Merge ~ahasenack/ubuntu/+source/apache2:bionic-apache2-a2query-typo-1782806 into ubuntu/+source/apache2:ubuntu/bionic-devel

Proposed by Andreas Hasenack on 2018-10-11
Status: Merged
Approved by: Christian Ehrhardt  on 2018-10-15
Approved revision: 26af3ae85f1ab7210e8a8afde4f5cbcbc914b541
Merge reported by: Christian Ehrhardt 
Merged at revision: 26af3ae85f1ab7210e8a8afde4f5cbcbc914b541
Proposed branch: ~ahasenack/ubuntu/+source/apache2:bionic-apache2-a2query-typo-1782806
Merge into: ubuntu/+source/apache2:ubuntu/bionic-devel
Diff against target: 422359 lines (+414075/-1)
1364 files modified
debian/changelog (+7/-0)
debian/debhelper/apache2-maintscript-helper (+1/-1)
docs/manual/style/latex/atbeginend.sty (+80/-0)
docs/manual/style/manualpage.dtd (+29/-0)
docs/manual/style/modulesynopsis.dtd (+85/-0)
docs/manual/style/scripts/MINIFY (+5/-0)
docs/manual/style/scripts/prettify.js (+1622/-0)
docs/manual/style/scripts/prettify.min.js (+123/-0)
docs/manual/style/sitemap.dtd (+42/-0)
docs/manual/style/version.ent (+24/-0)
docs/manual/suexec.html (+21/-0)
docs/manual/suexec.html.en (+643/-0)
docs/manual/suexec.html.fr (+689/-0)
docs/manual/suexec.html.ja.utf8 (+643/-0)
docs/manual/suexec.html.ko.euc-kr (+564/-0)
docs/manual/suexec.html.tr.utf8 (+583/-0)
docs/manual/upgrading.html (+9/-0)
docs/manual/upgrading.html.en (+530/-0)
docs/manual/upgrading.html.fr (+589/-0)
docs/manual/urlmapping.html (+21/-0)
docs/manual/urlmapping.html.en (+379/-0)
docs/manual/urlmapping.html.fr (+402/-0)
docs/manual/urlmapping.html.ja.utf8 (+318/-0)
docs/manual/urlmapping.html.ko.euc-kr (+277/-0)
docs/manual/urlmapping.html.tr.utf8 (+365/-0)
docs/manual/vhosts/details.html (+17/-0)
docs/manual/vhosts/details.html.en (+348/-0)
docs/manual/vhosts/details.html.fr (+369/-0)
docs/manual/vhosts/details.html.ko.euc-kr (+412/-0)
docs/manual/vhosts/details.html.tr.utf8 (+319/-0)
docs/manual/vhosts/examples.html (+21/-0)
docs/manual/vhosts/examples.html.en (+566/-0)
docs/manual/vhosts/examples.html.fr (+586/-0)
docs/manual/vhosts/examples.html.ja.utf8 (+680/-0)
docs/manual/vhosts/examples.html.ko.euc-kr (+657/-0)
docs/manual/vhosts/examples.html.tr.utf8 (+562/-0)
docs/manual/vhosts/fd-limits.html (+21/-0)
docs/manual/vhosts/fd-limits.html.en (+155/-0)
docs/manual/vhosts/fd-limits.html.fr (+167/-0)
docs/manual/vhosts/fd-limits.html.ja.utf8 (+157/-0)
docs/manual/vhosts/fd-limits.html.ko.euc-kr (+152/-0)
docs/manual/vhosts/fd-limits.html.tr.utf8 (+150/-0)
docs/manual/vhosts/index.html (+29/-0)
docs/manual/vhosts/index.html.de (+124/-0)
docs/manual/vhosts/index.html.en (+126/-0)
docs/manual/vhosts/index.html.fr (+127/-0)
docs/manual/vhosts/index.html.ja.utf8 (+120/-0)
docs/manual/vhosts/index.html.ko.euc-kr (+119/-0)
docs/manual/vhosts/index.html.tr.utf8 (+123/-0)
docs/manual/vhosts/index.html.zh-cn.utf8 (+105/-0)
docs/manual/vhosts/ip-based.html (+21/-0)
docs/manual/vhosts/ip-based.html.en (+210/-0)
docs/manual/vhosts/ip-based.html.fr (+213/-0)
docs/manual/vhosts/ip-based.html.ja.utf8 (+190/-0)
docs/manual/vhosts/ip-based.html.ko.euc-kr (+180/-0)
docs/manual/vhosts/ip-based.html.tr.utf8 (+211/-0)
docs/manual/vhosts/mass.html (+17/-0)
docs/manual/vhosts/mass.html.en (+337/-0)
docs/manual/vhosts/mass.html.fr (+352/-0)
docs/manual/vhosts/mass.html.ko.euc-kr (+453/-0)
docs/manual/vhosts/mass.html.tr.utf8 (+324/-0)
docs/manual/vhosts/name-based.html (+25/-0)
docs/manual/vhosts/name-based.html.de (+299/-0)
docs/manual/vhosts/name-based.html.en (+224/-0)
docs/manual/vhosts/name-based.html.fr (+267/-0)
docs/manual/vhosts/name-based.html.ja.utf8 (+303/-0)
docs/manual/vhosts/name-based.html.ko.euc-kr (+266/-0)
docs/manual/vhosts/name-based.html.tr.utf8 (+238/-0)
docs/server-status/README.md (+40/-0)
docs/server-status/server-status.lua (+1901/-0)
emacs-style (+12/-0)
httpd.dep (+68/-0)
httpd.dsp (+111/-0)
httpd.mak (+344/-0)
httpd.spec (+506/-0)
include/.indent.pro (+54/-0)
include/ap_compat.h (+30/-0)
include/ap_config.h (+206/-0)
include/ap_config_auto.h.in (+298/-0)
include/ap_config_layout.h.in (+64/-0)
include/ap_expr.h (+353/-0)
include/ap_hooks.h (+162/-0)
include/ap_listen.h (+163/-0)
include/ap_mmn.h (+538/-0)
include/ap_mpm.h (+235/-0)
include/ap_provider.h (+100/-0)
include/ap_regex.h (+248/-0)
include/ap_regkey.h (+219/-0)
include/ap_release.h (+83/-0)
include/ap_slotmem.h (+199/-0)
include/ap_socache.h (+230/-0)
include/apache_noprobes.h (+344/-0)
include/heartbeat.h (+60/-0)
include/http_config.h (+1379/-0)
include/http_connection.h (+168/-0)
include/http_core.h (+1049/-0)
include/http_log.h (+836/-0)
include/http_main.h (+88/-0)
include/http_protocol.h (+1021/-0)
include/http_request.h (+630/-0)
include/http_vhost.h (+119/-0)
include/httpd.h (+2403/-0)
include/mod_auth.h (+141/-0)
include/mod_core.h (+103/-0)
include/mod_request.h (+64/-0)
include/mpm_common.h (+470/-0)
include/scoreboard.h (+244/-0)
include/util_cfgtree.h (+98/-0)
include/util_charset.h (+72/-0)
include/util_cookies.h (+146/-0)
include/util_ebcdic.h (+92/-0)
include/util_fcgi.h (+280/-0)
include/util_filter.h (+639/-0)
include/util_ldap.h (+398/-0)
include/util_md5.h (+72/-0)
include/util_mutex.h (+223/-0)
include/util_script.h (+233/-0)
include/util_time.h (+117/-0)
include/util_varbuf.h (+197/-0)
include/util_xml.h (+51/-0)
libhttpd.dep (+2421/-0)
libhttpd.dsp (+842/-0)
libhttpd.mak (+1354/-0)
modules/Makefile.in (+6/-0)
modules/NWGNUmakefile (+121/-0)
modules/README (+67/-0)
modules/aaa/.indent.pro (+54/-0)
modules/aaa/Makefile.in (+3/-0)
modules/aaa/NWGNUaccesscompat (+248/-0)
modules/aaa/NWGNUallowmethods (+248/-0)
modules/aaa/NWGNUauthbasc (+248/-0)
modules/aaa/NWGNUauthdigt (+248/-0)
modules/aaa/NWGNUauthform (+250/-0)
modules/aaa/NWGNUauthnano (+248/-0)
modules/aaa/NWGNUauthndbd (+249/-0)
modules/aaa/NWGNUauthndbm (+248/-0)
modules/aaa/NWGNUauthnfil (+248/-0)
modules/aaa/NWGNUauthnsocache (+248/-0)
modules/aaa/NWGNUauthnzldap (+264/-0)
modules/aaa/NWGNUauthzdbd (+249/-0)
modules/aaa/NWGNUauthzdbm (+248/-0)
modules/aaa/NWGNUauthzgrp (+247/-0)
modules/aaa/NWGNUauthzusr (+247/-0)
modules/aaa/NWGNUmakefile (+270/-0)
modules/aaa/config.m4 (+84/-0)
modules/aaa/mod_access_compat.c (+374/-0)
modules/aaa/mod_access_compat.dep (+59/-0)
modules/aaa/mod_access_compat.dsp (+111/-0)
modules/aaa/mod_access_compat.mak (+353/-0)
modules/aaa/mod_allowmethods.c (+158/-0)
modules/aaa/mod_allowmethods.dep (+56/-0)
modules/aaa/mod_allowmethods.dsp (+111/-0)
modules/aaa/mod_allowmethods.mak (+353/-0)
modules/aaa/mod_auth_basic.c (+512/-0)
modules/aaa/mod_auth_basic.dep (+63/-0)
modules/aaa/mod_auth_basic.dsp (+111/-0)
modules/aaa/mod_auth_basic.mak (+353/-0)
modules/aaa/mod_auth_digest.c (+2115/-0)
modules/aaa/mod_auth_digest.dep (+68/-0)
modules/aaa/mod_auth_digest.dsp (+111/-0)
modules/aaa/mod_auth_digest.mak (+353/-0)
modules/aaa/mod_auth_form.c (+1333/-0)
modules/aaa/mod_auth_form.dep (+66/-0)
modules/aaa/mod_auth_form.dsp (+111/-0)
modules/aaa/mod_auth_form.mak (+353/-0)
modules/aaa/mod_authn_anon.c (+215/-0)
modules/aaa/mod_authn_anon.dep (+58/-0)
modules/aaa/mod_authn_anon.dsp (+111/-0)
modules/aaa/mod_authn_anon.mak (+381/-0)
modules/aaa/mod_authn_core.c (+386/-0)
modules/aaa/mod_authn_core.dep (+58/-0)
modules/aaa/mod_authn_core.dsp (+111/-0)
modules/aaa/mod_authn_core.mak (+381/-0)
modules/aaa/mod_authn_dbd.c (+309/-0)
modules/aaa/mod_authn_dbd.dep (+56/-0)
modules/aaa/mod_authn_dbd.dsp (+115/-0)
modules/aaa/mod_authn_dbd.mak (+409/-0)
modules/aaa/mod_authn_dbm.c (+208/-0)
modules/aaa/mod_authn_dbm.dep (+61/-0)
modules/aaa/mod_authn_dbm.dsp (+111/-0)
modules/aaa/mod_authn_dbm.mak (+381/-0)
modules/aaa/mod_authn_file.c (+194/-0)
modules/aaa/mod_authn_file.dep (+60/-0)
modules/aaa/mod_authn_file.dsp (+111/-0)
modules/aaa/mod_authn_file.mak (+381/-0)
modules/aaa/mod_authn_socache.c (+475/-0)
modules/aaa/mod_authn_socache.dep (+62/-0)
modules/aaa/mod_authn_socache.dsp (+111/-0)
modules/aaa/mod_authn_socache.mak (+353/-0)
modules/aaa/mod_authnz_fcgi.c (+1363/-0)
modules/aaa/mod_authnz_fcgi.dep (+61/-0)
modules/aaa/mod_authnz_fcgi.dsp (+119/-0)
modules/aaa/mod_authnz_fcgi.mak (+353/-0)
modules/aaa/mod_authnz_ldap.c (+1958/-0)
modules/aaa/mod_authnz_ldap.dep (+70/-0)
modules/aaa/mod_authnz_ldap.dsp (+111/-0)
modules/aaa/mod_authnz_ldap.mak (+381/-0)
modules/aaa/mod_authz_core.c (+1164/-0)
modules/aaa/mod_authz_core.dep (+60/-0)
modules/aaa/mod_authz_core.dsp (+111/-0)
modules/aaa/mod_authz_core.mak (+381/-0)
modules/aaa/mod_authz_dbd.c (+409/-0)
modules/aaa/mod_authz_dbd.dep (+61/-0)
modules/aaa/mod_authz_dbd.dsp (+119/-0)
modules/aaa/mod_authz_dbd.h (+44/-0)
modules/aaa/mod_authz_dbd.mak (+409/-0)
modules/aaa/mod_authz_dbm.c (+336/-0)
modules/aaa/mod_authz_dbm.dep (+62/-0)
modules/aaa/mod_authz_dbm.dsp (+111/-0)
modules/aaa/mod_authz_dbm.mak (+381/-0)
modules/aaa/mod_authz_groupfile.c (+331/-0)
modules/aaa/mod_authz_groupfile.dep (+61/-0)
modules/aaa/mod_authz_groupfile.dsp (+111/-0)
modules/aaa/mod_authz_groupfile.mak (+381/-0)
modules/aaa/mod_authz_host.c (+389/-0)
modules/aaa/mod_authz_host.dep (+60/-0)
modules/aaa/mod_authz_host.dsp (+111/-0)
modules/aaa/mod_authz_host.mak (+381/-0)
modules/aaa/mod_authz_owner.c (+189/-0)
modules/aaa/mod_authz_owner.dep (+59/-0)
modules/aaa/mod_authz_owner.dsp (+111/-0)
modules/aaa/mod_authz_owner.h (+27/-0)
modules/aaa/mod_authz_owner.mak (+381/-0)
modules/aaa/mod_authz_user.c (+146/-0)
modules/aaa/mod_authz_user.dep (+58/-0)
modules/aaa/mod_authz_user.dsp (+111/-0)
modules/aaa/mod_authz_user.mak (+381/-0)
modules/arch/netware/libprews.c (+79/-0)
modules/arch/netware/mod_netware.c (+206/-0)
modules/arch/netware/mod_nw_ssl.c (+1285/-0)
modules/arch/unix/Makefile.in (+3/-0)
modules/arch/unix/config5.m4 (+24/-0)
modules/arch/unix/mod_privileges.c (+588/-0)
modules/arch/unix/mod_unixd.c (+426/-0)
modules/arch/unix/mod_unixd.h (+41/-0)
modules/arch/win32/Makefile.in (+3/-0)
modules/arch/win32/config.m4 (+9/-0)
modules/arch/win32/mod_isapi.c (+1727/-0)
modules/arch/win32/mod_isapi.dep (+61/-0)
modules/arch/win32/mod_isapi.dsp (+115/-0)
modules/arch/win32/mod_isapi.h (+271/-0)
modules/arch/win32/mod_isapi.mak (+353/-0)
modules/arch/win32/mod_win32.c (+563/-0)
modules/cache/.indent.pro (+54/-0)
modules/cache/Makefile.in (+3/-0)
modules/cache/NWGNUcach_dsk (+262/-0)
modules/cache/NWGNUcach_socache (+263/-0)
modules/cache/NWGNUmakefile (+250/-0)
modules/cache/NWGNUmod_cach (+265/-0)
modules/cache/NWGNUsocachdbm (+261/-0)
modules/cache/NWGNUsocachmem (+261/-0)
modules/cache/NWGNUsocachshmcb (+261/-0)
modules/cache/cache_common.h (+56/-0)
modules/cache/cache_disk_common.h (+68/-0)
modules/cache/cache_socache_common.h (+57/-0)
modules/cache/cache_storage.c (+791/-0)
modules/cache/cache_storage.h (+76/-0)
modules/cache/cache_util.c (+1344/-0)
modules/cache/cache_util.h (+341/-0)
modules/cache/config.m4 (+142/-0)
modules/cache/mod_cache.c (+2717/-0)
modules/cache/mod_cache.dep (+194/-0)
modules/cache/mod_cache.dsp (+131/-0)
modules/cache/mod_cache.h (+192/-0)
modules/cache/mod_cache.mak (+370/-0)
modules/cache/mod_cache_disk.c (+1584/-0)
modules/cache/mod_cache_disk.dep (+59/-0)
modules/cache/mod_cache_disk.dsp (+115/-0)
modules/cache/mod_cache_disk.h (+91/-0)
modules/cache/mod_cache_disk.mak (+381/-0)
modules/cache/mod_cache_socache.c (+1542/-0)
modules/cache/mod_cache_socache.dep (+67/-0)
modules/cache/mod_cache_socache.dsp (+115/-0)
modules/cache/mod_cache_socache.mak (+381/-0)
modules/cache/mod_file_cache.c (+414/-0)
modules/cache/mod_file_cache.dep (+56/-0)
modules/cache/mod_file_cache.dsp (+111/-0)
modules/cache/mod_file_cache.exp (+1/-0)
modules/cache/mod_file_cache.mak (+353/-0)
modules/cache/mod_socache_dbm.c (+595/-0)
modules/cache/mod_socache_dbm.dep (+60/-0)
modules/cache/mod_socache_dbm.dsp (+111/-0)
modules/cache/mod_socache_dbm.mak (+353/-0)
modules/cache/mod_socache_dc.c (+198/-0)
modules/cache/mod_socache_dc.dep (+55/-0)
modules/cache/mod_socache_dc.dsp (+111/-0)
modules/cache/mod_socache_dc.mak (+353/-0)
modules/cache/mod_socache_memcache.c (+431/-0)
modules/cache/mod_socache_memcache.dep (+59/-0)
modules/cache/mod_socache_memcache.dsp (+111/-0)
modules/cache/mod_socache_memcache.mak (+353/-0)
modules/cache/mod_socache_shmcb.c (+1072/-0)
modules/cache/mod_socache_shmcb.dep (+56/-0)
modules/cache/mod_socache_shmcb.dsp (+111/-0)
modules/cache/mod_socache_shmcb.mak (+353/-0)
modules/cluster/Makefile.in (+3/-0)
modules/cluster/NWGNUmakefile (+246/-0)
modules/cluster/NWGNUmodheartbeat (+257/-0)
modules/cluster/NWGNUmodheartmonitor (+257/-0)
modules/cluster/README.heartbeat (+33/-0)
modules/cluster/README.heartmonitor (+30/-0)
modules/cluster/config5.m4 (+17/-0)
modules/cluster/mod_heartbeat.c (+228/-0)
modules/cluster/mod_heartbeat.dep (+55/-0)
modules/cluster/mod_heartbeat.dsp (+123/-0)
modules/cluster/mod_heartbeat.mak (+380/-0)
modules/cluster/mod_heartmonitor.c (+918/-0)
modules/cluster/mod_heartmonitor.dep (+63/-0)
modules/cluster/mod_heartmonitor.dsp (+123/-0)
modules/cluster/mod_heartmonitor.mak (+380/-0)
modules/config7.m4 (+56/-0)
modules/core/Makefile.in (+3/-0)
modules/core/NWGNUmakefile (+257/-0)
modules/core/config.m4 (+60/-0)
modules/core/mod_macro.c (+955/-0)
modules/core/mod_macro.dep (+45/-0)
modules/core/mod_macro.dsp (+111/-0)
modules/core/mod_macro.mak (+353/-0)
modules/core/mod_so.c (+442/-0)
modules/core/mod_so.h (+38/-0)
modules/core/mod_watchdog.c (+723/-0)
modules/core/mod_watchdog.dep (+59/-0)
modules/core/mod_watchdog.dsp (+115/-0)
modules/core/mod_watchdog.h (+213/-0)
modules/core/mod_watchdog.mak (+353/-0)
modules/core/test/Makefile (+67/-0)
modules/core/test/conf/inc63_1.conf (+5/-0)
modules/core/test/conf/inc63_2.conf (+3/-0)
modules/core/test/conf/test01.conf (+3/-0)
modules/core/test/conf/test02.conf (+3/-0)
modules/core/test/conf/test03.conf (+5/-0)
modules/core/test/conf/test04.conf (+5/-0)
modules/core/test/conf/test05.conf (+5/-0)
modules/core/test/conf/test06.conf (+6/-0)
modules/core/test/conf/test07.conf (+3/-0)
modules/core/test/conf/test08.conf (+3/-0)
modules/core/test/conf/test09.conf (+6/-0)
modules/core/test/conf/test10.conf (+10/-0)
modules/core/test/conf/test11.conf (+15/-0)
modules/core/test/conf/test12.conf (+12/-0)
modules/core/test/conf/test13.conf (+18/-0)
modules/core/test/conf/test14.conf (+23/-0)
modules/core/test/conf/test15.conf (+9/-0)
modules/core/test/conf/test16.conf (+11/-0)
modules/core/test/conf/test17.conf (+10/-0)
modules/core/test/conf/test18.conf (+10/-0)
modules/core/test/conf/test19.conf (+26/-0)
modules/core/test/conf/test20.conf (+11/-0)
modules/core/test/conf/test21.conf (+11/-0)
modules/core/test/conf/test22.conf (+11/-0)
modules/core/test/conf/test23.conf (+15/-0)
modules/core/test/conf/test24.conf (+23/-0)
modules/core/test/conf/test25.conf (+27/-0)
modules/core/test/conf/test26.conf (+19/-0)
modules/core/test/conf/test27.conf (+22/-0)
modules/core/test/conf/test28.conf (+13/-0)
modules/core/test/conf/test29.conf (+10/-0)
modules/core/test/conf/test30.conf (+12/-0)
modules/core/test/conf/test31.conf (+16/-0)
modules/core/test/conf/test32.conf (+7/-0)
modules/core/test/conf/test33.conf (+3/-0)
modules/core/test/conf/test34.conf (+14/-0)
modules/core/test/conf/test35.conf (+10/-0)
modules/core/test/conf/test36.conf (+12/-0)
modules/core/test/conf/test37.conf (+7/-0)
modules/core/test/conf/test38.conf (+10/-0)
modules/core/test/conf/test39.conf (+23/-0)
modules/core/test/conf/test40.conf (+33/-0)
modules/core/test/conf/test41.conf (+20/-0)
modules/core/test/conf/test42.conf (+13/-0)
modules/core/test/conf/test43.conf (+29/-0)
modules/core/test/conf/test44.conf (+19/-0)
modules/core/test/conf/test45.conf (+7/-0)
modules/core/test/conf/test46.conf (+11/-0)
modules/core/test/conf/test47.conf (+15/-0)
modules/core/test/conf/test48.conf (+23/-0)
modules/core/test/conf/test49.conf (+2/-0)
modules/core/test/conf/test50.conf (+5/-0)
modules/core/test/conf/test51.conf (+9/-0)
modules/core/test/conf/test52.conf (+8/-0)
modules/core/test/conf/test53.conf (+2/-0)
modules/core/test/conf/test54.conf (+6/-0)
modules/core/test/conf/test55.conf (+11/-0)
modules/core/test/conf/test56.conf (+18/-0)
modules/core/test/conf/test57.conf (+4/-0)
modules/core/test/conf/test58.conf (+4/-0)
modules/core/test/conf/test59.conf (+4/-0)
modules/core/test/conf/test60.conf (+17/-0)
modules/core/test/conf/test61.conf (+18/-0)
modules/core/test/conf/test62.conf (+25/-0)
modules/core/test/conf/test63.conf (+9/-0)
modules/core/test/conf/test64.conf (+5/-0)
modules/core/test/conf/test65.conf (+11/-0)
modules/core/test/conf/test66.conf (+7/-0)
modules/core/test/conf/test67.conf (+1/-0)
modules/core/test/conf/test68.conf (+5/-0)
modules/core/test/conf/test69.conf (+14/-0)
modules/core/test/ref/test01.out (+3/-0)
modules/core/test/ref/test02.out (+3/-0)
modules/core/test/ref/test03.out (+3/-0)
modules/core/test/ref/test04.out (+3/-0)
modules/core/test/ref/test05.out (+3/-0)
modules/core/test/ref/test06.out (+3/-0)
modules/core/test/ref/test07.out (+3/-0)
modules/core/test/ref/test08.out (+3/-0)
modules/core/test/ref/test09.out (+3/-0)
modules/core/test/ref/test10.out (+3/-0)
modules/core/test/ref/test11.out (+6/-0)
modules/core/test/ref/test12.out (+7/-0)
modules/core/test/ref/test13.out (+8/-0)
modules/core/test/ref/test14.out (+14/-0)
modules/core/test/ref/test15.out (+6/-0)
modules/core/test/ref/test16.out (+5/-0)
modules/core/test/ref/test17.out (+7/-0)
modules/core/test/ref/test18.out (+7/-0)
modules/core/test/ref/test19.out (+9/-0)
modules/core/test/ref/test20.out (+4/-0)
modules/core/test/ref/test21.out (+5/-0)
modules/core/test/ref/test22.out (+6/-0)
modules/core/test/ref/test23.out (+7/-0)
modules/core/test/ref/test24.out (+8/-0)
modules/core/test/ref/test25.out (+9/-0)
modules/core/test/ref/test26.out (+11/-0)
modules/core/test/ref/test27.out (+8/-0)
modules/core/test/ref/test28.out (+6/-0)
modules/core/test/ref/test29.out (+4/-0)
modules/core/test/ref/test30.out (+7/-0)
modules/core/test/ref/test31.out (+23/-0)
modules/core/test/ref/test32.out (+3/-0)
modules/core/test/ref/test33.out (+3/-0)
modules/core/test/ref/test34.out (+13/-0)
modules/core/test/ref/test35.out (+13/-0)
modules/core/test/ref/test36.out (+20/-0)
modules/core/test/ref/test37.out (+3/-0)
modules/core/test/ref/test38.out (+6/-0)
modules/core/test/ref/test39.out (+7/-0)
modules/core/test/ref/test40.out (+18/-0)
modules/core/test/ref/test41.out (+9/-0)
modules/core/test/ref/test42.out (+15/-0)
modules/core/test/ref/test43.out (+8/-0)
modules/core/test/ref/test44.out (+5/-0)
modules/core/test/ref/test45.out (+19/-0)
modules/core/test/ref/test46.out (+9/-0)
modules/core/test/ref/test47.out (+8/-0)
modules/core/test/ref/test48.out (+20/-0)
modules/core/test/ref/test49.out (+3/-0)
modules/core/test/ref/test50.out (+3/-0)
modules/core/test/ref/test51.out (+3/-0)
modules/core/test/ref/test52.out (+6/-0)
modules/core/test/ref/test53.out (+3/-0)
modules/core/test/ref/test54.out (+6/-0)
modules/core/test/ref/test55.out (+8/-0)
modules/core/test/ref/test56.out (+12/-0)
modules/core/test/ref/test57.out (+3/-0)
modules/core/test/ref/test58.out (+3/-0)
modules/core/test/ref/test59.out (+3/-0)
modules/core/test/ref/test60.out (+15/-0)
modules/core/test/ref/test61.out (+9/-0)
modules/core/test/ref/test62.out (+15/-0)
modules/core/test/ref/test63.out (+10/-0)
modules/core/test/ref/test64.out (+7/-0)
modules/core/test/ref/test65.out (+7/-0)
modules/core/test/ref/test66.out (+7/-0)
modules/core/test/ref/test67.out (+5/-0)
modules/core/test/ref/test68.out (+6/-0)
modules/core/test/ref/test69.out (+10/-0)
modules/database/Makefile.in (+3/-0)
modules/database/NWGNUmakefile (+262/-0)
modules/database/config.m4 (+8/-0)
modules/database/mod_dbd.c (+992/-0)
modules/database/mod_dbd.dep (+58/-0)
modules/database/mod_dbd.dsp (+115/-0)
modules/database/mod_dbd.h (+123/-0)
modules/database/mod_dbd.mak (+353/-0)
modules/dav/fs/Makefile.in (+3/-0)
modules/dav/fs/NWGNUmakefile (+269/-0)
modules/dav/fs/config6.m4 (+23/-0)
modules/dav/fs/dbm.c (+771/-0)
modules/dav/fs/lock.c (+1445/-0)
modules/dav/fs/mod_dav_fs.c (+108/-0)
modules/dav/fs/mod_dav_fs.dep (+203/-0)
modules/dav/fs/mod_dav_fs.dsp (+135/-0)
modules/dav/fs/mod_dav_fs.mak (+407/-0)
modules/dav/fs/repos.c (+2254/-0)
modules/dav/fs/repos.h (+84/-0)
modules/dav/lock/Makefile.in (+3/-0)
modules/dav/lock/NWGNUmakefile (+259/-0)
modules/dav/lock/config6.m4 (+17/-0)
modules/dav/lock/locks.c (+1211/-0)
modules/dav/lock/locks.h (+33/-0)
modules/dav/lock/mod_dav_lock.c (+104/-0)
modules/dav/lock/mod_dav_lock.dep (+100/-0)
modules/dav/lock/mod_dav_lock.dsp (+127/-0)
modules/dav/lock/mod_dav_lock.mak (+389/-0)
modules/dav/main/Makefile.in (+3/-0)
modules/dav/main/NWGNUmakefile (+268/-0)
modules/dav/main/config5.m4 (+21/-0)
modules/dav/main/liveprop.c (+140/-0)
modules/dav/main/mod_dav.c (+4946/-0)
modules/dav/main/mod_dav.dep (+354/-0)
modules/dav/main/mod_dav.dsp (+147/-0)
modules/dav/main/mod_dav.h (+2553/-0)
modules/dav/main/mod_dav.mak (+406/-0)
modules/dav/main/props.c (+1125/-0)
modules/dav/main/providers.c (+58/-0)
modules/dav/main/std_liveprop.c (+226/-0)
modules/dav/main/util.c (+2152/-0)
modules/dav/main/util_lock.c (+798/-0)
modules/debugging/Makefile.in (+3/-0)
modules/debugging/NWGNUmakefile (+246/-0)
modules/debugging/NWGNUmodbucketeer (+248/-0)
modules/debugging/NWGNUmoddumpio (+248/-0)
modules/debugging/README (+1/-0)
modules/debugging/config.m4 (+7/-0)
modules/debugging/mod_bucketeer.c (+187/-0)
modules/debugging/mod_bucketeer.dep (+53/-0)
modules/debugging/mod_bucketeer.dsp (+111/-0)
modules/debugging/mod_bucketeer.mak (+353/-0)
modules/debugging/mod_dumpio.c (+250/-0)
modules/debugging/mod_dumpio.dep (+50/-0)
modules/debugging/mod_dumpio.dsp (+111/-0)
modules/debugging/mod_dumpio.mak (+353/-0)
modules/echo/.indent.pro (+54/-0)
modules/echo/Makefile.in (+3/-0)
modules/echo/NWGNUmakefile (+257/-0)
modules/echo/config.m4 (+9/-0)
modules/echo/mod_echo.c (+218/-0)
modules/echo/mod_echo.dep (+56/-0)
modules/echo/mod_echo.dsp (+111/-0)
modules/echo/mod_echo.mak (+353/-0)
modules/examples/Makefile.in (+3/-0)
modules/examples/NWGNUcase_flt (+256/-0)
modules/examples/NWGNUcase_flt_in (+256/-0)
modules/examples/NWGNUexample_hooks (+257/-0)
modules/examples/NWGNUexample_ipc (+257/-0)
modules/examples/NWGNUmakefile (+257/-0)
modules/examples/README (+54/-0)
modules/examples/config.m4 (+9/-0)
modules/examples/mod_case_filter.c (+139/-0)
modules/examples/mod_case_filter.dep (+46/-0)
modules/examples/mod_case_filter.dsp (+111/-0)
modules/examples/mod_case_filter.mak (+353/-0)
modules/examples/mod_case_filter_in.c (+160/-0)
modules/examples/mod_case_filter_in.dep (+46/-0)
modules/examples/mod_case_filter_in.dsp (+111/-0)
modules/examples/mod_case_filter_in.mak (+353/-0)
modules/examples/mod_example_hooks.c (+1534/-0)
modules/examples/mod_example_hooks.dep (+62/-0)
modules/examples/mod_example_hooks.dsp (+111/-0)
modules/examples/mod_example_hooks.mak (+353/-0)
modules/examples/mod_example_ipc.c (+356/-0)
modules/examples/mod_example_ipc.dep (+56/-0)
modules/examples/mod_example_ipc.dsp (+111/-0)
modules/examples/mod_example_ipc.mak (+353/-0)
modules/experimental/.indent.pro (+54/-0)
modules/experimental/Makefile.in (+3/-0)
modules/experimental/NWGNUmakefile (+253/-0)
modules/experimental/config.m4 (+4/-0)
modules/filters/.indent.pro (+54/-0)
modules/filters/Makefile.in (+3/-0)
modules/filters/NWGNUcharsetl (+257/-0)
modules/filters/NWGNUdeflate (+279/-0)
modules/filters/NWGNUextfiltr (+248/-0)
modules/filters/NWGNUmakefile (+273/-0)
modules/filters/NWGNUmod_data (+248/-0)
modules/filters/NWGNUmod_filter (+248/-0)
modules/filters/NWGNUmod_request (+248/-0)
modules/filters/NWGNUmodbuffer (+256/-0)
modules/filters/NWGNUmodsed (+259/-0)
modules/filters/NWGNUproxyhtml (+261/-0)
modules/filters/NWGNUratelimit (+256/-0)
modules/filters/NWGNUreflector (+256/-0)
modules/filters/NWGNUreqtimeout (+256/-0)
modules/filters/NWGNUsubstitute (+256/-0)
modules/filters/NWGNUxml2enc (+258/-0)
modules/filters/config.m4 (+197/-0)
modules/filters/libsed.h (+172/-0)
modules/filters/mod_brotli.c (+592/-0)
modules/filters/mod_brotli.dep (+45/-0)
modules/filters/mod_brotli.dsp (+111/-0)
modules/filters/mod_brotli.mak (+353/-0)
modules/filters/mod_buffer.c (+353/-0)
modules/filters/mod_buffer.dep (+48/-0)
modules/filters/mod_buffer.dsp (+111/-0)
modules/filters/mod_buffer.mak (+353/-0)
modules/filters/mod_charset_lite.c (+1142/-0)
modules/filters/mod_charset_lite.dep (+60/-0)
modules/filters/mod_charset_lite.dsp (+111/-0)
modules/filters/mod_charset_lite.exp (+1/-0)
modules/filters/mod_charset_lite.mak (+353/-0)
modules/filters/mod_data.c (+255/-0)
modules/filters/mod_data.dep (+55/-0)
modules/filters/mod_data.dsp (+111/-0)
modules/filters/mod_data.mak (+353/-0)
modules/filters/mod_deflate.c (+1912/-0)
modules/filters/mod_deflate.dep (+52/-0)
modules/filters/mod_deflate.dsp (+111/-0)
modules/filters/mod_deflate.exp (+1/-0)
modules/filters/mod_deflate.mak (+353/-0)
modules/filters/mod_ext_filter.c (+956/-0)
modules/filters/mod_ext_filter.dep (+58/-0)
modules/filters/mod_ext_filter.dsp (+111/-0)
modules/filters/mod_ext_filter.exp (+1/-0)
modules/filters/mod_ext_filter.mak (+353/-0)
modules/filters/mod_filter.c (+767/-0)
modules/filters/mod_filter.dep (+50/-0)
modules/filters/mod_filter.dsp (+111/-0)
modules/filters/mod_filter.mak (+353/-0)
modules/filters/mod_include.c (+4236/-0)
modules/filters/mod_include.dep (+63/-0)
modules/filters/mod_include.dsp (+115/-0)
modules/filters/mod_include.exp (+1/-0)
modules/filters/mod_include.h (+120/-0)
modules/filters/mod_include.mak (+353/-0)
modules/filters/mod_proxy_html.c (+1281/-0)
modules/filters/mod_proxy_html.dep (+58/-0)
modules/filters/mod_proxy_html.dsp (+123/-0)
modules/filters/mod_proxy_html.mak (+352/-0)
modules/filters/mod_ratelimit.c (+356/-0)
modules/filters/mod_ratelimit.dep (+45/-0)
modules/filters/mod_ratelimit.dsp (+115/-0)
modules/filters/mod_ratelimit.h (+51/-0)
modules/filters/mod_ratelimit.mak (+353/-0)
modules/filters/mod_reflector.c (+226/-0)
modules/filters/mod_reflector.dep (+57/-0)
modules/filters/mod_reflector.dsp (+111/-0)
modules/filters/mod_reflector.mak (+353/-0)
modules/filters/mod_reqtimeout.c (+657/-0)
modules/filters/mod_reqtimeout.dep (+58/-0)
modules/filters/mod_reqtimeout.dsp (+111/-0)
modules/filters/mod_reqtimeout.mak (+353/-0)
modules/filters/mod_request.c (+397/-0)
modules/filters/mod_request.dep (+55/-0)
modules/filters/mod_request.dsp (+115/-0)
modules/filters/mod_request.mak (+353/-0)
modules/filters/mod_sed.c (+537/-0)
modules/filters/mod_sed.dep (+109/-0)
modules/filters/mod_sed.dsp (+135/-0)
modules/filters/mod_sed.mak (+380/-0)
modules/filters/mod_substitute.c (+730/-0)
modules/filters/mod_substitute.dep (+53/-0)
modules/filters/mod_substitute.dsp (+111/-0)
modules/filters/mod_substitute.mak (+353/-0)
modules/filters/mod_xml2enc.c (+631/-0)
modules/filters/mod_xml2enc.dep (+54/-0)
modules/filters/mod_xml2enc.dsp (+123/-0)
modules/filters/mod_xml2enc.h (+55/-0)
modules/filters/mod_xml2enc.mak (+352/-0)
modules/filters/regexp.c (+599/-0)
modules/filters/regexp.h (+112/-0)
modules/filters/sed.h (+61/-0)
modules/filters/sed0.c (+1026/-0)
modules/filters/sed1.c (+1020/-0)
modules/generators/.indent.pro (+54/-0)
modules/generators/Makefile.in (+3/-0)
modules/generators/NWGNUautoindex (+249/-0)
modules/generators/NWGNUinfo (+248/-0)
modules/generators/NWGNUmakefile (+249/-0)
modules/generators/NWGNUmod_asis (+249/-0)
modules/generators/NWGNUmod_cgi (+249/-0)
modules/generators/NWGNUstatus (+248/-0)
modules/generators/config5.m4 (+81/-0)
modules/generators/mod_asis.c (+128/-0)
modules/generators/mod_asis.dep (+56/-0)
modules/generators/mod_asis.dsp (+111/-0)
modules/generators/mod_asis.exp (+1/-0)
modules/generators/mod_asis.mak (+353/-0)
modules/generators/mod_autoindex.c (+2348/-0)
modules/generators/mod_autoindex.dep (+61/-0)
modules/generators/mod_autoindex.dsp (+111/-0)
modules/generators/mod_autoindex.exp (+1/-0)
modules/generators/mod_autoindex.mak (+353/-0)
modules/generators/mod_cgi.c (+1281/-0)
modules/generators/mod_cgi.dep (+64/-0)
modules/generators/mod_cgi.dsp (+115/-0)
modules/generators/mod_cgi.exp (+1/-0)
modules/generators/mod_cgi.h (+67/-0)
modules/generators/mod_cgi.mak (+353/-0)
modules/generators/mod_cgid.c (+1980/-0)
modules/generators/mod_cgid.exp (+1/-0)
modules/generators/mod_info.c (+1011/-0)
modules/generators/mod_info.dep (+66/-0)
modules/generators/mod_info.dsp (+111/-0)
modules/generators/mod_info.exp (+1/-0)
modules/generators/mod_info.mak (+353/-0)
modules/generators/mod_status.c (+1014/-0)
modules/generators/mod_status.dep (+60/-0)
modules/generators/mod_status.dsp (+111/-0)
modules/generators/mod_status.exp (+1/-0)
modules/generators/mod_status.h (+64/-0)
modules/generators/mod_status.mak (+353/-0)
modules/generators/mod_suexec.c (+139/-0)
modules/generators/mod_suexec.h (+33/-0)
modules/http/.indent.pro (+54/-0)
modules/http/Makefile.in (+3/-0)
modules/http/byterange_filter.c (+611/-0)
modules/http/chunk_filter.c (+196/-0)
modules/http/config.m4 (+20/-0)
modules/http/http_core.c (+328/-0)
modules/http/http_etag.c (+220/-0)
modules/http/http_filters.c (+1907/-0)
modules/http/http_protocol.c (+1690/-0)
modules/http/http_request.c (+836/-0)
modules/http/mod_mime.c (+1026/-0)
modules/http/mod_mime.dep (+55/-0)
modules/http/mod_mime.dsp (+111/-0)
modules/http/mod_mime.exp (+1/-0)
modules/http/mod_mime.mak (+353/-0)
modules/http2/.gitignore (+35/-0)
modules/http2/Makefile.in (+20/-0)
modules/http2/NWGNUmakefile (+246/-0)
modules/http2/NWGNUmod_http2 (+395/-0)
modules/http2/NWGNUproxyht2 (+288/-0)
modules/http2/README.h2 (+70/-0)
modules/http2/config2.m4 (+235/-0)
modules/http2/h2.h (+160/-0)
modules/http2/h2_alt_svc.c (+130/-0)
modules/http2/h2_alt_svc.h (+39/-0)
modules/http2/h2_bucket_beam.c (+1273/-0)
modules/http2/h2_bucket_beam.h (+405/-0)
modules/http2/h2_bucket_eos.c (+111/-0)
modules/http2/h2_bucket_eos.h (+31/-0)
modules/http2/h2_config.c (+677/-0)
modules/http2/h2_config.h (+103/-0)
modules/http2/h2_conn.c (+366/-0)
modules/http2/h2_conn.h (+76/-0)
modules/http2/h2_conn_io.c (+388/-0)
modules/http2/h2_conn_io.h (+76/-0)
modules/http2/h2_ctx.c (+120/-0)
modules/http2/h2_ctx.h (+77/-0)
modules/http2/h2_filter.c (+560/-0)
modules/http2/h2_filter.h (+72/-0)
modules/http2/h2_from_h1.c (+862/-0)
modules/http2/h2_from_h1.h (+49/-0)
modules/http2/h2_h2.c (+765/-0)
modules/http2/h2_h2.h (+78/-0)
modules/http2/h2_headers.c (+177/-0)
modules/http2/h2_headers.h (+76/-0)
modules/http2/h2_mplx.c (+1270/-0)
modules/http2/h2_mplx.h (+329/-0)
modules/http2/h2_ngn_shed.c (+391/-0)
modules/http2/h2_ngn_shed.h (+78/-0)
modules/http2/h2_private.h (+27/-0)
modules/http2/h2_proxy_session.c (+1583/-0)
modules/http2/h2_proxy_session.h (+127/-0)
modules/http2/h2_proxy_util.c (+1336/-0)
modules/http2/h2_proxy_util.h (+255/-0)
modules/http2/h2_push.c (+1059/-0)
modules/http2/h2_push.h (+118/-0)
modules/http2/h2_request.c (+337/-0)
modules/http2/h2_request.h (+47/-0)
modules/http2/h2_session.c (+2288/-0)
modules/http2/h2_session.h (+224/-0)
modules/http2/h2_stream.c (+1083/-0)
modules/http2/h2_stream.h (+314/-0)
modules/http2/h2_switch.c (+194/-0)
modules/http2/h2_switch.h (+29/-0)
modules/http2/h2_task.c (+761/-0)
modules/http2/h2_task.h (+126/-0)
modules/http2/h2_util.c (+2010/-0)
modules/http2/h2_util.h (+543/-0)
modules/http2/h2_version.h (+40/-0)
modules/http2/h2_workers.c (+371/-0)
modules/http2/h2_workers.h (+82/-0)
modules/http2/mod_http2.c (+383/-0)
modules/http2/mod_http2.dep (+1433/-0)
modules/http2/mod_http2.dsp (+195/-0)
modules/http2/mod_http2.h (+95/-0)
modules/http2/mod_http2.mak (+542/-0)
modules/http2/mod_proxy_http2.c (+670/-0)
modules/http2/mod_proxy_http2.dep (+208/-0)
modules/http2/mod_proxy_http2.dsp (+119/-0)
modules/http2/mod_proxy_http2.h (+20/-0)
modules/http2/mod_proxy_http2.mak (+427/-0)
modules/ldap/Makefile.in (+3/-0)
modules/ldap/NWGNUmakefile (+264/-0)
modules/ldap/README.ldap (+47/-0)
modules/ldap/config.m4 (+25/-0)
modules/ldap/mod_ldap.dep (+192/-0)
modules/ldap/mod_ldap.dsp (+127/-0)
modules/ldap/mod_ldap.mak (+371/-0)
modules/ldap/util_ldap.c (+3222/-0)
modules/ldap/util_ldap_cache.c (+464/-0)
modules/ldap/util_ldap_cache.h (+204/-0)
modules/ldap/util_ldap_cache_mgr.c (+882/-0)
modules/loggers/.indent.pro (+54/-0)
modules/loggers/Makefile.in (+3/-0)
modules/loggers/NWGNUforensic (+258/-0)
modules/loggers/NWGNUlogdebug (+258/-0)
modules/loggers/NWGNUmakefile (+247/-0)
modules/loggers/NWGNUmodlogio (+258/-0)
modules/loggers/config.m4 (+20/-0)
modules/loggers/mod_log_config.c (+1858/-0)
modules/loggers/mod_log_config.dep (+62/-0)
modules/loggers/mod_log_config.dsp (+111/-0)
modules/loggers/mod_log_config.exp (+1/-0)
modules/loggers/mod_log_config.h (+74/-0)
modules/loggers/mod_log_config.mak (+353/-0)
modules/loggers/mod_log_debug.c (+287/-0)
modules/loggers/mod_log_debug.dep (+54/-0)
modules/loggers/mod_log_debug.dsp (+111/-0)
modules/loggers/mod_log_debug.mak (+325/-0)
modules/loggers/mod_log_forensic.c (+289/-0)
modules/loggers/mod_log_forensic.dep (+53/-0)
modules/loggers/mod_log_forensic.dsp (+111/-0)
modules/loggers/mod_log_forensic.exp (+1/-0)
modules/loggers/mod_log_forensic.mak (+353/-0)
modules/loggers/mod_logio.c (+284/-0)
modules/loggers/mod_logio.dep (+59/-0)
modules/loggers/mod_logio.dsp (+111/-0)
modules/loggers/mod_logio.mak (+353/-0)
modules/lua/Makefile.in (+3/-0)
modules/lua/NWGNUmakefile (+287/-0)
modules/lua/README (+54/-0)
modules/lua/config.m4 (+113/-0)
modules/lua/docs/README (+12/-0)
modules/lua/docs/basic-configuration.txt (+141/-0)
modules/lua/docs/building-from-subversion.txt (+72/-0)
modules/lua/docs/running-developer-tests.txt (+16/-0)
modules/lua/docs/writing-handlers.txt (+49/-0)
modules/lua/lua_apr.c (+104/-0)
modules/lua/lua_apr.h (+36/-0)
modules/lua/lua_config.c (+277/-0)
modules/lua/lua_config.h (+31/-0)
modules/lua/lua_dbd.c (+843/-0)
modules/lua/lua_dbd.h (+66/-0)
modules/lua/lua_passwd.c (+178/-0)
modules/lua/lua_passwd.h (+90/-0)
modules/lua/lua_request.c (+3024/-0)
modules/lua/lua_request.h (+58/-0)
modules/lua/lua_vmprep.c (+551/-0)
modules/lua/lua_vmprep.h (+147/-0)
modules/lua/mod_lua.c (+2174/-0)
modules/lua/mod_lua.dep (+418/-0)
modules/lua/mod_lua.dsp (+163/-0)
modules/lua/mod_lua.h (+177/-0)
modules/lua/mod_lua.mak (+407/-0)
modules/lua/test/helpers.lua (+36/-0)
modules/lua/test/htdocs/config_tests.lua (+37/-0)
modules/lua/test/htdocs/filters.lua (+7/-0)
modules/lua/test/htdocs/find_me.txt (+1/-0)
modules/lua/test/htdocs/headers.lua (+6/-0)
modules/lua/test/htdocs/hooks.lua (+29/-0)
modules/lua/test/htdocs/other.lua (+21/-0)
modules/lua/test/htdocs/simple.lua (+4/-0)
modules/lua/test/htdocs/test.lua (+129/-0)
modules/lua/test/lib/kangaroo.lua (+19/-0)
modules/lua/test/moonunit.lua (+52/-0)
modules/lua/test/test.lua (+126/-0)
modules/lua/test/test_httpd.conf (+31/-0)
modules/mappers/.indent.pro (+54/-0)
modules/mappers/Makefile.in (+3/-0)
modules/mappers/NWGNUactions (+248/-0)
modules/mappers/NWGNUimagemap (+249/-0)
modules/mappers/NWGNUmakefile (+250/-0)
modules/mappers/NWGNUrewrite (+250/-0)
modules/mappers/NWGNUspeling (+248/-0)
modules/mappers/NWGNUuserdir (+249/-0)
modules/mappers/NWGNUvhost (+249/-0)
modules/mappers/config9.m4 (+19/-0)
modules/mappers/mod_actions.c (+230/-0)
modules/mappers/mod_actions.dep (+58/-0)
modules/mappers/mod_actions.dsp (+111/-0)
modules/mappers/mod_actions.exp (+1/-0)
modules/mappers/mod_actions.mak (+353/-0)
modules/mappers/mod_alias.c (+726/-0)
modules/mappers/mod_alias.dep (+51/-0)
modules/mappers/mod_alias.dsp (+111/-0)
modules/mappers/mod_alias.exp (+1/-0)
modules/mappers/mod_alias.mak (+353/-0)
modules/mappers/mod_dir.c (+417/-0)
modules/mappers/mod_dir.dep (+60/-0)
modules/mappers/mod_dir.dsp (+111/-0)
modules/mappers/mod_dir.exp (+1/-0)
modules/mappers/mod_dir.mak (+353/-0)
modules/mappers/mod_imagemap.c (+897/-0)
modules/mappers/mod_imagemap.dep (+60/-0)
modules/mappers/mod_imagemap.dsp (+111/-0)
modules/mappers/mod_imagemap.exp (+1/-0)
modules/mappers/mod_imagemap.mak (+353/-0)
modules/mappers/mod_negotiation.c (+3228/-0)
modules/mappers/mod_negotiation.dep (+58/-0)
modules/mappers/mod_negotiation.dsp (+111/-0)
modules/mappers/mod_negotiation.exp (+1/-0)
modules/mappers/mod_negotiation.mak (+353/-0)
modules/mappers/mod_rewrite.c (+5326/-0)
modules/mappers/mod_rewrite.dep (+65/-0)
modules/mappers/mod_rewrite.dsp (+111/-0)
modules/mappers/mod_rewrite.exp (+1/-0)
modules/mappers/mod_rewrite.h (+42/-0)
modules/mappers/mod_rewrite.mak (+353/-0)
modules/mappers/mod_speling.c (+533/-0)
modules/mappers/mod_speling.dep (+51/-0)
modules/mappers/mod_speling.dsp (+111/-0)
modules/mappers/mod_speling.exp (+1/-0)
modules/mappers/mod_speling.mak (+353/-0)
modules/mappers/mod_userdir.c (+390/-0)
modules/mappers/mod_userdir.dep (+46/-0)
modules/mappers/mod_userdir.dsp (+111/-0)
modules/mappers/mod_userdir.exp (+1/-0)
modules/mappers/mod_userdir.mak (+353/-0)
modules/mappers/mod_vhost_alias.c (+457/-0)
modules/mappers/mod_vhost_alias.dep (+50/-0)
modules/mappers/mod_vhost_alias.dsp (+111/-0)
modules/mappers/mod_vhost_alias.exp (+1/-0)
modules/mappers/mod_vhost_alias.mak (+353/-0)
modules/metadata/.indent.pro (+54/-0)
modules/metadata/Makefile.in (+3/-0)
modules/metadata/NWGNUcernmeta (+248/-0)
modules/metadata/NWGNUexpires (+248/-0)
modules/metadata/NWGNUheaders (+249/-0)
modules/metadata/NWGNUmakefile (+254/-0)
modules/metadata/NWGNUmimemagi (+248/-0)
modules/metadata/NWGNUmodident (+248/-0)
modules/metadata/NWGNUmodversion (+248/-0)
modules/metadata/NWGNUremoteip (+248/-0)
modules/metadata/NWGNUuniqueid (+257/-0)
modules/metadata/NWGNUusertrk (+248/-0)
modules/metadata/config.m4 (+24/-0)
modules/metadata/mod_cern_meta.c (+371/-0)
modules/metadata/mod_cern_meta.dep (+55/-0)
modules/metadata/mod_cern_meta.dsp (+111/-0)
modules/metadata/mod_cern_meta.exp (+1/-0)
modules/metadata/mod_cern_meta.mak (+353/-0)
modules/metadata/mod_env.c (+190/-0)
modules/metadata/mod_env.dep (+47/-0)
modules/metadata/mod_env.dsp (+111/-0)
modules/metadata/mod_env.exp (+1/-0)
modules/metadata/mod_env.mak (+353/-0)
modules/metadata/mod_expires.c (+571/-0)
modules/metadata/mod_expires.dep (+54/-0)
modules/metadata/mod_expires.dsp (+111/-0)
modules/metadata/mod_expires.exp (+1/-0)
modules/metadata/mod_expires.mak (+353/-0)
modules/metadata/mod_headers.c (+1020/-0)
modules/metadata/mod_headers.dep (+57/-0)
modules/metadata/mod_headers.dsp (+111/-0)
modules/metadata/mod_headers.exp (+1/-0)
modules/metadata/mod_headers.mak (+353/-0)
modules/metadata/mod_ident.c (+344/-0)
modules/metadata/mod_ident.dep (+52/-0)
modules/metadata/mod_ident.dsp (+111/-0)
modules/metadata/mod_ident.exp (+1/-0)
modules/metadata/mod_ident.mak (+353/-0)
modules/metadata/mod_mime_magic.c (+2471/-0)
modules/metadata/mod_mime_magic.dep (+58/-0)
modules/metadata/mod_mime_magic.dsp (+111/-0)
modules/metadata/mod_mime_magic.exp (+1/-0)
modules/metadata/mod_mime_magic.mak (+353/-0)
modules/metadata/mod_remoteip.c (+466/-0)
modules/metadata/mod_remoteip.dep (+53/-0)
modules/metadata/mod_remoteip.dsp (+111/-0)
modules/metadata/mod_remoteip.mak (+353/-0)
modules/metadata/mod_setenvif.c (+648/-0)
modules/metadata/mod_setenvif.dep (+56/-0)
modules/metadata/mod_setenvif.dsp (+111/-0)
modules/metadata/mod_setenvif.exp (+1/-0)
modules/metadata/mod_setenvif.mak (+353/-0)
modules/metadata/mod_unique_id.c (+316/-0)
modules/metadata/mod_unique_id.dep (+50/-0)
modules/metadata/mod_unique_id.dsp (+111/-0)
modules/metadata/mod_unique_id.exp (+1/-0)
modules/metadata/mod_unique_id.mak (+353/-0)
modules/metadata/mod_usertrack.c (+459/-0)
modules/metadata/mod_usertrack.dep (+51/-0)
modules/metadata/mod_usertrack.dsp (+111/-0)
modules/metadata/mod_usertrack.exp (+1/-0)
modules/metadata/mod_usertrack.mak (+353/-0)
modules/metadata/mod_version.c (+313/-0)
modules/metadata/mod_version.dep (+45/-0)
modules/metadata/mod_version.dsp (+111/-0)
modules/metadata/mod_version.exp (+1/-0)
modules/metadata/mod_version.mak (+353/-0)
modules/proxy/.indent.pro (+58/-0)
modules/proxy/CHANGES (+223/-0)
modules/proxy/Makefile.in (+4/-0)
modules/proxy/NWGNUmakefile (+259/-0)
modules/proxy/NWGNUproxy (+337/-0)
modules/proxy/NWGNUproxyajp (+264/-0)
modules/proxy/NWGNUproxybalancer (+260/-0)
modules/proxy/NWGNUproxycon (+251/-0)
modules/proxy/NWGNUproxyexpress (+256/-0)
modules/proxy/NWGNUproxyfcgi (+261/-0)
modules/proxy/NWGNUproxyftp (+260/-0)
modules/proxy/NWGNUproxyhcheck (+254/-0)
modules/proxy/NWGNUproxyhtp (+260/-0)
modules/proxy/NWGNUproxylbm_busy (+250/-0)
modules/proxy/NWGNUproxylbm_hb (+251/-0)
modules/proxy/NWGNUproxylbm_req (+251/-0)
modules/proxy/NWGNUproxylbm_traf (+251/-0)
modules/proxy/NWGNUproxyscgi (+260/-0)
modules/proxy/NWGNUproxywstunnel (+250/-0)
modules/proxy/ajp.h (+520/-0)
modules/proxy/ajp_header.c (+885/-0)
modules/proxy/ajp_header.h (+195/-0)
modules/proxy/ajp_link.c (+115/-0)
modules/proxy/ajp_msg.c (+641/-0)
modules/proxy/ajp_utils.c (+137/-0)
modules/proxy/balancers/Makefile.in (+3/-0)
modules/proxy/balancers/config2.m4 (+8/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.c (+161/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_bybusyness.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.c (+201/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_byrequests.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.c (+170/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.dep (+76/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_bytraffic.mak (+408/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.c (+467/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.dep (+77/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.dsp (+123/-0)
modules/proxy/balancers/mod_lbmethod_heartbeat.mak (+408/-0)
modules/proxy/config.m4 (+76/-0)
modules/proxy/libproxy.exp (+1/-0)
modules/proxy/mod_proxy.c (+2916/-0)
modules/proxy/mod_proxy.dep (+153/-0)
modules/proxy/mod_proxy.dsp (+127/-0)
modules/proxy/mod_proxy.h (+1211/-0)
modules/proxy/mod_proxy.mak (+361/-0)
modules/proxy/mod_proxy_ajp.c (+829/-0)
modules/proxy/mod_proxy_ajp.dep (+356/-0)
modules/proxy/mod_proxy_ajp.dsp (+151/-0)
modules/proxy/mod_proxy_ajp.mak (+416/-0)
modules/proxy/mod_proxy_balancer.c (+1829/-0)
modules/proxy/mod_proxy_balancer.dep (+76/-0)
modules/proxy/mod_proxy_balancer.dsp (+123/-0)
modules/proxy/mod_proxy_balancer.mak (+380/-0)
modules/proxy/mod_proxy_connect.c (+486/-0)
modules/proxy/mod_proxy_connect.dep (+73/-0)
modules/proxy/mod_proxy_connect.dsp (+123/-0)
modules/proxy/mod_proxy_connect.mak (+380/-0)
modules/proxy/mod_proxy_express.c (+221/-0)
modules/proxy/mod_proxy_express.dep (+74/-0)
modules/proxy/mod_proxy_express.dsp (+123/-0)
modules/proxy/mod_proxy_express.mak (+380/-0)
modules/proxy/mod_proxy_fcgi.c (+1174/-0)
modules/proxy/mod_proxy_fcgi.dep (+75/-0)
modules/proxy/mod_proxy_fcgi.dsp (+123/-0)
modules/proxy/mod_proxy_fcgi.mak (+380/-0)
modules/proxy/mod_proxy_fdpass.c (+241/-0)
modules/proxy/mod_proxy_fdpass.h (+41/-0)
modules/proxy/mod_proxy_ftp.c (+2125/-0)
modules/proxy/mod_proxy_ftp.dep (+74/-0)
modules/proxy/mod_proxy_ftp.dsp (+123/-0)
modules/proxy/mod_proxy_ftp.mak (+380/-0)
modules/proxy/mod_proxy_hcheck.c (+1224/-0)
modules/proxy/mod_proxy_hcheck.dep (+5/-0)
modules/proxy/mod_proxy_hcheck.dsp (+123/-0)
modules/proxy/mod_proxy_hcheck.mak (+380/-0)
modules/proxy/mod_proxy_http.c (+2043/-0)
modules/proxy/mod_proxy_http.dep (+73/-0)
modules/proxy/mod_proxy_http.dsp (+123/-0)
modules/proxy/mod_proxy_http.mak (+380/-0)
modules/proxy/mod_proxy_scgi.c (+674/-0)
modules/proxy/mod_proxy_scgi.dep (+75/-0)
modules/proxy/mod_proxy_scgi.dsp (+123/-0)
modules/proxy/mod_proxy_scgi.mak (+380/-0)
modules/proxy/mod_proxy_wstunnel.c (+390/-0)
modules/proxy/mod_proxy_wstunnel.dep (+73/-0)
modules/proxy/mod_proxy_wstunnel.dsp (+123/-0)
modules/proxy/mod_proxy_wstunnel.mak (+380/-0)
modules/proxy/proxy_util.c (+3867/-0)
modules/proxy/proxy_util.h (+45/-0)
modules/proxy/scgi.h (+36/-0)
modules/session/Makefile.in (+4/-0)
modules/session/NWGNUmakefile (+257/-0)
modules/session/NWGNUsession (+254/-0)
modules/session/NWGNUsession_cookie (+253/-0)
modules/session/NWGNUsession_crypto (+255/-0)
modules/session/NWGNUsession_dbd (+253/-0)
modules/session/config.m4 (+68/-0)
modules/session/mod_session.c (+668/-0)
modules/session/mod_session.dep (+56/-0)
modules/session/mod_session.dsp (+115/-0)
modules/session/mod_session.h (+186/-0)
modules/session/mod_session.mak (+353/-0)
modules/session/mod_session_cookie.c (+284/-0)
modules/session/mod_session_cookie.dep (+49/-0)
modules/session/mod_session_cookie.dsp (+111/-0)
modules/session/mod_session_cookie.mak (+381/-0)
modules/session/mod_session_crypto.c (+805/-0)
modules/session/mod_session_crypto.dep (+57/-0)
modules/session/mod_session_crypto.dsp (+111/-0)
modules/session/mod_session_crypto.mak (+381/-0)
modules/session/mod_session_dbd.c (+640/-0)
modules/session/mod_session_dbd.dep (+60/-0)
modules/session/mod_session_dbd.dsp (+111/-0)
modules/session/mod_session_dbd.mak (+409/-0)
modules/slotmem/Makefile.in (+3/-0)
modules/slotmem/NWGNUmakefile (+246/-0)
modules/slotmem/NWGNUslotmem_plain (+250/-0)
modules/slotmem/NWGNUslotmem_shm (+250/-0)
modules/slotmem/config.m4 (+10/-0)
modules/slotmem/mod_slotmem_plain.c (+343/-0)
modules/slotmem/mod_slotmem_plain.dep (+51/-0)
modules/slotmem/mod_slotmem_plain.dsp (+111/-0)
modules/slotmem/mod_slotmem_plain.mak (+353/-0)
modules/slotmem/mod_slotmem_shm.c (+809/-0)
modules/slotmem/mod_slotmem_shm.dep (+57/-0)
modules/slotmem/mod_slotmem_shm.dsp (+111/-0)
modules/slotmem/mod_slotmem_shm.mak (+353/-0)
modules/ssl/Makefile.in (+20/-0)
modules/ssl/NWGNUmakefile (+327/-0)
modules/ssl/README (+106/-0)
modules/ssl/README.dsov.fig (+346/-0)
modules/ssl/README.dsov.ps (+1138/-0)
modules/ssl/config.m4 (+57/-0)
modules/ssl/mod_ssl.c (+716/-0)
modules/ssl/mod_ssl.dep (+1086/-0)
modules/ssl/mod_ssl.dsp (+195/-0)
modules/ssl/mod_ssl.h (+88/-0)
modules/ssl/mod_ssl.mak (+500/-0)
modules/ssl/mod_ssl_openssl.h (+73/-0)
modules/ssl/ssl_engine_config.c (+2032/-0)
modules/ssl/ssl_engine_init.c (+2020/-0)
modules/ssl/ssl_engine_io.c (+2215/-0)
modules/ssl/ssl_engine_kernel.c (+2457/-0)
modules/ssl/ssl_engine_log.c (+238/-0)
modules/ssl/ssl_engine_mutex.c (+111/-0)
modules/ssl/ssl_engine_ocsp.c (+304/-0)
modules/ssl/ssl_engine_pphrase.c (+621/-0)
modules/ssl/ssl_engine_rand.c (+177/-0)
modules/ssl/ssl_engine_vars.c (+1244/-0)
modules/ssl/ssl_private.h (+1068/-0)
modules/ssl/ssl_scache.c (+239/-0)
modules/ssl/ssl_util.c (+471/-0)
modules/ssl/ssl_util_ocsp.c (+419/-0)
modules/ssl/ssl_util_ssl.c (+505/-0)
modules/ssl/ssl_util_ssl.h (+78/-0)
modules/ssl/ssl_util_stapling.c (+873/-0)
modules/test/.indent.pro (+54/-0)
modules/test/Makefile.in (+3/-0)
modules/test/NWGNUmakefile (+257/-0)
modules/test/NWGNUoptfnexport (+256/-0)
modules/test/NWGNUoptfnimport (+256/-0)
modules/test/NWGNUopthookexport (+256/-0)
modules/test/NWGNUopthookimport (+256/-0)
modules/test/README (+1/-0)
modules/test/config.m4 (+13/-0)
modules/test/mod_dialup.c (+306/-0)
modules/test/mod_optional_fn_export.c (+48/-0)
modules/test/mod_optional_fn_export.h (+19/-0)
modules/test/mod_optional_fn_import.c (+55/-0)
modules/test/mod_optional_hook_export.c (+44/-0)
modules/test/mod_optional_hook_export.h (+24/-0)
modules/test/mod_optional_hook_import.c (+45/-0)
os/.indent.pro (+54/-0)
os/Makefile.in (+4/-0)
os/bs2000/ebcdic.c (+210/-0)
os/bs2000/ebcdic.h (+33/-0)
os/bs2000/os.c (+136/-0)
os/bs2000/os.h (+40/-0)
os/config.m4 (+26/-0)
os/netware/modules.c (+117/-0)
os/netware/netware_config_layout.h (+31/-0)
os/netware/os.h (+57/-0)
os/netware/pre_nw.h (+70/-0)
os/netware/util_nw.c (+112/-0)
os/os2/Makefile.in (+5/-0)
os/os2/config.m4 (+3/-0)
os/os2/core.mk (+7/-0)
os/os2/core_header.def (+19/-0)
os/os2/os.h (+40/-0)
os/os2/util_os2.c (+39/-0)
os/unix/Makefile.in (+5/-0)
os/unix/config.m4 (+7/-0)
os/unix/os.h (+52/-0)
os/unix/unixd.c (+690/-0)
os/unix/unixd.h (+142/-0)
os/win32/BaseAddr.ref (+132/-0)
os/win32/Makefile.in (+5/-0)
os/win32/ap_regkey.c (+642/-0)
os/win32/modules.c (+56/-0)
os/win32/os.h (+139/-0)
os/win32/util_win32.c (+148/-0)
os/win32/win32_config_layout.h (+31/-0)
server/.indent.pro (+54/-0)
server/Makefile.in (+103/-0)
server/NWGNUmakefile (+261/-0)
server/buildmark.c (+29/-0)
server/config.c (+2699/-0)
server/config.m4 (+19/-0)
server/connection.c (+228/-0)
server/core.c (+5401/-0)
server/core_filters.c (+889/-0)
server/eoc_bucket.c (+55/-0)
server/eor_bucket.c (+102/-0)
server/error_bucket.c (+77/-0)
server/gen_test_char.c (+173/-0)
server/gen_test_char.dep (+7/-0)
server/gen_test_char.dsp (+94/-0)
server/gen_test_char.mak (+234/-0)
server/listen.c (+938/-0)
server/log.c (+1956/-0)
server/main.c (+827/-0)
server/mpm/MPM.NAMING (+14/-0)
server/mpm/Makefile.in (+4/-0)
server/mpm/config.m4 (+128/-0)
server/mpm/config2.m4 (+89/-0)
server/mpm/event/Makefile.in (+1/-0)
server/mpm/event/config.m4 (+15/-0)
server/mpm/event/config3.m4 (+7/-0)
server/mpm/event/event.c (+3756/-0)
server/mpm/event/fdqueue.c (+533/-0)
server/mpm/event/fdqueue.h (+106/-0)
server/mpm/event/mpm_default.h (+56/-0)
server/mpm/mpmt_os2/Makefile.in (+1/-0)
server/mpm/mpmt_os2/config.m4 (+10/-0)
server/mpm/mpmt_os2/config5.m4 (+3/-0)
server/mpm/mpmt_os2/mpm_default.h (+57/-0)
server/mpm/mpmt_os2/mpmt_os2.c (+614/-0)
server/mpm/mpmt_os2/mpmt_os2_child.c (+488/-0)
server/mpm/netware/mpm_default.h (+78/-0)
server/mpm/netware/mpm_netware.c (+1363/-0)
server/mpm/prefork/Makefile.in (+1/-0)
server/mpm/prefork/config.m4 (+7/-0)
server/mpm/prefork/config3.m4 (+1/-0)
server/mpm/prefork/mpm_default.h (+51/-0)
server/mpm/prefork/prefork.c (+1516/-0)
server/mpm/winnt/Makefile.in (+1/-0)
server/mpm/winnt/child.c (+1266/-0)
server/mpm/winnt/config.m4 (+10/-0)
server/mpm/winnt/config3.m4 (+2/-0)
server/mpm/winnt/mpm_default.h (+60/-0)
server/mpm/winnt/mpm_winnt.c (+1785/-0)
server/mpm/winnt/mpm_winnt.h (+96/-0)
server/mpm/winnt/nt_eventlog.c (+171/-0)
server/mpm/winnt/service.c (+1241/-0)
server/mpm/worker/Makefile.in (+2/-0)
server/mpm/worker/config.m4 (+11/-0)
server/mpm/worker/config3.m4 (+5/-0)
server/mpm/worker/fdqueue.c (+412/-0)
server/mpm/worker/fdqueue.h (+75/-0)
server/mpm/worker/mpm_default.h (+55/-0)
server/mpm/worker/worker.c (+2382/-0)
server/mpm_common.c (+571/-0)
server/mpm_unix.c (+1078/-0)
server/protocol.c (+2391/-0)
server/provider.c (+197/-0)
server/request.c (+2511/-0)
server/scoreboard.c (+666/-0)
server/util.c (+3309/-0)
server/util_cfgtree.c (+46/-0)
server/util_charset.c (+28/-0)
server/util_cookies.c (+290/-0)
server/util_debug.c (+225/-0)
server/util_ebcdic.c (+117/-0)
server/util_expr_eval.c (+1822/-0)
server/util_expr_parse.c (+2130/-0)
server/util_expr_parse.h (+104/-0)
server/util_expr_parse.y (+217/-0)
server/util_expr_private.h (+141/-0)
server/util_expr_scan.c (+2669/-0)
server/util_expr_scan.l (+400/-0)
server/util_fcgi.c (+290/-0)
server/util_filter.c (+732/-0)
server/util_md5.c (+166/-0)
server/util_mutex.c (+561/-0)
server/util_pcre.c (+299/-0)
server/util_regex.c (+210/-0)
server/util_script.c (+900/-0)
server/util_time.c (+306/-0)
server/util_xml.c (+140/-0)
server/vhost.c (+1267/-0)
srclib/Makefile.in (+5/-0)
support/.indent.pro (+54/-0)
support/Makefile.in (+89/-0)
support/NWGNUab (+330/-0)
support/NWGNUhtcacheclean (+253/-0)
support/NWGNUhtdbm (+252/-0)
support/NWGNUhtdigest (+251/-0)
support/NWGNUhtpasswd (+252/-0)
support/NWGNUhttxt2dbm (+251/-0)
support/NWGNUlogres (+258/-0)
support/NWGNUmakefile (+51/-0)
support/NWGNUrotlogs (+250/-0)
support/README (+65/-0)
support/SHA1/README.sha1 (+34/-0)
support/SHA1/convert-sha1.pl (+36/-0)
support/SHA1/htpasswd-sha1.pl (+22/-0)
support/SHA1/ldif-sha1.example (+19/-0)
support/ab.c (+2553/-0)
support/ab.dep (+37/-0)
support/ab.dsp (+106/-0)
support/ab.mak (+317/-0)
support/abs.dep (+37/-0)
support/abs.dsp (+144/-0)
support/abs.mak (+374/-0)
support/apachectl.in (+106/-0)
support/apxs.in (+791/-0)
support/check_forensic (+51/-0)
support/checkgid.c (+110/-0)
support/config.m4 (+151/-0)
support/dbmmanage.in (+312/-0)
support/envvars-std.in (+28/-0)
support/fcgistarter.c (+220/-0)
support/fcgistarter.dep (+29/-0)
support/fcgistarter.dsp (+106/-0)
support/fcgistarter.mak (+317/-0)
support/htcacheclean.c (+1829/-0)
support/htcacheclean.dep (+37/-0)
support/htcacheclean.dsp (+106/-0)
support/htcacheclean.mak (+317/-0)
support/htdbm.c (+472/-0)
support/htdbm.dep (+58/-0)
support/htdbm.dsp (+110/-0)
support/htdbm.mak (+326/-0)
support/htdigest.c (+303/-0)
support/htdigest.dep (+27/-0)
support/htdigest.dsp (+106/-0)
support/htdigest.mak (+317/-0)
support/htpasswd.c (+509/-0)
support/htpasswd.dep (+57/-0)
support/htpasswd.dsp (+110/-0)
support/htpasswd.mak (+326/-0)
support/httxt2dbm.c (+335/-0)
support/httxt2dbm.dep (+26/-0)
support/httxt2dbm.dsp (+106/-0)
support/httxt2dbm.mak (+317/-0)
support/list_hooks.pl (+101/-0)
support/log_server_status.in (+76/-0)
support/logresolve.c (+329/-0)
support/logresolve.dep (+26/-0)
support/logresolve.dsp (+106/-0)
support/logresolve.mak (+317/-0)
support/logresolve.pl.in (+225/-0)
support/passwd_common.c (+344/-0)
support/passwd_common.h (+123/-0)
support/phf_abuse_log.cgi.in (+38/-0)
support/rotatelogs.c (+731/-0)
support/rotatelogs.dep (+28/-0)
support/rotatelogs.dsp (+106/-0)
support/rotatelogs.mak (+317/-0)
support/split-logfile.in (+69/-0)
support/suexec.c (+652/-0)
support/suexec.h (+109/-0)
support/win32/ApacheMonitor.c (+1671/-0)
support/win32/ApacheMonitor.dep (+18/-0)
support/win32/ApacheMonitor.dsp (+143/-0)
support/win32/ApacheMonitor.h (+78/-0)
support/win32/ApacheMonitor.mak (+309/-0)
support/win32/ApacheMonitor.manifest (+10/-0)
support/win32/ApacheMonitor.rc (+103/-0)
support/win32/wintty.c (+374/-0)
support/win32/wintty.dep (+5/-0)
support/win32/wintty.dsp (+106/-0)
support/win32/wintty.mak (+317/-0)
test/.indent.pro (+54/-0)
test/Makefile.in (+20/-0)
test/README (+3/-0)
test/check_chunked (+58/-0)
test/cls.c (+182/-0)
test/make_sni.sh (+396/-0)
test/tcpdumpscii.txt (+50/-0)
test/test-writev.c (+101/-0)
test/test_find.c (+78/-0)
test/test_limits.c (+200/-0)
test/test_parser.c (+75/-0)
test/test_select.c (+46/-0)
test/time-sem.c (+591/-0)
Reviewer Review Type Date Requested Status
Christian Ehrhardt  2018-10-11 Approve on 2018-10-15
Canonical Server packageset reviewers 2018-10-11 Pending
Review via email: mp+356606@code.launchpad.net

Description of the change

Please use git for the review, as the diff presented by launchpad is incorrect.

Fix a typo in a maintainer script helper that breaks apache2_switch_mpm() under some conditions. It was harder to come up with a reproducer scenario than to understand why the fix is correct. The linked bug has the SRU template filled out and a test case that shows the bug and how it can break php's postinst. Maybe this is the root cause of the many php postinst bugs we get and that just stay incomplete until they expire.

This is fixed in Debian and Cosmic already.

Bileto ticket: https://bileto.ubuntu.com/#/ticket/3469

Associated PPA: ppa:ci-train-ppa-service/3469

There is one DEP8 failure in resource-agents, and just in armhf. I don't have access to such a system to see what is going on, but it looks like ldirectord cannot be installed there. The history of that test in bionic/armhf is quite red:

http://autopkgtest.ubuntu.com/packages/resource-agents/bionic/armhf

To post a comment you must log in.
Christian Ehrhardt  (paelzer) wrote :

LGTM +1

Bonus +1 for the hope of fixing some odd bugs we never understood the apparmor report of :-)

review: Approve
Andreas Hasenack (ahasenack) wrote :

Thanks, tagged and uploaded

Christian Ehrhardt  (paelzer) wrote :

This is in bionic-updates, setting state to merged

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index f4d50aa..2413054 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+apache2 (2.4.29-1ubuntu4.5) bionic; urgency=medium
7+
8+ * d/debhelper/apache2-maintscript-helper: fix typo in apache2_switch_mpm()'s
9+ a2query call. (LP: #1782806)
10+
11+ -- Andreas Hasenack <andreas@canonical.com> Wed, 10 Oct 2018 15:59:25 -0300
12+
13 apache2 (2.4.29-1ubuntu4.4) bionic-security; urgency=medium
14
15 * SECURITY UPDATE: DoS in HTTP/2 via NULL pointer
16diff --git a/debian/debhelper/apache2-maintscript-helper b/debian/debhelper/apache2-maintscript-helper
17index b77c59a..e5b72f6 100644
18--- a/debian/debhelper/apache2-maintscript-helper
19+++ b/debian/debhelper/apache2-maintscript-helper
20@@ -287,7 +287,7 @@ apache2_switch_mpm()
21 fi
22
23 local a2query_ret=0
24- a2query -m "$mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$?
25+ a2query -m "mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$?
26
27 case $a2query_ret in
28 0)
29diff --git a/docs/manual/style/latex/atbeginend.sty b/docs/manual/style/latex/atbeginend.sty
30new file mode 100644
31index 0000000..79b555d
32--- /dev/null
33+++ b/docs/manual/style/latex/atbeginend.sty
34@@ -0,0 +1,80 @@
35+% atbeginend.sty
36+%
37+% Licensed to the Apache Software Foundation (ASF) under one or more
38+% contributor license agreements. See the NOTICE file distributed with
39+% this work for additional information regarding copyright ownership.
40+% The ASF licenses this file to You under the Apache License, Version 2.0
41+% (the "License"); you may not use this file except in compliance with
42+% the License. You may obtain a copy of the License at
43+%
44+% http://www.apache.org/licenses/LICENSE-2.0
45+%
46+% Unless required by applicable law or agreed to in writing, software
47+% distributed under the License is distributed on an "AS IS" BASIS,
48+% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
49+% See the License for the specific language governing permissions and
50+% limitations under the License.
51+
52+% defines
53+% \BeforeBegin{environment}{code-to-execute}
54+% \BeforeEnd {environment}{code-to-execute}
55+% \AfterBegin {environment}{code-to-execute}
56+% \AfterEnd {environment}{code-to-execute}
57+%
58+% Save \begin and \end to \BeginEnvironment and \EndEnvironment
59+\let\BeginEnvironment=\begin
60+\let\EndEnvironment=\end
61+
62+\def\IfUnDef#1{\expandafter\ifx\csname#1\endcsname\relax}
63+
64+% Null command needed to for \nothing{something}=.nothing.
65+\def\NullCom#1{}
66+
67+\def\begin#1{%
68+%
69+% if defined \BeforeBeg for this environment, execute it
70+\IfUnDef{BeforeBeg#1}\else\csname BeforeBeg#1\endcsname\fi%
71+%
72+%
73+%
74+\IfUnDef{AfterBeg#1}% This is done to skip the command for environments
75+ % which can take arguments, like multicols; YOU MUST NOT
76+ % USE \AfterBegin{...}{...} for such environments!
77+ \let\SaveBegEng=\BeginEnvironment%
78+\else%
79+ % Start this environment
80+ \BeginEnvironment{#1}%
81+ % and execute code after \begin{environment}
82+ \csname AfterBeg#1\endcsname%
83+ %
84+ \let\SaveBegEng=\NullCom%
85+\fi%
86+\SaveBegEng{#1}%
87+}
88+
89+
90+\def\end#1{%
91+%
92+% execute code before \end{environment}
93+\IfUnDef{BeforeEnd#1}\else\csname BeforeEnd#1\endcsname\fi%
94+%
95+% close this environment
96+\EndEnvironment{#1}%
97+%
98+% and execute code after \begin{environment}
99+\IfUnDef{AfterEnd#1}\else\csname AfterEnd#1\endcsname\fi%
100+}
101+
102+
103+%% Now, define commands
104+% \BeforeBegin{environment}{code-to-execute}
105+% \BeforeEnd {environment}{code-to-execute}
106+% \AfterBegin {environment}{code-to-execute}
107+% \AfterEnd {environment}{code-to-execute}
108+
109+\def\BeforeBegin#1#2{\expandafter\gdef\csname BeforeBeg#1\endcsname
110+{#2}}
111+\def\BeforeEnd #1#2{\expandafter\gdef\csname BeforeEnd#1\endcsname
112+{#2}}
113+\def\AfterBegin #1#2{\expandafter\gdef\csname AfterBeg#1\endcsname {#2}}
114+\def\AfterEnd #1#2{\expandafter\gdef\csname AfterEnd#1\endcsname{#2}}
115diff --git a/docs/manual/style/manualpage.dtd b/docs/manual/style/manualpage.dtd
116new file mode 100644
117index 0000000..e9c22a0
118--- /dev/null
119+++ b/docs/manual/style/manualpage.dtd
120@@ -0,0 +1,29 @@
121+<?xml version='1.0' encoding='UTF-8' ?>
122+
123+<!--
124+ Licensed to the Apache Software Foundation (ASF) under one or more
125+ contributor license agreements. See the NOTICE file distributed with
126+ this work for additional information regarding copyright ownership.
127+ The ASF licenses this file to You under the Apache License, Version 2.0
128+ (the "License"); you may not use this file except in compliance with
129+ the License. You may obtain a copy of the License at
130+
131+ http://www.apache.org/licenses/LICENSE-2.0
132+
133+ Unless required by applicable law or agreed to in writing, software
134+ distributed under the License is distributed on an "AS IS" BASIS,
135+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
136+ See the License for the specific language governing permissions and
137+ limitations under the License.
138+-->
139+
140+<!ENTITY % common SYSTEM "common.dtd">
141+%common;
142+
143+<!-- <manualpage> is the root element -->
144+<!ELEMENT manualpage (parentdocument?, title, summary?,
145+seealso*, section*)>
146+
147+<!ATTLIST manualpage metafile CDATA #REQUIRED
148+ upgrade CDATA #IMPLIED
149+>
150diff --git a/docs/manual/style/modulesynopsis.dtd b/docs/manual/style/modulesynopsis.dtd
151new file mode 100644
152index 0000000..1ca9b06
153--- /dev/null
154+++ b/docs/manual/style/modulesynopsis.dtd
155@@ -0,0 +1,85 @@
156+<?xml version='1.0' encoding='UTF-8' ?>
157+
158+<!--
159+ Licensed to the Apache Software Foundation (ASF) under one or more
160+ contributor license agreements. See the NOTICE file distributed with
161+ this work for additional information regarding copyright ownership.
162+ The ASF licenses this file to You under the Apache License, Version 2.0
163+ (the "License"); you may not use this file except in compliance with
164+ the License. You may obtain a copy of the License at
165+
166+ http://www.apache.org/licenses/LICENSE-2.0
167+
168+ Unless required by applicable law or agreed to in writing, software
169+ distributed under the License is distributed on an "AS IS" BASIS,
170+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
171+ See the License for the specific language governing permissions and
172+ limitations under the License.
173+-->
174+
175+<!ENTITY % sitemap SYSTEM "sitemap.dtd">
176+%sitemap;
177+
178+<!ELEMENT modulesynopsis (name , description, status, hint?, sourcefile?,
179+identifier? , compatibility? , summary? , seealso* , section*,
180+directivesynopsis*)>
181+
182+<!ATTLIST modulesynopsis metafile CDATA #REQUIRED
183+ upgrade CDATA #IMPLIED>
184+
185+<!ELEMENT directivesynopsis (name , description? , syntax? , default?
186+, contextlist? , override? , modulelist?, status?, compatibility? ,
187+usage?, seealso*)>
188+
189+<!ELEMENT name (#PCDATA)>
190+
191+<!ELEMENT status (#PCDATA)>
192+
193+<!ELEMENT hint %Inline;>
194+
195+<!ELEMENT identifier (#PCDATA)>
196+
197+<!ELEMENT sourcefile (#PCDATA)>
198+
199+<!ELEMENT compatibility %Inline;>
200+
201+<!ELEMENT description %Inline;>
202+
203+<!ATTLIST directivesynopsis type CDATA #IMPLIED
204+ location CDATA #IMPLIED >
205+
206+<!ELEMENT syntax %Inline;>
207+
208+<!ELEMENT default (#PCDATA | directive | br)*>
209+
210+<!ELEMENT contextlist (context+)+>
211+
212+<!ELEMENT context (#PCDATA)>
213+
214+<!ELEMENT override (#PCDATA)>
215+
216+<!ELEMENT usage %Block;>
217+
218+<!-- Used in index.xml -->
219+<!ELEMENT moduleindex (title, summary, seealso*)>
220+
221+<!ATTLIST moduleindex metafile CDATA #REQUIRED>
222+
223+<!-- Used in directive.xml -->
224+<!ELEMENT directiveindex (title | summary)+>
225+
226+<!ATTLIST directiveindex metafile CDATA #REQUIRED>
227+
228+<!-- Used in quickreference.xml -->
229+<!ELEMENT quickreference (title | summary | legend)+>
230+<!ATTLIST quickreference metafile CDATA #REQUIRED>
231+
232+<!ELEMENT legend (table, table)>
233+
234+<!-- Used in overrides.xml -->
235+<!ELEMENT overrideindex (title | summary | overridesummary)+>
236+<!ATTLIST overrideindex metafile CDATA #REQUIRED>
237+
238+<!ELEMENT overridesummary %Block;>
239+<!ATTLIST overridesummary class CDATA #IMPLIED
240+ fallback CDATA #IMPLIED>
241diff --git a/docs/manual/style/scripts/MINIFY b/docs/manual/style/scripts/MINIFY
242new file mode 100644
243index 0000000..2c1efc3
244--- /dev/null
245+++ b/docs/manual/style/scripts/MINIFY
246@@ -0,0 +1,5 @@
247+#!/bin/sh
248+
249+(echo '// see prettify.js for copyright, license and expanded version'; python -mrjsmin <prettify.js) >prettify.min.js
250+
251+# needs python and rjsmin installed
252diff --git a/docs/manual/style/scripts/prettify.js b/docs/manual/style/scripts/prettify.js
253new file mode 100644
254index 0000000..bb74158
255--- /dev/null
256+++ b/docs/manual/style/scripts/prettify.js
257@@ -0,0 +1,1622 @@
258+// Copyright (C) 2006 Google Inc.
259+//
260+// Licensed under the Apache License, Version 2.0 (the "License");
261+// you may not use this file except in compliance with the License.
262+// You may obtain a copy of the License at
263+//
264+// http://www.apache.org/licenses/LICENSE-2.0
265+//
266+// Unless required by applicable law or agreed to in writing, software
267+// distributed under the License is distributed on an "AS IS" BASIS,
268+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
269+// See the License for the specific language governing permissions and
270+// limitations under the License.
271+
272+
273+/**
274+ * @fileoverview
275+ * some functions for browser-side pretty printing of code contained in html.
276+ *
277+ * <p>
278+ * For a fairly comprehensive set of languages see the
279+ * <a href="http://google-code-prettify.googlecode.com/svn/trunk/README.html#langs">README</a>
280+ * file that came with this source. At a minimum, the lexer should work on a
281+ * number of languages including C and friends, Java, Python, Bash, SQL, HTML,
282+ * XML, CSS, Javascript, and Makefiles. It works passably on Ruby, PHP and Awk
283+ * and a subset of Perl, but, because of commenting conventions, doesn't work on
284+ * Smalltalk, Lisp-like, or CAML-like languages without an explicit lang class.
285+ * <p>
286+ * Usage: <ol>
287+ * <li> include this source file in an html page via
288+ * {@code <script type="text/javascript" src="/path/to/prettify.js"></script>}
289+ * <li> define style rules. See the example page for examples.
290+ * <li> mark the {@code <pre>} and {@code <code>} tags in your source with
291+ * {@code class=prettyprint.}
292+ * You can also use the (html deprecated) {@code <xmp>} tag, but the pretty
293+ * printer needs to do more substantial DOM manipulations to support that, so
294+ * some css styles may not be preserved.
295+ * </ol>
296+ * That's it. I wanted to keep the API as simple as possible, so there's no
297+ * need to specify which language the code is in, but if you wish, you can add
298+ * another class to the {@code <pre>} or {@code <code>} element to specify the
299+ * language, as in {@code <pre class="prettyprint lang-java">}. Any class that
300+ * starts with "lang-" followed by a file extension, specifies the file type.
301+ * See the "lang-*.js" files in this directory for code that implements
302+ * per-language file handlers.
303+ * <p>
304+ * Change log:<br>
305+ * cbeust, 2006/08/22
306+ * <blockquote>
307+ * Java annotations (start with "@") are now captured as literals ("lit")
308+ * </blockquote>
309+ * @requires console
310+ */
311+
312+// JSLint declarations
313+/*global console, document, navigator, setTimeout, window, define */
314+
315+/**
316+ * Split {@code prettyPrint} into multiple timeouts so as not to interfere with
317+ * UI events.
318+ * If set to {@code false}, {@code prettyPrint()} is synchronous.
319+ */
320+window['PR_SHOULD_USE_CONTINUATION'] = true;
321+
322+/**
323+ * Find all the {@code <pre>} and {@code <code>} tags in the DOM with
324+ * {@code class=prettyprint} and prettify them.
325+ *
326+ * @param {Function?} opt_whenDone if specified, called when the last entry
327+ * has been finished.
328+ */
329+var prettyPrintOne;
330+/**
331+ * Pretty print a chunk of code.
332+ *
333+ * @param {string} sourceCodeHtml code as html
334+ * @return {string} code as html, but prettier
335+ */
336+var prettyPrint;
337+
338+
339+(function () {
340+ var win = window;
341+ // Keyword lists for various languages.
342+ // We use things that coerce to strings to make them compact when minified
343+ // and to defeat aggressive optimizers that fold large string constants.
344+ var FLOW_CONTROL_KEYWORDS = ["break,continue,do,else,for,if,return,while"];
345+ var C_KEYWORDS = [FLOW_CONTROL_KEYWORDS,"auto,case,char,const,default," +
346+ "double,enum,extern,float,goto,int,long,register,short,signed,sizeof,module," +
347+ "static,struct,switch,typedef,union,unsigned,void,volatile"];
348+ var COMMON_KEYWORDS = [C_KEYWORDS,"catch,class,delete,false,import," +
349+ "new,operator,private,protected,public,this,throw,true,try,typeof"];
350+ var CPP_KEYWORDS = [COMMON_KEYWORDS,"alignof,align_union,asm,axiom,bool," +
351+ "concept,concept_map,const_cast,constexpr,decltype," +
352+ "dynamic_cast,explicit,export,friend,inline,late_check," +
353+ "mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast," +
354+ "template,typeid,typename,using,virtual,where,request_req"];
355+ var JAVA_KEYWORDS = [COMMON_KEYWORDS,
356+ "abstract,boolean,byte,extends,final,finally,implements,import," +
357+ "instanceof,null,native,package,strictfp,super,synchronized,throws," +
358+ "transient"];
359+ var CSHARP_KEYWORDS = [JAVA_KEYWORDS,
360+ "as,base,by,checked,decimal,delegate,descending,dynamic,event," +
361+ "fixed,foreach,from,group,implicit,in,interface,internal,into,is,let," +
362+ "lock,object,out,override,orderby,params,partial,readonly,ref,sbyte," +
363+ "sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort," +
364+ "var,virtual,where"];
365+ var COFFEE_KEYWORDS = "all,and,by,catch,class,else,extends,false,finally," +
366+ "for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then," +
367+ "throw,true,try,unless,until,when,while,yes";
368+ var JSCRIPT_KEYWORDS = [COMMON_KEYWORDS,
369+ "debugger,eval,export,function,get,null,set,undefined,var,with," +
370+ "Infinity,NaN"];
371+ var PERL_KEYWORDS = "caller,delete,die,do,dump,else,elsif,eval,exit,foreach,for," +
372+ "goto,if,import,last,local,my,next,no,our,print,printf,package,redo,require," +
373+ "sub,undef,unless,until,use,wantarray,while,BEGIN,END";
374+ var PHP_KEYWORDS = "abstract,and,array,as,break,case,catch,cfunction,class," +
375+ "clone,const,continue,declare,default,do,else,elseif,enddeclare,endfor," +
376+ "endforeach,endif,endswitch,endwhile,extends,final,for,foreach,function," +
377+ "global,goto,if,implements,interface,instanceof,namespace,new,old_function," +
378+ "or,private,protected,public,static,switch,throw,try,use,var,while,xor," +
379+ "die,echo,empty,exit,eval,include,include_once,isset,list,require," +
380+ "require_once,return,print,unset";
381+ var PYTHON_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "and,as,assert,class,def,del," +
382+ "elif,except,exec,finally,from,global,import,in,is,lambda," +
383+ "nonlocal,not,or,pass,print,raise,try,with,yield," +
384+ "False,True,None"];
385+ var RUBY_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "alias,and,begin,case,class," +
386+ "def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo," +
387+ "rescue,retry,self,super,then,true,undef,unless,until,when,yield," +
388+ "BEGIN,END"];
389+ var SH_KEYWORDS = [FLOW_CONTROL_KEYWORDS, "case,done,elif,esac,eval,fi," +
390+ "function,in,local,set,then,until,echo"];
391+ var CONFIG_ENVS = ["User-Agent,HTTP_USER_AGENT,HTTP_REFERER,HTTP_COOKIE,HTTP_FORWARDED,HTTP_HOST,HTTP_PROXY_CONNECTION,HTTP_ACCEPT,REMOTE_ADDR,REMOTE_HOST,REMOTE_PORT,REMOTE_USER,REMOTE_IDENT,REQUEST_METHOD,SCRIPT_FILENAME,PATH_INFO,QUERY_STRING,AUTH_TYPE,DOCUMENT_ROOT,SERVER_ADMIN,SERVER_NAME,SERVER_ADDR,SERVER_PORT,SERVER_PROTOCOL,SERVER_SOFTWARE,TIME_YEAR,TIME_MON,TIME_DAY,TIME_HOUR,TIME_MIN,TIME_SEC,TIME_WDAY,TIME,API_VERSION,THE_REQUEST,REQUEST_URI,REQUEST_FILENAME,IS_SUBREQ,HTTPS,REQUEST_SCHEME"];
392+ var CONFIG_KEYWORDS = ["AcceptFilter,AcceptPathInfo,AccessFileName,Action,AddAlt,AddAltByEncoding,AddAltByType,AddCharset,AddDefaultCharset,AddDescription,AddEncoding,AddHandler,AddIcon,AddIconByEncoding,AddIconByType,AddInputFilter,AddLanguage,AddModuleInfo,AddOutputFilter,AddOutputFilterByType,AddType,Alias,AliasMatch,Allow,AllowCONNECT,AllowEncodedSlashes,AllowMethods,AllowOverride,AllowOverrideList,Anonymous,Anonymous_LogEmail,Anonymous_MustGiveEmail,Anonymous_NoUserID,Anonymous_VerifyEmail,AsyncRequestWorkerFactor,AuthBasicAuthoritative,AuthBasicFake,AuthBasicProvider,AuthBasicUseDigestAlgorithm,AuthDBDUserPWQuery,AuthDBDUserRealmQuery,AuthDBMGroupFile,AuthDBMType,AuthDBMUserFile,AuthDigestAlgorithm,AuthDigestDomain,AuthDigestNonceLifetime,AuthDigestProvider,AuthDigestQop,AuthDigestShmemSize,AuthFormAuthoritative,AuthFormBody,AuthFormDisableNoStore,AuthFormFakeBasicAuth,AuthFormLocation,AuthFormLoginRequiredLocation,AuthFormLoginSuccessLocation,AuthFormLogoutLocation,AuthFormMethod,AuthFormMimetype,AuthFormPassword,AuthFormProvider,AuthFormSitePassphrase,AuthFormSize,AuthFormUsername,AuthGroupFile,AuthLDAPAuthorizePrefix,AuthLDAPBindAuthoritative,AuthLDAPBindDN,AuthLDAPBindPassword,AuthLDAPCharsetConfig,AuthLDAPCompareAsUser,AuthLDAPCompareDNOnServer,AuthLDAPDereferenceAliases,AuthLDAPGroupAttribute,AuthLDAPGroupAttributeIsDN,AuthLDAPInitialBindAsUser,AuthLDAPInitialBindPattern,AuthLDAPMaxSubGroupDepth,AuthLDAPRemoteUserAttribute,AuthLDAPRemoteUserIsDN,AuthLDAPSearchAsUser,AuthLDAPSubGroupAttribute,AuthLDAPSubGroupClass,AuthLDAPUrl,AuthMerging,AuthName,AuthnCacheContext,AuthnCacheEnable,AuthnCacheProvideFor,AuthnCacheSOCache,AuthnCacheTimeout,<AuthnProviderAlias>,AuthnzFcgiCheckAuthnProvider,AuthnzFcgiDefineProvider,AuthType,AuthUserFile,AuthzDBDLoginToReferer,AuthzDBDQuery,AuthzDBDRedirectQuery,AuthzDBMType,<AuthzProviderAlias>,AuthzSendForbiddenOnFailure,BalancerGrowth,BalancerInherit,BalancerMember,BalancerPersist,BrotliAlterETag,BrotliCompressionMaxInputBlock,BrotliCompressionQuality,BrotliCompressionWindow,BrotliFilterNote,BrowserMatch,BrowserMatchNoCase,BufferedLogs,BufferSize,CacheDefaultExpire,CacheDetailHeader,CacheDirLength,CacheDirLevels,CacheDisable,CacheEnable,CacheFile,CacheHeader,CacheIgnoreCacheControl,CacheIgnoreHeaders,CacheIgnoreNoLastMod,CacheIgnoreQueryString,CacheIgnoreURLSessionIdentifiers,CacheKeyBaseURL,CacheLastModifiedFactor,CacheLock,CacheLockMaxAge,CacheLockPath,CacheMaxExpire,CacheMaxFileSize,CacheMinExpire,CacheMinFileSize,CacheNegotiatedDocs,CacheQuickHandler,CacheReadSize,CacheReadTime,CacheRoot,CacheSocache,CacheSocacheMaxSize,CacheSocacheMaxTime,CacheSocacheMinTime,CacheSocacheReadSize,CacheSocacheReadTime,CacheStaleOnError,CacheStoreExpired,CacheStoreNoStore,CacheStorePrivate,CGIDScriptTimeout,CGIMapExtension,CGIPassAuth,CGIVar,CharsetDefault,CharsetOptions,CharsetSourceEnc,CheckCaseOnly,CheckSpelling,ChrootDir,ContentDigest,CookieDomain,CookieExpires,CookieName,CookieStyle,CookieTracking,CoreDumpDirectory,CustomLog,Dav,DavDepthInfinity,DavGenericLockDB,DavLockDB,DavMinTimeout,DBDExptime,DBDInitSQL,DBDKeep,DBDMax,DBDMin,DBDParams,DBDPersist,DBDPrepareSQL,DBDriver,DefaultIcon,DefaultLanguage,DefaultRuntimeDir,DefaultType,Define,DeflateBufferSize,DeflateCompressionLevel,DeflateFilterNote,DeflateInflateLimitRequestBody,DeflateInflateRatioBurst,DeflateInflateRatioLimit,DeflateMemLevel,DeflateWindowSize,Deny,<Directory>,DirectoryCheckHandler,DirectoryIndex,DirectoryIndexRedirect,<DirectoryMatch>,DirectorySlash,DocumentRoot,DTracePrivileges,DumpIOInput,DumpIOOutput,<Else>,<ElseIf>,EnableExceptionHook,EnableMMAP,EnableSendfile,Error,ErrorDocument,ErrorLog,ErrorLogFormat,Example,ExpiresActive,ExpiresByType,ExpiresDefault,ExtendedStatus,ExtFilterDefine,ExtFilterOptions,FallbackResource,FileETag,<Files>,<FilesMatch>,FilterChain,FilterDeclare,FilterProtocol,FilterProvider,FilterTrace,ForceLanguagePriority,ForceType,ForensicLog,GlobalLog,GprofDir,GracefulShutdownTimeout,Group,H2CopyFiles,H2Direct,H2EarlyHints,H2MaxSessionStreams,H2MaxWorkerIdleSeconds,H2MaxWorkers,H2MinWorkers,H2ModernTLSOnly,H2Push,H2PushDiarySize,H2PushPriority,H2PushResource,H2SerializeHeaders,H2StreamMaxMemSize,H2TLSCoolDownSecs,H2TLSWarmUpSize,H2Upgrade,H2WindowSize,Header,HeaderName,HeartbeatAddress,HeartbeatListen,HeartbeatMaxServers,HeartbeatStorage,HeartbeatStorage,HostnameLookups,HttpProtocolOptions,IdentityCheck,IdentityCheckTimeout,<If>,<IfDefine>,<IfModule>,<IfVersion>,ImapBase,ImapDefault,ImapMenu,Include,IncludeOptional,IndexHeadInsert,IndexIgnore,IndexIgnoreReset,IndexOptions,IndexOrderDefault,IndexStyleSheet,InputSed,ISAPIAppendLogToErrors,ISAPIAppendLogToQuery,ISAPICacheFile,ISAPIFakeAsync,ISAPILogNotSupported,ISAPIReadAheadBuffer,KeepAlive,KeepAliveTimeout,KeptBodySize,LanguagePriority,LDAPCacheEntries,LDAPCacheTTL,LDAPConnectionPoolTTL,LDAPConnectionTimeout,LDAPLibraryDebug,LDAPOpCacheEntries,LDAPOpCacheTTL,LDAPReferralHopLimit,LDAPReferrals,LDAPRetries,LDAPRetryDelay,LDAPSharedCacheFile,LDAPSharedCacheSize,LDAPTimeout,LDAPTrustedClientCert,LDAPTrustedGlobalCert,LDAPTrustedMode,LDAPVerifyServerCert,<Limit>,<LimitExcept>,LimitInternalRecursion,LimitRequestBody,LimitRequestFields,LimitRequestFieldSize,LimitRequestLine,LimitXMLRequestBody,Listen,ListenBackLog,ListenCoresBucketsRatio,LoadFile,LoadModule,<Location>,<LocationMatch>,LogFormat,LogIOTrackTTFB,LogLevel,LogMessage,LuaAuthzProvider,LuaCodeCache,LuaHookAccessChecker,LuaHookAuthChecker,LuaHookCheckUserID,LuaHookFixups,LuaHookInsertFilter,LuaHookLog,LuaHookMapToStorage,LuaHookTranslateName,LuaHookTypeChecker,LuaInherit,LuaInputFilter,LuaMapHandler,LuaOutputFilter,LuaPackageCPath,LuaPackagePath,LuaQuickHandler,LuaRoot,LuaScope,<Macro>,MaxConnectionsPerChild,MaxKeepAliveRequests,MaxMemFree,MaxRangeOverlaps,MaxRangeReversals,MaxRanges,MaxRequestWorkers,MaxSpareServers,MaxSpareThreads,MaxThreads,MemcacheConnTTL,MergeTrailers,MetaDir,MetaFiles,MetaSuffix,MimeMagicFile,MinSpareServers,MinSpareThreads,MMapFile,ModemStandard,ModMimeUsePathInfo,MultiviewsMatch,Mutex,NameVirtualHost,NoProxy,NWSSLTrustedCerts,NWSSLUpgradeable,Options,Order,OutputSed,PassEnv,PidFile,PrivilegesMode,Protocol,ProtocolEcho,Protocols,ProtocolsHonorOrder,<Proxy>,ProxyAddHeaders,ProxyBadHeader,ProxyBlock,ProxyDomain,ProxyErrorOverride,ProxyExpressDBMFile,ProxyExpressDBMType,ProxyExpressEnable,ProxyFCGIBackendType,ProxyFCGISetEnvIf,ProxyFtpDirCharset,ProxyFtpEscapeWildcards,ProxyFtpListOnWildcard,ProxyHCExpr,ProxyHCTemplate,ProxyHCTPsize,ProxyHTMLBufSize,ProxyHTMLCharsetOut,ProxyHTMLDocType,ProxyHTMLEnable,ProxyHTMLEvents,ProxyHTMLExtended,ProxyHTMLFixups,ProxyHTMLInterp,ProxyHTMLLinks,ProxyHTMLMeta,ProxyHTMLStripComments,ProxyHTMLURLMap,ProxyIOBufferSize,<ProxyMatch>,ProxyMaxForwards,ProxyPass,ProxyPassInherit,ProxyPassInterpolateEnv,ProxyPassMatch,ProxyPassReverse,ProxyPassReverseCookieDomain,ProxyPassReverseCookiePath,ProxyPreserveHost,ProxyReceiveBufferSize,ProxyRemote,ProxyRemoteMatch,ProxyRequests,ProxySCGIInternalRedirect,ProxySCGISendfile,ProxySet,ProxySourceAddress,ProxyStatus,ProxyTimeout,ProxyVia,QualifyRedirectURL,ReadmeName,ReceiveBufferSize,Redirect,RedirectMatch,RedirectPermanent,RedirectTemp,ReflectorHeader,RegisterHttpMethod,RemoteIPHeader,RemoteIPInternalProxy,RemoteIPInternalProxyList,RemoteIPProxiesHeader,RemoteIPTrustedProxy,RemoteIPTrustedProxyList,RemoveCharset,RemoveEncoding,RemoveHandler,RemoveInputFilter,RemoveLanguage,RemoveOutputFilter,RemoveType,RequestHeader,RequestReadTimeout,Require,<RequireAll>,<RequireAny>,<RequireNone>,RewriteBase,RewriteCond,RewriteEngine,RewriteMap,RewriteOptions,RewriteRule,RLimitCPU,RLimitMEM,RLimitNPROC,Satisfy,ScoreBoardFile,Script,ScriptAlias,ScriptAliasMatch,ScriptInterpreterSource,ScriptLog,ScriptLogBuffer,ScriptLogLength,ScriptSock,SecureListen,SeeRequestTail,SendBufferSize,ServerAdmin,ServerAlias,ServerLimit,ServerName,ServerPath,ServerRoot,ServerSignature,ServerTokens,Session,SessionCookieName,SessionCookieName2,SessionCookieRemove,SessionCryptoCipher,SessionCryptoDriver,SessionCryptoPassphrase,SessionCryptoPassphraseFile,SessionDBDCookieName,SessionDBDCookieName2,SessionDBDCookieRemove,SessionDBDDeleteLabel,SessionDBDInsertLabel,SessionDBDPerUser,SessionDBDSelectLabel,SessionDBDUpdateLabel,SessionEnv,SessionExclude,SessionHeader,SessionInclude,SessionMaxAge,SetEnv,SetEnvIf,SetEnvIfExpr,SetEnvIfNoCase,SetHandler,SetInputFilter,SetOutputFilter,SSIEndTag,SSIErrorMsg,SSIETag,SSILastModified,SSILegacyExprParser,SSIStartTag,SSITimeFormat,SSIUndefinedEcho,SSLCACertificateFile,SSLCACertificatePath,SSLCADNRequestFile,SSLCADNRequestPath,SSLCARevocationCheck,SSLCARevocationFile,SSLCARevocationPath,SSLCertificateChainFile,SSLCertificateFile,SSLCertificateKeyFile,SSLCipherSuite,SSLCompression,SSLCryptoDevice,SSLEngine,SSLFIPS,SSLHonorCipherOrder,SSLInsecureRenegotiation,SSLOCSPDefaultResponder,SSLOCSPEnable,SSLOCSPNoverify,SSLOCSPOverrideResponder,SSLOCSPProxyURL,SSLOCSPResponderCertificateFile,SSLOCSPResponderTimeout,SSLOCSPResponseMaxAge,SSLOCSPResponseTimeSkew,SSLOCSPUseRequestNonce,SSLOpenSSLConfCmd,SSLOptions,SSLPassPhraseDialog,SSLProtocol,SSLProxyCACertificateFile,SSLProxyCACertificatePath,SSLProxyCARevocationCheck,SSLProxyCARevocationFile,SSLProxyCARevocationPath,SSLProxyCheckPeerCN,SSLProxyCheckPeerExpire,SSLProxyCheckPeerName,SSLProxyCipherSuite,SSLProxyEngine,SSLProxyMachineCertificateChainFile,SSLProxyMachineCertificateFile,SSLProxyMachineCertificatePath,SSLProxyProtocol,SSLProxyVerify,SSLProxyVerifyDepth,SSLRandomSeed,SSLRenegBufferSize,SSLRequire,SSLRequireSSL,SSLSessionCache,SSLSessionCacheTimeout,SSLSessionTicketKeyFile,SSLSessionTickets,SSLSRPUnknownUserSeed,SSLSRPVerifierFile,SSLStaplingCache,SSLStaplingErrorCacheTimeout,SSLStaplingFakeTryLater,SSLStaplingForceURL,SSLStaplingResponderTimeout,SSLStaplingResponseMaxAge,SSLStaplingResponseTimeSkew,SSLStaplingReturnResponderErrors,SSLStaplingStandardCacheTimeout,SSLStrictSNIVHostCheck,SSLUserName,SSLUseStapling,SSLVerifyClient,SSLVerifyDepth,StartServers,StartThreads,Substitute,SubstituteInheritBefore,SubstituteMaxLineLength,Suexec,SuexecUserGroup,ThreadLimit,ThreadsPerChild,ThreadStackSize,TimeOut,TraceEnable,TransferLog,TypesConfig,UnDefine,UndefMacro,UnsetEnv,Use,UseCanonicalName,UseCanonicalPhysicalPort,User,UserDir,VHostCGIMode,VHostCGIPrivs,VHostGroup,VHostPrivs,VHostSecure,VHostUser,VirtualDocumentRoot,VirtualDocumentRootIP,<VirtualHost>,VirtualScriptAlias,VirtualScriptAliasIP,WatchdogInterval,XBitHack,xml2EncAlias,xml2EncDefault,xml2StartParse"];
393+ var CONFIG_OPTIONS = /^[\\+\\-]?(AuthConfig|IncludesNOEXEC|ExecCGI|FollowSymLinks|MultiViews|Includes|Indexes|SymLinksIfOwnerMatch)\b/i;
394+ var ALL_KEYWORDS = [
395+ CPP_KEYWORDS, CSHARP_KEYWORDS, JSCRIPT_KEYWORDS, PERL_KEYWORDS +
396+ PYTHON_KEYWORDS, RUBY_KEYWORDS, SH_KEYWORDS, CONFIG_KEYWORDS, PHP_KEYWORDS];
397+ var C_TYPES = /^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float|char|void|const|static|struct)\d*(_t)?\b)|[a-z_]+_rec|cmd_parms\b/;
398+
399+ // token style names. correspond to css classes
400+ /**
401+ * token style for a string literal
402+ * @const
403+ */
404+ var PR_STRING = 'str';
405+ /**
406+ * token style for a keyword
407+ * @const
408+ */
409+ var PR_KEYWORD = 'kwd';
410+ /**
411+ * token style for a comment
412+ * @const
413+ */
414+ var PR_COMMENT = 'com';
415+ /**
416+ * token style for a type
417+ * @const
418+ */
419+ var PR_TYPE = 'typ';
420+ /**
421+ * token style for a literal value. e.g. 1, null, true.
422+ * @const
423+ */
424+ var PR_LITERAL = 'lit';
425+ /**
426+ * token style for a punctuation string.
427+ * @const
428+ */
429+ var PR_PUNCTUATION = 'pun';
430+ /**
431+ * token style for plain text.
432+ * @const
433+ */
434+ var PR_PLAIN = 'pln';
435+
436+ /**
437+ * token style for an sgml tag.
438+ * @const
439+ */
440+ var PR_TAG = 'tag';
441+ /**
442+ * token style for a markup declaration such as a DOCTYPE.
443+ * @const
444+ */
445+ var PR_DECLARATION = 'dec';
446+ /**
447+ * token style for embedded source.
448+ * @const
449+ */
450+ var PR_SOURCE = 'src';
451+ /**
452+ * token style for an sgml attribute name.
453+ * @const
454+ */
455+ var PR_ATTRIB_NAME = 'atn';
456+ /**
457+ * token style for an sgml attribute value.
458+ * @const
459+ */
460+ var PR_ATTRIB_VALUE = 'atv';
461+
462+ /**
463+ * A class that indicates a section of markup that is not code, e.g. to allow
464+ * embedding of line numbers within code listings.
465+ * @const
466+ */
467+ var PR_NOCODE = 'nocode';
468+
469+
470+
471+/**
472+ * A set of tokens that can precede a regular expression literal in
473+ * javascript
474+ * http://web.archive.org/web/20070717142515/http://www.mozilla.org/js/language/js20/rationale/syntax.html
475+ * has the full list, but I've removed ones that might be problematic when
476+ * seen in languages that don't support regular expression literals.
477+ *
478+ * <p>Specifically, I've removed any keywords that can't precede a regexp
479+ * literal in a syntactically legal javascript program, and I've removed the
480+ * "in" keyword since it's not a keyword in many languages, and might be used
481+ * as a count of inches.
482+ *
483+ * <p>The link above does not accurately describe EcmaScript rules since
484+ * it fails to distinguish between (a=++/b/i) and (a++/b/i) but it works
485+ * very well in practice.
486+ *
487+ * @private
488+ * @const
489+ */
490+var REGEXP_PRECEDER_PATTERN = '(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*';
491+
492+// CAVEAT: this does not properly handle the case where a regular
493+// expression immediately follows another since a regular expression may
494+// have flags for case-sensitivity and the like. Having regexp tokens
495+// adjacent is not valid in any language I'm aware of, so I'm punting.
496+// TODO: maybe style special characters inside a regexp as punctuation.
497+
498+
499+ /**
500+ * Given a group of {@link RegExp}s, returns a {@code RegExp} that globally
501+ * matches the union of the sets of strings matched by the input RegExp.
502+ * Since it matches globally, if the input strings have a start-of-input
503+ * anchor (/^.../), it is ignored for the purposes of unioning.
504+ * @param {Array.<RegExp>} regexs non multiline, non-global regexs.
505+ * @return {RegExp} a global regex.
506+ */
507+ function combinePrefixPatterns(regexs) {
508+ var capturedGroupIndex = 0;
509+
510+ var needToFoldCase = false;
511+ var ignoreCase = false;
512+ for (var i = 0, n = regexs.length; i < n; ++i) {
513+ var regex = regexs[i];
514+ if (regex.ignoreCase) {
515+ ignoreCase = true;
516+ } else if (/[a-z]/i.test(regex.source.replace(
517+ /\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi, ''))) {
518+ needToFoldCase = true;
519+ ignoreCase = false;
520+ break;
521+ }
522+ }
523+
524+ var escapeCharToCodeUnit = {
525+ 'b': 8,
526+ 't': 9,
527+ 'n': 0xa,
528+ 'v': 0xb,
529+ 'f': 0xc,
530+ 'r': 0xd
531+ };
532+
533+ function decodeEscape(charsetPart) {
534+ var cc0 = charsetPart.charCodeAt(0);
535+ if (cc0 !== 92 /* \\ */) {
536+ return cc0;
537+ }
538+ var c1 = charsetPart.charAt(1);
539+ cc0 = escapeCharToCodeUnit[c1];
540+ if (cc0) {
541+ return cc0;
542+ } else if ('0' <= c1 && c1 <= '7') {
543+ return parseInt(charsetPart.substring(1), 8);
544+ } else if (c1 === 'u' || c1 === 'x') {
545+ return parseInt(charsetPart.substring(2), 16);
546+ } else {
547+ return charsetPart.charCodeAt(1);
548+ }
549+ }
550+
551+ function encodeEscape(charCode) {
552+ if (charCode < 0x20) {
553+ return (charCode < 0x10 ? '\\x0' : '\\x') + charCode.toString(16);
554+ }
555+ var ch = String.fromCharCode(charCode);
556+ return (ch === '\\' || ch === '-' || ch === ']' || ch === '^')
557+ ? "\\" + ch : ch;
558+ }
559+
560+ function caseFoldCharset(charSet) {
561+ var charsetParts = charSet.substring(1, charSet.length - 1).match(
562+ new RegExp(
563+ '\\\\u[0-9A-Fa-f]{4}'
564+ + '|\\\\x[0-9A-Fa-f]{2}'
565+ + '|\\\\[0-3][0-7]{0,2}'
566+ + '|\\\\[0-7]{1,2}'
567+ + '|\\\\[\\s\\S]'
568+ + '|-'
569+ + '|[^-\\\\]',
570+ 'g'));
571+ var ranges = [];
572+ var inverse = charsetParts[0] === '^';
573+
574+ var out = ['['];
575+ if (inverse) { out.push('^'); }
576+
577+ for (var i = inverse ? 1 : 0, n = charsetParts.length; i < n; ++i) {
578+ var p = charsetParts[i];
579+ if (/\\[bdsw]/i.test(p)) { // Don't muck with named groups.
580+ out.push(p);
581+ } else {
582+ var start = decodeEscape(p);
583+ var end;
584+ if (i + 2 < n && '-' === charsetParts[i + 1]) {
585+ end = decodeEscape(charsetParts[i + 2]);
586+ i += 2;
587+ } else {
588+ end = start;
589+ }
590+ ranges.push([start, end]);
591+ // If the range might intersect letters, then expand it.
592+ // This case handling is too simplistic.
593+ // It does not deal with non-latin case folding.
594+ // It works for latin source code identifiers though.
595+ if (!(end < 65 || start > 122)) {
596+ if (!(end < 65 || start > 90)) {
597+ ranges.push([Math.max(65, start) | 32, Math.min(end, 90) | 32]);
598+ }
599+ if (!(end < 97 || start > 122)) {
600+ ranges.push([Math.max(97, start) & ~32, Math.min(end, 122) & ~32]);
601+ }
602+ }
603+ }
604+ }
605+
606+ // [[1, 10], [3, 4], [8, 12], [14, 14], [16, 16], [17, 17]]
607+ // -> [[1, 12], [14, 14], [16, 17]]
608+ ranges.sort(function (a, b) { return (a[0] - b[0]) || (b[1] - a[1]); });
609+ var consolidatedRanges = [];
610+ var lastRange = [];
611+ for (var i = 0; i < ranges.length; ++i) {
612+ var range = ranges[i];
613+ if (range[0] <= lastRange[1] + 1) {
614+ lastRange[1] = Math.max(lastRange[1], range[1]);
615+ } else {
616+ consolidatedRanges.push(lastRange = range);
617+ }
618+ }
619+
620+ for (var i = 0; i < consolidatedRanges.length; ++i) {
621+ var range = consolidatedRanges[i];
622+ out.push(encodeEscape(range[0]));
623+ if (range[1] > range[0]) {
624+ if (range[1] + 1 > range[0]) { out.push('-'); }
625+ out.push(encodeEscape(range[1]));
626+ }
627+ }
628+ out.push(']');
629+ return out.join('');
630+ }
631+
632+ function allowAnywhereFoldCaseAndRenumberGroups(regex) {
633+ // Split into character sets, escape sequences, punctuation strings
634+ // like ('(', '(?:', ')', '^'), and runs of characters that do not
635+ // include any of the above.
636+ var parts = regex.source.match(
637+ new RegExp(
638+ '(?:'
639+ + '\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]' // a character set
640+ + '|\\\\u[A-Fa-f0-9]{4}' // a unicode escape
641+ + '|\\\\x[A-Fa-f0-9]{2}' // a hex escape
642+ + '|\\\\[0-9]+' // a back-reference or octal escape
643+ + '|\\\\[^ux0-9]' // other escape sequence
644+ + '|\\(\\?[:!=]' // start of a non-capturing group
645+ + '|[\\(\\)\\^]' // start/end of a group, or line start
646+ + '|[^\\x5B\\x5C\\(\\)\\^]+' // run of other characters
647+ + ')',
648+ 'g'));
649+ var n = parts.length;
650+
651+ // Maps captured group numbers to the number they will occupy in
652+ // the output or to -1 if that has not been determined, or to
653+ // undefined if they need not be capturing in the output.
654+ var capturedGroups = [];
655+
656+ // Walk over and identify back references to build the capturedGroups
657+ // mapping.
658+ for (var i = 0, groupIndex = 0; i < n; ++i) {
659+ var p = parts[i];
660+ if (p === '(') {
661+ // groups are 1-indexed, so max group index is count of '('
662+ ++groupIndex;
663+ } else if ('\\' === p.charAt(0)) {
664+ var decimalValue = +p.substring(1);
665+ if (decimalValue) {
666+ if (decimalValue <= groupIndex) {
667+ capturedGroups[decimalValue] = -1;
668+ } else {
669+ // Replace with an unambiguous escape sequence so that
670+ // an octal escape sequence does not turn into a backreference
671+ // to a capturing group from an earlier regex.
672+ parts[i] = encodeEscape(decimalValue);
673+ }
674+ }
675+ }
676+ }
677+
678+ // Renumber groups and reduce capturing groups to non-capturing groups
679+ // where possible.
680+ for (var i = 1; i < capturedGroups.length; ++i) {
681+ if (-1 === capturedGroups[i]) {
682+ capturedGroups[i] = ++capturedGroupIndex;
683+ }
684+ }
685+ for (var i = 0, groupIndex = 0; i < n; ++i) {
686+ var p = parts[i];
687+ if (p === '(') {
688+ ++groupIndex;
689+ if (!capturedGroups[groupIndex]) {
690+ parts[i] = '(?:';
691+ }
692+ } else if ('\\' === p.charAt(0)) {
693+ var decimalValue = +p.substring(1);
694+ if (decimalValue && decimalValue <= groupIndex) {
695+ parts[i] = '\\' + capturedGroups[decimalValue];
696+ }
697+ }
698+ }
699+
700+ // Remove any prefix anchors so that the output will match anywhere.
701+ // ^^ really does mean an anchored match though.
702+ for (var i = 0; i < n; ++i) {
703+ if ('^' === parts[i] && '^' !== parts[i + 1]) { parts[i] = ''; }
704+ }
705+
706+ // Expand letters to groups to handle mixing of case-sensitive and
707+ // case-insensitive patterns if necessary.
708+ if (regex.ignoreCase && needToFoldCase) {
709+ for (var i = 0; i < n; ++i) {
710+ var p = parts[i];
711+ var ch0 = p.charAt(0);
712+ if (p.length >= 2 && ch0 === '[') {
713+ parts[i] = caseFoldCharset(p);
714+ } else if (ch0 !== '\\') {
715+ // TODO: handle letters in numeric escapes.
716+ parts[i] = p.replace(
717+ /[a-zA-Z]/g,
718+ function (ch) {
719+ var cc = ch.charCodeAt(0);
720+ return '[' + String.fromCharCode(cc & ~32, cc | 32) + ']';
721+ });
722+ }
723+ }
724+ }
725+
726+ return parts.join('');
727+ }
728+
729+ var rewritten = [];
730+ for (var i = 0, n = regexs.length; i < n; ++i) {
731+ var regex = regexs[i];
732+ if (regex.global || regex.multiline) { throw new Error('' + regex); }
733+ rewritten.push(
734+ '(?:' + allowAnywhereFoldCaseAndRenumberGroups(regex) + ')');
735+ }
736+
737+ return new RegExp(rewritten.join('|'), ignoreCase ? 'gi' : 'g');
738+ }
739+
740+
741+ /**
742+ * Split markup into a string of source code and an array mapping ranges in
743+ * that string to the text nodes in which they appear.
744+ *
745+ * <p>
746+ * The HTML DOM structure:</p>
747+ * <pre>
748+ * (Element "p"
749+ * (Element "b"
750+ * (Text "print ")) ; #1
751+ * (Text "'Hello '") ; #2
752+ * (Element "br") ; #3
753+ * (Text " + 'World';")) ; #4
754+ * </pre>
755+ * <p>
756+ * corresponds to the HTML
757+ * {@code <p><b>print </b>'Hello '<br> + 'World';</p>}.</p>
758+ *
759+ * <p>
760+ * It will produce the output:</p>
761+ * <pre>
762+ * {
763+ * sourceCode: "print 'Hello '\n + 'World';",
764+ * // 1 2
765+ * // 012345678901234 5678901234567
766+ * spans: [0, #1, 6, #2, 14, #3, 15, #4]
767+ * }
768+ * </pre>
769+ * <p>
770+ * where #1 is a reference to the {@code "print "} text node above, and so
771+ * on for the other text nodes.
772+ * </p>
773+ *
774+ * <p>
775+ * The {@code} spans array is an array of pairs. Even elements are the start
776+ * indices of substrings, and odd elements are the text nodes (or BR elements)
777+ * that contain the text for those substrings.
778+ * Substrings continue until the next index or the end of the source.
779+ * </p>
780+ *
781+ * @param {Node} node an HTML DOM subtree containing source-code.
782+ * @param {boolean} isPreformatted true if white-space in text nodes should
783+ * be considered significant.
784+ * @return {Object} source code and the text nodes in which they occur.
785+ */
786+ function extractSourceSpans(node, isPreformatted) {
787+ var nocode = /(?:^|\s)nocode(?:\s|$)/;
788+
789+ var chunks = [];
790+ var length = 0;
791+ var spans = [];
792+ var k = 0;
793+
794+ function walk(node) {
795+ switch (node.nodeType) {
796+ case 1: // Element
797+ if (nocode.test(node.className)) { return; }
798+ for (var child = node.firstChild; child; child = child.nextSibling) {
799+ walk(child);
800+ }
801+ var nodeName = node.nodeName.toLowerCase();
802+ if ('br' === nodeName || 'li' === nodeName) {
803+ chunks[k] = '\n';
804+ spans[k << 1] = length++;
805+ spans[(k++ << 1) | 1] = node;
806+ }
807+ break;
808+ case 3: case 4: // Text
809+ var text = node.nodeValue;
810+ if (text.length) {
811+ if (!isPreformatted) {
812+ text = text.replace(/[ \t\r\n]+/g, ' ');
813+ } else {
814+ text = text.replace(/\r\n?/g, '\n'); // Normalize newlines.
815+ text = text.replace(/^(\r?\n\s*)+/g, ''); // Remove leading newlines
816+ text = text.replace(/^\s*/g, ''); // Remove leading spaces due to indented formatting
817+ text = text.replace(/(\r?\n\s*)+$/g, ''); // Remove ending newlines
818+
819+ }
820+ // TODO: handle tabs here?
821+ chunks[k] = text;
822+ spans[k << 1] = length;
823+ length += text.length;
824+ spans[(k++ << 1) | 1] = node;
825+ }
826+ break;
827+ }
828+ }
829+
830+ walk(node);
831+
832+ return {
833+ sourceCode: chunks.join('').replace(/\n$/, ''),
834+ spans: spans
835+ };
836+ }
837+
838+
839+ /**
840+ * Apply the given language handler to sourceCode and add the resulting
841+ * decorations to out.
842+ * @param {number} basePos the index of sourceCode within the chunk of source
843+ * whose decorations are already present on out.
844+ */
845+ function appendDecorations(basePos, sourceCode, langHandler, out) {
846+ if (!sourceCode) { return; }
847+ var job = {
848+ sourceCode: sourceCode,
849+ basePos: basePos
850+ };
851+ langHandler(job);
852+ out.push.apply(out, job.decorations);
853+ }
854+
855+ var notWs = /\S/;
856+
857+ /**
858+ * Given an element, if it contains only one child element and any text nodes
859+ * it contains contain only space characters, return the sole child element.
860+ * Otherwise returns undefined.
861+ * <p>
862+ * This is meant to return the CODE element in {@code <pre><code ...>} when
863+ * there is a single child element that contains all the non-space textual
864+ * content, but not to return anything where there are multiple child elements
865+ * as in {@code <pre><code>...</code><code>...</code></pre>} or when there
866+ * is textual content.
867+ */
868+ function childContentWrapper(element) {
869+ var wrapper = undefined;
870+ for (var c = element.firstChild; c; c = c.nextSibling) {
871+ var type = c.nodeType;
872+ wrapper = (type === 1) // Element Node
873+ ? (wrapper ? element : c)
874+ : (type === 3) // Text Node
875+ ? (notWs.test(c.nodeValue) ? element : wrapper)
876+ : wrapper;
877+ }
878+ return wrapper === element ? undefined : wrapper;
879+ }
880+
881+ /** Given triples of [style, pattern, context] returns a lexing function,
882+ * The lexing function interprets the patterns to find token boundaries and
883+ * returns a decoration list of the form
884+ * [index_0, style_0, index_1, style_1, ..., index_n, style_n]
885+ * where index_n is an index into the sourceCode, and style_n is a style
886+ * constant like PR_PLAIN. index_n-1 <= index_n, and style_n-1 applies to
887+ * all characters in sourceCode[index_n-1:index_n].
888+ *
889+ * The stylePatterns is a list whose elements have the form
890+ * [style : string, pattern : RegExp, DEPRECATED, shortcut : string].
891+ *
892+ * Style is a style constant like PR_PLAIN, or can be a string of the
893+ * form 'lang-FOO', where FOO is a language extension describing the
894+ * language of the portion of the token in $1 after pattern executes.
895+ * E.g., if style is 'lang-lisp', and group 1 contains the text
896+ * '(hello (world))', then that portion of the token will be passed to the
897+ * registered lisp handler for formatting.
898+ * The text before and after group 1 will be restyled using this decorator
899+ * so decorators should take care that this doesn't result in infinite
900+ * recursion. For example, the HTML lexer rule for SCRIPT elements looks
901+ * something like ['lang-js', /<[s]cript>(.+?)<\/script>/]. This may match
902+ * '<script>foo()<\/script>', which would cause the current decorator to
903+ * be called with '<script>' which would not match the same rule since
904+ * group 1 must not be empty, so it would be instead styled as PR_TAG by
905+ * the generic tag rule. The handler registered for the 'js' extension would
906+ * then be called with 'foo()', and finally, the current decorator would
907+ * be called with '<\/script>' which would not match the original rule and
908+ * so the generic tag rule would identify it as a tag.
909+ *
910+ * Pattern must only match prefixes, and if it matches a prefix, then that
911+ * match is considered a token with the same style.
912+ *
913+ * Context is applied to the last non-whitespace, non-comment token
914+ * recognized.
915+ *
916+ * Shortcut is an optional string of characters, any of which, if the first
917+ * character, gurantee that this pattern and only this pattern matches.
918+ *
919+ * @param {Array} shortcutStylePatterns patterns that always start with
920+ * a known character. Must have a shortcut string.
921+ * @param {Array} fallthroughStylePatterns patterns that will be tried in
922+ * order if the shortcut ones fail. May have shortcuts.
923+ *
924+ * @return {function (Object)} a
925+ * function that takes source code and returns a list of decorations.
926+ */
927+ function createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns) {
928+ var shortcuts = {};
929+ var tokenizer;
930+ (function () {
931+ var allPatterns = shortcutStylePatterns.concat(fallthroughStylePatterns);
932+ var allRegexs = [];
933+ var regexKeys = {};
934+ for (var i = 0, n = allPatterns.length; i < n; ++i) {
935+ var patternParts = allPatterns[i];
936+ var shortcutChars = patternParts[3];
937+ if (shortcutChars) {
938+ for (var c = shortcutChars.length; --c >= 0;) {
939+ shortcuts[shortcutChars.charAt(c)] = patternParts;
940+ }
941+ }
942+ var regex = patternParts[1];
943+ var k = '' + regex;
944+ if (!regexKeys.hasOwnProperty(k)) {
945+ allRegexs.push(regex);
946+ regexKeys[k] = null;
947+ }
948+ }
949+ allRegexs.push(/[\0-\uffff]/);
950+ tokenizer = combinePrefixPatterns(allRegexs);
951+ })();
952+
953+ var nPatterns = fallthroughStylePatterns.length;
954+
955+ /**
956+ * Lexes job.sourceCode and produces an output array job.decorations of
957+ * style classes preceded by the position at which they start in
958+ * job.sourceCode in order.
959+ *
960+ * @param {Object} job an object like <pre>{
961+ * sourceCode: {string} sourceText plain text,
962+ * basePos: {int} position of job.sourceCode in the larger chunk of
963+ * sourceCode.
964+ * }</pre>
965+ */
966+ var decorate = function (job) {
967+ var sourceCode = job.sourceCode, basePos = job.basePos;
968+ /** Even entries are positions in source in ascending order. Odd enties
969+ * are style markers (e.g., PR_COMMENT) that run from that position until
970+ * the end.
971+ * @type {Array.<number|string>}
972+ */
973+ var decorations = [basePos, PR_PLAIN];
974+ var pos = 0; // index into sourceCode
975+ var tokens = sourceCode.match(tokenizer) || [];
976+ var styleCache = {};
977+
978+ for (var ti = 0, nTokens = tokens.length; ti < nTokens; ++ti) {
979+ var token = tokens[ti];
980+ var style = styleCache[token];
981+ var match = void 0;
982+
983+ var isEmbedded;
984+ if (typeof style === 'string') {
985+ isEmbedded = false;
986+ } else {
987+ var patternParts = shortcuts[token.charAt(0)];
988+ if (patternParts) {
989+ match = token.match(patternParts[1]);
990+ style = patternParts[0];
991+ } else {
992+ for (var i = 0; i < nPatterns; ++i) {
993+ patternParts = fallthroughStylePatterns[i];
994+ match = token.match(patternParts[1]);
995+ if (match) {
996+ style = patternParts[0];
997+ break;
998+ }
999+ }
1000+
1001+ if (!match) { // make sure that we make progress
1002+ style = PR_PLAIN;
1003+ }
1004+ }
1005+
1006+ isEmbedded = style.length >= 5 && 'lang-' === style.substring(0, 5);
1007+ if (isEmbedded && !(match && typeof match[1] === 'string')) {
1008+ isEmbedded = false;
1009+ style = PR_SOURCE;
1010+ }
1011+
1012+ if (!isEmbedded) { styleCache[token] = style; }
1013+ }
1014+
1015+ var tokenStart = pos;
1016+ pos += token.length;
1017+
1018+ if (!isEmbedded) {
1019+ decorations.push(basePos + tokenStart, style);
1020+ } else { // Treat group 1 as an embedded block of source code.
1021+ var embeddedSource = match[1];
1022+ var embeddedSourceStart = token.indexOf(embeddedSource);
1023+ var embeddedSourceEnd = embeddedSourceStart + embeddedSource.length;
1024+ if (match[2]) {
1025+ // If embeddedSource can be blank, then it would match at the
1026+ // beginning which would cause us to infinitely recurse on the
1027+ // entire token, so we catch the right context in match[2].
1028+ embeddedSourceEnd = token.length - match[2].length;
1029+ embeddedSourceStart = embeddedSourceEnd - embeddedSource.length;
1030+ }
1031+ var lang = style.substring(5);
1032+ // Decorate the left of the embedded source
1033+ appendDecorations(
1034+ basePos + tokenStart,
1035+ token.substring(0, embeddedSourceStart),
1036+ decorate, decorations);
1037+ // Decorate the embedded source
1038+ appendDecorations(
1039+ basePos + tokenStart + embeddedSourceStart,
1040+ embeddedSource,
1041+ langHandlerForExtension(lang, embeddedSource),
1042+ decorations);
1043+ // Decorate the right of the embedded section
1044+ appendDecorations(
1045+ basePos + tokenStart + embeddedSourceEnd,
1046+ token.substring(embeddedSourceEnd),
1047+ decorate, decorations);
1048+ }
1049+ }
1050+ job.decorations = decorations;
1051+ };
1052+ return decorate;
1053+ }
1054+
1055+ /** returns a function that produces a list of decorations from source text.
1056+ *
1057+ * This code treats ", ', and ` as string delimiters, and \ as a string
1058+ * escape. It does not recognize perl's qq() style strings.
1059+ * It has no special handling for double delimiter escapes as in basic, or
1060+ * the tripled delimiters used in python, but should work on those regardless
1061+ * although in those cases a single string literal may be broken up into
1062+ * multiple adjacent string literals.
1063+ *
1064+ * It recognizes C, C++, and shell style comments.
1065+ *
1066+ * @param {Object} options a set of optional parameters.
1067+ * @return {function (Object)} a function that examines the source code
1068+ * in the input job and builds the decoration list.
1069+ */
1070+ function sourceDecorator(options) {
1071+ var shortcutStylePatterns = [], fallthroughStylePatterns = [];
1072+ if (options['tripleQuotedStrings']) {
1073+ // '''multi-line-string''', 'single-line-string', and double-quoted
1074+ shortcutStylePatterns.push(
1075+ [PR_STRING, /^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,
1076+ null, '\'"']);
1077+ } else if (options['multiLineStrings']) {
1078+ // 'multi-line-string', "multi-line-string"
1079+ shortcutStylePatterns.push(
1080+ [PR_STRING, /^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,
1081+ null, '\'"`']);
1082+ } else {
1083+ // 'single-line-string', "single-line-string"
1084+ shortcutStylePatterns.push(
1085+ [PR_STRING,
1086+ /^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,
1087+ null, '"\'']);
1088+ }
1089+ if (options['verbatimStrings']) {
1090+ // verbatim-string-literal production from the C# grammar. See issue 93.
1091+ fallthroughStylePatterns.push(
1092+ [PR_STRING, /^@\"(?:[^\"]|\"\")*(?:\"|$)/, null]);
1093+ }
1094+ var hc = options['hashComments'];
1095+ if (hc) {
1096+ if (options['cStyleComments']) {
1097+ if (hc > 1) { // multiline hash comments
1098+ shortcutStylePatterns.push(
1099+ [PR_COMMENT, /^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/, null, '#']);
1100+ } else {
1101+ // Stop C preprocessor declarations at an unclosed open comment
1102+ shortcutStylePatterns.push(
1103+ [PR_COMMENT, /^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\r\n]*)/,
1104+ null, '#']);
1105+ }
1106+ // #include <stdio.h>
1107+ fallthroughStylePatterns.push(
1108+ [PR_STRING,
1109+ /^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,
1110+ null]);
1111+ } else {
1112+ shortcutStylePatterns.push([PR_COMMENT, /^#[^\r\n]*/, null, '#']);
1113+ }
1114+ }
1115+ if (options['cStyleComments']) {
1116+ fallthroughStylePatterns.push([PR_COMMENT, /^\/\/[^\r\n]*/, null]);
1117+ fallthroughStylePatterns.push(
1118+ [PR_COMMENT, /^\/\*[\s\S]*?(?:\*\/|$)/, null]);
1119+ }
1120+ if (options['regexLiterals']) {
1121+ /**
1122+ * @const
1123+ */
1124+ var REGEX_LITERAL = (
1125+ // A regular expression literal starts with a slash that is
1126+ // not followed by * or / so that it is not confused with
1127+ // comments.
1128+ '/(?=[^/*])'
1129+ // and then contains any number of raw characters,
1130+ + '(?:[^/\\x5B\\x5C]'
1131+ // escape sequences (\x5C),
1132+ + '|\\x5C[\\s\\S]'
1133+ // or non-nesting character sets (\x5B\x5D);
1134+ + '|\\x5B(?:[^\\x5C\\x5D]|\\x5C[\\s\\S])*(?:\\x5D|$))+'
1135+ // finally closed by a /.
1136+ + '/');
1137+ fallthroughStylePatterns.push(
1138+ ['lang-regex',
1139+ new RegExp('^' + REGEXP_PRECEDER_PATTERN + '(' + REGEX_LITERAL + ')')
1140+ ]);
1141+ }
1142+
1143+ var types = options['types'];
1144+ if (types) {
1145+ fallthroughStylePatterns.push([PR_TYPE, types]);
1146+ }
1147+
1148+ if (options['strings']) {
1149+ var strings = ("" + options['strings']).replace(/^ | $/g, '').replace(/-/g, '\\-');
1150+ fallthroughStylePatterns.push(
1151+ [PR_STRING,
1152+ new RegExp('(?:' + strings.replace(/[\s,]+/g, '|') + ')'),
1153+ , null]
1154+ );
1155+ }
1156+
1157+ var keywords = ("" + options['keywords']).replace(/^ | $/g, '');
1158+ if (keywords.length) {
1159+ fallthroughStylePatterns.push(
1160+ [PR_KEYWORD,
1161+ new RegExp('^(?:' + keywords.replace(/[\s,]+/g, '|') + ')\\b'),
1162+ null]);
1163+ }
1164+
1165+ shortcutStylePatterns.push([PR_PLAIN, /^\s+/, null, ' \r\n\t\xA0']);
1166+ if (options['httpdComments']) {
1167+ fallthroughStylePatterns.push(
1168+ [PR_PLAIN, /^.*\S.*#/i, null]
1169+ );
1170+ }
1171+
1172+ fallthroughStylePatterns.push(
1173+ // TODO(mikesamuel): recognize non-latin letters and numerals in idents
1174+ [PR_LITERAL, /^@[a-z_$][a-z_$@0-9]*|\bNULL\b/i, null],
1175+ [PR_LITERAL, CONFIG_OPTIONS, null],
1176+ //[PR_STRING, CONFIG_ENVS, null],
1177+ [PR_TAG, /^\b(AuthzProviderAlias|AuthnProviderAlias|RequireAny|RequireAll|RequireNone|Directory|DirectoryMatch|Location|LocationMatch|VirtualHost|If|Else|ElseIf|Proxy\b|LoadBalancer|Files|FilesMatch|Limit|LimitExcept|IfDefine|IfModule|IfVersion)\b/, null],
1178+ [PR_TYPE, /^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_(t|req|module)\b)/, null],
1179+ [PR_TAG, /^apr_[a-z_0-9]+|ap_[a-z_0-9]+/i, null],
1180+ [PR_PLAIN, /^[a-z_$][a-z_$@0-9\-]*/i, null],
1181+ [PR_LITERAL,
1182+ new RegExp(
1183+ '^(?:'
1184+ // A hex number
1185+ + '0x[a-f0-9]+'
1186+ // An IPv6 Address
1187+ + '|[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+'
1188+ // or an octal or decimal number,
1189+ + '|(?:\\d(?:_\\d+)*\\d*(?:\\.\\d*)?|\\.\\d\\+)'
1190+ // possibly in scientific notation
1191+ + '(?:e[+\\-]?\\d+)?'
1192+ + ')'
1193+ // with an optional modifier like UL for unsigned long
1194+ + '[a-z]*', 'i'),
1195+ null, '0123456789'],
1196+ // Don't treat escaped quotes in bash as starting strings. See issue 144.
1197+ [PR_PLAIN, /^\\[\s\S]?/, null],
1198+ [PR_PUNCTUATION, /^.[^\s\w\.$@\'\"\`\/\#\\]*/, null]);
1199+
1200+ return createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns);
1201+ }
1202+
1203+ var decorateSource = sourceDecorator({
1204+ 'keywords': ALL_KEYWORDS,
1205+ 'hashComments': true,
1206+ 'cStyleComments': true,
1207+ 'multiLineStrings': true,
1208+ 'regexLiterals': true
1209+ });
1210+
1211+ /**
1212+ * Given a DOM subtree, wraps it in a list, and puts each line into its own
1213+ * list item.
1214+ *
1215+ * @param {Node} node modified in place. Its content is pulled into an
1216+ * HTMLOListElement, and each line is moved into a separate list item.
1217+ * This requires cloning elements, so the input might not have unique
1218+ * IDs after numbering.
1219+ * @param {boolean} isPreformatted true iff white-space in text nodes should
1220+ * be treated as significant.
1221+ */
1222+ function numberLines(node, opt_startLineNum, isPreformatted) {
1223+ var nocode = /(?:^|\s)nocode(?:\s|$)/;
1224+ var lineBreak = /\r\n?|\n/;
1225+
1226+ var document = node.ownerDocument;
1227+
1228+ var li = document.createElement('li');
1229+ while (node.firstChild) {
1230+ li.appendChild(node.firstChild);
1231+ }
1232+ // An array of lines. We split below, so this is initialized to one
1233+ // un-split line.
1234+ var listItems = [li];
1235+
1236+ function walk(node) {
1237+ switch (node.nodeType) {
1238+ case 1: // Element
1239+ if (nocode.test(node.className)) { break; }
1240+ if ('br' === node.nodeName) {
1241+ breakAfter(node);
1242+ // Discard the <BR> since it is now flush against a </LI>.
1243+ if (node.parentNode) {
1244+ node.parentNode.removeChild(node);
1245+ }
1246+ } else {
1247+ for (var child = node.firstChild; child; child = child.nextSibling) {
1248+ walk(child);
1249+ }
1250+ }
1251+ break;
1252+ case 3: case 4: // Text
1253+ if (isPreformatted) {
1254+ var text = node.nodeValue;
1255+ var match = text.match(lineBreak);
1256+ if (match) {
1257+ var firstLine = text.substring(0, match.index);
1258+ node.nodeValue = firstLine;
1259+ var tail = text.substring(match.index + match[0].length);
1260+ if (tail) {
1261+ var parent = node.parentNode;
1262+ parent.insertBefore(
1263+ document.createTextNode(tail), node.nextSibling);
1264+ }
1265+ breakAfter(node);
1266+ if (!firstLine) {
1267+ // Don't leave blank text nodes in the DOM.
1268+ node.parentNode.removeChild(node);
1269+ }
1270+ }
1271+ }
1272+ break;
1273+ }
1274+ }
1275+
1276+ // Split a line after the given node.
1277+ function breakAfter(lineEndNode) {
1278+ // If there's nothing to the right, then we can skip ending the line
1279+ // here, and move root-wards since splitting just before an end-tag
1280+ // would require us to create a bunch of empty copies.
1281+ while (!lineEndNode.nextSibling) {
1282+ lineEndNode = lineEndNode.parentNode;
1283+ if (!lineEndNode) { return; }
1284+ }
1285+
1286+ function breakLeftOf(limit, copy) {
1287+ // Clone shallowly if this node needs to be on both sides of the break.
1288+ var rightSide = copy ? limit.cloneNode(false) : limit;
1289+ var parent = limit.parentNode;
1290+ if (parent) {
1291+ // We clone the parent chain.
1292+ // This helps us resurrect important styling elements that cross lines.
1293+ // E.g. in <i>Foo<br>Bar</i>
1294+ // should be rewritten to <li><i>Foo</i></li><li><i>Bar</i></li>.
1295+ var parentClone = breakLeftOf(parent, 1);
1296+ // Move the clone and everything to the right of the original
1297+ // onto the cloned parent.
1298+ var next = limit.nextSibling;
1299+ parentClone.appendChild(rightSide);
1300+ for (var sibling = next; sibling; sibling = next) {
1301+ next = sibling.nextSibling;
1302+ parentClone.appendChild(sibling);
1303+ }
1304+ }
1305+ return rightSide;
1306+ }
1307+
1308+ var copiedListItem = breakLeftOf(lineEndNode.nextSibling, 0);
1309+
1310+ // Walk the parent chain until we reach an unattached LI.
1311+ for (var parent;
1312+ // Check nodeType since IE invents document fragments.
1313+ (parent = copiedListItem.parentNode) && parent.nodeType === 1;) {
1314+ copiedListItem = parent;
1315+ }
1316+ // Put it on the list of lines for later processing.
1317+ listItems.push(copiedListItem);
1318+ }
1319+
1320+ // Split lines while there are lines left to split.
1321+ for (var i = 0; // Number of lines that have been split so far.
1322+ i < listItems.length; // length updated by breakAfter calls.
1323+ ++i) {
1324+ walk(listItems[i]);
1325+ }
1326+
1327+ // Make sure numeric indices show correctly.
1328+ if (opt_startLineNum === (opt_startLineNum|0)) {
1329+ listItems[0].setAttribute('value', opt_startLineNum);
1330+ }
1331+
1332+ var ol = document.createElement('ol');
1333+ ol.className = 'linenums';
1334+ var offset = Math.max(0, ((opt_startLineNum - 1 /* zero index */)) | 0) || 0;
1335+ for (var i = 0, n = listItems.length; i < n; ++i) {
1336+ li = listItems[i];
1337+ // Stick a class on the LIs so that stylesheets can
1338+ // color odd/even rows, or any other row pattern that
1339+ // is co-prime with 10.
1340+ li.className = 'L' + ((i + offset) % 1);
1341+ if (!li.firstChild) {
1342+ li.appendChild(document.createTextNode('\xA0'));
1343+ }
1344+ ol.appendChild(li);
1345+ }
1346+
1347+ node.appendChild(ol);
1348+ }
1349+
1350+ /**
1351+ * Breaks {@code job.sourceCode} around style boundaries in
1352+ * {@code job.decorations} and modifies {@code job.sourceNode} in place.
1353+ * @param {Object} job like <pre>{
1354+ * sourceCode: {string} source as plain text,
1355+ * spans: {Array.<number|Node>} alternating span start indices into source
1356+ * and the text node or element (e.g. {@code <BR>}) corresponding to that
1357+ * span.
1358+ * decorations: {Array.<number|string} an array of style classes preceded
1359+ * by the position at which they start in job.sourceCode in order
1360+ * }</pre>
1361+ * @private
1362+ */
1363+ function recombineTagsAndDecorations(job) {
1364+ var isIE8OrEarlier = /\bMSIE\s(\d+)/.exec(navigator.userAgent);
1365+ isIE8OrEarlier = isIE8OrEarlier && +isIE8OrEarlier[1] <= 8;
1366+ var newlineRe = /\n/g;
1367+
1368+ var source = job.sourceCode;
1369+ var sourceLength = source.length;
1370+ // Index into source after the last code-unit recombined.
1371+ var sourceIndex = 0;
1372+
1373+ var spans = job.spans;
1374+ var nSpans = spans.length;
1375+ // Index into spans after the last span which ends at or before sourceIndex.
1376+ var spanIndex = 0;
1377+
1378+ var decorations = job.decorations;
1379+ var nDecorations = decorations.length;
1380+ // Index into decorations after the last decoration which ends at or before
1381+ // sourceIndex.
1382+ var decorationIndex = 0;
1383+
1384+ // Remove all zero-length decorations.
1385+ decorations[nDecorations] = sourceLength;
1386+ var decPos, i;
1387+ for (i = decPos = 0; i < nDecorations;) {
1388+ if (decorations[i] !== decorations[i + 2]) {
1389+ decorations[decPos++] = decorations[i++];
1390+ decorations[decPos++] = decorations[i++];
1391+ } else {
1392+ i += 2;
1393+ }
1394+ }
1395+ nDecorations = decPos;
1396+
1397+ // Simplify decorations.
1398+ for (i = decPos = 0; i < nDecorations;) {
1399+ var startPos = decorations[i];
1400+ // Conflate all adjacent decorations that use the same style.
1401+ var startDec = decorations[i + 1];
1402+ var end = i + 2;
1403+ while (end + 2 <= nDecorations && decorations[end + 1] === startDec) {
1404+ end += 2;
1405+ }
1406+ decorations[decPos++] = startPos;
1407+ decorations[decPos++] = startDec;
1408+ i = end;
1409+ }
1410+
1411+ nDecorations = decorations.length = decPos;
1412+
1413+ var sourceNode = job.sourceNode;
1414+ var oldDisplay;
1415+ if (sourceNode) {
1416+ oldDisplay = sourceNode.style.display;
1417+ sourceNode.style.display = 'none';
1418+ }
1419+ try {
1420+ var decoration = null;
1421+ var X = 0;
1422+ while (spanIndex < nSpans) {
1423+ X = X + 1;
1424+ if (X > 5000) { break; }
1425+ var spanStart = spans[spanIndex];
1426+ var spanEnd = spans[spanIndex + 2] || sourceLength;
1427+
1428+ var decEnd = decorations[decorationIndex + 2] || sourceLength;
1429+
1430+ var end = Math.min(spanEnd, decEnd);
1431+
1432+ var textNode = spans[spanIndex + 1];
1433+ var styledText;
1434+ if (textNode.nodeType !== 1 // Don't muck with <BR>s or <LI>s
1435+ // Don't introduce spans around empty text nodes.
1436+ && (styledText = source.substring(sourceIndex, end))) {
1437+ // This may seem bizarre, and it is. Emitting LF on IE causes the
1438+ // code to display with spaces instead of line breaks.
1439+ // Emitting Windows standard issue linebreaks (CRLF) causes a blank
1440+ // space to appear at the beginning of every line but the first.
1441+ // Emitting an old Mac OS 9 line separator makes everything spiffy.
1442+ if (isIE8OrEarlier) {
1443+ styledText = styledText.replace(newlineRe, '\r');
1444+ }
1445+ textNode.nodeValue = styledText;
1446+ var document = textNode.ownerDocument;
1447+ var span = document.createElement('span');
1448+ span.className = decorations[decorationIndex + 1];
1449+ var parentNode = textNode.parentNode;
1450+ parentNode.replaceChild(span, textNode);
1451+ span.appendChild(textNode);
1452+ if (sourceIndex < spanEnd) { // Split off a text node.
1453+ spans[spanIndex + 1] = textNode
1454+ // TODO: Possibly optimize by using '' if there's no flicker.
1455+ = document.createTextNode(source.substring(end, spanEnd));
1456+ parentNode.insertBefore(textNode, span.nextSibling);
1457+ }
1458+ }
1459+
1460+ sourceIndex = end;
1461+
1462+ if (sourceIndex >= spanEnd) {
1463+ spanIndex += 2;
1464+ }
1465+ if (sourceIndex >= decEnd) {
1466+ decorationIndex += 2;
1467+ }
1468+ }
1469+ } finally {
1470+ if (sourceNode) {
1471+ sourceNode.style.display = oldDisplay;
1472+ }
1473+ }
1474+ }
1475+
1476+
1477+ /** Maps language-specific file extensions to handlers. */
1478+ var langHandlerRegistry = {};
1479+ /** Register a language handler for the given file extensions.
1480+ * @param {function (Object)} handler a function from source code to a list
1481+ * of decorations. Takes a single argument job which describes the
1482+ * state of the computation. The single parameter has the form
1483+ * {@code {
1484+ * sourceCode: {string} as plain text.
1485+ * decorations: {Array.<number|string>} an array of style classes
1486+ * preceded by the position at which they start in
1487+ * job.sourceCode in order.
1488+ * The language handler should assigned this field.
1489+ * basePos: {int} the position of source in the larger source chunk.
1490+ * All positions in the output decorations array are relative
1491+ * to the larger source chunk.
1492+ * } }
1493+ * @param {Array.<string>} fileExtensions
1494+ */
1495+ function registerLangHandler(handler, fileExtensions) {
1496+ for (var i = fileExtensions.length; --i >= 0;) {
1497+ var ext = fileExtensions[i];
1498+ if (!langHandlerRegistry.hasOwnProperty(ext)) {
1499+ langHandlerRegistry[ext] = handler;
1500+ } else if (win['console']) {
1501+ console['warn']('cannot override language handler %s', ext);
1502+ }
1503+ }
1504+ }
1505+ function langHandlerForExtension(extension, source) {
1506+ if (!(extension && langHandlerRegistry.hasOwnProperty(extension))) {
1507+ // Treat it as markup if the first non whitespace character is a < and
1508+ // the last non-whitespace character is a >.
1509+ extension = /^\s*</.test(source)
1510+ ? 'default-markup'
1511+ : 'default-code';
1512+ }
1513+ return langHandlerRegistry[extension];
1514+ }
1515+ registerLangHandler(decorateSource, ['default-code']);
1516+ registerLangHandler(
1517+ createSimpleLexer(
1518+ [],
1519+ [
1520+ [PR_PLAIN, /^[^<?]+/],
1521+ [PR_DECLARATION, /^<!\w[^>]*(?:>|$)/],
1522+ [PR_COMMENT, /^<\!--[\s\S]*?(?:-\->|$)/],
1523+ // Unescaped content in an unknown language
1524+ ['lang-', /^<\?([\s\S]+?)(?:\?>|$)/],
1525+ ['lang-', /^<%([\s\S]+?)(?:%>|$)/],
1526+ [PR_PUNCTUATION, /^(?:<[%?]|[%?]>)/],
1527+ ['lang-', /^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],
1528+ // Unescaped content in javascript. (Or possibly vbscript).
1529+ ['lang-js', /^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],
1530+ // Contains unescaped stylesheet content
1531+ ['lang-css', /^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],
1532+ ['lang-in.tag', /^(<\/?[a-z][^<>]*>)/i]
1533+ ]),
1534+ ['default-markup', 'htm', 'html', 'mxml', 'xhtml', 'xml', 'xsl']);
1535+ registerLangHandler(
1536+ createSimpleLexer(
1537+ [
1538+ [PR_PLAIN, /^[\s]+/, null, ' \t\r\n'],
1539+ [PR_ATTRIB_VALUE, /^(?:\"[^\"]*\"?|\'[^\']*\'?)/, null, '\"\'']
1540+ ],
1541+ [
1542+ [PR_TAG, /^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],
1543+ [PR_ATTRIB_NAME, /^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],
1544+ ['lang-uq.val', /^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],
1545+ [PR_PUNCTUATION, /^[=<>\/]+/],
1546+ ['lang-js', /^on\w+\s*=\s*\"([^\"]+)\"/i],
1547+ ['lang-js', /^on\w+\s*=\s*\'([^\']+)\'/i],
1548+ ['lang-js', /^on\w+\s*=\s*([^\"\'>\s]+)/i],
1549+ ['lang-css', /^style\s*=\s*\"([^\"]+)\"/i],
1550+ ['lang-css', /^style\s*=\s*\'([^\']+)\'/i],
1551+ ['lang-css', /^style\s*=\s*([^\"\'>\s]+)/i]
1552+ ]),
1553+ ['in.tag']);
1554+ registerLangHandler(
1555+ createSimpleLexer([], [[PR_ATTRIB_VALUE, /^[\s\S]+/]]), ['uq.val']);
1556+ registerLangHandler(sourceDecorator({
1557+ 'keywords': CPP_KEYWORDS,
1558+ 'hashComments': true,
1559+ 'cStyleComments': true,
1560+ 'types': C_TYPES
1561+ }), ['c', 'cc', 'cpp', 'cxx', 'cyc', 'm']);
1562+ registerLangHandler(sourceDecorator({
1563+ 'keywords': PHP_KEYWORDS,
1564+ 'hashComments': false,
1565+ 'cStyleComments': true,
1566+ 'multiLineStrings': true,
1567+ 'regexLiterals': true
1568+// 'types': C_TYPES,
1569+ }), ['php', 'phtml', 'inc']);
1570+ registerLangHandler(sourceDecorator({
1571+ 'keywords': 'null,true,false'
1572+ }), ['json']);
1573+ registerLangHandler(sourceDecorator({
1574+ 'keywords': CSHARP_KEYWORDS,
1575+ 'hashComments': true,
1576+ 'cStyleComments': true,
1577+ 'verbatimStrings': true,
1578+ 'types': C_TYPES
1579+ }), ['cs']);
1580+ registerLangHandler(sourceDecorator({
1581+ 'keywords': JAVA_KEYWORDS,
1582+ 'cStyleComments': true
1583+ }), ['java']);
1584+ registerLangHandler(sourceDecorator({
1585+ 'keywords': SH_KEYWORDS,
1586+ 'hashComments': true,
1587+ 'multiLineStrings': true
1588+ }), ['bsh', 'csh', 'sh']);
1589+ registerLangHandler(sourceDecorator({
1590+ 'keywords': PYTHON_KEYWORDS,
1591+ 'hashComments': true,
1592+ 'multiLineStrings': true,
1593+ 'tripleQuotedStrings': true
1594+ }), ['cv', 'py']);
1595+ registerLangHandler(sourceDecorator({
1596+ 'keywords': PERL_KEYWORDS,
1597+ 'hashComments': true,
1598+ 'multiLineStrings': true,
1599+ 'regexLiterals': true
1600+ }), ['perl', 'pl', 'pm']);
1601+ registerLangHandler(sourceDecorator({
1602+ 'keywords': RUBY_KEYWORDS,
1603+ 'hashComments': true,
1604+ 'multiLineStrings': true,
1605+ 'regexLiterals': true
1606+ }), ['rb']);
1607+ registerLangHandler(sourceDecorator({
1608+ 'keywords': JSCRIPT_KEYWORDS,
1609+ 'cStyleComments': true,
1610+ 'regexLiterals': true
1611+ }), ['js']);
1612+ registerLangHandler(sourceDecorator({
1613+ 'keywords': COFFEE_KEYWORDS,
1614+ 'hashComments': 3, // ### style block comments
1615+ 'cStyleComments': true,
1616+ 'multilineStrings': true,
1617+ 'tripleQuotedStrings': true,
1618+ 'regexLiterals': true
1619+ }), ['coffee']);
1620+ registerLangHandler(
1621+ createSimpleLexer([], [[PR_STRING, /^[\s\S]+/]]), ['regex']);
1622+ registerLangHandler(sourceDecorator({
1623+ 'keywords': CONFIG_KEYWORDS,
1624+ 'literals': CONFIG_OPTIONS,
1625+ 'strings': CONFIG_ENVS,
1626+ 'hashComments': true,
1627+ 'cStyleComments': false,
1628+ 'multiLineStrings': false,
1629+ 'regexLiterals': false,
1630+ 'httpdComments': true
1631+ }), ['config']);
1632+
1633+ function applyDecorator(job) {
1634+ var opt_langExtension = job.langExtension;
1635+
1636+ try {
1637+ // Extract tags, and convert the source code to plain text.
1638+ var sourceAndSpans = extractSourceSpans(job.sourceNode, job.pre);
1639+ /** Plain text. @type {string} */
1640+ var source = sourceAndSpans.sourceCode;
1641+ job.sourceCode = source;
1642+ job.spans = sourceAndSpans.spans;
1643+ job.basePos = 0;
1644+
1645+ // Apply the appropriate language handler
1646+ langHandlerForExtension(opt_langExtension, source)(job);
1647+
1648+ // Integrate the decorations and tags back into the source code,
1649+ // modifying the sourceNode in place.
1650+ recombineTagsAndDecorations(job);
1651+ } catch (e) {
1652+ if (win['console']) {
1653+ console['log'](e && e['stack'] ? e['stack'] : e);
1654+ }
1655+ }
1656+ }
1657+
1658+ /**
1659+ * @param sourceCodeHtml {string} The HTML to pretty print.
1660+ * @param opt_langExtension {string} The language name to use.
1661+ * Typically, a filename extension like 'cpp' or 'java'.
1662+ * @param opt_numberLines {number|boolean} True to number lines,
1663+ * or the 1-indexed number of the first line in sourceCodeHtml.
1664+ */
1665+ function prettyPrintOne(sourceCodeHtml, opt_langExtension, opt_numberLines) {
1666+ var container = document.createElement('pre');
1667+ // This could cause images to load and onload listeners to fire.
1668+ // E.g. <img onerror="alert(1337)" src="nosuchimage.png">.
1669+ // We assume that the inner HTML is from a trusted source.
1670+ container.innerHTML = sourceCodeHtml;
1671+ if (opt_numberLines) {
1672+ numberLines(container, opt_numberLines, true);
1673+ }
1674+
1675+ var job = {
1676+ langExtension: opt_langExtension,
1677+ numberLines: opt_numberLines,
1678+ sourceNode: container,
1679+ pre: 1
1680+ };
1681+ applyDecorator(job);
1682+ return container.innerHTML;
1683+ }
1684+
1685+ function prettyPrint(opt_whenDone) {
1686+ function byTagName(tn) { return document.getElementsByTagName(tn); }
1687+ // fetch a list of nodes to rewrite
1688+ var codeSegments = [byTagName('pre'), byTagName('code'), byTagName('xmp')];
1689+ var elements = [];
1690+ for (var i = 0; i < codeSegments.length; ++i) {
1691+ for (var j = 0, n = codeSegments[i].length; j < n; ++j) {
1692+ elements.push(codeSegments[i][j]);
1693+ }
1694+ }
1695+ codeSegments = null;
1696+
1697+ var clock = Date;
1698+ if (!clock['now']) {
1699+ clock = { 'now': function () { return +(new Date); } };
1700+ }
1701+
1702+ // The loop is broken into a series of continuations to make sure that we
1703+ // don't make the browser unresponsive when rewriting a large page.
1704+ var k = 0;
1705+ var prettyPrintingJob;
1706+
1707+ var langExtensionRe = /\blang(?:uage)?-([\w.]+)(?!\S)/;
1708+ var prettyPrintRe = /\bprettyprint\b/;
1709+ var prettyPrintedRe = /\bprettyprinted\b/;
1710+ var preformattedTagNameRe = /pre|xmp/i;
1711+ var codeRe = /^code$/i;
1712+ var preCodeXmpRe = /^(?:pre|code|xmp)$/i;
1713+
1714+ function doWork() {
1715+ var endTime = (win['PR_SHOULD_USE_CONTINUATION'] ?
1716+ clock['now']() + 250 /* ms */ :
1717+ Infinity);
1718+ for (; k < elements.length && clock['now']() < endTime; k++) {
1719+ var cs = elements[k];
1720+ var className = cs.className;
1721+ if (prettyPrintRe.test(className)
1722+ // Don't redo this if we've already done it.
1723+ // This allows recalling pretty print to just prettyprint elements
1724+ // that have been added to the page since last call.
1725+ && !prettyPrintedRe.test(className)) {
1726+
1727+ // make sure this is not nested in an already prettified element
1728+ var nested = false;
1729+ for (var p = cs.parentNode; p; p = p.parentNode) {
1730+ var tn = p.tagName;
1731+ if (preCodeXmpRe.test(tn)
1732+ && p.className && prettyPrintRe.test(p.className)) {
1733+ nested = true;
1734+ break;
1735+ }
1736+ }
1737+ if (!nested) {
1738+ // Mark done. If we fail to prettyprint for whatever reason,
1739+ // we shouldn't try again.
1740+ cs.className += ' prettyprinted';
1741+
1742+ // If the classes includes a language extensions, use it.
1743+ // Language extensions can be specified like
1744+ // <pre class="prettyprint lang-cpp">
1745+ // the language extension "cpp" is used to find a language handler
1746+ // as passed to PR.registerLangHandler.
1747+ // HTML5 recommends that a language be specified using "language-"
1748+ // as the prefix instead. Google Code Prettify supports both.
1749+ // http://dev.w3.org/html5/spec-author-view/the-code-element.html
1750+ var langExtension = className.match(langExtensionRe);
1751+ // Support <pre class="prettyprint"><code class="language-c">
1752+ var wrapper;
1753+ if (!langExtension && (wrapper = childContentWrapper(cs))
1754+ && codeRe.test(wrapper.tagName)) {
1755+ langExtension = wrapper.className.match(langExtensionRe);
1756+ }
1757+
1758+ if (langExtension) { langExtension = langExtension[1]; }
1759+
1760+ var preformatted;
1761+ if (preformattedTagNameRe.test(cs.tagName)) {
1762+ preformatted = 1;
1763+ } else {
1764+ var currentStyle = cs['currentStyle'];
1765+ var whitespace = (
1766+ currentStyle
1767+ ? currentStyle['whiteSpace']
1768+ : (document.defaultView
1769+ && document.defaultView.getComputedStyle)
1770+ ? document.defaultView.getComputedStyle(cs, null)
1771+ .getPropertyValue('white-space')
1772+ : 0);
1773+ preformatted = whitespace
1774+ && 'pre' === whitespace.substring(0, 3);
1775+ }
1776+
1777+ // Look for a class like linenums or linenums:<n> where <n> is the
1778+ // 1-indexed number of the first line.
1779+ var lineNums = cs.className.match(/\blinenums\b(?::(\d+))?/);
1780+ lineNums = lineNums
1781+ ? lineNums[1] && lineNums[1].length ? +lineNums[1] : true
1782+ : false;
1783+ if (lineNums) { numberLines(cs, lineNums, preformatted); }
1784+
1785+ // do the pretty printing
1786+ prettyPrintingJob = {
1787+ langExtension: langExtension,
1788+ sourceNode: cs,
1789+ numberLines: lineNums,
1790+ pre: preformatted
1791+ };
1792+ applyDecorator(prettyPrintingJob);
1793+ }
1794+ }
1795+ }
1796+ if (k < elements.length) {
1797+ // finish up in a continuation
1798+ setTimeout(doWork, 250);
1799+ } else if (opt_whenDone) {
1800+ opt_whenDone();
1801+ }
1802+ }
1803+
1804+ doWork();
1805+ }
1806+
1807+ /**
1808+ * Contains functions for creating and registering new language handlers.
1809+ * @type {Object}
1810+ */
1811+ var PR = win['PR'] = {
1812+ 'createSimpleLexer': createSimpleLexer,
1813+ 'registerLangHandler': registerLangHandler,
1814+ 'sourceDecorator': sourceDecorator,
1815+ 'PR_ATTRIB_NAME': PR_ATTRIB_NAME,
1816+ 'PR_ATTRIB_VALUE': PR_ATTRIB_VALUE,
1817+ 'PR_COMMENT': PR_COMMENT,
1818+ 'PR_DECLARATION': PR_DECLARATION,
1819+ 'PR_KEYWORD': PR_KEYWORD,
1820+ 'PR_LITERAL': PR_LITERAL,
1821+ 'PR_NOCODE': PR_NOCODE,
1822+ 'PR_PLAIN': PR_PLAIN,
1823+ 'PR_PUNCTUATION': PR_PUNCTUATION,
1824+ 'PR_SOURCE': PR_SOURCE,
1825+ 'PR_STRING': PR_STRING,
1826+ 'PR_TAG': PR_TAG,
1827+ 'PR_TYPE': PR_TYPE,
1828+ 'prettyPrintOne': win['prettyPrintOne'] = prettyPrintOne,
1829+ 'prettyPrint': win['prettyPrint'] = prettyPrint
1830+ };
1831+
1832+
1833+/* Register Lua syntaxes */
1834+ PR['registerLangHandler'](
1835+ PR['createSimpleLexer'](
1836+ [
1837+ // Whitespace
1838+ [PR['PR_PLAIN'], /^[\t\n\r \xA0]+/, null, '\t\n\r \xA0'],
1839+ // A double or single quoted, possibly multi-line, string.
1840+ [PR['PR_STRING'], /^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/, null, '"\'']
1841+ ],
1842+ [
1843+ // A comment is either a line comment that starts with two dashes, or
1844+ // two dashes preceding a long bracketed block.
1845+ [PR['PR_COMMENT'], /^--(?:\[(=*)\[[\s\S]*?(?:\]\1\]|$)|[^\r\n]*)/],
1846+ [PR['PR_TYPE'], /^nil|false|true/],
1847+ // A long bracketed block not preceded by -- is a string.
1848+ [PR['PR_STRING'], /^\[(=*)\[[\s\S]*?(?:\]\1\]|$)/],
1849+ [PR['PR_KEYWORD'], /^(?:and|break|do|else|elseif|end|for|function|if|in|local|not|or|repeat|require|return|then|until|while)\b/, null],
1850+ // A number is a hex integer literal, a decimal real literal, or in
1851+ // scientific notation.
1852+ [PR['PR_LITERAL'],
1853+ /^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],
1854+ // An identifier
1855+ [PR['PR_PLAIN'], /^[a-z_]\w*/i],
1856+ // A run of punctuation
1857+ [PR['PR_PUNCTUATION'], /^[^\w\t\n\r \xA0][^\w\t\n\r \xA0\"\'\-\+=]*/]
1858+ ]),
1859+ ['lua']);
1860+
1861+
1862+ // Make PR available via the Asynchronous Module Definition (AMD) API.
1863+ // Per https://github.com/amdjs/amdjs-api/wiki/AMD:
1864+ // The Asynchronous Module Definition (AMD) API specifies a
1865+ // mechanism for defining modules such that the module and its
1866+ // dependencies can be asynchronously loaded.
1867+ // ...
1868+ // To allow a clear indicator that a global define function (as
1869+ // needed for script src browser loading) conforms to the AMD API,
1870+ // any global define function SHOULD have a property called "amd"
1871+ // whose value is an object. This helps avoid conflict with any
1872+ // other existing JavaScript code that could have defined a define()
1873+ // function that does not conform to the AMD API.
1874+ if (typeof define === "function" && define['amd']) {
1875+ define("google-code-prettify", [], function () {
1876+ return PR;
1877+ });
1878+ }
1879+})();
1880diff --git a/docs/manual/style/scripts/prettify.min.js b/docs/manual/style/scripts/prettify.min.js
1881new file mode 100644
1882index 0000000..adb92be
1883--- /dev/null
1884+++ b/docs/manual/style/scripts/prettify.min.js
1885@@ -0,0 +1,123 @@
1886+// see prettify.js for copyright, license and expanded version
1887+window['PR_SHOULD_USE_CONTINUATION']=true;var prettyPrintOne;var prettyPrint;(function(){var win=window;var FLOW_CONTROL_KEYWORDS=["break,continue,do,else,for,if,return,while"];var C_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"auto,case,char,const,default,"+"double,enum,extern,float,goto,int,long,register,short,signed,sizeof,module,"+"static,struct,switch,typedef,union,unsigned,void,volatile"];var COMMON_KEYWORDS=[C_KEYWORDS,"catch,class,delete,false,import,"+"new,operator,private,protected,public,this,throw,true,try,typeof"];var CPP_KEYWORDS=[COMMON_KEYWORDS,"alignof,align_union,asm,axiom,bool,"+"concept,concept_map,const_cast,constexpr,decltype,"+"dynamic_cast,explicit,export,friend,inline,late_check,"+"mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast,"+"template,typeid,typename,using,virtual,where,request_req"];var JAVA_KEYWORDS=[COMMON_KEYWORDS,"abstract,boolean,byte,extends,final,finally,implements,import,"+"instanceof,null,native,package,strictfp,super,synchronized,throws,"+"transient"];var CSHARP_KEYWORDS=[JAVA_KEYWORDS,"as,base,by,checked,decimal,delegate,descending,dynamic,event,"+"fixed,foreach,from,group,implicit,in,interface,internal,into,is,let,"+"lock,object,out,override,orderby,params,partial,readonly,ref,sbyte,"+"sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,"+"var,virtual,where"];var COFFEE_KEYWORDS="all,and,by,catch,class,else,extends,false,finally,"+"for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,"+"throw,true,try,unless,until,when,while,yes";var JSCRIPT_KEYWORDS=[COMMON_KEYWORDS,"debugger,eval,export,function,get,null,set,undefined,var,with,"+"Infinity,NaN"];var PERL_KEYWORDS="caller,delete,die,do,dump,else,elsif,eval,exit,foreach,for,"+"goto,if,import,last,local,my,next,no,our,print,printf,package,redo,require,"+"sub,undef,unless,until,use,wantarray,while,BEGIN,END";var PHP_KEYWORDS="abstract,and,array,as,break,case,catch,cfunction,class,"+"clone,const,continue,declare,default,do,else,elseif,enddeclare,endfor,"+"endforeach,endif,endswitch,endwhile,extends,final,for,foreach,function,"+"global,goto,if,implements,interface,instanceof,namespace,new,old_function,"+"or,private,protected,public,static,switch,throw,try,use,var,while,xor,"+"die,echo,empty,exit,eval,include,include_once,isset,list,require,"+"require_once,return,print,unset";var PYTHON_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"and,as,assert,class,def,del,"+"elif,except,exec,finally,from,global,import,in,is,lambda,"+"nonlocal,not,or,pass,print,raise,try,with,yield,"+"False,True,None"];var RUBY_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"alias,and,begin,case,class,"+"def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,"+"rescue,retry,self,super,then,true,undef,unless,until,when,yield,"+"BEGIN,END"];var SH_KEYWORDS=[FLOW_CONTROL_KEYWORDS,"case,done,elif,esac,eval,fi,"+"function,in,local,set,then,until,echo"];var CONFIG_ENVS=["User-Agent,HTTP_USER_AGENT,HTTP_REFERER,HTTP_COOKIE,HTTP_FORWARDED,HTTP_HOST,HTTP_PROXY_CONNECTION,HTTP_ACCEPT,REMOTE_ADDR,REMOTE_HOST,REMOTE_PORT,REMOTE_USER,REMOTE_IDENT,REQUEST_METHOD,SCRIPT_FILENAME,PATH_INFO,QUERY_STRING,AUTH_TYPE,DOCUMENT_ROOT,SERVER_ADMIN,SERVER_NAME,SERVER_ADDR,SERVER_PORT,SERVER_PROTOCOL,SERVER_SOFTWARE,TIME_YEAR,TIME_MON,TIME_DAY,TIME_HOUR,TIME_MIN,TIME_SEC,TIME_WDAY,TIME,API_VERSION,THE_REQUEST,REQUEST_URI,REQUEST_FILENAME,IS_SUBREQ,HTTPS,REQUEST_SCHEME"];var CONFIG_KEYWORDS=["AcceptFilter,AcceptPathInfo,AccessFileName,Action,AddAlt,AddAltByEncoding,AddAltByType,AddCharset,AddDefaultCharset,AddDescription,AddEncoding,AddHandler,AddIcon,AddIconByEncoding,AddIconByType,AddInputFilter,AddLanguage,AddModuleInfo,AddOutputFilter,AddOutputFilterByType,AddType,Alias,AliasMatch,Allow,AllowCONNECT,AllowEncodedSlashes,AllowMethods,AllowOverride,AllowOverrideList,Anonymous,Anonymous_LogEmail,Anonymous_MustGiveEmail,Anonymous_NoUserID,Anonymous_VerifyEmail,AsyncRequestWorkerFactor,AuthBasicAuthoritative,AuthBasicFake,AuthBasicProvider,AuthBasicUseDigestAlgorithm,AuthDBDUserPWQuery,AuthDBDUserRealmQuery,AuthDBMGroupFile,AuthDBMType,AuthDBMUserFile,AuthDigestAlgorithm,AuthDigestDomain,AuthDigestNonceLifetime,AuthDigestProvider,AuthDigestQop,AuthDigestShmemSize,AuthFormAuthoritative,AuthFormBody,AuthFormDisableNoStore,AuthFormFakeBasicAuth,AuthFormLocation,AuthFormLoginRequiredLocation,AuthFormLoginSuccessLocation,AuthFormLogoutLocation,AuthFormMethod,AuthFormMimetype,AuthFormPassword,AuthFormProvider,AuthFormSitePassphrase,AuthFormSize,AuthFormUsername,AuthGroupFile,AuthLDAPAuthorizePrefix,AuthLDAPBindAuthoritative,AuthLDAPBindDN,AuthLDAPBindPassword,AuthLDAPCharsetConfig,AuthLDAPCompareAsUser,AuthLDAPCompareDNOnServer,AuthLDAPDereferenceAliases,AuthLDAPGroupAttribute,AuthLDAPGroupAttributeIsDN,AuthLDAPInitialBindAsUser,AuthLDAPInitialBindPattern,AuthLDAPMaxSubGroupDepth,AuthLDAPRemoteUserAttribute,AuthLDAPRemoteUserIsDN,AuthLDAPSearchAsUser,AuthLDAPSubGroupAttribute,AuthLDAPSubGroupClass,AuthLDAPUrl,AuthMerging,AuthName,AuthnCacheContext,AuthnCacheEnable,AuthnCacheProvideFor,AuthnCacheSOCache,AuthnCacheTimeout,<AuthnProviderAlias>,AuthnzFcgiCheckAuthnProvider,AuthnzFcgiDefineProvider,AuthType,AuthUserFile,AuthzDBDLoginToReferer,AuthzDBDQuery,AuthzDBDRedirectQuery,AuthzDBMType,<AuthzProviderAlias>,AuthzSendForbiddenOnFailure,BalancerGrowth,BalancerInherit,BalancerMember,BalancerPersist,BrotliAlterETag,BrotliCompressionMaxInputBlock,BrotliCompressionQuality,BrotliCompressionWindow,BrotliFilterNote,BrowserMatch,BrowserMatchNoCase,BufferedLogs,BufferSize,CacheDefaultExpire,CacheDetailHeader,CacheDirLength,CacheDirLevels,CacheDisable,CacheEnable,CacheFile,CacheHeader,CacheIgnoreCacheControl,CacheIgnoreHeaders,CacheIgnoreNoLastMod,CacheIgnoreQueryString,CacheIgnoreURLSessionIdentifiers,CacheKeyBaseURL,CacheLastModifiedFactor,CacheLock,CacheLockMaxAge,CacheLockPath,CacheMaxExpire,CacheMaxFileSize,CacheMinExpire,CacheMinFileSize,CacheNegotiatedDocs,CacheQuickHandler,CacheReadSize,CacheReadTime,CacheRoot,CacheSocache,CacheSocacheMaxSize,CacheSocacheMaxTime,CacheSocacheMinTime,CacheSocacheReadSize,CacheSocacheReadTime,CacheStaleOnError,CacheStoreExpired,CacheStoreNoStore,CacheStorePrivate,CGIDScriptTimeout,CGIMapExtension,CGIPassAuth,CGIVar,CharsetDefault,CharsetOptions,CharsetSourceEnc,CheckCaseOnly,CheckSpelling,ChrootDir,ContentDigest,CookieDomain,CookieExpires,CookieName,CookieStyle,CookieTracking,CoreDumpDirectory,CustomLog,Dav,DavDepthInfinity,DavGenericLockDB,DavLockDB,DavMinTimeout,DBDExptime,DBDInitSQL,DBDKeep,DBDMax,DBDMin,DBDParams,DBDPersist,DBDPrepareSQL,DBDriver,DefaultIcon,DefaultLanguage,DefaultRuntimeDir,DefaultType,Define,DeflateBufferSize,DeflateCompressionLevel,DeflateFilterNote,DeflateInflateLimitRequestBody,DeflateInflateRatioBurst,DeflateInflateRatioLimit,DeflateMemLevel,DeflateWindowSize,Deny,<Directory>,DirectoryCheckHandler,DirectoryIndex,DirectoryIndexRedirect,<DirectoryMatch>,DirectorySlash,DocumentRoot,DTracePrivileges,DumpIOInput,DumpIOOutput,<Else>,<ElseIf>,EnableExceptionHook,EnableMMAP,EnableSendfile,Error,ErrorDocument,ErrorLog,ErrorLogFormat,Example,ExpiresActive,ExpiresByType,ExpiresDefault,ExtendedStatus,ExtFilterDefine,ExtFilterOptions,FallbackResource,FileETag,<Files>,<FilesMatch>,FilterChain,FilterDeclare,FilterProtocol,FilterProvider,FilterTrace,ForceLanguagePriority,ForceType,ForensicLog,GlobalLog,GprofDir,GracefulShutdownTimeout,Group,H2CopyFiles,H2Direct,H2EarlyHints,H2MaxSessionStreams,H2MaxWorkerIdleSeconds,H2MaxWorkers,H2MinWorkers,H2ModernTLSOnly,H2Push,H2PushDiarySize,H2PushPriority,H2PushResource,H2SerializeHeaders,H2StreamMaxMemSize,H2TLSCoolDownSecs,H2TLSWarmUpSize,H2Upgrade,H2WindowSize,Header,HeaderName,HeartbeatAddress,HeartbeatListen,HeartbeatMaxServers,HeartbeatStorage,HeartbeatStorage,HostnameLookups,HttpProtocolOptions,IdentityCheck,IdentityCheckTimeout,<If>,<IfDefine>,<IfModule>,<IfVersion>,ImapBase,ImapDefault,ImapMenu,Include,IncludeOptional,IndexHeadInsert,IndexIgnore,IndexIgnoreReset,IndexOptions,IndexOrderDefault,IndexStyleSheet,InputSed,ISAPIAppendLogToErrors,ISAPIAppendLogToQuery,ISAPICacheFile,ISAPIFakeAsync,ISAPILogNotSupported,ISAPIReadAheadBuffer,KeepAlive,KeepAliveTimeout,KeptBodySize,LanguagePriority,LDAPCacheEntries,LDAPCacheTTL,LDAPConnectionPoolTTL,LDAPConnectionTimeout,LDAPLibraryDebug,LDAPOpCacheEntries,LDAPOpCacheTTL,LDAPReferralHopLimit,LDAPReferrals,LDAPRetries,LDAPRetryDelay,LDAPSharedCacheFile,LDAPSharedCacheSize,LDAPTimeout,LDAPTrustedClientCert,LDAPTrustedGlobalCert,LDAPTrustedMode,LDAPVerifyServerCert,<Limit>,<LimitExcept>,LimitInternalRecursion,LimitRequestBody,LimitRequestFields,LimitRequestFieldSize,LimitRequestLine,LimitXMLRequestBody,Listen,ListenBackLog,ListenCoresBucketsRatio,LoadFile,LoadModule,<Location>,<LocationMatch>,LogFormat,LogIOTrackTTFB,LogLevel,LogMessage,LuaAuthzProvider,LuaCodeCache,LuaHookAccessChecker,LuaHookAuthChecker,LuaHookCheckUserID,LuaHookFixups,LuaHookInsertFilter,LuaHookLog,LuaHookMapToStorage,LuaHookTranslateName,LuaHookTypeChecker,LuaInherit,LuaInputFilter,LuaMapHandler,LuaOutputFilter,LuaPackageCPath,LuaPackagePath,LuaQuickHandler,LuaRoot,LuaScope,<Macro>,MaxConnectionsPerChild,MaxKeepAliveRequests,MaxMemFree,MaxRangeOverlaps,MaxRangeReversals,MaxRanges,MaxRequestWorkers,MaxSpareServers,MaxSpareThreads,MaxThreads,MemcacheConnTTL,MergeTrailers,MetaDir,MetaFiles,MetaSuffix,MimeMagicFile,MinSpareServers,MinSpareThreads,MMapFile,ModemStandard,ModMimeUsePathInfo,MultiviewsMatch,Mutex,NameVirtualHost,NoProxy,NWSSLTrustedCerts,NWSSLUpgradeable,Options,Order,OutputSed,PassEnv,PidFile,PrivilegesMode,Protocol,ProtocolEcho,Protocols,ProtocolsHonorOrder,<Proxy>,ProxyAddHeaders,ProxyBadHeader,ProxyBlock,ProxyDomain,ProxyErrorOverride,ProxyExpressDBMFile,ProxyExpressDBMType,ProxyExpressEnable,ProxyFCGIBackendType,ProxyFCGISetEnvIf,ProxyFtpDirCharset,ProxyFtpEscapeWildcards,ProxyFtpListOnWildcard,ProxyHCExpr,ProxyHCTemplate,ProxyHCTPsize,ProxyHTMLBufSize,ProxyHTMLCharsetOut,ProxyHTMLDocType,ProxyHTMLEnable,ProxyHTMLEvents,ProxyHTMLExtended,ProxyHTMLFixups,ProxyHTMLInterp,ProxyHTMLLinks,ProxyHTMLMeta,ProxyHTMLStripComments,ProxyHTMLURLMap,ProxyIOBufferSize,<ProxyMatch>,ProxyMaxForwards,ProxyPass,ProxyPassInherit,ProxyPassInterpolateEnv,ProxyPassMatch,ProxyPassReverse,ProxyPassReverseCookieDomain,ProxyPassReverseCookiePath,ProxyPreserveHost,ProxyReceiveBufferSize,ProxyRemote,ProxyRemoteMatch,ProxyRequests,ProxySCGIInternalRedirect,ProxySCGISendfile,ProxySet,ProxySourceAddress,ProxyStatus,ProxyTimeout,ProxyVia,QualifyRedirectURL,ReadmeName,ReceiveBufferSize,Redirect,RedirectMatch,RedirectPermanent,RedirectTemp,ReflectorHeader,RegisterHttpMethod,RemoteIPHeader,RemoteIPInternalProxy,RemoteIPInternalProxyList,RemoteIPProxiesHeader,RemoteIPTrustedProxy,RemoteIPTrustedProxyList,RemoveCharset,RemoveEncoding,RemoveHandler,RemoveInputFilter,RemoveLanguage,RemoveOutputFilter,RemoveType,RequestHeader,RequestReadTimeout,Require,<RequireAll>,<RequireAny>,<RequireNone>,RewriteBase,RewriteCond,RewriteEngine,RewriteMap,RewriteOptions,RewriteRule,RLimitCPU,RLimitMEM,RLimitNPROC,Satisfy,ScoreBoardFile,Script,ScriptAlias,ScriptAliasMatch,ScriptInterpreterSource,ScriptLog,ScriptLogBuffer,ScriptLogLength,ScriptSock,SecureListen,SeeRequestTail,SendBufferSize,ServerAdmin,ServerAlias,ServerLimit,ServerName,ServerPath,ServerRoot,ServerSignature,ServerTokens,Session,SessionCookieName,SessionCookieName2,SessionCookieRemove,SessionCryptoCipher,SessionCryptoDriver,SessionCryptoPassphrase,SessionCryptoPassphraseFile,SessionDBDCookieName,SessionDBDCookieName2,SessionDBDCookieRemove,SessionDBDDeleteLabel,SessionDBDInsertLabel,SessionDBDPerUser,SessionDBDSelectLabel,SessionDBDUpdateLabel,SessionEnv,SessionExclude,SessionHeader,SessionInclude,SessionMaxAge,SetEnv,SetEnvIf,SetEnvIfExpr,SetEnvIfNoCase,SetHandler,SetInputFilter,SetOutputFilter,SSIEndTag,SSIErrorMsg,SSIETag,SSILastModified,SSILegacyExprParser,SSIStartTag,SSITimeFormat,SSIUndefinedEcho,SSLCACertificateFile,SSLCACertificatePath,SSLCADNRequestFile,SSLCADNRequestPath,SSLCARevocationCheck,SSLCARevocationFile,SSLCARevocationPath,SSLCertificateChainFile,SSLCertificateFile,SSLCertificateKeyFile,SSLCipherSuite,SSLCompression,SSLCryptoDevice,SSLEngine,SSLFIPS,SSLHonorCipherOrder,SSLInsecureRenegotiation,SSLOCSPDefaultResponder,SSLOCSPEnable,SSLOCSPNoverify,SSLOCSPOverrideResponder,SSLOCSPProxyURL,SSLOCSPResponderCertificateFile,SSLOCSPResponderTimeout,SSLOCSPResponseMaxAge,SSLOCSPResponseTimeSkew,SSLOCSPUseRequestNonce,SSLOpenSSLConfCmd,SSLOptions,SSLPassPhraseDialog,SSLProtocol,SSLProxyCACertificateFile,SSLProxyCACertificatePath,SSLProxyCARevocationCheck,SSLProxyCARevocationFile,SSLProxyCARevocationPath,SSLProxyCheckPeerCN,SSLProxyCheckPeerExpire,SSLProxyCheckPeerName,SSLProxyCipherSuite,SSLProxyEngine,SSLProxyMachineCertificateChainFile,SSLProxyMachineCertificateFile,SSLProxyMachineCertificatePath,SSLProxyProtocol,SSLProxyVerify,SSLProxyVerifyDepth,SSLRandomSeed,SSLRenegBufferSize,SSLRequire,SSLRequireSSL,SSLSessionCache,SSLSessionCacheTimeout,SSLSessionTicketKeyFile,SSLSessionTickets,SSLSRPUnknownUserSeed,SSLSRPVerifierFile,SSLStaplingCache,SSLStaplingErrorCacheTimeout,SSLStaplingFakeTryLater,SSLStaplingForceURL,SSLStaplingResponderTimeout,SSLStaplingResponseMaxAge,SSLStaplingResponseTimeSkew,SSLStaplingReturnResponderErrors,SSLStaplingStandardCacheTimeout,SSLStrictSNIVHostCheck,SSLUserName,SSLUseStapling,SSLVerifyClient,SSLVerifyDepth,StartServers,StartThreads,Substitute,SubstituteInheritBefore,SubstituteMaxLineLength,Suexec,SuexecUserGroup,ThreadLimit,ThreadsPerChild,ThreadStackSize,TimeOut,TraceEnable,TransferLog,TypesConfig,UnDefine,UndefMacro,UnsetEnv,Use,UseCanonicalName,UseCanonicalPhysicalPort,User,UserDir,VHostCGIMode,VHostCGIPrivs,VHostGroup,VHostPrivs,VHostSecure,VHostUser,VirtualDocumentRoot,VirtualDocumentRootIP,<VirtualHost>,VirtualScriptAlias,VirtualScriptAliasIP,WatchdogInterval,XBitHack,xml2EncAlias,xml2EncDefault,xml2StartParse"];var CONFIG_OPTIONS=/^[\\+\\-]?(AuthConfig|IncludesNOEXEC|ExecCGI|FollowSymLinks|MultiViews|Includes|Indexes|SymLinksIfOwnerMatch)\b/i;var ALL_KEYWORDS=[CPP_KEYWORDS,CSHARP_KEYWORDS,JSCRIPT_KEYWORDS,PERL_KEYWORDS+
1888+PYTHON_KEYWORDS,RUBY_KEYWORDS,SH_KEYWORDS,CONFIG_KEYWORDS,PHP_KEYWORDS];var C_TYPES=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float|char|void|const|static|struct)\d*(_t)?\b)|[a-z_]+_rec|cmd_parms\b/;var PR_STRING='str';var PR_KEYWORD='kwd';var PR_COMMENT='com';var PR_TYPE='typ';var PR_LITERAL='lit';var PR_PUNCTUATION='pun';var PR_PLAIN='pln';var PR_TAG='tag';var PR_DECLARATION='dec';var PR_SOURCE='src';var PR_ATTRIB_NAME='atn';var PR_ATTRIB_VALUE='atv';var PR_NOCODE='nocode';var REGEXP_PRECEDER_PATTERN='(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*';function combinePrefixPatterns(regexs){var capturedGroupIndex=0;var needToFoldCase=false;var ignoreCase=false;for(var i=0,n=regexs.length;i<n;++i){var regex=regexs[i];if(regex.ignoreCase){ignoreCase=true;}else if(/[a-z]/i.test(regex.source.replace(/\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi,''))){needToFoldCase=true;ignoreCase=false;break;}}
1889+var escapeCharToCodeUnit={'b':8,'t':9,'n':0xa,'v':0xb,'f':0xc,'r':0xd};function decodeEscape(charsetPart){var cc0=charsetPart.charCodeAt(0);if(cc0!==92){return cc0;}
1890+var c1=charsetPart.charAt(1);cc0=escapeCharToCodeUnit[c1];if(cc0){return cc0;}else if('0'<=c1&&c1<='7'){return parseInt(charsetPart.substring(1),8);}else if(c1==='u'||c1==='x'){return parseInt(charsetPart.substring(2),16);}else{return charsetPart.charCodeAt(1);}}
1891+function encodeEscape(charCode){if(charCode<0x20){return(charCode<0x10?'\\x0':'\\x')+charCode.toString(16);}
1892+var ch=String.fromCharCode(charCode);return(ch==='\\'||ch==='-'||ch===']'||ch==='^')?"\\"+ch:ch;}
1893+function caseFoldCharset(charSet){var charsetParts=charSet.substring(1,charSet.length-1).match(new RegExp('\\\\u[0-9A-Fa-f]{4}'
1894++'|\\\\x[0-9A-Fa-f]{2}'
1895++'|\\\\[0-3][0-7]{0,2}'
1896++'|\\\\[0-7]{1,2}'
1897++'|\\\\[\\s\\S]'
1898++'|-'
1899++'|[^-\\\\]','g'));var ranges=[];var inverse=charsetParts[0]==='^';var out=['['];if(inverse){out.push('^');}
1900+for(var i=inverse?1:0,n=charsetParts.length;i<n;++i){var p=charsetParts[i];if(/\\[bdsw]/i.test(p)){out.push(p);}else{var start=decodeEscape(p);var end;if(i+2<n&&'-'===charsetParts[i+1]){end=decodeEscape(charsetParts[i+2]);i+=2;}else{end=start;}
1901+ranges.push([start,end]);if(!(end<65||start>122)){if(!(end<65||start>90)){ranges.push([Math.max(65,start)|32,Math.min(end,90)|32]);}
1902+if(!(end<97||start>122)){ranges.push([Math.max(97,start)&~32,Math.min(end,122)&~32]);}}}}
1903+ranges.sort(function(a,b){return(a[0]-b[0])||(b[1]-a[1]);});var consolidatedRanges=[];var lastRange=[];for(var i=0;i<ranges.length;++i){var range=ranges[i];if(range[0]<=lastRange[1]+1){lastRange[1]=Math.max(lastRange[1],range[1]);}else{consolidatedRanges.push(lastRange=range);}}
1904+for(var i=0;i<consolidatedRanges.length;++i){var range=consolidatedRanges[i];out.push(encodeEscape(range[0]));if(range[1]>range[0]){if(range[1]+1>range[0]){out.push('-');}
1905+out.push(encodeEscape(range[1]));}}
1906+out.push(']');return out.join('');}
1907+function allowAnywhereFoldCaseAndRenumberGroups(regex){var parts=regex.source.match(new RegExp('(?:'
1908++'\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]'
1909++'|\\\\u[A-Fa-f0-9]{4}'
1910++'|\\\\x[A-Fa-f0-9]{2}'
1911++'|\\\\[0-9]+'
1912++'|\\\\[^ux0-9]'
1913++'|\\(\\?[:!=]'
1914++'|[\\(\\)\\^]'
1915++'|[^\\x5B\\x5C\\(\\)\\^]+'
1916++')','g'));var n=parts.length;var capturedGroups=[];for(var i=0,groupIndex=0;i<n;++i){var p=parts[i];if(p==='('){++groupIndex;}else if('\\'===p.charAt(0)){var decimalValue=+p.substring(1);if(decimalValue){if(decimalValue<=groupIndex){capturedGroups[decimalValue]=-1;}else{parts[i]=encodeEscape(decimalValue);}}}}
1917+for(var i=1;i<capturedGroups.length;++i){if(-1===capturedGroups[i]){capturedGroups[i]=++capturedGroupIndex;}}
1918+for(var i=0,groupIndex=0;i<n;++i){var p=parts[i];if(p==='('){++groupIndex;if(!capturedGroups[groupIndex]){parts[i]='(?:';}}else if('\\'===p.charAt(0)){var decimalValue=+p.substring(1);if(decimalValue&&decimalValue<=groupIndex){parts[i]='\\'+capturedGroups[decimalValue];}}}
1919+for(var i=0;i<n;++i){if('^'===parts[i]&&'^'!==parts[i+1]){parts[i]='';}}
1920+if(regex.ignoreCase&&needToFoldCase){for(var i=0;i<n;++i){var p=parts[i];var ch0=p.charAt(0);if(p.length>=2&&ch0==='['){parts[i]=caseFoldCharset(p);}else if(ch0!=='\\'){parts[i]=p.replace(/[a-zA-Z]/g,function(ch){var cc=ch.charCodeAt(0);return'['+String.fromCharCode(cc&~32,cc|32)+']';});}}}
1921+return parts.join('');}
1922+var rewritten=[];for(var i=0,n=regexs.length;i<n;++i){var regex=regexs[i];if(regex.global||regex.multiline){throw new Error(''+regex);}
1923+rewritten.push('(?:'+allowAnywhereFoldCaseAndRenumberGroups(regex)+')');}
1924+return new RegExp(rewritten.join('|'),ignoreCase?'gi':'g');}
1925+function extractSourceSpans(node,isPreformatted){var nocode=/(?:^|\s)nocode(?:\s|$)/;var chunks=[];var length=0;var spans=[];var k=0;function walk(node){switch(node.nodeType){case 1:if(nocode.test(node.className)){return;}
1926+for(var child=node.firstChild;child;child=child.nextSibling){walk(child);}
1927+var nodeName=node.nodeName.toLowerCase();if('br'===nodeName||'li'===nodeName){chunks[k]='\n';spans[k<<1]=length++;spans[(k++<<1)|1]=node;}
1928+break;case 3:case 4:var text=node.nodeValue;if(text.length){if(!isPreformatted){text=text.replace(/[ \t\r\n]+/g,' ');}else{text=text.replace(/\r\n?/g,'\n');text=text.replace(/^(\r?\n\s*)+/g,'');text=text.replace(/^\s*/g,'');text=text.replace(/(\r?\n\s*)+$/g,'');}
1929+chunks[k]=text;spans[k<<1]=length;length+=text.length;spans[(k++<<1)|1]=node;}
1930+break;}}
1931+walk(node);return{sourceCode:chunks.join('').replace(/\n$/,''),spans:spans};}
1932+function appendDecorations(basePos,sourceCode,langHandler,out){if(!sourceCode){return;}
1933+var job={sourceCode:sourceCode,basePos:basePos};langHandler(job);out.push.apply(out,job.decorations);}
1934+var notWs=/\S/;function childContentWrapper(element){var wrapper=undefined;for(var c=element.firstChild;c;c=c.nextSibling){var type=c.nodeType;wrapper=(type===1)?(wrapper?element:c):(type===3)?(notWs.test(c.nodeValue)?element:wrapper):wrapper;}
1935+return wrapper===element?undefined:wrapper;}
1936+function createSimpleLexer(shortcutStylePatterns,fallthroughStylePatterns){var shortcuts={};var tokenizer;(function(){var allPatterns=shortcutStylePatterns.concat(fallthroughStylePatterns);var allRegexs=[];var regexKeys={};for(var i=0,n=allPatterns.length;i<n;++i){var patternParts=allPatterns[i];var shortcutChars=patternParts[3];if(shortcutChars){for(var c=shortcutChars.length;--c>=0;){shortcuts[shortcutChars.charAt(c)]=patternParts;}}
1937+var regex=patternParts[1];var k=''+regex;if(!regexKeys.hasOwnProperty(k)){allRegexs.push(regex);regexKeys[k]=null;}}
1938+allRegexs.push(/[\0-\uffff]/);tokenizer=combinePrefixPatterns(allRegexs);})();var nPatterns=fallthroughStylePatterns.length;var decorate=function(job){var sourceCode=job.sourceCode,basePos=job.basePos;var decorations=[basePos,PR_PLAIN];var pos=0;var tokens=sourceCode.match(tokenizer)||[];var styleCache={};for(var ti=0,nTokens=tokens.length;ti<nTokens;++ti){var token=tokens[ti];var style=styleCache[token];var match=void 0;var isEmbedded;if(typeof style==='string'){isEmbedded=false;}else{var patternParts=shortcuts[token.charAt(0)];if(patternParts){match=token.match(patternParts[1]);style=patternParts[0];}else{for(var i=0;i<nPatterns;++i){patternParts=fallthroughStylePatterns[i];match=token.match(patternParts[1]);if(match){style=patternParts[0];break;}}
1939+if(!match){style=PR_PLAIN;}}
1940+isEmbedded=style.length>=5&&'lang-'===style.substring(0,5);if(isEmbedded&&!(match&&typeof match[1]==='string')){isEmbedded=false;style=PR_SOURCE;}
1941+if(!isEmbedded){styleCache[token]=style;}}
1942+var tokenStart=pos;pos+=token.length;if(!isEmbedded){decorations.push(basePos+tokenStart,style);}else{var embeddedSource=match[1];var embeddedSourceStart=token.indexOf(embeddedSource);var embeddedSourceEnd=embeddedSourceStart+embeddedSource.length;if(match[2]){embeddedSourceEnd=token.length-match[2].length;embeddedSourceStart=embeddedSourceEnd-embeddedSource.length;}
1943+var lang=style.substring(5);appendDecorations(basePos+tokenStart,token.substring(0,embeddedSourceStart),decorate,decorations);appendDecorations(basePos+tokenStart+embeddedSourceStart,embeddedSource,langHandlerForExtension(lang,embeddedSource),decorations);appendDecorations(basePos+tokenStart+embeddedSourceEnd,token.substring(embeddedSourceEnd),decorate,decorations);}}
1944+job.decorations=decorations;};return decorate;}
1945+function sourceDecorator(options){var shortcutStylePatterns=[],fallthroughStylePatterns=[];if(options['tripleQuotedStrings']){shortcutStylePatterns.push([PR_STRING,/^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,null,'\'"']);}else if(options['multiLineStrings']){shortcutStylePatterns.push([PR_STRING,/^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,null,'\'"`']);}else{shortcutStylePatterns.push([PR_STRING,/^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,null,'"\'']);}
1946+if(options['verbatimStrings']){fallthroughStylePatterns.push([PR_STRING,/^@\"(?:[^\"]|\"\")*(?:\"|$)/,null]);}
1947+var hc=options['hashComments'];if(hc){if(options['cStyleComments']){if(hc>1){shortcutStylePatterns.push([PR_COMMENT,/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,null,'#']);}else{shortcutStylePatterns.push([PR_COMMENT,/^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\r\n]*)/,null,'#']);}
1948+fallthroughStylePatterns.push([PR_STRING,/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,null]);}else{shortcutStylePatterns.push([PR_COMMENT,/^#[^\r\n]*/,null,'#']);}}
1949+if(options['cStyleComments']){fallthroughStylePatterns.push([PR_COMMENT,/^\/\/[^\r\n]*/,null]);fallthroughStylePatterns.push([PR_COMMENT,/^\/\*[\s\S]*?(?:\*\/|$)/,null]);}
1950+if(options['regexLiterals']){var REGEX_LITERAL=('/(?=[^/*])'
1951++'(?:[^/\\x5B\\x5C]'
1952++'|\\x5C[\\s\\S]'
1953++'|\\x5B(?:[^\\x5C\\x5D]|\\x5C[\\s\\S])*(?:\\x5D|$))+'
1954++'/');fallthroughStylePatterns.push(['lang-regex',new RegExp('^'+REGEXP_PRECEDER_PATTERN+'('+REGEX_LITERAL+')')]);}
1955+var types=options['types'];if(types){fallthroughStylePatterns.push([PR_TYPE,types]);}
1956+if(options['strings']){var strings=(""+options['strings']).replace(/^ | $/g,'').replace(/-/g,'\\-');fallthroughStylePatterns.push([PR_STRING,new RegExp('(?:'+strings.replace(/[\s,]+/g,'|')+')'),,null]);}
1957+var keywords=(""+options['keywords']).replace(/^ | $/g,'');if(keywords.length){fallthroughStylePatterns.push([PR_KEYWORD,new RegExp('^(?:'+keywords.replace(/[\s,]+/g,'|')+')\\b'),null]);}
1958+shortcutStylePatterns.push([PR_PLAIN,/^\s+/,null,' \r\n\t\xA0']);if(options['httpdComments']){fallthroughStylePatterns.push([PR_PLAIN,/^.*\S.*#/i,null]);}
1959+fallthroughStylePatterns.push([PR_LITERAL,/^@[a-z_$][a-z_$@0-9]*|\bNULL\b/i,null],[PR_LITERAL,CONFIG_OPTIONS,null],[PR_TAG,/^\b(AuthzProviderAlias|AuthnProviderAlias|RequireAny|RequireAll|RequireNone|Directory|DirectoryMatch|Location|LocationMatch|VirtualHost|If|Else|ElseIf|Proxy\b|LoadBalancer|Files|FilesMatch|Limit|LimitExcept|IfDefine|IfModule|IfVersion)\b/,null],[PR_TYPE,/^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_(t|req|module)\b)/,null],[PR_TAG,/^apr_[a-z_0-9]+|ap_[a-z_0-9]+/i,null],[PR_PLAIN,/^[a-z_$][a-z_$@0-9\-]*/i,null],[PR_LITERAL,new RegExp('^(?:'
1960++'0x[a-f0-9]+'
1961++'|[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+:[a-f0-9:]+'
1962++'|(?:\\d(?:_\\d+)*\\d*(?:\\.\\d*)?|\\.\\d\\+)'
1963++'(?:e[+\\-]?\\d+)?'
1964++')'
1965++'[a-z]*','i'),null,'0123456789'],[PR_PLAIN,/^\\[\s\S]?/,null],[PR_PUNCTUATION,/^.[^\s\w\.$@\'\"\`\/\#\\]*/,null]);return createSimpleLexer(shortcutStylePatterns,fallthroughStylePatterns);}
1966+var decorateSource=sourceDecorator({'keywords':ALL_KEYWORDS,'hashComments':true,'cStyleComments':true,'multiLineStrings':true,'regexLiterals':true});function numberLines(node,opt_startLineNum,isPreformatted){var nocode=/(?:^|\s)nocode(?:\s|$)/;var lineBreak=/\r\n?|\n/;var document=node.ownerDocument;var li=document.createElement('li');while(node.firstChild){li.appendChild(node.firstChild);}
1967+var listItems=[li];function walk(node){switch(node.nodeType){case 1:if(nocode.test(node.className)){break;}
1968+if('br'===node.nodeName){breakAfter(node);if(node.parentNode){node.parentNode.removeChild(node);}}else{for(var child=node.firstChild;child;child=child.nextSibling){walk(child);}}
1969+break;case 3:case 4:if(isPreformatted){var text=node.nodeValue;var match=text.match(lineBreak);if(match){var firstLine=text.substring(0,match.index);node.nodeValue=firstLine;var tail=text.substring(match.index+match[0].length);if(tail){var parent=node.parentNode;parent.insertBefore(document.createTextNode(tail),node.nextSibling);}
1970+breakAfter(node);if(!firstLine){node.parentNode.removeChild(node);}}}
1971+break;}}
1972+function breakAfter(lineEndNode){while(!lineEndNode.nextSibling){lineEndNode=lineEndNode.parentNode;if(!lineEndNode){return;}}
1973+function breakLeftOf(limit,copy){var rightSide=copy?limit.cloneNode(false):limit;var parent=limit.parentNode;if(parent){var parentClone=breakLeftOf(parent,1);var next=limit.nextSibling;parentClone.appendChild(rightSide);for(var sibling=next;sibling;sibling=next){next=sibling.nextSibling;parentClone.appendChild(sibling);}}
1974+return rightSide;}
1975+var copiedListItem=breakLeftOf(lineEndNode.nextSibling,0);for(var parent;(parent=copiedListItem.parentNode)&&parent.nodeType===1;){copiedListItem=parent;}
1976+listItems.push(copiedListItem);}
1977+for(var i=0;i<listItems.length;++i){walk(listItems[i]);}
1978+if(opt_startLineNum===(opt_startLineNum|0)){listItems[0].setAttribute('value',opt_startLineNum);}
1979+var ol=document.createElement('ol');ol.className='linenums';var offset=Math.max(0,((opt_startLineNum-1))|0)||0;for(var i=0,n=listItems.length;i<n;++i){li=listItems[i];li.className='L'+((i+offset)%1);if(!li.firstChild){li.appendChild(document.createTextNode('\xA0'));}
1980+ol.appendChild(li);}
1981+node.appendChild(ol);}
1982+function recombineTagsAndDecorations(job){var isIE8OrEarlier=/\bMSIE\s(\d+)/.exec(navigator.userAgent);isIE8OrEarlier=isIE8OrEarlier&&+isIE8OrEarlier[1]<=8;var newlineRe=/\n/g;var source=job.sourceCode;var sourceLength=source.length;var sourceIndex=0;var spans=job.spans;var nSpans=spans.length;var spanIndex=0;var decorations=job.decorations;var nDecorations=decorations.length;var decorationIndex=0;decorations[nDecorations]=sourceLength;var decPos,i;for(i=decPos=0;i<nDecorations;){if(decorations[i]!==decorations[i+2]){decorations[decPos++]=decorations[i++];decorations[decPos++]=decorations[i++];}else{i+=2;}}
1983+nDecorations=decPos;for(i=decPos=0;i<nDecorations;){var startPos=decorations[i];var startDec=decorations[i+1];var end=i+2;while(end+2<=nDecorations&&decorations[end+1]===startDec){end+=2;}
1984+decorations[decPos++]=startPos;decorations[decPos++]=startDec;i=end;}
1985+nDecorations=decorations.length=decPos;var sourceNode=job.sourceNode;var oldDisplay;if(sourceNode){oldDisplay=sourceNode.style.display;sourceNode.style.display='none';}
1986+try{var decoration=null;var X=0;while(spanIndex<nSpans){X=X+1;if(X>5000){break;}
1987+var spanStart=spans[spanIndex];var spanEnd=spans[spanIndex+2]||sourceLength;var decEnd=decorations[decorationIndex+2]||sourceLength;var end=Math.min(spanEnd,decEnd);var textNode=spans[spanIndex+1];var styledText;if(textNode.nodeType!==1&&(styledText=source.substring(sourceIndex,end))){if(isIE8OrEarlier){styledText=styledText.replace(newlineRe,'\r');}
1988+textNode.nodeValue=styledText;var document=textNode.ownerDocument;var span=document.createElement('span');span.className=decorations[decorationIndex+1];var parentNode=textNode.parentNode;parentNode.replaceChild(span,textNode);span.appendChild(textNode);if(sourceIndex<spanEnd){spans[spanIndex+1]=textNode=document.createTextNode(source.substring(end,spanEnd));parentNode.insertBefore(textNode,span.nextSibling);}}
1989+sourceIndex=end;if(sourceIndex>=spanEnd){spanIndex+=2;}
1990+if(sourceIndex>=decEnd){decorationIndex+=2;}}}finally{if(sourceNode){sourceNode.style.display=oldDisplay;}}}
1991+var langHandlerRegistry={};function registerLangHandler(handler,fileExtensions){for(var i=fileExtensions.length;--i>=0;){var ext=fileExtensions[i];if(!langHandlerRegistry.hasOwnProperty(ext)){langHandlerRegistry[ext]=handler;}else if(win['console']){console['warn']('cannot override language handler %s',ext);}}}
1992+function langHandlerForExtension(extension,source){if(!(extension&&langHandlerRegistry.hasOwnProperty(extension))){extension=/^\s*</.test(source)?'default-markup':'default-code';}
1993+return langHandlerRegistry[extension];}
1994+registerLangHandler(decorateSource,['default-code']);registerLangHandler(createSimpleLexer([],[[PR_PLAIN,/^[^<?]+/],[PR_DECLARATION,/^<!\w[^>]*(?:>|$)/],[PR_COMMENT,/^<\!--[\s\S]*?(?:-\->|$)/],['lang-',/^<\?([\s\S]+?)(?:\?>|$)/],['lang-',/^<%([\s\S]+?)(?:%>|$)/],[PR_PUNCTUATION,/^(?:<[%?]|[%?]>)/],['lang-',/^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],['lang-js',/^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],['lang-css',/^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],['lang-in.tag',/^(<\/?[a-z][^<>]*>)/i]]),['default-markup','htm','html','mxml','xhtml','xml','xsl']);registerLangHandler(createSimpleLexer([[PR_PLAIN,/^[\s]+/,null,' \t\r\n'],[PR_ATTRIB_VALUE,/^(?:\"[^\"]*\"?|\'[^\']*\'?)/,null,'\"\'']],[[PR_TAG,/^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],[PR_ATTRIB_NAME,/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],['lang-uq.val',/^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],[PR_PUNCTUATION,/^[=<>\/]+/],['lang-js',/^on\w+\s*=\s*\"([^\"]+)\"/i],['lang-js',/^on\w+\s*=\s*\'([^\']+)\'/i],['lang-js',/^on\w+\s*=\s*([^\"\'>\s]+)/i],['lang-css',/^style\s*=\s*\"([^\"]+)\"/i],['lang-css',/^style\s*=\s*\'([^\']+)\'/i],['lang-css',/^style\s*=\s*([^\"\'>\s]+)/i]]),['in.tag']);registerLangHandler(createSimpleLexer([],[[PR_ATTRIB_VALUE,/^[\s\S]+/]]),['uq.val']);registerLangHandler(sourceDecorator({'keywords':CPP_KEYWORDS,'hashComments':true,'cStyleComments':true,'types':C_TYPES}),['c','cc','cpp','cxx','cyc','m']);registerLangHandler(sourceDecorator({'keywords':PHP_KEYWORDS,'hashComments':false,'cStyleComments':true,'multiLineStrings':true,'regexLiterals':true}),['php','phtml','inc']);registerLangHandler(sourceDecorator({'keywords':'null,true,false'}),['json']);registerLangHandler(sourceDecorator({'keywords':CSHARP_KEYWORDS,'hashComments':true,'cStyleComments':true,'verbatimStrings':true,'types':C_TYPES}),['cs']);registerLangHandler(sourceDecorator({'keywords':JAVA_KEYWORDS,'cStyleComments':true}),['java']);registerLangHandler(sourceDecorator({'keywords':SH_KEYWORDS,'hashComments':true,'multiLineStrings':true}),['bsh','csh','sh']);registerLangHandler(sourceDecorator({'keywords':PYTHON_KEYWORDS,'hashComments':true,'multiLineStrings':true,'tripleQuotedStrings':true}),['cv','py']);registerLangHandler(sourceDecorator({'keywords':PERL_KEYWORDS,'hashComments':true,'multiLineStrings':true,'regexLiterals':true}),['perl','pl','pm']);registerLangHandler(sourceDecorator({'keywords':RUBY_KEYWORDS,'hashComments':true,'multiLineStrings':true,'regexLiterals':true}),['rb']);registerLangHandler(sourceDecorator({'keywords':JSCRIPT_KEYWORDS,'cStyleComments':true,'regexLiterals':true}),['js']);registerLangHandler(sourceDecorator({'keywords':COFFEE_KEYWORDS,'hashComments':3,'cStyleComments':true,'multilineStrings':true,'tripleQuotedStrings':true,'regexLiterals':true}),['coffee']);registerLangHandler(createSimpleLexer([],[[PR_STRING,/^[\s\S]+/]]),['regex']);registerLangHandler(sourceDecorator({'keywords':CONFIG_KEYWORDS,'literals':CONFIG_OPTIONS,'strings':CONFIG_ENVS,'hashComments':true,'cStyleComments':false,'multiLineStrings':false,'regexLiterals':false,'httpdComments':true}),['config']);function applyDecorator(job){var opt_langExtension=job.langExtension;try{var sourceAndSpans=extractSourceSpans(job.sourceNode,job.pre);var source=sourceAndSpans.sourceCode;job.sourceCode=source;job.spans=sourceAndSpans.spans;job.basePos=0;langHandlerForExtension(opt_langExtension,source)(job);recombineTagsAndDecorations(job);}catch(e){if(win['console']){console['log'](e&&e['stack']?e['stack']:e);}}}
1995+function prettyPrintOne(sourceCodeHtml,opt_langExtension,opt_numberLines){var container=document.createElement('pre');container.innerHTML=sourceCodeHtml;if(opt_numberLines){numberLines(container,opt_numberLines,true);}
1996+var job={langExtension:opt_langExtension,numberLines:opt_numberLines,sourceNode:container,pre:1};applyDecorator(job);return container.innerHTML;}
1997+function prettyPrint(opt_whenDone){function byTagName(tn){return document.getElementsByTagName(tn);}
1998+var codeSegments=[byTagName('pre'),byTagName('code'),byTagName('xmp')];var elements=[];for(var i=0;i<codeSegments.length;++i){for(var j=0,n=codeSegments[i].length;j<n;++j){elements.push(codeSegments[i][j]);}}
1999+codeSegments=null;var clock=Date;if(!clock['now']){clock={'now':function(){return+(new Date);}};}
2000+var k=0;var prettyPrintingJob;var langExtensionRe=/\blang(?:uage)?-([\w.]+)(?!\S)/;var prettyPrintRe=/\bprettyprint\b/;var prettyPrintedRe=/\bprettyprinted\b/;var preformattedTagNameRe=/pre|xmp/i;var codeRe=/^code$/i;var preCodeXmpRe=/^(?:pre|code|xmp)$/i;function doWork(){var endTime=(win['PR_SHOULD_USE_CONTINUATION']?clock['now']()+250:Infinity);for(;k<elements.length&&clock['now']()<endTime;k++){var cs=elements[k];var className=cs.className;if(prettyPrintRe.test(className)&&!prettyPrintedRe.test(className)){var nested=false;for(var p=cs.parentNode;p;p=p.parentNode){var tn=p.tagName;if(preCodeXmpRe.test(tn)&&p.className&&prettyPrintRe.test(p.className)){nested=true;break;}}
2001+if(!nested){cs.className+=' prettyprinted';var langExtension=className.match(langExtensionRe);var wrapper;if(!langExtension&&(wrapper=childContentWrapper(cs))&&codeRe.test(wrapper.tagName)){langExtension=wrapper.className.match(langExtensionRe);}
2002+if(langExtension){langExtension=langExtension[1];}
2003+var preformatted;if(preformattedTagNameRe.test(cs.tagName)){preformatted=1;}else{var currentStyle=cs['currentStyle'];var whitespace=(currentStyle?currentStyle['whiteSpace']:(document.defaultView&&document.defaultView.getComputedStyle)?document.defaultView.getComputedStyle(cs,null).getPropertyValue('white-space'):0);preformatted=whitespace&&'pre'===whitespace.substring(0,3);}
2004+var lineNums=cs.className.match(/\blinenums\b(?::(\d+))?/);lineNums=lineNums?lineNums[1]&&lineNums[1].length?+lineNums[1]:true:false;if(lineNums){numberLines(cs,lineNums,preformatted);}
2005+prettyPrintingJob={langExtension:langExtension,sourceNode:cs,numberLines:lineNums,pre:preformatted};applyDecorator(prettyPrintingJob);}}}
2006+if(k<elements.length){setTimeout(doWork,250);}else if(opt_whenDone){opt_whenDone();}}
2007+doWork();}
2008+var PR=win['PR']={'createSimpleLexer':createSimpleLexer,'registerLangHandler':registerLangHandler,'sourceDecorator':sourceDecorator,'PR_ATTRIB_NAME':PR_ATTRIB_NAME,'PR_ATTRIB_VALUE':PR_ATTRIB_VALUE,'PR_COMMENT':PR_COMMENT,'PR_DECLARATION':PR_DECLARATION,'PR_KEYWORD':PR_KEYWORD,'PR_LITERAL':PR_LITERAL,'PR_NOCODE':PR_NOCODE,'PR_PLAIN':PR_PLAIN,'PR_PUNCTUATION':PR_PUNCTUATION,'PR_SOURCE':PR_SOURCE,'PR_STRING':PR_STRING,'PR_TAG':PR_TAG,'PR_TYPE':PR_TYPE,'prettyPrintOne':win['prettyPrintOne']=prettyPrintOne,'prettyPrint':win['prettyPrint']=prettyPrint};PR['registerLangHandler'](PR['createSimpleLexer']([[PR['PR_PLAIN'],/^[\t\n\r \xA0]+/,null,'\t\n\r \xA0'],[PR['PR_STRING'],/^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/,null,'"\'']],[[PR['PR_COMMENT'],/^--(?:\[(=*)\[[\s\S]*?(?:\]\1\]|$)|[^\r\n]*)/],[PR['PR_TYPE'],/^nil|false|true/],[PR['PR_STRING'],/^\[(=*)\[[\s\S]*?(?:\]\1\]|$)/],[PR['PR_KEYWORD'],/^(?:and|break|do|else|elseif|end|for|function|if|in|local|not|or|repeat|require|return|then|until|while)\b/,null],[PR['PR_LITERAL'],/^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],[PR['PR_PLAIN'],/^[a-z_]\w*/i],[PR['PR_PUNCTUATION'],/^[^\w\t\n\r \xA0][^\w\t\n\r \xA0\"\'\-\+=]*/]]),['lua']);if(typeof define==="function"&&define['amd']){define("google-code-prettify",[],function(){return PR;});}})();
2009\ No newline at end of file
2010diff --git a/docs/manual/style/sitemap.dtd b/docs/manual/style/sitemap.dtd
2011new file mode 100644
2012index 0000000..829f326
2013--- /dev/null
2014+++ b/docs/manual/style/sitemap.dtd
2015@@ -0,0 +1,42 @@
2016+<?xml version='1.0' encoding='UTF-8' ?>
2017+
2018+<!--
2019+ Licensed to the Apache Software Foundation (ASF) under one or more
2020+ contributor license agreements. See the NOTICE file distributed with
2021+ this work for additional information regarding copyright ownership.
2022+ The ASF licenses this file to You under the Apache License, Version 2.0
2023+ (the "License"); you may not use this file except in compliance with
2024+ the License. You may obtain a copy of the License at
2025+
2026+ http://www.apache.org/licenses/LICENSE-2.0
2027+
2028+ Unless required by applicable law or agreed to in writing, software
2029+ distributed under the License is distributed on an "AS IS" BASIS,
2030+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2031+ See the License for the specific language governing permissions and
2032+ limitations under the License.
2033+-->
2034+
2035+<!ENTITY % common SYSTEM "common.dtd">
2036+%common;
2037+
2038+<!-- <sitemap> is the root element -->
2039+<!ELEMENT sitemap (title, summary?, seealso*, category*)>
2040+
2041+<!ATTLIST sitemap metafile CDATA #REQUIRED
2042+ upgrade CDATA #IMPLIED
2043+>
2044+
2045+<!-- <indexpage> is another root element -->
2046+<!ELEMENT indexpage (parentdocument, title, category*)>
2047+
2048+<!ATTLIST indexpage metafile CDATA #REQUIRED
2049+ upgrade CDATA #IMPLIED
2050+>
2051+
2052+<!ELEMENT category (title, page*)>
2053+<!ATTLIST category id ID #IMPLIED>
2054+
2055+<!ELEMENT page (#PCDATA)>
2056+<!ATTLIST page href CDATA #IMPLIED
2057+ separate (yes | no) "no" >
2058diff --git a/docs/manual/style/version.ent b/docs/manual/style/version.ent
2059new file mode 100644
2060index 0000000..b44b2a7
2061--- /dev/null
2062+++ b/docs/manual/style/version.ent
2063@@ -0,0 +1,24 @@
2064+<?xml version='1.0' encoding='UTF-8' ?>
2065+
2066+<!--
2067+ Licensed to the Apache Software Foundation (ASF) under one or more
2068+ contributor license agreements. See the NOTICE file distributed with
2069+ this work for additional information regarding copyright ownership.
2070+ The ASF licenses this file to You under the Apache License, Version 2.0
2071+ (the "License"); you may not use this file except in compliance with
2072+ the License. You may obtain a copy of the License at
2073+
2074+ http://www.apache.org/licenses/LICENSE-2.0
2075+
2076+ Unless required by applicable law or agreed to in writing, software
2077+ distributed under the License is distributed on an "AS IS" BASIS,
2078+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2079+ See the License for the specific language governing permissions and
2080+ limitations under the License.
2081+-->
2082+
2083+<!ENTITY httpd.major "2">
2084+<!ENTITY httpd.minor "4">
2085+<!ENTITY httpd.patch "29">
2086+
2087+<!ENTITY httpd.docs "2.4">
2088diff --git a/docs/manual/suexec.html b/docs/manual/suexec.html
2089new file mode 100644
2090index 0000000..c4cc65b
2091--- /dev/null
2092+++ b/docs/manual/suexec.html
2093@@ -0,0 +1,21 @@
2094+# GENERATED FROM XML -- DO NOT EDIT
2095+
2096+URI: suexec.html.en
2097+Content-Language: en
2098+Content-type: text/html; charset=ISO-8859-1
2099+
2100+URI: suexec.html.fr
2101+Content-Language: fr
2102+Content-type: text/html; charset=ISO-8859-1
2103+
2104+URI: suexec.html.ja.utf8
2105+Content-Language: ja
2106+Content-type: text/html; charset=UTF-8
2107+
2108+URI: suexec.html.ko.euc-kr
2109+Content-Language: ko
2110+Content-type: text/html; charset=EUC-KR
2111+
2112+URI: suexec.html.tr.utf8
2113+Content-Language: tr
2114+Content-type: text/html; charset=UTF-8
2115diff --git a/docs/manual/suexec.html.en b/docs/manual/suexec.html.en
2116new file mode 100644
2117index 0000000..28be5fd
2118--- /dev/null
2119+++ b/docs/manual/suexec.html.en
2120@@ -0,0 +1,643 @@
2121+<?xml version="1.0" encoding="ISO-8859-1"?>
2122+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2123+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
2124+<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
2125+<!--
2126+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2127+ This file is generated from xml source: DO NOT EDIT
2128+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2129+ -->
2130+<title>suEXEC Support - Apache HTTP Server Version 2.4</title>
2131+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
2132+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
2133+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
2134+<script src="./style/scripts/prettify.min.js" type="text/javascript">
2135+</script>
2136+
2137+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
2138+<body id="manual-page"><div id="page-header">
2139+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p>
2140+<p class="apache">Apache HTTP Server Version 2.4</p>
2141+<img alt="" src="./images/feather.png" /></div>
2142+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
2143+<div id="path">
2144+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC Support</h1>
2145+<div class="toplang">
2146+<p><span>Available Languages: </span><a href="./en/suexec.html" title="English">&nbsp;en&nbsp;</a> |
2147+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2148+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2149+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2150+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2151+</div>
2152+
2153+ <p>The <strong>suEXEC</strong> feature provides users of the Apache
2154+ HTTP Server the ability
2155+ to run <strong>CGI</strong> and <strong>SSI</strong> programs
2156+ under user IDs different from the user ID of the calling
2157+ web server. Normally, when a CGI or SSI program executes, it
2158+ runs as the same user who is running the web server.</p>
2159+
2160+ <p>Used properly, this feature can reduce
2161+ considerably the security risks involved with allowing users to
2162+ develop and run private CGI or SSI programs. However, if suEXEC
2163+ is improperly configured, it can cause any number of problems
2164+ and possibly create new holes in your computer's security. If
2165+ you aren't familiar with managing <em>setuid root</em> programs
2166+ and the security issues they present, we highly recommend that
2167+ you not consider using suEXEC.</p>
2168+ </div>
2169+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Before we begin</a></li>
2170+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC Security Model</a></li>
2171+<li><img alt="" src="./images/down.gif" /> <a href="#install">Configuring &amp; Installing
2172+ suEXEC</a></li>
2173+<li><img alt="" src="./images/down.gif" /> <a href="#enable">Enabling &amp; Disabling
2174+ suEXEC</a></li>
2175+<li><img alt="" src="./images/down.gif" /> <a href="#usage">Using suEXEC</a></li>
2176+<li><img alt="" src="./images/down.gif" /> <a href="#debug">Debugging suEXEC</a></li>
2177+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Beware the Jabberwock:
2178+ Warnings &amp; Examples</a></li>
2179+</ul><h3>See also</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
2180+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2181+<div class="section">
2182+<h2><a name="before" id="before">Before we begin</a></h2>
2183+
2184+ <p>Before jumping head-first into this document,
2185+ you should be aware that certain assumptions are made about you and
2186+ the environment in which you will be using suexec.</p>
2187+
2188+ <p>First, it is assumed that you are using a UNIX
2189+ derivative operating system that is capable of
2190+ <strong>setuid</strong> and <strong>setgid</strong> operations.
2191+ All command examples are given in this regard. Other platforms,
2192+ if they are capable of supporting suEXEC, may differ in their
2193+ configuration.</p>
2194+
2195+ <p>Second, it is assumed you are familiar with
2196+ some basic concepts of your computer's security and its
2197+ administration. This involves an understanding of
2198+ <strong>setuid/setgid</strong> operations and the various
2199+ effects they may have on your system and its level of
2200+ security.</p>
2201+
2202+ <p>Third, it is assumed that you are using an
2203+ <strong>unmodified</strong> version of suEXEC code. All code
2204+ for suEXEC has been carefully scrutinized and tested by the
2205+ developers as well as numerous beta testers. Every precaution
2206+ has been taken to ensure a simple yet solidly safe base of
2207+ code. Altering this code can cause unexpected problems and new
2208+ security risks. It is <strong>highly</strong> recommended you
2209+ not alter the suEXEC code unless you are well versed in the
2210+ particulars of security programming and are willing to share
2211+ your work with the Apache HTTP Server development team for consideration.</p>
2212+
2213+ <p>Fourth, and last, it has been the decision of
2214+ the Apache HTTP Server development team to <strong>NOT</strong> make suEXEC part of
2215+ the default installation of Apache httpd. To this end, suEXEC
2216+ configuration requires of the administrator careful attention
2217+ to details. After due consideration has been given to the
2218+ various settings for suEXEC, the administrator may install
2219+ suEXEC through normal installation methods. The values for
2220+ these settings need to be carefully determined and specified by
2221+ the administrator to properly maintain system security during
2222+ the use of suEXEC functionality. It is through this detailed
2223+ process that we hope to limit suEXEC
2224+ installation only to those who are careful and determined
2225+ enough to use it.</p>
2226+
2227+ <p>Still with us? Yes? Good. Let's move on!</p>
2228+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2229+<div class="section">
2230+<h2><a name="model" id="model">suEXEC Security Model</a></h2>
2231+
2232+ <p>Before we begin configuring and installing
2233+ suEXEC, we will first discuss the security model you are about
2234+ to implement. By doing so, you may better understand what
2235+ exactly is going on inside suEXEC and what precautions are
2236+ taken to ensure your system's security.</p>
2237+
2238+ <p><strong>suEXEC</strong> is based on a setuid
2239+ "wrapper" program that is called by the main Apache HTTP Server.
2240+ This wrapper is called when an HTTP request is made for a CGI
2241+ or SSI program that the administrator has designated to run as
2242+ a userid other than that of the main server. When such a
2243+ request is made, Apache httpd provides the suEXEC wrapper with the
2244+ program's name and the user and group IDs under which the
2245+ program is to execute.</p>
2246+
2247+ <p>The wrapper then employs the following process
2248+ to determine success or failure -- if any one of these
2249+ conditions fail, the program logs the failure and exits with an
2250+ error, otherwise it will continue:</p>
2251+
2252+ <ol>
2253+ <li>
2254+ <strong>Is the user executing this wrapper a valid user of
2255+ this system?</strong>
2256+
2257+ <p class="indent">
2258+ This is to ensure that the user executing the wrapper is
2259+ truly a user of the system.
2260+ </p>
2261+ </li>
2262+
2263+ <li>
2264+ <strong>Was the wrapper called with the proper number of
2265+ arguments?</strong>
2266+
2267+ <p class="indent">
2268+ The wrapper will only execute if it is given the proper
2269+ number of arguments. The proper argument format is known
2270+ to the Apache HTTP Server. If the wrapper is not receiving
2271+ the proper number of arguments, it is either being
2272+ hacked, or there is something wrong with the suEXEC
2273+ portion of your Apache httpd binary.
2274+ </p>
2275+ </li>
2276+
2277+ <li>
2278+ <strong>Is this valid user allowed to run the
2279+ wrapper?</strong>
2280+
2281+ <p class="indent">
2282+ Is this user the user allowed to run this wrapper? Only
2283+ one user (the Apache user) is allowed to execute this
2284+ program.
2285+ </p>
2286+ </li>
2287+
2288+ <li>
2289+ <strong>Does the target CGI or SSI program have an unsafe
2290+ hierarchical reference?</strong>
2291+
2292+ <p class="indent">
2293+ Does the target CGI or SSI program's path contain a leading
2294+ '/' or have a '..' backreference? These are not allowed; the
2295+ target CGI/SSI program must reside within suEXEC's document
2296+ root (see <code>--with-suexec-docroot=<em>DIR</em></code>
2297+ below).
2298+ </p>
2299+ </li>
2300+
2301+ <li>
2302+ <strong>Is the target user name valid?</strong>
2303+
2304+ <p class="indent">
2305+ Does the target user exist?
2306+ </p>
2307+ </li>
2308+
2309+ <li>
2310+ <strong>Is the target group name valid?</strong>
2311+
2312+ <p class="indent">
2313+ Does the target group exist?
2314+ </p>
2315+ </li>
2316+
2317+ <li>
2318+ <strong>Is the target user <em>NOT</em> superuser?</strong>
2319+
2320+
2321+ <p class="indent">
2322+ suEXEC does not allow <code><em>root</em></code>
2323+ to execute CGI/SSI programs.
2324+ </p>
2325+ </li>
2326+
2327+ <li>
2328+ <strong>Is the target userid <em>ABOVE</em> the minimum ID
2329+ number?</strong>
2330+
2331+ <p class="indent">
2332+ The minimum user ID number is specified during
2333+ configuration. This allows you to set the lowest possible
2334+ userid that will be allowed to execute CGI/SSI programs.
2335+ This is useful to block out "system" accounts.
2336+ </p>
2337+ </li>
2338+
2339+ <li>
2340+ <strong>Is the target group <em>NOT</em> the superuser
2341+ group?</strong>
2342+
2343+ <p class="indent">
2344+ Presently, suEXEC does not allow the <code><em>root</em></code>
2345+ group to execute CGI/SSI programs.
2346+ </p>
2347+ </li>
2348+
2349+ <li>
2350+ <strong>Is the target groupid <em>ABOVE</em> the minimum ID
2351+ number?</strong>
2352+
2353+ <p class="indent">
2354+ The minimum group ID number is specified during
2355+ configuration. This allows you to set the lowest possible
2356+ groupid that will be allowed to execute CGI/SSI programs.
2357+ This is useful to block out "system" groups.
2358+ </p>
2359+ </li>
2360+
2361+ <li>
2362+ <strong>Can the wrapper successfully become the target user
2363+ and group?</strong>
2364+
2365+ <p class="indent">
2366+ Here is where the program becomes the target user and
2367+ group via setuid and setgid calls. The group access list
2368+ is also initialized with all of the groups of which the
2369+ user is a member.
2370+ </p>
2371+ </li>
2372+
2373+ <li>
2374+ <strong>Can we change directory to the one in which the target
2375+ CGI/SSI program resides?</strong>
2376+
2377+ <p class="indent">
2378+ If it doesn't exist, it can't very well contain files. If we
2379+ can't change directory to it, it might as well not exist.
2380+ </p>
2381+ </li>
2382+
2383+ <li>
2384+ <strong>Is the directory within the httpd webspace?</strong>
2385+
2386+ <p class="indent">
2387+ If the request is for a regular portion of the server, is
2388+ the requested directory within suEXEC's document root? If
2389+ the request is for a <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>, is the requested directory
2390+ within the directory configured as suEXEC's userdir (see
2391+ <a href="#install">suEXEC's configuration options</a>)?
2392+ </p>
2393+ </li>
2394+
2395+ <li>
2396+ <strong>Is the directory <em>NOT</em> writable by anyone
2397+ else?</strong>
2398+
2399+ <p class="indent">
2400+ We don't want to open up the directory to others; only
2401+ the owner user may be able to alter this directories
2402+ contents.
2403+ </p>
2404+ </li>
2405+
2406+ <li>
2407+ <strong>Does the target CGI/SSI program exist?</strong>
2408+
2409+ <p class="indent">
2410+ If it doesn't exists, it can't very well be executed.
2411+ </p>
2412+ </li>
2413+
2414+ <li>
2415+ <strong>Is the target CGI/SSI program <em>NOT</em> writable
2416+ by anyone else?</strong>
2417+
2418+ <p class="indent">
2419+ We don't want to give anyone other than the owner the
2420+ ability to change the CGI/SSI program.
2421+ </p>
2422+ </li>
2423+
2424+ <li>
2425+ <strong>Is the target CGI/SSI program <em>NOT</em> setuid or
2426+ setgid?</strong>
2427+
2428+ <p class="indent">
2429+ We do not want to execute programs that will then change
2430+ our UID/GID again.
2431+ </p>
2432+ </li>
2433+
2434+ <li>
2435+ <strong>Is the target user/group the same as the program's
2436+ user/group?</strong>
2437+
2438+ <p class="indent">
2439+ Is the user the owner of the file?
2440+ </p>
2441+ </li>
2442+
2443+ <li>
2444+ <strong>Can we successfully clean the process environment
2445+ to ensure safe operations?</strong>
2446+
2447+ <p class="indent">
2448+ suEXEC cleans the process' environment by establishing a
2449+ safe execution PATH (defined during configuration), as
2450+ well as only passing through those variables whose names
2451+ are listed in the safe environment list (also created
2452+ during configuration).
2453+ </p>
2454+ </li>
2455+
2456+ <li>
2457+ <strong>Can we successfully become the target CGI/SSI program
2458+ and execute?</strong>
2459+
2460+ <p class="indent">
2461+ Here is where suEXEC ends and the target CGI/SSI program begins.
2462+ </p>
2463+ </li>
2464+ </ol>
2465+
2466+ <p>This is the standard operation of the
2467+ suEXEC wrapper's security model. It is somewhat stringent and
2468+ can impose new limitations and guidelines for CGI/SSI design,
2469+ but it was developed carefully step-by-step with security in
2470+ mind.</p>
2471+
2472+ <p>For more information as to how this security
2473+ model can limit your possibilities in regards to server
2474+ configuration, as well as what security risks can be avoided
2475+ with a proper suEXEC setup, see the <a href="#jabberwock">"Beware the Jabberwock"</a> section of this
2476+ document.</p>
2477+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2478+<div class="section">
2479+<h2><a name="install" id="install">Configuring &amp; Installing
2480+ suEXEC</a></h2>
2481+
2482+ <p>Here's where we begin the fun.</p>
2483+
2484+ <p><strong>suEXEC configuration
2485+ options</strong><br />
2486+ </p>
2487+
2488+ <dl>
2489+ <dt><code>--enable-suexec</code></dt>
2490+
2491+ <dd>This option enables the suEXEC feature which is never
2492+ installed or activated by default. At least one
2493+ <code>--with-suexec-xxxxx</code> option has to be provided
2494+ together with the <code>--enable-suexec</code> option to let
2495+ APACI accept your request for using the suEXEC feature.</dd>
2496+
2497+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
2498+
2499+ <dd>The path to the <code>suexec</code> binary must be hard-coded
2500+ in the server for security reasons. Use this option to override
2501+ the default path. <em>e.g.</em>
2502+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
2503+
2504+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
2505+
2506+ <dd>The <a href="mod/mpm_common.html#user">username</a> under which
2507+ httpd normally runs. This is the only user allowed to
2508+ execute the suEXEC wrapper.</dd>
2509+
2510+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
2511+
2512+ <dd>Define to be the subdirectory under users' home
2513+ directories where suEXEC access should be allowed. All
2514+ executables under this directory will be executable by suEXEC
2515+ as the user so they should be "safe" programs. If you are
2516+ using a "simple" <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>
2517+ directive (ie. one without a "*" in it) this should be set to the same
2518+ value. suEXEC will not work properly in cases where the <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> directive points to
2519+ a location that is not the same as the user's home directory
2520+ as referenced in the <code>passwd</code> file. Default value is
2521+ "<code>public_html</code>".<br />
2522+ If you have virtual hosts with a different <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> for each,
2523+ you will need to define them to all reside in one parent
2524+ directory; then name that parent directory here. <strong>If
2525+ this is not defined properly, "~userdir" cgi requests will
2526+ not work!</strong></dd>
2527+
2528+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
2529+
2530+ <dd>Define as the DocumentRoot set for httpd. This will be
2531+ the only hierarchy (aside from <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>s) that can be used for suEXEC behavior. The
2532+ default directory is the <code>--datadir</code> value with the suffix
2533+ "<code>/htdocs</code>", <em>e.g.</em> if you configure with
2534+ "<code>--datadir=/home/apache</code>" the directory
2535+ "<code>/home/apache/htdocs</code>" is used as document root for the
2536+ suEXEC wrapper.</dd>
2537+
2538+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
2539+
2540+ <dd>Define this as the lowest UID allowed to be a target user
2541+ for suEXEC. For most systems, 500 or 100 is common. Default
2542+ value is 100.</dd>
2543+
2544+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
2545+
2546+ <dd>Define this as the lowest GID allowed to be a target
2547+ group for suEXEC. For most systems, 100 is common and
2548+ therefore used as default value.</dd>
2549+
2550+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
2551+
2552+ <dd>This defines the filename to which all suEXEC
2553+ transactions and errors are logged (useful for auditing and
2554+ debugging purposes). By default the logfile is named
2555+ "<code>suexec_log</code>" and located in your standard logfile
2556+ directory (<code>--logfiledir</code>).</dd>
2557+
2558+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
2559+
2560+ <dd>Define a safe PATH environment to pass to CGI
2561+ executables. Default value is
2562+ "<code>/usr/local/bin:/usr/bin:/bin</code>".</dd>
2563+ </dl>
2564+
2565+ <h3>Compiling and installing the suEXEC wrapper</h3>
2566+
2567+
2568+ <p>If you have enabled the suEXEC feature with the
2569+ <code>--enable-suexec</code> option the <code>suexec</code> binary
2570+ (together with httpd itself) is automatically built if you execute
2571+ the <code>make</code> command.</p>
2572+
2573+ <p>After all components have been built you can execute the
2574+ command <code>make install</code> to install them. The binary image
2575+ <code>suexec</code> is installed in the directory defined by the
2576+ <code>--sbindir</code> option. The default location is
2577+ "/usr/local/apache2/bin/suexec".</p>
2578+
2579+ <p>Please note that you need <strong><em>root
2580+ privileges</em></strong> for the installation step. In order
2581+ for the wrapper to set the user ID, it must be installed as
2582+ owner <code><em>root</em></code> and must have the setuserid
2583+ execution bit set for file modes.</p>
2584+
2585+
2586+ <h3>Setting paranoid permissions</h3>
2587+
2588+
2589+ <p>Although the suEXEC wrapper will check to ensure that its
2590+ caller is the correct user as specified with the
2591+ <code>--with-suexec-caller</code> <code class="program"><a href="./programs/configure.html">configure</a></code>
2592+ option, there is
2593+ always the possibility that a system or library call suEXEC uses
2594+ before this check may be exploitable on your system. To counter
2595+ this, and because it is best-practise in general, you should use
2596+ filesystem permissions to ensure that only the group httpd
2597+ runs as may execute suEXEC.</p>
2598+
2599+ <p>If for example, your web server is configured to run as:</p>
2600+
2601+ <pre class="prettyprint lang-config">User www
2602+Group webgroup</pre>
2603+
2604+
2605+ <p>and <code class="program"><a href="./programs/suexec.html">suexec</a></code> is installed at
2606+ "/usr/local/apache2/bin/suexec", you should run:</p>
2607+
2608+ <div class="example"><p><code>
2609+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
2610+ chmod 4750 /usr/local/apache2/bin/suexec<br />
2611+ </code></p></div>
2612+
2613+ <p>This will ensure that only the group httpd runs as can even
2614+ execute the suEXEC wrapper.</p>
2615+
2616+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2617+<div class="section">
2618+<h2><a name="enable" id="enable">Enabling &amp; Disabling
2619+ suEXEC</a></h2>
2620+
2621+ <p>Upon startup of httpd, it looks for the file
2622+ <code class="program"><a href="./programs/suexec.html">suexec</a></code> in the directory defined by the
2623+ <code>--sbindir</code> option (default is
2624+ "/usr/local/apache/sbin/suexec"). If httpd finds a properly
2625+ configured suEXEC wrapper, it will print the following message
2626+ to the error log:</p>
2627+
2628+<div class="example"><p><code>
2629+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
2630+</code></p></div>
2631+
2632+ <p>If you don't see this message at server startup, the server is
2633+ most likely not finding the wrapper program where it expects
2634+ it, or the executable is not installed <em>setuid root</em>.</p>
2635+
2636+ <p>If you want to enable the suEXEC mechanism for the first time
2637+ and an Apache HTTP Server is already running you must kill and
2638+ restart httpd. Restarting it with a simple HUP or USR1 signal
2639+ will not be enough. </p>
2640+ <p>If you want to disable suEXEC you should kill and restart
2641+ httpd after you have removed the <code class="program"><a href="./programs/suexec.html">suexec</a></code> file.</p>
2642+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2643+<div class="section">
2644+<h2><a name="usage" id="usage">Using suEXEC</a></h2>
2645+
2646+ <p>Requests for CGI programs will call the suEXEC wrapper only if
2647+ they are for a virtual host containing a <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> directive or if
2648+ they are processed by <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>.</p>
2649+
2650+ <p><strong>Virtual Hosts:</strong><br /> One way to use the suEXEC
2651+ wrapper is through the <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> directive in
2652+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> definitions. By
2653+ setting this directive to values different from the main server
2654+ user ID, all requests for CGI resources will be executed as the
2655+ <em>User</em> and <em>Group</em> defined for that <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>. If this
2656+ directive is not specified for a <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code> then the main server userid
2657+ is assumed.</p>
2658+
2659+ <p><strong>User directories:</strong><br /> Requests that are
2660+ processed by <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> will call the suEXEC
2661+ wrapper to execute CGI programs under the userid of the requested
2662+ user directory. The only requirement needed for this feature to
2663+ work is for CGI execution to be enabled for the user and that the
2664+ script must meet the scrutiny of the <a href="#model">security
2665+ checks</a> above. See also the
2666+ <code>--with-suexec-userdir</code> <a href="#install">compile
2667+ time option</a>.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2668+<div class="section">
2669+<h2><a name="debug" id="debug">Debugging suEXEC</a></h2>
2670+
2671+ <p>The suEXEC wrapper will write log information
2672+ to the file defined with the <code>--with-suexec-logfile</code>
2673+ option as indicated above. If you feel you have configured and
2674+ installed the wrapper properly, have a look at this log and the
2675+ error_log for the server to see where you may have gone astray.</p>
2676+
2677+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2678+<div class="section">
2679+<h2><a name="jabberwock" id="jabberwock">Beware the Jabberwock:
2680+ Warnings &amp; Examples</a></h2>
2681+
2682+ <p><strong>NOTE!</strong> This section may not be
2683+ complete. For the latest revision of this section of the
2684+ documentation, see the <a href="http://httpd.apache.org/docs/2.4/suexec.html">Online
2685+ Documentation</a> version.</p>
2686+
2687+ <p>There are a few points of interest regarding
2688+ the wrapper that can cause limitations on server setup. Please
2689+ review these before submitting any "bugs" regarding suEXEC.</p>
2690+
2691+ <ul>
2692+ <li><strong>suEXEC Points Of Interest</strong></li>
2693+
2694+ <li>
2695+ Hierarchy limitations
2696+
2697+ <p class="indent">
2698+ For security and efficiency reasons, all suEXEC requests
2699+ must remain within either a top-level document root for
2700+ virtual host requests, or one top-level personal document
2701+ root for userdir requests. For example, if you have four
2702+ VirtualHosts configured, you would need to structure all
2703+ of your VHosts' document roots off of one main httpd
2704+ document hierarchy to take advantage of suEXEC for
2705+ VirtualHosts. (Example forthcoming.)
2706+ </p>
2707+ </li>
2708+
2709+ <li>
2710+ suEXEC's PATH environment variable
2711+
2712+ <p class="indent">
2713+ This can be a dangerous thing to change. Make certain
2714+ every path you include in this define is a
2715+ <strong>trusted</strong> directory. You don't want to
2716+ open people up to having someone from across the world
2717+ running a trojan horse on them.
2718+ </p>
2719+ </li>
2720+
2721+ <li>
2722+ Altering the suEXEC code
2723+
2724+ <p class="indent">
2725+ Again, this can cause <strong>Big Trouble</strong> if you
2726+ try this without knowing what you are doing. Stay away
2727+ from it if at all possible.
2728+ </p>
2729+ </li>
2730+ </ul>
2731+
2732+</div></div>
2733+<div class="bottomlang">
2734+<p><span>Available Languages: </span><a href="./en/suexec.html" title="English">&nbsp;en&nbsp;</a> |
2735+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2736+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2737+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2738+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2739+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
2740+<script type="text/javascript"><!--//--><![CDATA[//><!--
2741+var comments_shortname = 'httpd';
2742+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
2743+(function(w, d) {
2744+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
2745+ d.write('<div id="comments_thread"><\/div>');
2746+ var s = d.createElement('script');
2747+ s.type = 'text/javascript';
2748+ s.async = true;
2749+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
2750+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
2751+ }
2752+ else {
2753+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
2754+ }
2755+})(window, document);
2756+//--><!]]></script></div><div id="footer">
2757+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
2758+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
2759+if (typeof(prettyPrint) !== 'undefined') {
2760+ prettyPrint();
2761+}
2762+//--><!]]></script>
2763+</body></html>
2764\ No newline at end of file
2765diff --git a/docs/manual/suexec.html.fr b/docs/manual/suexec.html.fr
2766new file mode 100644
2767index 0000000..02aa50c
2768--- /dev/null
2769+++ b/docs/manual/suexec.html.fr
2770@@ -0,0 +1,689 @@
2771+<?xml version="1.0" encoding="ISO-8859-1"?>
2772+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2773+<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr"><head>
2774+<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
2775+<!--
2776+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2777+ This file is generated from xml source: DO NOT EDIT
2778+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2779+ -->
2780+<title>Support suEXEC - Serveur Apache HTTP Version 2.4</title>
2781+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
2782+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
2783+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
2784+<script src="./style/scripts/prettify.min.js" type="text/javascript">
2785+</script>
2786+
2787+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
2788+<body id="manual-page"><div id="page-header">
2789+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossaire</a> | <a href="./sitemap.html">Plan du site</a></p>
2790+<p class="apache">Serveur Apache HTTP Version 2.4</p>
2791+<img alt="" src="./images/feather.png" /></div>
2792+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
2793+<div id="path">
2794+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">Serveur HTTP</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>Support suEXEC</h1>
2795+<div class="toplang">
2796+<p><span>Langues Disponibles: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
2797+<a href="./fr/suexec.html" title="Fran�ais">&nbsp;fr&nbsp;</a> |
2798+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
2799+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
2800+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
2801+</div>
2802+
2803+ <p>La fonctionnalit� <strong>suEXEC</strong> permet
2804+ l'ex�cution des programmes <strong>CGI</strong> et
2805+ <strong>SSI</strong> sous un utilisateur autre que celui sous
2806+ lequel s'ex�cute le serveur web qui appelle ces programmes.
2807+ Normalement, lorsqu'un programme CGI ou SSI est lanc�, il
2808+ s'ex�cute sous le m�me utilisateur que celui du serveur web qui
2809+ l'appelle.</p>
2810+
2811+ <p>Utilis�e de mani�re appropri�e, cette fonctionnalit� peut
2812+ r�duire consid�rablement les risques de s�curit� encourus
2813+ lorsqu'on autorise les utilisateurs � d�velopper et faire
2814+ s'ex�cuter des programmes CGI ou SSI de leur cru. Cependant, mal
2815+ configur�, suEXEC peut causer de nombreux probl�mes et m�me cr�er
2816+ de nouvelles failles dans la s�curit� de votre ordinateur. Si
2817+ vous n'�tes pas familier avec la gestion des programmes
2818+ <em>setuid root</em> et les risques de s�curit� qu'ils comportent,
2819+ nous vous recommandons vivement de ne pas tenter
2820+ d'utiliser suEXEC.</p>
2821+ </div>
2822+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Avant de commencer</a></li>
2823+<li><img alt="" src="./images/down.gif" /> <a href="#model">Mod�le de s�curit� de suEXEC</a></li>
2824+<li><img alt="" src="./images/down.gif" /> <a href="#install">Configurer et installer suEXEC</a></li>
2825+<li><img alt="" src="./images/down.gif" /> <a href="#enable">Activation et d�sactivation
2826+de suEXEC</a></li>
2827+<li><img alt="" src="./images/down.gif" /> <a href="#usage">Utilisation de suEXEC</a></li>
2828+<li><img alt="" src="./images/down.gif" /> <a href="#debug">D�bogage de suEXEC</a></li>
2829+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Avis � la population !
2830+ Avertissements et exemples</a></li>
2831+</ul><h3>Voir aussi</h3><ul class="seealso"><li><a href="#comments_section">Commentaires</a></li></ul></div>
2832+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2833+<div class="section">
2834+<h2><a name="before" id="before">Avant de commencer</a></h2>
2835+
2836+ <p>Avant de foncer t�te baiss�e dans la lecture de ce document,
2837+ vous devez tenir compte de certaines hypoth�ses concernant vous-m�me
2838+ et l'environnement dans lequel vous allez utiliser suexec.</p>
2839+
2840+ <p>Premi�rement, vous devez utiliser un syst�me d'exploitation
2841+ UNIX ou d�riv�, capable d'effectuer des op�rations
2842+ <strong>setuid</strong> et <strong>setgid</strong>. Tous les
2843+ exemples de commande sont donn�s en cons�quence. D'autres
2844+ plates-formes, m�me si elles supportent suEXEC, peuvent
2845+ avoir une configuration diff�rente.</p>
2846+
2847+ <p>Deuxi�mement, vous devez �tre familier avec les concepts de base
2848+ relatifs � la s�curit� de votre ordinateur et son administration.
2849+ Ceci implique la compr�hension des op�rations
2850+ <strong>setuid/setgid</strong> et des diff�rents effets qu'elles
2851+ peuvent produire sur votre syst�me et son niveau de s�curit�.</p>
2852+
2853+ <p>Troisi�mement, vous devez utiliser une version
2854+ <strong>non modifi�e</strong> du code de suEXEC. L'ensemble du
2855+ code de suEXEC a �t� scrut� et test� avec soin par les d�veloppeurs
2856+ et de nombreux b�ta testeurs. Toutes les pr�cautions ont �t� prises
2857+ pour s'assurer d'une base s�re de code non seulement simple, mais
2858+ aussi solide. La modification de ce code peut causer des probl�mes
2859+ inattendus et de nouveaux risques de s�curit�. Il est
2860+ <strong>vivement</strong> recommand� de ne pas modifier le code de
2861+ suEXEC, � moins que vous ne soyez un programmeur sp�cialiste des
2862+ particularit�s li�es � la s�curit�, et souhaitez partager votre
2863+ travail avec l'�quipe de d�veloppement du serveur HTTP Apache afin
2864+ de pouvoir en discuter.</p>
2865+
2866+ <p>Quatri�mement et derni�rement, l'�quipe de d�veloppement du
2867+ serveur HTTP Apache a d�cid� de ne
2868+ <strong>PAS</strong> inclure suEXEC dans l'installation par d�faut
2869+ d'Apache httpd. Pour pouvoir mettre en oeuvre suEXEC, l'administrateur
2870+ doit porter la plus grande attention aux d�tails. Apr�s avoir bien
2871+ r�fl�chi aux diff�rents points de la configuration de suEXEC,
2872+ l'administrateur peut l'installer selon les m�thodes classiques.
2873+ Les valeurs des param�tres de configuration doivent �tre
2874+ d�termin�es et sp�cifi�es avec soin par l'administrateur, afin de
2875+ maintenir la s�curit� du syst�me de mani�re appropri�e lors de
2876+ l'utilisation de la fonctionnalit� suEXEC. C'est par le biais de
2877+ ce processus minutieux que nous esp�rons r�server
2878+ l'installation de suEXEC aux administrateurs prudents et
2879+ suffisamment d�termin�s � vouloir l'utiliser.</p>
2880+
2881+ <p>Vous �tes encore avec nous ? Oui ? Bien.
2882+ Alors nous pouvons continuer !</p>
2883+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
2884+<div class="section">
2885+<h2><a name="model" id="model">Mod�le de s�curit� de suEXEC</a></h2>
2886+
2887+ <p>Avant d'installer et configurer suEXEC, nous allons tout d'abord
2888+ d�crire le mod�le de s�curit� que vous �tes sur le point
2889+ d'impl�menter. Vous devriez ainsi mieux comprendre ce qui se passe
2890+ vraiment � l'int�rieur de suEXEC et quelles pr�cautions ont �t�
2891+ prises pour pr�server la s�curit� de votre syst�me.</p>
2892+
2893+ <p><strong>suEXEC</strong> est bas� sur un programme "conteneur"
2894+ (wrapper) setuid qui est appel� par le serveur HTTP Apache principal.
2895+ Ce conteneur est appel� quand une requ�te HTTP concerne
2896+ un programme CGI ou SSI que l'administrateur
2897+ a d�cid� de faire s'ex�cuter
2898+ sous un utilisateur autre que celui du serveur principal.
2899+ Lorsqu'il re�oit une telle requ�te, Apache httpd fournit au conteneur
2900+ suEXEC le nom du programme, ainsi que les identifiants utilisateur
2901+ et groupe sous lesquels le programme doit s'ex�cuter.</p>
2902+
2903+ <p>Le conteneur effectue ensuite les v�rifications suivantes afin
2904+ de d�terminer la r�ussite ou l'�chec du processus -- si une seule
2905+ de ces conditions n'est pas v�rifi�e, le programme journalise
2906+ l'erreur et se termine en retournant un code d'erreur, sinon il
2907+ continue :</p>
2908+
2909+ <ol>
2910+ <li>
2911+ <strong>L'utilisateur qui ex�cute le conteneur est-il un
2912+ utilisateur valide de ce syst�me ?</strong>
2913+
2914+ <p class="indent">
2915+ Ceci permet de s'assurer que l'utilisateur qui ex�cute le
2916+ conteneur est vraiment un utilisateur appartenant au syst�me.
2917+ </p>
2918+ </li>
2919+
2920+ <li>
2921+ <strong>Le conteneur a-t-il �t� appel� avec un nombre
2922+ d'arguments correct ?</strong>
2923+
2924+ <p class="indent">
2925+ Le conteneur ne s'ex�cutera que si on lui fournit un nombre
2926+ d'arguments correct. Le serveur HTTP apache sait quel est le
2927+ bon format des arguments. Si le conteneur ne re�oit pas un
2928+ nombre d'arguments correct, soit il a �t� modifi�,
2929+ soit quelque chose ne va pas dans la portion suEXEC de
2930+ votre binaire Apache httpd.
2931+ </p>
2932+ </li>
2933+
2934+ <li>
2935+ <strong>Cet utilisateur valide est-il autoris� � ex�cuter le
2936+ conteneur ?</strong>
2937+
2938+ <p class="indent">
2939+ Cet utilisateur est-il celui autoris� � ex�cuter le
2940+ conteneur ? Un seul utilisateur (celui d'Apache) est
2941+ autoris� � ex�cuter ce programme.
2942+ </p>
2943+ </li>
2944+
2945+ <li>
2946+ <strong>Le chemin du programme CGI ou SSI cible est-il
2947+ non s�r ?</strong>
2948+
2949+ <p class="indent">
2950+ Le chemin du programme CGI ou SSI cible d�bute-t-il par un
2951+ '/' ou contient-il une r�f�rence arri�re '..' ? Ceci est
2952+ interdit ; le programme CGI ou SSI cible doit se trouver dans
2953+ la hi�rarchie de la racine des documents de suEXEC (voir
2954+ <code>--with-suexec-docroot=<em>DIR</em></code> ci-dessous).
2955+ </p>
2956+ </li>
2957+
2958+ <li>
2959+ <strong>Le nom utilisateur cible est-il valide ?</strong>
2960+
2961+ <p class="indent">
2962+ L'utilisateur cible existe-t-il ?
2963+ </p>
2964+ </li>
2965+
2966+ <li>
2967+ <strong>Le nom du groupe cible est-il valide ?</strong>
2968+
2969+ <p class="indent">
2970+ Le groupe cible existe-t-il ?
2971+ </p>
2972+ </li>
2973+
2974+ <li>
2975+ <strong>L'utilisateur cible n'est-il <em>PAS</em>
2976+ superutilisateur ?</strong>
2977+
2978+
2979+ <p class="indent">
2980+ suEXEc ne permet pas �
2981+ <code><em>root</em></code> d'ex�cuter des programmes CGI/SSI.
2982+ </p>
2983+ </li>
2984+
2985+ <li>
2986+ <strong>Le num�ro de l'identifiant de l'utilisateur cible
2987+ est-il <em>SUPERIEUR</em> au num�ro d'identifiant
2988+ minimum ?</strong>
2989+
2990+ <p class="indent">
2991+ Le num�ro d'identifiant utilisateur minimum est d�fini �
2992+ l'ex�cution du script configure. Ceci vous permet de d�finir
2993+ le num�ro d'identifiant utilisateur le plus bas qui sera
2994+ autoris� � �x�cuter des programmes CGI/SSI. En particulier,
2995+ cela permet d'�carter les comptes syst�me.
2996+ </p>
2997+ </li>
2998+
2999+ <li>
3000+ <strong>Le groupe cible n'est-il <em>PAS</em> le groupe
3001+ superutilisateur ?</strong>
3002+
3003+ <p class="indent">
3004+ Actuellement, suEXEC ne permet pas au groupe
3005+ <code><em>root</em></code> d'ex�cuter des programmes CGI/SSI.
3006+ </p>
3007+ </li>
3008+
3009+ <li>
3010+ <strong> Le num�ro d'identifiant du groupe cible est-il
3011+ <em>SUPERIEUR</em> au num�ro d'identifiant minimum ?</strong>
3012+
3013+ <p class="indent">
3014+ Le num�ro d'identifiant de groupe minimum est sp�cifi� lors
3015+ de l'ex�cution du script configure. Ceci vous permet de
3016+ d�finir l'identifiant de groupe le plus bas possible qui sera
3017+ autoris� � ex�cuter des programmes CGI/SSI, et est
3018+ particuli�rement utile pour �carter les groupes "syst�me".
3019+ </p>
3020+ </li>
3021+
3022+ <li>
3023+ <strong>Le conteneur peut-il obtenir avec succ�s l'identit�
3024+ des utilisateur et groupe cibles ?</strong>
3025+
3026+ <p class="indent">
3027+ C'est ici que le programme obtient l'identit� des utilisateur
3028+ et groupe cibles via des appels � setuid et setgid. De m�me,
3029+ la liste des acc�s groupe est initialis�e avec tous les
3030+ groupes auxquels l'utilisateur cible appartient.
3031+ </p>
3032+ </li>
3033+
3034+ <li>
3035+ <strong>Peut-on se positionner dans le r�pertoire dans dequel
3036+ sont situ�s les programmes CGI/SSI ?</strong>
3037+
3038+ <p class="indent">
3039+ S'il n'existe pas, il ne peut pas contenir de fichier. Et si
3040+ l'on ne peut pas s'y positionner, il n'existe probablement
3041+ pas.
3042+ </p>
3043+ </li>
3044+
3045+ <li>
3046+ <strong>Le r�pertoire est-il dans l'espace web
3047+ de httpd ?</strong>
3048+
3049+ <p class="indent">
3050+ Si la requ�te concerne une portion de la racine du serveur,
3051+ le r�pertoire demand� est-il dans la hi�rarchie de la racine
3052+ des documents de suEXEC ? Si la requ�te concerne un
3053+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>, le r�pertoire demand� est-il dans
3054+ la hi�rarchie du r�pertoire d�fini comme le r�pertoire
3055+ utilisateur de suEXEC (voir les
3056+ <a href="#install">options de configuration de suEXEC</a>) ?
3057+ </p>
3058+ </li>
3059+
3060+ <li>
3061+ <strong>L'�criture dans le r�pertoire est-elle interdite pour
3062+ un utilisateur autre que le propri�taire </strong>
3063+
3064+ <p class="indent">
3065+ Le r�pertoire ne doit pas �tre ouvert aux autres
3066+ utilisateurs ; seul l'utilisateur propri�taire doit pouvoir
3067+ modifier le contenu du r�pertoire.
3068+ </p>
3069+ </li>
3070+
3071+ <li>
3072+ <strong>Le programme CGI/SSI cible existe-t-il ?</strong>
3073+
3074+ <p class="indent">
3075+ S'il n'existe pas, il ne peut pas �tre ex�cut�.
3076+ </p>
3077+ </li>
3078+
3079+ <li>
3080+ <strong>Les utilisateurs autres que le propri�taire n'ont-ils
3081+ <em>PAS</em> de droits en �criture sur le programme
3082+ CGI/SSI ?</strong>
3083+
3084+ <p class="indent">
3085+ Les utilisateurs autres que le propri�taire ne doivent pas
3086+ pouvoir modifier le programme CGI/SSI.
3087+ </p>
3088+ </li>
3089+
3090+ <li>
3091+ <strong>Le programme CGI/SSI n'est-il <em>PAS</em> setuid ou
3092+ setgid ?</strong>
3093+
3094+ <p class="indent">
3095+ Les programmes cibles ne doivent pas pouvoir modifier �
3096+ nouveau les identifiants utilisateur/groupe.
3097+ </p>
3098+ </li>
3099+
3100+ <li>
3101+ <strong>Le couple utilisateur/groupe cible est-il le m�me que
3102+ celui du programme ?</strong>
3103+
3104+ <p class="indent">
3105+ L'utilisateur est-il le propri�taire du fichier ?
3106+ </p>
3107+ </li>
3108+
3109+ <li>
3110+ <strong>Peut-on nettoyer avec succ�s l'environnement des
3111+ processus afin de garantir la s�ret� des op�rations ?</strong>
3112+
3113+ <p class="indent">
3114+ suExec nettoie l'environnement des processus en �tablissant
3115+ un chemin d'ex�cution s�r (d�fini lors de la configuration),
3116+ et en ne passant que les variables dont les noms font partie
3117+ de la liste de l'environnement s�r (cr��e de m�me lors de la
3118+ configuration).
3119+ </p>
3120+ </li>
3121+
3122+ <li>
3123+ <strong>Le conteneur peut-il avec succ�s se substituer au
3124+ programme CGI/SSI cible et s'ex�cuter ?</strong>
3125+
3126+ <p class="indent">
3127+ C'est l� o� l'ex�cution de suEXEC s'arr�te et o� commence
3128+ celle du programme CGI/ssi cible.
3129+ </p>
3130+ </li>
3131+ </ol>
3132+
3133+ <p>Ce sont les op�rations standards effectu�es par le mod�le de
3134+ s�curit� du conteneur suEXEC. Il peut para�tre strict et est
3135+ susceptible d'imposer de nouvelles limitations et orientations
3136+ dans la conception des programmes CGI/SSI, mais il a �t� d�velopp�
3137+ avec le plus grand soin, �tape par �tape, en se focalisant sur
3138+ la s�curit�.</p>
3139+
3140+ <p>Pour plus d'informations sur la mesure dans laquelle ce mod�le
3141+ de s�curit� peut limiter vos possibilit�s au regard de la
3142+ configuration du serveur, ainsi que les risques de s�curit� qui
3143+ peuvent �tre �vit�s gr�ce � une configuration appropri�e de suEXEC,
3144+ se r�f�rer � la section <a href="#jabberwock">"Avis � la population !"</a> de ce document.</p>
3145+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3146+<div class="section">
3147+<h2><a name="install" id="install">Configurer et installer suEXEC</a></h2>
3148+
3149+ <p>C'est ici que nous entrons dans le vif du sujet.</p>
3150+
3151+ <p><strong>Options de configuration de suEXEC</strong><br />
3152+ </p>
3153+
3154+ <dl>
3155+ <dt><code>--enable-suexec</code></dt>
3156+
3157+ <dd>Cette option active la fonctionnalit� suEXEC qui n'est
3158+ jamais install�e ou activ�e par d�faut. Au moins une option
3159+ <code>--with-suexec-xxxxx</code> doit accompagner l'option
3160+ <code>--enable-suexec</code> pour qu'APACI (l'utilitaire de
3161+ configuration de la compilation d'Apache) accepte votre demande
3162+ d'utilisation de la fonctionnalit� suEXEC.</dd>
3163+
3164+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
3165+
3166+ <dd>Le chemin du binaire <code>suexec</code> doit �tre cod� en
3167+ dur dans le serveur pour des raisons de s�curit�. Cette option
3168+ vous permet de modifier le chemin par d�faut.
3169+ <em>Par exemple</em>
3170+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
3171+
3172+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
3173+
3174+ <dd>L'<a href="mod/mpm_common.html#user">utilisateur</a> sous
3175+ lequel httpd s'ex�cute habituellement. C'est le seul utilisateur
3176+ autoris� � ex�cuter le wrapper suEXEC.</dd>
3177+
3178+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
3179+
3180+ <dd>Cette option d�finit le sous-r�pertoire de la hi�rarchie des
3181+ r�pertoires utilisateurs dans lequel l'utilisation
3182+ de suEXEC sera autoris�e. Tous les ex�cutables situ�s dans ce
3183+ r�pertoire seront ex�cutables par suEXEC sous l'utilisateur
3184+ cible ; ces programmes doivent donc �tre s�rs. Si vous utilisez
3185+ une directive <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>
3186+ "simple" (c'est � dire ne contenant pas de
3187+ "*"), l'option --with-suexec-userdir
3188+ devra contenir la m�me valeur. SuEXEC ne fonctionnera pas
3189+ correctement si la directive <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> contient une valeur
3190+ diff�rente du r�pertoire home de l'utilisateur tel qu'il est
3191+ d�fini dans le fichier <code>passwd</code>. la valeur par d�faut
3192+ est "<code>public_html</code>".<br />
3193+ Si vous avez plusieurs h�tes virtuels avec une directive
3194+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> diff�rente
3195+ pour chacun d'entre eux, vous devrez faire en sorte que chaque
3196+ UserDir poss�de un r�pertoire parent commun ; donnez alors �
3197+ l'option --with-suexec-userdir le nom
3198+ de ce r�pertoire commun. <strong>Si tout ceci n'est pas d�fini
3199+ correctement, les requ�tes CGI "~userdir" ne fonctionneront
3200+ pas !</strong></dd>
3201+
3202+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
3203+
3204+ <dd>Cette option fonctionne comme la directive DocumentRoot pour
3205+ httpd. Il s'agit de la seule hi�rarchie (en dehors des directives
3206+ <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code>) dans laquelle la fonctionnalit� suEXEC
3207+ pourra �tre utilis�e. La valeur par d�faut est la valeur de
3208+ <code>--datadir</code> accompagn�e du suffixe
3209+ "<code>/htdocs</code>" ;
3210+ <em>Par exemple</em>, si vous ex�cutez configure avec
3211+ "<code>--datadir=/home/apache</code>", la valeur
3212+ "<code>/home/apache/htdocs</code>" sera utilis�e par d�faut comme
3213+ racine des documents pour le conteneur suEXEC.</dd>
3214+
3215+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
3216+
3217+ <dd>Cette option d�finit l'identifiant utilisateur le plus bas
3218+ avec lequel un utilisateur pourra �tre la cible de
3219+ suEXEC. 500 ou 100 sont des valeurs courantes sur la plupart des
3220+ syst�mes. la valeur par d�faut est 100.</dd>
3221+
3222+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
3223+
3224+ <dd>Cette option d�finit l'identifiant de groupe le plus bas
3225+ avec lequel un utilisateur pourra �tre la cible de
3226+ suEXEC. 100 est une valeur courante sur la plupart des
3227+ syst�mes et est par cons�quent la valeur par d�faut.</dd>
3228+
3229+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
3230+
3231+ <dd>Cette option permet de d�finir le fichier dans lequel
3232+ toutes les transactions et erreurs de suEXEC seront journalis�es
3233+ (� des fins d'analyse ou de d�bogage). Par d�faut, le fichier
3234+ journal se nomme "<code>suexec_log</code>" et se trouve dans votre
3235+ r�pertoire standard des fichiers journaux d�fini par
3236+ <code>--logfiledir</code></dd>
3237+
3238+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
3239+
3240+ <dd>Cette option permet de d�finir une variable d'environnement
3241+ PATH s�re � passer aux ex�cutables CGI. La valeur par d�faut
3242+ est "<code>/usr/local/bin:/usr/bin:/bin</code>".</dd>
3243+ </dl>
3244+
3245+ <h3>Compilation et installation du conteneur suEXEC</h3>
3246+
3247+
3248+ <p>Si vous avez activ� la fonctionnalit� suEXEC � l'aide de
3249+ l'option <code>--enable-suexec</code>, le binaire
3250+ <code>suexec</code> sera automatiquement construit (en m�me temps
3251+ que httpd) lorsque vous ex�cuterez la commande
3252+ <code>make</code>.</p>
3253+
3254+ <p>Lorsque tous les composants auront �t� construits, vous pourrez
3255+ ex�cuter la commande <code>make install</code> afin de les
3256+ installer. Le binaire <code>suexec</code> sera install� dans le
3257+ r�pertoire d�fini � l'aide de l'option <code>--sbindir</code>. La
3258+ localisation par d�faut est "/usr/local/apache2/bin/suexec".</p>
3259+ <p>Veuillez noter que vous aurez besoin des
3260+ <strong><em>privil�ges root</em></strong> pour passer l'�tape de
3261+ l'installation. Pour que le conteneur puisse changer
3262+ l'identifiant utilisateur, il doit avoir comme propri�taire
3263+ <code><em>root</em></code>, et les droits du fichier doivent
3264+ inclure le bit d'ex�cution setuserid.</p>
3265+
3266+
3267+ <h3>&gt;Mise en place de permissions pour
3268+ parano�aque</h3>
3269+
3270+ <p>Bien que le conteneur suEXEC v�rifie que l'utilisateur qui
3271+ l'appelle correspond bien � l'utilisateur sp�cifi� � l'aide de
3272+ l'option <code>--with-suexec-caller</code> du programme
3273+ <code class="program"><a href="./programs/configure.html">configure</a></code>, il subsiste toujours le risque qu'un
3274+ appel syst�me ou une biblioth�que fasse appel � suEXEC avant que
3275+ cette v�rification ne soit exploitable sur votre syst�me. Pour
3276+ tenir compte de ceci, et parce que c'est en g�n�ral la meilleure
3277+ pratique, vous devez utiliser les permissions du syst�me de
3278+ fichiers afin de vous assurer que seul le groupe sous lequel
3279+ s'ex�cute httpd puisse faire appel � suEXEC.</p>
3280+
3281+ <p>Si, par exemple, votre serveur web est configur� pour
3282+ s'ex�cuter en tant que :</p>
3283+
3284+<pre class="prettyprint lang-config">User www
3285+Group webgroup</pre>
3286+
3287+
3288+ <p>et <code class="program"><a href="./programs/suexec.html">suexec</a></code> se trouve �
3289+ "/usr/local/apache2/bin/suexec", vous devez ex�cuter les
3290+ commandes</p>
3291+
3292+<div class="example"><p><code>
3293+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
3294+ chmod 4750 /usr/local/apache2/bin/suexec<br />
3295+</code></p></div>
3296+
3297+ <p>Ceci permet de s'assurer que seul le groupe sous lequel httpd
3298+ s'ex�cute (ici webgroup) puisse faire appel au conteneur
3299+ suEXEC.</p>
3300+
3301+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3302+<div class="section">
3303+<h2><a name="enable" id="enable">Activation et d�sactivation
3304+de suEXEC</a></h2>
3305+
3306+ <p>Au d�marrage, httpd v�rifie la pr�sence du fichier
3307+ <code class="program"><a href="./programs/suexec.html">suexec</a></code> dans le r�pertoire d�fini par
3308+ l'option <code>--sbindir</code> du script configure (le
3309+ r�pertoire par d�faut est "/usr/local/apache/sbin/suexec"). Si
3310+ httpd trouve un conteneur suEXEC correctement configur�, il
3311+ enregistrera le message suivant dans le journal des erreurs :</p>
3312+
3313+<div class="example"><p><code>
3314+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
3315+</code></p></div>
3316+
3317+ <p>Si ce message n'est pas g�n�r� au d�marrage du serveur, ce
3318+ dernier ne trouve probablement pas le programme conteneur �
3319+ l'endroit o� il est sens� �tre, ou l'ex�cutable suexec n'est pas
3320+ install� en <em>setuid root</em>.</p>
3321+
3322+ <p>Si le serveur HTTP Apache est d�j� en cours d'ex�cution, et si
3323+ vous activez le m�canisme suEXEC pour la premi�re fois, vous
3324+ devez arr�ter et red�marrer httpd. Un red�marrage
3325+ � l'aide d'un simple signal HUP ou USR1 suffira. </p>
3326+ <p>Pour d�sactiver suEXEC, vous devez supprimer le fichier
3327+ <code class="program"><a href="./programs/suexec.html">suexec</a></code>, puis arr�ter et red�marrer
3328+ httpd.</p>
3329+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3330+<div class="section">
3331+<h2><a name="usage" id="usage">Utilisation de suEXEC</a></h2>
3332+
3333+ <p>Les requ�tes pour des programmes CGI ne feront appel au
3334+ conteneur suEXEC que si elles concernent un h�te virtuel
3335+ contenant une directive <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code>, ou si elles sont
3336+ trait�es par <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>.</p>
3337+
3338+ <p><strong>H�tes virtuels :</strong><br /> Une des m�thodes
3339+ d'utilisation du conteneur suEXEC consiste � ins�rer une
3340+ directive <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> dans une section
3341+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code>. En d�finissant
3342+ des valeurs diff�rentes de celles du serveur principal, toutes les
3343+ requ�tes pour des ressources CGI seront ex�cut�es sous
3344+ les <em>User</em> et <em>Group</em> d�finis pour cette section
3345+ <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>. Si cette
3346+ directive est absente de la section <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>, l'utilisateur du
3347+ serveur principal sera pris par d�faut</p>
3348+
3349+ <p><strong>R�pertoires des utilisateurs :</strong><br /> Avec
3350+ cette m�thode, les
3351+ requ�tes trait�es par <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> appelleront le
3352+ conteneur suEXEC pour ex�cuter le programme CGI sous l'identifiant
3353+ utilisateur du r�pertoire utilisateur concern�. Seuls pr�requis
3354+ pour pouvoir acc�der � cette fonctionnalit� : l'ex�cution des CGI
3355+ doit �tre activ�e pour l'utilisateur concern�, et le script doit
3356+ passer avec succ�s le test des <a href="#model">v�rifications de
3357+ s�curit�</a> d�crit plus haut. Voir aussi l'
3358+ <a href="#install">option de compilation</a>
3359+ <code>--with-suexec-userdir</code>.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3360+<div class="section">
3361+<h2><a name="debug" id="debug">D�bogage de suEXEC</a></h2>
3362+
3363+ <p>Le conteneur suEXEC va �crire ses informations de journalisation
3364+ dans le fichier d�fini par l'option de compilation
3365+ <code>--with-suexec-logfile</code> comme indiqu� plus haut. Si vous
3366+ pensez avoir configur� et install� correctement le conteneur,
3367+ consultez ce journal, ainsi que le journal des erreurs du serveur
3368+ afin de d�terminer l'endroit o� vous avez fait fausse route.</p>
3369+
3370+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3371+<div class="section">
3372+<h2><a name="jabberwock" id="jabberwock">Avis � la population !
3373+ Avertissements et exemples</a></h2>
3374+
3375+ <p><strong>NOTE !</strong> Cette section est peut-�tre incompl�te.
3376+ Pour en consulter la derni�re r�vision, voir la version de la <a href="http://httpd.apache.org/docs/2.4/suexec.html">Documentation en ligne</a>.</p>
3377+
3378+ <p>Quelques points importants du conteneur peuvent
3379+ imposer des contraintes du point de vue de la configuration du
3380+ serveur. Veuillez en prendre connaissance avant de soumettre un
3381+ rapport de bogue � propos de suEXEC.</p>
3382+
3383+ <ul>
3384+ <li><strong>Points importants de suEXEC</strong></li>
3385+
3386+ <li>
3387+ Limitations concernant la hi�rarchie.
3388+
3389+ <p class="indent">
3390+ Pour des raisons de s�curit� et d'efficacit�, toutes les
3391+ requ�tes suEXEC ne doivent concerner que des ressources
3392+ situ�es dans la racine des documents d�finie pour les
3393+ requ�tes concernant un h�te virtuel, ou des ressources
3394+ situ�es dans la racine des documents d�finies pour les
3395+ requ�tes concernant un r�pertoire utilisateur. Par exemple,
3396+ si vous avez configur� quatre h�tes virtuels, vous devrez
3397+ d�finir la structure des racines de documents de vos h�tes
3398+ virtuels en dehors d'une hi�rarchie de documents principale
3399+ de httpd, afin de tirer parti de suEXEC dans le contexte des
3400+ h�tes virtuels (Exemple � venir).
3401+ </p>
3402+ </li>
3403+
3404+ <li>
3405+ La variable d'environnement PATH de suEXEC
3406+
3407+ <p class="indent">
3408+ Modifier cette variable peut s'av�rer dangereux. Assurez-vous
3409+ que tout chemin que vous ajoutez � cette variable est un
3410+ r�pertoire <strong>de confiance</strong>. Vous n'avez
3411+ probablement pas l'intention d'ouvrir votre serveur de fa�on
3412+ � ce que l'on puisse y ex�cuter un cheval de Troie.
3413+ </p>
3414+ </li>
3415+
3416+ <li>
3417+ Modification de suEXEC
3418+
3419+ <p class="indent">
3420+ Encore une fois, ceci peut vous causer de
3421+ <strong>graves ennuis</strong> si vous vous y essayez sans
3422+ savoir ce que vous faites. Evitez de vous y risquer dans la
3423+ mesure du possible.
3424+ </p>
3425+ </li>
3426+ </ul>
3427+
3428+</div></div>
3429+<div class="bottomlang">
3430+<p><span>Langues Disponibles: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
3431+<a href="./fr/suexec.html" title="Fran�ais">&nbsp;fr&nbsp;</a> |
3432+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
3433+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
3434+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T�rk�e">&nbsp;tr&nbsp;</a></p>
3435+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Commentaires</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
3436+<script type="text/javascript"><!--//--><![CDATA[//><!--
3437+var comments_shortname = 'httpd';
3438+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
3439+(function(w, d) {
3440+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
3441+ d.write('<div id="comments_thread"><\/div>');
3442+ var s = d.createElement('script');
3443+ s.type = 'text/javascript';
3444+ s.async = true;
3445+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
3446+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
3447+ }
3448+ else {
3449+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
3450+ }
3451+})(window, document);
3452+//--><!]]></script></div><div id="footer">
3453+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Autoris� sous <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
3454+<p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossaire</a> | <a href="./sitemap.html">Plan du site</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
3455+if (typeof(prettyPrint) !== 'undefined') {
3456+ prettyPrint();
3457+}
3458+//--><!]]></script>
3459+</body></html>
3460\ No newline at end of file
3461diff --git a/docs/manual/suexec.html.ja.utf8 b/docs/manual/suexec.html.ja.utf8
3462new file mode 100644
3463index 0000000..31fd90d
3464--- /dev/null
3465+++ b/docs/manual/suexec.html.ja.utf8
3466@@ -0,0 +1,643 @@
3467+<?xml version="1.0" encoding="UTF-8"?>
3468+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3469+<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head>
3470+<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
3471+<!--
3472+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3473+ This file is generated from xml source: DO NOT EDIT
3474+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3475+ -->
3476+<title>suEXEC サポート - Apache HTTP サーバ バージョン 2.4</title>
3477+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
3478+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
3479+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
3480+<script src="./style/scripts/prettify.min.js" type="text/javascript">
3481+</script>
3482+
3483+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
3484+<body id="manual-page"><div id="page-header">
3485+<p class="menu"><a href="./mod/">モジュール</a> | <a href="./mod/directives.html">ディレクティブ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">用語</a> | <a href="./sitemap.html">サイトマップ</a></p>
3486+<p class="apache">Apache HTTP サーバ バージョン 2.4</p>
3487+<img alt="" src="./images/feather.png" /></div>
3488+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
3489+<div id="path">
3490+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP サーバ</a> &gt; <a href="http://httpd.apache.org/docs/">ドキュメンテーション</a> &gt; <a href="./">バージョン 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC サポート</h1>
3491+<div class="toplang">
3492+<p><span>翻訳済み言語: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
3493+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
3494+<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
3495+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
3496+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
3497+</div>
3498+<div class="outofdate">この日本語訳はすでに古くなっている
3499+ 可能性があります。
3500+ 最近更新された内容を見るには英語版をご覧下さい。
3501+ </div>
3502+
3503+ <p><strong>suEXEC</strong>
3504+ 機能により、Apache ユーザは Web サーバを実行しているユーザ ID とは
3505+ 異なるユーザ ID で <strong>CGI</strong> プログラムや <strong>SSI</strong>
3506+ プログラムを実行することができます。CGI プログラムまたは SSI
3507+ プログラムを実行する場合、通常は web サーバと同じユーザで実行されます。
3508+ </p>
3509+
3510+ <p>適切に使用すると、この機能によりユーザが個別の CGI
3511+ や SSI プログラムを開発し実行することで生じるセキュリティ上の危険を、
3512+ かなり減らすことができます。しかし、suEXEC の設定が不適切だと、
3513+ 多くの問題が生じ、あなたのコンピュータに新しいセキュリティホールを
3514+ 作ってしまう可能性があります。あなたが <em>setuid root</em>
3515+ されたプログラムと、それらから生じるセキュリティ上の問題の管理に
3516+ 詳しくないようなら、suEXEC の使用を検討しないように強く推奨します。
3517+ </p>
3518+ </div>
3519+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">始める前に</a></li>
3520+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC セキュリティモデル</a></li>
3521+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC
3522+ の設定とインストール</a></li>
3523+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC
3524+ の有効化と無効化</a></li>
3525+<li><img alt="" src="./images/down.gif" /> <a href="#usage">suEXEC の使用</a></li>
3526+<li><img alt="" src="./images/down.gif" /> <a href="#debug">suEXEC のデバッグ</a></li>
3527+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">とかげに注意: 警告と事例</a></li>
3528+</ul><h3>参照</h3><ul class="seealso"><li><a href="#comments_section">コメント</a></li></ul></div>
3529+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3530+<div class="section">
3531+<h2><a name="before" id="before">始める前に</a></h2>
3532+
3533+ <p>この文書の先頭に飛ぶ前に、Apache
3534+ グループとこの文書での仮定を知っておくべきでしょう。
3535+ </p>
3536+
3537+ <p>第 1 に、あなたが <strong>setuid</strong> と
3538+ <strong>setgid</strong> 操作が可能な UNIX
3539+ 由来のオペレーティングシステムを使っていることを想定しています。
3540+ これは、すべてのコマンド例にあてはまります。
3541+ その他のプラットホームでは、もし suEXEC
3542+ がサポートされていたとしても設定は異なるかもしれません。</p>
3543+
3544+ <p>第 2 に、あなたが使用中のコンピュータの
3545+ セキュリティに関する基本的な概念と、それらの管理について詳しいことを
3546+ 想定しています。これは、<strong>setuid/setgid</strong>
3547+ 操作、あなたのシステム上でのその操作による様々な効果、
3548+ セキュリティレベルについてあなたが理解しているということを含みます。
3549+ </p>
3550+
3551+ <p>第 3 に、<strong>改造されていない</strong> suEXEC
3552+ コードの使用を想定しています。suEXEC のコードは、
3553+ 多くのベータテスタだけでなく、開発者によっても注意深く精査され
3554+ テストされています。それらの注意により、簡潔で信頼できる安全な
3555+ コードの基盤が保証されます。このコードを改変することで、
3556+ 予期されない問題や新しいセキュリティ上の危険が生じることがあります。
3557+ セキュリティプログラミングの詳細に通じていて、
3558+ 今後の検討のために成果を Apache
3559+ グループと共有しようと思うのでなければ、suEXEC
3560+ コードは変えないことを <strong>強く</strong>推奨します。</p>
3561+
3562+ <p>第 4 に、これが最後ですが、suEXEC を Apache
3563+ のデフォルトインストールには<strong>含めない</strong>ことが
3564+ Apache グループで決定されています。これは、suEXEC
3565+ の設定には管理者の詳細にわたる慎重な注意が必要だからです。
3566+ suEXEC の様々な設定について検討が終われば、管理者は suEXEC
3567+ を通常のインストール方法でインストールすることができます。
3568+ これらの設定値は、suEXEC
3569+ 機能の使用中にシステムセキュリティを適切に保つために、
3570+ 管理者によって慎重に決定され指定されることが必要です。
3571+ この詳細な手順により、Apache グループは、suEXEC
3572+ のインストールについて、注意深く十分に検討してそれを使用することを
3573+ 決定した場合に限っていただきたいと考えています。
3574+ </p>
3575+
3576+ <p>それでも進みますか? よろしい。では、先へ進みましょう!</p>
3577+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3578+<div class="section">
3579+<h2><a name="model" id="model">suEXEC セキュリティモデル</a></h2>
3580+
3581+ <p>suEXEC の設定とインストールを始める前に、
3582+ まず実装しようとしているセキュリティモデルについて論じておきます。
3583+ それには、suEXEC の内部で行なわれていること、
3584+ システムのセキュリティを保証するために警告されることを
3585+ よく理解しておいた方がよいでしょう。</p>
3586+
3587+ <p><strong>suEXEC</strong> は、Apache web
3588+ サーバから呼び出される setuid された "wrapper"
3589+ プログラムが基本となっています。設計した CGI、または SSI
3590+ プログラムへの HTTP リクエストがあると、この wrapper
3591+ が呼び出されます。このようなリクエストがあると、Apache
3592+ はそのプログラムが実行される際のプログラム名とユーザ ID とグループ
3593+ ID を指定して suEXEC wrapper を実行します。
3594+ </p>
3595+
3596+ <p>それから、wrapper は成功または失敗を決定するため
3597+ 以下の処理を行ないます。これらの状態のうち一つでも失敗した場合、
3598+ プログラムは失敗をログに記録してエラーで終了します。
3599+ そうでなければ、後の処理が続けられます。</p>
3600+
3601+ <ol>
3602+ <li>
3603+ <strong>wrapper
3604+ を実行しているユーザはこのシステムの正当なユーザか?</strong>
3605+
3606+ <p class="indent">
3607+ これは、wrapper を実行しているユーザが
3608+ 本当にシステムの利用者であることを保証するためです。
3609+ </p>
3610+ </li>
3611+
3612+
3613+ <li>
3614+ <strong>wrapper が適切な数の引数で呼び出されたか?</strong>
3615+
3616+
3617+ <p class="indent">
3618+ wrapper は適切な数の引数が与えられた場合にのみ実行されます。
3619+ 適切な引数のフォーマットは Apache Web サーバに解釈されます。
3620+ 適切な数の引数を受け取らなければ、攻撃をされたか
3621+ あなたの Apache バイナリの suEXEC の部分が
3622+ どこかおかしい可能性があります。
3623+ </p>
3624+ </li>
3625+
3626+ <li>
3627+ <strong>この正当なユーザは wrapper
3628+ の実行を許可されているか?</strong>
3629+
3630+ <p class="indent">
3631+ このユーザは wrapper 実行を許可されたユーザですか?
3632+ ただ一人のユーザ (Apache ユーザ) だけが、
3633+ このプログラムの実行を許可されます。
3634+ </p>
3635+ </li>
3636+
3637+ <li>
3638+ <strong>対象の CGI, SSI プログラムが安全でない階層の参照をしているか?
3639+ </strong>
3640+
3641+ <p class="indent">
3642+ 対象の CGI, SSI プログラムが '/' から始まる、または
3643+ '..' による参照を行なっていますか? これらは許可されません。
3644+ 対象のプログラムは suEXEC のドキュメントルート
3645+ (下記の <code>--with-suexec-docroot=<em>DIR</em></code> を参照)
3646+ 内に存在しなければなりません。
3647+ </p>
3648+ </li>
3649+
3650+ <li>
3651+ <strong>対象となるユーザ名は正当なものか?</strong>
3652+
3653+ <p class="indent">
3654+ 対象となるユーザ名は存在していますか?
3655+ </p>
3656+ </li>
3657+
3658+ <li>
3659+ <strong>対象となるグループ名は正当なものか?</strong>
3660+
3661+ <p class="indent">
3662+ 対象となるグループ名は存在していますか?
3663+ </p>
3664+ </li>
3665+
3666+ <li>
3667+ <strong>目的のユーザはスーパーユーザでは<em>ない</em>か?
3668+ </strong>
3669+
3670+ <p class="indent">
3671+ 今のところ、suEXEC は <code><em>root</em></code> による CGI/SSI
3672+ プログラムの実行を許可していません。
3673+ </p>
3674+ </li>
3675+
3676+ <li>
3677+ <strong>対象となるユーザ ID は、最小の ID
3678+ 番号よりも<em>大きい</em>か? </strong>
3679+
3680+ <p class="indent">
3681+ 最小ユーザ ID 番号は設定時に指定されます。これは、
3682+ CGI/SSI プログラム実行を許可されるユーザ ID
3683+ のとりうる最小値です。これは
3684+ "system" 用のアカウントを閉め出すのに有効です。
3685+ </p>
3686+ </li>
3687+
3688+ <li>
3689+ <strong>対象となるグループはスーパーユーザのグループでは
3690+ <em>ない</em>か?</strong>
3691+
3692+ <p class="indent">
3693+ 今のところ、suEXEC は 'root' グループによる CGI/SSI
3694+ プログラムの実行を許可していません。
3695+ </p>
3696+ </li>
3697+
3698+ <li>
3699+ <strong>対象となるグループ ID は最小の ID
3700+ 番号よりも<em>大きい</em>か?</strong>
3701+
3702+ <p class="indent">
3703+ 最小グループ ID 番号は設定時に指定されます。これは、
3704+ CGI/SSI プログラム実行を許可されるグループ
3705+ ID のとりうる最小値です。
3706+ これは "system" 用のグループを閉め出すのに有効です。
3707+ </p>
3708+ </li>
3709+
3710+ <li>
3711+ <strong>wrapper が正常に対象となるユーザとグループになれるか?
3712+ </strong>
3713+
3714+ <p class="indent">
3715+ ここで、setuid と setgid
3716+ の起動によりプログラムは対象となるユーザとグループになります。
3717+ グループアクセスリストは、
3718+ ユーザが属しているすべてのグループで初期化されます。
3719+ </p>
3720+ </li>
3721+
3722+ <li>
3723+ <strong>CGI/SSI プログラムが置かれているディレクトリに移動
3724+ (change directory) できるか?</strong>
3725+
3726+ <p class="indent">
3727+ ディレクトリが存在しないなら、そのファイルも存在しないかもしれません。
3728+ ディレクトリに移動できないのであれば、おそらく存在もしないでしょう。
3729+ </p>
3730+ </li>
3731+
3732+ <li>
3733+ <strong>ディレクトリが Apache のドキュメントツリー内にあるか?
3734+ </strong>
3735+
3736+ <p class="indent">
3737+ リクエストがサーバ内のものであれば、
3738+ 要求されたディレクトリが suEXEC のドキュメントルート配下にありますか?
3739+ リクエストが UserDir のものであれば、要求されたディレクトリが suEXEC
3740+ のユーザのドキュメントルート配下にありますか?
3741+ (<a href="#install">suEXEC 設定オプション</a> 参照)
3742+ </p>
3743+ </li>
3744+
3745+ <li>
3746+ <strong>ディレクトリを他のユーザが書き込めるようになって
3747+ <em>いない</em>か?</strong>
3748+
3749+ <p class="indent">
3750+ ディレクトリを他ユーザに開放しないようにします。
3751+ 所有ユーザだけがこのディレクトリの内容を改変できるようにします。
3752+ </p>
3753+ </li>
3754+
3755+
3756+ <li>
3757+ <strong>対象となる CGI/SSI プログラムは存在するか?</strong>
3758+
3759+ <p class="indent">
3760+ 存在しなければ実行できません。
3761+ </p>
3762+ </li>
3763+
3764+ <li>
3765+ <strong>対象となる CGI/SSI プログラムファイルが他アカウントから
3766+ 書き込めるようになって<em>いない</em>か?</strong>
3767+
3768+ <p class="indent">
3769+ 所有者以外には CGI/SSI プログラムを変更する権限は与えられません。
3770+ </p>
3771+ </li>
3772+
3773+
3774+ <li>
3775+ <strong>対象となる CGI/SSI プログラムが setuid または setgid
3776+ されて<em>いない</em>か?</strong>
3777+
3778+ <p class="indent">
3779+ UID/GID を再度変更してのプログラム実行はしません
3780+ </p>
3781+ </li>
3782+
3783+
3784+ <li>
3785+ <strong>対象となるユーザ/グループがプログラムの
3786+ ユーザ/グループと同じか?</strong>
3787+
3788+ <p class="indent">
3789+ ユーザがそのファイルの所有者ですか?
3790+ </p>
3791+ </li>
3792+
3793+ <li>
3794+ <strong>安全な動作を保証するための環境変数クリアが可能か?
3795+ </strong>
3796+
3797+ <p class="indent">
3798+ suEXEC は、安全な環境変数のリスト
3799+ (これらは設定時に作成されます) 内の変数として渡される安全な
3800+ PATH 変数 (設定時に指定されます) を設定することで、
3801+ プロセスの環境変数をクリアします。
3802+ </p>
3803+ </li>
3804+
3805+
3806+ <li>
3807+ <strong>対象となる CGI/SSI プログラムを exec して実行できるか?</strong>
3808+
3809+
3810+ <p class="indent">
3811+ ここで suEXEC が終了し、対象となるプログラムが開始されます。
3812+ </p>
3813+ </li>
3814+ </ol>
3815+
3816+ <p>ここまでが suEXEC の wrapper
3817+ におけるセキュリティモデルの標準的な動作です。もう少し厳重に
3818+ CGI/SSI 設計についての新しい制限や規定を取り入れることもできますが、
3819+ suEXEC はセキュリティに注意して慎重に少しずつ開発されてきました。
3820+ </p>
3821+
3822+ <p>このセキュリティモデルを用いて
3823+ サーバ設定時にどのように許すことを制限するか、また、suEXEC
3824+ を適切に設定するとどのようなセキュリティ上の危険を避けられるかに
3825+ 関するより詳しい情報については、<a href="#jabberwock">"とかげに注意"
3826+ (Beware the Jabberwock)</a> の章を参照してください。
3827+ </p>
3828+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3829+<div class="section">
3830+<h2><a name="install" id="install">suEXEC
3831+ の設定とインストール</a></h2>
3832+
3833+ <p>ここから楽しくなります。</p>
3834+
3835+ <p><strong>suEXEC
3836+ 設定オプション</strong><br />
3837+ </p>
3838+
3839+ <dl>
3840+ <dt><code>--enable-suexec</code></dt>
3841+
3842+ <dd>このオプションは、デフォルトではインストールされず、
3843+ 有効にはならない suEXEC 機能を有効にします。
3844+ suEXEC を使うように APACI に要求するには、<code>--enable-suexec</code>
3845+ オプションにあわせて少なくとも一つは <code>--with-suexec-xxxxx</code>
3846+ オプションが指定されなければなりません。</dd>
3847+
3848+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
3849+
3850+ <dd>セキュリティ上の理由により、<code>suexec</code> バイナリのパスはサーバに
3851+ ハードコードされている必要があります。デフォルトのパスを
3852+ 変えたいときはこのオプションを使ってください。<em>例えば</em>、
3853+ <code>--with-suexec-bin=/usr/sbin/suexec</code> のように。</dd>
3854+
3855+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
3856+
3857+ <dd>Apache を通常動作させる<a href="mod/mpm_common.html#user">ユーザ名</a>を指定します。
3858+ このユーザだけが suexec の実行を許可されたユーザになります。</dd>
3859+
3860+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
3861+
3862+ <dd>suEXEC がアクセスを許されるユーザホームディレクトリ配下の
3863+ サブディレクトリを指定します。
3864+ このディレクトリ以下の全実行ファイルは、"安全な"プログラムになるよう、
3865+ suEXEC がそのユーザとして実行できるようにします。
3866+ "単純な" UserDir ディレクティブを使っている場合
3867+ (すなわち "*" を含まないもの)、これと同じ値を設定すべきです。
3868+ Userdir ディレクティブがそのユーザのパスワードファイル内の
3869+ ホームディレクトリと同じ場所を指していなければ、
3870+ suEXEC は適切に動作しません。デフォルトは "public_html" です。
3871+ <br />
3872+ 各 UserDir が異なった仮想ホストを設定している場合、
3873+ それらを全て一つの親ディレクトリに含めて、
3874+ その親ディレクトリの名前をここで指定する必要があります。
3875+ <strong>このように指定されなければ "~userdir" cgi
3876+ へのリクエストが動作しません。</strong></dd>
3877+
3878+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
3879+
3880+ <dd>Apache のドキュメントルートを設定します。これが suEXEC
3881+ の動作で使用する唯一のディレクトリ階層になります (UserDir
3882+ の指定は別)。デフォルトでは <code>--datedir</code> に "/htdocs"
3883+ というサフィックスをつけたものです。
3884+ "<code>--datadir=/home/apache</code>" として設定すると、
3885+ suEXEC wrapper にとって "/home/apache/htdocs"
3886+ がドキュメントルートとして使われます。</dd>
3887+
3888+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
3889+
3890+ <dd>suEXEC の対象ユーザとして許される UID の最小値を指定します。
3891+ 大抵のシステムでは 500 か 100 が一般的です。
3892+ デフォルト値は 100 です。</dd>
3893+
3894+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
3895+
3896+ <dd>suEXEC の対象グループとして許される GID
3897+ の最小値を指定します。大抵のシステムでは 100 が一般的なので、
3898+ デフォルト値としても 100 が使われています。</dd>
3899+
3900+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
3901+
3902+ <dd>suEXEC の処理とエラーが記録されるファイル名を指定します。
3903+ (監査やデバッグ目的に有用)
3904+ デフォルトではログファイルは "suexec_log" という名前で、
3905+ 標準のログファイルディレクトリ (<code>--logfiledir</code>) に置かれます。
3906+ </dd>
3907+
3908+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
3909+
3910+ <dd>CGI 実行ファイルに渡される安全な PATH 環境変数です。
3911+ デフォルト値は "/usr/local/bin:/usr/bin:/bin" です。
3912+ </dd>
3913+ </dl>
3914+
3915+ <p><strong>suEXEC wrapper
3916+ のコンパイルとインストール</strong><br />
3917+ <code>--enable-suexec</code> オプションで suEXEC 機能を有効にすると、
3918+ "make" コマンドを実行した時に <code>suexec</code> のバイナリ (Apache 自体も)
3919+ が自動的に作成されます。
3920+ <br />
3921+ すべての構成要素が作成されると、それらのインストールには
3922+ <code>make install</code> コマンドが実行できます。バイナリイメージの <code>suexec</code>
3923+ は <code>--sbindir</code> オプションで指定されたディレクトリにインストールされます。
3924+ デフォルトの場所は "/usr/local/apache/bin/suexec" です。<br />
3925+ インストール時には <strong><em>root</em></strong>
3926+ 権限が必要なので注意してください。wrapper がユーザ ID
3927+ を設定するために、所有者 <code><em>root</em></code>
3928+ でのセットユーザ ID
3929+ ビットをそのファイルのモードに設定しなければなりません。
3930+ </p>
3931+
3932+ <p><strong>安全なパーミッションを設定する</strong><br />
3933+ suEXEC ラッパーは、<code>--with-suexec-caller</code> <code class="program"><a href="./programs/configure.html">configure</a></code>
3934+ オプションで指定した正しいユーザで起動されていることを確認しますが、
3935+ システム上でこのチェックが行なわれる前に、
3936+ suEXEC が呼ぶシステムやライブラリが脆弱である可能性は残ります。対抗策として、
3937+ 一般に良い習慣ともされいますが、
3938+ ファイルシステムパーミッションを使って
3939+ Apache の実行時のグループのみが suEXEC を実行できるように
3940+ するのが良いでしょう。</p>
3941+
3942+ <p>たとえば、次のようにサーバが設定されていたとします。</p>
3943+
3944+<div class="example"><p><code>
3945+ User www<br />
3946+ Group webgroup<br />
3947+</code></p></div>
3948+
3949+ <p><code class="program"><a href="./programs/suexec.html">suexec</a></code> が "/usr/local/apache2/bin/suexec"
3950+ にインストールされていた場合、次のように設定する必要があります。</p>
3951+
3952+<div class="example"><p><code>
3953+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
3954+ chmod 4750 /usr/local/apache2/bin/suexec<br />
3955+</code></p></div>
3956+
3957+ <p>これで Apache が実行されるグループのみが
3958+ suEXEC ラッパーを実行できるということを
3959+ 確証します。</p>
3960+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3961+<div class="section">
3962+<h2><a name="enable" id="enable">suEXEC
3963+ の有効化と無効化</a></h2>
3964+
3965+ <p>起動時に、Apache は <code>--sbindir</code>
3966+ オプションで設定されたディレクトリで
3967+ <code>suexec</code> を探します
3968+ (デフォルトは "/usr/local/apache/sbin/suexec") 。
3969+ 適切に設定された suEXEC がみつかると、
3970+ エラーログに以下のメッセージが出力されます。</p>
3971+
3972+<div class="example"><p><code>
3973+ [notice] suEXEC mechanism enabled (wrapper: <var>/path/to/suexec</var>)
3974+</code></p></div>
3975+
3976+ <p>サーバ起動時にこのメッセージが出ない場合、
3977+ 大抵はサーバが想定した場所で wrapper プログラムが見つからなかったか、
3978+ <em>setuid root</em> としてインストールされていないかです。</p>
3979+
3980+ <p>suEXEC の仕組みを使用するのが初めてで、Apache が既に動作中であれば、
3981+ Apache を kill して、再起動しなければなりません。HUP シグナルや
3982+ USR1 シグナルによる単純な再起動では不十分です。</p>
3983+ <p>suEXEC を無効にする場合は、<code>suexec</code> ファイルを削除してから
3984+ Apache を kill して再起動します。
3985+ </p>
3986+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
3987+<div class="section">
3988+<h2><a name="usage" id="usage">suEXEC の使用</a></h2>
3989+
3990+ <p>CGI プログラムへのリクエストが suEXEC ラッパーを呼ぶのは、
3991+ <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ディレクティブを
3992+ 含むバーチャルホストへのリクエストか、<code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> により
3993+ 処理されたリクエストの場合に限ります。</p>
3994+
3995+ <p><strong>仮想ホスト:</strong><br />
3996+ suEXEC wrapper の使い方として、
3997+ <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> 設定での
3998+ <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code>
3999+ ディレクティブを通したものがあります。
4000+ このディレクティブをメインサーバのユーザ ID
4001+ と異なるものにすると、CGI リソースへのすべてのリクエストは、その
4002+ <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code> で指定された <em>User</em> と
4003+ <em>Group</em> として実行されます。<code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>
4004+ でこのディレクティブが指定されていない場合、
4005+ メインサーバのユーザ ID が想定されます。</p>
4006+
4007+ <p><strong>ユーザディレクトリ:</strong><br />
4008+ <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> により処理されたリクエストは
4009+ リクエストされたユーザディレクトリのユーザ ID で CGI プログラムを
4010+ 実行するために suEXEC ラッパーを呼びます。
4011+ この機能を動作させるために必要なことは、CGI
4012+ をそのユーザで実行できること、そのスクリプトが上記の<a href="#model">セキュリティ検査</a>をパスできることです。
4013+ <a href="#install">コンパイル
4014+ 時のオプション</a> <code>--with-suexec-userdir</code> も参照してください。</p>
4015+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4016+<div class="section">
4017+<h2><a name="debug" id="debug">suEXEC のデバッグ</a></h2>
4018+
4019+ <p>suEXEC wrapper は、上記で述べた <code>--with-suexec-logfile</code>
4020+ オプションで指定されたファイルにログ情報を記録します。
4021+ wrapper を適切に設定、インストールできていると思う場合、
4022+ どこで迷っているか見ようとするならこのログとサーバの
4023+ エラーログを見るとよいでしょう。</p>
4024+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4025+<div class="section">
4026+<h2><a name="jabberwock" id="jabberwock">とかげに注意: 警告と事例</a></h2>
4027+
4028+ <p><strong>注意!</strong>
4029+ この章は完全ではありません。この章の最新改訂版については、
4030+ Apache グループの<a href="http://httpd.apache.org/docs/2.4/suexec.html">
4031+ オンラインドキュメント</a>版を参照してください。
4032+ </p>
4033+
4034+ <p>サーバの設定に制限をもうける wrapper について、
4035+ いくつか興味深い点があります。suEXEC に関する "バグ"
4036+ を報告する前にこれらを確認してください。</p>
4037+
4038+ <ul>
4039+ <li><strong>suEXEC の興味深い点</strong></li>
4040+
4041+ <li>階層構造の制限
4042+
4043+
4044+ <p class="indent">
4045+ セキュリティと効率の理由から、<code>suEXEC</code> の全てのリクエストは
4046+ 仮想ホストへのリクエストにおける最上位のドキュメントルート内か、
4047+ ユーザディレクトリへのリクエストにおける個々のユーザの最上位の
4048+ ドキュメントルート内に残らなければなりません。
4049+ 例えば、四つの仮想ホストを設定している場合、
4050+ 仮想ホストの suEXEC に有利なように、メインの Apache
4051+ ドキュメント階層の外側に全ての仮想ホストのドキュメントルートを
4052+ 構築する必要があります。(例は後日記載)
4053+ </p>
4054+ </li>
4055+
4056+ <li>suEXEC の PATH 環境変数
4057+
4058+
4059+ <p class="indent">
4060+ これを変更するのは危険です。この指定に含まれる各パスが
4061+ <strong>信頼できる</strong>
4062+ ディレクトリであることを確認してください。
4063+ 世界からのアクセスにより、誰かがホスト上でトロイの木馬
4064+ を実行できるようにはしたくないでしょう。
4065+ </p>
4066+ </li>
4067+
4068+ <li>suEXEC コードの改造
4069+
4070+
4071+ <p class="indent">
4072+ 繰り返しますが、何をやろうとしているか把握せずにこれをやると
4073+ <strong>大きな問題</strong>を引き起こしかねません。
4074+ 可能な限り避けてください。
4075+ </p>
4076+ </li>
4077+ </ul>
4078+</div></div>
4079+<div class="bottomlang">
4080+<p><span>翻訳済み言語: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4081+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
4082+<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
4083+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
4084+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
4085+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">コメント</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
4086+<script type="text/javascript"><!--//--><![CDATA[//><!--
4087+var comments_shortname = 'httpd';
4088+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
4089+(function(w, d) {
4090+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
4091+ d.write('<div id="comments_thread"><\/div>');
4092+ var s = d.createElement('script');
4093+ s.type = 'text/javascript';
4094+ s.async = true;
4095+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
4096+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
4097+ }
4098+ else {
4099+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
4100+ }
4101+})(window, document);
4102+//--><!]]></script></div><div id="footer">
4103+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />この文書は <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> のライセンスで提供されています。.</p>
4104+<p class="menu"><a href="./mod/">モジュール</a> | <a href="./mod/directives.html">ディレクティブ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">用語</a> | <a href="./sitemap.html">サイトマップ</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
4105+if (typeof(prettyPrint) !== 'undefined') {
4106+ prettyPrint();
4107+}
4108+//--><!]]></script>
4109+</body></html>
4110\ No newline at end of file
4111diff --git a/docs/manual/suexec.html.ko.euc-kr b/docs/manual/suexec.html.ko.euc-kr
4112new file mode 100644
4113index 0000000..0e8df7a
4114--- /dev/null
4115+++ b/docs/manual/suexec.html.ko.euc-kr
4116@@ -0,0 +1,564 @@
4117+<?xml version="1.0" encoding="EUC-KR"?>
4118+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4119+<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head>
4120+<meta content="text/html; charset=EUC-KR" http-equiv="Content-Type" />
4121+<!--
4122+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4123+ This file is generated from xml source: DO NOT EDIT
4124+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4125+ -->
4126+<title>suEXEC ���� - Apache HTTP Server Version 2.4</title>
4127+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
4128+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
4129+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
4130+<script src="./style/scripts/prettify.min.js" type="text/javascript">
4131+</script>
4132+
4133+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
4134+<body id="manual-page"><div id="page-header">
4135+<p class="menu"><a href="./mod/">���</a> | <a href="./mod/directives.html">���þ��</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">���</a> | <a href="./sitemap.html">����Ʈ��</a></p>
4136+<p class="apache">Apache HTTP Server Version 2.4</p>
4137+<img alt="" src="./images/feather.png" /></div>
4138+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
4139+<div id="path">
4140+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="./">Version 2.4</a></div><div id="page-content"><div id="preamble"><h1>suEXEC ����</h1>
4141+<div class="toplang">
4142+<p><span>������ ���: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4143+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran&#231;ais">&nbsp;fr&nbsp;</a> |
4144+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4145+<a href="./ko/suexec.html" title="Korean">&nbsp;ko&nbsp;</a> |
4146+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
4147+</div>
4148+<div class="outofdate">�� ������ �ֽ��� ������ �ƴմϴ�.
4149+ �ֱٿ� ����� ������ ���� ������ �����ϼ���.</div>
4150+
4151+ <p><strong>suEXEC</strong> ����� ����ġ�� <strong>CGI</strong>��
4152+ <strong>SSI</strong> ���α׷��� �������� ������ ����� ID��
4153+ �ƴ� �ٸ� ����� ID�� �����ϵ��� �Ѵ�. ���� CGI�� SSI ���α׷���
4154+ �����ϸ� �������� ������ ����ڿ� ���� ����ڷ� �����Ѵ�.</p>
4155+
4156+ <p>�� ����� ������ ����ϸ� ����ڰ� ���� CGI�� SSI ���α׷���
4157+ �����ϰ� �����Ҷ� �߻��� �� �ִ� ���������� ����� ����
4158+ �� �ִ�. �׷��� suEXEC�� �������ϰ� �����Ǹ� ���� ������
4159+ ��ǻ�Ϳ� ���ο� ���� ������ ���� �� �ִ�. ���� <em>setuid root</em>
4160+ ���α׷��� �̷� ���α׷��� ���� ������ �����ϴٸ� suEXEC��
4161+ ��������ʱ� �������� �ٶ���.</p>
4162+ </div>
4163+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">�����ϱ� ����</a></li>
4164+<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC ���ȸ�</a></li>
4165+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC ������ ��ġ</a></li>
4166+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC �� ���</a></li>
4167+<li><img alt="" src="./images/down.gif" /> <a href="#usage">suEXEC ����ϱ�</a></li>
4168+<li><img alt="" src="./images/down.gif" /> <a href="#debug">suEXEC ������ϱ�</a></li>
4169+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">�ٽ� �ѹ� �����϶�: ���� ����</a></li>
4170+</ul><h3>����</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
4171+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4172+<div class="section">
4173+<h2><a name="before" id="before">�����ϱ� ����</a></h2>
4174+
4175+ <p>�����ϱ� ���� �켱 ����ġ�׷�� �� ������ ������ ������.</p>
4176+
4177+ <p>���� <strong>setuid</strong>�� <strong>setgid</strong>
4178+ ����� ������ ���н��� �ü���� ����Ѵٰ� �����Ѵ�. ���
4179+ ��ɾ� ���鵵 ���� ������ �Ѵ�. suEXEC�� �����ϴ� �ٸ� �÷�����
4180+ ����ϴٸ� ������ �ٸ� �� �ִ�.</p>
4181+
4182+ <p>�ι�°, ����� ��ǻ�� ������ �⺻ ����� ������ �ͼ��ϴٰ�
4183+ �����Ѵ�. ���⿡�� <strong>setuid/setgid</strong> ��ɰ�
4184+ �̵��� �ý��۰� ���ȿ� ��ġ�� ���� ���⿡ ���� ���ذ� ���Եȴ�.</p>
4185+
4186+ <p>����°, suEXEC �ڵ��� <strong>������������</strong>
4187+ ������ ����Ѵٰ� �����Ѵ�. �����ڿ� ���� ��Ÿ�׽��͵���
4188+ suEXEC�� ���õ� ��� �ڵ带 ���ɽ����� �����ϰ� �˻��ߴ�.
4189+ �ڵ带 �����ϰ� �ϰ� Ȯ���� ������ �����ϱ����� ��� ���Ǹ�
4190+ ��￴��. �� �ڵ带 �����ϸ� ����ġ���� ������ ���ο� ����
4191+ ������ �߻��� �� �ִ�. ���� ���α׷��ֿ� ���� �ſ� �� �˰�
4192+ �ڵ带 ���캸������ ����ġ�׷�� �۾��� ������ �ǻ簡 ���ٸ�
4193+ suEXEC �ڵ带 ���������ʱ� <strong>������</strong> ���Ѵ�.</p>
4194+
4195+ <p>�׹�°���� ����������, ����ġ�׷��� suEXEC�� ����ġ
4196+ �⺻��ġ�� �������� <strong>�ʱ��</strong> �����ߴ�. �ᱹ
4197+ �����ڰ� ���Ǹ� ��←�� suEXEC�� �����ؾ� �Ѵ�. suEXEC��
4198+ ���� ������ �� ������� �����ڴ� �Ϲ����� ��ġ����� suEXEC��
4199+ ��ġ�� �� �ִ�. suEXEC ����� ����ϴ� �ý����� ������ å������
4200+ �����ڴ� �� ���������� �����ְ� ���캸�� �����ؾ� �Ѵ�.
4201+ �̷� ���� ������ suEXEC�� ����Ҹ�ŭ �����ְ� ��ȣ��
4202+ ������� suEXEC�� ����ϵ��� ����ġ�׷��� ���ϱ� �����̴�.</p>
4203+
4204+ <p>������ ����ϱ� ���ϴ°�? �׷���? ����. ���� ��������!</p>
4205+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4206+<div class="section">
4207+<h2><a name="model" id="model">suEXEC ���ȸ�</a></h2>
4208+
4209+ <p>suEXEC�� �����ϰ� ��ġ�ϱ� ���� �츮�� ���ȸ��� ����
4210+ �����Ѵ�. �̸� ���� ��Ȯ�� suEXEC �ȿ����� ���� ���� �Ͼ��
4211+ �ý����� ������ ���� ������ �����ؾ� ���� �� �� ������ ��
4212+ �ִ�.</p>
4213+
4214+ <p><strong>suEXEC</strong>�� ����ġ �������� �θ��� setuid
4215+ "wrapper" ���α׷��� ������� �Ѵ�. �� wrapper�� �����ڰ�
4216+ �ּ����� �ٸ� userid�� �����ϵ��� ������ CGI�� SSI ���α׷���
4217+ HTTP ��û�� ���� �Ҹ���. �̷� ��û�� ���� ����ġ�� suEXEC
4218+ wrapper���� ���α׷���� ���α׷��� ������ ����ڿ� �׷�
4219+ ID�� �����Ѵ�.</p>
4220+
4221+ <p>�׷��� wrapper�� ���� ������ ���� ������ ���и� �����Ѵ�.
4222+ �� ������ �ϳ��� �����ϸ� ���α׷��� ���з� ��ϵǰ� ������
4223+ ���� �����Ѵ�. �������� ������ ������ ����Ѵ�:</p>
4224+
4225+ <ol>
4226+ <li>
4227+ <strong>wrapper�� �����ϴ� ����ڰ� �ý����� ��������
4228+ �������</strong>
4229+
4230+ <p class="indent">
4231+ wrapper�� �����ϴ� ����ڰ� ������ �ý����� ���������
4232+ Ȯ���Ѵ�.
4233+ </p>
4234+ </li>
4235+
4236+ <li>
4237+ <strong>������ ���� �ƱԸ�Ʈ�� wrapper�� �����ϴ°�?</strong>
4238+
4239+ <p class="indent">
4240+ wrapper�� ������ ���� �ƱԸ�Ʈ�� �־�߸� ����ȴ�.
4241+ ����ġ �������� �� ������ �ȴ�. wrapper�� ������ ����
4242+ �ƱԸ�Ʈ�� �������ϸ� ��ŷ�Ǿ��ų� ����ġ�� suEXEC��
4243+ ���� ������ �ִ� ���̴�.
4244+ </p>
4245+ </li>
4246+
4247+ <li>
4248+ <strong>�� ����ڰ� wrapper�� �����ϵ��� ���Ǿ���?</strong>
4249+
4250+ <p class="indent">
4251+ �� ����ڰ� wrapper�� �����ϵ��� ���Ǿ���? ����
4252+ �� �����(����ġ �����)���� �� ���α׷��� ������
4253+ �� �ִ�.
4254+ </p>
4255+ </li>
4256+
4257+ <li>
4258+ <strong>������ CGI�� SSI ���α׷��� ������������ ����������
4259+ �����°�?</strong>
4260+
4261+ <p class="indent">
4262+ ������ CGI�� SSI ���α׷��� '/'�� �����ϰų� ������
4263+ '..'�� �����°�? �̵��� ����� �� ����. ������ CGI/SSI
4264+ ���α׷��� suEXEC ���� root (�Ʒ�
4265+ <code>--with-suexec-docroot=<em>DIR</em></code> ����)
4266+ ���� �־�� �Ѵ�.
4267+ </p>
4268+ </li>
4269+
4270+ <li>
4271+ <strong>������ ����ڸ��� ��ȿ�Ѱ�?</strong>
4272+
4273+ <p class="indent">
4274+ ������ ����ڰ� �����ϴ°�?
4275+ </p>
4276+ </li>
4277+
4278+ <li>
4279+ <strong>������ �׷���� ��ȿ�Ѱ�?</strong>
4280+
4281+ <p class="indent">
4282+ ������ �׷��� �����ϴ°�?
4283+ </p>
4284+ </li>
4285+
4286+ <li>
4287+ <strong>������ ����ڰ� superuser�� <em>�ƴѰ�</em>?</strong>
4288+
4289+
4290+ <p class="indent">
4291+ ���� suEXEC�� <code><em>root</em></code>�� CGI/SSI
4292+ ���α׷��� ������ �� ������ �Ѵ�.
4293+ </p>
4294+ </li>
4295+
4296+ <li>
4297+ <strong>������ userid�� �ּ� ID ���ں��� <em>ū��</em>?</strong>
4298+
4299+ <p class="indent">
4300+ �������� �ּ� ����� ID ���ڸ� �����Ѵ�. �׷��� CGI/SSI
4301+ ���α׷��� ������ �� �ִ� userid�� �ּ�ġ�� ������
4302+ �� �ִ�. "�ý��ۿ�" ������ �����Ҷ� �����ϴ�.
4303+ </p>
4304+ </li>
4305+
4306+ <li>
4307+ <strong>������ �׷��� superuser �׷��� <em>�ƴѰ�</em>?</strong>
4308+
4309+ <p class="indent">
4310+ ���� suEXEC�� <code><em>root</em></code> �׷��� CGI/SSI
4311+ ���α׷��� ������ �� ������ �Ѵ�.
4312+ </p>
4313+ </li>
4314+
4315+ <li>
4316+ <strong>������ groupid�� �ּ� ID ���ں��� <em>ū��</em>?</strong>
4317+
4318+ <p class="indent">
4319+ �������� �ּ� �׷� ID ���ڸ� �����Ѵ�. �׷��� CGI/SSI
4320+ ���α׷��� ������ �� �ִ� groupid�� �ּ�ġ�� ������
4321+ �� �ִ�. "�ý��ۿ�" �׷��� �����Ҷ� �����ϴ�.
4322+ </p>
4323+ </li>
4324+
4325+ <li>
4326+ <strong>wrapper�� ���������� ������ ����ڿ� �׷���
4327+ �� �� �ִ°�?</strong>
4328+
4329+ <p class="indent">
4330+ �� �ܰ迡�� ���α׷��� setuid�� setgid ȣ���� �Ͽ�
4331+ ������ ����ڿ� �׷��� �ȴ�. ��, �׷� ���ٸ����
4332+ ����ڰ� �ش�� ��� �׷����� �ʱ�ȭ�ȴ�.
4333+ </p>
4334+ </li>
4335+
4336+ <li>
4337+ <strong>CGI/SSI ���α׷��� �ִ� ���丮�� ���丮��
4338+ ������ �� �ִ°�?</strong>
4339+
4340+ <p class="indent">
4341+ ���丮�� �������� �ʴٸ� ������ ���� �� ����. �̰�����
4342+ ���丮�� ������ �� ���ٸ� ���丮�� �������� ����
4343+ ���̴�.
4344+ </p>
4345+ </li>
4346+
4347+ <li>
4348+ <strong>���丮�� ����ġ ������ �ȿ� �ִ°�?</strong>
4349+
4350+ <p class="indent">
4351+ ������ �Ϲ����� �κ��� ��û�� ��� ��û�ϴ� ���丮��
4352+ suEXEC ���� root �Ʒ� �ִ°�? UserDir�� ��û�� ���
4353+ ��û�ϴ� ���丮�� suEXEC userdir�� ������ (<a href="#install">suEXEC ���� �ɼ�</a> ����) ���丮
4354+ �Ʒ��� �ִ°�?
4355+ </p>
4356+ </li>
4357+
4358+ <li>
4359+ <strong>�ٸ� ������ ���丮�� ��������� <em>���°�</em>?</strong>
4360+
4361+ <p class="indent">
4362+ ���丮�� �ٸ� ������� ����α� �������ʴ´�. ����
4363+ �����ڸ��� ���丮 ������ ������ �� �ִ�.
4364+ </p>
4365+ </li>
4366+
4367+ <li>
4368+ <strong>������ CGI/SSI ���α׷��� �����ϴ°�?</strong>
4369+
4370+ <p class="indent">
4371+ ���������ʴٸ� ������ ���� ����.
4372+ </p>
4373+ </li>
4374+
4375+ <li>
4376+ <strong>�ٸ� ������ ������ CGI/SSI ���α׷��� ���������
4377+ <em>���°�</em>?</strong>
4378+
4379+ <p class="indent">
4380+ �����ڿ� ������ CGI/SSI ���α׷��� �����ϱ� �������ʴ´�.
4381+ </p>
4382+ </li>
4383+
4384+ <li>
4385+ <strong>������ CGI/SSI ���α׷��� setuid�� setgid��
4386+ <em>�ƴѰ�</em>?</strong>
4387+
4388+ <p class="indent">
4389+ �츮�� ���α׷��� �ٽ� UID/GID�� �����ϱ� �������ʴ´�.
4390+ </p>
4391+ </li>
4392+
4393+ <li>
4394+ <strong>������ �����/�׷��� ���α׷��� �����/�׷�� ������?</strong>
4395+
4396+ <p class="indent">
4397+ ����ڰ� ������ �������ΰ�?
4398+ </p>
4399+ </li>
4400+
4401+ <li>
4402+ <strong>������ ������ ���� ���μ����� ȯ�溯���� û����
4403+ �� �ִ°�?</strong>
4404+
4405+ <p class="indent">
4406+ suEXEC�� (�������� ������) ������ ���� PATH�� ���,
4407+ (�̰͵� �������� ����) ������ ȯ�溯�� ��Ͽ� ���ŵ�
4408+ ������ ����� ���μ����� ȯ�溯���� �����.
4409+ </p>
4410+ </li>
4411+
4412+ <li>
4413+ <strong>���������� ������ CGI/SSI ���α׷��� ������
4414+ �� �ִ°�?</strong>
4415+
4416+ <p class="indent">
4417+ ���⼭ suEXEC�� ������ ������ CGI/SSI ���α׷��� �����Ѵ�.
4418+ </p>
4419+ </li>
4420+ </ol>
4421+
4422+ <p>�̰��� suEXEC wrapper ���ȸ��� ǥ�� �����̴�. �ټ�
4423+ �����ϰ� CGI/SSI ���迡 ���ο� ������ ������, ������ ���ο�
4424+ �ΰ� �Ѵܰ辿 ���ɽ����� ���������.</p>
4425+
4426+ <p>�� ���� ���� ���� ������ � ������ �ִ����� ������
4427+ suEXEC �������� � ���� ������ ���� �� �ִ����� ���� ��
4428+ ������ <a href="#jabberwock">"�ٽ� �ѹ� �����϶�"</a> ����
4429+ �����϶�.</p>
4430+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4431+<div class="section">
4432+<h2><a name="install" id="install">suEXEC ������ ��ġ</a></h2>
4433+
4434+ <p>���� ����ִ� ������ �����Ѵ�.</p>
4435+
4436+ <p><strong>suEXEC ���� �ɼ�</strong><br />
4437+ </p>
4438+
4439+ <dl>
4440+ <dt><code>--enable-suexec</code></dt>
4441+
4442+ <dd>�� �ɼ��� �⺻������ ��ġ�ǰų� Ȱ��ȭ�����ʴ� suEXEC
4443+ ����� Ȱ��ȭ�Ѵ�. APACI�� suEXEC�� �޾Ƶ��̷���
4444+ <code>--enable-suexec</code> �ɼǿܿ�
4445+ <code>--with-suexec-xxxxx</code> �ɼ��� �ּ��� �Ѱ�
4446+ �ʿ��ϴ�.</dd>
4447+
4448+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
4449+
4450+ <dd><code>suexec</code> ���̳ʸ� ��δ� ���Ȼ� ������
4451+ ������ ��ϵǾ� �Ѵ�. ��� �⺻���� �����Ϸ��� �� �ɼ���
4452+ ����Ѵ�. <em>���� ���</em>
4453+ <code>--with-suexec-bin=/usr/sbin/suexec</code></dd>
4454+
4455+ <dt><code>--with-suexec-caller=<em>UID</em></code></dt>
4456+
4457+ <dd>���� ����ġ�� �����ϴ� <a href="mod/mpm_common.html#user">����ڸ�</a>. ���α׷���
4458+ ������ �� �ִ� ������ ����ڴ�.</dd>
4459+
4460+ <dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
4461+
4462+ <dd>suEXEC ������ ���Ǵ� ����� Ȩ���丮�� �������丮��
4463+ �����Ѵ�. �� ���丮�� �ִ� ��� ���������� �������
4464+ suEXEC�� ����Ƿ�, ��� ���α׷��� "�����ؾ�" �Ѵ�. (����
4465+ ���, ���� "*"�� ����) "������" UserDir ���þ ����Ѵٸ�
4466+ ���� ���� �����ؾ� �Ѵ�. UserDir ���þ passwd ���Ͽ�
4467+ ���� ����� Ȩ���丮�� �ٸ��� suEXEC�� ����������
4468+ �۵����� �ʴ´�. �⺻���� "public_html"�̴�.<br />
4469+ ����ȣ��Ʈ���� ���� �ٸ� UserDir�� ����Ѵٸ� ��� ��
4470+ �θ� ���丮 �ȿ� �ֵ��� �����ؾ� �ϰ�, �� �θ� ���丮����
4471+ ���� ���´�. <strong>�̷��� �������� ������, "~userdir"
4472+ cgi ��û�� �۵����� �ʴ´�!</strong></dd>
4473+
4474+ <dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
4475+
4476+ <dd>����ġ�� DocumentRoot�� �����Ѵ�. �̴� suEXEC�� �����
4477+ �� �ִ� (UserDirs�� ������) ������ �����̴�. �⺻ ���丮��
4478+ <code>--datadir</code> ���� "/htdocs"�� ���� ���̴�.
4479+ <em>���� ���</em> "<code>--datadir=/home/apache</code>"��
4480+ �����ߴٸ� suEXEC wrapper�� document root��
4481+ "/home/apache/htdocs" ���丮�� ����Ѵ�.</dd>
4482+
4483+ <dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
4484+
4485+ <dd>suEXEC���� ���������� ������� �ּ� UID�� �����Ѵ�.
4486+ ��κ��� �ý��ۿ��� 500�̳� 100�� �����ϴ�. �⺻����
4487+ 100�̴�.</dd>
4488+
4489+ <dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
4490+
4491+ <dd>suEXEC���� ���������� �׷��� �ּ� GID�� �����Ѵ�.
4492+ ��κ��� �ý��ۿ��� 100�� �����ϹǷ� �� ���� �⺻���̴�.</dd>
4493+
4494+ <dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
4495+
4496+ <dd>��� suEXEC �۵��� ������ (���ó� ����� ������ ������)
4497+ ����� �α����ϸ��� �����Ѵ�. �⺻������ �α������� �̸���
4498+ "suexec_log"�̰� ǥ�� �α����� ���丮��
4499+ (<code>--logfiledir</code>) ��ġ�Ѵ�.</dd>
4500+
4501+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
4502+
4503+ <dd>CGI �������Ͽ� �Ѱ��� ������ PATH ȯ�溯���� �����Ѵ�.
4504+ �⺻���� "/usr/local/bin:/usr/bin:/bin"�̴�.</dd>
4505+ </dl>
4506+
4507+ <p><strong>suEXEC wrapper�� �������ϰ� ��ġ�ϱ�</strong><br />
4508+ <code>--enable-suexec</code> �ɼ����� suEXEC ����� �����ϰ���
4509+ ��� <code>make</code> ��ɾ �����ϸ� <code>suexec</code>
4510+ ���������� (����ġ�� �Բ�) �ڵ����� ���������.<br />
4511+ ������ �������� �� <code>make install</code> ��ɾ
4512+ �����Ͽ� ��ġ�� �� �ִ�. ���̳ʸ����� <code>suexec</code>��
4513+ <code>--sbindir</code> �ɼ����� ������ ���丮�� ��ġ�ȴ�.
4514+ �⺻ ��ġ�� "/usr/local/apache2/sbin/suexec"�̴�.<br />
4515+ ��ġ ������ <strong><em>root ����</em></strong>�� �ʿ�����
4516+ �����϶�. wrapper�� ����� ID�� �����ϱ����ؼ��� �����ڰ�
4517+ <code><em>root</em></code>�̰� ���ϸ��� setuserid �����Ʈ��
4518+ �����Ǿ� �Ѵ�.</p>
4519+
4520+ <p><strong>���������� ���Ѽ���</strong><br />
4521+ suEXEC wrapper�� �ڽ��� ������ ����ڰ� ���� �ɼ�
4522+ <code>--with-suexec-caller</code>�� ������ �ùٸ� ���������
4523+ Ȯ���� ������, �� �˻� ������ suEXEC�� ����ϴ� �ý���ȣ��
4524+ Ȥ�� ���̺귯�� �Լ��� ���۵Ǿ��� �� �ִ�. �̸� ����ϸ�
4525+ �Ϲ������� ���� �����̹Ƿ� ���� ����ġ�� �����ϴ� �׷츸��
4526+ suEXEC�� ������ �� �ֵ��� ���Ͻý��� ������ �����ؾ� �Ѵ�.</p>
4527+
4528+ <p>���� ���, �������� ������ ���� �����ϰ�:</p>
4529+
4530+<div class="example"><p><code>
4531+ User www<br />
4532+ Group webgroup<br />
4533+</code></p></div>
4534+
4535+ <p><code>suexec</code>�� "/usr/local/apache2/sbin/suexec"��
4536+ ��ġ�Ͽ��ٸ�, ������ �����ؾ� �Ѵ�:</p>
4537+
4538+<div class="example"><p><code>
4539+ chgrp webgroup /usr/local/apache2/bin/suexec<br />
4540+ chmod 4750 /usr/local/apache2/bin/suexec<br />
4541+</code></p></div>
4542+
4543+ <p>�׷��� ���� ����ġ�� �����ϴ� �׷츸�� suEXEC wrapper��
4544+ ������ �� �ִ�.</p>
4545+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4546+<div class="section">
4547+<h2><a name="enable" id="enable">suEXEC �� ���</a></h2>
4548+
4549+ <p>����ġ�� �����Ҷ� <code>--sbindir</code> �ɼ����� ������
4550+ ���丮���� <code>suexec</code> ������ (�⺻��
4551+ "/usr/local/apache2/sbin/suexec") ã�´�. ����ġ��
4552+ ���������� ������ suEXEC wrapper�� �߰��ϸ� ���� �α�(error
4553+ log)�� ������ ���� ����Ѵ�:</p>
4554+
4555+<div class="example"><p><code>
4556+ [notice] suEXEC mechanism enabled (wrapper: <em>/path/to/suexec</em>)
4557+</code></p></div>
4558+
4559+ <p>���� �����߿� �̷� ������ ���ٸ� ������ ����� ��ҿ���
4560+ wrapper ���α׷��� ã�� ���߰ų�, ���������� <em>setuid
4561+ root</em>�� ��ġ�����ʾұ� ������ ���̴�.</p>
4562+
4563+ <p>ó������ suEXEC ����� ����ϰ� �Ͱ� �̹� ����ġ ������
4564+ �������̶��, ����ġ�� ���̰� �ٽ� �����ؾ� �Ѵ�. ������
4565+ HUP�̳� USR1 �ñ׳η� ������ϴ� �����δ� ������� �ʴ�. </p>
4566+ <p>suEXEC�� �Ȼ���Ϸ��� <code>suexec</code> ������ ������
4567+ ����ġ�� ���̰� ������ؾ� �Ѵ�. </p>
4568+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4569+<div class="section">
4570+<h2><a name="usage" id="usage">suEXEC ����ϱ�</a></h2>
4571+
4572+ <p>CGI ���α׷� ��û�� ��� <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ���þ
4573+ ����� ����ȣ��Ʈ�� ��û�� �Ͽ��ų� <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>��
4574+ ��û�� ó���ϴ� ��쿡�� suEXEC wrapper�� ȣ���Ѵ�.</p>
4575+
4576+ <p><strong>����ȣ��Ʈ:</strong><br /> suEXEC wrapper��
4577+ ����ϴ� �Ѱ��� ����� <code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> ���ǿ� <code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ���þ
4578+ ����ϴ� ���̴�. �� ���þ �ּ��� ����� ID�� �ٸ���
4579+ �����ϸ� CGI �ڿ��� ��� ��û�� <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>����
4580+ ������ <em>User</em>�� <em>Group</em>���� ����ȴ�. ��
4581+ ���þ���� <code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>�� ������ �ּ���
4582+ userid�� ����Ѵ�.</p>
4583+
4584+ <p><strong>����� ���丮:</strong><br />
4585+ <code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code>�� ��û�� ó���Ѵٸ� suEXEC
4586+ wrapper�� ȣ���Ͽ�, ��û�� ����� ���丮�� �ش��ϴ� �����
4587+ ID�� CGI ���α׷��� �����Ѵ�. �� ����� �����Ϸ��� �����
4588+ ID�� CGI�� ������ �� �ְ� ��ũ��Ʈ�� ���� <a href="#model">����
4589+ �˻�</a> �׸��� �����ؾ� �Ѵ�. <a href="#install">����
4590+ �ɼ�</a> <code>--with-suexec-userdir</code>�� �����϶�.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4591+<div class="section">
4592+<h2><a name="debug" id="debug">suEXEC ������ϱ�</a></h2>
4593+
4594+ <p>suEXEC wrapper�� �α� ������ ������ �ٷ�
4595+ <code>--with-suexec-logfile</code> �ɼ����� ������ ���Ͽ�
4596+ ����. wrapper�� �ùٷ� �����ϰ� ��ġ�ߴٸ� ��� �߸��Ǿ�����
4597+ �� �α����Ͽ� ������ error_log�� �������.</p>
4598+
4599+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4600+<div class="section">
4601+<h2><a name="jabberwock" id="jabberwock">�ٽ� �ѹ� �����϶�: ���� ����</a></h2>
4602+
4603+ <p><strong>����!</strong> �� ������ �������� ���� �� �ִ�.
4604+ ����ġ�׷��� <a href="http://httpd.apache.org/docs/2.4/suexec.html">�¶���
4605+ ����</a>���� �� ������ �ֽ����� �����϶�.</p>
4606+
4607+ <p>wrapper�� ���� ������ �����ϴ� ��� ��̷ο� ���� �ִ�.
4608+ suEXEC�� ���õ� "����"�� �����ϱ� ���� �̵��� ���캸�� �ٶ���.</p>
4609+
4610+ <ul>
4611+ <li><strong>suEXEC ���� ����</strong></li>
4612+
4613+ <li>
4614+ ���丮 ���� ����
4615+
4616+ <p class="indent">
4617+ ���Ȱ� ȿ������ ���� ��� suEXEC ��û�� ����ȣ��Ʈ��
4618+ ��� �ֻ��� document root Ȥ�� userdir ��û�� ���
4619+ �ֻ��� ���� document root �ȿ��� �߻��ؾ� �Ѵ�. ����
4620+ ���, ����ȣ��Ʈ �װ��� �����ߴٸ� ����ȣ��Ʈ����
4621+ suEXEC�� �̿��ϱ����� ����ȣ��Ʈ�� document root��
4622+ �� ����ġ ���� �������� �ۿ� ������ �ʿ䰡 �ִ�.
4623+ (������ ������.)
4624+ </p>
4625+ </li>
4626+
4627+ <li>
4628+ suEXEC�� PATH ȯ�溯��
4629+
4630+ <p class="indent">
4631+ �����ϸ� ������ �� �ִ�. ���⿡ �����ϴ� ��� ��ΰ�
4632+ <strong>���� �� �ִ�</strong> ���丮���� Ȯ���϶�.
4633+ �� �������� �������� �װ��� �ִ� Ʈ���̸񸶸� �����ϱ�
4634+ ������ ���� ���̴�.
4635+ </p>
4636+ </li>
4637+
4638+ <li>
4639+ suEXEC �ڵ� �����ϱ�
4640+
4641+ <p class="indent">
4642+ �ݺ��ؼ� ��������, ����� ������ �ϴ��� �𸣰� �õ��Ѵٸ�
4643+ <strong>ū ����</strong>�� �߻��� �� �ִ�. � ��쿡��
4644+ ������������.
4645+ </p>
4646+ </li>
4647+ </ul>
4648+
4649+</div></div>
4650+<div class="bottomlang">
4651+<p><span>������ ���: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4652+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Fran&#231;ais">&nbsp;fr&nbsp;</a> |
4653+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4654+<a href="./ko/suexec.html" title="Korean">&nbsp;ko&nbsp;</a> |
4655+<a href="./tr/suexec.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
4656+</div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
4657+<script type="text/javascript"><!--//--><![CDATA[//><!--
4658+var comments_shortname = 'httpd';
4659+var comments_identifier = 'http://httpd.apache.org/docs/2.4/suexec.html';
4660+(function(w, d) {
4661+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
4662+ d.write('<div id="comments_thread"><\/div>');
4663+ var s = d.createElement('script');
4664+ s.type = 'text/javascript';
4665+ s.async = true;
4666+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
4667+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
4668+ }
4669+ else {
4670+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
4671+ }
4672+})(window, document);
4673+//--><!]]></script></div><div id="footer">
4674+<p class="apache">Copyright 2017 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
4675+<p class="menu"><a href="./mod/">���</a> | <a href="./mod/directives.html">���þ��</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">���</a> | <a href="./sitemap.html">����Ʈ��</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
4676+if (typeof(prettyPrint) !== 'undefined') {
4677+ prettyPrint();
4678+}
4679+//--><!]]></script>
4680+</body></html>
4681\ No newline at end of file
4682diff --git a/docs/manual/suexec.html.tr.utf8 b/docs/manual/suexec.html.tr.utf8
4683new file mode 100644
4684index 0000000..bed106c
4685--- /dev/null
4686+++ b/docs/manual/suexec.html.tr.utf8
4687@@ -0,0 +1,583 @@
4688+<?xml version="1.0" encoding="UTF-8"?>
4689+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4690+<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head>
4691+<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
4692+<!--
4693+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4694+ This file is generated from xml source: DO NOT EDIT
4695+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4696+ -->
4697+<title>SuEXEC Desteği - Apache HTTP Sunucusu Sürüm 2.4</title>
4698+<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
4699+<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
4700+<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
4701+<script src="./style/scripts/prettify.min.js" type="text/javascript">
4702+</script>
4703+
4704+<link href="./images/favicon.ico" rel="shortcut icon" /></head>
4705+<body id="manual-page"><div id="page-header">
4706+<p class="menu"><a href="./mod/">Modüller</a> | <a href="./mod/directives.html">Yönergeler</a> | <a href="http://wiki.apache.org/httpd/FAQ">SSS</a> | <a href="./glossary.html">Terimler</a> | <a href="./sitemap.html">Site Haritası</a></p>
4707+<p class="apache">Apache HTTP Sunucusu Sürüm 2.4</p>
4708+<img alt="" src="./images/feather.png" /></div>
4709+<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
4710+<div id="path">
4711+<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Sunucusu</a> &gt; <a href="http://httpd.apache.org/docs/">Belgeleme</a> &gt; <a href="./">Sürüm 2.4</a></div><div id="page-content"><div id="preamble"><h1>SuEXEC Desteği</h1>
4712+<div class="toplang">
4713+<p><span>Mevcut Diller: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
4714+<a href="./fr/suexec.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
4715+<a href="./ja/suexec.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
4716+<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
4717+<a href="./tr/suexec.html" title="Türkçe">&nbsp;tr&nbsp;</a></p>
4718+</div>
4719+
4720+ <p><strong>SuEXEC</strong> özelliği, Apache HTTP Sunucusu kullanıcılarına
4721+ <strong>CGI</strong> ve <strong>SSI</strong> programlarını sunucunun
4722+ aidiyetinde çalıştığı kullanıcıdan farklı bir kullanıcının aidiyetinde
4723+ çalıştırma olanağı verir. Normalde, <strong>CGI</strong> ve
4724+ <strong>SSI</strong> programlarını çalıştıranla sunucuyu çalıştıran
4725+ aynı kullanıcıdır.</p>
4726+
4727+ <p>Gerektiği gibi kullanıldığında bu özellik, kullanıcılara
4728+ <strong>CGI</strong> ve <strong>SSI</strong> programlarını çalıştırma
4729+ ve geliştirmeye izin vermekle ortaya çıkan güvenlik risklerini azaltır.
4730+ Bununla birlikte, <strong>suEXEC</strong> gerektiği gibi
4731+ yapılandırılmadığı takdirde bazı sorunlara yol açabilir ve bilgisayar
4732+ güvenliğinizde yeni delikler ortaya çıkmasına sebep olabilir.
4733+ Güvenlikle ilgili mevcut sorunlarla başa çıkmada ve <em>setuid
4734+ root</em> programları yönetmekte bilgi ve deneyim sahibi değilseniz
4735+ <strong>suEXEC</strong> kullanmayı kesinlikle düşünmemenizi
4736+ öneririz.</p>
4737+ </div>
4738+<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">Başlamadan önce</a></li>
4739+<li><img alt="" src="./images/down.gif" /> <a href="#model">SuEXEC Güvenlik Modeli</a></li>
4740+<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC’in Yapılandırılması ve Kurulumu</a></li>
4741+<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC’in etkin kılınması ve iptal edilmesi</a></li>
4742+<li><img alt="" src="./images/down.gif" /> <a href="#usage">SuEXEC’in kullanımı</a></li>
4743+<li><img alt="" src="./images/down.gif" /> <a href="#debug">SuEXEC ve hata ayıklama</a></li>
4744+<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">Uyarılar ve Örnekler</a></li>
4745+</ul><h3>Ayrıca bakınız:</h3><ul class="seealso"><li><a href="#comments_section">Yorum</a></li></ul></div>
4746+<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4747+<div class="section">
4748+<h2><a name="before" id="before">Başlamadan önce</a></h2>
4749+
4750+ <p>Belgeye balıklama dalmadan önce, suexec'i kullanacağınız ortam ve
4751+ kendiniz hakkında yapılmış çeşitli kabuller hakkında bilgi sahibi
4752+ olmalısınız.</p>
4753+
4754+ <p>Öncelikle, üzerinde <strong>setuid</strong> va <strong>setgid</strong>
4755+ işlemlerinin yapılabildiği Unix türevi bir işletim sistemi
4756+ kullandığınızı varsayıyoruz. Tüm komut örnekleri buna dayanarak
4757+ verilmiştir. Bu desteğe sahip başka platformlar varsa onlardaki
4758+ yapılandırma burada anlattığımız yapılandırmadan farklı olabilir.</p>
4759+
4760+ <p>İkinci olarak, bilgisayarınızın güvenliği ve yönetimi ile ilgili bazı
4761+ temel kavramları bildiğinizi kabul ediyoruz. Buna
4762+ <strong>setuid/setgid</strong> işlemlerinin sisteminiz ve güvenlik
4763+ seviyesi üzerindeki etkilerini bilmek dahildir.</p>
4764+
4765+ <p>Üçüncü olarak, <strong>suEXEC</strong> kodunun
4766+ <strong>değiştirilmemiş</strong> bir sürümünü kullandığınızı
4767+ varsayıyoruz. Tüm suEXEC kodu, geliştiricilerin yanında sayısız beta
4768+ kullanıcısı tarafından dikkatle incelenmiş ve denenmiştir. Kodların hem
4769+ basit hem de sağlam bir şekilde güvenli olması için gerekli tüm
4770+ önlemler alınmıştır. Bu kodun değiştirilmesi beklenmedik sorunlara ve
4771+ yeni güvenlik risklerine yol açabilir. Özellikle güvenlikle ilgili
4772+ programlarda deneyimli değilseniz suEXEC kodunda kesinlikle bir
4773+ değişiklik yapmamalısınız. Değişiklik yaparsanız kodlarınızı gözden
4774+ geçirmek ve tartışmak üzere Apache HTTP Sunucusu geliştirme ekibi ile
4775+ paylaşmanızı öneririz.</p>
4776+
4777+ <p>Dördüncü ve son olarak, Apache HTTP Sunucusu geliştirme ekibinin
4778+ suEXEC’i öntanımlı httpd kurulumunun bir parçası yapmama kararından
4779+ bahsetmek gerekir. Bunun sonucu olarak, suEXEC yapılandırması sistem
4780+ yöneticisinin ayrıntılı bir incelemesini gerektirir. Gerekli incelemeden
4781+ sonra yönetici tarafından suEXEC yapılandırma seçeneklerine karar
4782+ verilip, normal yollardan sisteme kurulumu yapılır. Bu seçeneklerin
4783+ belirlenmesi, suEXEC işlevselliğinin kullanımı sırasında sistem
4784+ güvenliğini gerektiği gibi sağlamak için yönetici tarafından dikkatle
4785+ saptanmayı gerektirir. Bu sürecin ayrıntılarının yöneticiye bırakılma
4786+ sebebi, suEXEC kurulumunu, suEXEC’i dikkatle kullanacak yeterliliğe sahip
4787+ olanlarla sınırlama beklentimizdir.</p>
4788+
4789+ <p>Hala bizimle misiniz? Evet mi? Pekala, o halde devam!</p>
4790+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4791+<div class="section">
4792+<h2><a name="model" id="model">SuEXEC Güvenlik Modeli</a></h2>
4793+
4794+ <p>SuEXEC yapılandırması ve kurulumuna girişmeden önce biraz da
4795+ gerçekleşmesini istediğiniz güvenlik modelinin ayrıntıları üzerinde
4796+ duralım. Böylece, suEXEC’in içinde olup bitenleri ve sisteminizin
4797+ güvenliği için alınacak önlemleri daha iyi anlayabilirsiniz.</p>
4798+
4799+ <p><strong>suEXEC</strong> işlevselliği, Apache HTTP Sunucusu tarafından
4800+ gerektiği takdirde artalanda çalıştırılan bir setuid programa dayanır.
4801+ Bu program, bir CGI veya SSI betiğine bir HTTP isteği yapıldığı zaman,
4802+ bu betiği, yöneticinin ana sunucunun aidiyetinde çalıştığı kullanıcıdan
4803+ farklı olarak seçtiği bir kullanıcının aidiyetinde çalıştırmak için
4804+ çağrılır. Böyle bir istek geldiğinde, Apache httpd artalandaki setuid
4805+ programına, HTTP isteği yapılan programın ismiyle beraber aidiyetinde
4806+ çalışacağı kullanıcı ve grup kimliklerini de aktarır.</p>
4807+
4808+ <p>Artalanda çalıştırılan setuid program başarıyı ve başarısızlığı
4809+ aşağıdaki süreci izleyerek saptar. Bunlardan herhangi biri başarısız
4810+ olursa program başarısızlık durumunu günlüğe kaydeder ve bir hata
4811+ vererek çıkar. Aksi takdirde çalışmaya devam eder.</p>
4812+
4813+ <ol>
4814+ <li>
4815+ <strong>Setuid programı çalıştıran kullanıcı sistemin geçerli
4816+ kullanıcılarından biri mi?</strong>
4817+
4818+ <p class="indent">Bu, setuid programı çalıştıran kullanıcının
4819+ sistemin gerçek bir kullanıcısı olduğunudan emin olunmasını sağlar.
4820+ </p>
4821+ </li>
4822+
4823+ <li>
4824+ <strong>Setuid program yeterli sayıda argümanla çağrılmış mı?
4825+ </strong>
4826+
4827+ <p class="indent">Apache HTTP Sunucusunun artalanda çağırdığı
4828+ setuid program ancak yeterli sayıda argüman sağlandığı takdirde
4829+ çalışacaktır. Argümanların sayısını ve sırasını Apache HTTP sunucusu
4830+ bilir. Eğer setuid program yeterli sayıda argümanla çağrılmamışsa
4831+ ya kendisinde bir değişiklik yapılmıştır ya da kurulu Apache httpd
4832+ çalıştırılabilirinin suEXEC ile ilgili kısmında yanlış giden bir
4833+ şeyler vardır.</p>
4834+ </li>
4835+
4836+ <li>
4837+ <strong>Bu geçerli kullanıcının bu setuid programı çalıştırma
4838+ yetkisi var mı?</strong>
4839+
4840+ <p class="indent">Sadece tek bir kullanıcı (Apache’nin aidiyetinde
4841+ çalıştığı kullanıcı) bu programı çalıştırmaya yetkilidir.</p>
4842+ </li>
4843+
4844+ <li>
4845+ <strong>Hedef CGI veya SSI programı hiyerarşik olarak güvenliği
4846+ bozacak bir dosya yolu üzerinde mi?</strong>
4847+
4848+ <p class="indent">Hedef CGI veya SSI programının dosya yolu '/' veya
4849+ '..' ile başlıyor mu? Buna izin verilmez. Hedef CGI veya SSI
4850+ programı suEXEC’in belge kök dizininde yer almalıdır (aşağıda
4851+ <code>--with-suexec-docroot=<em>DİZİN</em></code> seçeneğine
4852+ bakınız).</p>
4853+ </li>
4854+
4855+ <li>
4856+ <strong>Hedef kullanıcı ismi geçerli mi?</strong>
4857+
4858+ <p class="indent">Hedef kullanıcı mevcut mu?</p>
4859+ </li>
4860+
4861+ <li>
4862+ <strong>Hedef grup ismi geçerli mi?</strong>
4863+
4864+ <p class="indent">Hedef grup mevcut mu?</p>
4865+ </li>
4866+
4867+ <li>
4868+ <strong>Hedef kullanıcı <code>root</code> değil, değil mi?</strong>
4869+
4870+ <p class="indent">Mevcut durumda, <code>root</code> kullanıcısının
4871+ CGI/SSI programlarını çalıştırmasına izin verilmemektedir.</p>
4872+ </li>
4873+
4874+ <li>
4875+ <strong>Hedef kullanıcı kimliği asgari kullanıcı numarasından
4876+ <em>BÜYÜK</em> mü?</strong>
4877+
4878+ <p class="indent">Asgari kullanıcı numarası yapılandırma sırasında
4879+ belirtilir. Böylece CGI/SSI programlarını çalıştırmasına izin
4880+ verilecek olası en düşük kullanıcı numarasını belirlemeniz mümkün
4881+ kılınmıştır. Bu bazı “sistem” hesaplarını devreden çıkarmak için
4882+ yararlıdır.</p>
4883+ </li>
4884+
4885+ <li>
4886+ <strong>Hedef grup <code>root</code> değil, değil mi?</strong>
4887+
4888+ <p class="indent"><code>root</code> grubunun CGI/SSI
4889+ programlarını çalıştırmasına izin verilmemektedir.</p>
4890+ </li>
4891+
4892+ <li>
4893+ <strong>Hedef grup numarası asgari grup numarasından
4894+ <em>BÜYÜK</em> mü?</strong>
4895+
4896+ <p class="indent">Asgari grup numarası yapılandırma sırasında
4897+ belirtilir. Böylece CGI/SSI programlarını çalıştırmasına izin
4898+ verilecek olası en düşük grup numarasını belirlemeniz mümkün
4899+ kılınmıştır. Bu bazı “sistem” hesaplarını devreden çıkarmak için
4900+ yararlıdır.</p>
4901+ </li>
4902+
4903+ <li>
4904+ <strong>Apache’nin artalanda çağırdığı setuid program hedef
4905+ kullanıcı ve grubun aidiyetine geçebildi mi?</strong>
4906+
4907+ <p class="indent">Bu noktadan itibaren program setuid ve setgid
4908+ çağrıları üzerinden hedef kullanıcı ve grubun aidiyetine geçer.
4909+ Erişim grubu listesi de ayrıca kullanıcının üyesi olduğu tüm
4910+ gruplara genişletilir.</p>
4911+ </li>
4912+
4913+ <li>
4914+ <strong>Hedef CGI/SSI programının bulunduğu dizine geçebildik mi?
4915+ </strong>
4916+
4917+ <p class="indent">Dizin mevcut değilse dosyaları da içeremez. Hedef
4918+ dizine geçemiyorsak bu, dizin mevcut olmadığından olabilir.</p>
4919+ </li>
4920+
4921+ <li>
4922+ <strong>Hedef dizin Apache için izin verilen yerlerden biri mi?
4923+ </strong>
4924+
4925+ <p class="indent">İstek sunucunun normal bir bölümü için yapılmış
4926+ olsa da istenen dizin acaba suEXEC’in belge kök dizini altında mı?
4927+ Yani, istenen dizin, suEXEC’in aidiyetinde çalıştığı kullanıcının
4928+ ev dizini altında bulunan, <code class="directive"><a href="./mod/mod_userdir.html#userdir">UserDir</a></code> ile belirtilen dizinin altında mı? (<a href="#install">suEXEC’in yapılandırma seçeneklerine</a>
4929+ bakınız).</p>
4930+ </li>
4931+
4932+ <li>
4933+ <strong>Hedef dizin başkaları tarafından yazılabilen bir dizin değil,
4934+ değil mi?</strong>
4935+
4936+ <p class="indent">Başkaları da yazabilsin diye bir dizin açmıyoruz;
4937+ dizin içeriğini sadece sahibi değiştirebilmelidir.</p>
4938+ </li>
4939+
4940+ <li>
4941+ <strong>Hedef CGI/SSI programı mevcut mu?</strong>
4942+
4943+ <p class="indent">Mevcut değilse çalıştırılamaz.</p>
4944+ </li>
4945+
4946+ <li>
4947+ <strong>Hedef CGI/SSI program dosyasına başkaları tarafından
4948+ yazılamıyor, değil mi?</strong>
4949+
4950+ <p class="indent">Hedef CGI/SSI programının dosyasına sahibinden
4951+ başka kimsenin bir şeyler yazmasını istemeyiz.</p>
4952+ </li>
4953+
4954+ <li>
4955+ <strong>Hedef CGI/SSI program setuid veya setgid <em>değil</em>,
4956+ değil mi?</strong>
4957+
4958+ <p class="indent">UID/GID‘i tekrar değiştirecek programlar
4959+ çalıştırmayı istemeyiz.</p>
4960+ </li>
4961+
4962+ <li>
4963+ <strong>Hedef kullanıcı/grup, programın kullanıcı/grubu ile aynı mı?
4964+ </strong>
4965+
4966+ <p class="indent">Hedef kullanıcı dosyanın sahibi mi?</p>
4967+ </li>
4968+
4969+ <li>
4970+ <strong>İşlemlerin güvenle yapılabilmesi için süreç ortamını
4971+ başarıyla temizleyebildik mi?</strong>
4972+
4973+ <p class="indent">suEXEC, sürecin çalışacağı ortama güvenli bir
4974+ program çalıştırma yolu sağlamaktan başka, yapılandırma sırasında
4975+ oluşturulan güvenli ortam değişkenleri listesinde isimleri bulunan
4976+ ortam değişkenlerinden başkasını aktarmayacaktır.</p>
4977+ </li>
4978+
4979+ <li>
4980+ <strong>Hedef CGI/SSI programı haline gelip çalışabildik mi?</strong>
4981+
4982+ <p class="indent">Burası suEXEC’in bitip CGI/SSI programının
4983+ başladığı yerdir.</p>
4984+ </li>
4985+ </ol>
4986+
4987+ <p>Bu süreç suEXEC güvenlik modelinin standart işlemlerini oluşturur.
4988+ Biraz zorlayıcı ve CGI/SSI tasarımına yeni kurallar ve sınırlamalar
4989+ getiriyor olsa da düşünülen güvenliği adım adım sağlayacak şekilde
4990+ tasarlanmıştır.</p>
4991+
4992+ <p>Düzgün bir suEXEC yapılandırmasının hangi güvenlik risklerinden
4993+ kurtulmayı sağladığı ve bu güvenlik modelinin sunucu yapılandırmasıyla
4994+ ilgili sorumluluklarınızı nasıl sınırlayabildiği hakkında daha
4995+ ayrıntılı bilgi edinmek için bu belgenin <a href="#jabberwock">"Uyarılar ve Örnekler"</a> bölümüne bakınız.</p>
4996+</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
4997+<div class="section">
4998+<h2><a name="install" id="install">suEXEC’in Yapılandırılması ve Kurulumu</a></h2>
4999+
5000+ <p>Eğlence başlıyor.</p>
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches