr_dir_open(&dirp, path, ptemp);
57+ if (rv != APR_SUCCESS) {
58++ /* If the directory doesn't exist and the optional flag is set
59++ * there is no need to return an error.
60++ */
61++ if (rv == APR_ENOENT && optional) {
62++ return NULL;
63++ }
64+ return apr_psprintf(p, "Could not open config directory %s: %pm",
65+ path, &rv);
66+ }
67+--- a/docs/manual/mod/core.html.en
68++++ b/docs/manual/mod/core.html.en
69+@@ -2375,10 +2375,10 @@
70+ </table>
71+ <p>This directive allows inclusion of other configuration files
72+ from within the server configuration files. It works identically to the
73+- <code class="directive"><a href="#include">Include</a></code> directive, with the
74+- exception that if wildcards do not match any file or directory, the
75+- <code class="directive"><a href="#includeoptional">IncludeOptional</a></code> directive will be
76+- silently ignored instead of causing an error.</p>
77++ <code class="directive"><a href="#include">Include</a></code> directive, but it will be
78++ silently ignored (instead of causing an error) if wildcards are used and
79++ they do not match any file or directory or if a file path does not exist
80++ on the file system.</p>
81+
82+ <h3>See also</h3>
83+ <ul>
84diff --git a/debian/patches/series b/debian/patches/series
85index 02238a5..acfedb1 100644
86--- a/debian/patches/series
87+++ b/debian/patches/series
88@@ -20,3 +20,4 @@ CVE-2018-1283.patch
89 CVE-2018-1301.patch
90 CVE-2018-1303.patch
91 CVE-2018-1312.patch
92+includeoptional-ignore-non-existent.patch
93diff --git a/docs/manual/style/latex/atbeginend.sty b/docs/manual/style/latex/atbeginend.sty
94new file mode 100644
95index 0000000..79b555d
96--- /dev/null
97+++ b/docs/manual/style/latex/atbeginend.sty
98@@ -0,0 +1,80 @@
99+% atbeginend.sty
100+%
101+% Licensed to the Apache Software Foundation (ASF) under one or more
102+% contributor license agreements. See the NOTICE file distributed with
103+% this work for additional information regarding copyright ownership.
104+% The ASF licenses this file to You under the Apache License, Version 2.0
105+% (the "License"); you may not use this file except in compliance with
106+% the License. You may obtain a copy of the License at
107+%
108+% http://www.apache.org/licenses/LICENSE-2.0
109+%
110+% Unless required by applicable law or agreed to in writing, software
111+% distributed under the License is distributed on an "AS IS" BASIS,
112+% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
113+% See the License for the specific language governing permissions and
114+% limitations under the License.
115+
116+% defines
117+% \BeforeBegin{environment}{code-to-execute}
118+% \BeforeEnd {environment}{code-to-execute}
119+% \AfterBegin {environment}{code-to-execute}
120+% \AfterEnd {environment}{code-to-execute}
121+%
122+% Save \begin and \end to \BeginEnvironment and \EndEnvironment
123+\let\BeginEnvironment=\begin
124+\let\EndEnvironment=\end
125+
126+\def\IfUnDef#1{\expandafter\ifx\csname#1\endcsname\relax}
127+
128+% Null command needed to for \nothing{something}=.nothing.
129+\def\NullCom#1{}
130+
131+\def\begin#1{%
132+%
133+% if defined \BeforeBeg for this environment, execute it
134+\IfUnDef{BeforeBeg#1}\else\csname BeforeBeg#1\endcsname\fi%
135+%
136+%
137+%
138+\IfUnDef{AfterBeg#1}% This is done to skip the command for environments
139+ % which can take arguments, like multicols; YOU MUST NOT
140+ % USE \AfterBegin{...}{...} for such environments!
141+ \let\SaveBegEng=\BeginEnvironment%
142+\else%
143+ % Start this environment
144+ \BeginEnvironment{#1}%
145+ % and execute code after \begin{environment}
146+ \csname AfterBeg#1\endcsname%
147+ %
148+ \let\SaveBegEng=\NullCom%
149+\fi%
150+\SaveBegEng{#1}%
151+}
152+
153+
154+\def\end#1{%
155+%
156+% execute code before \end{environment}
157+\IfUnDef{BeforeEnd#1}\else\csname BeforeEnd#1\endcsname\fi%
158+%
159+% close this environment
160+\EndEnvironment{#1}%
161+%
162+% and execute code after \begin{environment}
163+\IfUnDef{AfterEnd#1}\else\csname AfterEnd#1\endcsname\fi%
164+}
165+
166+
167+%% Now, define commands
168+% \BeforeBegin{environment}{code-to-execute}
169+% \BeforeEnd {environment}{code-to-execute}
170+% \AfterBegin {environment}{code-to-execute}
171+% \AfterEnd {environment}{code-to-execute}
172+
173+\def\BeforeBegin#1#2{\expandafter\gdef\csname BeforeBeg#1\endcsname
174+{#2}}
175+\def\BeforeEnd #1#2{\expandafter\gdef\csname BeforeEnd#1\endcsname
176+{#2}}
177+\def\AfterBegin #1#2{\expandafter\gdef\csname AfterBeg#1\endcsname {#2}}
178+\def\AfterEnd #1#2{\expandafter\gdef\csname AfterEnd#1\endcsname{#2}}
179diff --git a/docs/manual/style/manualpage.dtd b/docs/manual/style/manualpage.dtd
180new file mode 100644
181index 0000000..e9c22a0
182--- /dev/null
183+++ b/docs/manual/style/manualpage.dtd
184@@ -0,0 +1,29 @@
185+<?xml version='1.0' encoding='UTF-8' ?>
186+
187+<!--
188+ Licensed to the Apache Software Foundation (ASF) under one or more
189+ contributor license agreements. See the NOTICE file distributed with
190+ this work for additional information regarding copyright ownership.
191+ The ASF licenses this file to You under the Apache License, Version 2.0
192+ (the "License"); you may not use this file except in compliance with
193+ the License. You may obtain a copy of the License at
194+
195+ http://www.apache.org/licenses/LICENSE-2.0
196+
197+ Unless required by applicable law or agreed to in writing, software
198+ distributed under the License is distributed on an "AS IS" BASIS,
199+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200+ See the License for the specific language governing permissions and
201+ limitations under the License.
202+-->
203+
204+<!ENTITY % common SYSTEM "common.dtd">
205+%common;
206+
207+<!-- <manualpage> is the root element -->
208+<!ELEMENT manualpage (parentdocument?, title, summary?,
209+seealso*, section*)>
210+
211+<!ATTLIST manualpage metafile CDATA #REQUIRED
212+ upgrade CDATA #IMPLIED
213+>
214diff --git a/docs/manual/style/modulesynopsis.dtd b/docs/manual/style/modulesynopsis.dtd
215new file mode 100644
216index 0000000..4dac5ef
217--- /dev/null
218+++ b/docs/manual/style/modulesynopsis.dtd
219@@ -0,0 +1,77 @@
220+<?xml version='1.0' encoding='UTF-8' ?>
221+
222+<!--
223+ Licensed to the Apache Software Foundation (ASF) under one or more
224+ contributor license agreements. See the NOTICE file distributed with
225+ this work for additional information regarding copyright ownership.
226+ The ASF licenses this file to You under the Apache License, Version 2.0
227+ (the "License"); you may not use this file except in compliance with
228+ the License. You may obtain a copy of the License at
229+
230+ http://www.apache.org/licenses/LICENSE-2.0
231+
232+ Unless required by applicable law or agreed to in writing, software
233+ distributed under the License is distributed on an "AS IS" BASIS,
234+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
235+ See the License for the specific language governing permissions and
236+ limitations under the License.
237+-->
238+
239+<!ENTITY % sitemap SYSTEM "sitemap.dtd">
240+%sitemap;
241+
242+<!ELEMENT modulesynopsis (name , description, status, hint?, sourcefile?,
243+identifier? , compatibility? , summary? , seealso* , section*,
244+directivesynopsis*)>
245+
246+<!ATTLIST modulesynopsis metafile CDATA #REQUIRED
247+ upgrade CDATA #IMPLIED>
248+
249+<!ELEMENT directivesynopsis (name , description? , syntax? , default?
250+, contextlist? , override? , modulelist?, status?, compatibility? ,
251+usage?, seealso*)>
252+
253+<!ELEMENT name (#PCDATA)>
254+
255+<!ELEMENT status (#PCDATA)>
256+
257+<!ELEMENT hint %Inline;>
258+
259+<!ELEMENT identifier (#PCDATA)>
260+
261+<!ELEMENT sourcefile (#PCDATA)>
262+
263+<!ELEMENT compatibility %Inline;>
264+
265+<!ELEMENT description %Inline;>
266+
267+<!ATTLIST directivesynopsis type CDATA #IMPLIED
268+ location CDATA #IMPLIED >
269+
270+<!ELEMENT syntax %Inline;>
271+
272+<!ELEMENT default (#PCDATA | directive | br)*>
273+
274+<!ELEMENT contextlist (context+)+>
275+
276+<!ELEMENT context (#PCDATA)>
277+
278+<!ELEMENT override (#PCDATA)>
279+
280+<!ELEMENT usage %Block;>
281+
282+<!-- Used in index.xml -->
283+<!ELEMENT moduleindex (title, summary, seealso*)>
284+
285+<!ATTLIST moduleindex metafile CDATA #REQUIRED>
286+
287+<!-- Used in directive.xml -->
288+<!ELEMENT directiveindex (title | summary)+>
289+
290+<!ATTLIST directiveindex metafile CDATA #REQUIRED>
291+
292+<!-- Used in quickreference.xml -->
293+<!ELEMENT quickreference (title | summary | legend)+>
294+<!ATTLIST quickreference metafile CDATA #REQUIRED>
295+
296+<!ELEMENT legend (table, table)>
297diff --git a/docs/manual/style/scripts/MINIFY b/docs/manual/style/scripts/MINIFY
298new file mode 100644
299index 0000000..2c1efc3
300--- /dev/null
301+++ b/docs/manual/style/scripts/MINIFY
302@@ -0,0 +1,5 @@
303+#!/bin/sh
304+
305+(echo '// see prettify.js for copyright, license and expanded version'; python -mrjsmin <prettify.js) >prettify.min.js
306+
307+# needs python and rjsmin installed
308diff --git a/docs/manual/style/scripts/prettify.js b/docs/manual/style/scripts/prettify.js
309new file mode 100644
310index 0000000..2fa959a
311--- /dev/null
312+++ b/docs/manual/style/scripts/prettify.js
313@@ -0,0 +1,1622 @@
314+// Copyright (C) 2006 Google Inc.
315+//
316+// Licensed under the Apache License, Version 2.0 (the "License");
317+// you may not use this file except in compliance with the License.
318+// You may obtain a copy of the License at
319+//
320+// http://www.apache.org/licenses/LICENSE-2.0
321+//
322+// Unless required by applicable law or agreed to in writing, software
323+// distributed under the License is distributed on an "AS IS" BASIS,
324+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
325+// See the License for the specific language governing permissions and
326+// limitations under the License.
327+
328+
329+/**
330+ * @fileoverview
331+ * some functions for browser-side pretty printing of code contained in html.
332+ *
333+ * <p>
334+ * For a fairly comprehensive set of languages see the
335+ * <a href="http://google-code-prettify.googlecode.com/svn/trunk/README.html#langs">README</a>
336+ * file that came with this source. At a minimum, the lexer should work on a
337+ * number of languages including C and friends, Java, Python, Bash, SQL, HTML,
338+ * XML, CSS, Javascript, and Makefiles. It works passably on Ruby, PHP and Awk
339+ * and a subset of Perl, but, because of commenting conventions, doesn't work on
340+ * Smalltalk, Lisp-like, or CAML-like languages without an explicit lang class.
341+ * <p>
342+ * Usage: <ol>
343+ * <li> include this source file in an html page via
344+ * {@code <script type="text/javascript" src="/path/to/prettify.js"></script>}
345+ * <li> define style rules. See the example page for examples.
346+ * <li> mark the {@code <pre>} and {@code <code>} tags in your source with
347+ * {@code class=prettyprint.}
348+ * You can also use the (html deprecated) {@code <xmp>} tag, but the pretty
349+ * printer needs to do more substantial DOM manipulations to support that, so
350+ * some css styles may not be preserved.
351+ * </ol>
352+ * That's it. I wanted to keep the API as simple as possible, so there's no
353+ * need to specify which language the code is in, but if you wish, you can add
354+ * another class to the {@code <pre>} or {@code <code>} element to specify the
355+ * language, as in {@code <pre class="prettyprint lang-java">}. Any class that
356+ * starts with "lang-" followed by a file extension, specifies the file type.
357+ * See the "lang-*.js" files in this directory for code that implements
358+ * per-language file handlers.
359+ * <p>
360+ * Change log:<br>
361+ * cbeust, 2006/08/22
362+ * <blockquote>
363+ * Java annotations (start with "@") are now captured as literals ("lit")
364+ * </blockquote>
365+ * @requires console
366+ */
367+
368+// JSLint declarations
369+/*global console, document, navigator, setTimeout, window, define */
370+
371+/**
372+ * Split {@code prettyPrint} into multiple timeouts so as not to interfere with
373+ * UI events.
374+ * If set to {@code false}, {@code prettyPrint()} is synchronous.
375+ */
376+window['PR_SHOULD_USE_CONTINUATION'] = true;
377+
378+/**
379+ * Find all the {@code <pre>} and {@code <code>} tags in the DOM with
380+ * {@code class=prettyprint} and prettify them.
381+ *
382+ * @param {Function?} opt_whenDone if specified, called when the last entry
383+ * has been finished.
384+ */
385+var prettyPrintOne;
386+/**
387+ * Pretty print a chunk of code.
388+ *
389+ * @param {string} sourceCodeHtml code as html
390+ * @return {string} code as html, but prettier
391+ */
392+var prettyPrint;
393+
394+
395+(function () {
396+ var win = window;
397+ // Keyword lists for various languages.
398+ // We use things that coerce to strings to make them compact when minified
399+ // and to defeat aggressive optimizers that fold large string constants.
400+ var FLOW_CONTROL_KEYWORDS = ["break,continue,do,else,for,if,return,while"];
401+ var C_KEYWORDS = [FLOW_CONTROL_KEYWORDS,"auto,case,char,const,default," +
402+ "double,enum,extern,float,goto,int,long,register,short,signed,sizeof,module," +
403+ "static,struct,switch,typedef,union,unsigned,void,volatile"];
404+ var COMMON_KEYWORDS = [C_KEYWORDS,"catch,class,delete,false,import," +
405+ "new,operator,private,protected,public,this,throw,true,try,typeof"];
406+ var CPP_KEYWORDS = [COMMON_KEYWORDS,"alignof,align_union,asm,axiom,bool," +
407+ "concept,concept_map,const_cast,constexpr,decltype," +
408+ "dynamic_cast,explicit,export,friend,inline,late_check," +
409+ "mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast," +
410+ "template,typeid,typename,using,virtual,where,request_req"];
411+ var JAVA_KEYWORDS = [COMMON_KEYWORDS,
412+ "abstract,boolean,byte,extends,final,finally,implements,import," +
413+ "instanceof,null,native,package,strictfp,super,synchronized,throws," +
414+ "transient"];
415+ var CSHARP_KEYWORDS = [JAVA_KEYWORDS,
416+ "as,base,by,checked,decimal,delegate,descending,dynamic,event," +
417+ "fixed,foreach,from,group,implicit,in,interface,internal,into,is,let," +
418+ "lock,object,out,override,orderby,params,partial,readonly,ref,sbyte," +
419+ "sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort," +
420+ "var,virtual,where"];
421+ var COFFEE_KEYWORDS = "all,and,by,catch,class,else,extends,false,finally," +
422+ "for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then," +
423+ "throw,true,try,unless,until,when,while,yes";
424+ var JSCRIPT_KEYWORDS = [COMMON_KEYWORDS,
425+ "debugger,eval,export,function,get,null,set,undefined,var,with," +
426+ "Infinity,NaN"];
427+ var PERL_KEYWORDS = "caller,delete,die,do,dump,else,elsif,eval,exit,foreach,for," +
428+ "goto,if,import,last,local,my,next,no,our,print,printf,package,redo,require," +
429+ "sub,undef,unless,until,use,wantarray,while,BEGIN,END";
430+ var PHP_KEYWORDS = "abstract,and,array,as,break,case,catch,cfunction,class," +
431+ "clone,const,continue,declare,default,do,else,elseif,enddeclare,endfor," +
432+ "endforeach,endif,endswitch,endwhile,extends,final,for,foreach,function," +
433+ "global,goto,if,implements,interface,instanceof,namespace,new,old_function," +
434+ "or,private,protected,public,static,switch,throw,try,use,var,while,xor," +
435+ "die,echo,empty,exit,eval,include,include_once,isset,list,require," +
436+ "require_once,return,print,unset";
437+ var PYTHON_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "and,as,assert,class,def,del," +
438+ "elif,except,exec,finally,from,global,import,in,is,lambda," +
439+ "nonlocal,not,or,pass,print,raise,try,with,yield," +
440+ "False,True,None"];
441+ var RUBY_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "alias,and,begin,case,class," +
442+ "def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo," +
443+ "rescue,retry,self,super,then,true,undef,unless,until,when,yield," +
444+ "BEGIN,END"];
445+ var SH_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "case,done,elif,esac,eval,fi," +
446+ "function,in,local,set,then,until,echo"];
447+ var CONFIG_ENVS = ["User-Agent,HTTP_USER_AGENT,HTTP_REFERER,HTTP_COOKIE,HTTP_FORWARDED,HTTP_HOST,HTTP_PROXY_CONNECTION,HTTP_ACCEPT,REMOTE_ADDR,REMOTE_HOST,REMOTE_PORT,REMOTE_USER,REMOTE_IDENT,REQUEST_METHOD,SCRIPT_FILENAME,PATH_INFO,QUERY_STRING,AUTH_TYPE,DOCUMENT_ROOT,SERVER_ADMIN,SERVER_NAME,SERVER_ADDR,SERVER_PORT,SERVER_PROTOCOL,SERVER_SOFTWARE,TIME_YEAR,TIME_MON,TIME_DAY,TIME_HOUR,TIME_MIN,TIME_SEC,TIME_WDAY,TIME,API_VERSION,THE_REQUEST,REQUEST_URI,REQUEST_FILENAME,IS_SUBREQ,HTTPS,REQUEST_SCHEME"];
448+ var CONFIG_KEYWORDS = ["Macro,UndefMacro,Use,AuthLDAPURL,AcceptFilter,AcceptPathInfo,AccessFileName,Action,AddAlt,AddAltByEncoding,AddAltByType,AddCharset,AddDefaultCharset,AddDescription,AddEncoding,AddHandler,AddIcon,AddIconByEncoding,AddIconByType,AddInputFilter,AddLanguage,AddModuleInfo,AddOutputFilter,AddOutputFilterByType,AddType,Alias,AliasMatch,Allow,AllowCONNECT,AllowEncodedSlashes,AllowMethods,AllowOverride,AllowOverrideList,Anonymous,Anonymous_LogEmail,Anonymous_MustGiveEmail,Anonymous_NoUserID,Anonymous_VerifyEmail,AsyncRequestWorkerFactor,AuthBasicAuthoritative,AuthBasicProvider,AuthDBDUserPWQuery,AuthDBDUserRealmQuery,AuthDBMGroupFile,AuthDBMType,AuthDBMUserFile,AuthDigestAlgorithm,AuthDigestDomain,AuthDigestNcCheck,AuthDigestNonceFormat,AuthDigestNonceLifetime,AuthDigestProvider,AuthDigestQop,AuthDigestShmemSize,AuthFormAuthoritative,AuthFormBody,AuthFormDisableNoStore,AuthFormFakeBasicAuth,AuthFormLocation,AuthFormLoginRequiredLocation,AuthFormLoginSuccessLocation,AuthFormLogoutLocation,AuthFormMethod,AuthFormMimetype,AuthFormPassword,AuthFormProvider,AuthFormSitePassphrase,AuthFormSize,AuthFormUsername,AuthGroupFile,AuthLDAPAuthorizePrefix,AuthLDAPBindAuthoritative,AuthLDAPBindDN,AuthLDAPBindPassword,AuthLDAPCharsetConfig,AuthLDAPCompareAsUser,AuthLDAPCompareDNOnServer,AuthLDAPDereferenceAliases,AuthLDAPGroupAttribute,AuthLDAPGroupAttributeIsDN,AuthLDAPInitialBindAsUser,AuthLDAPInitialBindPattern,AuthLDAPMaxSubGroupDepth,AuthLDAPRemoteUserAttribute,AuthLDAPRemoteUserIsDN,AuthLDAPSearchAsUser,AuthLDAPSubGroupAttribute,AuthLDAPSubGroupClass,AuthLDAPUrl,AuthMerging,AuthName,AuthnCacheContext,AuthnCacheEnable,AuthnCacheProvideFor,AuthnCacheSOCache,AuthnCacheTimeout,<AuthnProviderAlias>,AuthType,AuthUserFile,AuthzDBDLoginToReferer,AuthzDBDQuery,AuthzDBDRedirectQuery,AuthzDBMType,<AuthzProviderAlias>,AuthzSendForbiddenOnFailure,BalancerGrowth,BalancerMember,BrowserMatch,BrowserMatchNoCase,BufferedLogs,BufferSize,CacheDefaultExpire,CacheDetailHeader,CacheDirLength,CacheDirLevels,CacheDisable,CacheEnable,CacheFile,CacheHeader,CacheIgnoreCacheControl,CacheIgnoreHeaders,CacheIgnoreNoLastMod,CacheIgnoreQueryString,CacheIgnoreURLSessionIdentifiers,CacheKeyBaseURL,CacheLastModifiedFactor,CacheLock,CacheLockMaxAge,CacheLockPath,CacheMaxExpire,CacheMaxFileSize,CacheMinExpire,CacheMinFileSize,CacheNegotiatedDocs,CacheQuickHandler,CacheReadSize,CacheReadTime,CacheRoot,CacheStaleOnError,CacheStoreExpired,CacheStoreNoStore,CacheStorePrivate,CGIMapExtension,CharsetDefault,CharsetOptions,CharsetSourceEnc,CheckCaseOnly,CheckSpelling,ChrootDir,ContentDigest,CookieDomain,CookieExpires,CookieName,CookieStyle,CookieTracking,CoreDumpDirectory,CustomLog,Dav,DavDepthInfinity,DavGenericLockDB,DavLockDB,DavMinTimeout,DBDExptime,DBDInitSQL,DBDKeep,DBDMax,DBDMin,DBDParams,DBDPersist,DBDPrepareSQL,DBDriver,DefaultIcon,DefaultLanguage,DefaultRuntimeDir,DefaultType,Define,DeflateBufferSize,DeflateCompressionLevel,DeflateFilterNote,DeflateMemLevel,DeflateWindowSize,Deny,<Directory>,DirectoryIndex,DirectoryIndexRedirect,<DirectoryMatch>,DirectorySlash,DocumentRoot,DTracePrivileges,DumpIOInput,DumpIOOutput,<Else>,<ElseIf>,EnableExceptionHook,EnableMMAP,EnableSendfile,Error,ErrorDocument,ErrorLog,ErrorLogFormat,Example,ExpiresActive,ExpiresByType,ExpiresDefault,ExtendedStatus,ExtFilterDefine,ExtFilterOptions,FallbackResource,FileETag,<Files>,<FilesMatch>,FilterChain,FilterDeclare,FilterProtocol,FilterProvider,FilterTrace,ForceLanguagePriority,ForceType,ForensicLog,GprofDir,GracefulShutdownTimeout,Group,Header,HeaderName,HeartbeatAddress,HeartbeatListen,HeartbeatMaxServers,HeartbeatStorage,HeartbeatStorage,HostnameLookups,IdentityCheck,IdentityCheckTimeout,<If>,<IfDefine>,<IfModule>,<IfVersion>,ImapBase,ImapDefault,ImapMenu,Include,IncludeOptional,IndexHeadInsert,IndexIgnore,IndexIgnoreReset,IndexOptions,IndexOrderDefault,IndexStyleSheet,InputSed,ISAPIAppendLogToErrors,ISAPIAppendLogToQuery,ISAPICacheFile,ISAPIFakeAsync,ISAPILogNotSupported,ISAPIReadAheadBuffer,KeepAlive,KeepAliveTimeout,KeptBodySize,LanguagePriority,LDAPCacheEntries,LDAPCacheTTL,LDAPConnectionPoolTTL,LDAPConnectionTimeout,LDAPLibraryDebug,LDAPOpCacheEntries,LDAPOpCacheTTL,LDAPReferralHopLimit,LDAPReferrals,LDAPRetries,LDAPRetryDelay,LDAPSharedCacheFile,LDAPSharedCacheSize,LDAPTimeout,LDAPTrustedClientCert,LDAPTrustedGlobalCert,LDAPTrustedMode,LDAPVerifyServerCert,<Limit>,<LimitExcept>,LimitInternalRecursion,LimitRequestBody,LimitRequestFields,LimitRequestFieldSize,LimitRequestLine,LimitXMLRequestBody,Listen,ListenBackLog,LoadFile,LoadModule,<Location>,<LocationMatch>,LogFormat,LogLevel,LogMessage,LuaCodeCache,LuaHookAccessChecker,LuaHookAuthChecker,LuaAuthzProvider,LuaHookCheckUserID,LuaHookFixups,LuaHookInsertFilter,LuaHookMapToStorage,LuaHookTranslateName,LuaHookTypeChecker,LuaInherit,LuaInputFilter,LuaMapHandler,LuaOutputFilter,LuaPackageCPath,LuaPackagePath,LuaQuickHandler,LuaRoot,LuaScope,MaxConnectionsPerChild,MaxKeepAliveRequests,MaxMemFree,MaxRangeOverlaps,MaxRangeReversals,MaxRanges,MaxRequestWorkers,MaxSpareServers,MaxSpareThreads,MaxThreads,MetaDir,MetaFiles,MetaSuffix,MimeMagicFile,MinSpareServers,MinSpareThreads,MMapFile,ModemStandard,ModMimeUsePathInfo,MultiviewsMatch,Mutex,NameVirtualHost,NoProxy,NWSSLTrustedCerts,NWSSLUpgradeable,Options,Order,OutputSed,PassEnv,PidFile,PrivilegesMode,Protocol,ProtocolEcho,<Proxy>,ProxyAddHeaders,ProxyBadHeader,ProxyBlock,ProxyDomain,ProxyErrorOverride,ProxyExpressDBMFile,ProxyExpressDBMType,ProxyExpressEnable,ProxyFtpDirCharset,ProxyFtpEscapeWildcards,ProxyFtpListOnWildcard,ProxyHTMLBufSize,ProxyHTMLCharsetOut,ProxyHTMLDocType,ProxyHTMLEnable,ProxyHTMLEvents,ProxyHTMLExtended,ProxyHTMLFixups,ProxyHTMLInterp,ProxyHTMLLinks,ProxyHTMLStripComments,ProxyHTMLURLMap,ProxyIOBufferSize,<ProxyMatch>,ProxyMaxForwards,ProxyPass,ProxyPassInterpolateEnv,ProxyPassMatch,ProxyPassReverse,ProxyPassReverseCookieDomain,ProxyPassReverseCookiePath,ProxyPreserveHost,ProxyReceiveBufferSize,ProxyRemote,ProxyRemoteMatch,ProxyRequests,ProxySCGIInternalRedirect,ProxySCGISendfile,ProxySet,ProxySourceAddress,ProxyStatus,ProxyTimeout,ProxyVia,ReadmeName,ReceiveBufferSize,Redirect,RedirectMatch,RedirectPermanent,RedirectTemp,ReflectorHeader,RemoteIPHeader,RemoteIPInternalProxy,RemoteIPInternalProxyList,RemoteIPProxiesHeader,RemoteIPTrustedProxy,RemoteIPTrustedProxyList,RemoveCharset,RemoveEncoding,RemoveHandler,RemoveInputFilter,RemoveLanguage,RemoveOutputFilter,RemoveType,RequestHeader,RequestReadTimeout,Require,<RequireAll>,<RequireAny>,<RequireNone>,RewriteBase,RewriteCond,RewriteEngine,RewriteMap,RewriteOptions,RewriteRule,RLimitCPU,RLimitMEM,RLimitNPROC,Satisfy,ScoreBoardFile,Script,ScriptAlias,ScriptAliasMatch,ScriptInterpreterSource,ScriptLog,ScriptLogBuffer,ScriptLogLength,ScriptSock,SecureListen,SeeRequestTail,SendBufferSize,ServerAdmin,ServerAlias,ServerLimit,ServerName,ServerPath,ServerRoot,ServerSignature,ServerTokens,Session,SessionCookieName,SessionCookieName2,SessionCookieRemove,SessionCryptoCipher,SessionCryptoDriver,SessionCryptoPassphrase,SessionCryptoPassphraseFile,SessionDBDCookieName,SessionDBDCookieName2,SessionDBDCookieRemove,SessionDBDDeleteLabel,SessionDBDInsertLabel,SessionDBDPerUser,SessionDBDSelectLabel,SessionDBDUpdateLabel,SessionEnv,SessionExclude,SessionHeader,SessionInclude,SessionMaxAge,SetEnv,SetEnvIf,SetEnvIfExpr,SetEnvIfNoCase,SetHandler,SetInputFilter,SetOutputFilter,SSIEndTag,SSIErrorMsg,SSIETag,SSILastModified,SSILegacyExprParser,SSIStartTag,SSITimeFormat,SSIUndefinedEcho,SSLCACertificateFile,SSLCACertificatePath,SSLCADNRequestFile,SSLCADNRequestPath,SSLCARevocationCheck,SSLCARevocationFile,SSLCARevocationPath,SSLCertificateChainFile,SSLCertificateFile,SSLCertificateKeyFile,SSLCipherSuite,SSLCryptoDevice,SSLEngine,SSLFIPS,SSLHonorCipherOrder,SSLInsecureRenegotiation,SSLOCSPDefaultResponder,SSLOCSPEnable,SSLOCSPOverrideResponder,SSLOCSPResponderTimeout,SSLOCSPResponseMaxAge,SSLOCSPResponseTimeSkew,SSLOptions,SSLPassPhraseDialog,SSLProtocol,SSLProxyCACertificateFile,SSLProxyCACertificatePath,SSLProxyCARevocationCheck,SSLProxyCARevocationFile,SSLProxyCARevocationPath,SSLProxyCheckPeerCN,SSLProxyCheckPeerExpire,SSLProxyCipherSuite,SSLProxyEngine,SSLProxyMachineCertificateChainFile,SSLProxyMachineCertificateFile,SSLProxyMachineCertificatePath,SSLProxyProtocol,SSLProxyVerify,SSLProxyVerifyDepth,SSLRandomSeed,SSLRenegBufferSize,SSLRequire,SSLRequireSSL,SSLSessionCache,SSLSessionCacheTimeout,SSLSessionTicketKeyFile,SSLStaplingCache,SSLStaplingErrorCacheTimeout,SSLStaplingFakeTryLater,SSLStaplingForceURL,SSLStaplingResponderTimeout,SSLStaplingResponseMaxAge,SSLStaplingResponseTimeSkew,SSLStaplingReturnResponderErrors,SSLStaplingStandardCacheTimeout,SSLStrictSNIVHostCheck,SSLUserName,SSLUseStapling,SSLVerifyClient,SSLVerifyDepth,StartServers,StartThreads,Substitute,Suexec,SuexecUserGroup,ThreadLimit,ThreadsPerChild,ThreadStackSize,TimeOut,TraceEnable,TransferLog,TypesConfig,UnDefine,UnsetEnv,UseCanonicalName,UseCanonicalPhysicalPort,User,UserDir,VHostCGIMode,VHostCGIPrivs,VHostGroup,VHostPrivs,VHostSecure,VHostUser,VirtualDocumentRoot,VirtualDocumentRootIP,<VirtualHost>,VirtualScriptAlias,VirtualScriptAliasIP,WatchdogInterval,XBitHack,xml2EncAlias,xml2EncDefault,xml2StartParse,RewriteLog,RewriteLogLevel"];
449+ var CONFIG_OPTIONS = /^[\\+\\-]?(AuthConfig|IncludesNOEXEC|ExecCGI|FollowSymLinks|MultiViews|Includes|Indexes|SymLinksIfOwnerMatch)\b/i;
450+ var ALL_KEYWORDS = [
451+ CPP_KEYWORDS, CSHARP_KEYWORDS, JSCRIPT_KEYWORDS, PERL_KEYWORDS +
452+ PYTHON_KEYWORDS, RUBY_KEYWORDS, SH_KEYWORDS, CONFIG_KEYWORDS, PHP_KEYWORDS];
453+ var C_TYPES = /^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float|char|void|const|static|struct)\d*(_t)?\b)|[a-z_]+_rec|cmd_parms\b/;
454+
455+ // token style names. correspond to css classes
456+ /**
457+ * token style for a string literal
458+ * @const
459+ */
460+ var PR_STRING = 'str';
461+ /**
462+ * token style for a keyword
463+ * @const
464+ */
465+ var PR_KEYWORD = 'kwd';
466+ /**
467+ * token style for a comment
468+ * @const
469+ */
470+ var PR_COMMENT = 'com';
471+ /**
472+ * token style for a type
473+ * @const
474+ */
475+ var PR_TYPE = 'typ';
476+ /**
477+ * token style for a literal value. e.g. 1, null, true.
478+ * @const
479+ */
480+ var PR_LITERAL = 'lit';
481+ /**
482+ * token style for a punctuation string.
483+ * @const
484+ */
485+ var PR_PUNCTUATION = 'pun';
486+ /**
487+ * token style for plain text.
488+ * @const
489+ */
490+ var PR_PLAIN = 'pln';
491+
492+ /**
493+ * token style for an sgml tag.
494+ * @const
495+ */
496+ var PR_TAG = 'tag';
497+ /**
498+ * token style for a markup declaration such as a DOCTYPE.
499+ * @const
500+ */
501+ var PR_DECLARATION = 'dec';
502+ /**
503+ * token style for embedded source.
504+ * @const
505+ */
506+ var PR_SOURCE = 'src';
507+ /**
508+ * token style for an sgml attribute name.
509+ * @const
510+ */
511+ var PR_ATTRIB_NAME = 'atn';
512+ /**
513+ * token style for an sgml attribute value.
514+ * @const
515+ */
516+ var PR_ATTRIB_VALUE = 'atv';
517+
518+ /**
519+ * A class that indicates a section of markup that is not code, e.g. to allow
520+ * embedding of line numbers within code listings.
521+ * @const
522+ */
523+ var PR_NOCODE = 'nocode';
524+
525+
526+
527+/**
528+ * A set of tokens that can precede a regular expression literal in
529+ * javascript
530+ * http://web.archive.org/web/20070717142515/http://www.mozilla.org/js/language/js20/rationale/syntax.html
531+ * has the full list, but I've removed ones that might be problematic when
532+ * seen in languages that don't support regular expression literals.
533+ *
534+ * <p>Specifically, I've removed any keywords that can't precede a regexp
535+ * literal in a syntactically legal javascript program, and I've removed the
536+ * "in" keyword since it's not a keyword in many languages, and might be used
537+ * as a count of inches.
538+ *
539+ * <p>The link above does not accurately describe EcmaScript rules since
540+ * it fails to distinguish between (a=++/b/i) and (a++/b/i) but it works
541+ * very well in practice.
542+ *
543+ * @private
544+ * @const
545+ */
546+var REGEXP_PRECEDER_PATTERN = '(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*';
547+
548+// CAVEAT: this does not properly handle the case where a regular
549+// expression immediately follows another since a regular expression may
550+// have flags for case-sensitivity and the like. Having regexp tokens
551+// adjacent is not valid in any language I'm aware of, so I'm punting.
552+// TODO: maybe style special characters inside a regexp as punctuation.
553+
554+
555+ /**
556+ * Given a group of {@link RegExp}s, returns a {@code RegExp} that globally
557+ * matches the union of the sets of strings matched by the input RegExp.
558+ * Since it matches globally, if the input strings have a start-of-input
559+ * anchor (/^.../), it is ignored for the purposes of unioning.
560+ * @param {Array.<RegExp>} regexs non multiline, non-global regexs.
561+ * @return {RegExp} a global regex.
562+ */
563+ function combinePrefixPatterns(regexs) {
564+ var capturedGroupIndex = 0;
565+
566+ var needToFoldCase = false;
567+ var ignoreCase = false;
568+ for (var i = 0, n = regexs.length; i < n; ++i) {
569+ var regex = regexs[i];
570+ if (regex.ignoreCase) {
571+ ignoreCase = true;
572+ } else if (/[a-z]/i.test(regex.source.replace(
573+ /\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi, ''))) {
574+ needToFoldCase = true;
575+ ignoreCase = false;
576+ break;
577+ }
578+ }
579+
580+ var escapeCharToCodeUnit = {
581+ 'b': 8,
582+ 't': 9,
583+ 'n': 0xa,
584+ 'v': 0xb,
585+ 'f': 0xc,
586+ 'r': 0xd
587+ };
588+
589+ function decodeEscape(charsetPart) {
590+ var cc0 = charsetPart.charCodeAt(0);
591+ if (cc0 !== 92 /* \\ */) {
592+ return cc0;
593+ }
594+ var c1 = charsetPart.charAt(1);
595+ cc0 = escapeCharToCodeUnit[c1];
596+ if (cc0) {
597+ return cc0;
598+ } else if ('0' <= c1 && c1 <= '7') {
599+ return parseInt(charsetPart.substring(1), 8);
600+ } else if (c1 === 'u' || c1 === 'x') {
601+ return parseInt(charsetPart.substring(2), 16);
602+ } else {
603+ return charsetPart.charCodeAt(1);
604+ }
605+ }
606+
607+ function encodeEscape(charCode) {
608+ if (charCode < 0x20) {
609+ return (charCode < 0x10 ? '\\x0' : '\\x') + charCode.toString(16);
610+ }
611+ var ch = String.fromCharCode(charCode);
612+ return (ch === '\\' || ch === '-' || ch === ']' || ch === '^')
613+ ? "\\" + ch : ch;
614+ }
615+
616+ function caseFoldCharset(charSet) {
617+ var charsetParts = charSet.substring(1, charSet.length - 1).match(
618+ new RegExp(
619+ '\\\\u[0-9A-Fa-f]{4}'
620+ + '|\\\\x[0-9A-Fa-f]{2}'
621+ + '|\\\\[0-3][0-7]{0,2}'
622+ + '|\\\\[0-7]{1,2}'
623+ + '|\\\\[\\s\\S]'
624+ + '|-'
625+ + '|[^-\\\\]',
626+ 'g'));
627+ var ranges = [];
628+ var inverse = charsetParts[0] === '^';
629+
630+ var out = ['['];
631+ if (inverse) { out.push('^'); }
632+
633+ for (var i = inverse ? 1 : 0, n = charsetParts.length; i < n; ++i) {
634+ var p = charsetParts[i];
635+ if (/\\[bdsw]/i.test(p)) { // Don't muck with named groups.
636+ out.push(p);
637+ } else {
638+ var start = decodeEscape(p);
639+ var end;
640+ if (i + 2 < n && '-' === charsetParts[i + 1]) {
641+ end = decodeEscape(charsetParts[i + 2]);
642+ i += 2;
643+ } else {
644+ end = start;
645+ }
646+ ranges.push([start, end]);
647+ // If the range might intersect letters, then expand it.
648+ // This case handling is too simplistic.
649+ // It does not deal with non-latin case folding.
650+ // It works for latin source code identifiers though.
651+ if (!(end < 65 || start > 122)) {
652+ if (!(end < 65 || start > 90)) {
653+ ranges.push([Math.max(65, start) | 32, Math.min(end, 90) | 32]);
654+ }
655+ if (!(end < 97 || start > 122)) {
656+ ranges.push([Math.max(97, start) & ~32, Math.min(end, 122) & ~32]);
657+ }
658+ }
659+ }
660+ }
661+
662+ // [[1, 10], [3, 4], [8, 12], [14, 14], [16, 16], [17, 17]]
663+ // -> [[1, 12], [14, 14], [16, 17]]
664+ ranges.sort(function (a, b) { return (a[0] - b[0]) || (b[1] - a[1]); });
665+ var consolidatedRanges = [];
666+ var lastRange = [];
667+ for (var i = 0; i < ranges.length; ++i) {
668+ var range = ranges[i];
669+ if (range[0] <= lastRange[1] + 1) {
670+ lastRange[1] = Math.max(lastRange[1], range[1]);
671+ } else {
672+ consolidatedRanges.push(lastRange = range);
673+ }
674+ }
675+
676+ for (var i = 0; i < consolidatedRanges.length; ++i) {
677+ var range = consolidatedRanges[i];
678+ out.push(encodeEscape(range[0]));
679+ if (range[1] > range[0]) {
680+ if (range[1] + 1 > range[0]) { out.push('-'); }
681+ out.push(encodeEscape(range[1]));
682+ }
683+ }
684+ out.push(']');
685+ return out.join('');
686+ }
687+
688+ function allowAnywhereFoldCaseAndRenumberGroups(regex) {
689+ // Split into character sets, escape sequences, punctuation strings
690+ // like ('(', '(?:', ')', '^'), and runs of characters that do not
691+ // include any of the above.
692+ var parts = regex.source.match(
693+ new RegExp(
694+ '(?:'
695+ + '\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]' // a character set
696+ + '|\\\\u[A-Fa-f0-9]{4}' // a unicode escape
697+ + '|\\\\x[A-Fa-f0-9]{2}' // a hex escape
698+ + '|\\\\[0-9]+' // a back-reference or octal escape
699+ + '|\\\\[^ux0-9]' // other escape sequence
700+ + '|\\(\\?[:!=]' // start of a non-capturing group
701+ + '|[\\(\\)\\^]' // start/end of a group, or line start
702+ + '|[^\\x5B\\x5C\\(\\)\\^]+' // run of other characters
703+ + ')',
704+ 'g'));
705+ var n = parts.length;
706+
707+ // Maps captured group numbers to the number they will occupy in
708+ // the output or to -1 if that has not been determined, or to
709+ // undefined if they need not be capturing in the output.
710+ var capturedGroups = [];
711+
712+ // Walk over and identify back references to build the capturedGroups
713+ // mapping.
714+ for (var i = 0, groupIndex = 0; i < n; ++i) {
715+ var p = parts[i];
716+ if (p === '(') {
717+ // groups are 1-indexed, so max group index is count of '('
718+ ++groupIndex;
719+ } else if ('\\' === p.charAt(0)) {
720+ var decimalValue = +p.substring(1);
721+ if (decimalValue) {
722+ if (decimalValue <= groupIndex) {
723+ capturedGroups[decimalValue] = -1;
724+ } else {
725+ // Replace with an unambiguous escape sequence so that
726+ // an octal escape sequence does not turn into a backreference
727+ // to a capturing group from an earlier regex.
728+ parts[i] = encodeEscape(decimalValue);
729+ }
730+ }
731+ }
732+ }
733+
734+ // Renumber groups and reduce capturing groups to non-capturing groups
735+ // where possible.
736+ for (var i = 1; i < capturedGroups.length; ++i) {
737+ if (-1 === capturedGroups[i]) {
738+ capturedGroups[i] = ++capturedGroupIndex;
739+ }
740+ }
741+ for (var i = 0, groupIndex = 0; i < n; ++i) {
742+ var p = parts[i];
743+ if (p === '(') {
744+ ++groupIndex;
745+ if (!capturedGroups[groupIndex]) {
746+ parts[i] = '(?:';
747+ }
748+ } else if ('\\' === p.charAt(0)) {
749+ var decimalValue = +p.substring(1);
750+ if (decimalValue && decimalValue <= groupIndex) {
751+ parts[i] = '\\' + capturedGroups[decimalValue];
752+ }
753+ }
754+ }
755+
756+ // Remove any prefix anchors so that the output will match anywhere.
757+ // ^^ really does mean an anchored match though.
758+ for (var i = 0; i < n; ++i) {
759+ if ('^' === parts[i] && '^' !== parts[i + 1]) { parts[i] = ''; }
760+ }
761+
762+ // Expand letters to groups to handle mixing of case-sensitive and
763+ // case-insensitive patterns if necessary.
764+ if (regex.ignoreCase && needToFoldCase) {
765+ for (var i = 0; i < n; ++i) {
766+ var p = parts[i];
767+ var ch0 = p.charAt(0);
768+ if (p.length >= 2 && ch0 === '[') {
769+ parts[i] = caseFoldCharset(p);
770+ } else if (ch0 !== '\\') {
771+ // TODO: handle letters in numeric escapes.
772+ parts[i] = p.replace(
773+ /[a-zA-Z]/g,
774+ function (ch) {
775+ var cc = ch.charCodeAt(0);
776+ return '[' + String.fromCharCode(cc & ~32, cc | 32) + ']';
777+ });
778+ }
779+ }
780+ }
781+
782+ return parts.join('');
783+ }
784+
785+ var rewritten = [];
786+ for (var i = 0, n = regexs.length; i < n; ++i) {
787+ var regex = regexs[i];
788+ if (regex.global || regex.multiline) { throw new Error('' + regex); }
789+ rewritten.push(
790+ '(?:' + allowAnywhereFoldCaseAndRenumberGroups(regex) + ')');
791+ }
792+
793+ return new RegExp(rewritten.join('|'), ignoreCase ? 'gi' : 'g');
794+ }
795+
796+
797+ /**
798+ * Split markup into a string of source code and an array mapping ranges in
799+ * that string to the text nodes in which they appear.
800+ *
801+ * <p>
802+ * The HTML DOM structure:</p>
803+ * <pre>
804+ * (Element "p"
805+ * (Element "b"
806+ * (Text "print ")) ; #1
807+ * (Text "'Hello '") ; #2
808+ * (Element "br") ; #3
809+ * (Text " + 'World';")) ; #4
810+ * </pre>
811+ * <p>
812+ * corresponds to the HTML
813+ * {@code <p><b>print </b>'Hello '<br> + 'World';</p>}.</p>
814+ *
815+ * <p>
816+ * It will produce the output:</p>
817+ * <pre>
818+ * {
819+ * sourceCode: "print 'Hello '\n + 'World';",
820+ * // 1 2
821+ * // 012345678901234 5678901234567
822+ * spans: [0, #1, 6, #2, 14, #3, 15, #4]
823+ * }
824+ * </pre>
825+ * <p>
826+ * where #1 is a reference to the {@code "print "} text node above, and so
827+ * on for the other text nodes.
828+ * </p>
829+ *
830+ * <p>
831+ * The {@code} spans array is an array of pairs. Even elements are the start
832+ * indices of substrings, and odd elements are the text nodes (or BR elements)
833+ * that contain the text for those substrings.
834+ * Substrings continue until the next index or the end of the source.
835+ * </p>
836+ *
837+ * @param {Node} node an HTML DOM subtree containing source-code.
838+ * @param {boolean} isPreformatted true if white-space in text nodes should
839+ * be considered significant.
840+ * @return {Object} source code and the text nodes in which they occur.
841+ */
842+ function extractSourceSpans(node, isPreformatted) {
843+ var nocode = /(?:^|\s)nocode(?:\s|$)/;
844+
845+ var chunks = [];
846+ var length = 0;
847+ var spans = [];
848+ var k = 0;
849+
850+ function walk(node) {
851+ switch (node.nodeType) {
852+ case 1: // Element
853+ if (nocode.test(node.className)) { return; }
854+ for (var child = node.firstChild; child; child = child.nextSibling) {
855+ walk(child);
856+ }
857+ var nodeName = node.nodeName.toLowerCase();
858+ if ('br' === nodeName || 'li' === nodeName) {
859+ chunks[k] = '\n';
860+ spans[k << 1] = length++;
861+ spans[(k++ << 1) | 1] = node;
862+ }
863+ break;
864+ case 3: case 4: // Text
865+ var text = node.nodeValue;
866+ if (text.length) {
867+ if (!isPreformatted) {
868+ text = text.replace(/[ \t\r\n]+/g, ' ');
869+ } else {
870+ text = text.replace(/\r\n?/g, '\n'); // Normalize newlines.
871+ text = text.replace(/^(\r?\n\s*)+/g, ''); // Remove leading newlines
872+ text = text.replace(/^\s*/g, ''); // Remove leading spaces due to indented formatting
873+ text = text.replace(/(\r?\n\s*)+$/g, ''); // Remove ending newlines
874+
875+ }
876+ // TODO: handle tabs here?
877+ chunks[k] = text;
878+ spans[k << 1] = length;
879+ length += text.length;
880+ spans[(k++ << 1) | 1] = node;
881+ }
882+ break;
883+ }
884+ }
885+
886+ walk(node);
887+
888+ return {
889+ sourceCode: chunks.join('').replace(/\n$/, ''),
890+ spans: spans
891+ };
892+ }
893+
894+
895+ /**
896+ * Apply the given language handler to sourceCode and add the resulting
897+ * decorations to out.
898+ * @param {number} basePos the index of sourceCode within the chunk of source
899+ * whose decorations are already present on out.
900+ */
901+ function appendDecorations(basePos, sourceCode, langHandler, out) {
902+ if (!sourceCode) { return; }
903+ var job = {
904+ sourceCode: sourceCode,
905+ basePos: basePos
906+ };
907+ langHandler(job);
908+ out.push.apply(out, job.decorations);
909+ }
910+
911+ var notWs = /\S/;
912+
913+ /**
914+ * Given an element, if it contains only one child element and any text nodes
915+ * it contains contain only space characters, return the sole child element.
916+ * Otherwise returns undefined.
917+ * <p>
918+ * This is meant to return the CODE element in {@code <pre><code ...>} when
919+ * there is a single child element that contains all the non-space textual
920+ * content, but not to return anything where there are multiple child elements
921+ * as in {@code <pre><code>...</code><code>...</code></pre>} or when there
922+ * is textual content.
923+ */
924+ function childContentWrapper(element) {
925+ var wrapper = undefined;
926+ for (var c = element.firstChild; c; c = c.nextSibling) {
927+ var type = c.nodeType;
928+ wrapper = (type === 1) // Element Node
929+ ? (wrapper ? element : c)
930+ : (type === 3) // Text Node
931+ ? (notWs.test(c.nodeValue) ? element : wrapper)
932+ : wrapper;
933+ }
934+ return wrapper === element ? undefined : wrapper;
935+ }
936+
937+ /** Given triples of [style, pattern, context] returns a lexing function,
938+ * The lexing function interprets the patterns to find token boundaries and
939+ * returns a decoration list of the form
940+ * [index_0, style_0, index_1, style_1, ..., index_n, style_n]
941+ * where index_n is an index into the sourceCode, and style_n is a style
942+ * constant like PR_PLAIN. index_n-1 <= index_n, and style_n-1 applies to
943+ * all characters in sourceCode[index_n-1:index_n].
944+ *
945+ * The stylePatterns is a list whose elements have the form
946+ * [style : string, pattern : RegExp, DEPRECATED, shortcut : string].
947+ *
948+ * Style is a style constant like PR_PLAIN, or can be a string of the
949+ * form 'lang-FOO', where FOO is a language extension describing the
950+ * language of the portion of the token in $1 after pattern executes.
951+ * E.g., if style is 'lang-lisp', and group 1 contains the text
952+ * '(hello (world))', then that portion of the token will be passed to the
953+ * registered lisp handler for formatting.
954+ * The text before and after group 1 will be restyled using this decorator
955+ * so decorators should take care that this doesn't result in infinite
956+ * recursion. For example, the HTML lexer rule for SCRIPT elements looks
957+ * something like ['lang-js', /<[s]cript>(.+?)<\/script>/]. This may match
958+ * '<script>foo()<\/script>', which would cause the current decorator to
959+ * be called with '<script>' which would not match the same rule since
960+ * group 1 must not be empty, so it would be instead styled as PR_TAG by
961+ * the generic tag rule. The handler registered for the 'js' extension would
962+ * then be called with 'foo()', and finally, the current decorator would
963+ * be called with '<\/script>' which would not match the original rule and
964+ * so the generic tag rule would identify it as a tag.
965+ *
966+ * Pattern must only match prefixes, and if it matches a prefix, then that
967+ * match is considered a token with the same style.
968+ *
969+ * Context is applied to the last non-whitespace, non-comment token
970+ * recognized.
971+ *
972+ * Shortcut is an optional string of characters, any of which, if the first
973+ * character, gurantee that this pattern and only this pattern matches.
974+ *
975+ * @param {Array} shortcutStylePatterns patterns that always start with
976+ * a known character. Must have a shortcut string.
977+ * @param {Array} fallthroughStylePatterns patterns that will be tried in
978+ * order if the shortcut ones fail. May have shortcuts.
979+ *
980+ * @return {function (Object)} a
981+ * function that takes source code and returns a list of decorations.
982+ */
983+ function createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns) {
984+ var shortcuts = {};
985+ var tokenizer;
986+ (function () {
987+ var allPatterns = shortcutStylePatterns.concat(fallthroughStylePatterns);
988+ var allRegexs = [];
989+ var regexKeys = {};
990+ for (var i = 0, n = allPatterns.length; i < n; ++i) {
991+ var patternParts = allPatterns[i];
992+ var shortcutChars = patternParts[3];
993+ if (shortcutChars) {
994+ for (var c = shortcutChars.length; --c >= 0;) {
995+ shortcuts[shortcutChars.charAt(c)] = patternParts;
996+ }
997+ }
998+ var regex = patternParts[1];
999+ var k = '' + regex;
1000+ if (!regexKeys.hasOwnProperty(k)) {
1001+ allRegexs.push(regex);
1002+ regexKeys[k] = null;
1003+ }
1004+ }
1005+ allRegexs.push(/[\0-\uffff]/);
1006+ tokenizer = combinePrefixPatterns(allRegexs);
1007+ })();
1008+
1009+ var nPatterns = fallthroughStylePatterns.length;
1010+
1011+ /**
1012+ * Lexes job.sourceCode and produces an output array job.decorations of
1013+ * style classes preceded by the position at which they start in
1014+ * job.sourceCode in order.
1015+ *
1016+ * @param {Object} job an object like <pre>{
1017+ * sourceCode: {string} sourceText plain text,
1018+ * basePos: {int} position of job.sourceCode in the larger chunk of
1019+ * sourceCode.
1020+ * }</pre>
1021+ */
1022+ var decorate = function (job) {
1023+ var sourceCode = job.sourceCode, basePos = job.basePos;
1024+ /** Even entries are positions in source in ascending order. Odd enties
1025+ * are style markers (e.g., PR_COMMENT) that run from that position until
1026+ * the end.
1027+ * @type {Array.<number|string>}
1028+ */
1029+ var decorations = [basePos, PR_PLAIN];
1030+ var pos = 0; // index into sourceCode
1031+ var tokens = sourceCode.match(tokenizer) || [];
1032+ var styleCache = {};
1033+
1034+ for (var ti = 0, nTokens = tokens.length; ti < nTokens; ++ti) {
1035+ var token = tokens[ti];
1036+ var style = styleCache[token];
1037+ var match = void 0;
1038+
1039+ var isEmbedded;
1040+ if (typeof style === 'string') {
1041+ isEmbedded = false;
1042+ } else {
1043+ var patternParts = shortcuts[token.charAt(0)];
1044+ if (patternParts) {
1045+ match = token.match(patternParts[1]);
1046+ style = patternParts[0];
1047+ } else {
1048+ for (var i = 0; i < nPatterns; ++i) {
1049+ patternParts = fallthroughStylePatterns[i];
1050+ match = token.match(patternParts[1]);
1051+ if (match) {
1052+ style = patternParts[0];
1053+ break;
1054+ }
1055+ }
1056+
1057+ if (!match) { // make sure that we make progress
1058+ style = PR_PLAIN;
1059+ }
1060+ }
1061+
1062+ isEmbedded = style.length >= 5 && 'lang-' === style.substring(0, 5);
1063+ if (isEmbedded && !(match && typeof match[1] === 'string')) {
1064+ isEmbedded = false;
1065+ style = PR_SOURCE;
1066+ }
1067+
1068+ if (!isEmbedded) { styleCache[token] = style; }
1069+ }
1070+
1071+ var tokenStart = pos;
1072+ pos += token.length;
1073+
1074+ if (!isEmbedded) {
1075+ decorations.push(basePos + tokenStart, style);
1076+ } else { // Treat group 1 as an embedded block of source code.
1077+ var embeddedSource = match[1];
1078+ var embeddedSourceStart = token.indexOf(embeddedSource);
1079+ var embeddedSourceEnd = embeddedSourceStart + embeddedSource.length;
1080+ if (match[2]) {
1081+ // If embeddedSource can be blank, then it would match at the
1082+ // beginning which would cause us to infinitely recurse on the
1083+ // entire token, so we catch the right context in match[2].
1084+ embeddedSourceEnd = token.length - match[2].length;
1085+ embeddedSourceStart = embeddedSourceEnd - embeddedSource.length;
1086+ }
1087+ var lang = style.substring(5);
1088+ // Decorate the left of the embedded source
1089+ appendDecorations(
1090+ basePos + tokenStart,
1091+ token.substring(0, embeddedSourceStart),
1092+ decorate, decorations);
1093+ // Decorate the embedded source
1094+ appendDecorations(
1095+ basePos + tokenStart + embeddedSourceStart,
1096+ embeddedSource,
1097+ langHandlerForExtension(lang, embeddedSource),
1098+ decorations);
1099+ // Decorate the right of the embedded section
1100+ appendDecorations(
1101+ basePos + tokenStart + embeddedSourceEnd,
1102+ token.substring(embeddedSourceEnd),
1103+ decorate, decorations);
1104+ }
1105+ }
1106+ job.decorations = decorations;
1107+ };
1108+ return decorate;
1109+ }
1110+
1111+ /** returns a function that produces a list of decorations from source text.
1112+ *
1113+ * This code treats ", ', and ` as string delimiters, and \ as a string
1114+ * escape. It does not recognize perl's qq() style strings.
1115+ * It has no special handling for double delimiter escapes as in basic, or
1116+ * the tripled delimiters used in python, but should work on those regardless
1117+ * although in those cases a single string literal may be broken up into
1118+ * multiple adjacent string literals.
1119+ *
1120+ * It recognizes C, C++, and shell style comments.
1121+ *
1122+ * @param {Object} options a set of optional parameters.
1123+ * @return {function (Object)} a function that examines the source code
1124+ * in the input job and builds the decoration list.
1125+ */
1126+ function sourceDecorator(options) {
1127+ var shortcutStylePatterns = [], fallthroughStylePatterns = [];
1128+ if (options['tripleQuotedStrings']) {
1129+ // '''multi-line-string''', 'single-line-string', and double-quoted
1130+ shortcutStylePatterns.push(
1131+ [PR_STRING, /^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,
1132+ null, '\'"']);
1133+ } else if (options['multiLineStrings']) {
1134+ // 'multi-line-string', "multi-line-string"
1135+ shortcutStylePatterns.push(
1136+ [PR_STRING, /^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,
1137+ null, '\'"`']);
1138+ } else {
1139+ // 'single-line-string', "single-line-string"
1140+ shortcutStylePatterns.push(
1141+ [PR_STRING,
1142+ /^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,
1143+ null, '"\'']);
1144+ }
1145+ if (options['verbatimStrings']) {
1146+ // verbatim-string-literal production from the C# grammar. See issue 93.
1147+ fallthroughStylePatterns.push(
1148+ [PR_STRING, /^@\"(?:[^\"]|\"\")*(?:\"|$)/, null]);
1149+ }
1150+ var hc = options['hashComments'];
1151+ if (hc) {
1152+ if (options['cStyleComments']) {
1153+ if (hc > 1) { // multiline hash comments
1154+ shortcutStylePatterns.push(
1155+ [PR_COMMENT, /^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/, null, '#']);
1156+ } else {
1157+ // Stop C preprocessor declarations at an unclosed open comment
1158+ shortcutStylePatterns.push(
1159+ [PR_COMMENT, /^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\r\n]*)/,
1160+ null, '#']);
1161+ }
1162+ // #include <stdio.h>
1163+ fallthroughStylePatterns.push(
1164+ [PR_STRING,
1165+ /^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,
1166+ null]);
1167+ } else {
1168+ shortcutStylePatterns.push([PR_COMMENT, /^#[^\r\n]*/, null, '#']);
1169+ }
1170+ }
1171+ if (options['cStyleComments']) {
1172+ fallthroughStylePatterns.push([PR_COMMENT, /^\/\/[^\r\n]*/, null]);
1173+ fallthroughStylePatterns.push(
1174+ [PR_COMMENT, /^\/\*[\s\S]*?(?:\*\/|$)/, null]);
1175+ }
1176+ if (options['regexLiterals']) {
1177+ /**
1178+ * @const
1179+ */
1180+ var REGEX_LITERAL = (
1181+ // A regular expression literal starts with a slash that is
1182+ // not followed by * or / so that it is not confused with
1183+ // comments.
1184+ '/(?=[^/*])'
1185+ // and then contains any number of raw characters,
1186+ + '(?:[^/\\x5B\\x5C]'
1187+ // escape sequences (\x5C),
1188+ + '|\\x5C[\\s\\S]'
1189+ // or non-nesting character sets (\x5B\x5D);
1190+ + '|\\x5B(?:[^\\x5C\\x5D]|\\x5C[\\s\\S])*(?:\\x5D|$))+'
1191+ // finally closed by a /.
1192+ + '/');
1193+ fallthroughStylePatterns.push(
1194+ ['lang-regex',
1195+ new RegExp('^' + REGEXP_PRECEDER_PATTERN + '(' + REGEX_LITERAL + ')')
1196+ ]);
1197+ }
1198+
1199+ var types = options['types'];
1200+ if (types) {
1201+ fallthroughStylePatterns.push([PR_TYPE, types]);
1202+ }
1203+
1204+ if (options['strings']) {
1205+ var strings = ("" + options['strings']).replace(/^ | $/g, '').replace(/-/g, '\\-');
1206+ fallthroughStylePatterns.push(
1207+ [PR_STRING,
1208+ new RegExp('(?:' + strings.replace(/[\s,]+/g, '|') + ')'),
1209+ , null]
1210+ );
1211+ }
1212+
1213+ var keywords = ("" + options['keywords']).replace(/^ | $/g, '');
1214+ if (keywords.length) {
1215+ fallthroughStylePatterns.push(
1216+ [PR_KEYWORD,
1217+ new RegExp('^(?:' + keywords.replace(/[\s,]+/g, '|') + ')\\b'),
1218+ null]);
1219+ }
1220+
1221+ shortcutStylePatterns.push([PR_PLAIN, /^\s+/, null, ' \r\n\t\xA0']);
1222+ if (options['httpdComments']) {
1223+ fallthroughStylePatterns.push(
1224+ [PR_PLAIN, /^.*\S.*#/i, null]
1225+ );
1226+ }
1227+
1228+ fallthroughStylePatterns.push(
1229+ // TODO(mikesamuel): recognize non-latin letters and numerals in idents
1230+ [PR_LITERAL, /^@[a-z_$][a-z_$@0-9]*|\bNULL\b/i, null],
1231+ [PR_LITERAL, CONFIG_OPTIONS, null],
1232+ //[PR_STRING, CONFIG_ENVS, null],
1233+ [PR_TAG, /^\b(AuthzProviderAlias|AuthnProviderAlias|RequireAny|RequireAll|RequireNone|Directory|DirectoryMatch|Location|LocationMatch|VirtualHost|If|Else|ElseIf|Proxy\b|LoadBalancer|Files|FilesMatch|Limit|LimitExcept|IfDefine|IfModule|IfVersion)\b/, null],
1234+ [PR_TYPE, /^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_(t|req|module)\b)/, null],
1235+ [PR_TAG, /^apr_[a-z_0-9]+|ap_[a-z_0-9]+/i, null],
1236+ [PR_PLAIN, /^[a-z_$][a-z_$@0-9\-]*/i, null],
1237+ [PR_LITERAL,
1238+ new RegExp(
1239+ '^(?:'
1240+ // A hex number
1241+ + '0x[a-f0-9]+'
1242+ // An IPv6 Address
1243+ + '|[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+'
1244+ // or an octal or decimal number,
1245+ + '|(?:\\d(?:_\\d+)*\\d*(?:\\.\\d*)?|\\.\\d\\+)'
1246+ // possibly in scientific notation
1247+ + '(?:e[+\\-]?\\d+)?'
1248+ + ')'
1249+ // with an optional modifier like UL for unsigned long
1250+ + '[a-z]*', 'i'),
1251+ null, '0123456789'],
1252+ // Don't treat escaped quotes in bash as starting strings. See issue 144.
1253+ [PR_PLAIN, /^\\[\s\S]?/, null],
1254+ [PR_PUNCTUATION, /^.[^\s\w\.$@\'\"\`\/\#\\]*/, null]);
1255+
1256+ return createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns);
1257+ }
1258+
1259+ var decorateSource = sourceDecorator({
1260+ 'keywords': ALL_KEYWORDS,
1261+ 'hashComments': true,
1262+ 'cStyleComments': true,
1263+ 'multiLineStrings': true,
1264+ 'regexLiterals': true
1265+ });
1266+
1267+ /**
1268+ * Given a DOM subtree, wraps it in a list, and puts each line into its own
1269+ * list item.
1270+ *
1271+ * @param {Node} node modified in place. Its content is pulled into an
1272+ * HTMLOListElement, and each line is moved into a separate list item.
1273+ * This requires cloning elements, so the input might not have unique
1274+ * IDs after numbering.
1275+ * @param {boolean} isPreformatted true iff white-space in text nodes should
1276+ * be treated as significant.
1277+ */
1278+ function numberLines(node, opt_startLineNum, isPreformatted) {
1279+ var nocode = /(?:^|\s)nocode(?:\s|$)/;
1280+ var lineBreak = /\r\n?|\n/;
1281+
1282+ var document = node.ownerDocument;
1283+
1284+ var li = document.createElement('li');
1285+ while (node.firstChild) {
1286+ li.appendChild(node.firstChild);
1287+ }
1288+ // An array of lines. We split below, so this is initialized to one
1289+ // un-split line.
1290+ var listItems = [li];
1291+
1292+ function walk(node) {
1293+ switch (node.nodeType) {
1294+ case 1: // Element
1295+ if (nocode.test(node.className)) { break; }
1296+ if ('br' === node.nodeName) {
1297+ breakAfter(node);
1298+ // Discard the <BR> since it is now flush against a </LI>.
1299+ if (node.parentNode) {
1300+ node.parentNode.removeChild(node);
1301+ }
1302+ } else {
1303+ for (var child = node.firstChild; child; child = child.nextSibling) {
1304+ walk(child);
1305+ }
1306+ }
1307+ break;
1308+ case 3: case 4: // Text
1309+ if (isPreformatted) {
1310+ var text = node.nodeValue;
1311+ var match = text.match(lineBreak);
1312+ if (match) {
1313+ var firstLine = text.substring(0, match.index);
1314+ node.nodeValue = firstLine;
1315+ var tail = text.substring(match.index + match[0].length);
1316+ if (tail) {
1317+ var parent = node.parentNode;
1318+ parent.insertBefore(
1319+ document.createTextNode(tail), node.nextSibling);
1320+ }
1321+ breakAfter(node);
1322+ if (!firstLine) {
1323+ // Don't leave blank text nodes in the DOM.
1324+ node.parentNode.removeChild(node);
1325+ }
1326+ }
1327+ }
1328+ break;
1329+ }
1330+ }
1331+
1332+ // Split a line after the given node.
1333+ function breakAfter(lineEndNode) {
1334+ // If there's nothing to the right, then we can skip ending the line
1335+ // here, and move root-wards since splitting just before an end-tag
1336+ // would require us to create a bunch of empty copies.
1337+ while (!lineEndNode.nextSibling) {
1338+ lineEndNode = lineEndNode.parentNode;
1339+ if (!lineEndNode) { return; }
1340+ }
1341+
1342+ function breakLeftOf(limit, copy) {
1343+ // Clone shallowly if this node needs to be on both sides of the break.
1344+ var rightSide = copy ? limit.cloneNode(false) : limit;
1345+ var parent = limit.parentNode;
1346+ if (parent) {
1347+ // We clone the parent chain.
1348+ // This helps us resurrect important styling elements that cross lines.
1349+ // E.g. in <i>Foo<br>Bar</i>
1350+ // should be rewritten to <li><i>Foo</i></li><li><i>Bar</i></li>.
1351+ var parentClone = breakLeftOf(parent, 1);
1352+ // Move the clone and everything to the right of the original
1353+ // onto the cloned parent.
1354+ var next = limit.nextSibling;
1355+ parentClone.appendChild(rightSide);
1356+ for (var sibling = next; sibling; sibling = next) {
1357+ next = sibling.nextSibling;
1358+ parentClone.appendChild(sibling);
1359+ }
1360+ }
1361+ return rightSide;
1362+ }
1363+
1364+ var copiedListItem = breakLeftOf(lineEndNode.nextSibling, 0);
1365+
1366+ // Walk the parent chain until we reach an unattached LI.
1367+ for (var parent;
1368+ // Check nodeType since IE invents document fragments.
1369+ (parent = copiedListItem.parentNode) && parent.nodeType === 1;) {
1370+ copiedListItem = parent;
1371+ }
1372+ // Put it on the list of lines for later processing.
1373+ listItems.push(copiedListItem);
1374+ }
1375+
1376+ // Split lines while there are lines left to split.
1377+ for (var i = 0; // Number of lines that have been split so far.
1378+ i < listItems.length; // length updated by breakAfter calls.
1379+ ++i) {
1380+ walk(listItems[i]);
1381+ }
1382+
1383+ // Make sure numeric indices show correctly.
1384+ if (opt_startLineNum === (opt_startLineNum|0)) {
1385+ listItems[0].setAttribute('value', opt_startLineNum);
1386+ }
1387+
1388+ var ol = document.createElement('ol');
1389+ ol.className = 'linenums';
1390+ var offset = Math.max(0, ((opt_startLineNum - 1 /* zero index */)) | 0) || 0;
1391+ for (var i = 0, n = listItems.length; i < n; ++i) {
1392+ li = listItems[i];
1393+ // Stick a class on the LIs so that stylesheets can
1394+ // color odd/even rows, or any other row pattern that
1395+ // is co-prime with 10.
1396+ li.className = 'L' + ((i + offset) % 1);
1397+ if (!li.firstChild) {
1398+ li.appendChild(document.createTextNode('\xA0'));
1399+ }
1400+ ol.appendChild(li);
1401+ }
1402+
1403+ node.appendChild(ol);
1404+ }
1405+
1406+ /**
1407+ * Breaks {@code job.sourceCode} around style boundaries in
1408+ * {@code job.decorations} and modifies {@code job.sourceNode} in place.
1409+ * @param {Object} job like <pre>{
1410+ * sourceCode: {string} source as plain text,
1411+ * spans: {Array.<number|Node>} alternating span start indices into source
1412+ * and the text node or element (e.g. {@code <BR>}) corresponding to that
1413+ * span.
1414+ * decorations: {Array.<number|string} an array of style classes preceded
1415+ * by the position at which they start in job.sourceCode in order
1416+ * }</pre>
1417+ * @private
1418+ */
1419+ function recombineTagsAndDecorations(job) {
1420+ var isIE8OrEarlier = /\bMSIE\s(\d+)/.exec(navigator.userAgent);
1421+ isIE8OrEarlier = isIE8OrEarlier && +isIE8OrEarlier[1] <= 8;
1422+ var newlineRe = /\n/g;
1423+
1424+ var source = job.sourceCode;
1425+ var sourceLength = source.length;
1426+ // Index into source after the last code-unit recombined.
1427+ var sourceIndex = 0;
1428+
1429+ var spans = job.spans;
1430+ var nSpans = spans.length;
1431+ // Index into spans after the last span which ends at or before sourceIndex.
1432+ var spanIndex = 0;
1433+
1434+ var decorations = job.decorations;
1435+ var nDecorations = decorations.length;
1436+ // Index into decorations after the last decoration which ends at or before
1437+ // sourceIndex.
1438+ var decorationIndex = 0;
1439+
1440+ // Remove all zero-length decorations.
1441+ decorations[nDecorations] = sourceLength;
1442+ var decPos, i;
1443+ for (i = decPos = 0; i < nDecorations;) {
1444+ if (decorations[i] !== decorations[i + 2]) {
1445+ decorations[decPos++] = decorations[i++];
1446+ decorations[decPos++] = decorations[i++];
1447+ } else {
1448+ i += 2;
1449+ }
1450+ }
1451+ nDecorations = decPos;
1452+
1453+ // Simplify decorations.
1454+ for (i = decPos = 0; i < nDecorations;) {
1455+ var startPos = decorations[i];
1456+ // Conflate all adjacent decorations that use the same style.
1457+ var startDec = decorations[i + 1];
1458+ var end = i + 2;
1459+ while (end + 2 <= nDecorations && decorations[end + 1] === startDec) {
1460+ end += 2;
1461+ }
1462+ decorations[decPos++] = startPos;
1463+ decorations[decPos++] = startDec;
1464+ i = end;
1465+ }
1466+
1467+ nDecorations = decorations.length = decPos;
1468+
1469+ var sourceNode = job.sourceNode;
1470+ var oldDisplay;
1471+ if (sourceNode) {
1472+ oldDisplay = sourceNode.style.display;
1473+ sourceNode.style.display = 'none';
1474+ }
1475+ try {
1476+ var decoration = null;
1477+ var X = 0;
1478+ while (spanIndex < nSpans) {
1479+ X = X + 1;
1480+ if (X > 5000) { break; }
1481+ var spanStart = spans[spanIndex];
1482+ var spanEnd = spans[spanIndex + 2] || sourceLength;
1483+
1484+ var decEnd = decorations[decorationIndex + 2] || sourceLength;
1485+
1486+ var end = Math.min(spanEnd, decEnd);
1487+
1488+ var textNode = spans[spanIndex + 1];
1489+ var styledText;
1490+ if (textNode.nodeType !== 1 // Don't muck with <BR>s or <LI>s
1491+ // Don't introduce spans around empty text nodes.
1492+ && (styledText = source.substring(sourceIndex, end))) {
1493+ // This may seem bizarre, and it is. Emitting LF on IE causes the
1494+ // code to display with spaces instead of line breaks.
1495+ // Emitting Windows standard issue linebreaks (CRLF) causes a blank
1496+ // space to appear at the beginning of every line but the first.
1497+ // Emitting an old Mac OS 9 line separator makes everything spiffy.
1498+ if (isIE8OrEarlier) {
1499+ styledText = styledText.replace(newlineRe, '\r');
1500+ }
1501+ textNode.nodeValue = styledText;
1502+ var document = textNode.ownerDocument;
1503+ var span = document.createElement('span');
1504+ span.className = decorations[decorationIndex + 1];
1505+ var parentNode = textNode.parentNode;
1506+ parentNode.replaceChild(span, textNode);
1507+ span.appendChild(textNode);
1508+ if (sourceIndex < spanEnd) { // Split off a text node.
1509+ spans[spanIndex + 1] = textNode
1510+ // TODO: Possibly optimize by using '' if there's no flicker.
1511+ = document.createTextNode(source.substring(end, spanEnd));
1512+ parentNode.insertBefore(textNode, span.nextSibling);
1513+ }
1514+ }
1515+
1516+ sourceIndex = end;
1517+
1518+ if (sourceIndex >= spanEnd) {
1519+ spanIndex += 2;
1520+ }
1521+ if (sourceIndex >= decEnd) {
1522+ decorationIndex += 2;
1523+ }
1524+ }
1525+ } finally {
1526+ if (sourceNode) {
1527+ sourceNode.style.display = oldDisplay;
1528+ }
1529+ }
1530+ }
1531+
1532+
1533+ /** Maps language-specific file extensions to handlers. */
1534+ var langHandlerRegistry = {};
1535+ /** Register a language handler for the given file extensions.
1536+ * @param {function (Object)} handler a function from source code to a list
1537+ * of decorations. Takes a single argument job which describes the
1538+ * state of the computation. The single parameter has the form
1539+ * {@code {
1540+ * sourceCode: {string} as plain text.
1541+ * decorations: {Array.<number|string>} an array of style classes
1542+ * preceded by the position at which they start in
1543+ * job.sourceCode in order.
1544+ * The language handler should assigned this field.
1545+ * basePos: {int} the position of source in the larger source chunk.
1546+ * All positions in the output decorations array are relative
1547+ * to the larger source chunk.
1548+ * } }
1549+ * @param {Array.<string>} fileExtensions
1550+ */
1551+ function registerLangHandler(handler, fileExtensions) {
1552+ for (var i = fileExtensions.length; --i >= 0;) {
1553+ var ext = fileExtensions[i];
1554+ if (!langHandlerRegistry.hasOwnProperty(ext)) {
1555+ langHandlerRegistry[ext] = handler;
1556+ } else if (win['console']) {
1557+ console['warn']('cannot override language handler %s', ext);
1558+ }
1559+ }
1560+ }
1561+ function langHandlerForExtension(extension, source) {
1562+ if (!(extension && langHandlerRegistry.hasOwnProperty(extension))) {
1563+ // Treat it as markup if the first non whitespace character is a < and
1564+ // the last non-whitespace character is a >.
1565+ extension = /^\s*</.test(source)
1566+ ? 'default-markup'
1567+ : 'default-code';
1568+ }
1569+ return langHandlerRegistry[extension];
1570+ }
1571+ registerLangHandler(decorateSource, ['default-code']);
1572+ registerLangHandler(
1573+ createSimpleLexer(
1574+ [],
1575+ [
1576+ [PR_PLAIN, /^[^<?]+/],
1577+ [PR_DECLARATION, /^<!\w[^>]*(?:>|$)/],
1578+ [PR_COMMENT, /^<\!--[\s\S]*?(?:-\->|$)/],
1579+ // Unescaped content in an unknown language
1580+ ['lang-', /^<\?([\s\S]+?)(?:\?>|$)/],
1581+ ['lang-', /^<%([\s\S]+?)(?:%>|$)/],
1582+ [PR_PUNCTUATION, /^(?:<[%?]|[%?]>)/],
1583+ ['lang-', /^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],
1584+ // Unescaped content in javascript. (Or possibly vbscript).
1585+ ['lang-js', /^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],
1586+ // Contains unescaped stylesheet content
1587+ ['lang-css', /^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],
1588+ ['lang-in.tag', /^(<\/?[a-z][^<>]*>)/i]
1589+ ]),
1590+ ['default-markup', 'htm', 'html', 'mxml', 'xhtml', 'xml', 'xsl']);
1591+ registerLangHandler(
1592+ createSimpleLexer(
1593+ [
1594+ [PR_PLAIN, /^[\s]+/, null, ' \t\r\n'],
1595+ [PR_ATTRIB_VALUE, /^(?:\"[^\"]*\"?|\'[^\']*\'?)/, null, '\"\'']
1596+ ],
1597+ [
1598+ [PR_TAG, /^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],
1599+ [PR_ATTRIB_NAME, /^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],
1600+ ['lang-uq.val', /^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],
1601+ [PR_PUNCTUATION, /^[=<>\/]+/],
1602+ ['lang-js', /^on\w+\s*=\s*\"([^\"]+)\"/i],
1603+ ['lang-js', /^on\w+\s*=\s*\'([^\']+)\'/i],
1604+ ['lang-js', /^on\w+\s*=\s*([^\"\'>\s]+)/i],
1605+ ['lang-css', /^style\s*=\s*\"([^\"]+)\"/i],
1606+ ['lang-css', /^style\s*=\s*\'([^\']+)\'/i],
1607+ ['lang-css', /^style\s*=\s*([^\"\'>\s]+)/i]
1608+ ]),
1609+ ['in.tag']);
1610+ registerLangHandler(
1611+ createSimpleLexer([], [[PR_ATTRIB_VALUE, /^[\s\S]+/]]), ['uq.val']);
1612+ registerLangHandler(sourceDecorator({
1613+ 'keywords': CPP_KEYWORDS,
1614+ 'hashComments': true,
1615+ 'cStyleComments': true,
1616+ 'types': C_TYPES
1617+ }), ['c', 'cc', 'cpp', 'cxx', 'cyc', 'm']);
1618+ registerLangHandler(sourceDecorator({
1619+ 'keywords': PHP_KEYWORDS,
1620+ 'hashComments': false,
1621+ 'cStyleComments': true,
1622+ 'multiLineStrings': true,
1623+ 'regexLiterals': true
1624+// 'types': C_TYPES,
1625+ }), ['php', 'phtml', 'inc']);
1626+ registerLangHandler(sourceDecorator({
1627+ 'keywords': 'null,true,false'
1628+ }), ['json']);
1629+ registerLangHandler(sourceDecorator({
1630+ 'keywords': CSHARP_KEYWORDS,
1631+ 'hashComments': true,
1632+ 'cStyleComments': true,
1633+ 'verbatimStrings': true,
1634+ 'types': C_TYPES
1635+ }), ['cs']);
1636+ registerLangHandler(sourceDecorator({
1637+ 'keywords': JAVA_KEYWORDS,
1638+ 'cStyleComments': true
1639+ }), ['java']);
1640+ registerLangHandler(sourceDecorator({
1641+ 'keywords': SH_KEYWORDS,
1642+ 'hashComments': true,
1643+ 'multiLineStrings': true
1644+ }), ['bsh', 'csh', 'sh']);
1645+ registerLangHandler(sourceDecorator({
1646+ 'keywords': PYTHON_KEYWORDS,
1647+ 'hashComments': true,
1648+ 'multiLineStrings': true,
1649+ 'tripleQuotedStrings': true
1650+ }), ['cv', 'py']);
1651+ registerLangHandler(sourceDecorator({
1652+ 'keywords': PERL_KEYWORDS,
1653+ 'hashComments': true,
1654+ 'multiLineStrings': true,
1655+ 'regexLiterals': true
1656+ }), ['perl', 'pl', 'pm']);
1657+ registerLangHandler(sourceDecorator({
1658+ 'keywords': RUBY_KEYWORDS,
1659+ 'hashComments': true,
1660+ 'multiLineStrings': true,
1661+ 'regexLiterals': true
1662+ }), ['rb']);
1663+ registerLangHandler(sourceDecorator({
1664+ 'keywords': JSCRIPT_KEYWORDS,
1665+ 'cStyleComments': true,
1666+ 'regexLiterals': true
1667+ }), ['js']);
1668+ registerLangHandler(sourceDecorator({
1669+ 'keywords': COFFEE_KEYWORDS,
1670+ 'hashComments': 3, // ### style block comments
1671+ 'cStyleComments': true,
1672+ 'multilineStrings': true,
1673+ 'tripleQuotedStrings': true,
1674+ 'regexLiterals': true
1675+ }), ['coffee']);
1676+ registerLangHandler(
1677+ createSimpleLexer([], [[PR_STRING, /^[\s\S]+/]]), ['regex']);
1678+ registerLangHandler(sourceDecorator({
1679+ 'keywords': CONFIG_KEYWORDS,
1680+ 'literals': CONFIG_OPTIONS,
1681+ 'strings': CONFIG_ENVS,
1682+ 'hashComments': true,
1683+ 'cStyleComments': false,
1684+ 'multiLineStrings': false,
1685+ 'regexLiterals': false,
1686+ 'httpdComments': true
1687+ }), ['config']);
1688+
1689+ function applyDecorator(job) {
1690+ var opt_langExtension = job.langExtension;
1691+
1692+ try {
1693+ // Extract tags, and convert the source code to plain text.
1694+ var sourceAndSpans = extractSourceSpans(job.sourceNode, job.pre);
1695+ /** Plain text. @type {string} */
1696+ var source = sourceAndSpans.sourceCode;
1697+ job.sourceCode = source;
1698+ job.spans = sourceAndSpans.spans;
1699+ job.basePos = 0;
1700+
1701+ // Apply the appropriate language handler
1702+ langHandlerForExtension(opt_langExtension, source)(job);
1703+
1704+ // Integrate the decorations and tags back into the source code,
1705+ // modifying the sourceNode in place.
1706+ recombineTagsAndDecorations(job);
1707+ } catch (e) {
1708+ if (win['console']) {
1709+ console['log'](e && e['stack'] ? e['stack'] : e);
1710+ }
1711+ }
1712+ }
1713+
1714+ /**
1715+ * @param sourceCodeHtml {string} The HTML to pretty print.
1716+ * @param opt_langExtension {string} The language name to use.
1717+ * Typically, a filename extension like 'cpp' or 'java'.
1718+ * @param opt_numberLines {number|boolean} True to number lines,
1719+ * or the 1-indexed number of the first line in sourceCodeHtml.
1720+ */
1721+ function prettyPrintOne(sourceCodeHtml, opt_langExtension, opt_numberLines) {
1722+ var container = document.createElement('pre');
1723+ // This could cause images to load and onload listeners to fire.
1724+ // E.g. <img onerror="alert(1337)" src="nosuchimage.png">.
1725+ // We assume that the inner HTML is from a trusted source.
1726+ container.innerHTML = sourceCodeHtml;
1727+ if (opt_numberLines) {
1728+ numberLines(container, opt_numberLines, true);
1729+ }
1730+
1731+ var job = {
1732+ langExtension: opt_langExtension,
1733+ numberLines: opt_numberLines,
1734+ sourceNode: container,
1735+ pre: 1
1736+ };
1737+ applyDecorator(job);
1738+ return container.innerHTML;
1739+ }
1740+
1741+ function prettyPrint(opt_whenDone) {
1742+ function byTagName(tn) { return document.getElementsByTagName(tn); }
1743+ // fetch a list of nodes to rewrite
1744+ var codeSegments = [byTagName('pre'), byTagName('code'), byTagName('xmp')];
1745+ var elements = [];
1746+ for (var i = 0; i < codeSegments.length; ++i) {
1747+ for (var j = 0, n = codeSegments[i].length; j < n; ++j) {
1748+ elements.push(codeSegments[i][j]);
1749+ }
1750+ }
1751+ codeSegments = null;
1752+
1753+ var clock = Date;
1754+ if (!clock['now']) {
1755+ clock = { 'now': function () { return +(new Date); } };
1756+ }
1757+
1758+ // The loop is broken into a series of continuations to make sure that we
1759+ // don't make the browser unresponsive when rewriting a large page.
1760+ var k = 0;
1761+ var prettyPrintingJob;
1762+
1763+ var langExtensionRe = /\blang(?:uage)?-([\w.]+)(?!\S)/;
1764+ var prettyPrintRe = /\bprettyprint\b/;
1765+ var prettyPrintedRe = /\bprettyprinted\b/;
1766+ var preformattedTagNameRe = /pre|xmp/i;
1767+ var codeRe = /^code$/i;
1768+ var preCodeXmpRe = /^(?:pre|code|xmp)$/i;
1769+
1770+ function doWork() {
1771+ var endTime = (win['PR_SHOULD_USE_CONTINUATION'] ?
1772+ clock['now']() + 250 /* ms */ :
1773+ Infinity);
1774+ for (; k < elements.length && clock['now']() < endTime; k++) {
1775+ var cs = elements[k];
1776+ var className = cs.className;
1777+ if (prettyPrintRe.test(className)
1778+ // Don't redo this if we've already done it.
1779+ // This allows recalling pretty print to just prettyprint elements
1780+ // that have been added to the page since last call.
1781+ && !prettyPrintedRe.test(className)) {
1782+
1783+ // make sure this is not nested in an already prettified element
1784+ var nested = false;
1785+ for (var p = cs.parentNode; p; p = p.parentNode) {
1786+ var tn = p.tagName;
1787+ if (preCodeXmpRe.test(tn)
1788+ && p.className && prettyPrintRe.test(p.className)) {
1789+ nested = true;
1790+ break;
1791+ }
1792+ }
1793+ if (!nested) {
1794+ // Mark done. If we fail to prettyprint for whatever reason,
1795+ // we shouldn't try again.
1796+ cs.className += ' prettyprinted';
1797+
1798+ // If the classes includes a language extensions, use it.
1799+ // Language extensions can be specified like
1800+ // <pre class="prettyprint lang-cpp">
1801+ // the language extension "cpp" is used to find a language handler
1802+ // as passed to PR.registerLangHandler.
1803+ // HTML5 recommends that a language be specified using "language-"
1804+ // as the prefix instead. Google Code Prettify supports both.
1805+ // http://dev.w3.org/html5/spec-author-view/the-code-element.html
1806+ var langExtension = className.match(langExtensionRe);
1807+ // Support <pre class="prettyprint"><code class="language-c">
1808+ var wrapper;
1809+ if (!langExtension && (wrapper = childContentWrapper(cs))
1810+ && codeRe.test(wrapper.tagName)) {
1811+ langExtension = wrapper.className.match(langExtensionRe);
1812+ }
1813+
1814+ if (langExtension) { langExtension = langExtension[1]; }
1815+
1816+ var preformatted;
1817+ if (preformattedTagNameRe.test(cs.tagName)) {
1818+ preformatted = 1;
1819+ } else {
1820+ var currentStyle = cs['currentStyle'];
1821+ var whitespace = (
1822+ currentStyle
1823+ ? currentStyle['whiteSpace']
1824+ : (document.defaultView
1825+ && document.defaultView.getComputedStyle)
1826+ ? document.defaultView.getComputedStyle(cs, null)
1827+ .getPropertyValue('white-space')
1828+ : 0);
1829+ preformatted = whitespace
1830+ && 'pre' === whitespace.substring(0, 3);
1831+ }
1832+
1833+ // Look for a class like linenums or linenums:<n> where <n> is the
1834+ // 1-indexed number of the first line.
1835+ var lineNums = cs.className.match(/\blinenums\b(?::(\d+))?/);
1836+ lineNums = lineNums
1837+ ? lineNums[1] && lineNums[1].length ? +lineNums[1] : true
1838+ : false;
1839+ if (lineNums) { numberLines(cs, lineNums, preformatted); }
1840+
1841+ // do the pretty printing
1842+ prettyPrintingJob = {
1843+ langExtension: langExtension,
1844+ sourceNode: cs,
1845+ numberLines: lineNums,
1846+ pre: preformatted
1847+ };
1848+ applyDecorator(prettyPrintingJob);
1849+ }
1850+ }
1851+ }
1852+ if (k < elements.length) {
1853+ // finish up in a continuation
1854+ setTimeout(doWork, 250);
1855+ } else if (opt_whenDone) {
1856+ opt_whenDone();
1857+ }
1858+ }
1859+
1860+ doWork();
1861+ }
1862+
1863+ /**
1864+ * Contains functions for creating and registering new language handlers.
1865+ * @type {Object}
1866+ */
1867+ var PR = win['PR'] = {
1868+ 'createSimpleLexer': createSimpleLexer,
1869+ 'registerLangHandler': registerLangHandler,
1870+ 'sourceDecorator': sourceDecorator,
1871+ 'PR_ATTRIB_NAME': PR_ATTRIB_NAME,
1872+ 'PR_ATTRIB_VALUE': PR_ATTRIB_VALUE,
1873+ 'PR_COMMENT': PR_COMMENT,
1874+ 'PR_DECLARATION': PR_DECLARATION,
1875+ 'PR_KEYWORD': PR_KEYWORD,
1876+ 'PR_LITERAL': PR_LITERAL,
1877+ 'PR_NOCODE': PR_NOCODE,
1878+ 'PR_PLAIN': PR_PLAIN,
1879+ 'PR_PUNCTUATION': PR_PUNCTUATION,
1880+ 'PR_SOURCE': PR_SOURCE,
1881+ 'PR_STRING': PR_STRING,
1882+ 'PR_TAG': PR_TAG,
1883+ 'PR_TYPE': PR_TYPE,
1884+ 'prettyPrintOne': win['prettyPrintOne'] = prettyPrintOne,
1885+ 'prettyPrint': win['prettyPrint'] = prettyPrint
1886+ };
1887+
1888+
1889+/* Register Lua syntaxes */
1890+ PR['registerLangHandler'](
1891+ PR['createSimpleLexer'](
1892+ [
1893+ // Whitespace
1894+ [PR['PR_PLAIN'], /^[\t\n\r \xA0]+/, null, '\t\n\r \xA0'],
1895+ // A double or single quoted, possibly multi-line, string.
1896+ [PR['PR_STRING'], /^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/, null, '"\'']
1897+ ],
1898+ [
1899+ // A comment is either a line comment that starts with two dashes, or
1900+ // two dashes preceding a long bracketed block.
1901+ [PR['PR_COMMENT'], /^--(?:\[(=*)\[[\s\S]*?(?:\]\1\]|$)|[^\r\n]*)/],
1902+ [PR['PR_TYPE'], /^nil|false|true/],
1903+ // A long bracketed block not preceded by -- is a string.
1904+ [PR['PR_STRING'], /^\[(=*)\[[\s\S]*?(?:\]\1\]|$)/],
1905+ [PR['PR_KEYWORD'], /^(?:and|break|do|else|elseif|end|for|function|if|in|local|not|or|repeat|require|return|then|until|while)\b/, null],
1906+ // A number is a hex integer literal, a decimal real literal, or in
1907+ // scientific notation.
1908+ [PR['PR_LITERAL'],
1909+ /^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],
1910+ // An identifier
1911+ [PR['PR_PLAIN'], /^[a-z_]\w*/i],
1912+ // A run of punctuation
1913+ [PR['PR_PUNCTUATION'], /^[^\w\t\n\r \xA0][^\w\t\n\r \xA0\"\'\-\+=]*/]
1914+ ]),
1915+ ['lua']);
1916+
1917+
1918+ // Make PR available via the Asynchronous Module Definition (AMD) API.
1919+ // Per https://github.com/amdjs/amdjs-api/wiki/AMD:
1920+ // The Asynchronous Module Definition (AMD) API specifies a
1921+ // mechanism for defining modules such that the module and its
1922+ // dependencies can be asynchronously loaded.
1923+ // ...
1924+ // To allow a clear indicator that a global define function (as
1925+ // needed for script src browser loading) conforms to the AMD API,
1926+ // any global define function SHOULD have a property called "amd"
1927+ // whose value is an object. This helps avoid conflict with any
1928+ // other existing JavaScript code that could have defined a define()
1929+ // function that does not conform to the AMD API.
1930+ if (typeof define === "function" && define['amd']) {
1931+ define("google-code-prettify", [], function () {
1932+ return PR;
1933+ });
1934+ }
1935+})();
1936diff --git a/docs/manual/style/scripts/prettify.min.js b/docs/manual/style/scripts/prettify.min.js
1937new file mode 100644
1938index 0000000..4f0f9f5
1939--- /dev/null
1940+++ b/docs/manual/style/scripts/prettify.min.js
1941@@ -0,0 +1,123 @@
1942+// see prettify.js for copyright, license and expanded version
1943+window['PR_SHOULD_USE_CONTINUATION']=true;var prettyPrintOne;var prettyPrint;(function(){var win=window;var FLOW_CONTROL_KEYWORDS=["break,continue,do,else,for,if,return,while"];var C_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"auto,case,char,const,default,"+"double,enum,extern,float,goto,int,long,register,short,signed,sizeof,module,"+"static,struct,switch,typedef,union,unsigned,void,volatile"];var COMMON_KEYWORDS=[C_KEYWORDS,"catch,class,delete,false,import,"+"new,operator,private,protected,public,this,throw,true,try,typeof"];var CPP_KEYWORDS=[COMMON_KEYWORDS,"alignof,align_union,asm,axiom,bool,"+"concept,concept_map,const_cast,constexpr,decltype,"+"dynamic_cast,explicit,export,friend,inline,late_check,"+"mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast,"+"template,typeid,typename,using,virtual,where,request_req"];var JAVA_KEYWORDS=[COMMON_KEYWORDS,"abstract,boolean,byte,extends,final,finally,implements,import,"+"instanceof,null,native,package,strictfp,super,synchronized,throws,"+"transient"];var CSHARP_KEYWORDS=[JAVA_KEYWORDS,"as,base,by,checked,decimal,delegate,descending,dynamic,event,"+"fixed,foreach,from,group,implicit,in,interface,internal,into,is,let,"+"lock,object,out,override,orderby,params,partial,readonly,ref,sbyte,"+"sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,"+"var,virtual,where"];var COFFEE_KEYWORDS="all,and,by,catch,class,else,extends,false,finally,"+"for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,"+"throw,true,try,unless,until,when,while,yes";var JSCRIPT_KEYWORDS=[COMMON_KEYWORDS,"debugger,eval,export,function,get,null,set,undefined,var,with,"+"Infinity,NaN"];var PERL_KEYWORDS="caller,delete,die,do,dump,else,elsif,eval,exit,foreach,for,"+"goto,if,import,last,local,my,next,no,our,print,printf,package,redo,require,"+"sub,undef,unless,until,use,wantarray,while,BEGIN,END";var PHP_KEYWORDS="abstract,and,array,as,break,case,catch,cfunction,class,"+"clone,const,continue,declare,default,do,else,elseif,enddeclare,endfor,"+"endforeach,endif,endswitch,endwhile,extends,final,for,foreach,function,"+"global,goto,if,implements,interface,instanceof,namespace,new,old_function,"+"or,private,protected,public,static,switch,throw,try,use,var,while,xor,"+"die,echo,empty,exit,eval,include,include_once,isset,list,require,"+"require_once,return,print,unset";var PYTHON_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"and,as,assert,class,def,del,"+"elif,except,exec,finally,from,global,import,in,is,lambda,"+"nonlocal,not,or,pass,print,raise,try,with,yield,"+"False,True,None"];var RUBY_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"alias,and,begin,case,class,"+"def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,"+"rescue,retry,self,super,then,true,undef,unless,until,when,yield,"+"BEGIN,END"];var SH_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"case,done,elif,esac,eval,fi,"+"function,in,local,set,then,until,echo"];var CONFIG_ENVS=["User-Agent,HTTP_USER_AGENT,HTTP_REFERER,HTTP_COOKIE,HTTP_FORWARDED,HTTP_HOST,HTTP_PROXY_CONNECTION,HTTP_ACCEPT,REMOTE_ADDR,REMOTE_HOST,REMOTE_PORT,REMOTE_USER,REMOTE_IDENT,REQUEST_METHOD,SCRIPT_FILENAME,PATH_INFO,QUERY_STRING,AUTH_TYPE,DOCUMENT_ROOT,SERVER_ADMIN,SERVER_NAME,SERVER_ADDR,SERVER_PORT,SERVER_PROTOCOL,SERVER_SOFTWARE,TIME_YEAR,TIME_MON,TIME_DAY,TIME_HOUR,TIME_MIN,TIME_SEC,TIME_WDAY,TIME,API_VERSION,THE_REQUEST,REQUEST_URI,REQUEST_FILENAME,IS_SUBREQ,HTTPS,REQUEST_SCHEME"];var CONFIG_KEYWORDS=["Macro,UndefMacro,Use,AuthLDAPURL,AcceptFilter,AcceptPathInfo,AccessFileName,Action,AddAlt,AddAltByEncoding,AddAltByType,AddCharset,AddDefaultCharset,AddDescription,AddEncoding,AddHandler,AddIcon,AddIconByEncoding,AddIconByType,AddInputFilter,AddLanguage,AddModuleInfo,AddOutputFilter,AddOutputFilterByType,AddType,Alias,AliasMatch,Allow,AllowCONNECT,AllowEncodedSlashes,AllowMethods,AllowOverride,AllowOverrideList,Anonymous,Anonymous_LogEmail,Anonymous_MustGiveEmail,Anonymous_NoUserID,Anonymous_VerifyEmail,AsyncRequestWorkerFactor,AuthBasicAuthoritative,AuthBasicProvider,AuthDBDUserPWQuery,AuthDBDUserRealmQuery,AuthDBMGroupFile,AuthDBMType,AuthDBMUserFile,AuthDigestAlgorithm,AuthDigestDomain,AuthDigestNcCheck,AuthDigestNonceFormat,AuthDigestNonceLifetime,AuthDigestProvider,AuthDigestQop,AuthDigestShmemSize,AuthFormAuthoritative,AuthFormBody,AuthFormDisableNoStore,AuthFormFakeBasicAuth,AuthFormLocation,AuthFormLoginRequiredLocation,AuthFormLoginSuccessLocation,AuthFormLogoutLocation,AuthFormMethod,AuthFormMimetype,AuthFormPassword,AuthFormProvider,AuthFormSitePassphrase,AuthFormSize,AuthFormUsername,AuthGroupFile,AuthLDAPAuthorizePrefix,AuthLDAPBindAuthoritative,AuthLDAPBindDN,AuthLDAPBindPassword,AuthLDAPCharsetConfig,AuthLDAPCompareAsUser,AuthLDAPCompareDNOnServer,AuthLDAPDereferenceAliases,AuthLDAPGroupAttribute,AuthLDAPGroupAttributeIsDN,AuthLDAPInitialBindAsUser,AuthLDAPInitialBindPattern,AuthLDAPMaxSubGroupDepth,AuthLDAPRemoteUserAttribute,AuthLDAPRemoteUserIsDN,AuthLDAPSearchAsUser,AuthLDAPSubGroupAttribute,AuthLDAPSubGroupClass,AuthLDAPUrl,AuthMerging,AuthName,AuthnCacheContext,AuthnCacheEnable,AuthnCacheProvideFor,AuthnCacheSOCache,AuthnCacheTimeout,<AuthnProviderAlias>,AuthType,AuthUserFile,AuthzDBDLoginToReferer,AuthzDBDQuery,AuthzDBDRedirectQuery,AuthzDBMType,<AuthzProviderAlias>,AuthzSendForbiddenOnFailure,BalancerGrowth,BalancerMember,BrowserMatch,BrowserMatchNoCase,BufferedLogs,BufferSize,CacheDefaultExpire,CacheDetailHeader,CacheDirLength,CacheDirLevels,CacheDisable,CacheEnable,CacheFile,CacheHeader,CacheIgnoreCacheControl,CacheIgnoreHeaders,CacheIgnoreNoLastMod,CacheIgnoreQueryString,CacheIgnoreURLSessionIdentifiers,CacheKeyBaseURL,CacheLastModifiedFactor,CacheLock,CacheLockMaxAge,CacheLockPath,CacheMaxExpire,CacheMaxFileSize,CacheMinExpire,CacheMinFileSize,CacheNegotiatedDocs,CacheQuickHandler,CacheReadSize,CacheReadTime,CacheRoot,CacheStaleOnError,CacheStoreExpired,CacheStoreNoStore,CacheStorePrivate,CGIMapExtension,CharsetDefault,CharsetOptions,CharsetSourceEnc,CheckCaseOnly,CheckSpelling,ChrootDir,ContentDigest,CookieDomain,CookieExpires,CookieName,CookieStyle,CookieTracking,CoreDumpDirectory,CustomLog,Dav,DavDepthInfinity,DavGenericLockDB,DavLockDB,DavMinTimeout,DBDExptime,DBDInitSQL,DBDKeep,DBDMax,DBDMin,DBDParams,DBDPersist,DBDPrepareSQL,DBDriver,DefaultIcon,DefaultLanguage,DefaultRuntimeDir,DefaultType,Define,DeflateBufferSize,DeflateCompressionLevel,DeflateFilterNote,DeflateMemLevel,DeflateWindowSize,Deny,<Directory>,DirectoryIndex,DirectoryIndexRedirect,<DirectoryMatch>,DirectorySlash,DocumentRoot,DTracePrivileges,DumpIOInput,DumpIOOutput,<Else>,<ElseIf>,EnableExceptionHook,EnableMMAP,EnableSendfile,Error,ErrorDocument,ErrorLog,ErrorLogFormat,Example,ExpiresActive,ExpiresByType,ExpiresDefault,ExtendedStatus,ExtFilterDefine,ExtFilterOptions,FallbackResource,FileETag,<Files>,<FilesMatch>,FilterChain,FilterDeclare,FilterProtocol,FilterProvider,FilterTrace,ForceLanguagePriority,ForceType,ForensicLog,GprofDir,GracefulShutdownTimeout,Group,Header,HeaderName,HeartbeatAddress,HeartbeatListen,HeartbeatMaxServers,HeartbeatStorage,HeartbeatStorage,HostnameLookups,IdentityCheck,IdentityCheckTimeout,<If>,<IfDefine>,<IfModule>,<IfVersion>,ImapBase,ImapDefault,ImapMenu,Include,IncludeOptional,IndexHeadInsert,IndexIgnore,IndexIgnoreReset,IndexOptions,IndexOrderDefault,IndexStyleSheet,InputSed,ISAPIAppendLogToErrors,ISAPIAppendLogToQuery,ISAPICacheFile,ISAPIFakeAsync,ISAPILogNotSupported,ISAPIReadAheadBuffer,KeepAlive,KeepAliveTimeout,KeptBodySize,LanguagePriority,LDAPCacheEntries,LDAPCacheTTL,LDAPConnectionPoolTTL,LDAPConnectionTimeout,LDAPLibraryDebug,LDAPOpCacheEntries,LDAPOpCacheTTL,LDAPReferralHopLimit,LDAPReferrals,LDAPRetries,LDAPRetryDelay,LDAPSharedCacheFile,LDAPSharedCacheSize,LDAPTimeout,LDAPTrustedClientCert,LDAPTrustedGlobalCert,LDAPTrustedMode,LDAPVerifyServerCert,<Limit>,<LimitExcept>,LimitInternalRecursion,LimitRequestBody,LimitRequestFields,LimitRequestFieldSize,LimitRequestLine,LimitXMLRequestBody,Listen,ListenBackLog,LoadFile,LoadModule,<Location>,<LocationMatch>,LogFormat,LogLevel,LogMessage,LuaCodeCache,LuaHookAccessChecker,LuaHookAuthChecker,LuaAuthzProvider,LuaHookCheckUserID,LuaHookFixups,LuaHookInsertFilter,LuaHookMapToStorage,LuaHookTranslateName,LuaHookTypeChecker,LuaInherit,LuaInputFilter,LuaMapHandler,LuaOutputFilter,LuaPackageCPath,LuaPackagePath,LuaQuickHandler,LuaRoot,LuaScope,MaxConnectionsPerChild,MaxKeepAliveRequests,MaxMemFree,MaxRangeOverlaps,MaxRangeReversals,MaxRanges,MaxRequestWorkers,MaxSpareServers,MaxSpareThreads,MaxThreads,MetaDir,MetaFiles,MetaSuffix,MimeMagicFile,MinSpareServers,MinSpareThreads,MMapFile,ModemStandard,ModMimeUsePathInfo,MultiviewsMatch,Mutex,NameVirtualHost,NoProxy,NWSSLTrustedCerts,NWSSLUpgradeable,Options,Order,OutputSed,PassEnv,PidFile,PrivilegesMode,Protocol,ProtocolEcho,<Proxy>,ProxyAddHeaders,ProxyBadHeader,ProxyBlock,ProxyDomain,ProxyErrorOverride,ProxyExpressDBMFile,ProxyExpressDBMType,ProxyExpressEnable,ProxyFtpDirCharset,ProxyFtpEscapeWildcards,ProxyFtpListOnWildcard,ProxyHTMLBufSize,ProxyHTMLCharsetOut,ProxyHTMLDocType,ProxyHTMLEnable,ProxyHTMLEvents,ProxyHTMLExtended,ProxyHTMLFixups,ProxyHTMLInterp,ProxyHTMLLinks,ProxyHTMLStripComments,ProxyHTMLURLMap,ProxyIOBufferSize,<ProxyMatch>,ProxyMaxForwards,ProxyPass,ProxyPassInterpolateEnv,ProxyPassMatch,ProxyPassReverse,ProxyPassReverseCookieDomain,ProxyPassReverseCookiePath,ProxyPreserveHost,ProxyReceiveBufferSize,ProxyRemote,ProxyRemoteMatch,ProxyRequests,ProxySCGIInternalRedirect,ProxySCGISendfile,ProxySet,ProxySourceAddress,ProxyStatus,ProxyTimeout,ProxyVia,ReadmeName,ReceiveBufferSize,Redirect,RedirectMatch,RedirectPermanent,RedirectTemp,ReflectorHeader,RemoteIPHeader,RemoteIPInternalProxy,RemoteIPInternalProxyList,RemoteIPProxiesHeader,RemoteIPTrustedProxy,RemoteIPTrustedProxyList,RemoveCharset,RemoveEncoding,RemoveHandler,RemoveInputFilter,RemoveLanguage,RemoveOutputFilter,RemoveType,RequestHeader,RequestReadTimeout,Require,<RequireAll>,<RequireAny>,<RequireNone>,RewriteBase,RewriteCond,RewriteEngine,RewriteMap,RewriteOptions,RewriteRule,RLimitCPU,RLimitMEM,RLimitNPROC,Satisfy,ScoreBoardFile,Script,ScriptAlias,ScriptAliasMatch,ScriptInterpreterSource,ScriptLog,ScriptLogBuffer,ScriptLogLength,ScriptSock,SecureListen,SeeRequestTail,SendBufferSize,ServerAdmin,ServerAlias,ServerLimit,ServerName,ServerPath,ServerRoot,ServerSignature,ServerTokens,Session,SessionCookieName,SessionCookieName2,SessionCookieRemove,SessionCryptoCipher,SessionCryptoDriver,SessionCryptoPassphrase,SessionCryptoPassphraseFile,SessionDBDCookieName,SessionDBDCookieName2,SessionDBDCookieRemove,SessionDBDDeleteLabel,SessionDBDInsertLabel,SessionDBDPerUser,SessionDBDSelectLabel,SessionDBDUpdateLabel,SessionEnv,SessionExclude,SessionHeader,SessionInclude,SessionMaxAge,SetEnv,SetEnvIf,SetEnvIfExpr,SetEnvIfNoCase,SetHandler,SetInputFilter,SetOutputFilter,SSIEndTag,SSIErrorMsg,SSIETag,SSILastModified,SSILegacyExprParser,SSIStartTag,SSITimeFormat,SSIUndefinedEcho,SSLCACertificateFile,SSLCACertificatePath,SSLCADNRequestFile,SSLCADNRequestPath,SSLCARevocationCheck,SSLCARevocationFile,SSLCARevocationPath,SSLCertificateChainFile,SSLCertificateFile,SSLCertificateKeyFile,SSLCipherSuite,SSLCryptoDevice,SSLEngine,SSLFIPS,SSLHonorCipherOrder,SSLInsecureRenegotiation,SSLOCSPDefaultResponder,SSLOCSPEnable,SSLOCSPOverrideResponder,SSLOCSPResponderTimeout,SSLOCSPResponseMaxAge,SSLOCSPResponseTimeSkew,SSLOptions,SSLPassPhraseDialog,SSLProtocol,SSLProxyCACertificateFile,SSLProxyCACertificatePath,SSLProxyCARevocationCheck,SSLProxyCARevocationFile,SSLProxyCARevocationPath,SSLProxyCheckPeerCN,SSLProxyCheckPeerExpire,SSLProxyCipherSuite,SSLProxyEngine,SSLProxyMachineCertificateChainFile,SSLProxyMachineCertificateFile,SSLProxyMachineCertificatePath,SSLProxyProtocol,SSLProxyVerify,SSLProxyVerifyDepth,SSLRandomSeed,SSLRenegBufferSize,SSLRequire,SSLRequireSSL,SSLSessionCache,SSLSessionCacheTimeout,SSLSessionTicketKeyFile,SSLStaplingCache,SSLStaplingErrorCacheTimeout,SSLStaplingFakeTryLater,SSLStaplingForceURL,SSLStaplingResponderTimeout,SSLStaplingResponseMaxAge,SSLStaplingResponseTimeSkew,SSLStaplingReturnResponderErrors,SSLStaplingStandardCacheTimeout,SSLStrictSNIVHostCheck,SSLUserName,SSLUseStapling,SSLVerifyClient,SSLVerifyDepth,StartServers,StartThreads,Substitute,Suexec,SuexecUserGroup,ThreadLimit,ThreadsPerChild,ThreadStackSize,TimeOut,TraceEnable,TransferLog,TypesConfig,UnDefine,UnsetEnv,UseCanonicalName,UseCanonicalPhysicalPort,User,UserDir,VHostCGIMode,VHostCGIPrivs,VHostGroup,VHostPrivs,VHostSecure,VHostUser,VirtualDocumentRoot,VirtualDocumentRootIP,<VirtualHost>,VirtualScriptAlias,VirtualScriptAliasIP,WatchdogInterval,XBitHack,xml2EncAlias,xml2EncDefault,xml2StartParse,RewriteLog,RewriteLogLevel"];var CONFIG_OPTIONS=/^[\\+\\-]?(AuthConfig|IncludesNOEXEC|ExecCGI|FollowSymLinks|MultiViews|Includes|Indexes|SymLinksIfOwnerMatch)\b/i;var ALL_KEYWORDS=[CPP_KEYWORDS,CSHARP_KEYWORDS,JSCRIPT_KEYWORDS,PERL_KEYWORDS+
1944+PYTHON_KEYWORDS,RUBY_KEYWORDS,SH_KEYWORDS,CONFIG_KEYWORDS,PHP_KEYWORDS];var C_TYPES=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float|char|void|const|static|struct)\d*(_t)?\b)|[a-z_]+_rec|cmd_parms\b/;var PR_STRING='str';var PR_KEYWORD='kwd';var PR_COMMENT='com';var PR_TYPE='typ';var PR_LITERAL='lit';var PR_PUNCTUATION='pun';var PR_PLAIN='pln';var PR_TAG='tag';var PR_DECLARATION='dec';var PR_SOURCE='src';var PR_ATTRIB_NAME='atn';var PR_ATTRIB_VALUE='atv';var PR_NOCODE='nocode';var REGEXP_PRECEDER_PATTERN='(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*';function combinePrefixPatterns(regexs){var capturedGroupIndex=0;var needToFoldCase=false;var ignoreCase=false;for(var i=0,n=regexs.length;i<n;++i){var regex=regexs[i];if(regex.ignoreCase){ignoreCase=true;}else if(/[a-z]/i.test(regex.source.replace(/\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi,''))){needToFoldCase=true;ignoreCase=false;break;}}
1945+var escapeCharToCodeUnit={'b':8,'t':9,'n':0xa,'v':0xb,'f':0xc,'r':0xd};function decodeEscape(charsetPart){var cc0=charsetPart.charCodeAt(0);if(cc0!==92){return cc0;}
1946+var c1=charsetPart.charAt(1);cc0=escapeCharToCodeUnit[c1];if(cc0){return cc0;}else if('0'<=c1&&c1<='7'){return parseInt(charsetPart.substring(1),8);}else if(c1==='u'||c1==='x'){return parseInt(charsetPart.substring(2),16);}else{return charsetPart.charCodeAt(1);}}
1947+function encodeEscape(charCode){if(charCode<0x20){return(charCode<0x10?'\\x0':'\\x')+charCode.toString(16);}
1948+var ch=String.fromCharCode(charCode);return(ch==='\\'||ch==='-'||ch===']'||ch==='^')?"\\"+ch:ch;}
1949+function caseFoldCharset(charSet){var charsetParts=charSet.substring(1,charSet.length-1).match(new RegExp('\\\\u[0-9A-Fa-f]{4}'
1950++'|\\\\x[0-9A-Fa-f]{2}'
1951++'|\\\\[0-3][0-7]{0,2}'
1952++'|\\\\[0-7]{1,2}'
1953++'|\\\\[\\s\\S]'
1954++'|-'
1955++'|[^-\\\\]','g'));var ranges=[];var inverse=charsetParts[0]==='^';var out=['['];if(inverse){out.push('^');}
1956+for(var i=inverse?1:0,n=charsetParts.length;i<n;++i){var p=charsetParts[i];if(/\\[bdsw]/i.test(p)){out.push(p);}else{var start=decodeEscape(p);var end;if(i+2<n&&'-'===charsetParts[i+1]){end=decodeEscape(charsetParts[i+2]);i+=2;}else{end=start;}
1957+ranges.push([start,end]);if(!(end<65||start>122)){if(!(end<65||start>90)){ranges.push([Math.max(65,start)|32,Math.min(end,90)|32]);}
1958+if(!(end<97||start>122)){ranges.push([Math.max(97,start)&~32,Math.min(end,122)&~32]);}}}}
1959+ranges.sort(function(a,b){return(a[0]-b[0])||(b[1]-a[1]);});var consolidatedRanges=[];var lastRange=[];for(var i=0;i<ranges.length;++i){var range=ranges[i];if(range[0]<=lastRange[1]+1){lastRange[1]=Math.max(lastRange[1],range[1]);}else{consolidatedRanges.push(lastRange=range);}}
1960+for(var i=0;i<consolidatedRanges.length;++i){var range=consolidatedRanges[i];out.push(encodeEscape(range[0]));if(range[1]>range[0]){if(range[1]+1>range[0]){out.push('-');}
1961+out.push(encodeEscape(range[1]));}}
1962+out.push(']');return out.join('');}
1963+function allowAnywhereFoldCaseAndRenumberGroups(regex){var parts=regex.source.match(new RegExp('(?:'
1964++'\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]'
1965++'|\\\\u[A-Fa-f0-9]{4}'
1966++'|\\\\x[A-Fa-f0-9]{2}'
1967++'|\\\\[0-9]+'
1968++'|\\\\[^ux0-9]'
1969++'|\\(\\?[:!=]'
1970++'|[\\(\\)\\^]'
1971++'|[^\\x5B\\x5C\\(\\)\\^]+'
1972++')','g'));var n=parts.length;var capturedGroups=[];for(var i=0,groupIndex=0;i<n;++i){var p=parts[i];if(p==='('){++groupIndex;}else if('\\'===p.charAt(0)){var decimalValue=+p.substring(1);if(decimalValue){if(decimalValue<=groupIndex){capturedGroups[decimalValue]=-1;}else{parts[i]=encodeEscape(decimalValue);}}}}
1973+for(var i=1;i<capturedGroups.length;++i){if(-1===capturedGroups[i]){capturedGroups[i]=++capturedGroupIndex;}}
1974+for(var i=0,groupIndex=0;i<n;++i){var p=parts[i];if(p==='('){++groupIndex;if(!capturedGroups[groupIndex]){parts[i]='(?:';}}else if('\\'===p.charAt(0)){var decimalValue=+p.substring(1);if(decimalValue&&decimalValue<=groupIndex){parts[i]='\\'+capturedGroups[decimalValue];}}}
1975+for(var i=0;i<n;++i){if('^'===parts[i]&&'^'!==parts[i+1]){parts[i]='';}}
1976+if(regex.ignoreCase&&needToFoldCase){for(var i=0;i<n;++i){var p=parts[i];var ch0=p.charAt(0);if(p.length>=2&&ch0==='['){parts[i]=caseFoldCharset(p);}else if(ch0!=='\\'){parts[i]=p.replace(/[a-zA-Z]/g,function(ch){var cc=ch.charCodeAt(0);return'['+String.fromCharCode(cc&~32,cc|32)+']';});}}}
1977+return parts.join('');}
1978+var rewritten=[];for(var i=0,n=regexs.length;i<n;++i){var regex=regexs[i];if(regex.global||regex.multiline){throw new Error(''+regex);}
1979+rewritten.push('(?:'+allowAnywhereFoldCaseAndRenumberGroups(regex)+')');}
1980+return new RegExp(rewritten.join('|'),ignoreCase?'gi':'g');}
1981+function extractSourceSpans(node,isPreformatted){var nocode=/(?:^|\s)nocode(?:\s|$)/;var chunks=[];var length=0;var spans=[];var k=0;function walk(node){switch(node.nodeType){case 1:if(nocode.test(node.className)){return;}
1982+for(var child=node.firstChild;child;child=child.nextSibling){walk(child);}
1983+var nodeName=node.nodeName.toLowerCase();if('br'===nodeName||'li'===nodeName){chunks[k]='\n';spans[k<<1]=length++;spans[(k++<<1)|1]=node;}
1984+break;case 3:case 4:var text=node.nodeValue;if(text.length){if(!isPreformatted){text=text.replace(/[ \t\r\n]+/g,' ');}else{text=text.replace(/\r\n?/g,'\n');text=text.replace(/^(\r?\n\s*)+/g,'');text=text.replace(/^\s*/g,'');text=text.replace(/(\r?\n\s*)+$/g,'');}
1985+chunks[k]=text;spans[k<<1]=length;length+=text.length;spans[(k++<<1)|1]=node;}
1986+break;}}
1987+walk(node);return{sourceCode:chunks.join('').replace(/\n$/,''),spans:spans};}
1988+function appendDecorations(basePos,sourceCode,langHandler,out){if(!sourceCode){return;}
1989+var job={sourceCode:sourceCode,basePos:basePos};langHandler(job);out.push.apply(out,job.decorations);}
1990+var notWs=/\S/;function childContentWrapper(element){var wrapper=undefined;for(var c=element.firstChild;c;c=c.nextSibling){var type=c.nodeType;wrapper=(type===1)?(wrapper?element:c):(type===3)?(notWs.test(c.nodeValue)?element:wrapper):wrapper;}
1991+return wrapper===element?undefined:wrapper;}
1992+function createSimpleLexer(shortcutStylePatterns,fallthroughStylePatterns){var shortcuts={};var tokenizer;(function(){var allPatterns=shortcutStylePatterns.concat(fallthroughStylePatterns);var allRegexs=[];var regexKeys={};for(var i=0,n=allPatterns.length;i<n;++i){var patternParts=allPatterns[i];var shortcutChars=patternParts[3];if(shortcutChars){for(var c=shortcutChars.length;--c>=0;){shortcuts[shortcutChars.charAt(c)]=patternParts;}}
1993+var regex=patternParts[1];var k=''+regex;if(!regexKeys.hasOwnProperty(k)){allRegexs.push(regex);regexKeys[k]=null;}}
1994+allRegexs.push(/[\0-\uffff]/);tokenizer=combinePrefixPatterns(allRegexs);})();var nPatterns=fallthroughStylePatterns.length;var decorate=function(job){var sourceCode=job.sourceCode,basePos=job.basePos;var decorations=[basePos,PR_PLAIN];var pos=0;var tokens=sourceCode.match(tokenizer)||[];var styleCache={};for(var ti=0,nTokens=tokens.length;ti<nTokens;++ti){var token=tokens[ti];var style=styleCache[token];var match=void 0;var isEmbedded;if(typeof style==='string'){isEmbedded=false;}else{var patternParts=shortcuts[token.charAt(0)];if(patternParts){match=token.match(patternParts[1]);style=patternParts[0];}else{for(var i=0;i<nPatterns;++i){patternParts=fallthroughStylePatterns[i];match=token.match(patternParts[1]);if(match){style=patternParts[0];break;}}
1995+if(!match){style=PR_PLAIN;}}
1996+isEmbedded=style.length>=5&&'lang-'===style.substring(0,5);if(isEmbedded&&!(match&&typeof match[1]==='string')){isEmbedded=false;style=PR_SOURCE;}
1997+if(!isEmbedded){styleCache[token]=style;}}
1998+var tokenStart=pos;pos+=token.length;if(!isEmbedded){decorations.push(basePos+tokenStart,style);}else{var embeddedSource=match[1];var embeddedSourceStart=token.indexOf(embeddedSource);var embeddedSourceEnd=embeddedSourceStart+embeddedSource.length;if(match[2]){embeddedSourceEnd=token.length-match[2].length;embeddedSourceStart=embeddedSourceEnd-embeddedSource.length;}
1999+var lang=style.substring(5);appendDecorations(basePos+tokenStart,token.substring(0,embeddedSourceStart),decorate,decorations);appendDecorations(basePos+tokenStart+embeddedSourceStart,embeddedSource,langHandlerForExtension(lang,embeddedSource),decorations);appendDecorations(basePos+tokenStart+embeddedSourceEnd,token.substring(embeddedSourceEnd),decorate,decorations);}}
2000+job.decorations=decorations;};return decorate;}
2001+function sourceDecorator(options){var shortcutStylePatterns=[],fallthroughStylePatterns=[];if(options['tripleQuotedStrings']){shortcutStylePatterns.push([PR_STRING,/^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,null,'\'"']);}else if(options['multiLineStrings']){shortcutStylePatterns.push([PR_STRING,/^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,null,'\'"`']);}else{shortcutStylePatterns.push([PR_STRING,/^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,null,'"\'']);}
2002+if(options['verbatimStrings']){fallthroughStylePatterns.push([PR_STRING,/^@\"(?:[^\"]|\"\")*(?:\"|$)/,null]);}
2003+var hc=options['hashComments'];if(hc){if(options['cStyleComments']){if(hc>1){shortcutStylePatterns.push([PR_COMMENT,/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,null,'#']);}else{shortcutStylePatterns.push([PR_COMMENT,/^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\r\n]*)/,null,'#']);}
2004+fallthroughStylePatterns.push([PR_STRING,/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,null]);}else{shortcutStylePatterns.push([PR_COMMENT,/^#[^\r\n]*/,null,'#']);}}
2005+if(options['cStyleComments']){fallthroughStylePatterns.push([PR_COMMENT,/^\/\/[^\r\n]*/,null]);fallthroughStylePatterns.push([PR_COMMENT,/^\/\*[\s\S]*?(?:\*\/|$)/,null]);}
2006+if(options['regexLiterals']){var REGEX_LITERAL=('/(?=[^/*])'
2007++'(?:[^/\\x5B\\x5C]'
2008++'|\\x5C[\\s\\S]'
2009++'|\\x5B(?:[^\\x5C\\x5D]|\\x5C[\\s\\S])*(?:\\x5D|$))+'
2010++'/');fallthroughStylePatterns.push(['lang-regex',new RegExp('^'+REGEXP_PRECEDER_PATTERN+'('+REGEX_LITERAL+')')]);}
2011+var types=options['types'];if(types){fallthroughStylePatterns.push([PR_TYPE,types]);}
2012+if(options['strings']){var strings=(""+options['strings']).replace(/^ | $/g,'').replace(/-/g,'\\-');fallthroughStylePatterns.push([PR_STRING,new RegExp('(?:'+strings.replace(/[\s,]+/g,'|')+')'),,null]);}
2013+var keywords=(""+options['keywords']).replace(/^ | $/g,'');if(keywords.length){fallthroughStylePatterns.push([PR_KEYWORD,new RegExp('^(?:'+keywords.replace(/[\s,]+/g,'|')+')\\b'),null]);}
2014+shortcutStylePatterns.push([PR_PLAIN,/^\s+/,null,' \r\n\t\xA0']);if(options['httpdComments']){fallthroughStylePatterns.push([PR_PLAIN,/^.*\S.*#/i,null]);}
2015+fallthroughStylePatterns.push([PR_LITERAL,/^@[a-z_$][a-z_$@0-9]*|\bNULL\b/i,null],[PR_LITERAL,CONFIG_OPTIONS,null],[PR_TAG,/^\b(AuthzProviderAlias|AuthnProviderAlias|RequireAny|RequireAll|RequireNone|Directory|DirectoryMatch|Location|LocationMatch|VirtualHost|If|Else|ElseIf|Proxy\b|LoadBalancer|Files|FilesMatch|Limit|LimitExcept|IfDefine|IfModule|IfVersion)\b/,null],[PR_TYPE,/^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_(t|req|module)\b)/,null],[PR_TAG,/^apr_[a-z_0-9]+|ap_[a-z_0-9]+/i,null],[PR_PLAIN,/^[a-z_$][a-z_$@0-9\-]*/i,null],[PR_LITERAL,new RegExp('^(?:'
2016++'0x[a-f0-9]+'
2017++'|[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+'
2018++'|(?:\\d(?:_\\d+)*\\d*(?:\\.\\d*)?|\\.\\d\\+)'
2019++'(?:e[+\\-]?\\d+)?'
2020++')'
2021++'[a-z]*','i'),null,'0123456789'],[PR_PLAIN,/^\\[\s\S]?/,null],[PR_PUNCTUATION,/^.[^\s\w\.$@\'\"\`\/\#\\]*/,null]);return createSimpleLexer(shortcutStylePatterns,fallthroughStylePatterns);}
2022+var decorateSource=sourceDecorator({'keywords':ALL_KEYWORDS,'hashComments':true,'cStyleComments':true,'multiLineStrings':true,'regexLiterals':true});function numberLines(node,opt_startLineNum,isPreformatted){var nocode=/(?:^|\s)nocode(?:\s|$)/;var lineBreak=/\r\n?|\n/;var document=node.ownerDocument;var li=document.createElement('li');while(node.firstChild){li.appendChild(node.firstChild);}
2023+var listItems=[li];function walk(node){switch(node.nodeType){case 1:if(nocode.test(node.className)){break;}
2024+if('br'===node.nodeName){breakAfter(node);if(node.parentNode){node.parentNode.removeChild(node);}}else{for(var child=node.firstChild;child;child=child.nextSibling){walk(child);}}
2025+break;case 3:case 4:if(isPreformatted){var text=node.nodeValue;var match=text.match(lineBreak);if(match){var firstLine=text.substring(0,match.index);node.nodeValue=firstLine;var tail=text.substring(match.index+match[0].length);if(tail){var parent=node.parentNode;parent.insertBefore(document.createTextNode(tail),node.nextSibling);}
2026+breakAfter(node);if(!firstLine){node.parentNode.removeChild(node);}}}
2027+break;}}
2028+function breakAfter(lineEndNode){while(!lineEndNode.nextSibling){lineEndNode=lineEndNode.parentNode;if(!lineEndNode){return;}}
2029+function breakLeftOf(limit,copy){var rightSide=copy?limit.cloneNode(false):limit;var parent=limit.parentNode;if(parent){var parentClone=breakLeftOf(parent,1);var next=limit.nextSibling;parentClone.appendChild(rightSide);for(var sibling=next;sibling;sibling=next){next=sibling.nextSibling;parentClone.appendChild(sibling);}}
2030+return rightSide;}
2031+var copiedListItem=breakLeftOf(lineEndNode.nextSibling,0);for(var parent;(parent=copiedListItem.parentNode)&&parent.nodeType===1;){copiedListItem=parent;}
2032+listItems.push(copiedListItem);}
2033+for(var i=0;i<listItems.length;++i){walk(listItems[i]);}
2034+if(opt_startLineNum===(opt_startLineNum|0)){listItems[0].setAttribute('value',opt_startLineNum);}
2035+var ol=document.createElement('ol');ol.className='linenums';var offset=Math.max(0,((opt_startLineNum-1))|0)||0;for(var i=0,n=listItems.length;i<n;++i){li=listItems[i];li.className='L'+((i+offset)%1);if(!li.firstChild){li.appendChild(document.createTextNode('\xA0'));}
2036+ol.appendChild(li);}
2037+node.appendChild(ol);}
2038+function recombineTagsAndDecorations(job){var isIE8OrEarlier=/\bMSIE\s(\d+)/.exec(navigator.userAgent);isIE8OrEarlier=isIE8OrEarlier&&+isIE8OrEarlier[1]<=8;var newlineRe=/\n/g;var source=job.sourceCode;var sourceLength=source.length;var sourceIndex=0;var spans=job.spans;var nSpans=spans.length;var spanIndex=0;var decorations=job.decorations;var nDecorations=decorations.length;var decorationIndex=0;decorations[nDecorations]=sourceLength;var decPos,i;for(i=decPos=0;i<nDecorations;){if(decorations[i]!==decorations[i+2]){decorations[decPos++]=decorations[i++];decorations[decPos++]=decorations[i++];}else{i+=2;}}
2039+nDecorations=decPos;for(i=decPos=0;i<nDecorations;){var startPos=decorations[i];var startDec=decorations[i+1];var end=i+2;while(end+2<=nDecorations&&decorations[end+1]===startDec){end+=2;}
2040+decorations[decPos++]=startPos;decorations[decPos++]=startDec;i=end;}
2041+nDecorations=decorations.length=decPos;var sourceNode=job.sourceNode;var oldDisplay;if(sourceNode){oldDisplay=sourceNode.style.display;sourceNode.style.display='none';}
2042+try{var decoration=null;var X=0;while(spanIndex<nSpans){X=X+1;if(X>5000){break;}
2043+var spanStart=spans[spanIndex];var spanEnd=spans[spanIndex+2]||sourceLength;var decEnd=decorations[decorationIndex+2]||sourceLength;var end=Math.min(spanEnd,decEnd);var textNode=spans[spanIndex+1];var styledText;if(textNode.nodeType!==1&&(styledText=source.substring(sourceIndex,end))){if(isIE8OrEarlier){styledText=styledText.replace(newlineRe,'\r');}
2044+textNode.nodeValue=styledText;var document=textNode.ownerDocument;var span=document.createElement('span');span.className=decorations[decorationIndex+1];var parentNode=textNode.parentNode;parentNode.replaceChild(span,textNode);span.appendChild(textNode);if(sourceIndex<spanEnd){spans[spanIndex+1]=textNode=document.createTextNode(source.substring(end,spanEnd));parentNode.insertBefore(textNode,span.nextSibling);}}
2045+sourceIndex=end;if(sourceIndex>=spanEnd){spanIndex+=2;}
2046+if(sourceIndex>=decEnd){decorationIndex+=2;}}}finally{if(sourceNode){sourceNode.style.display=oldDisplay;}}}
2047+var langHandlerRegistry={};function registerLangHandler(handler,fileExtensions){for(var i=fileExtensions.length;--i>=0;){var ext=fileExtensions[i];if(!langHandlerRegistry.hasOwnProperty(ext)){langHandlerRegistry[ext]=handler;}else if(win['console']){console['warn']('cannot override language handler %s',ext);}}}
2048+function langHandlerForExtension(extension,source){if(!(extension&&langHandlerRegistry.hasOwnProperty(extension))){extension=/^\s*</.test(source)?'default-markup':'default-code';}
2049+return langHandlerRegistry[extension];}
2050+registerLangHandler(decorateSource,['default-code']);registerLangHandler(createSimpleLexer([],[[PR_PLAIN,/^[^<?]+/],[PR_DECLARATION,/^<!\w[^>]*(?:>|$)/],[PR_COMMENT,/^<\!--[\s\S]*?(?:-\->|$)/],['lang-',/^<\?([\s\S]+?)(?:\?>|$)/],['lang-',/^<%([\s\S]+?)(?:%>|$)/],[PR_PUNCTUATION,/^(?:<[%?]|[%?]>)/],['lang-',/^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],['lang-js',/^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],['lang-css',/^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],['lang-in.tag',/^(<\/?[a-z][^<>]*>)/i]]),['default-markup','htm','html','mxml','xhtml','xml','xsl']);registerLangHandler(createSimpleLexer([[PR_PLAIN,/^[\s]+/,null,' \t\r\n'],[PR_ATTRIB_VALUE,/^(?:\"[^\"]*\"?|\'[^\']*\'?)/,null,'\"\'']],[[PR_TAG,/^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],[PR_ATTRIB_NAME,/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],['lang-uq.val',/^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],[PR_PUNCTUATION,/^[=<>\/]+/],['lang-js',/^on\w+\s*=\s*\"([^\"]+)\"/i],['lang-js',/^on\w+\s*=\s*\'([^\']+)\'/i],['lang-js',/^on\w+\s*=\s*([^\"\'>\s]+)/i],['lang-css',/^style\s*=\s*\"([^\"]+)\"/i],['lang-css',/^style\s*=\s*\'([^\']+)\'/i],['lang-css',/^style\s*=\s*([^\"\'>\s]+)/i]]),['in.tag']);registerLangHandler(createSimpleLexer([],[[PR_ATTRIB_VALUE,/^[\s\S]+/]]),['uq.val']);registerLangHandler(sourceDecorator({'keywords':CPP_KEYWORDS,'hashComments':true,'cStyleComments':true,'types':C_TYPES}),['c','cc','cpp','cxx','cyc','m']);registerLangHandler(sourceDecorator({'keywords':PHP_KEYWORDS,'hashComments':false,'cStyleComments':true,'multiLineStrings':true,'regexLiterals':true}),['php','phtml','inc']);registerLangHandler(sourceDecorator({'keywords':'null,true,false'}),['json']);registerLangHandler(sourceDecorator({'keywords':CSHARP_KEYWORDS,'hashComments':true,'cStyleComments':true,'verbatimStrings':true,'types':C_TYPES}),['cs']);registerLangHandler(sourceDecorator({'keywords':JAVA_KEYWORDS,'cStyleComments':true}),['java']);registerLangHandler(sourceDecorator({'keywords':SH_KEYWORDS,'hashComments':true,'multiLineStrings':true}),['bsh','csh','sh']);registerLangHandler(sourceDecorator({'keywords':PYTHON_KEYWORDS,'hashComments':true,'multiLineStrings':true,'tripleQuotedStrings':true}),['cv','py']);registerLangHandler(sourceDecorator({'keywords':PERL_KEYWORDS,'hashComments':true,'multiLineStrings':true,'regexLiterals':true}),['perl','pl','pm']);registerLangHandler(sourceDecorator({'keywords':RUBY_KEYWORDS,'hashComments':true,'multiLineStrings':true,'regexLiterals':true}),['rb']);registerLangHandler(sourceDecorator({'keywords':JSCRIPT_KEYWORDS,'cStyleComments':true,'regexLiterals':true}),['js']);registerLangHandler(sourceDecorator({'keywords':COFFEE_KEYWORDS,'hashComments':3,'cStyleComments':true,'multilineStrings':true,'tripleQuotedStrings':true,'regexLiterals':true}),['coffee']);registerLangHandler(createSimpleLexer([],[[PR_STRING,/^[\s\S]+/]]),['regex']);registerLangHandler(sourceDecorator({'keywords':CONFIG_KEYWORDS,'literals':CONFIG_OPTIONS,'strings':CONFIG_ENVS,'hashComments':true,'cStyleComments':false,'multiLineStrings':false,'regexLiterals':false,'httpdComments':true}),['config']);function applyDecorator(job){var opt_langExtension=job.langExtension;try{var sourceAndSpans=extractSourceSpans(job.sourceNode,job.pre);var source=sourceAndSpans.sourceCode;job.sourceCode=source;job.spans=sourceAndSpans.spans;job.basePos=0;langHandlerForExtension(opt_langExtension,source)(job);recombineTagsAndDecorations(job);}catch(e){if(win['console']){console['log'](e&&e['stack']?e['stack']:e);}}}
2051+function prettyPrintOne(sourceCodeHtml,opt_langExtension,opt_numberLines){var container=document.createElement('pre');container.innerHTML=sourceCodeHtml;if(opt_numberLines){numberLines(container,opt_numberLines,true);}
2052+var job={langExtension:opt_langExtension,numberLines:opt_numberLines,sourceNode:container,pre:1};applyDecorator(job);return container.innerHTML;}
2053+function prettyPrint(opt_whenDone){function byTagName(tn){return document.getElementsByTagName(tn);}
2054+var codeSegments=[byTagName('pre'),byTagName('code'),byTagName('xmp')];var elements=[];for(var i=0;i<codeSegments.length;++i){for(var j=0,n=codeSegments[i].length;j<n;++j){elements.push(codeSegments[i][j]);}}
2055+codeSegments=null;var clock=Date;if(!clock['now']){clock={'now':function(){return+(new Date);}};}
2056+var k=0;var prettyPrintingJob;var langExtensionRe=/\blang(?:uage)?-([\w.]+)(?!\S)/;var prettyPrintRe=/\bprettyprint\b/;var prettyPrintedRe=/\bprettyprinted\b/;var preformattedTagNameRe=/pre|xmp/i;var codeRe=/^code$/i;var preCodeXmpRe=/^(?:pre|code|xmp)$/i;function doWork(){var endTime=(win['PR_SHOULD_USE_CONTINUATION']?clock['now']()+250:Infinity);for(;k<elements.length&&clock['now']()<endTime;k++){var cs=elements[k];var className=cs.className;if(prettyPrintRe.test(className)&&!prettyPrintedRe.test(className)){var nested=false;for(var p=cs.parentNode;p;p=p.parentNode){var tn=p.tagName;if(preCodeXmpRe.test(tn)&&p.className&&prettyPrintRe.test(p.className)){nested=true;break;}}
2057+if(!nested){cs.className+=' prettyprinted';var langExtension=className.match(langExtensionRe);var wrapper;if(!langExtension&&(wrapper=childContentWrapper(cs))&&codeRe.test(wrapper.tagName)){langExtension=wrapper.className.match(langExtensionRe);}
2058+if(langExtension){langExtension=langExtension[1];}
2059+var preformatted;if(preformattedTagNameRe.test(cs.tagName)){preformatted=1;}else{var currentStyle=cs['currentStyle'];var whitespace=(currentStyle?currentStyle['whiteSpace']:(document.defaultView&&document.defaultView.getComputedStyle)?document.defaultView.getComputedStyle(cs,null).getPropertyValue('white-space'):0);preformatted=whitespace&&'pre'===whitespace.substring(0,3);}
2060+var lineNums=cs.className.match(/\blinenums\b(?::(\d+))?/);lineNums=lineNums?lineNums[1]&&lineNums[1].length?+lineNums[1]:true:false;if(lineNums){numberLines(cs,lineNums,preformatted);}
2061+prettyPrintingJob={langExtension:langExtension,sourceNode:cs,numberLines:lineNums,pre:preformatted};applyDecorator(prettyPrintingJob);}}}
2062+if(k<elements.length){setTimeout(doWork,250);}else if(opt_whenDone){opt_whenDone();}}
2063+doWork();}
2064+var PR=win['PR']={'createSimpleLexer':createSimpleLexer,'registerLangHandler':registerLangHandler,'sourceDecorator':sourceDecorator,'PR_ATTRIB_NAME':PR_ATTRIB_NAME,'PR_ATTRIB_VALUE':PR_ATTRIB_VALUE,'PR_COMMENT':PR_COMMENT,'PR_DECLARATION':PR_DECLARATION,'PR_KEYWORD':PR_KEYWORD,'PR_LITERAL':PR_LITERAL,'PR_NOCODE':PR_NOCODE,'PR_PLAIN':PR_PLAIN,'PR_PUNCTUATION':PR_PUNCTUATION,'PR_SOURCE':PR_SOURCE,'PR_STRING':PR_STRING,'PR_TAG':PR_TAG,'PR_TYPE':PR_TYPE,'prettyPrintOne':win['prettyPrintOne']=prettyPrintOne,'prettyPrint':win['prettyPrint']=prettyPrint};PR['registerLangHandler'](PR['createSimpleLexer']([[PR['PR_PLAIN'],/^[\t\n\r \xA0]+/,null,'\t\n\r \xA0'],[PR['PR_STRING'],/^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/,null,'"\'']],[[PR['PR_COMMENT'],/^--(?:\[(=*)\[[\s\S]*?(?:\]\1\]|$)|[^\r\n]*)/],[PR['PR_TYPE'],/^nil|false|true/],[PR['PR_STRING'],/^\[(=*)\[[\s\S]*?(?:\]\1\]|$)/],[PR['PR_KEYWORD'],/^(?:and|break|do|else|elseif|end|for|function|if|in|local|not|or|repeat|require|return|then|until|while)\b/,null],[PR['PR_LITERAL'],/^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],[PR['PR_PLAIN'],/^[a-z_]\w*/i],[PR['PR_PUNCTUATION'],/^[^\w\t\n\r \xA0][^\w\t\n\r \xA0\"\'\-\+=]*/]]),['lua']);if(typeof define==="function"&&define['amd']){define("google-code-prettify",[],function(){return PR;});}})();
2065\ No newline at end of file
2066diff --git a/docs/manual/style/sitemap.dtd b/docs/manual/style/sitemap.dtd
2067new file mode 100644
2068index 0000000..829f326
2069--- /dev/null
2070+++ b/docs/manual/style/sitemap.dtd
2071@@ -0,0 +1,42 @@
2072+<?xml version='1.0' encoding='UTF-8' ?>
2073+
2074+<!--
2075+ Licensed to the Apache Software Foundation (ASF) under one or more
2076+ contributor license agreements. See the NOTICE file distributed with
2077+ this work for additional information regarding copyright ownership.
2078+ The ASF licenses this file to You under the Apache License, Version 2.0
2079+ (the "License"); you may not use this file except in compliance with
2080+ the License. You may obtain a copy of the License at
2081+
2082+ http://www.apache.org/licenses/LICENSE-2.0
2083+
2084+ Unless required by applicable law or agreed to in writing, software
2085+ distributed under the License is distributed on an "AS IS" BASIS,
2086+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2087+ See the License for the specific language governing permissions and
2088+ limitations under the License.
2089+-->
2090+
2091+<!ENTITY % common SYSTEM "common.dtd">
2092+%common;
2093+
2094+<!-- <sitemap> is the root element -->
2095+<!ELEMENT sitemap (title, summary?, seealso*, category*)>
2096+
2097+<!ATTLIST sitemap metafile CDATA #REQUIRED
2098+ upgrade CDATA #IMPLIED
2099+>
2100+
2101+<!-- <indexpage> is another root element -->
2102+<!ELEMENT indexpage (parentdocument, title, category*)>
2103+
2104+<!ATTLIST indexpage metafile CDATA #REQUIRED
2105+ upgrade CDATA #IMPLIED
2106+>
2107+
2108+<!ELEMENT category (title, page*)>
2109+<!ATTLIST category id ID #IMPLIED>
2110+
2111+<!ELEMENT page (#PCDATA)>
2112+<!ATTLIST page href CDATA #IMPLIED
2113+ separate (yes | no) "no" >
2114diff --git a/docs/manual/style/version.ent b/docs/manual/style/version.ent
2115new file mode 100644
2116index 0000000..66952cd
2117--- /dev/null
2118+++ b/docs/manual/style/version.ent
2119@@ -0,0 +1,24 @@
2120+<?xml version='1.0' encoding='UTF-8' ?>
2121+
2122+<!--
2123+ Licensed to the Apache Software Foundation (ASF) under one or more
2124+ contributor license agreements. See the NOTICE file distributed with
2125+ this work for additional information regarding copyright ownership.
2126+ The ASF licenses this file to You under the Apache License, Version 2.0
2127+ (the "License"); you may not use this file except in compliance with
2128+ the License. You may obtain a copy of the License at
2129+
2130+ http://www.apache.org/licenses/LICENSE-2.0
2131+
2132+ Unless required by applicable law or agreed to in writing, software
2133+ distributed under the License is distributed on an "AS IS" BASIS,
2134+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2135+ See the License for the specific language governing permissions and
2136+ limitations under the License.
2137+-->
2138+
2139+<!ENTITY httpd.major "2">
2140+<!ENTITY httpd.minor "4">
2141+<!ENTITY httpd.patch "27">
2142+
2143+<!ENTITY httpd.docs "2.4">
2144diff --git a/docs/manual/suexec.html b/docs/manual/suexec.html
2145new file mode 100644
2146index 0000000..c4cc65b
2147--- /dev/null
2148+++ b/docs/manual/suexec.html
2149@@ -0,0 +1,21 @@
2150+# GENERATED FROM XML -- DO NOT EDIT
2151+
2152+URI: suexec.html.en
2153+Content-Language: en
2154+Content-type: text/html; charset=ISO-8859-1
2155+
2156+URI: suexec.html.fr
2157+Content-Language: fr
2158+Content-type: text/html; charset=ISO-8859-1
2159+
2160+URI: suexec.html.ja.utf8
2161+Content-Language: ja
2162+Content-type: text/html; charset=UTF-8
2163+
2164+URI: suexec.html.ko.euc-kr
2165+Content-Language: ko
2166+Content-type: text/html; charset=EUC-KR
2167+
2168+URI: suexec.html.tr.utf8
2169+Content-Language: tr
2170+Content-type: text/html; charset=UTF-8
2171diff --git a/docs/manual/suexec.html.en b/docs/manual/suexec.html.en
2172new file mode 100644
2173index 0000000..28be5fd
2174--- /dev/null
2175+++ b/docs/manual/suexec.html.en
2176@@ -0,0 +1,643 @@
2177+<?xml version="1.0" encoding="ISO-8859-1"?>
2178+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2179+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
2180+<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
2181+<!--
2182+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2183+ This file is generated from xml source: DO NOT EDIT
2184+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2185+ -->
2186+<title>suEXEC Support - Apache HTTP Server Version 2.4</title>
2187+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
2188+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
2189+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
2190+<script src="./style/scripts/prettify.min.js" type="text/javascript">
2191+</script>
2192+
2193+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
2194+<body id="manual-page"><div id="page-header">
2195+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p>
2196+<p class="apache">Apache HTTP Server Version 2.4</p>
2197+<img alt="" src="./images/feather.png" /></div>
2198+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
2199+<div id="path">
2200+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC Support</h1>
2201+<div class="toplang">
2202+<p><span>Available Languages: </span><a href="./en/suexec.html" title="English">&nbsp;en&nbsp;</a> |
2203+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2204+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2205+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2206+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2207+</div>
2208+
2209+ <p>The <strong>suEXEC</strong> feature provides users of the Apache
2210+ HTTP Server the ability
2211+ to run <strong>CGI</strong> and <strong>SSI</strong> programs
2212+ under user IDs different from the user ID of the calling
2213+ web server. Normally, when a CGI or SSI program executes, it
2214+ runs as the same user who is running the web server.</p>
2215+
2216+ <p>Used properly, this feature can reduce
2217+ considerably the security risks involved with allowing users to
2218+ develop and run private CGI or SSI programs. However, if suEXEC
2219+ is improperly configured, it can cause any number of problems
2220+ and possibly create new holes in your computer's security. If
2221+ you aren't familiar with managing <em>setuid root</em> programs
2222+ and the security issues they present, we highly recommend that
2223+ you not consider using suEXEC.</p>
2224+ </div>
2225+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Before we begin</a></li>
2226+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC Security Model</a></li>
2227+<li><img alt="" src="./images/down.gif" /> <a href="#install">Configuring &amp; Installing
2228+ suEXEC</a></li>
2229+<li><img alt="" src="./images/down.gif" /> <a href="#enable">Enabling &amp; Disabling
2230+ suEXEC</a></li>
2231+<li><img alt="" src="./images/down.gif" /> <a href="#usage">Using suEXEC</a></li>
2232+<li><img alt="" src="./images/down.gif" /> <a href="#debug">Debugging suEXEC</a></li>
2233+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Beware the Jabberwock:
2234+ Warnings &amp; Examples</a></li>
2235+</ul><h3>See also</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
2236+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2237+<div class="section">
2238+<h2><a name="before" id="before">Before we begin</a></h2>
2239+
2240+ <p>Before jumping head-first into this document,
2241+ you should be aware that certain assumptions are made about you and
2242+ the environment in which you will be using suexec.</p>
2243+
2244+ <p>First, it is assumed that you are using a UNIX
2245+ derivative operating system that is capable of
2246+ <strong>setuid</strong> and <strong>setgid</strong> operations.
2247+ All command examples are given in this regard. Other platforms,
2248+ if they are capable of supporting suEXEC, may differ in their
2249+ configuration.</p>
2250+
2251+ <p>Second, it is assumed you are familiar with
2252+ some basic concepts of your computer's security and its
2253+ administration. This involves an understanding of
2254+ <strong>setuid/setgid</strong> operations and the various
2255+ effects they may have on your system and its level of
2256+ security.</p>
2257+
2258+ <p>Third, it is assumed that you are using an
2259+ <strong>unmodified</strong> version of suEXEC code. All code
2260+ for suEXEC has been carefully scrutinized and tested by the
2261+ developers as well as numerous beta testers. Every precaution
2262+ has been taken to ensure a simple yet solidly safe base of
2263+ code. Altering this code can cause unexpected problems and new
2264+ security risks. It is <strong>highly</strong> recommended you
2265+ not alter the suEXEC code unless you are well versed in the
2266+ particulars of security programming and are willing to share
2267+ your work with the Apache HTTP Server development team for consideration.</p>
2268+
2269+ <p>Fourth, and last, it has been the decision of
2270+ the Apache HTTP Server development team to <strong>NOT</strong> make suEXEC part of
2271+ the default installation of Apache httpd. To this end, suEXEC
2272+ configuration requires of the administrator careful attention
2273+ to details. After due consideration has been given to the
2274+ various settings for suEXEC, the administrator may install
2275+ suEXEC through normal installation methods. The values for
2276+ these settings need to be carefully determined and specified by
2277+ the administrator to properly maintain system security during
2278+ the use of suEXEC functionality. It is through this detailed
2279+ process that we hope to limit suEXEC
2280+ installation only to those who are careful and determined
2281+ enough to use it.</p>
2282+
2283+ <p>Still with us? Yes? Good. Let's move on!</p>
2284+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2285+<div class="section">
2286+<h2><a name="model" id="model">suEXEC Security Model</a></h2>
2287+
2288+ <p>Before we begin configuring and installing
2289+ suEXEC, we will first discuss the security model you are about
2290+ to implement. By doing so, you may better understand what
2291+ exactly is going on inside suEXEC and what precautions are
2292+ taken to ensure your system's security.</p>
2293+
2294+ <p><strong>suEXEC</strong> is based on a setuid
2295+ "wrapper" program that is called by the main Apache HTTP Server.
2296+ This wrapper is called when an HTTP request is made for a CGI
2297+ or SSI program that the administrator has designated to run as
2298+ a userid other than that of the main server. When such a
2299+ request is made, Apache httpd provides the suEXEC wrapper with the
2300+ program's name and the user and group IDs under which the
2301+ program is to execute.</p>
2302+
2303+ <p>The wrapper then employs the following process
2304+ to determine success or failure -- if any one of these
2305+ conditions fail, the program logs the failure and exits with an
2306+ error, otherwise it will continue:</p>
2307+
2308+ <ol>
2309+ <li>
2310+ <strong>Is the user executing this wrapper a valid user of
2311+ this system?</strong>
2312+
2313+ <p class="indent">
2314+ This is to ensure that the user executing the wrapper is
2315+ truly a user of the system.
2316+ </p>
2317+ </li>
2318+
2319+ <li>
2320+ <strong>Was the wrapper called with the proper number of
2321+ arguments?</strong>
2322+
2323+ <p class="indent">
2324+ The wrapper will only execute if it is given the proper
2325+ number of arguments. The proper argument format is known
2326+ to the Apache HTTP Server. If the wrapper is not receiving
2327+ the proper number of arguments, it is either being
2328+ hacked, or there is something wrong with the suEXEC
2329+ portion of your Apache httpd binary.
2330+ </p>
2331+ </li>
2332+
2333+ <li>
2334+ <strong>Is this valid user allowed to run the
2335+ wrapper?</strong>
2336+
2337+ <p class="indent">
2338+ Is this user the user allowed to run this wrapper? Only
2339+ one user (the Apache user) is allowed to execute this
2340+ program.
2341+ </p>
2342+ </li>
2343+
2344+ <li>
2345+ <strong>Does the target CGI or SSI program have an unsafe
2346+ hierarchical reference?</strong>
2347+
2348+ <p class="indent">
2349+ Does the target CGI or SSI program's path contain a leading
2350+ '/' or have a '..' backreference? These are not allowed; the
2351+ target CGI/SSI program must reside within suEXEC's document
2352+ root (see <code>--with-suexec-docroot=<em>DIR</em></code>
2353+ below).
2354+ </p>
2355+ </li>
2356+
2357+ <li>
2358+ <strong>Is the target user name valid?</strong>
2359+
2360+ <p class="indent">
2361+ Does the target user exist?
2362+ </p>
2363+ </li>
2364+
2365+ <li>
2366+ <strong>Is the target group name valid?</strong>
2367+
2368+ <p class="indent">
2369+ Does the target group exist?
2370+ </p>
2371+ </li>
2372+
2373+ <li>
2374+ <strong>Is the target user <em>NOT</em> superuser?</strong>
2375+
2376+
2377+ <p class="indent">
2378+ suEXEC does not allow <code><em>root</em></code>
2379+ to execute CGI/SSI programs.
2380+ </p>
2381+ </li>
2382+
2383+ <li>
2384+ <strong>Is the target userid <em>ABOVE</em> the minimum ID
2385+ number?</strong>
2386+
2387+ <p class="indent">
2388+ The minimum user ID number is specified during
2389+ configuration. This allows you to set the lowest possible
2390+ userid that will be allowed to execute CGI/SSI programs.
2391+ This is useful to block out "system" accounts.
2392+ </p>
2393+ </li>
2394+
2395+ <li>
2396+ <strong>Is the target group <em>NOT</em> the superuser
2397+ group?</strong>
2398+
2399+ <p class="indent">
2400+ Presently, suEXEC does not allow the <code><em>root</em></code>
2401+ group to execute CGI/SSI programs.
2402+ </p>
2403+ </li>
2404+
2405+ <li>
2406+ <strong>Is the target groupid <em>ABOVE</em> the minimum ID
2407+ number?</strong>
2408+
2409+ <p class="indent">
2410+ The minimum group ID number is specified during
2411+ configuration. This allows you to set the lowest possible
2412+ groupid that will be allowed to execute CGI/SSI programs.
2413+ This is useful to block out "system" groups.
2414+ </p>
2415+ </li>
2416+
2417+ <li>
2418+ <strong>Can the wrapper successfully become the target user
2419+ and group?</strong>
2420+
2421+ <p class="indent">
2422+ Here is where the program becomes the target user and
2423+ group via setuid and setgid calls. The group access list
2424+ is also initialized with all of the groups of which the
2425+ user is a member.
2426+ </p>
2427+ </li>
2428+
2429+ <li>
2430+ <strong>Can we change directory to the one in which the target
2431+ CGI/SSI program resides?</strong>
2432+
2433+ <p class="indent">
2434+ If it doesn't exist, it can't very well contain files. If we
2435+ can't change directory to it, it might as well not exist.
2436+ </p>
2437+ </li>
2438+
2439+ <li>
2440+ <strong>Is the directory within the httpd webspace?</strong>
2441+
2442+ <p class="indent">
2443+ If the request is for a regular portion of the server, is
2444+ the requested directory within suEXEC's document root? If
2445+ the request is for a <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>, is the requested directory
2446+ within the directory configured as suEXEC's userdir (see
2447+ <a href="#install">suEXEC's configuration options</a>)?
2448+ </p>
2449+ </li>
2450+
2451+ <li>
2452+ <strong>Is the directory <em>NOT</em> writable by anyone
2453+ else?</strong>
2454+
2455+ <p class="indent">
2456+ We don't want to open up the directory to others; only
2457+ the owner user may be able to alter this directories
2458+ contents.
2459+ </p>
2460+ </li>
2461+
2462+ <li>
2463+ <strong>Does the target CGI/SSI program exist?</strong>
2464+
2465+ <p class="indent">
2466+ If it doesn't exists, it can't very well be executed.
2467+ </p>
2468+ </li>
2469+
2470+ <li>
2471+ <strong>Is the target CGI/SSI program <em>NOT</em> writable
2472+ by anyone else?</strong>
2473+
2474+ <p class="indent">
2475+ We don't want to give anyone other than the owner the
2476+ ability to change the CGI/SSI program.
2477+ </p>
2478+ </li>
2479+
2480+ <li>
2481+ <strong>Is the target CGI/SSI program <em>NOT</em> setuid or
2482+ setgid?</strong>
2483+
2484+ <p class="indent">
2485+ We do not want to execute programs that will then change
2486+ our UID/GID again.
2487+ </p>
2488+ </li>
2489+
2490+ <li>
2491+ <strong>Is the target user/group the same as the program's
2492+ user/group?</strong>
2493+
2494+ <p class="indent">
2495+ Is the user the owner of the file?
2496+ </p>
2497+ </li>
2498+
2499+ <li>
2500+ <strong>Can we successfully clean the process environment
2501+ to ensure safe operations?</strong>
2502+
2503+ <p class="indent">
2504+ suEXEC cleans the process' environment by establishing a
2505+ safe execution PATH (defined during configuration), as
2506+ well as only passing through those variables whose names
2507+ are listed in the safe environment list (also created
2508+ during configuration).
2509+ </p>
2510+ </li>
2511+
2512+ <li>
2513+ <strong>Can we successfully become the target CGI/SSI program
2514+ and execute?</strong>
2515+
2516+ <p class="indent">
2517+ Here is where suEXEC ends and the target CGI/SSI program begins.
2518+ </p>
2519+ </li>
2520+ </ol>
2521+
2522+ <p>This is the standard operation of the
2523+ suEXEC wrapper's security model. It is somewhat stringent and
2524+ can impose new limitations and guidelines for CGI/SSI design,
2525+ but it was developed carefully step-by-step with security in
2526+ mind.</p>
2527+
2528+ <p>For more information as to how this security
2529+ model can limit your possibilities in regards to server
2530+ configuration, as well as what security risks can be avoided
2531+ with a proper suEXEC setup, see the <a href="#jabberwock">"Beware the Jabberwock"</a> section of this
2532+ document.</p>
2533+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2534+<div class="section">
2535+<h2><a name="install" id="install">Configuring &amp; Installing
2536+ suEXEC</a></h2>
2537+
2538+ <p>Here's where we begin the fun.</p>
2539+
2540+ <p><strong>suEXEC configuration
2541+ options</strong><br />
2542+ </p>
2543+
2544+ <dl>
2545+ <dt><code>--enable-suexec</code></dt>
2546+
2547+ <dd>This option enables the suEXEC feature which is never
2548+ installed or activated by default. At least one
2549+ <code>--with-suexec-xxxxx</code> option has to be provided
2550+ together with the <code>--enable-suexec</code> option to let
2551+ APACI accept your request for using the suEXEC feature.</dd>
2552+
2553+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
2554+
2555+ <dd>The path to the <code>suexec</code> binary must be hard-coded
2556+ in the server for security reasons. Use this option to override
2557+ the default path. <em>e.g.</em>
2558+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
2559+
2560+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
2561+
2562+ <dd>The <a href="mod/mpm_common.html#user">username</a> under which
2563+ httpd normally runs. This is the only user allowed to
2564+ execute the suEXEC wrapper.</dd>
2565+
2566+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
2567+
2568+ <dd>Define to be the subdirectory under users' home
2569+ directories where suEXEC access should be allowed. All
2570+ executables under this directory will be executable by suEXEC
2571+ as the user so they should be "safe" programs. If you are
2572+ using a "simple" <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>
2573+ directive (ie. one without a "*" in it) this should be set to the same
2574+ value. suEXEC will not work properly in cases where the <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> directive points to
2575+ a location that is not the same as the user's home directory
2576+ as referenced in the <code>passwd</code> file. Default value is
2577+ "<code>public_html</code>".<br />
2578+ If you have virtual hosts with a different <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> for each,
2579+ you will need to define them to all reside in one parent
2580+ directory; then name that parent directory here. <strong>If
2581+ this is not defined properly, "~userdir" cgi requests will
2582+ not work!</strong></dd>
2583+
2584+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
2585+
2586+ <dd>Define as the DocumentRoot set for httpd. This will be
2587+ the only hierarchy (aside from <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>s) that can be used for suEXEC behavior. The
2588+ default directory is the <code>--datadir</code> value with the suffix
2589+ "<code>/htdocs</code>", <em>e.g.</em> if you configure with
2590+ "<code>--datadir=/home/apache</code>" the directory
2591+ "<code>/home/apache/htdocs</code>" is used as document root for the
2592+ suEXEC wrapper.</dd>
2593+
2594+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
2595+
2596+ <dd>Define this as the lowest UID allowed to be a target user
2597+ for suEXEC. For most systems, 500 or 100 is common. Default
2598+ value is 100.</dd>
2599+
2600+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
2601+
2602+ <dd>Define this as the lowest GID allowed to be a target
2603+ group for suEXEC. For most systems, 100 is common and
2604+ therefore used as default value.</dd>
2605+
2606+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
2607+
2608+ <dd>This defines the filename to which all suEXEC
2609+ transactions and errors are logged (useful for auditing and
2610+ debugging purposes). By default the logfile is named
2611+ "<code>suexec_log</code>" and located in your standard logfile
2612+ directory (<code>--logfiledir</code>).</dd>
2613+
2614+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
2615+
2616+ <dd>Define a safe PATH environment to pass to CGI
2617+ executables. Default value is
2618+ "<code>/usr/local/bin:/usr/bin:/bin</code>".</dd>
2619+ </dl>
2620+
2621+ <h3>Compiling and installing the suEXEC wrapper</h3>
2622+
2623+
2624+ <p>If you have enabled the suEXEC feature with the
2625+ <code>--enable-suexec</code> option the <code>suexec</code> binary
2626+ (together with httpd itself) is automatically built if you execute
2627+ the <code>make</code> command.</p>
2628+
2629+ <p>After all components have been built you can execute the
2630+ command <code>make install</code> to install them. The binary image
2631+ <code>suexec</code> is installed in the directory defined by the
2632+ <code>--sbindir</code> option. The default location is
2633+ "/usr/local/apache2/bin/suexec".</p>
2634+
2635+ <p>Please note that you need <strong><em>root
2636+ privileges</em></strong> for the installation step. In order
2637+ for the wrapper to set the user ID, it must be installed as
2638+ owner <code><em>root</em></code> and must have the setuserid
2639+ execution bit set for file modes.</p>
2640+
2641+
2642+ <h3>Setting paranoid permissions</h3>
2643+
2644+
2645+ <p>Although the suEXEC wrapper will check to ensure that its
2646+ caller is the correct user as specified with the
2647+ <code>--with-suexec-caller</code> <code class="program"><a href="./programs/configure.html">configure</a></code>
2648+ option, there is
2649+ always the possibility that a system or library call suEXEC uses
2650+ before this check may be exploitable on your system. To counter
2651+ this, and because it is best-practise in general, you should use
2652+ filesystem permissions to ensure that only the group httpd
2653+ runs as may execute suEXEC.</p>
2654+
2655+ <p>If for example, your web server is configured to run as:</p>
2656+
2657+ <pre class="prettyprint lang-config">User www
2658+Group webgroup</pre>
2659+
2660+
2661+ <p>and <code class="program"><a href="./programs/suexec.html">suexec</a></code> is installed at
2662+ "/usr/local/apache2/bin/suexec", you should run:</p>
2663+
2664+ <div class="example"><p><code>
2665+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
2666+ chmod 4750 /usr/local/apache2/bin/suexec<br />
2667+ </code></p></div>
2668+
2669+ <p>This will ensure that only the group httpd runs as can even
2670+ execute the suEXEC wrapper.</p>
2671+
2672+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2673+<div class="section">
2674+<h2><a name="enable" id="enable">Enabling &amp; Disabling
2675+ suEXEC</a></h2>
2676+
2677+ <p>Upon startup of httpd, it looks for the file
2678+ <code class="program"><a href="./programs/suexec.html">suexec</a></code> in the directory defined by the
2679+ <code>--sbindir</code> option (default is
2680+ "/usr/local/apache/sbin/suexec"). If httpd finds a properly
2681+ configured suEXEC wrapper, it will print the following message
2682+ to the error log:</p>
2683+
2684+<div class="example"><p><code>
2685+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
2686+</code></p></div>
2687+
2688+ <p>If you don't see this message at server startup, the server is
2689+ most likely not finding the wrapper program where it expects
2690+ it, or the executable is not installed <em>setuid root</em>.</p>
2691+
2692+ <p>If you want to enable the suEXEC mechanism for the first time
2693+ and an Apache HTTP Server is already running you must kill and
2694+ restart httpd. Restarting it with a simple HUP or USR1 signal
2695+ will not be enough. </p>
2696+ <p>If you want to disable suEXEC you should kill and restart
2697+ httpd after you have removed the <code class="program"><a href="./programs/suexec.html">suexec</a></code> file.</p>
2698+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2699+<div class="section">
2700+<h2><a name="usage" id="usage">Using suEXEC</a></h2>
2701+
2702+ <p>Requests for CGI programs will call the suEXEC wrapper only if
2703+ they are for a virtual host containing a <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> directive or if
2704+ they are processed by <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>.</p>
2705+
2706+ <p><strong>Virtual Hosts:</strong><br /> One way to use the suEXEC
2707+ wrapper is through the <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> directive in
2708+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> definitions. By
2709+ setting this directive to values different from the main server
2710+ user ID, all requests for CGI resources will be executed as the
2711+ <em>User</em> and <em>Group</em> defined for that <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>. If this
2712+ directive is not specified for a <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code> then the main server userid
2713+ is assumed.</p>
2714+
2715+ <p><strong>User directories:</strong><br /> Requests that are
2716+ processed by <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> will call the suEXEC
2717+ wrapper to execute CGI programs under the userid of the requested
2718+ user directory. The only requirement needed for this feature to
2719+ work is for CGI execution to be enabled for the user and that the
2720+ script must meet the scrutiny of the <a href="#model">security
2721+ checks</a> above. See also the
2722+ <code>--with-suexec-userdir</code> <a href="#install">compile
2723+ time option</a>.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2724+<div class="section">
2725+<h2><a name="debug" id="debug">Debugging suEXEC</a></h2>
2726+
2727+ <p>The suEXEC wrapper will write log information
2728+ to the file defined with the <code>--with-suexec-logfile</code>
2729+ option as indicated above. If you feel you have configured and
2730+ installed the wrapper properly, have a look at this log and the
2731+ error_log for the server to see where you may have gone astray.</p>
2732+
2733+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2734+<div class="section">
2735+<h2><a name="jabberwock" id="jabberwock">Beware the Jabberwock:
2736+ Warnings &amp; Examples</a></h2>
2737+
2738+ <p><strong>NOTE!</strong> This section may not be
2739+ complete. For the latest revision of this section of the
2740+ documentation, see the <a href="http://httpd.apache.org/docs/2.4/suexec.html">Online
2741+ Documentation</a> version.</p>
2742+
2743+ <p>There are a few points of interest regarding
2744+ the wrapper that can cause limitations on server setup. Please
2745+ review these before submitting any "bugs" regarding suEXEC.</p>
2746+
2747+ <ul>
2748+ <li><strong>suEXEC Points Of Interest</strong></li>
2749+
2750+ <li>
2751+ Hierarchy limitations
2752+
2753+ <p class="indent">
2754+ For security and efficiency reasons, all suEXEC requests
2755+ must remain within either a top-level document root for
2756+ virtual host requests, or one top-level personal document
2757+ root for userdir requests. For example, if you have four
2758+ VirtualHosts configured, you would need to structure all
2759+ of your VHosts' document roots off of one main httpd
2760+ document hierarchy to take advantage of suEXEC for
2761+ VirtualHosts. (Example forthcoming.)
2762+ </p>
2763+ </li>
2764+
2765+ <li>
2766+ suEXEC's PATH environment variable
2767+
2768+ <p class="indent">
2769+ This can be a dangerous thing to change. Make certain
2770+ every path you include in this define is a
2771+ <strong>trusted</strong> directory. You don't want to
2772+ open people up to having someone from across the world
2773+ running a trojan horse on them.
2774+ </p>
2775+ </li>
2776+
2777+ <li>
2778+ Altering the suEXEC code
2779+
2780+ <p class="indent">
2781+ Again, this can cause <strong>Big Trouble</strong> if you
2782+ try this without knowing what you are doing. Stay away
2783+ from it if at all possible.
2784+ </p>
2785+ </li>
2786+ </ul>
2787+
2788+</div></div>
2789+<div class="bottomlang">
2790+<p><span>Available Languages: </span><a href="./en/suexec.html" title="English">&nbsp;en&nbsp;</a> |
2791+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2792+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2793+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2794+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2795+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
2796+<script type="text/javascript"><!--//--><![CDATA[//><!--
2797+var comments_shortname = 'httpd';
2798+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
2799+(function(w, d) {
2800+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
2801+ d.write('<div id="comments_thread"><\/div>');
2802+ var s = d.createElement('script');
2803+ s.type = 'text/javascript';
2804+ s.async = true;
2805+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
2806+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
2807+ }
2808+ else {
2809+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
2810+ }
2811+})(window, document);
2812+//--><!]]></script></div><div id="footer">
2813+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
2814+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
2815+if (typeof(prettyPrint) !== 'undefined') {
2816+ prettyPrint();
2817+}
2818+//--><!]]></script>
2819+</body></html>
2820\ No newline at end of file
2821diff --git a/docs/manual/suexec.html.fr b/docs/manual/suexec.html.fr
2822new file mode 100644
2823index 0000000..02aa50c
2824--- /dev/null
2825+++ b/docs/manual/suexec.html.fr
2826@@ -0,0 +1,689 @@
2827+<?xml version="1.0" encoding="ISO-8859-1"?>
2828+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2829+<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr"><head>
2830+<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
2831+<!--
2832+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2833+ This file is generated from xml source: DO NOT EDIT
2834+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2835+ -->
2836+<title>Support suEXEC - Serveur Apache HTTP Version 2.4</title>
2837+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
2838+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
2839+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
2840+<script src="./style/scripts/prettify.min.js" type="text/javascript">
2841+</script>
2842+
2843+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
2844+<body id="manual-page"><div id="page-header">
2845+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossaire</a> | <a href="./sitemap.html">Plan du site</a></p>
2846+<p class="apache">Serveur Apache HTTP Version 2.4</p>
2847+<img alt="" src="./images/feather.png" /></div>
2848+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
2849+<div id="path">
2850+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">Serveur HTTP</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>Support suEXEC</h1>
2851+<div class="toplang">
2852+<p><span>Langues Disponibles: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
2853+<a href="./fr/suexec.html" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2854+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2855+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2856+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2857+</div>
2858+
2859+ <p>La fonctionnalit� <strong>suEXEC</strong> permet
2860+ l'ex�cution des programmes <strong>CGI</strong> et
2861+ <strong>SSI</strong> sous un utilisateur autre que celui sous
2862+ lequel s'ex�cute le serveur web qui appelle ces programmes.
2863+ Normalement, lorsqu'un programme CGI ou SSI est lanc�, il
2864+ s'ex�cute sous le m�me utilisateur que celui du serveur web qui
2865+ l'appelle.</p>
2866+
2867+ <p>Utilis�e de mani�re appropri�e, cette fonctionnalit� peut
2868+ r�duire consid�rablement les risques de s�curit� encourus
2869+ lorsqu'on autorise les utilisateurs � d�velopper et faire
2870+ s'ex�cuter des programmes CGI ou SSI de leur cru. Cependant, mal
2871+ configur�, suEXEC peut causer de nombreux probl�mes et m�me cr�er
2872+ de nouvelles failles dans la s�curit� de votre ordinateur. Si
2873+ vous n'�tes pas familier avec la gestion des programmes
2874+ <em>setuid root</em> et les risques de s�curit� qu'ils comportent,
2875+ nous vous recommandons vivement de ne pas tenter
2876+ d'utiliser suEXEC.</p>
2877+ </div>
2878+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Avant de commencer</a></li>
2879+<li><img alt="" src="./images/down.gif" /> <a href="#model">Mod�le de s�curit� de suEXEC</a></li>
2880+<li><img alt="" src="./images/down.gif" /> <a href="#install">Configurer et installer suEXEC</a></li>
2881+<li><img alt="" src="./images/down.gif" /> <a href="#enable">Activation et d�sactivation
2882+de suEXEC</a></li>
2883+<li><img alt="" src="./images/down.gif" /> <a href="#usage">Utilisation de suEXEC</a></li>
2884+<li><img alt="" src="./images/down.gif" /> <a href="#debug">D�bogage de suEXEC</a></li>
2885+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Avis � la population !
2886+ Avertissements et exemples</a></li>
2887+</ul><h3>Voir aussi</h3><ul class="seealso"><li><a href="#comments_section">Commentaires</a></li></ul></div>
2888+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2889+<div class="section">
2890+<h2><a name="before" id="before">Avant de commencer</a></h2>
2891+
2892+ <p>Avant de foncer t�te baiss�e dans la lecture de ce document,
2893+ vous devez tenir compte de certaines hypoth�ses concernant vous-m�me
2894+ et l'environnement dans lequel vous allez utiliser suexec.</p>
2895+
2896+ <p>Premi�rement, vous devez utiliser un syst�me d'exploitation
2897+ UNIX ou d�riv�, capable d'effectuer des op�rations
2898+ <strong>setuid</strong> et <strong>setgid</strong>. Tous les
2899+ exemples de commande sont donn�s en cons�quence. D'autres
2900+ plates-formes, m�me si elles supportent suEXEC, peuvent
2901+ avoir une configuration diff�rente.</p>
2902+
2903+ <p>Deuxi�mement, vous devez �tre familier avec les concepts de base
2904+ relatifs � la s�curit� de votre ordinateur et son administration.
2905+ Ceci implique la compr�hension des op�rations
2906+ <strong>setuid/setgid</strong> et des diff�rents effets qu'elles
2907+ peuvent produire sur votre syst�me et son niveau de s�curit�.</p>
2908+
2909+ <p>Troisi�mement, vous devez utiliser une version
2910+ <strong>non modifi�e</strong> du code de suEXEC. L'ensemble du
2911+ code de suEXEC a �t� scrut� et test� avec soin par les d�veloppeurs
2912+ et de nombreux b�ta testeurs. Toutes les pr�cautions ont �t� prises
2913+ pour s'assurer d'une base s�re de code non seulement simple, mais
2914+ aussi solide. La modification de ce code peut causer des probl�mes
2915+ inattendus et de nouveaux risques de s�curit�. Il est
2916+ <strong>vivement</strong> recommand� de ne pas modifier le code de
2917+ suEXEC, � moins que vous ne soyez un programmeur sp�cialiste des
2918+ particularit�s li�es � la s�curit�, et souhaitez partager votre
2919+ travail avec l'�quipe de d�veloppement du serveur HTTP Apache afin
2920+ de pouvoir en discuter.</p>
2921+
2922+ <p>Quatri�mement et derni�rement, l'�quipe de d�veloppement du
2923+ serveur HTTP Apache a d�cid� de ne
2924+ <strong>PAS</strong> inclure suEXEC dans l'installation par d�faut
2925+ d'Apache httpd. Pour pouvoir mettre en oeuvre suEXEC, l'administrateur
2926+ doit porter la plus grande attention aux d�tails. Apr�s avoir bien
2927+ r�fl�chi aux diff�rents points de la configuration de suEXEC,
2928+ l'administrateur peut l'installer selon les m�thodes classiques.
2929+ Les valeurs des param�tres de configuration doivent �tre
2930+ d�termin�es et sp�cifi�es avec soin par l'administrateur, afin de
2931+ maintenir la s�curit� du syst�me de mani�re appropri�e lors de
2932+ l'utilisation de la fonctionnalit� suEXEC. C'est par le biais de
2933+ ce processus minutieux que nous esp�rons r�server
2934+ l'installation de suEXEC aux administrateurs prudents et
2935+ suffisamment d�termin�s � vouloir l'utiliser.</p>
2936+
2937+ <p>Vous �tes encore avec nous ? Oui ? Bien.
2938+ Alors nous pouvons continuer !</p>
2939+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2940+<div class="section">
2941+<h2><a name="model" id="model">Mod�le de s�curit� de suEXEC</a></h2>
2942+
2943+ <p>Avant d'installer et configurer suEXEC, nous allons tout d'abord
2944+ d�crire le mod�le de s�curit� que vous �tes sur le point
2945+ d'impl�menter. Vous devriez ainsi mieux comprendre ce qui se passe
2946+ vraiment � l'int�rieur de suEXEC et quelles pr�cautions ont �t�
2947+ prises pour pr�server la s�curit� de votre syst�me.</p>
2948+
2949+ <p><strong>suEXEC</strong> est bas� sur un programme "conteneur"
2950+ (wrapper) setuid qui est appel� par le serveur HTTP Apache principal.
2951+ Ce conteneur est appel� quand une requ�te HTTP concerne
2952+ un programme CGI ou SSI que l'administrateur
2953+ a d�cid� de faire s'ex�cuter
2954+ sous un utilisateur autre que celui du serveur principal.
2955+ Lorsqu'il re�oit une telle requ�te, Apache httpd fournit au conteneur
2956+ suEXEC le nom du programme, ainsi que les identifiants utilisateur
2957+ et groupe sous lesquels le programme doit s'ex�cuter.</p>
2958+
2959+ <p>Le conteneur effectue ensuite les v�rifications suivantes afin
2960+ de d�terminer la r�ussite ou l'�chec du processus -- si une seule
2961+ de ces conditions n'est pas v�rifi�e, le programme journalise
2962+ l'erreur et se termine en retournant un code d'erreur, sinon il
2963+ continue :</p>
2964+
2965+ <ol>
2966+ <li>
2967+ <strong>L'utilisateur qui ex�cute le conteneur est-il un
2968+ utilisateur valide de ce syst�me ?</strong>
2969+
2970+ <p class="indent">
2971+ Ceci permet de s'assurer que l'utilisateur qui ex�cute le
2972+ conteneur est vraiment un utilisateur appartenant au syst�me.
2973+ </p>
2974+ </li>
2975+
2976+ <li>
2977+ <strong>Le conteneur a-t-il �t� appel� avec un nombre
2978+ d'arguments correct ?</strong>
2979+
2980+ <p class="indent">
2981+ Le conteneur ne s'ex�cutera que si on lui fournit un nombre
2982+ d'arguments correct. Le serveur HTTP apache sait quel est le
2983+ bon format des arguments. Si le conteneur ne re�oit pas un
2984+ nombre d'arguments correct, soit il a �t� modifi�,
2985+ soit quelque chose ne va pas dans la portion suEXEC de
2986+ votre binaire Apache httpd.
2987+ </p>
2988+ </li>
2989+
2990+ <li>
2991+ <strong>Cet utilisateur valide est-il autoris� � ex�cuter le
2992+ conteneur ?</strong>
2993+
2994+ <p class="indent">
2995+ Cet utilisateur est-il celui autoris� � ex�cuter le
2996+ conteneur ? Un seul utilisateur (celui d'Apache) est
2997+ autoris� � ex�cuter ce programme.
2998+ </p>
2999+ </li>
3000+
3001+ <li>
3002+ <strong>Le chemin du programme CGI ou SSI cible est-il
3003+ non s�r ?</strong>
3004+
3005+ <p class="indent">
3006+ Le chemin du programme CGI ou SSI cible d�bute-t-il par un
3007+ '/' ou contient-il une r�f�rence arri�re '..' ? Ceci est
3008+ interdit ; le programme CGI ou SSI cible doit se trouver dans
3009+ la hi�rarchie de la racine des documents de suEXEC (voir
3010+ <code>--with-suexec-docroot=<em>DIR</em></code> ci-dessous).
3011+ </p>
3012+ </li>
3013+
3014+ <li>
3015+ <strong>Le nom utilisateur cible est-il valide ?</strong>
3016+
3017+ <p class="indent">
3018+ L'utilisateur cible existe-t-il ?
3019+ </p>
3020+ </li>
3021+
3022+ <li>
3023+ <strong>Le nom du groupe cible est-il valide ?</strong>
3024+
3025+ <p class="indent">
3026+ Le groupe cible existe-t-il ?
3027+ </p>
3028+ </li>
3029+
3030+ <li>
3031+ <strong>L'utilisateur cible n'est-il <em>PAS</em>
3032+ superutilisateur ?</strong>
3033+
3034+
3035+ <p class="indent">
3036+ suEXEc ne permet pas �
3037+ <code><em>root</em></code> d'ex�cuter des programmes CGI/SSI.
3038+ </p>
3039+ </li>
3040+
3041+ <li>
3042+ <strong>Le num�ro de l'identifiant de l'utilisateur cible
3043+ est-il <em>SUPERIEUR</em> au num�ro d'identifiant
3044+ minimum ?</strong>
3045+
3046+ <p class="indent">
3047+ Le num�ro d'identifiant utilisateur minimum est d�fini �
3048+ l'ex�cution du script configure. Ceci vous permet de d�finir
3049+ le num�ro d'identifiant utilisateur le plus bas qui sera
3050+ autoris� � �x�cuter des programmes CGI/SSI. En particulier,
3051+ cela permet d'�carter les comptes syst�me.
3052+ </p>
3053+ </li>
3054+
3055+ <li>
3056+ <strong>Le groupe cible n'est-il <em>PAS</em> le groupe
3057+ superutilisateur ?</strong>
3058+
3059+ <p class="indent">
3060+ Actuellement, suEXEC ne permet pas au groupe
3061+ <code><em>root</em></code> d'ex�cuter des programmes CGI/SSI.
3062+ </p>
3063+ </li>
3064+
3065+ <li>
3066+ <strong> Le num�ro d'identifiant du groupe cible est-il
3067+ <em>SUPERIEUR</em> au num�ro d'identifiant minimum ?</strong>
3068+
3069+ <p class="indent">
3070+ Le num�ro d'identifiant de groupe minimum est sp�cifi� lors
3071+ de l'ex�cution du script configure. Ceci vous permet de
3072+ d�finir l'identifiant de groupe le plus bas possible qui sera
3073+ autoris� � ex�cuter des programmes CGI/SSI, et est
3074+ particuli�rement utile pour �carter les groupes "syst�me".
3075+ </p>
3076+ </li>
3077+
3078+ <li>
3079+ <strong>Le conteneur peut-il obtenir avec succ�s l'identit�
3080+ des utilisateur et groupe cibles ?</strong>
3081+
3082+ <p class="indent">
3083+ C'est ici que le programme obtient l'identit� des utilisateur
3084+ et groupe cibles via des appels � setuid et setgid. De m�me,
3085+ la liste des acc�s groupe est initialis�e avec tous les
3086+ groupes auxquels l'utilisateur cible appartient.
3087+ </p>
3088+ </li>
3089+
3090+ <li>
3091+ <strong>Peut-on se positionner dans le r�pertoire dans dequel
3092+ sont situ�s les programmes CGI/SSI ?</strong>
3093+
3094+ <p class="indent">
3095+ S'il n'existe pas, il ne peut pas contenir de fichier. Et si
3096+ l'on ne peut pas s'y positionner, il n'existe probablement
3097+ pas.
3098+ </p>
3099+ </li>
3100+
3101+ <li>
3102+ <strong>Le r�pertoire est-il dans l'espace web
3103+ de httpd ?</strong>
3104+
3105+ <p class="indent">
3106+ Si la requ�te concerne une portion de la racine du serveur,
3107+ le r�pertoire demand� est-il dans la hi�rarchie de la racine
3108+ des documents de suEXEC ? Si la requ�te concerne un
3109+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>, le r�pertoire demand� est-il dans
3110+ la hi�rarchie du r�pertoire d�fini comme le r�pertoire
3111+ utilisateur de suEXEC (voir les
3112+ <a href="#install">options de configuration de suEXEC</a>) ?
3113+ </p>
3114+ </li>
3115+
3116+ <li>
3117+ <strong>L'�criture dans le r�pertoire est-elle interdite pour
3118+ un utilisateur autre que le propri�taire </strong>
3119+
3120+ <p class="indent">
3121+ Le r�pertoire ne doit pas �tre ouvert aux autres
3122+ utilisateurs ; seul l'utilisateur propri�taire doit pouvoir
3123+ modifier le contenu du r�pertoire.
3124+ </p>
3125+ </li>
3126+
3127+ <li>
3128+ <strong>Le programme CGI/SSI cible existe-t-il ?</strong>
3129+
3130+ <p class="indent">
3131+ S'il n'existe pas, il ne peut pas �tre ex�cut�.
3132+ </p>
3133+ </li>
3134+
3135+ <li>
3136+ <strong>Les utilisateurs autres que le propri�taire n'ont-ils
3137+ <em>PAS</em> de droits en �criture sur le programme
3138+ CGI/SSI ?</strong>
3139+
3140+ <p class="indent">
3141+ Les utilisateurs autres que le propri�taire ne doivent pas
3142+ pouvoir modifier le programme CGI/SSI.
3143+ </p>
3144+ </li>
3145+
3146+ <li>
3147+ <strong>Le programme CGI/SSI n'est-il <em>PAS</em> setuid ou
3148+ setgid ?</strong>
3149+
3150+ <p class="indent">
3151+ Les programmes cibles ne doivent pas pouvoir modifier �
3152+ nouveau les identifiants utilisateur/groupe.
3153+ </p>
3154+ </li>
3155+
3156+ <li>
3157+ <strong>Le couple utilisateur/groupe cible est-il le m�me que
3158+ celui du programme ?</strong>
3159+
3160+ <p class="indent">
3161+ L'utilisateur est-il le propri�taire du fichier ?
3162+ </p>
3163+ </li>
3164+
3165+ <li>
3166+ <strong>Peut-on nettoyer avec succ�s l'environnement des
3167+ processus afin de garantir la s�ret� des op�rations ?</strong>
3168+
3169+ <p class="indent">
3170+ suExec nettoie l'environnement des processus en �tablissant
3171+ un chemin d'ex�cution s�r (d�fini lors de la configuration),
3172+ et en ne passant que les variables dont les noms font partie
3173+ de la liste de l'environnement s�r (cr��e de m�me lors de la
3174+ configuration).
3175+ </p>
3176+ </li>
3177+
3178+ <li>
3179+ <strong>Le conteneur peut-il avec succ�s se substituer au
3180+ programme CGI/SSI cible et s'ex�cuter ?</strong>
3181+
3182+ <p class="indent">
3183+ C'est l� o� l'ex�cution de suEXEC s'arr�te et o� commence
3184+ celle du programme CGI/ssi cible.
3185+ </p>
3186+ </li>
3187+ </ol>
3188+
3189+ <p>Ce sont les op�rations standards effectu�es par le mod�le de
3190+ s�curit� du conteneur suEXEC. Il peut para�tre strict et est
3191+ susceptible d'imposer de nouvelles limitations et orientations
3192+ dans la conception des programmes CGI/SSI, mais il a �t� d�velopp�
3193+ avec le plus grand soin, �tape par �tape, en se focalisant sur
3194+ la s�curit�.</p>
3195+
3196+ <p>Pour plus d'informations sur la mesure dans laquelle ce mod�le
3197+ de s�curit� peut limiter vos possibilit�s au regard de la
3198+ configuration du serveur, ainsi que les risques de s�curit� qui
3199+ peuvent �tre �vit�s gr�ce � une configuration appropri�e de suEXEC,
3200+ se r�f�rer � la section <a href="#jabberwock">"Avis � la population !"</a> de ce document.</p>
3201+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3202+<div class="section">
3203+<h2><a name="install" id="install">Configurer et installer suEXEC</a></h2>
3204+
3205+ <p>C'est ici que nous entrons dans le vif du sujet.</p>
3206+
3207+ <p><strong>Options de configuration de suEXEC</strong><br />
3208+ </p>
3209+
3210+ <dl>
3211+ <dt><code>--enable-suexec</code></dt>
3212+
3213+ <dd>Cette option active la fonctionnalit� suEXEC qui n'est
3214+ jamais install�e ou activ�e par d�faut. Au moins une option
3215+ <code>--with-suexec-xxxxx</code> doit accompagner l'option
3216+ <code>--enable-suexec</code> pour qu'APACI (l'utilitaire de
3217+ configuration de la compilation d'Apache) accepte votre demande
3218+ d'utilisation de la fonctionnalit� suEXEC.</dd>
3219+
3220+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
3221+
3222+ <dd>Le chemin du binaire <code>suexec</code> doit �tre cod� en
3223+ dur dans le serveur pour des raisons de s�curit�. Cette option
3224+ vous permet de modifier le chemin par d�faut.
3225+ <em>Par exemple</em>
3226+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
3227+
3228+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
3229+
3230+ <dd>L'<a href="mod/mpm_common.html#user">utilisateur</a> sous
3231+ lequel httpd s'ex�cute habituellement. C'est le seul utilisateur
3232+ autoris� � ex�cuter le wrapper suEXEC.</dd>
3233+
3234+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
3235+
3236+ <dd>Cette option d�finit le sous-r�pertoire de la hi�rarchie des
3237+ r�pertoires utilisateurs dans lequel l'utilisation
3238+ de suEXEC sera autoris�e. Tous les ex�cutables situ�s dans ce
3239+ r�pertoire seront ex�cutables par suEXEC sous l'utilisateur
3240+ cible ; ces programmes doivent donc �tre s�rs. Si vous utilisez
3241+ une directive <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>
3242+ "simple" (c'est � dire ne contenant pas de
3243+ "*"), l'option --with-suexec-userdir
3244+ devra contenir la m�me valeur. SuEXEC ne fonctionnera pas
3245+ correctement si la directive <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> contient une valeur
3246+ diff�rente du r�pertoire home de l'utilisateur tel qu'il est
3247+ d�fini dans le fichier <code>passwd</code>. la valeur par d�faut
3248+ est "<code>public_html</code>".<br />
3249+ Si vous avez plusieurs h�tes virtuels avec une directive
3250+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> diff�rente
3251+ pour chacun d'entre eux, vous devrez faire en sorte que chaque
3252+ UserDir poss�de un r�pertoire parent commun ; donnez alors �
3253+ l'option --with-suexec-userdir le nom
3254+ de ce r�pertoire commun. <strong>Si tout ceci n'est pas d�fini
3255+ correctement, les requ�tes CGI "~userdir" ne fonctionneront
3256+ pas !</strong></dd>
3257+
3258+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
3259+
3260+ <dd>Cette option fonctionne comme la directive DocumentRoot pour
3261+ httpd. Il s'agit de la seule hi�rarchie (en dehors des directives
3262+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>) dans laquelle la fonctionnalit� suEXEC
3263+ pourra �tre utilis�e. La valeur par d�faut est la valeur de
3264+ <code>--datadir</code> accompagn�e du suffixe
3265+ "<code>/htdocs</code>" ;
3266+ <em>Par exemple</em>, si vous ex�cutez configure avec
3267+ "<code>--datadir=/home/apache</code>", la valeur
3268+ "<code>/home/apache/htdocs</code>" sera utilis�e par d�faut comme
3269+ racine des documents pour le conteneur suEXEC.</dd>
3270+
3271+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
3272+
3273+ <dd>Cette option d�finit l'identifiant utilisateur le plus bas
3274+ avec lequel un utilisateur pourra �tre la cible de
3275+ suEXEC. 500 ou 100 sont des valeurs courantes sur la plupart des
3276+ syst�mes. la valeur par d�faut est 100.</dd>
3277+
3278+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
3279+
3280+ <dd>Cette option d�finit l'identifiant de groupe le plus bas
3281+ avec lequel un utilisateur pourra �tre la cible de
3282+ suEXEC. 100 est une valeur courante sur la plupart des
3283+ syst�mes et est par cons�quent la valeur par d�faut.</dd>
3284+
3285+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
3286+
3287+ <dd>Cette option permet de d�finir le fichier dans lequel
3288+ toutes les transactions et erreurs de suEXEC seront journalis�es
3289+ (� des fins d'analyse ou de d�bogage). Par d�faut, le fichier
3290+ journal se nomme "<code>suexec_log</code>" et se trouve dans votre
3291+ r�pertoire standard des fichiers journaux d�fini par
3292+ <code>--logfiledir</code></dd>
3293+
3294+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
3295+
3296+ <dd>Cette option permet de d�finir une variable d'environnement
3297+ PATH s�re � passer aux ex�cutables CGI. La valeur par d�faut
3298+ est "<code>/usr/local/bin:/usr/bin:/bin</code>".</dd>
3299+ </dl>
3300+
3301+ <h3>Compilation et installation du conteneur suEXEC</h3>
3302+
3303+
3304+ <p>Si vous avez activ� la fonctionnalit� suEXEC � l'aide de
3305+ l'option <code>--enable-suexec</code>, le binaire
3306+ <code>suexec</code> sera automatiquement construit (en m�me temps
3307+ que httpd) lorsque vous ex�cuterez la commande
3308+ <code>make</code>.</p>
3309+
3310+ <p>Lorsque tous les composants auront �t� construits, vous pourrez
3311+ ex�cuter la commande <code>make install</code> afin de les
3312+ installer. Le binaire <code>suexec</code> sera install� dans le
3313+ r�pertoire d�fini � l'aide de l'option <code>--sbindir</code>. La
3314+ localisation par d�faut est "/usr/local/apache2/bin/suexec".</p>
3315+ <p>Veuillez noter que vous aurez besoin des
3316+ <strong><em>privil�ges root</em></strong> pour passer l'�tape de
3317+ l'installation. Pour que le conteneur puisse changer
3318+ l'identifiant utilisateur, il doit avoir comme propri�taire
3319+ <code><em>root</em></code>, et les droits du fichier doivent
3320+ inclure le bit d'ex�cution setuserid.</p>
3321+
3322+
3323+ <h3>&gt;Mise en place de permissions pour
3324+ parano�aque</h3>
3325+
3326+ <p>Bien que le conteneur suEXEC v�rifie que l'utilisateur qui
3327+ l'appelle correspond bien � l'utilisateur sp�cifi� � l'aide de
3328+ l'option <code>--with-suexec-caller</code> du programme
3329+ <code class="program"><a href="./programs/configure.html">configure</a></code>, il subsiste toujours le risque qu'un
3330+ appel syst�me ou une biblioth�que fasse appel � suEXEC avant que
3331+ cette v�rification ne soit exploitable sur votre syst�me. Pour
3332+ tenir compte de ceci, et parce que c'est en g�n�ral la meilleure
3333+ pratique, vous devez utiliser les permissions du syst�me de
3334+ fichiers afin de vous assurer que seul le groupe sous lequel
3335+ s'ex�cute httpd puisse faire appel � suEXEC.</p>
3336+
3337+ <p>Si, par exemple, votre serveur web est configur� pour
3338+ s'ex�cuter en tant que :</p>
3339+
3340+<pre class="prettyprint lang-config">User www
3341+Group webgroup</pre>
3342+
3343+
3344+ <p>et <code class="program"><a href="./programs/suexec.html">suexec</a></code> se trouve �
3345+ "/usr/local/apache2/bin/suexec", vous devez ex�cuter les
3346+ commandes</p>
3347+
3348+<div class="example"><p><code>
3349+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
3350+ chmod 4750 /usr/local/apache2/bin/suexec<br />
3351+</code></p></div>
3352+
3353+ <p>Ceci permet de s'assurer que seul le groupe sous lequel httpd
3354+ s'ex�cute (ici webgroup) puisse faire appel au conteneur
3355+ suEXEC.</p>
3356+
3357+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3358+<div class="section">
3359+<h2><a name="enable" id="enable">Activation et d�sactivation
3360+de suEXEC</a></h2>
3361+
3362+ <p>Au d�marrage, httpd v�rifie la pr�sence du fichier
3363+ <code class="program"><a href="./programs/suexec.html">suexec</a></code> dans le r�pertoire d�fini par
3364+ l'option <code>--sbindir</code> du script configure (le
3365+ r�pertoire par d�faut est "/usr/local/apache/sbin/suexec"). Si
3366+ httpd trouve un conteneur suEXEC correctement configur�, il
3367+ enregistrera le message suivant dans le journal des erreurs :</p>
3368+
3369+<div class="example"><p><code>
3370+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
3371+</code></p></div>
3372+
3373+ <p>Si ce message n'est pas g�n�r� au d�marrage du serveur, ce
3374+ dernier ne trouve probablement pas le programme conteneur �
3375+ l'endroit o� il est sens� �tre, ou l'ex�cutable suexec n'est pas
3376+ install� en <em>setuid root</em>.</p>
3377+
3378+ <p>Si le serveur HTTP Apache est d�j� en cours d'ex�cution, et si
3379+ vous activez le m�canisme suEXEC pour la premi�re fois, vous
3380+ devez arr�ter et red�marrer httpd. Un red�marrage
3381+ � l'aide d'un simple signal HUP ou USR1 suffira. </p>
3382+ <p>Pour d�sactiver suEXEC, vous devez supprimer le fichier
3383+ <code class="program"><a href="./programs/suexec.html">suexec</a></code>, puis arr�ter et red�marrer
3384+ httpd.</p>
3385+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3386+<div class="section">
3387+<h2><a name="usage" id="usage">Utilisation de suEXEC</a></h2>
3388+
3389+ <p>Les requ�tes pour des programmes CGI ne feront appel au
3390+ conteneur suEXEC que si elles concernent un h�te virtuel
3391+ contenant une directive <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code>, ou si elles sont
3392+ trait�es par <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>.</p>
3393+
3394+ <p><strong>H�tes virtuels :</strong><br /> Une des m�thodes
3395+ d'utilisation du conteneur suEXEC consiste � ins�rer une
3396+ directive <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> dans une section
3397+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code>. En d�finissant
3398+ des valeurs diff�rentes de celles du serveur principal, toutes les
3399+ requ�tes pour des ressources CGI seront ex�cut�es sous
3400+ les <em>User</em> et <em>Group</em> d�finis pour cette section
3401+ <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>. Si cette
3402+ directive est absente de la section <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>, l'utilisateur du
3403+ serveur principal sera pris par d�faut</p>
3404+
3405+ <p><strong>R�pertoires des utilisateurs :</strong><br /> Avec
3406+ cette m�thode, les
3407+ requ�tes trait�es par <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> appelleront le
3408+ conteneur suEXEC pour ex�cuter le programme CGI sous l'identifiant
3409+ utilisateur du r�pertoire utilisateur concern�. Seuls pr�requis
3410+ pour pouvoir acc�der � cette fonctionnalit� : l'ex�cution des CGI
3411+ doit �tre activ�e pour l'utilisateur concern�, et le script doit
3412+ passer avec succ�s le test des <a href="#model">v�rifications de
3413+ s�curit�</a> d�crit plus haut. Voir aussi l'
3414+ <a href="#install">option de compilation</a>
3415+ <code>--with-suexec-userdir</code>.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3416+<div class="section">
3417+<h2><a name="debug" id="debug">D�bogage de suEXEC</a></h2>
3418+
3419+ <p>Le conteneur suEXEC va �crire ses informations de journalisation
3420+ dans le fichier d�fini par l'option de compilation
3421+ <code>--with-suexec-logfile</code> comme indiqu� plus haut. Si vous
3422+ pensez avoir configur� et install� correctement le conteneur,
3423+ consultez ce journal, ainsi que le journal des erreurs du serveur
3424+ afin de d�terminer l'endroit o� vous avez fait fausse route.</p>
3425+
3426+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3427+<div class="section">
3428+<h2><a name="jabberwock" id="jabberwock">Avis � la population !
3429+ Avertissements et exemples</a></h2>
3430+
3431+ <p><strong>NOTE !</strong> Cette section est peut-�tre incompl�te.
3432+ Pour en consulter la derni�re r�vision, voir la version de la <a href="http://httpd.apache.org/docs/2.4/suexec.html">Documentation en ligne</a>.</p>
3433+
3434+ <p>Quelques points importants du conteneur peuvent
3435+ imposer des contraintes du point de vue de la configuration du
3436+ serveur. Veuillez en prendre connaissance avant de soumettre un
3437+ rapport de bogue � propos de suEXEC.</p>
3438+
3439+ <ul>
3440+ <li><strong>Points importants de suEXEC</strong></li>
3441+
3442+ <li>
3443+ Limitations concernant la hi�rarchie.
3444+
3445+ <p class="indent">
3446+ Pour des raisons de s�curit� et d'efficacit�, toutes les
3447+ requ�tes suEXEC ne doivent concerner que des ressources
3448+ situ�es dans la racine des documents d�finie pour les
3449+ requ�tes concernant un h�te virtuel, ou des ressources
3450+ situ�es dans la racine des documents d�finies pour les
3451+ requ�tes concernant un r�pertoire utilisateur. Par exemple,
3452+ si vous avez configur� quatre h�tes virtuels, vous devrez
3453+ d�finir la structure des racines de documents de vos h�tes
3454+ virtuels en dehors d'une hi�rarchie de documents principale
3455+ de httpd, afin de tirer parti de suEXEC dans le contexte des
3456+ h�tes virtuels (Exemple � venir).
3457+ </p>
3458+ </li>
3459+
3460+ <li>
3461+ La variable d'environnement PATH de suEXEC
3462+
3463+ <p class="indent">
3464+ Modifier cette variable peut s'av�rer dangereux. Assurez-vous
3465+ que tout chemin que vous ajoutez � cette variable est un
3466+ r�pertoire <strong>de confiance</strong>. Vous n'avez
3467+ probablement pas l'intention d'ouvrir votre serveur de fa�on
3468+ � ce que l'on puisse y ex�cuter un cheval de Troie.
3469+ </p>
3470+ </li>
3471+
3472+ <li>
3473+ Modification de suEXEC
3474+
3475+ <p class="indent">
3476+ Encore une fois, ceci peut vous causer de
3477+ <strong>graves ennuis</strong> si vous vous y essayez sans
3478+ savoir ce que vous faites. Evitez de vous y risquer dans la
3479+ mesure du possible.
3480+ </p>
3481+ </li>
3482+ </ul>
3483+
3484+</div></div>
3485+<div class="bottomlang">
3486+<p><span>Langues Disponibles: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
3487+<a href="./fr/suexec.html" title="Fran�ais">&nbsp;fr&nbsp;</a> |
3488+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
3489+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
3490+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
3491+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Commentaires</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
3492+<script type="text/javascript"><!--//--><![CDATA[//><!--
3493+var comments_shortname = 'httpd';
3494+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
3495+(function(w, d) {
3496+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
3497+ d.write('<div id="comments_thread"><\/div>');
3498+ var s = d.createElement('script');
3499+ s.type = 'text/javascript';
3500+ s.async = true;
3501+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
3502+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
3503+ }
3504+ else {
3505+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
3506+ }
3507+})(window, document);
3508+//--><!]]></script></div><div id="footer">
3509+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Autoris� sous <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
3510+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossaire</a> | <a href="./sitemap.html">Plan du site</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
3511+if (typeof(prettyPrint) !== 'undefined') {
3512+ prettyPrint();
3513+}
3514+//--><!]]></script>
3515+</body></html>
3516\ No newline at end of file
3517diff --git a/docs/manual/suexec.html.ja.utf8 b/docs/manual/suexec.html.ja.utf8
3518new file mode 100644
3519index 0000000..31fd90d
3520--- /dev/null
3521+++ b/docs/manual/suexec.html.ja.utf8
3522@@ -0,0 +1,643 @@
3523+<?xml version="1.0" encoding="UTF-8"?>
3524+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3525+<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head>
3526+<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
3527+<!--
3528+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3529+ This file is generated from xml source: DO NOT EDIT
3530+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3531+ -->
3532+<title>suEXEC サポート - Apache HTTP サーバ バージョン 2.4</title>
3533+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
3534+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
3535+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
3536+<script src="./style/scripts/prettify.min.js" type="text/javascript">
3537+</script>
3538+
3539+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
3540+<body id="manual-page"><div id="page-header">
3541+<p class="menu"><a href="./mod/">モジュール</a> | <a href="./mod/directives.html">ディレクティブ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">用語</a> | <a href="./sitemap.html">サイトマップ</a></p>
3542+<p class="apache">Apache HTTP サーバ バージョン 2.4</p>
3543+<img alt="" src="./images/feather.png" /></div>
3544+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
3545+<div id="path">
3546+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP サーバ</a> &gt; <a href="http://httpd.apache.org/docs/">ドキュメンテーション</a> &gt; <a href="./">バージョン 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC サポート</h1>
3547+<div class="toplang">
3548+<p><span>翻訳済み言語: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
3549+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
3550+<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
3551+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
3552+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
3553+</div>
3554+<div class="outofdate">この日本語訳はすでに古くなっている
3555+ 可能性があります。
3556+ 最近更新された内容を見るには英語版をご覧下さい。
3557+ </div>
3558+
3559+ <p><strong>suEXEC</strong>
3560+ 機能により、Apache ユーザは Web サーバを実行しているユーザ ID とは
3561+ 異なるユーザ ID で <strong>CGI</strong> プログラムや <strong>SSI</strong>
3562+ プログラムを実行することができます。CGI プログラムまたは SSI
3563+ プログラムを実行する場合、通常は web サーバと同じユーザで実行されます。
3564+ </p>
3565+
3566+ <p>適切に使用すると、この機能によりユーザが個別の CGI
3567+ や SSI プログラムを開発し実行することで生じるセキュリティ上の危険を、
3568+ かなり減らすことができます。しかし、suEXEC の設定が不適切だと、
3569+ 多くの問題が生じ、あなたのコンピュータに新しいセキュリティホールを
3570+ 作ってしまう可能性があります。あなたが <em>setuid root</em>
3571+ されたプログラムと、それらから生じるセキュリティ上の問題の管理に
3572+ 詳しくないようなら、suEXEC の使用を検討しないように強く推奨します。
3573+ </p>
3574+ </div>
3575+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">始める前に</a></li>
3576+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC セキュリティモデル</a></li>
3577+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC
3578+ の設定とインストール</a></li>
3579+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC
3580+ の有効化と無効化</a></li>
3581+<li><img alt="" src="./images/down.gif" /> <a href="#usage">suEXEC の使用</a></li>
3582+<li><img alt="" src="./images/down.gif" /> <a href="#debug">suEXEC のデバッグ</a></li>
3583+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">とかげに注意: 警告と事例</a></li>
3584+</ul><h3>参照</h3><ul class="seealso"><li><a href="#comments_section">コメント</a></li></ul></div>
3585+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3586+<div class="section">
3587+<h2><a name="before" id="before">始める前に</a></h2>
3588+
3589+ <p>この文書の先頭に飛ぶ前に、Apache
3590+ グループとこの文書での仮定を知っておくべきでしょう。
3591+ </p>
3592+
3593+ <p>第 1 に、あなたが <strong>setuid</strong> と
3594+ <strong>setgid</strong> 操作が可能な UNIX
3595+ 由来のオペレーティングシステムを使っていることを想定しています。
3596+ これは、すべてのコマンド例にあてはまります。
3597+ その他のプラットホームでは、もし suEXEC
3598+ がサポートされていたとしても設定は異なるかもしれません。</p>
3599+
3600+ <p>第 2 に、あなたが使用中のコンピュータの
3601+ セキュリティに関する基本的な概念と、それらの管理について詳しいことを
3602+ 想定しています。これは、<strong>setuid/setgid</strong>
3603+ 操作、あなたのシステム上でのその操作による様々な効果、
3604+ セキュリティレベルについてあなたが理解しているということを含みます。
3605+ </p>
3606+
3607+ <p>第 3 に、<strong>改造されていない</strong> suEXEC
3608+ コードの使用を想定しています。suEXEC のコードは、
3609+ 多くのベータテスタだけでなく、開発者によっても注意深く精査され
3610+ テストされています。それらの注意により、簡潔で信頼できる安全な
3611+ コードの基盤が保証されます。このコードを改変することで、
3612+ 予期されない問題や新しいセキュリティ上の危険が生じることがあります。
3613+ セキュリティプログラミングの詳細に通じていて、
3614+ 今後の検討のために成果を Apache
3615+ グループと共有しようと思うのでなければ、suEXEC
3616+ コードは変えないことを <strong>強く</strong>推奨します。</p>
3617+
3618+ <p>第 4 に、これが最後ですが、suEXEC を Apache
3619+ のデフォルトインストールには<strong>含めない</strong>ことが
3620+ Apache グループで決定されています。これは、suEXEC
3621+ の設定には管理者の詳細にわたる慎重な注意が必要だからです。
3622+ suEXEC の様々な設定について検討が終われば、管理者は suEXEC
3623+ を通常のインストール方法でインストールすることができます。
3624+ これらの設定値は、suEXEC
3625+ 機能の使用中にシステムセキュリティを適切に保つために、
3626+ 管理者によって慎重に決定され指定されることが必要です。
3627+ この詳細な手順により、Apache グループは、suEXEC
3628+ のインストールについて、注意深く十分に検討してそれを使用することを
3629+ 決定した場合に限っていただきたいと考えています。
3630+ </p>
3631+
3632+ <p>それでも進みますか? よろしい。では、先へ進みましょう!</p>
3633+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3634+<div class="section">
3635+<h2><a name="model" id="model">suEXEC セキュリティモデル</a></h2>
3636+
3637+ <p>suEXEC の設定とインストールを始める前に、
3638+ まず実装しようとしているセキュリティモデルについて論じておきます。
3639+ それには、suEXEC の内部で行なわれていること、
3640+ システムのセキュリティを保証するために警告されることを
3641+ よく理解しておいた方がよいでしょう。</p>
3642+
3643+ <p><strong>suEXEC</strong> は、Apache web
3644+ サーバから呼び出される setuid された "wrapper"
3645+ プログラムが基本となっています。設計した CGI、または SSI
3646+ プログラムへの HTTP リクエストがあると、この wrapper
3647+ が呼び出されます。このようなリクエストがあると、Apache
3648+ はそのプログラムが実行される際のプログラム名とユーザ ID とグループ
3649+ ID を指定して suEXEC wrapper を実行します。
3650+ </p>
3651+
3652+ <p>それから、wrapper は成功または失敗を決定するため
3653+ 以下の処理を行ないます。これらの状態のうち一つでも失敗した場合、
3654+ プログラムは失敗をログに記録してエラーで終了します。
3655+ そうでなければ、後の処理が続けられます。</p>
3656+
3657+ <ol>
3658+ <li>
3659+ <strong>wrapper
3660+ を実行しているユーザはこのシステムの正当なユーザか?</strong>
3661+
3662+ <p class="indent">
3663+ これは、wrapper を実行しているユーザが
3664+ 本当にシステムの利用者であることを保証するためです。
3665+ </p>
3666+ </li>
3667+
3668+
3669+ <li>
3670+ <strong>wrapper が適切な数の引数で呼び出されたか?</strong>
3671+
3672+
3673+ <p class="indent">
3674+ wrapper は適切な数の引数が与えられた場合にのみ実行されます。
3675+ 適切な引数のフォーマットは Apache Web サーバに解釈されます。
3676+ 適切な数の引数を受け取らなければ、攻撃をされたか
3677+ あなたの Apache バイナリの suEXEC の部分が
3678+ どこかおかしい可能性があります。
3679+ </p>
3680+ </li>
3681+
3682+ <li>
3683+ <strong>この正当なユーザは wrapper
3684+ の実行を許可されているか?</strong>
3685+
3686+ <p class="indent">
3687+ このユーザは wrapper 実行を許可されたユーザですか?
3688+ ただ一人のユーザ (Apache ユーザ) だけが、
3689+ このプログラムの実行を許可されます。
3690+ </p>
3691+ </li>
3692+
3693+ <li>
3694+ <strong>対象の CGI, SSI プログラムが安全でない階層の参照をしているか?
3695+ </strong>
3696+
3697+ <p class="indent">
3698+ 対象の CGI, SSI プログラムが '/' から始まる、または
3699+ '..' による参照を行なっていますか? これらは許可されません。
3700+ 対象のプログラムは suEXEC のドキュメントルート
3701+ (下記の <code>--with-suexec-docroot=<em>DIR</em></code> を参照)
3702+ 内に存在しなければなりません。
3703+ </p>
3704+ </li>
3705+
3706+ <li>
3707+ <strong>対象となるユーザ名は正当なものか?</strong>
3708+
3709+ <p class="indent">
3710+ 対象となるユーザ名は存在していますか?
3711+ </p>
3712+ </li>
3713+
3714+ <li>
3715+ <strong>対象となるグループ名は正当なものか?</strong>
3716+
3717+ <p class="indent">
3718+ 対象となるグループ名は存在していますか?
3719+ </p>
3720+ </li>
3721+
3722+ <li>
3723+ <strong>目的のユーザはスーパーユーザでは<em>ない</em>か?
3724+ </strong>
3725+
3726+ <p class="indent">
3727+ 今のところ、suEXEC は <code><em>root</em></code> による CGI/SSI
3728+ プログラムの実行を許可していません。
3729+ </p>
3730+ </li>
3731+
3732+ <li>
3733+ <strong>対象となるユーザ ID は、最小の ID
3734+ 番号よりも<em>大きい</em>か? </strong>
3735+
3736+ <p class="indent">
3737+ 最小ユーザ ID 番号は設定時に指定されます。これは、
3738+ CGI/SSI プログラム実行を許可されるユーザ ID
3739+ のとりうる最小値です。これは
3740+ "system" 用のアカウントを閉め出すのに有効です。
3741+ </p>
3742+ </li>
3743+
3744+ <li>
3745+ <strong>対象となるグループはスーパーユーザのグループでは
3746+ <em>ない</em>か?</strong>
3747+
3748+ <p class="indent">
3749+ 今のところ、suEXEC は 'root' グループによる CGI/SSI
3750+ プログラムの実行を許可していません。
3751+ </p>
3752+ </li>
3753+
3754+ <li>
3755+ <strong>対象となるグループ ID は最小の ID
3756+ 番号よりも<em>大きい</em>か?</strong>
3757+
3758+ <p class="indent">
3759+ 最小グループ ID 番号は設定時に指定されます。これは、
3760+ CGI/SSI プログラム実行を許可されるグループ
3761+ ID のとりうる最小値です。
3762+ これは "system" 用のグループを閉め出すのに有効です。
3763+ </p>
3764+ </li>
3765+
3766+ <li>
3767+ <strong>wrapper が正常に対象となるユーザとグループになれるか?
3768+ </strong>
3769+
3770+ <p class="indent">
3771+ ここで、setuid と setgid
3772+ の起動によりプログラムは対象となるユーザとグループになります。
3773+ グループアクセスリストは、
3774+ ユーザが属しているすべてのグループで初期化されます。
3775+ </p>
3776+ </li>
3777+
3778+ <li>
3779+ <strong>CGI/SSI プログラムが置かれているディレクトリに移動
3780+ (change directory) できるか?</strong>
3781+
3782+ <p class="indent">
3783+ ディレクトリが存在しないなら、そのファイルも存在しないかもしれません。
3784+ ディレクトリに移動できないのであれば、おそらく存在もしないでしょう。
3785+ </p>
3786+ </li>
3787+
3788+ <li>
3789+ <strong>ディレクトリが Apache のドキュメントツリー内にあるか?
3790+ </strong>
3791+
3792+ <p class="indent">
3793+ リクエストがサーバ内のものであれば、
3794+ 要求されたディレクトリが suEXEC のドキュメントルート配下にありますか?
3795+ リクエストが UserDir のものであれば、要求されたディレクトリが suEXEC
3796+ のユーザのドキュメントルート配下にありますか?
3797+ (<a href="#install">suEXEC 設定オプション</a> 参照)
3798+ </p>
3799+ </li>
3800+
3801+ <li>
3802+ <strong>ディレクトリを他のユーザが書き込めるようになって
3803+ <em>いない</em>か?</strong>
3804+
3805+ <p class="indent">
3806+ ディレクトリを他ユーザに開放しないようにします。
3807+ 所有ユーザだけがこのディレクトリの内容を改変できるようにします。
3808+ </p>
3809+ </li>
3810+
3811+
3812+ <li>
3813+ <strong>対象となる CGI/SSI プログラムは存在するか?</strong>
3814+
3815+ <p class="indent">
3816+ 存在しなければ実行できません。
3817+ </p>
3818+ </li>
3819+
3820+ <li>
3821+ <strong>対象となる CGI/SSI プログラムファイルが他アカウントから
3822+ 書き込めるようになって<em>いない</em>か?</strong>
3823+
3824+ <p class="indent">
3825+ 所有者以外には CGI/SSI プログラムを変更する権限は与えられません。
3826+ </p>
3827+ </li>
3828+
3829+
3830+ <li>
3831+ <strong>対象となる CGI/SSI プログラムが setuid または setgid
3832+ されて<em>いない</em>か?</strong>
3833+
3834+ <p class="indent">
3835+ UID/GID を再度変更してのプログラム実行はしません
3836+ </p>
3837+ </li>
3838+
3839+
3840+ <li>
3841+ <strong>対象となるユーザ/グループがプログラムの
3842+ ユーザ/グループと同じか?</strong>
3843+
3844+ <p class="indent">
3845+ ユーザがそのファイルの所有者ですか?
3846+ </p>
3847+ </li>
3848+
3849+ <li>
3850+ <strong>安全な動作を保証するための環境変数クリアが可能か?
3851+ </strong>
3852+
3853+ <p class="indent">
3854+ suEXEC は、安全な環境変数のリスト
3855+ (これらは設定時に作成されます) 内の変数として渡される安全な
3856+ PATH 変数 (設定時に指定されます) を設定することで、
3857+ プロセスの環境変数をクリアします。
3858+ </p>
3859+ </li>
3860+
3861+
3862+ <li>
3863+ <strong>対象となる CGI/SSI プログラムを exec して実行できるか?</strong>
3864+
3865+
3866+ <p class="indent">
3867+ ここで suEXEC が終了し、対象となるプログラムが開始されます。
3868+ </p>
3869+ </li>
3870+ </ol>
3871+
3872+ <p>ここまでが suEXEC の wrapper
3873+ におけるセキュリティモデルの標準的な動作です。もう少し厳重に
3874+ CGI/SSI 設計についての新しい制限や規定を取り入れることもできますが、
3875+ suEXEC はセキュリティに注意して慎重に少しずつ開発されてきました。
3876+ </p>
3877+
3878+ <p>このセキュリティモデルを用いて
3879+ サーバ設定時にどのように許すことを制限するか、また、suEXEC
3880+ を適切に設定するとどのようなセキュリティ上の危険を避けられるかに
3881+ 関するより詳しい情報については、<a href="#jabberwock">"とかげに注意"
3882+ (Beware the Jabberwock)</a> の章を参照してください。
3883+ </p>
3884+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3885+<div class="section">
3886+<h2><a name="install" id="install">suEXEC
3887+ の設定とインストール</a></h2>
3888+
3889+ <p>ここから楽しくなります。</p>
3890+
3891+ <p><strong>suEXEC
3892+ 設定オプション</strong><br />
3893+ </p>
3894+
3895+ <dl>
3896+ <dt><code>--enable-suexec</code></dt>
3897+
3898+ <dd>このオプションは、デフォルトではインストールされず、
3899+ 有効にはならない suEXEC 機能を有効にします。
3900+ suEXEC を使うように APACI に要求するには、<code>--enable-suexec</code>
3901+ オプションにあわせて少なくとも一つは <code>--with-suexec-xxxxx</code>
3902+ オプションが指定されなければなりません。</dd>
3903+
3904+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
3905+
3906+ <dd>セキュリティ上の理由により、<code>suexec</code> バイナリのパスはサーバに
3907+ ハードコードされている必要があります。デフォルトのパスを
3908+ 変えたいときはこのオプションを使ってください。<em>例えば</em>、
3909+ <code>--with-suexec-bin=/usr/sbin/suexec</code> のように。</dd>
3910+
3911+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
3912+
3913+ <dd>Apache を通常動作させる<a href="mod/mpm_common.html#user">ユーザ名</a>を指定します。
3914+ このユーザだけが suexec の実行を許可されたユーザになります。</dd>
3915+
3916+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
3917+
3918+ <dd>suEXEC がアクセスを許されるユーザホームディレクトリ配下の
3919+ サブディレクトリを指定します。
3920+ このディレクトリ以下の全実行ファイルは、"安全な"プログラムになるよう、
3921+ suEXEC がそのユーザとして実行できるようにします。
3922+ "単純な" UserDir ディレクティブを使っている場合
3923+ (すなわち "*" を含まないもの)、これと同じ値を設定すべきです。
3924+ Userdir ディレクティブがそのユーザのパスワードファイル内の
3925+ ホームディレクトリと同じ場所を指していなければ、
3926+ suEXEC は適切に動作しません。デフォルトは "public_html" です。
3927+ <br />
3928+ 各 UserDir が異なった仮想ホストを設定している場合、
3929+ それらを全て一つの親ディレクトリに含めて、
3930+ その親ディレクトリの名前をここで指定する必要があります。
3931+ <strong>このように指定されなければ "~userdir" cgi
3932+ へのリクエストが動作しません。</strong></dd>
3933+
3934+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
3935+
3936+ <dd>Apache のドキュメントルートを設定します。これが suEXEC
3937+ の動作で使用する唯一のディレクトリ階層になります (UserDir
3938+ の指定は別)。デフォルトでは <code>--datedir</code> に "/htdocs"
3939+ というサフィックスをつけたものです。
3940+ "<code>--datadir=/home/apache</code>" として設定すると、
3941+ suEXEC wrapper にとって "/home/apache/htdocs"
3942+ がドキュメントルートとして使われます。</dd>
3943+
3944+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
3945+
3946+ <dd>suEXEC の対象ユーザとして許される UID の最小値を指定します。
3947+ 大抵のシステムでは 500 か 100 が一般的です。
3948+ デフォルト値は 100 です。</dd>
3949+
3950+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
3951+
3952+ <dd>suEXEC の対象グループとして許される GID
3953+ の最小値を指定します。大抵のシステムでは 100 が一般的なので、
3954+ デフォルト値としても 100 が使われています。</dd>
3955+
3956+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
3957+
3958+ <dd>suEXEC の処理とエラーが記録されるファイル名を指定します。
3959+ (監査やデバッグ目的に有用)
3960+ デフォルトではログファイルは "suexec_log" という名前で、
3961+ 標準のログファイルディレクトリ (<code>--logfiledir</code>) に置かれます。
3962+ </dd>
3963+
3964+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
3965+
3966+ <dd>CGI 実行ファイルに渡される安全な PATH 環境変数です。
3967+ デフォルト値は "/usr/local/bin:/usr/bin:/bin" です。
3968+ </dd>
3969+ </dl>
3970+
3971+ <p><strong>suEXEC wrapper
3972+ のコンパイルとインストール</strong><br />
3973+ <code>--enable-suexec</code> オプションで suEXEC 機能を有効にすると、
3974+ "make" コマンドを実行した時に <code>suexec</code> のバイナリ (Apache 自体も)
3975+ が自動的に作成されます。
3976+ <br />
3977+ すべての構成要素が作成されると、それらのインストールには
3978+ <code>make install</code> コマンドが実行できます。バイナリイメージの <code>suexec</code>
3979+ は <code>--sbindir</code> オプションで指定されたディレクトリにインストールされます。
3980+ デフォルトの場所は "/usr/local/apache/bin/suexec" です。<br />
3981+ インストール時には <strong><em>root</em></strong>
3982+ 権限が必要なので注意してください。wrapper がユーザ ID
3983+ を設定するために、所有者 <code><em>root</em></code>
3984+ でのセットユーザ ID
3985+ ビットをそのファイルのモードに設定しなければなりません。
3986+ </p>
3987+
3988+ <p><strong>安全なパーミッションを設定する</strong><br />
3989+ suEXEC ラッパーは、<code>--with-suexec-caller</code> <code class="program"><a href="./programs/configure.html">configure</a></code>
3990+ オプションで指定した正しいユーザで起動されていることを確認しますが、
3991+ システム上でこのチェックが行なわれる前に、
3992+ suEXEC が呼ぶシステムやライブラリが脆弱である可能性は残ります。対抗策として、
3993+ 一般に良い習慣ともされいますが、
3994+ ファイルシステムパーミッションを使って
3995+ Apache の実行時のグループのみが suEXEC を実行できるように
3996+ するのが良いでしょう。</p>
3997+
3998+ <p>たとえば、次のようにサーバが設定されていたとします。</p>
3999+
4000+<div class="example"><p><code>
4001+ User www<br />
4002+ Group webgroup<br />
4003+</code></p></div>
4004+
4005+ <p><code class="program"><a href="./programs/suexec.html">suexec</a></code> が "/usr/local/apache2/bin/suexec"
4006+ にインストールされていた場合、次のように設定する必要があります。</p>
4007+
4008+<div class="example"><p><code>
4009+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
4010+ chmod 4750 /usr/local/apache2/bin/suexec<br />
4011+</code></p></div>
4012+
4013+ <p>これで Apache が実行されるグループのみが
4014+ suEXEC ラッパーを実行できるということを
4015+ 確証します。</p>
4016+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4017+<div class="section">
4018+<h2><a name="enable" id="enable">suEXEC
4019+ の有効化と無効化</a></h2>
4020+
4021+ <p>起動時に、Apache は <code>--sbindir</code>
4022+ オプションで設定されたディレクトリで
4023+ <code>suexec</code> を探します
4024+ (デフォルトは "/usr/local/apache/sbin/suexec") 。
4025+ 適切に設定された suEXEC がみつかると、
4026+ エラーログに以下のメッセージが出力されます。</p>
4027+
4028+<div class="example"><p><code>
4029+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
4030+</code></p></div>
4031+
4032+ <p>サーバ起動時にこのメッセージが出ない場合、
4033+ 大抵はサーバが想定した場所で wrapper プログラムが見つからなかったか、
4034+ <em>setuid root</em> としてインストールされていないかです。</p>
4035+
4036+ <p>suEXEC の仕組みを使用するのが初めてで、Apache が既に動作中であれば、
4037+ Apache を kill して、再起動しなければなりません。HUP シグナルや
4038+ USR1 シグナルによる単純な再起動では不十分です。</p>
4039+ <p>suEXEC を無効にする場合は、<code>suexec</code> ファイルを削除してから
4040+ Apache を kill して再起動します。
4041+ </p>
4042+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4043+<div class="section">
4044+<h2><a name="usage" id="usage">suEXEC の使用</a></h2>
4045+
4046+ <p>CGI プログラムへのリクエストが suEXEC ラッパーを呼ぶのは、
4047+ <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ディレクティブを
4048+ 含むバーチャルホストへのリクエストか、<code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> により
4049+ 処理されたリクエストの場合に限ります。</p>
4050+
4051+ <p><strong>仮想ホスト:</strong><br />
4052+ suEXEC wrapper の使い方として、
4053+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> 設定での
4054+ <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code>
4055+ ディレクティブを通したものがあります。
4056+ このディレクティブをメインサーバのユーザ ID
4057+ と異なるものにすると、CGI リソースへのすべてのリクエストは、その
4058+ <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code> で指定された <em>User</em> と
4059+ <em>Group</em> として実行されます。<code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>
4060+ でこのディレクティブが指定されていない場合、
4061+ メインサーバのユーザ ID が想定されます。</p>
4062+
4063+ <p><strong>ユーザディレクトリ:</strong><br />
4064+ <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> により処理されたリクエストは
4065+ リクエストされたユーザディレクトリのユーザ ID で CGI プログラムを
4066+ 実行するために suEXEC ラッパーを呼びます。
4067+ この機能を動作させるために必要なことは、CGI
4068+ をそのユーザで実行できること、そのスクリプトが上記の<a href="#model">セキュリティ検査</a>をパスできることです。
4069+ <a href="#install">コンパイル
4070+ 時のオプション</a> <code>--with-suexec-userdir</code> も参照してください。</p>
4071+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4072+<div class="section">
4073+<h2><a name="debug" id="debug">suEXEC のデバッグ</a></h2>
4074+
4075+ <p>suEXEC wrapper は、上記で述べた <code>--with-suexec-logfile</code>
4076+ オプションで指定されたファイルにログ情報を記録します。
4077+ wrapper を適切に設定、インストールできていると思う場合、
4078+ どこで迷っているか見ようとするならこのログとサーバの
4079+ エラーログを見るとよいでしょう。</p>
4080+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4081+<div class="section">
4082+<h2><a name="jabberwock" id="jabberwock">とかげに注意: 警告と事例</a></h2>
4083+
4084+ <p><strong>注意!</strong>
4085+ この章は完全ではありません。この章の最新改訂版については、
4086+ Apache グループの<a href="http://httpd.apache.org/docs/2.4/suexec.html">
4087+ オンラインドキュメント</a>版を参照してください。
4088+ </p>
4089+
4090+ <p>サーバの設定に制限をもうける wrapper について、
4091+ いくつか興味深い点があります。suEXEC に関する "バグ"
4092+ を報告する前にこれらを確認してください。</p>
4093+
4094+ <ul>
4095+ <li><strong>suEXEC の興味深い点</strong></li>
4096+
4097+ <li>階層構造の制限
4098+
4099+
4100+ <p class="indent">
4101+ セキュリティと効率の理由から、<code>suEXEC</code> の全てのリクエストは
4102+ 仮想ホストへのリクエストにおける最上位のドキュメントルート内か、
4103+ ユーザディレクトリへのリクエストにおける個々のユーザの最上位の
4104+ ドキュメントルート内に残らなければなりません。
4105+ 例えば、四つの仮想ホストを設定している場合、
4106+ 仮想ホストの suEXEC に有利なように、メインの Apache
4107+ ドキュメント階層の外側に全ての仮想ホストのドキュメントルートを
4108+ 構築する必要があります。(例は後日記載)
4109+ </p>
4110+ </li>
4111+
4112+ <li>suEXEC の PATH 環境変数
4113+
4114+
4115+ <p class="indent">
4116+ これを変更するのは危険です。この指定に含まれる各パスが
4117+ <strong>信頼できる</strong>
4118+ ディレクトリであることを確認してください。
4119+ 世界からのアクセスにより、誰かがホスト上でトロイの木馬
4120+ を実行できるようにはしたくないでしょう。
4121+ </p>
4122+ </li>
4123+
4124+ <li>suEXEC コードの改造
4125+
4126+
4127+ <p class="indent">
4128+ 繰り返しますが、何をやろうとしているか把握せずにこれをやると
4129+ <strong>大きな問題</strong>を引き起こしかねません。
4130+ 可能な限り避けてください。
4131+ </p>
4132+ </li>
4133+ </ul>
4134+</div></div>
4135+<div class="bottomlang">
4136+<p><span>翻訳済み言語: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4137+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
4138+<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
4139+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
4140+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
4141+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">コメント</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
4142+<script type="text/javascript"><!--//--><![CDATA[//><!--
4143+var comments_shortname = 'httpd';
4144+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
4145+(function(w, d) {
4146+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
4147+ d.write('<div id="comments_thread"><\/div>');
4148+ var s = d.createElement('script');
4149+ s.type = 'text/javascript';
4150+ s.async = true;
4151+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
4152+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
4153+ }
4154+ else {
4155+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
4156+ }
4157+})(window, document);
4158+//--><!]]></script></div><div id="footer">
4159+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />この文書は <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> のライセンスで提供されています。.</p>
4160+<p class="menu"><a href="./mod/">モジュール</a> | <a href="./mod/directives.html">ディレクティブ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">用語</a> | <a href="./sitemap.html">サイトマップ</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
4161+if (typeof(prettyPrint) !== 'undefined') {
4162+ prettyPrint();
4163+}
4164+//--><!]]></script>
4165+</body></html>
4166\ No newline at end of file
4167diff --git a/docs/manual/suexec.html.ko.euc-kr b/docs/manual/suexec.html.ko.euc-kr
4168new file mode 100644
4169index 0000000..0e8df7a
4170--- /dev/null
4171+++ b/docs/manual/suexec.html.ko.euc-kr
4172@@ -0,0 +1,564 @@
4173+<?xml version="1.0" encoding="EUC-KR"?>
4174+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4175+<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head>
4176+<meta content="text/html; charset=EUC-KR" http-equiv="Content-Type" />
4177+<!--
4178+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4179+ This file is generated from xml source: DO NOT EDIT
4180+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4181+ -->
4182+<title>suEXEC ���� - Apache HTTP Server Version 2.4</title>
4183+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
4184+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
4185+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
4186+<script src="./style/scripts/prettify.min.js" type="text/javascript">
4187+</script>
4188+
4189+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
4190+<body id="manual-page"><div id="page-header">
4191+<p class="menu"><a href="./mod/">���</a> | <a href="./mod/directives.html">���þ��</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">���</a> | <a href="./sitemap.html">����Ʈ��</a></p>
4192+<p class="apache">Apache HTTP Server Version 2.4</p>
4193+<img alt="" src="./images/feather.png" /></div>
4194+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
4195+<div id="path">
4196+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC ����</h1>
4197+<div class="toplang">
4198+<p><span>������ ���: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4199+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran&#231;ais">&nbsp;fr&nbsp;</a> |
4200+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4201+<a href="./ko/suexec.html" title="Korean">&nbsp;ko&nbsp;</a> |
4202+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
4203+</div>
4204+<div class="outofdate">�� ������ �ֽ��� ������ �ƴմϴ�.
4205+ �ֱٿ� ����� ������ ���� ������ �����ϼ���.</div>
4206+
4207+ <p><strong>suEXEC</strong> ����� ����ġ�� <strong>CGI</strong>��
4208+ <strong>SSI</strong> ���α׷��� �������� ������ ����� ID��
4209+ �ƴ� �ٸ� ����� ID�� �����ϵ��� �Ѵ�. ���� CGI�� SSI ���α׷���
4210+ �����ϸ� �������� ������ ����ڿ� ���� ����ڷ� �����Ѵ�.</p>
4211+
4212+ <p>�� ����� ������ ����ϸ� ����ڰ� ���� CGI�� SSI ���α׷���
4213+ �����ϰ� �����Ҷ� �߻��� �� �ִ� ���������� ����� ����
4214+ �� �ִ�. �׷��� suEXEC�� �������ϰ� �����Ǹ� ���� ������
4215+ ��ǻ�Ϳ� ���ο� ���� ������ ���� �� �ִ�. ���� <em>setuid root</em>
4216+ ���α׷��� �̷� ���α׷��� ���� ������ �����ϴٸ� suEXEC��
4217+ ��������ʱ� �������� �ٶ���.</p>
4218+ </div>
4219+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">�����ϱ� ����</a></li>
4220+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC ���ȸ�</a></li>
4221+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC ������ ��ġ</a></li>
4222+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC �� ���</a></li>
4223+<li><img alt="" src="./images/down.gif" /> <a href="#usage">suEXEC ����ϱ�</a></li>
4224+<li><img alt="" src="./images/down.gif" /> <a href="#debug">suEXEC ������ϱ�</a></li>
4225+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">�ٽ� �ѹ� �����϶�: ���� ����</a></li>
4226+</ul><h3>����</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
4227+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4228+<div class="section">
4229+<h2><a name="before" id="before">�����ϱ� ����</a></h2>
4230+
4231+ <p>�����ϱ� ���� �켱 ����ġ�׷�� �� ������ ������ ������.</p>
4232+
4233+ <p>���� <strong>setuid</strong>�� <strong>setgid</strong>
4234+ ����� ������ ���н��� �ü���� ����Ѵٰ� �����Ѵ�. ���
4235+ ��ɾ� ���鵵 ���� ������ �Ѵ�. suEXEC�� �����ϴ� �ٸ� �÷�����
4236+ ����ϴٸ� ������ �ٸ� �� �ִ�.</p>
4237+
4238+ <p>�ι�°, ����� ��ǻ�� ������ �⺻ ����� ������ �ͼ��ϴٰ�
4239+ �����Ѵ�. ���⿡�� <strong>setuid/setgid</strong> ��ɰ�
4240+ �̵��� �ý��۰� ���ȿ� ��ġ�� ���� ���⿡ ���� ���ذ� ���Եȴ�.</p>
4241+
4242+ <p>����°, suEXEC �ڵ��� <strong>������������</strong>
4243+ ������ ����Ѵٰ� �����Ѵ�. �����ڿ� ���� ��Ÿ�׽��͵���
4244+ suEXEC�� ���õ� ��� �ڵ带 ���ɽ����� �����ϰ� �˻��ߴ�.
4245+ �ڵ带 �����ϰ� �ϰ� Ȯ���� ������ �����ϱ����� ��� ���Ǹ�
4246+ ��￴��. �� �ڵ带 �����ϸ� ����ġ���� ������ ���ο� ����
4247+ ������ �߻��� �� �ִ�. ���� ���α׷��ֿ� ���� �ſ� �� �˰�
4248+ �ڵ带 ���캸������ ����ġ�׷�� �۾��� ������ �ǻ簡 ���ٸ�
4249+ suEXEC �ڵ带 ���������ʱ� <strong>������</strong> ���Ѵ�.</p>
4250+
4251+ <p>�׹�°���� ����������, ����ġ�׷��� suEXEC�� ����ġ
4252+ �⺻��ġ�� �������� <strong>�ʱ��</strong> �����ߴ�. �ᱹ
4253+ �����ڰ� ���Ǹ� ��←�� suEXEC�� �����ؾ� �Ѵ�. suEXEC��
4254+ ���� ������ �� ������� �����ڴ� �Ϲ����� ��ġ����� suEXEC��
4255+ ��ġ�� �� �ִ�. suEXEC ����� ����ϴ� �ý����� ������ å������
4256+ �����ڴ� �� ���������� �����ְ� ���캸�� �����ؾ� �Ѵ�.
4257+ �̷� ���� ������ suEXEC�� ����Ҹ�ŭ �����ְ� ��ȣ��
4258+ ������� suEXEC�� ����ϵ��� ����ġ�׷��� ���ϱ� �����̴�.</p>
4259+
4260+ <p>������ ����ϱ� ���ϴ°�? �׷���? ����. ���� ��������!</p>
4261+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4262+<div class="section">
4263+<h2><a name="model" id="model">suEXEC ���ȸ�</a></h2>
4264+
4265+ <p>suEXEC�� �����ϰ� ��ġ�ϱ� ���� �츮�� ���ȸ��� ����
4266+ �����Ѵ�. �̸� ���� ��Ȯ�� suEXEC �ȿ����� ���� ���� �Ͼ��
4267+ �ý����� ������ ���� ������ �����ؾ� ���� �� �� ������ ��
4268+ �ִ�.</p>
4269+
4270+ <p><strong>suEXEC</strong>�� ����ġ �������� �θ��� setuid
4271+ "wrapper" ���α׷��� ������� �Ѵ�. �� wrapper�� �����ڰ�
4272+ �ּ����� �ٸ� userid�� �����ϵ��� ������ CGI�� SSI ���α׷���
4273+ HTTP ��û�� ���� �Ҹ���. �̷� ��û�� ���� ����ġ�� suEXEC
4274+ wrapper���� ���α׷���� ���α׷��� ������ ����ڿ� �׷�
4275+ ID�� �����Ѵ�.</p>
4276+
4277+ <p>�׷��� wrapper�� ���� ������ ���� ������ ���и� �����Ѵ�.
4278+ �� ������ �ϳ��� �����ϸ� ���α׷��� ���з� ��ϵǰ� ������
4279+ ���� �����Ѵ�. �������� ������ ������ ����Ѵ�:</p>
4280+
4281+ <ol>
4282+ <li>
4283+ <strong>wrapper�� �����ϴ� ����ڰ� �ý����� ��������
4284+ �������</strong>
4285+
4286+ <p class="indent">
4287+ wrapper�� �����ϴ� ����ڰ� ������ �ý����� ���������
4288+ Ȯ���Ѵ�.
4289+ </p>
4290+ </li>
4291+
4292+ <li>
4293+ <strong>������ ���� �ƱԸ�Ʈ�� wrapper�� �����ϴ°�?</strong>
4294+
4295+ <p class="indent">
4296+ wrapper�� ������ ���� �ƱԸ�Ʈ�� �־�߸� ����ȴ�.
4297+ ����ġ �������� �� ������ �ȴ�. wrapper�� ������ ����
4298+ �ƱԸ�Ʈ�� �������ϸ� ��ŷ�Ǿ��ų� ����ġ�� suEXEC��
4299+ ���� ������ �ִ� ���̴�.
4300+ </p>
4301+ </li>
4302+
4303+ <li>
4304+ <strong>�� ����ڰ� wrapper�� �����ϵ��� ���Ǿ���?</strong>
4305+
4306+ <p class="indent">
4307+ �� ����ڰ� wrapper�� �����ϵ��� ���Ǿ���? ����
4308+ �� �����(����ġ �����)���� �� ���α׷��� ������
4309+ �� �ִ�.
4310+ </p>
4311+ </li>
4312+
4313+ <li>
4314+ <strong>������ CGI�� SSI ���α׷��� ������������ ����������
4315+ �����°�?</strong>
4316+
4317+ <p class="indent">
4318+ ������ CGI�� SSI ���α׷��� '/'�� �����ϰų� ������
4319+ '..'�� �����°�? �̵��� ����� �� ����. ������ CGI/SSI
4320+ ���α׷��� suEXEC ���� root (�Ʒ�
4321+ <code>--with-suexec-docroot=<em>DIR</em></code> ����)
4322+ ���� �־�� �Ѵ�.
4323+ </p>
4324+ </li>
4325+
4326+ <li>
4327+ <strong>������ ����ڸ��� ��ȿ�Ѱ�?</strong>
4328+
4329+ <p class="indent">
4330+ ������ ����ڰ� �����ϴ°�?
4331+ </p>
4332+ </li>
4333+
4334+ <li>
4335+ <strong>������ �׷���� ��ȿ�Ѱ�?</strong>
4336+
4337+ <p class="indent">
4338+ ������ �׷��� �����ϴ°�?
4339+ </p>
4340+ </li>
4341+
4342+ <li>
4343+ <strong>������ ����ڰ� superuser�� <em>�ƴѰ�</em>?</strong>
4344+
4345+
4346+ <p class="indent">
4347+ ���� suEXEC�� <code><em>root</em></code>�� CGI/SSI
4348+ ���α׷��� ������ �� ������ �Ѵ�.
4349+ </p>
4350+ </li>
4351+
4352+ <li>
4353+ <strong>������ userid�� �ּ� ID ���ں��� <em>ū��</em>?</strong>
4354+
4355+ <p class="indent">
4356+ �������� �ּ� ����� ID ���ڸ� �����Ѵ�. �׷��� CGI/SSI
4357+ ���α׷��� ������ �� �ִ� userid�� �ּ�ġ�� ������
4358+ �� �ִ�. "�ý��ۿ�" ������ �����Ҷ� �����ϴ�.
4359+ </p>
4360+ </li>
4361+
4362+ <li>
4363+ <strong>������ �׷��� superuser �׷��� <em>�ƴѰ�</em>?</strong>
4364+
4365+ <p class="indent">
4366+ ���� suEXEC�� <code><em>root</em></code> �׷��� CGI/SSI
4367+ ���α׷��� ������ �� ������ �Ѵ�.
4368+ </p>
4369+ </li>
4370+
4371+ <li>
4372+ <strong>������ groupid�� �ּ� ID ���ں��� <em>ū��</em>?</strong>
4373+
4374+ <p class="indent">
4375+ �������� �ּ� �׷� ID ���ڸ� �����Ѵ�. �׷��� CGI/SSI
4376+ ���α׷��� ������ �� �ִ� groupid�� �ּ�ġ�� ������
4377+ �� �ִ�. "�ý��ۿ�" �׷��� �����Ҷ� �����ϴ�.
4378+ </p>
4379+ </li>
4380+
4381+ <li>
4382+ <strong>wrapper�� ���������� ������ ����ڿ� �׷���
4383+ �� �� �ִ°�?</strong>
4384+
4385+ <p class="indent">
4386+ �� �ܰ迡�� ���α׷��� setuid�� setgid ȣ���� �Ͽ�
4387+ ������ ����ڿ� �׷��� �ȴ�. ��, �׷� ���ٸ����
4388+ ����ڰ� �ش�� ��� �׷����� �ʱ�ȭ�ȴ�.
4389+ </p>
4390+ </li>
4391+
4392+ <li>
4393+ <strong>CGI/SSI ���α׷��� �ִ� ���丮�� ���丮��
4394+ ������ �� �ִ°�?</strong>
4395+
4396+ <p class="indent">
4397+ ���丮�� �������� �ʴٸ� ������ ���� �� ����. �̰�����
4398+ ���丮�� ������ �� ���ٸ� ���丮�� �������� ����
4399+ ���̴�.
4400+ </p>
4401+ </li>
4402+
4403+ <li>
4404+ <strong>���丮�� ����ġ ������ �ȿ� �ִ°�?</strong>
4405+
4406+ <p class="indent">
4407+ ������ �Ϲ����� �κ��� ��û�� ��� ��û�ϴ� ���丮��
4408+ suEXEC ���� root �Ʒ� �ִ°�? UserDir�� ��û�� ���
4409+ ��û�ϴ� ���丮�� suEXEC userdir�� ������ (<a href="#install">suEXEC ���� �ɼ�</a> ����) ���丮
4410+ �Ʒ��� �ִ°�?
4411+ </p>
4412+ </li>
4413+
4414+ <li>
4415+ <strong>�ٸ� ������ ���丮�� ��������� <em>���°�</em>?</strong>
4416+
4417+ <p class="indent">
4418+ ���丮�� �ٸ� ������� ����α� �������ʴ´�. ����
4419+ �����ڸ��� ���丮 ������ ������ �� �ִ�.
4420+ </p>
4421+ </li>
4422+
4423+ <li>
4424+ <strong>������ CGI/SSI ���α׷��� �����ϴ°�?</strong>
4425+
4426+ <p class="indent">
4427+ ���������ʴٸ� ������ ���� ����.
4428+ </p>
4429+ </li>
4430+
4431+ <li>
4432+ <strong>�ٸ� ������ ������ CGI/SSI ���α׷��� ���������
4433+ <em>���°�</em>?</strong>
4434+
4435+ <p class="indent">
4436+ �����ڿ� ������ CGI/SSI ���α׷��� �����ϱ� �������ʴ´�.
4437+ </p>
4438+ </li>
4439+
4440+ <li>
4441+ <strong>������ CGI/SSI ���α׷��� setuid�� setgid��
4442+ <em>�ƴѰ�</em>?</strong>
4443+
4444+ <p class="indent">
4445+ �츮�� ���α׷��� �ٽ� UID/GID�� �����ϱ� �������ʴ´�.
4446+ </p>
4447+ </li>
4448+
4449+ <li>
4450+ <strong>������ �����/�׷��� ���α׷��� �����/�׷�� ������?</strong>
4451+
4452+ <p class="indent">
4453+ ����ڰ� ������ �������ΰ�?
4454+ </p>
4455+ </li>
4456+
4457+ <li>
4458+ <strong>������ ������ ���� ���μ����� ȯ�溯���� û����
4459+ �� �ִ°�?</strong>
4460+
4461+ <p class="indent">
4462+ suEXEC�� (�������� ������) ������ ���� PATH�� ���,
4463+ (�̰͵� �������� ����) ������ ȯ�溯�� ��Ͽ� ���ŵ�
4464+ ������ ����� ���μ����� ȯ�溯���� �����.
4465+ </p>
4466+ </li>
4467+
4468+ <li>
4469+ <strong>���������� ������ CGI/SSI ���α׷��� ������
4470+ �� �ִ°�?</strong>
4471+
4472+ <p class="indent">
4473+ ���⼭ suEXEC�� ������ ������ CGI/SSI ���α׷��� �����Ѵ�.
4474+ </p>
4475+ </li>
4476+ </ol>
4477+
4478+ <p>�̰��� suEXEC wrapper ���ȸ��� ǥ�� �����̴�. �ټ�
4479+ �����ϰ� CGI/SSI ���迡 ���ο� ������ ������, ������ ���ο�
4480+ �ΰ� �Ѵܰ辿 ���ɽ����� ���������.</p>
4481+
4482+ <p>�� ���� ���� ���� ������ � ������ �ִ����� ������
4483+ suEXEC �������� � ���� ������ ���� �� �ִ����� ���� ��
4484+ ������ <a href="#jabberwock">"�ٽ� �ѹ� �����϶�"</a> ����
4485+ �����϶�.</p>
4486+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4487+<div class="section">
4488+<h2><a name="install" id="install">suEXEC ������ ��ġ</a></h2>
4489+
4490+ <p>���� ����ִ� ������ �����Ѵ�.</p>
4491+
4492+ <p><strong>suEXEC ���� �ɼ�</strong><br />
4493+ </p>
4494+
4495+ <dl>
4496+ <dt><code>--enable-suexec</code></dt>
4497+
4498+ <dd>�� �ɼ��� �⺻������ ��ġ�ǰų� Ȱ��ȭ�����ʴ� suEXEC
4499+ ����� Ȱ��ȭ�Ѵ�. APACI�� suEXEC�� �޾Ƶ��̷���
4500+ <code>--enable-suexec</code> �ɼǿܿ�
4501+ <code>--with-suexec-xxxxx</code> �ɼ��� �ּ��� �Ѱ�
4502+ �ʿ��ϴ�.</dd>
4503+
4504+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
4505+
4506+ <dd><code>suexec</code> ���̳ʸ� ��δ� ���Ȼ� ������
4507+ ������ ��ϵǾ� �Ѵ�. ��� �⺻���� �����Ϸ��� �� �ɼ���
4508+ ����Ѵ�. <em>���� ���</em>
4509+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
4510+
4511+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
4512+
4513+ <dd>���� ����ġ�� �����ϴ� <a href="mod/mpm_common.html#user">����ڸ�</a>. ���α׷���
4514+ ������ �� �ִ� ������ ����ڴ�.</dd>
4515+
4516+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
4517+
4518+ <dd>suEXEC ������ ���Ǵ� ����� Ȩ���丮�� �������丮��
4519+ �����Ѵ�. �� ���丮�� �ִ� ��� ���������� �������
4520+ suEXEC�� ����Ƿ�, ��� ���α׷��� "�����ؾ�" �Ѵ�. (����
4521+ ���, ���� "*"�� ����) "������" UserDir ���þ ����Ѵٸ�
4522+ ���� ���� �����ؾ� �Ѵ�. UserDir ���þ passwd ���Ͽ�
4523+ ���� ����� Ȩ���丮�� �ٸ��� suEXEC�� ����������
4524+ �۵����� �ʴ´�. �⺻���� "public_html"�̴�.<br />
4525+ ����ȣ��Ʈ���� ���� �ٸ� UserDir�� ����Ѵٸ� ��� ��
4526+ �θ� ���丮 �ȿ� �ֵ��� �����ؾ� �ϰ�, �� �θ� ���丮����
4527+ ���� ���´�. <strong>�̷��� �������� ������, "~userdir"
4528+ cgi ��û�� �۵����� �ʴ´�!</strong></dd>
4529+
4530+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
4531+
4532+ <dd>����ġ�� DocumentRoot�� �����Ѵ�. �̴� suEXEC�� �����
4533+ �� �ִ� (UserDirs�� ������) ������ �����̴�. �⺻ ���丮��
4534+ <code>--datadir</code> ���� "/htdocs"�� ���� ���̴�.
4535+ <em>���� ���</em> "<code>--datadir=/home/apache</code>"��
4536+ �����ߴٸ� suEXEC wrapper�� document root��
4537+ "/home/apache/htdocs" ���丮�� ����Ѵ�.</dd>
4538+
4539+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
4540+
4541+ <dd>suEXEC���� ���������� ������� �ּ� UID�� �����Ѵ�.
4542+ ��κ��� �ý��ۿ��� 500�̳� 100�� �����ϴ�. �⺻����
4543+ 100�̴�.</dd>
4544+
4545+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
4546+
4547+ <dd>suEXEC���� ���������� �׷��� �ּ� GID�� �����Ѵ�.
4548+ ��κ��� �ý��ۿ��� 100�� �����ϹǷ� �� ���� �⺻���̴�.</dd>
4549+
4550+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
4551+
4552+ <dd>��� suEXEC �۵��� ������ (���ó� ����� ������ ������)
4553+ ����� �α����ϸ��� �����Ѵ�. �⺻������ �α������� �̸���
4554+ "suexec_log"�̰� ǥ�� �α����� ���丮��
4555+ (<code>--logfiledir</code>) ��ġ�Ѵ�.</dd>
4556+
4557+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
4558+
4559+ <dd>CGI �������Ͽ� �Ѱ��� ������ PATH ȯ�溯���� �����Ѵ�.
4560+ �⺻���� "/usr/local/bin:/usr/bin:/bin"�̴�.</dd>
4561+ </dl>
4562+
4563+ <p><strong>suEXEC wrapper�� �������ϰ� ��ġ�ϱ�</strong><br />
4564+ <code>--enable-suexec</code> �ɼ����� suEXEC ����� �����ϰ���
4565+ ��� <code>make</code> ��ɾ �����ϸ� <code>suexec</code>
4566+ ���������� (����ġ�� �Բ�) �ڵ����� ���������.<br />
4567+ ������ �������� �� <code>make install</code> ��ɾ
4568+ �����Ͽ� ��ġ�� �� �ִ�. ���̳ʸ����� <code>suexec</code>��
4569+ <code>--sbindir</code> �ɼ����� ������ ���丮�� ��ġ�ȴ�.
4570+ �⺻ ��ġ�� "/usr/local/apache2/sbin/suexec"�̴�.<br />
4571+ ��ġ ������ <strong><em>root ����</em></strong>�� �ʿ�����
4572+ �����϶�. wrapper�� ����� ID�� �����ϱ����ؼ��� �����ڰ�
4573+ <code><em>root</em></code>�̰� ���ϸ��� setuserid �����Ʈ��
4574+ �����Ǿ� �Ѵ�.</p>
4575+
4576+ <p><strong>���������� ���Ѽ���</strong><br />
4577+ suEXEC wrapper�� �ڽ��� ������ ����ڰ� ���� �ɼ�
4578+ <code>--with-suexec-caller</code>�� ������ �ùٸ� ���������
4579+ Ȯ���� ������, �� �˻� ������ suEXEC�� ����ϴ� �ý���ȣ��
4580+ Ȥ�� ���̺귯�� �Լ��� ���۵Ǿ��� �� �ִ�. �̸� ����ϸ�
4581+ �Ϲ������� ���� �����̹Ƿ� ���� ����ġ�� �����ϴ� �׷츸��
4582+ suEXEC�� ������ �� �ֵ��� ���Ͻý��� ������ �����ؾ� �Ѵ�.</p>
4583+
4584+ <p>���� ���, �������� ������ ���� �����ϰ�:</p>
4585+
4586+<div class="example"><p><code>
4587+ User www<br />
4588+ Group webgroup<br />
4589+</code></p></div>
4590+
4591+ <p><code>suexec</code>�� "/usr/local/apache2/sbin/suexec"��
4592+ ��ġ�Ͽ��ٸ�, ������ �����ؾ� �Ѵ�:</p>
4593+
4594+<div class="example"><p><code>
4595+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
4596+ chmod 4750 /usr/local/apache2/bin/suexec<br />
4597+</code></p></div>
4598+
4599+ <p>�׷��� ���� ����ġ�� �����ϴ� �׷츸�� suEXEC wrapper��
4600+ ������ �� �ִ�.</p>
4601+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4602+<div class="section">
4603+<h2><a name="enable" id="enable">suEXEC �� ���</a></h2>
4604+
4605+ <p>����ġ�� �����Ҷ� <code>--sbindir</code> �ɼ����� ������
4606+ ���丮���� <code>suexec</code> ������ (�⺻��
4607+ "/usr/local/apache2/sbin/suexec") ã�´�. ����ġ��
4608+ ���������� ������ suEXEC wrapper�� �߰��ϸ� ���� �α�(error
4609+ log)�� ������ ���� ����Ѵ�:</p>
4610+
4611+<div class="example"><p><code>
4612+ [notice] suEXEC mechanism enabled (wrapper: <em>/path/to/suexec</em>)
4613+</code></p></div>
4614+
4615+ <p>���� �����߿� �̷� ������ ���ٸ� ������ ����� ��ҿ���
4616+ wrapper ���α׷��� ã�� ���߰ų�, ���������� <em>setuid
4617+ root</em>�� ��ġ�����ʾұ� ������ ���̴�.</p>
4618+
4619+ <p>ó������ suEXEC ����� ����ϰ� �Ͱ� �̹� ����ġ ������
4620+ �������̶��, ����ġ�� ���̰� �ٽ� �����ؾ� �Ѵ�. ������
4621+ HUP�̳� USR1 �ñ׳η� ������ϴ� �����δ� ������� �ʴ�. </p>
4622+ <p>suEXEC�� �Ȼ���Ϸ��� <code>suexec</code> ������ ������
4623+ ����ġ�� ���̰� ������ؾ� �Ѵ�. </p>
4624+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4625+<div class="section">
4626+<h2><a name="usage" id="usage">suEXEC ����ϱ�</a></h2>
4627+
4628+ <p>CGI ���α׷� ��û�� ��� <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ���þ
4629+ ����� ����ȣ��Ʈ�� ��û�� �Ͽ��ų� <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>��
4630+ ��û�� ó���ϴ� ��쿡�� suEXEC wrapper�� ȣ���Ѵ�.</p>
4631+
4632+ <p><strong>����ȣ��Ʈ:</strong><br /> suEXEC wrapper��
4633+ ����ϴ� �Ѱ��� ����� <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> ���ǿ� <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ���þ
4634+ ����ϴ� ���̴�. �� ���þ �ּ��� ����� ID�� �ٸ���
4635+ �����ϸ� CGI �ڿ��� ��� ��û�� <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>����
4636+ ������ <em>User</em>�� <em>Group</em>���� ����ȴ�. ��
4637+ ���þ���� <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>�� ������ �ּ���
4638+ userid�� ����Ѵ�.</p>
4639+
4640+ <p><strong>����� ���丮:</strong><br />
4641+ <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>�� ��û�� ó���Ѵٸ� suEXEC
4642+ wrapper�� ȣ���Ͽ�, ��û�� ����� ���丮�� �ش��ϴ� �����
4643+ ID�� CGI ���α׷��� �����Ѵ�. �� ����� �����Ϸ��� �����
4644+ ID�� CGI�� ������ �� �ְ� ��ũ��Ʈ�� ���� <a href="#model">����
4645+ �˻�</a> �׸��� �����ؾ� �Ѵ�. <a href="#install">����
4646+ �ɼ�</a> <code>--with-suexec-userdir</code>�� �����϶�.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4647+<div class="section">
4648+<h2><a name="debug" id="debug">suEXEC ������ϱ�</a></h2>
4649+
4650+ <p>suEXEC wrapper�� �α� ������ ������ �ٷ�
4651+ <code>--with-suexec-logfile</code> �ɼ����� ������ ���Ͽ�
4652+ ����. wrapper�� �ùٷ� �����ϰ� ��ġ�ߴٸ� ��� �߸��Ǿ�����
4653+ �� �α����Ͽ� ������ error_log�� �������.</p>
4654+
4655+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4656+<div class="section">
4657+<h2><a name="jabberwock" id="jabberwock">�ٽ� �ѹ� �����϶�: ���� ����</a></h2>
4658+
4659+ <p><strong>����!</strong> �� ������ �������� ���� �� �ִ�.
4660+ ����ġ�׷��� <a href="http://httpd.apache.org/docs/2.4/suexec.html">�¶���
4661+ ����</a>���� �� ������ �ֽ����� �����϶�.</p>
4662+
4663+ <p>wrapper�� ���� ������ �����ϴ� ��� ��̷ο� ���� �ִ�.
4664+ suEXEC�� ���õ� "����"�� �����ϱ� ���� �̵��� ���캸�� �ٶ���.</p>
4665+
4666+ <ul>
4667+ <li><strong>suEXEC ���� ����</strong></li>
4668+
4669+ <li>
4670+ ���丮 ���� ����
4671+
4672+ <p class="indent">
4673+ ���Ȱ� ȿ������ ���� ��� suEXEC ��û�� ����ȣ��Ʈ��
4674+ ��� �ֻ��� document root Ȥ�� userdir ��û�� ���
4675+ �ֻ��� ���� document root �ȿ��� �߻��ؾ� �Ѵ�. ����
4676+ ���, ����ȣ��Ʈ �װ��� �����ߴٸ� ����ȣ��Ʈ����
4677+ suEXEC�� �̿��ϱ����� ����ȣ��Ʈ�� document root��
4678+ �� ����ġ ���� �������� �ۿ� ������ �ʿ䰡 �ִ�.
4679+ (������ ������.)
4680+ </p>
4681+ </li>
4682+
4683+ <li>
4684+ suEXEC�� PATH ȯ�溯��
4685+
4686+ <p class="indent">
4687+ �����ϸ� ������ �� �ִ�. ���⿡ �����ϴ� ��� ��ΰ�
4688+ <strong>���� �� �ִ�</strong> ���丮���� Ȯ���϶�.
4689+ �� �������� �������� �װ��� �ִ� Ʈ���̸񸶸� �����ϱ�
4690+ ������ ���� ���̴�.
4691+ </p>
4692+ </li>
4693+
4694+ <li>
4695+ suEXEC �ڵ� �����ϱ�
4696+
4697+ <p class="indent">
4698+ �ݺ��ؼ� ��������, ����� ������ �ϴ��� �𸣰� �õ��Ѵٸ�
4699+ <strong>ū ����</strong>�� �߻��� �� �ִ�. � ��쿡��
4700+ ������������.
4701+ </p>
4702+ </li>
4703+ </ul>
4704+
4705+</div></div>
4706+<div class="bottomlang">
4707+<p><span>������ ���: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4708+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran&#231;ais">&nbsp;fr&nbsp;</a> |
4709+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4710+<a href="./ko/suexec.html" title="Korean">&nbsp;ko&nbsp;</a> |
4711+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
4712+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
4713+<script type="text/javascript"><!--//--><![CDATA[//><!--
4714+var comments_shortname = 'httpd';
4715+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
4716+(function(w, d) {
4717+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
4718+ d.write('<div id="comments_thread"><\/div>');
4719+ var s = d.createElement('script');
4720+ s.type = 'text/javascript';
4721+ s.async = true;
4722+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
4723+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
4724+ }
4725+ else {
4726+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
4727+ }
4728+})(window, document);
4729+//--><!]]></script></div><div id="footer">
4730+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
4731+<p class="menu"><a href="./mod/">���</a> | <a href="./mod/directives.html">���þ��</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">���</a> | <a href="./sitemap.html">����Ʈ��</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
4732+if (typeof(prettyPrint) !== 'undefined') {
4733+ prettyPrint();
4734+}
4735+//--><!]]></script>
4736+</body></html>
4737\ No newline at end of file
4738diff --git a/docs/manual/suexec.html.tr.utf8 b/docs/manual/suexec.html.tr.utf8
4739new file mode 100644
4740index 0000000..bed106c
4741--- /dev/null
4742+++ b/docs/manual/suexec.html.tr.utf8
4743@@ -0,0 +1,583 @@
4744+<?xml version="1.0" encoding="UTF-8"?>
4745+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4746+<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head>
4747+<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
4748+<!--
4749+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4750+ This file is generated from xml source: DO NOT EDIT
4751+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4752+ -->
4753+<title>SuEXEC Desteği - Apache HTTP Sunucusu Sürüm 2.4</title>
4754+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
4755+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
4756+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
4757+<script src="./style/scripts/prettify.min.js" type="text/javascript">
4758+</script>
4759+
4760+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
4761+<body id="manual-page"><div id="page-header">
4762+<p class="menu"><a href="./mod/">Modüller</a> | <a href="./mod/directives.html">Yönergeler</a> | <a href="http://wiki.apache.org/httpd/FAQ">SSS</a> | <a href="./glossary.html">Terimler</a> | <a href="./sitemap.html">Site Haritası</a></p>
4763+<p class="apache">Apache HTTP Sunucusu Sürüm 2.4</p>
4764+<img alt="" src="./images/feather.png" /></div>
4765+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
4766+<div id="path">
4767+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Sunucusu</a> &gt; <a href="http://httpd.apache.org/docs/">Belgeleme</a> &gt; <a href="./">Sürüm 2.4</a></div><div id="page-content"><div id="preamble"><h1>SuEXEC Desteği</h1>
4768+<div class="toplang">
4769+<p><span>Mevcut Diller: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4770+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
4771+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4772+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
4773+<a href="./tr/suexec.html" title="Türkçe">&nbsp;tr&nbsp;</a></p>
4774+</div>
4775+
4776+ <p><strong>SuEXEC</strong> özelliği, Apache HTTP Sunucusu kullanıcılarına
4777+ <strong>CGI</strong> ve <strong>SSI</strong> programlarını sunucunun
4778+ aidiyetinde çalıştığı kullanıcıdan farklı bir kullanıcının aidiyetinde
4779+ çalıştırma olanağı verir. Normalde, <strong>CGI</strong> ve
4780+ <strong>SSI</strong> programlarını çalıştıranla sunucuyu çalıştıran
4781+ aynı kullanıcıdır.</p>
4782+
4783+ <p>Gerektiği gibi kullanıldığında bu özellik, kullanıcılara
4784+ <strong>CGI</strong> ve <strong>SSI</strong> programlarını çalıştırma
4785+ ve geliştirmeye izin vermekle ortaya çıkan güvenlik risklerini azaltır.
4786+ Bununla birlikte, <strong>suEXEC</strong> gerektiği gibi
4787+ yapılandırılmadığı takdirde bazı sorunlara yol açabilir ve bilgisayar
4788+ güvenliğinizde yeni delikler ortaya çıkmasına sebep olabilir.
4789+ Güvenlikle ilgili mevcut sorunlarla başa çıkmada ve <em>setuid
4790+ root</em> programları yönetmekte bilgi ve deneyim sahibi değilseniz
4791+ <strong>suEXEC</strong> kullanmayı kesinlikle düşünmemenizi
4792+ öneririz.</p>
4793+ </div>
4794+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Başlamadan önce</a></li>
4795+<li><img alt="" src="./images/down.gif" /> <a href="#model">SuEXEC Güvenlik Modeli</a></li>
4796+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC’in Yapılandırılması ve Kurulumu</a></li>
4797+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC’in etkin kılınması ve iptal edilmesi</a></li>
4798+<li><img alt="" src="./images/down.gif" /> <a href="#usage">SuEXEC’in kullanımı</a></li>
4799+<li><img alt="" src="./images/down.gif" /> <a href="#debug">SuEXEC ve hata ayıklama</a></li>
4800+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Uyarılar ve Örnekler</a></li>
4801+</ul><h3>Ayrıca bakınız:</h3><ul class="seealso"><li><a href="#comments_section">Yorum</a></li></ul></div>
4802+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4803+<div class="section">
4804+<h2><a name="before" id="before">Başlamadan önce</a></h2>
4805+
4806+ <p>Belgeye balıklama dalmadan önce, suexec'i kullanacağınız ortam ve
4807+ kendiniz hakkında yapılmış çeşitli kabuller hakkında bilgi sahibi
4808+ olmalısınız.</p>
4809+
4810+ <p>Öncelikle, üzerinde <strong>setuid</strong> va <strong>setgid</strong>
4811+ işlemlerinin yapılabildiği Unix türevi bir işletim sistemi
4812+ kullandığınızı varsayıyoruz. Tüm komut örnekleri buna dayanarak
4813+ verilmiştir. Bu desteğe sahip başka platformlar varsa onlardaki
4814+ yapılandırma burada anlattığımız yapılandırmadan farklı olabilir.</p>
4815+
4816+ <p>İkinci olarak, bilgisayarınızın güvenliği ve yönetimi ile ilgili bazı
4817+ temel kavramları bildiğinizi kabul ediyoruz. Buna
4818+ <strong>setuid/setgid</strong> işlemlerinin sisteminiz ve güvenlik
4819+ seviyesi üzerindeki etkilerini bilmek dahildir.</p>
4820+
4821+ <p>Üçüncü olarak, <strong>suEXEC</strong> kodunun
4822+ <strong>değiştirilmemiş</strong> bir sürümünü kullandığınızı
4823+ varsayıyoruz. Tüm suEXEC kodu, geliştiricilerin yanında sayısız beta
4824+ kullanıcısı tarafından dikkatle incelenmiş ve denenmiştir. Kodların hem
4825+ basit hem de sağlam bir şekilde güvenli olması için gerekli tüm
4826+ önlemler alınmıştır. Bu kodun değiştirilmesi beklenmedik sorunlara ve
4827+ yeni güvenlik risklerine yol açabilir. Özellikle güvenlikle ilgili
4828+ programlarda deneyimli değilseniz suEXEC kodunda kesinlikle bir
4829+ değişiklik yapmamalısınız. Değişiklik yaparsanız kodlarınızı gözden
4830+ geçirmek ve tartışmak üzere Apache HTTP Sunucusu geliştirme ekibi ile
4831+ paylaşmanızı öneririz.</p>
4832+
4833+ <p>Dördüncü ve son olarak, Apache HTTP Sunucusu geliştirme ekibinin
4834+ suEXEC’i öntanımlı httpd kurulumunun bir parçası yapmama kararından
4835+ bahsetmek gerekir. Bunun sonucu olarak, suEXEC yapılandırması sistem
4836+ yöneticisinin ayrıntılı bir incelemesini gerektirir. Gerekli incelemeden
4837+ sonra yönetici tarafından suEXEC yapılandırma seçeneklerine karar
4838+ verilip, normal yollardan sisteme kurulumu yapılır. Bu seçeneklerin
4839+ belirlenmesi, suEXEC işlevselliğinin kullanımı sırasında sistem
4840+ güvenliğini gerektiği gibi sağlamak için yönetici tarafından dikkatle
4841+ saptanmayı gerektirir. Bu sürecin ayrıntılarının yöneticiye bırakılma
4842+ sebebi, suEXEC kurulumunu, suEXEC’i dikkatle kullanacak yeterliliğe sahip
4843+ olanlarla sınırlama beklentimizdir.</p>
4844+
4845+ <p>Hala bizimle misiniz? Evet mi? Pekala, o halde devam!</p>
4846+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4847+<div class="section">
4848+<h2><a name="model" id="model">SuEXEC Güvenlik Modeli</a></h2>
4849+
4850+ <p>SuEXEC yapılandırması ve kurulumuna girişmeden önce biraz da
4851+ gerçekleşmesini istediğiniz güvenlik modelinin ayrıntıları üzerinde
4852+ duralım. Böylece, suEXEC’in içinde olup bitenleri ve sisteminizin
4853+ güvenliği için alınacak önlemleri daha iyi anlayabilirsiniz.</p>
4854+
4855+ <p><strong>suEXEC</strong> işlevselliği, Apache HTTP Sunucusu tarafından
4856+ gerektiği takdirde artalanda çalıştırılan bir setuid programa dayanır.
4857+ Bu program, bir CGI veya SSI betiğine bir HTTP isteği yapıldığı zaman,
4858+ bu betiği, yöneticinin ana sunucunun aidiyetinde çalıştığı kullanıcıdan
4859+ farklı olarak seçtiği bir kullanıcının aidiyetinde çalıştırmak için
4860+ çağrılır. Böyle bir istek geldiğinde, Apache httpd artalandaki setuid
4861+ programına, HTTP isteği yapılan programın ismiyle beraber aidiyetinde
4862+ çalışacağı kullanıcı ve grup kimliklerini de aktarır.</p>
4863+
4864+ <p>Artalanda çalıştırılan setuid program başarıyı ve başarısızlığı
4865+ aşağıdaki süreci izleyerek saptar. Bunlardan herhangi biri başarısız
4866+ olursa program başarısızlık durumunu günlüğe kaydeder ve bir hata
4867+ vererek çıkar. Aksi takdirde çalışmaya devam eder.</p>
4868+
4869+ <ol>
4870+ <li>
4871+ <strong>Setuid programı çalıştıran kullanıcı sistemin geçerli
4872+ kullanıcılarından biri mi?</strong>
4873+
4874+ <p class="indent">Bu, setuid programı çalıştıran kullanıcının
4875+ sistemin gerçek bir kullanıcısı olduğunudan emin olunmasını sağlar.
4876+ </p>
4877+ </li>
4878+
4879+ <li>
4880+ <strong>Setuid program yeterli sayıda argümanla çağrılmış mı?
4881+ </strong>
4882+
4883+ <p class="indent">Apache HTTP Sunucusunun artalanda çağırdığı
4884+ setuid program ancak yeterli sayıda argüman sağlandığı takdirde
4885+ çalışacaktır. Argümanların sayısını ve sırasını Apache HTTP sunucusu
4886+ bilir. Eğer setuid program yeterli sayıda argümanla çağrılmamışsa
4887+ ya kendisinde bir değişiklik yapılmıştır ya da kurulu Apache httpd
4888+ çalıştırılabilirinin suEXEC ile ilgili kısmında yanlış giden bir
4889+ şeyler vardır.</p>
4890+ </li>
4891+
4892+ <li>
4893+ <strong>Bu geçerli kullanıcının bu setuid programı çalıştırma
4894+ yetkisi var mı?</strong>
4895+
4896+ <p class="indent">Sadece tek bir kullanıcı (Apache’nin aidiyetinde
4897+ çalıştığı kullanıcı) bu programı çalıştırmaya yetkilidir.</p>
4898+ </li>
4899+
4900+ <li>
4901+ <strong>Hedef CGI veya SSI programı hiyerarşik olarak güvenliği
4902+ bozacak bir dosya yolu üzerinde mi?</strong>
4903+
4904+ <p class="indent">Hedef CGI veya SSI programının dosya yolu '/' veya
4905+ '..' ile başlıyor mu? Buna izin verilmez. Hedef CGI veya SSI
4906+ programı suEXEC’in belge kök dizininde yer almalıdır (aşağıda
4907+ <code>--with-suexec-docroot=<em>DİZİN</em></code> seçeneğine
4908+ bakınız).</p>
4909+ </li>
4910+
4911+ <li>
4912+ <strong>Hedef kullanıcı ismi geçerli mi?</strong>
4913+
4914+ <p class="indent">Hedef kullanıcı mevcut mu?</p>
4915+ </li>
4916+
4917+ <li>
4918+ <strong>Hedef grup ismi geçerli mi?</strong>
4919+
4920+ <p class="indent">Hedef grup mevcut mu?</p>
4921+ </li>
4922+
4923+ <li>
4924+ <strong>Hedef kullanıcı <code>root</code> değil, değil mi?</strong>
4925+
4926+ <p class="indent">Mevcut durumda, <code>root</code> kullanıcısının
4927+ CGI/SSI programlarını çalıştırmasına izin verilmemektedir.</p>
4928+ </li>
4929+
4930+ <li>
4931+ <strong>Hedef kullanıcı kimliği asgari kullanıcı numarasından
4932+ <em>BÜYÜK</em> mü?</strong>
4933+
4934+ <p class="indent">Asgari kullanıcı numarası yapılandırma sırasında
4935+ belirtilir. Böylece CGI/SSI programlarını çalıştırmasına izin
4936+ verilecek olası en düşük kullanıcı numarasını belirlemeniz mümkün
4937+ kılınmıştır. Bu bazı “sistem” hesaplarını devreden çıkarmak için
4938+ yararlıdır.</p>
4939+ </li>
4940+
4941+ <li>
4942+ <strong>Hedef grup <code>root</code> değil, değil mi?</strong>
4943+
4944+ <p class="indent"><code>root</code> grubunun CGI/SSI
4945+ programlarını çalıştırmasına izin verilmemektedir.</p>
4946+ </li>
4947+
4948+ <li>
4949+ <strong>Hedef grup numarası asgari grup numarasından
4950+ <em>BÜYÜK</em> mü?</strong>
4951+
4952+ <p class="indent">Asgari grup numarası yapılandırma sırasında
4953+ belirtilir. Böylece CGI/SSI programlarını çalıştırmasına izin
4954+ verilecek olası en düşük grup numarasını belirlemeniz mümkün
4955+ kılınmıştır. Bu bazı “sistem” hesaplarını devreden çıkarmak için
4956+ yararlıdır.</p>
4957+ </li>
4958+
4959+ <li>
4960+ <strong>Apache’nin artalanda çağırdığı setuid program hedef
4961+ kullanıcı ve grubun aidiyetine geçebildi mi?</strong>
4962+
4963+ <p class="indent">Bu noktadan itibaren program setuid ve setgid
4964+ çağrıları üzerinden hedef kullanıcı ve grubun aidiyetine geçer.
4965+ Erişim grubu listesi de ayrıca kullanıcının üyesi olduğu tüm
4966+ gruplara genişletilir.</p>
4967+ </li>
4968+
4969+ <li>
4970+ <strong>Hedef CGI/SSI programının bulunduğu dizine geçebildik mi?
4971+ </strong>
4972+
4973+ <p class="indent">Dizin mevcut değilse dosyaları da içeremez. Hedef
4974+ dizine geçemiyorsak bu, dizin mevcut olmadığından olabilir.</p>
4975+ </li>
4976+
4977+ <li>
4978+ <strong>Hedef dizin Apache için izin verilen yerlerden biri mi?
4979+ </strong>
4980+
4981+ <p class="indent">İstek sunucunun normal bir bölümü için yapılmış
4982+ olsa da istenen dizin acaba suEXEC’in belge kök dizini altında mı?
4983+ Yani, istenen dizin, suEXEC’in aidiyetinde çalıştığı kullanıcının
4984+ ev dizini altında bulunan, <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> ile belirtilen dizinin altında mı? (<a href="#install">suEXEC’in yapılandırma seçeneklerine</a>
4985+ bakınız).</p>
4986+ </li>
4987+
4988+ <li>
4989+ <strong>Hedef dizin başkaları tarafından yazılabilen bir dizin değil,
4990+ değil mi?</strong>
4991+
4992+ <p class="indent">Başkaları da yazabilsin diye bir dizin açmıyoruz;
4993+ dizin içeriğini sadece sahibi değiştirebilmelidir.</p>
4994+ </li>
4995+
4996+ <li>
4997+ <strong>Hedef CGI/SSI programı mevcut mu?</strong>
4998+
4999+ <p class="indent">Mevcut değilse çalıştırılamaz.</p>
5000+ </li>
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches